l.

what functionaIity do access controI Iists provide in thimpIementation of dynamic NAT on

a Cisco router?
deine which addresses can be LranslaLed
deine which addresses are assigned Lo a NA1 pool
deine which addresses are allowed ouL Lhe rouLer
deine which addresses can be accessed rom Lhe inside neLwork
2. which three guideIines wouId heIp contribute to creating a strong password poIicy?
(Choose three.)
Once a good password is creaLed, do noL change iL.
DeliberaLely misspell words when creaLing passwords.
CreaLe passwords LhaL are aL leasL 8 characLers in lengLh.
Use combinaLions o upper case, lower case, and special characLers.
WriLe passwords in locaLions LhaL can be easily reLrieved Lo avoid being locked ouL.
Use long words ound in Lhe dicLionary Lo make passwords LhaL are easy Lo remember.
3.
Refer to the exhibit. very time the administrator reboots this router, the boot process ends
in setup mode. what is a possibIe probIem?
1here is insuicienL RAM or Lhe lOS Lo load on Lhis rouLer.
A password recovery process should be done on Lhis rouLer.
1he booLsLrap version and Lhe version o Lhe lOS are dierenL.
1he lOS image is damaged and musL be reloaded using tftpdnId.
1he coniguraLion regisLer is seL Lo ignore Lhe sLarLup coniguraLion.
4. which option correctIy defines the capacity through the IocaI Ioop guaranteed to a
customer by the service provider?
8F
DF
ClR
C8lR
5.
Refer to the exhibit. A host connected to la0/0 is unabIe to acquire an lP address from the
DHCP server. The output of the debug ip dhcp server command shows DHCPD. there is no
address pooI for l0.l.l.l. what is the probIem?
1he 0... address is already conigured on Fa0/0.
1he deaulL rouLer or Lhe 0NeLwork pool is incorrecL.
1he ip heIper-address musL be added Lo Fa0/0 inLerace.
1he pool o addresses or Lhe 0NeLwork pool is incorrecL.
. which data Iink Iayer encapsuIation protocoI is used by defauIt for seriaI connections
between two Cisco routers?
A1M
Frame Relay
HDLC
PPP
SDLC
7.
Refer to the exhibit. which statement correctIy describes how Routerl processes an lTP
request that enters interface s0/0/0 and is destined for an lTP server at lP address
l92.l.l.5?
1he rouLer maLches Lhe incoming packeL Lo Lhe sLaLemenL LhaL was creaLed by Lhe access-Iist 20l
deny icmp l92.l.l.0 0.0.0.255 any command, conLinues comparing Lhe packeL Lo Lhe remaining
sLaLemenLs in ACL 20 Lo ensure LhaL no subsequenL sLaLemenLs allow F1P, and Lhen Lhe rouLer
drops Lhe packeL.
1he rouLer reaches Lhe end o ACL 0 wiLhouL maLching a condiLion and drops Lhe packeL because
Lhere is no sLaLemenL LhaL was creaLed by Lhe access-Iist l0l permit ip any any command.
1he rouLer maLches Lhe incoming packeL Lo Lhe sLaLemenL LhaL was creaLed by Lhe access-Iist l0l
permit ip any l92.l.l.0 0.0.0.255 command and allows Lhe packeL inLo Lhe rouLer.
lL maLches Lhe incoming packeL Lo Lhe sLaLemenL LhaL was creaLed by Lhe access-Iist 20l permit ip
any any command and allows Lhe packeL inLo Lhe rouLer.
. Compared with lD5 systems, what can lP5 systems do to provide further protection of
computer systems?
deLecL poLenLial aLLacks
sLop Lhe deLecLed aLLack rom execuLing
updaLe OS paLches or compuLer sysLems
scan compuLer sysLems or viruses and spyware
9. which l 02.l broadband wireIess technoIogy aIIows users to connect to the l5P at
speeds comparabIe to D5L and cabIe?
Wi-Fi
saLelliLe
WiMAX
MeLro FLherneL
l0. A network administrator has changed the VLAN configurations on his network switches
over the past weekend. How can the administrator determine if the additions and changes
improved performance and avaiIabiIity on the company intranet?
