ccna final exam 4 module
TRANSCRIPT
To reduce unwanted incoming traffic from the outside, a network technician is tasked with establishing the filtering rules for the network firewall. Which traffic should be allowed?
incoming ICMP traffic
all incoming connections to internal servers
incoming responses to traffic that is generated from the inside
incoming connections from the outside that duplicate inside addresses
Refer to the exhibit. Based on the EIGRP configuration that is shown, what can the field engineer conclude about the EIGRP authentication between RouterA and RouterB?
Authentication will fail because only one key is configured. Authentication will
fail because the key chain names do not match. Authentication will succeed and
EIGRP updates can be exchanged. Authentication will fail because the key chain names must match the router names.
A network administrator has configured Frame Relay on a serial interface and issued the show interfaces serial command. The output shows that the interface is up and the line protocol is up. However, pings to the remote router across the link fail. What should the next step be to ensure that the IP address of the remote router appears in the Frame Relay map table of the local router?
Configure the router using the no inverse-arp command. Ensure that the LMI
type is correct for the circuit. Configure the router using the frame-relay map ip
command. Verify that the remote router has Frame Relay encapsulation enabled.
Which two statements accurately describe the result of entering the command BRT(config-if)# frame-relay map ip 10.1.10.1 35 on a router? (Choose two.)
A network administrator is given a network address of 192.168.1.64/26 to create four subnets with seven hosts in each subnet. Which subnet mask should be used?
255.255.255.224
255.255.255.240
255.255.255.248
255.255.255.252
The remote router updates the Frame Relay map table with DLCI 35 to reach the
10.1.10.0 network. Inverse ARP is used to add an entry for 10.1.10.1 into the Frame
Relay map table via the use of DLCI 35. DLCI 35 replaces the MAC address in the
ARP table for entry 10.1.10.1. A Layer 2 address is statically mapped to a Layer 3
address. Router BRT uses DLCI 35 to forward data to 10.1.10.1.
The main office of a NetworkingCompany customer currently connects to three branch offices via three separate point-to-point T1 circuits. The customer network uses RIPv2 as the routing protocol within both the LAN and the WAN. The account manager proposes a change to a Frame Relay network because the costs are lower. A single local loop connection can be installed at the main office with three separate PVCs to connect the branch offices. How can the main office edge router be configured to enable the customer to continue to use RIP as the WAN routing protocol?
Enable Inverse ARP on the serial interface in order to learn the routes to the IP addresses of the remote routers.To prevent the Frame Relay network from causing a routing loop, disable split horizon on the serial interface.Create three separate point-to-point subinterfaces on the serial interface and assign a different subnet IP address to each one.Configure the serial interface with a single interface DLCI number and create frame-relay map statements for each remote site address.
A company plans to establish Frame Relay connections between corporate headquarters and several branch offices. The network designer recommends using one physical interface on the edge router to support the new Frame Relay connections. The company currently uses RIPv2 for routing and plans no changes to the RIPv2 configuration. What should be done to ensure that each branch office link is a separate subnet and that routing updates are successful between corporate headquarters and the branch offices?
Configure multipoint subinterfaces on the physical interface.
Configure point-to-point subinterfaces on the physical interface.
Configure a single subinterface to establish multiple PVC connections.Configure the physical interface to share one DLCI to multiple remote sites and their connections.
What is used locally by a router to identify each Frame Relay PVC?
LMI DLCI IP address MAC address
Refer to the exhibit. A networking company engineer is characterizing an existing network for a new customer. The engineer issues a show running-config command on the branch router to gather configuration information. What is the engineer able to determine as a result of viewing the output of this command?
Branch office traffic will be routed through the Frame Relay connection to reach the
main office LANs. The default route for the branch office traffic uses a path through
the Frame Relay network. Under normal circumstances, the connection through ISP-
A will be used to reach the main office LANs. By using both the DSL and the Frame Relay connection, the branch office router will load balance traffic that is destined for the main office LANs.
