Generated by Foxit PDF Creator © Foxit Software

http://www.foxitsoftware.com For evaluation only.

CCNA4

Curriculum1
Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.
Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

http://www.gradarom.com/cisco/index.php?lang=en&module=DRSEnt_Chapter_1

What is a benefit of having an extranet?

It provides web-like access to company information for employees only.
It limits access to corporate information to secure VPN or remote access connections only.
It allows customers and partners to access company information by connecting to a public web server.
It allows suppliers and contractors to access confidential internal information using controlled externa
connections.

2What are two important characteristics or functions of devices at the Enterprise Edge? (Choose two.)
providing Internet, telephone, and WAN services to the enterprise network
providing a connection point for end-user devices to the enterprise network
providing high-speed backbone connectivity with redundant connections
providing intrusion detection and intrusion prevention to protect the network against malicious
activity
providing packet inspection to determine if incoming packets should be allowed on the enterprise
network

3 Which two measures help ensure that a hardware problem does not cause an outage in an enterprise LAN th
supports mission critical services? (Choose two.)
providing failover capability
installing redundant power supplies
purchasing more bandwidth from the ISP
enabling half-duplex connectivity to access layer devices
installing routers that can handle a greater amount of throughput

4Which three items can be discovered by using a packet sniffer application? (Choose three.)
network transmission speed
source IP address
Ethernet frame type
duplex operational status
near-end crosstalk (NEXT) level
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

TCP sequence number

5 Which two statements are reasons why UDP is used for voice and video traffic instead of TCP? (Choose two
TCP requires all data packets to be delivered for the data to be usable.
The acknowledgment process of TCP introduces delays that break the streams of data.
UDP does not have mechanisms for retransmitting lost packets.
UDP tolerates delays and compensates for them.
TCP is a connectionless protocol that provides end-to-end reliability.
UDP is a connection-oriented protocol that provides end-to-end reliability.

6Which task would typically only require services located at the access layer of the hierarchical design model
connecting to the corporate web server to update sales figures
using a VPN from home to send data to the main office servers
printing a meeting agenda on a local departmental network printer
placing a VoIP call to a business associate in another country
responding to an e-mail from a co-worker in another department

7 The ABC Corporation implements the network for its new headquarters using the Cisco Enterprise Architec
The network administrator wants to filter the traffic from and to the outside world. Where should the
administrator deploy a firewall device?
server farm
enterprise edge
enterprise campus
service provider edge

8Why is TCP the preferred Layer 4 protocol for transmitting data files?
TCP is more reliable than UDP because it requires lost packets to be retransmitted.
TCP requires less processing by the source and destination hosts than UDP.
UDP introduces delays that degrade the quality of the data applications.
TCP ensures fast delivery because it does not require sequencing or acknowledgements.

9 Which protocol and process could be implemented on a network to ensure that a telecommuter can attend a
training presentation via the use of VoIP and still experience uninterrupted data streams and quality
conversations?
TCP and QoS
UDP and QoS
TCP and queuing
UDP and VPN
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

TCP and VPN

10What does VoIP provide to telecommuters?

high-quality, live-video presentations
real-time voice communications over the Internet
ability to share desktop applications simultaneously
secure, encrypted data transmissions through the Internet

11 What is the main purpose of the Access Layer in a hierarchically designed network?
performs routing and packet manipulation
supplies redundancy and failover protection
provides a high-speed, low-latency backbone
serves as a network connection point for end-user devices

12In which functional area of the Cisco Enterprise Architecture should IDS and IPS be located to detect and
prevent malicious activity from outside?
enterprise campus
WAN and Internet
enterprise edge
service provider edge

13 How does a VPN work to support remote user productivity?

It uses SSL to encrypt remote user logins to the corporate intranet.
It uses secure Telnet for remote user connections to internal network devices.
It creates a virtual circuit that allows real-time communications between any two Internet endpoints.
It uses encapsulation to create a secure tunnel for transmission of data across non-secure networ

14What is the purpose of the Cisco Enterprise Architecture?

remove the three-layer hierarchical model and use a flat network approach
divide the network into functional components while still maintaining the concept of Core,
Distribution, and Access Layers
provide services and functionality to the core layer by grouping various components into a single
component located in the access layer
reduce overall network traffic by grouping server farms, the management server, corporate intranet, an
commerce routers in the same layer

15 Which two solutions would an enterprise IT department use to facilitate secure intranet access for remote
workers? (Choose two.)
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

VPN
NAT
user authentication
client firewall software
packet sniffing

What are two benefits to an employee of teleworking? (Choose two.)

reduced commuting costs
reduced network complexity
reduced need for support staff
reduced need for expensive business attire
reduced security risks to the network infrastructure

