T216/SEP

Specimen Examination Paper

CISCO NETWORKING (CCNA)

Time allowed: 3 hours

There are TWO parts to this paper: attempt BOTH of them and follow
carefully the instructions in each.
Part 1
60% of the examination marks.
This part contains EIGHT questions and you should attempt ALL of
them. You are advised to spend about 1 hour 50 minutes on this part.
Part 2
40% of the examination marks.
This part contains THREE questions, of which you should attempt TWO.
You are advised to spend about 1 hour 10 minutes on this part.
At the end of the examination
Check that you have written your personal identifier and examination
number on each answer book used. Failure to do so will mean that
your work cannot be identified.
Put all your used answer books and your question paper together, with
your signed desk record on top. Fix them all together with the paper
fastener provided.

Copyright 2008 The Open University

WEB 00310 5
1.1

PART 1

This part carries 60% of the total examination marks. You should attempt
ALL the questions. Each question carries a different mark as shown.
You are advised to spend about 1 hour 50 minutes on this part.

Question 1
(8 marks)

(a) Explain the purpose of CHAP (challenge handshake authentication

protocol) and when it is used.
(2 marks)
(b) List the stages of CHAP authentication.
(3 marks)
(c)

What is the main difference between PAP and CHAP?

(3 marks)

Question 2
(6 marks)

Create a suitable aggregate address and subnet mask for the following
routes:
196.199.65.0
196.199.66.0
196.199.67.0
196.199.68.0
Be sure to show all your working.
(6 marks)

Question 3
(9 marks)

Frame relay, ADSL and ISDN are all WAN technologies. For each, state
its:

bandwidth

connection type

typical use.
(9 marks)

Question 4
(9 marks)

Write a plan for an extended access control list (ACL) to meet the
requirements listed below. Explain each line in your list.
(a) Block traffic coming from the third subnet (use subnet 0) of
196.18.12.0/27 from accessing HTTP.
(4 marks)
(b) All hosts should be prevented from accessing 177.0.0.1 for any
purpose.
(3 marks)
(c)

All other traffic should be allowed.

(2 marks)

Question 5
(6 marks)

Given the Class A network 10.0.0.0, create a subnet mask for the 600
subnets. Identify the 100th and VLSM for a further 25 subnets. Assume
subnet 0 is used. Show all your working.
(6 marks)

T216/SEP

Question 6
(8 marks)

Describe the elements of a general network communication model.

Question 7
(8 marks)

Describe the steps involved in discovering a WLAN and connecting to it,

using the 802.11 protocol.

(8 marks)

(8 marks)
Question 8
(6 marks)

Briefly explain what you understand by the term DHCP, giving examples
of the type of information it provides.
(6 marks)

T216/SEP

TURN OVER

PART 2

This part carries 40% of the total examination marks. You should attempt
TWO questions from this part. Each question carries 20 marks.
You are advised to spend about 1 hour 10 minutes on this part.

Question 9
(20 marks)

This question is about switches and switching.

(a) At which point during the receipt of a frame does each of the switch
types listed below start forwarding? What is the consequence for each
type with respect to latency and errors?
(i)

Store and forward

(ii)

Fragment free

(iii) Fast forward

(9 marks)
(b) Explain the term virtual local area network (VLAN), listing two
benefits.
(5 marks)
(c)

Explain the principles that underlie the operation of the STP (spanning
tree protocol) and the consequences of not using such a protocol.
(6 marks)

Question 10
(20 marks)

This question is about routers and routing.

(a) Explain the essential features that enable a router to learn about other
networks and then forward packets towards their destination.
(6 marks)
(b) EIGRP and OSPF are both routing protocols. List the characteristics
that define each.
(8 marks)
(c)

Explain what you understand by the term discontiguous network.

Why is RIP v1 unable to handle these networks correctly?
(6 marks)

Question 11
(20 marks)

This question is about setting up network devices.

(a) Give an explanation of each of the commands listed below. Your
explanation should include when the command is used, what it does
and at which interface mode (prompt) it is entered.

clock rate 56000

show ip route

interface Gi0/1/1

ip nat pool server 180.60.30.50 180.60.30.65

switchport access Vlan 10

(15 marks)

(b) Describe the router boot-up process from power on to final

configuration.
(5 marks)

[END OF QUESTION PAPER]

4

T216/SEP

Specimen exam paper answers

The following are examples of what the course team would consider to be
good answers to the questions, but there are often several different
acceptable approaches.

Part 1
Question 1

(a) CHAP is used at the start-up of a link and periodically to verify the
identity of the remote node.
(b) Three-way handshake:
Challenge a message is sent.
Response a hash is applied to the message and its returned.
Accept/reject the response is checked against the expected
hash value.
(c)

Question 2

PAP is not a strong authentication protocol and uses a two-way

handshake. Passwords are sent across the link in clear text. CHAP
uses a three-way handshake and provides protection against
playback attack through the use of a variable challenge value that is
unique and unpredictable.

Answer: 196.199.64.0 255.255.252.0 or /22

The table below shows the addresses for the third octet. The mask
boundary is drawn where all the bits in the column stop being the same, as
shown in bold.

Question 3

T216/SEP

128

64

32

16

64

65

66

67

68

The answers are shown in the table below.