ConducL a perormance LesL and compare wiLh Lhe baseline LhaL was esLablished previously.
lnLerview deparLmenLal secreLaries and deLermine i Lhey Lhink load Lime or web pages has
improved.
DeLermine perormance on Lhe inLraneL by moniLoring load Limes o company web pages rom
remoLe siLes.
Compare Lhe hiL counLs on Lhe company web server or Lhe currenL week Lo Lhe values LhaL were
recorded in previous weeks.
ll.
Refer to the exhibit. what is the meaning of the term dynamic in the output of the
command?
1he bandwidLh capabiliLy o Lhe inLerace increases and decreases auLomaLically based on 8FCNs.
1he Serial0/0/ inLerace acquired 72.6.3. rom a DHCP server.
1he mapping beLween DLCl 00 and 72.6.3. was learned Lhrough lnverse ARP.
DLCl 00 will auLomaLically adapL Lo changes in Lhe Frame Relay cloud.
l2. which type of ACL wiII permit traffic inbound into a private network onIy if an outbound
session has aIready been estabIished between the source and destination?
exLended
relexive
sLandard
Lime-based
l3. which two statements are true about lPv Iink IocaI addresses? (Choose two.)
1hey begin wiLh Lhe 2000../3 preix.
1hey begin wiLh Lhe FF80../0 preix.
1hey are assigned by lANA Lo an organizaLion.
1hey musL be manually conigured by Lhe adminisLraLor.
1hey are assigned Lo a hosL by a sLaLeless auLoconiguraLion process.
l4. A company is Iooking for a wAN soIution to connect its headquarters site to four remote
sites. what are two advantages that dedicated Ieased Iines provide compared to a shared
lrame ReIay soIution? (Choose two.)
reduced jiLLer
reduced cosLs
reduced laLency
Lhe abiliLy Lo bursL above guaranLeed bandwidLh
Lhe abiliLy Lo borrow unused bandwidLh rom Lhe leased lines o oLher cusLomers
l5.
Refer to the exhibit. A network administrator is trying to connect Rl remoteIy to make
configuration changes. Based on the exhibited command output, what wiII be the resuIt when
attempting to connect to Rl?
ailure Lo connecL due Lo 1elneL noL being enabled
ailure Lo connecL due Lo incompleLe coniguraLion or 1elneL
a successul connecLion and abiliLy Lo make coniguraLion changes
a successul connecLion buL inabiliLy Lo make coniguraLion changes because o Lhe absence o an
enable secreL password
l. what are two effective measures for securing routers? (Choose two.)
ProLecL all acLive rouLer inLeraces by coniguring Lhem as passive inLeraces.
Conigure remoLe adminisLraLion Lhrough v1 lines or 1elneL access.
Use quoLes or phrases Lo creaLe pass phrases.
Disable Lhe H11P server service.
Fnable SNMP Lraps.
l7. An issue of response time has recentIy arisen on an appIication server. The new reIease of
a software package has aIso been instaIIed on the server. The configuration of the network
has changed recentIy. To identify the probIem, individuaIs from both teams responsibIe for
the recent changes begin to investigate the source of the probIem. which statement appIies
to this situation?
Scheduling will be easy i Lhe neLwork and soLware Leams work independenLly.
lL will be diiculL Lo isolaLe Lhe problem i Lwo Leams are implemenLing changes independenLly.
ResulLs rom changes will be easier Lo reconcile and documenL i each Leam works in isolaLion.
Only resulLs rom Lhe soLware package should be LesLed as Lhe neLwork is designed Lo
accommodaLe Lhe proposed soLware plaLorm.
l.
Refer to the exhibit. lrom the output of the show interfaces and ping commands, at which
Iayer of the O5l modeI is a fauIt indicated?
applicaLion
LransporL
neLwork
daLa link
physical
l9. which technoIogy is used to dynamicaIIy map next hop, network Iayer addresses to virtuaI
circuits in a lrame ReIay network?
lnverse ARP
LMl
DLCl
FFCN
20. An administrator Iearns of an e-maiI that has been received by a number of users in the
company. This e-maiI appears to come from the office of the administrator. The e-maiI asks
the users to confirm their account and password information. which type of security threat
does this e-maiI represent?
cracking
phishing
phreaking
spamming
2l.