A user in a large office calls technical support to complain that a PC has suddenly lost connectivity to the network. The technician asks the caller to talk to nearby users to see if other machines are affected. The caller reports that several immediate neighbors in the same department have a similar problem and that they cannot ping each other. Those who are seated in other departments have connectivity. What should the technician check as the first step in troubleshooting the issue?
the power outlet to the PC that is used by the caller.
the trunks between switches in the wiring closet.
the status of the departmental workgroup switch in the wiring closet.
the cable that connects the PC of the caller to the network jack.
the cable connection between a PC and a network outlet that is used by a neighbor
Refer to the exhibit. A pre-sales system engineer receives a diagram of the current WAN from a customer. EIGRP is the routing protocol used on the WAN. Based on the default operation of EIGRP, which statement is true about the routing table on router R1?
There is a single route to the 192.168.16.0/24 LAN using the T1 connection.
There is a single route to the 192.168.16.0/24 LAN using the DSL connection. There
is a single route to the 192.168.16.0/24 LAN using the Metro Ethernet connection.EIGRP installs all three routes to the 192.168.16.0/24 LAN and load balances the traffic.
Refer to the exhibit. What will be the result of entering the commands as shown in the
exhibit?
RIPng will not be enabled on interface fa0/0 because the network address is a
broadcast address. RIPng will not be enabled on this interface because the IPv6
address is only /64 bits long. RIPng will be enabled on interface fa0/0 and will
advertise the configured network. The IPv6 interface configuration requires a
network statement for the network. The IPv6 routing instance must be called RTA not RT0.
A company has branch offices at several locations across the country. Which security implementation would provide a cost-effective, secure, and authenticated connection to centralized internal resources that are located at company headquarters, without requiring configuration for individual employees at the branch offices?
leased line with PPP authentication
site-to-site VPN
access control list
remote-access VPN
A company is concerned with protecting internal e-commerce servers against external attacks. An application layer firewall is installed at the network edge and a host-based IDS system is installed on the internal LAN. What should be done to ensure a fast response and minimum server downtime in the event of an external attack?
Replace the host-based IDS with an IPS.
Place the e-commerce servers in a DMZ.
Install a logging server to monitor all attacks.
Replace the application layer firewall with a stateful one.
Refer to the exhibit. The named ACL "Managers" already exists on the router. What will happen when the network administrator issues the commands that are shown in the exhibit?
The commands overwrite the existing Managers ACL. The commands are added
at the end of the existing Managers ACL. The commands are added at the beginning
of the existing Managers ACL. The network administrator receives an error that states that the ACL already exists.
Refer to the exhibit. A company with four servers in its server farm has not enabled PVRST on the switches that connect to the server farm segment. What will happen within the network if a primary link goes down?
Access to the the servers will be lost. Convergence time will be slow and possibly
cause applications to time out. Routing protocols will not send the triggered updates
in the event of a failure of the root bridge. Switches that connect the servers to the network will not be found by other switches in the network.
Refer to the exhibit. A NetworkingCompany designer is reviewing a diagram of a customer network. What two risks or issues can be identified in the topology that is shown? (Choose two.)
The firewall router and ISP connection represent a single point of failure. A failure of the switch that connects the Cisco Call Manager to the network will cause the
entire IP telephony system to fail. Using Layer 3 switches to interconnect the data
center servers to the IP phones introduces too much delay. The IP phones need to be redundantly connected to the switches to prevent single points of failure at the access
layer. If one of the Layer 3 switches fails, the Cisco Call Manager will be unreachable.
Refer to the exhibit. A network engineer issues the show ip route command to validate that the newly designed network is working as anticipated. Which users will the Admin_LAN be able to communicate with?
Users on the Admin_LAN will not be able to communicate with users on either
LAN. Users on the Admin_LAN will be able to communicate with the users on the
Faculty_LAN. Users on the Admin_LAN will be able to communicate with the users
on the Student_LAN. Users on the Admin_LAN will be able to communicate with the users on the Faculty_LAN and the Student_LAN.
Refer to the exhibit. A technician at the ISP site asks the network administrator at the client site to change the CHAP password as part of the routing security maintenance. After the administrator makes the change and reboots the router, the technician issues a show interfaces serial 0/0/0 command. According to the output, what can be concluded about the serial connection between the client site and ISP site?