Bandwidth

Connection type

Typical use

Frame relay

Less than 4 Mbps

Permanent virtual
circuit

Low-cost flexible
mesh connections

ADSL

1 to 8 Mbps down,
128 kbps up

Permanent

Home (local loop)

access

ISDN

64128 kbps

Dialled

Backup and remote

access

Question 4

(a) access-list 101 deny tcp 196.18.12.64 0.0.0.31 any eq 80 (or www)
Only a source address is required as traffic is blocked to any address
using the HTTP protocol.
(b) access-list 101 deny ip any host 177.0.0.1
The destination address is specified with the term host as it is a
specific address.
(c)

access-list 101 permit ip any any

Required because there is an implicit deny statement.

Question 5

10 bits allows a maximum of 1024 subnets, so for 600 subnets the mask is

255.255.192.0 or /18.

The binary value for 99 (which is the 100th when you count from 0) has to

be matched against the available bits.

512

256

128

64

32

16

128

64

32

16

||
||

128

64

Therefore the 100th is 10.24.192.0.

A further 25 subnets requires 5 extra bits, which is 255.255.254.0 or /23.
Question 6

Communication takes place between a message source and a destination.

The object of the process is that the destination receives a message in a
format that it can understand. Message sources and destinations can be
people or electronic devices. A communication channel connects the
sender and receiver and provides a pathway over which the message can
travel. This channel is also called the transmission medium. A device is
required at each end of the channel to convert the message from the
source to a suitable format for transmission, with the reverse process
carried out at the destination. At the source this device is called an encoder
and sends a signal to a transmitter. At the destination a receiver sends a
signal to a decoder, which outputs the message sent.

Question 7

The key processes used to discover a WLAN are as follows.

Beacons are broadcast frames used by the WLAN access points to
advertise their whereabouts.
Probe frames are used by clients to find access points.
Authentication is included in the standard, although it is normal to
operate in a NULL mode.
Association establishes a data link between the client and the access
point and includes the exchange of MAC addresses.

Question 8

DHCP is a protocol that allows the automatic assignment of network

configuration information to hosts on a network. It can provide an IP
address, DNS, WINS and domain name.

T216/SEP

Part 2
Question 9

(a) Store and forward switching has the highest latency as it starts
forwarding only after the entire frame is received. This method
ensures that all errors are detected.
Fragment free switching starts forwarding after receiving 64 bytes.
This value is significant as it will include all collision fragments, which
can then be discarded.
Fast forward switching has the lowest latency. Forwarding begins as
soon as the destination address has been received. Any frames with
errors will still be forwarded, which can lead to high traffic levels.
(b) A VLAN is a logical broadcast domain that can cover multiple physical
LAN segments. The benefits include easy administration, improved
security and flexibility.
(c)

Question 10

STP ensures that there is only one logical path between all
destinations on the network by intentionally blocking redundant paths
that could cause a loop. A port is considered blocked when network
traffic is prevented from entering or leaving that port. This does not
include bridge protocol data unit (BPDU) frames that are used by STP
to prevent loops. Blocking the redundant paths is critical to preventing
loops on the network. The physical paths still exist to provide
redundancy, but these paths are disabled to prevent the loops from
occurring. If the path is ever needed to compensate for a network
cable or switch failure, STP recalculates the paths and unblocks the
necessary ports to allow the redundant path to become active.

(a) Routing is the process that a router uses to forward packets toward
the destination network. Routing decisions are made by comparing
destination IP addresses with a routing table and forwarding the packet
on the designated interface. To make the correct decisions, routers must
learn how to reach remote networks by sharing information with other
routers. Routing protocols (such as EIGRP) are used to learn about
other networks. Routes can be determined dynamically or statically.
(b) Characteristics of OSPF:

It supports classless interdomain routing (CIDR).

It is a link-state routing protocol.

The shortest path first algorithm is used to find the lowest cost path.

Routing updates are flooded as topology changes occur.

Characteristics of EIGRP:

T216/SEP

It is a Cisco proprietary protocol.

It uses enhanced distance-vector routing that includes elements

of distance-vector and link state.

It uses diffusing update algorithm (DUAL) to calculate the

shortest path.

Routing updates are multicast using 224.0.0.10 triggered by

topology changes.

It uses unequal cost load balancing.

(c)

Question 11

A discontiguous network is one in which a classful major address is

separated by one or more other major networks. Routing protocols
such as RIP, which do not include subnet information in their routing
updates, summarise routes upon the basis of classful address
boundaries. As a consequence the router will see two networks with
the same classful address and it will not route packets consistently to
the correct sub-networks.

(a) R(config-if)# clockrate 56000

When routers are directly connected, one has to act as a DCE to
provide clocking. 56000 is the clock rate in bps. It is one of a
range of options.
Router# show ip route
Displays the current status of routes in the routing table. Shows
directly connected routes, those discovered (next hop) by the
routing protocol and static entries. Also shows metrics.
Router(config)#interface Gi0/1/1
Configures an interface type and enters interface configuration
mode when the address can be added and the interface turned
on. This interface is Gigabit Ethernet.
R(config)#ip nat pool server 180.60.30.50 180.60.30.65
Defines a pool of global addresses for use with dynamic NAT.
The pool name is server and the address range is from 80 to 95.
Switch(config-if)#switchport access vlan 10
Assigns the VLAN to one or more interfaces. VLAN 10 will need
to have been set up.
(b) Once POST is complete, software must be loaded into RAM. A
bootstrap program is loaded from ROM. The IOS can then be loaded
from flash into RAM for execution by the CPU. The start-up
configuration is then loaded into RAM, normally from NVRAM. The
router then enters the set-up mode. Running configuration can be
saved to start.

T216/SEP