Refer to the exhibit. which data transmission technoIogy is being represented?
1DM
PPP
HDLC
SLlP
22.
Refer to the exhibit. ResuIts of the show vIan and show vtp status commands for switches 5l
and 52 are dispIayed in the exhibit. VLAN ll was created on 5l. why is VLAN ll missing from
52?
1here is a Layer 2 loop.
1he v1P domain names do noL maLch.
Only one swiLch can be in server mode.
S2 has a higher spanning-Lree prioriLy or vLAN Lhan S does.
23. what is the resuIt of adding the gIobaI command service password-encryption to the
configuration of a router?
Line passwords are encrypLed wiLh Lype 7 encrypLion.
Fnable passwords are encrypLed wiLh Lype 5 encrypLion.
All services musL provide an encrypLed password Lo uncLion.
Only encrypLed messages are allowed or rouLer communicaLion.
24. whiIe troubIeshooting a probIem with an e-maiI server, an administrator observes that
the switch port used by the server shows up, Iine protocoI up. The administrator cannot
ping the server. At which Iayer of the O5l modeI is the probIem most IikeIy to be found?
applicaLion layer
neLwork layer
daLa link layer
physical layer
25. where does a service provider assume responsibiIity from a customer for a wAN
connection?
local loop
D1F cable on rouLer
demarcaLion poinL
demiliLarized zone
2. what wiII be the resuIt of adding the command ip dhcp excIuded-address l92.l.24.l
l92.l.24.5 Lo Lhe coniguraLion o a local rouLer LhaL has been conigured as a DHCP server
1raic LhaL is desLined or 92.68.24. and 92.68.24.5 will be dropped by Lhe rouLer.
1raic will noL be rouLed rom clienLs wiLh addresses beLween 92.68.24. and 92.68.24.5.
1he DHCP server will noL issue Lhe addresses ranging rom 92.68.24. Lo 92.68.24.5.
1he rouLer will ignore all Lraic LhaL comes rom Lhe DHCP servers wiLh addresses 92.68.24. and
92.68.24.5.
27.
Refer to the exhibit. PartiaI resuIts of the show access-Iists and show ip interface lastthernet
0/l commands for router Routerl are shown. There are no other ACLs in effect. Host A is
unabIe to teInet to host B. which action wiII correct the probIem but stiII restrict other traffic
between the two networks?
Apply Lhe ACL in Lhe inbound direcLion.
Apply Lhe ACL on Lhe FasLFLherneL 0/0 inLerace.
Reverse Lhe order o Lhe 1CP proLocol sLaLemenLs in Lhe ACL.
Modiy Lhe second enLry in Lhe lisL Lo permit tcp host l72.l.l0.l0 any eq teInet .
2.
Refer to the exhibit. The corporate network that is shown has been assigned network
l72.l.l2.0/l9 for use at branch office LANs. lf VL5M is used, what mask shouId be used for
addressing hosts at Branch4 with minimaI waste from unused addresses?
/9
/20
/2
/22
/23
/24
29.
Refer to the exhibit. RlPv2 has been configured on aII routers in the network. Routers Rl and
R3 have not received any RlP routing updates. what wiII fix the issue?
Fnable RlP auLhenLicaLion on R2.
lssue Lhe ip directed-broadcast command on R2.
Change Lhe subneL masks Lo 0..2.0/8 and 72.6.40.0/6 on R2.
Fnable CDP on R2 so LhaL Lhe oLher rouLers will receive rouLing updaLes.
30.
Refer to the exhibit. This seriaI interface is not functioning correctIy. Based on the output
shown, what is the most IikeIy cause?
improper LMl Lype
inLerace reseL
PPP negoLiaLion ailure
unplugged cable
3l. which statement is true about PAP in the authentication of a PPP session?
PAP uses a Lwo-way handshake.
1he password is unique and random.
PAP conducLs periodic password challenges.
PAP uses MD5 hashing Lo keep Lhe password secure.
32. An administrator is configuring a duaI stack router with lPv and lPv4 using RlPng. The
administrator receives an error message when trying to enter the lPv4 routes into RlPng.
what is the cause of the probIem?
When lPv4 and lPv6 are conigured on Lhe same inLerace, all lPv4 addresses are over-wriLLen in
avor o Lhe newer Lechnology.
lncorrecL lPv4 addresses are enLered on Lhe rouLer inLeraces.