17Which functional component of the Cisco Enterprise Architecture is responsible for hosting internal server
enterprise campus
enterprise edge
service provider edge
building distribution

18 What can be found at the enterprise edge?

Internet, VPN, and WAN modules
Internet, PSTN, and WAN services
server farms and network management
campus infrastructure, including access layer devices

19What type of traffic flow is always considered to be external?

file sharing traffic
system updates
company e-mail
Internet bound traffic
transaction processing

20 What are two benefits of controlling the flow of traffic in an enterprise network? (Choose two.)
security
smaller failure domains
more reliable transaction processing
bandwidth optimization
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

local control of network services

21Which statement describes the difference between an enterprise WAN and an enterprise extranet?
An enterprise WAN is designed to interconnect local LANs, while an enterprise extranet is designed to
interconnect remote branch offices.
An enterprise WAN is designed to interconnect branch offices, while an enterprise extranet is
designed to give access to external business partners.
An enterprise WAN is designed to provide remote access for its teleworkers, while an enterprise extran
is designed to provide Internet connectivity for the enterprise.
An enterprise WAN is designed to provide Internet connectivity for the enterprise, while an enterprise
extranet is designed to provide remote access to the enterprise network for teleworkers.

22 A business consultant must use Internet websites to research a report on the e-business strategies of several
firms and then electronically deliver the report to a group of clients in cities throughout the world. Which tw
teleworker tools can the consultant use to accomplish this project? (Choose two.)
VoIP
VPN
HTTP
Telnet
email

23A remote user needs to access a networking device on the internal network of the company. The transaction
between the remote user and the device must be secure. Which protocol enables this to happen securely?
HTTP
SSH
Telnet
FTP

24 What are two important guidelines when using packet sniffers to determine traffic flow patterns? (Choose tw
Capture only traffic from a single application at a time.
Perform the capture on several different network segments.
Create a baseline capture during a low or non-utilization period.
Relocate highly active servers before attempting the capture.
Capture traffic during peak utilization times.
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

Which of the following can be done to allow the users on the 10.0.0.0 network to communicate with
the Web Server shown in the graphic? (Choose two.)
* Configure the Miami router to use NAT.
• Configure the Web Server with a private address.
* Configure the Miami router to use PAT.
• Change the Internet link IP address of 128.56.0.0 to a private address.
• Configure the Tampa router to use PAT.

2 What is the default number of pings issued by a DHCP server to a pool address before sending the
DHCPOFFER to a client?
• one
* two
• three
• four
• five

3 What is the purpose of the DHCPDECLINE message?

• If the DHCP client received multiple DHCPOFFERs, it uses the DHCPDECLINE to refuse the
offers it does not use.
• If the DHCP server sends an IP configuration update that the DHCP client does not need, it uses
the DHCPDECLINE to refuse the information.
• The DHCP server uses the DHCPDECLINE message to refuse a DHCP client's request for IP
configuration information.
* If the DHCP client detects that the address supplied by the DHCP server is in use on the network,
it uses the DHCPDECLINE to refuse the offer.

4 Which configuration parameters are provided by the dynamic allocation process of DHCP?
(Choose three.)
* Gateway address
* DNS server
• DHCP Server
* Subnet mask
• Key server
• ARP server

5
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

What is the purpose of the command marked with an arrow shown in the partial configuration
output of a Cisco 806 broadband router?
• defines which addresses are allowed out of the router
• defines which addresses are allowed into the router
* defines which addresses can be translated
• defines which addresses are assigned to a NAT pool

Given the accompanying debug output from a Cisco router, what kind of address is 10.10.10.3 with
the IP identification number of 29855?
* inside local
• inside global
• outside local
• outside global

Given the accompanying graphic, which statement would be applied to the S0 interface when
configuring NAT on the Tampa router?
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

• ip nat inside
* ip nat outside
• ip pat inside
• ip pat outside

Given the accompanying graphic, which addresses could be assigned to traffic leaving S0 as a result
of the statement ip nat pool Tampa 179.9.8.96 179.9.8.111 netmask 255.255.255.240? (Choose
two.)
• 10.0.0.125
• 179.9.8.95
* 179.9.8.98
* 179.9.8.101
• 179.9.8.112

Refer to the exhibit. Which command would establish a group of 30 IP addresses that could be used
to hide inside addresses from the Internet?
• ip nat pool Raleigh 10.0.0.32 10.0.0.63 netmask 255.255.255.224
• ip nat pool Raleigh 10.0.0.32 10.0.0.63 netmask 255.255.255.240
* ip nat pool Raleigh 171.11.10.32 171.11.10.63 netmask 255.255.255.224
• ip nat pool Raleigh 171.11.10.32 171.11.10.63 netmask 255.255.255.240