The router at the client site is still in the process of rebooting. The administrator
probably configured the wrong password. The administrator has not issued a no shut
command on the serial interface. The administrator probably configured the wrong IP address for the serial interface.
Refer to the exhibit. A technician at the ISP site asks the network administrator at the client site to change the CHAP password as part of the routing security maintenance. After the administrator makes the change and reboots the router, the technician issues a show interfaces serial 0/0/0 command. According to the output, what can be concluded about the serial connection between the client site and ISP site?
The router at the client site is still in the process of rebooting. The administrator
probably configured the wrong password. The administrator has not issued a no shut
command on the serial interface. The administrator probably configured the wrong IP address for the serial interface.
Refer to the exhibit. What does the TOR router do with traffic that is destined for a web server with an IP address of 172.18.10.24?
The router sends the traffic out Serial 0/0/0. The router sends the traffic out all
interfaces other than the one it came in on. The router places the packets into a queue
until a better route is discovered via RIP. The router sends a request to neighboring routers for paths to the 172.18.10.0 network.
Refer to the exhibit. The users on the 192.168.10.128/26 network are not allowed Internet access. Where is the most efficient location to place an extended ACL?
inbound on S0/0/0 of R1 outbound on S0/0/1 of R1 inbound on Fa0/0 of R2
outbound on Fa0/0 of R2 inbound on S0/0/1 of R2
A network designer must select a routing protocol for the network of a customer. The currently installed network contains both Cisco and non-Cisco routers, and there is no budget to replace them. The designer plans on implementing both VLSM and route summarization in the new network design. Which two protocols can provide the necessary functionality for this LAN? (Choose two.)
RTP
RSTP
RIPv1
RIPv2
EIGRP
OSPF
Refer to the exhibit. A network associate is configuring a new router to provide routing between VLANs. The associate removes the router from the box and connects the Fa0/0 interface to a trunking port on the switch. After the configuration is applied to the router, the traffic between VLANs still fails. What is causing this to occur?
The NWRnStick router needs a routing protocol configured. The NWRnStick
router needs additional Fast Ethernet interfaces installed. The subinterfaces of the
NWRnStick router should have IP addresses applied. All the subinterfaces of the NWRnStick router should be configured in the same VLAN.
A network administrator is integrating IPv6 into an IPv4 network by encapsulating an IPV6 packet within an IPv4 protocol. Which transition method is being used?
tunneling
dual stack
proxying and translation
NAT with Protocol Translator
What value is an alternative representation of the IPv6 address 2001:DB80:0000:0000:0C41:3EFF:FE00:0000?
2001:DB8::C41:3EFF:FE: 2001:DB80::C41:3EFF:FE00:: 2001:DB80::C41:3
EFF:FE00:0 2001:DB80:0:0:0:C41:3EFF:FE::
Refer to the exhibit. Which summarized route would be advertised by R1 to R2?
10.0.0.0/13 10.4.0.0/14 10.5.0.0/13 10.6.0.0/14
Refer to the exhibit. The routers are configured with RIPv2 with default configurations. When attempting to communicate with other networks, hosts from 10.0.11.0/24 are experiencing connectivity issues. What could be done to resolve this issue?
Change to a public IP addressing scheme. Use EIGRP with its default
configuration as the routing protocol. Change the subnet mask on the link between R2
and R3 to 255.255.255.0. Disable automatic route summarization on all routers in the network
Refer to the exhibit. A customer has a problem with connectivity in the network. Based on the IP addressing scheme, what is causing the problem?
The WAN links need IP addresses from a different major network. The WAN
link that connects R1 to R2 overlaps with the R3 LAN. The WAN links that connect
R1 to R3 and R1 to R2 have incorrect masks. The R1 LAN is incorrect because subnet zero cannot be used with VLSM.
A network engineer is prototyping a new IP addressing and summarization strategy for a new network that will be integrated into the existing infrastructure. Which method is appropriate for testing the addressing scheme?
using the production network of the customer
using actual network equipment in a lab
using the Cisco Network Assistant
using a network simulation tool
In a converged network, which two types of traffic would be categorized as real-time traffic? (Choose two.)
file transfer
web browsing
videoconferencing
voice over IP
video on demand
Which technology will prioritize traffic based upon the technical requirements of IP telephony?