10

Given the accompanying diagram, which commands are necessary to implement PAT on the
Raleigh router? (Choose four.)
* access-list 10 permit 192.168.10.0 0.0.0.255
• access-list 10 permit 171.11.0.0 0.0.255.255
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

• ip nat inside source static 192.168.10.1 171.11.0.0

* ip nat inside source list 10 interface S0 overload
* ip nat outside
* ip nat inside

11 What is true regarding the differences between NAT and PAT?

• PAT uses the word "overload" at the end of the access-list statement to share a single registered
address.
• Static NAT allows an unregistered address to map to multiple registered addresses.
• Dynamic NAT allows hosts to receive the same global address each time external access is
required.
* PAT uses unique source port numbers to distinguish between translations.

12 Which of the following are broadcasts sent by a client to a DHCP server? (Choose two.)
* DHCPDISCOVER
• DHCPRELEASE
• DHCPACK
* DHCPREQUEST
• DHCPOFFER

13 In addition to assigning addresses from predefined pools, which other services can a DHCP
server offer? (Choose three.)
* DNS server addresses
* domain names
• global IP assignments
• NAT translations
* WINS server addresses

14 Users are complaining that they cannot attach to network resources. A technician has confirmed
that clients are not properly receiving IP configuration information through the DHCP process. The
network administrator wants to watch the DHCP process while the technician tries to release and
renew addresses on the clients. Which command would the network administrator use to monitor
the process of address allocation?
• show ip dhcp server statistics
• show ip dhcp binding
* debug ip dhcp server events
• debug ip dhcp binding

15
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

Refer to the graphic. Which command would allow the router to forward DHCP broadcasts from
Host A to the DHCP server?
* ip helper-address
• dhcp helper-address
• dhcp relay-agent
• dhcp-relay

16 What is the default lease time for addresses assigned to clients through Easy IP?
* twenty-four hours
• forty-eight hours
• one week
• two weeks

17

The Raleigh router shown in the diagram is configured with PAT. Which of the following must be
changed if the private network is migrated to a 10.0.0.0 network? (Choose two.)
* E0 interface address
• S0 interface address
* the access-list statement
• the NAT outside interface
• the NAT inside interface

18 A network administrator needs to configure a router to offer DHCP services. Assuming the
router is operating with factory defaults and the IOS supports DHCP, what must be done to start the
DHCP service?
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

• Use the global configuration command service dhcp.

• Use the privileged command service dhcp start.
• Use the start service dhcp command during the setup processes.
* Do nothing. The DHCP service is enabled by default during start up.

19 Which of the following traffic types are supported by Cisco IOS NAT? (Choose two.)
• Routing table updates
* ICMP
* FTP
• BOOTP
• SNMP

20 Which configuration information might a DHCPOFFER include? (Choose three.)

* IP address
* DNS server address
• DHCP binding
* Lease time
• DHCP database

21 A company was issued 207.48.12.8/29 as its registered address from its ISP. Which of the
following is a solution that will allow Internet access to 300 employees simultaneously?
• VLSM to further subnet the registered address and create more IP addresses
• normal subnetting on the Class C network and address the host
* RFC 1918 and port address translation
• this is an impossible scenario because there are not enough addresses
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

1 What can be found at the enterprise edge?

Internet, VPN, and WAN modules

Internet, PSTN, and WAN services
server farms and network management
campus infrastructure, including access layer devices

Q.2 In which functional area of the Cisco Enterprise Architecture should IDS and IPS be located to
detect and prevent services from accessing hosts?

Enterprise Campus
Edge Distribution
Enterprise Edge
Service Provider Edge

Q.3 A business consultant must use Internet websites to research a report on the e-business
strategies of several firms and then electronically deliver the report to a group of clients in cities
throughout the world. Which two teleworker tools can the consultant use to accomplish this project?
(Choose two.)

VoIP
VPN
HTTP
Telnet
email

Q.4 Which two measures help ensure that a hardware problem does not cause an outage in an
enterprise LAN that supports mission critical services? (Choose two.)

providing failover capability

installing redundant power supplies
purchasing more bandwidth from the ISP
implementing broadcast containment with VLANs
installing routers that can handle a greater amount of throughput

Q.5 Which task would typically only require services located at the access layer of the hierarchical
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

design model?

connecting to the corporate web server to update sales figures

using a VPN from home to send data to the main office servers
printing a meeting agenda on a local departmental network printer
placing a VoIP call to a business associate in another country
responding to an e-mail from a co-worker in another department

Q.6 How does a VPN work to support remote user productivity?

It uses SSL to encrypt remote user logins to the corporate intranet.