PoE
QoS
RPC
RTP
VPN
Which statement is true about the pairing of services and transport layer protocols for FTP and VoIP?
FTP applications and VoIP use TCP at the transport layer.
FTP applications and VoIP use UDP at the transport layer.FTP applications use TCP at the transport layer while VoIP uses UDP at the transport layer.FTP applications use UDP at the transport layer while VoIP uses TCP at the transport layer.
What type of system connects to the PSTN and uses a PBX to route calls via analog or digital lines?
VPN VoIP IP telephony traditional telephony
What functionality does NBAR provide to network technicians?provides data which can be used to create a network diagram
allows for monitoring and managing network devices
allows for classification and monitoring of network traffic
displays the IOS versions and IP addresses on neighboring devices
Why is it difficult for network designers to predict the patterns and behavior of file transfer traffic?
The traffic is user initiated. File size is typically very small. Dedicated
bandwidth is essential. All file transfer traffic is queued as high priority.
A network technician needs to install a four-port switch module in an operational Cisco 1841 router that has an available HWIC slot. What should the technician do first?
Turn off the power to the router before installing the new module.
Install the hot-swappable four-port switch module directly into slot 1 of the 1841.
Move the existing WIC-2T module to slot 1 and install the four-port module in slot 0.Shut down all Fast Ethernet ports on the router until the switch module installation is complete.
A network administrator needs to transfer an IOS image to a router using a TFTP server.
What should be verified prior to beginning the transfer process?The TFTP server must connect to the router via a serial connection.
Connectivity between the TFTP server and the router should have been established.
The TFTP server and the router must be on different networks for the transfer.
The TFTP server software must be the same version as the Cisco IOS software.
During the boot process and using the default sequence, what is the first location where the router will look for the IOS?
ROM flash NVRAM TFTP server
Refer to the exhibit. The network administrator has used the Cisco Feature Navigator to choose a Cisco IOS image to install on a router. Given the exhibited output of the show version command, which statement is true about the capacity of the router to use this Cisco IOS image?
There is enough DRAM and flash. There is not enough DRAM and flash.
There is enough DRAM but not enough flash. There is not enough DRAM but enough flash.
Which two pieces of information are needed before an IOS image may be loaded on a router from a TFTP server? (Choose two.)
the IP address of the TFTP server the current name of the IOS image on the
router the operating system of the TFTP server the name of the configuration file
in NVRAM the name of the IOS image on the TFTP server encapsulation of the router interface that is connected to the TFTP server
What can be broadcast over the wireless network to help a user connect to the network and use wireless services?
SSID WEP keys VLAN parameters WPA encryption keys VPN authentication information
What is the purpose of a network baseline?to add access control capabilities to the network
to reserve a spot in a rack for installing network equipment
to create a configuration template for quickly configuring new equipment
to establish a point of reference for comparison with current performance
The network designer recommends using RSTP in the design of a new data center. There are multiple redundant Layer 2 switches and links contained in the new design. What is
the benefit of using RSTP rather than STP in this situation?Redundant links are not blocked.
Routing tables converge more quickly.
Spanning Tree convergence times are reduced.
Fewer redundant links are required to maintain connectivity.
A network designer has chosen to specify the use of a dedicated firewall appliance at the perimeter of a large network. Why would the designer use a dedicated firewall rather than using the Cisco IOS firewall feature set on the existing router?
Traffic filtering is needed on the internal LAN.
Multiple levels of access to the network are needed.
The DMZ requires packet filtering and port blocking.
Heavy network traffic will be handled best by using a dedicated device.
A network engineer is at a customer site. After resolving technical problems in the network, the engineer provides a training session for the support staff. Which job function best fits the activities of this network engineer?
network designer
account manager
pre-sales engineer
post-sales field engineer
Refer to the exhibit. What can be concluded from the output that is shown?
MDF_2811 has a MAC address of 2294:300F:0000. Device C3750-24_IDF2
is running Cisco IOS Software Release 12.3(23)SEE2. A Cisco 3750 switch is
connected to the FastEthernet1/0/1 port on MDF_2811. MDF_2811 is installed in the main distribution facility on floor 28 of building 11.
Sdf