It uses secure Telnet for remote user connections to internal network devices.
It creates a virtual circuit that allows real-time communications between any two Internet
endpoints.
It uses encapsulation to create a secure tunnel for transmission of data across non-secure
networks.

Q.7 A remote user needs to access a networking device on the internal network of the company.
The transactions between the remote user and the device must be secure. Which protocol enables
this to happen securely?

HTTP
SSH
Telnet
FTP

Q.8 What does VoIP provide to telecommuters?

high-quality, live-video presentations

real-time voice communications over the Internet
ability to share desktop applications simultaneously
secure, encrypted data transmissions through the Internet

Q.9 Which functional component of the Cisco Enterprise Architecture is responsible for hosting
internal servers?

enterprise campus
enterprise edge
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

service provider edge

building distribution

Q.10 What is the purpose of the Cisco Enterprise Architecture?

remove the three-layer hierarchical model and use a flat network approach
divide the network into functional components while still maintaining the concept of Core,
Distribution, and Access Layers
provide services and functionality to the core layer by grouping various components into a
single
component located in the access layer
reduce overall network traffic by grouping server farms, the management server, corporate
intranet, and e-commerce routers in the same layer

Q.11 Which two solutions would an enterprise IT department use to facilitate secure intranet access
for remote workers? (Choose two.)

VPN
NAT
user authentication
client firewall software
packet sniffing

Q.12 Which statement describes the difference between an enterprise WAN and an enterprise
extranet?

An enterprise WAN is designed to interconnect local LANs, while an enterprise extranet is

designed to interconnect remote branch offices.
An enterprise WAN is designed to interconnect branch offices, while an enterprise extranet is
designed to give access to external business partners.
An enterprise WAN is designed to provide remote access for its teleworkers, while an
enterprise extranet is designed to provide Internet connectivity for the enterprise.
An enterprise WAN is designed to provide Internet connectivity for the enterprise, while an
enterprise extranet is designed to provide remote access to the enterprise network for teleworkers.

Q.13 Why would a network administrator want to limit the size of failure domains when designing
a network?

reduces the effect of Ethernet collisions

 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

reduces the impact of a key device or service failure

reduces the impact of Internet congestion on critical traffic
reduces the impact of blocking broadcast packets at the edge of the local network

Q.14 What is the main purpose of the Access Layer in a hierarchically designed network?

performs routing and packet manipulation

supplies redundancy and failover protection
provides a high-speed, low-latency backbone
serves as a network connection point for end-user devices

Q.15 Which three functions are performed at the Distribution Layer of the hierarchical network
model? (Choose three.)

forwards traffic that is destined for other networks

isolates network problems to prevent them from affecting the Core Layer
allows end users to access the local network
provides a connection point for separate local networks
transports large amounts of data between different geographic sites
forwards traffic to other hosts on the same logical network

Q.16 What is a benefit of having an extranet?

It provides web-like access to company information for employees only.

It limits access to corporate information to secure VPN or remote access connections only.
It allows customers and partners to access company information by connecting to a public web
server.
It allows suppliers and contractors to access confidential internal information using controlled
external connections.

Q.17 What are two important characteristics or functions of devices at the Enterprise Edge?
(Choose two.)

providing Internet, telephone, and WAN services to the enterprise network

providing a connection point for end-user devices to the enterprise network
providing high-speed backbone connectivity with redundant connections
providing intrusion detection and intrusion prevention to protect the network against malicious
 Generated by Foxit PDF Creator © Foxit Software
http://www.foxitsoftware.com For evaluation only.

activity
providing packet inspection to determine if incoming packets should be allowed on the
enterprise network

Q.18 Why is TCP the preferred Layer 4 protocol for transmitting data files?

TCP is more reliable than UDP because it requires lost packets to be retransmitted.
TCP requires less processing by the source and destination hosts than UDP.
UDP introduces delays that degrade the quality of the data applications.
TCP ensures fast delivery because it does not require sequencing or acknowlegements.

Q.19 The ABC Corporation implements the network for its new headquarters using the Cisco
Enterprise Architecture. The network administrator wants to filter the traffic from and to the outside
world. Where should the administrator deploy a firewall device?

server farm
enterprise edge
enterprise campus
service provider edge

Q.20 Which two statements are reasons why UDP is used for voice and video traffic instead of
TCP?(Choose two.)

TCP requires all data packets to be delivered for the data to be usable.
The acknowledgment process of TCP introduces delays that break the streams of data.
UDP does not have mechanisms for retransmitting lost packets.
UDP tolerates delays and compensates for them.
TCP is a connectionless protocol that provides end-to-end reliability.
UDP is a connection-oriented protocol that provides end-to-end reliability

http://www.scribd.com/doc/4935486/Ccna-3-Discovery-4-0-module-1-100