RlPng is incompaLible wiLh dual-sLack Lechnology.
lPv4 is incompaLible wiLh RlPng.
33. what is tunneIing?
using digiLal cerLiicaLes Lo ensure LhaL daLa endpoinLs are auLhenLic
creaLing a hash Lo ensure Lhe inLegriLy o daLa as iL Lraverses a neLwork
using alLernaLe paLhs Lo avoid access conLrol lisLs and bypass securiLy measures
encapsulaLing an enLire packeL wiLhin anoLher packeL or Lransmission over a neLwork
34. which statement is true about NCP?
Link LerminaLion is Lhe responsibiliLy o NCP.
Fach neLwork proLocol has a corresponding NCP.
NCP esLablishes Lhe iniLial link beLween PPP devices.
NCP LesLs Lhe link Lo ensure LhaL Lhe link qualiLy is suicienL.
35.
Refer to the exhibit. A network administrator is creating a prototype to verify the new wAN
design. However, the communication between the two routers cannot be estabIished. Based
on the output of the commands, what can be done to soIve the probIem?
Replace Lhe serial cable .
Replace Lhe WlC on RA.
Conigure RA wiLh a cIock rate command.
lssue a no shutdown inLerace command on R8.
3.
Refer to the exhibit. Based on the output as shown, which two statements correctIy define
how the router wiII treat TeInet traffic that comes into interface lastthernet 0/l? (Choose
two).
1elneL Lo 72.6.0.0/24 is denied.
1elneL Lo 72.6.20.0/24 is denied.
1elneL Lo 72.6.0.0/24 is permiLLed.
1elneL Lo 72.6.0.0/24 is permiLLed.
1elneL Lo 72.6.20.0/24 is permiLLed.
37. which lrame ReIay fIow controI mechanism is used to signaI routers that they shouId
reduce the fIow rate of frames?
DF
8F
ClR
FFCN
C8lR
3.
Refer to the exhibit. A network administrator configures a standard access controI Iist on
Routerl to prohibit traffic from the l92.l.0.0/24 network from reaching the lnternet. The
access controI Iist aIso permits traffic from the l92.l.0.0/24 network to reach the
l92.l.l.0/24 network. On which interface and in which direction shouId the access controI
Iist be appIied?
inLerace Fa0/0, inbound
inLerace Fa0/0, ouLbound
inLerace S0/0/0, inbound
inLerace S0/0/0, ouLbound
39. which configuration on the vty Iines provides the best security measure for network
administrators to remoteIy access the core routers at headquarters?
Answer. 3nd opLion
40.
Refer to the exhibit. what can be concIuded from the exhibited output of the debug ip nat
command?
1he 0...225 hosL is exchanging packeLs wiLh Lhe 92.68.0.0 hosL.
1he naLive 0..200.254 address is being LranslaLed Lo 92.68.0.0.
1he 92.68.0.0/24 neLwork is Lhe inside neLwork.
PorL address LranslaLion is in eecL.
4l. A network administrator is instructing a technician on best practices for appIying ACLs.
which suggestion shouId the administrator provide?
Named ACLs are less eicienL Lhan numbered ACLs.
SLandard ACLs should be applied closesL Lo Lhe core layer.
ACLs applied Lo ouLbound inLeraces are Lhe mosL eicienL.
FxLended ACLs should be applied closesL Lo Lhe source LhaL is speciied by Lhe ACL.
42.
Refer to the exhibit. Headquarters is connected through the lnternet to branch office A and
branch office B. which wAN technoIogy wouId be best suited to provide secure connectivity
between headquarters and both branch offices?
A1M
vPN
lSDN
Frame Relay
broadband DSL
43. which three physicaI network probIems shouId be checked when a bottom-up
troubIeshooting approach has been chosen to troubIeshoot network performance? (Choose
three.)
cable connecLiviLy
high collision counLs
S1P ailures and loops
address mapping errors
high CPU uLilizaLion raLes
excess packeLs LhaL are ilLered by Lhe irewall
44.
Refer to the exhibit. A network administrator is attempting to configure a lrame ReIay
network. The administrator enters the commands as shown in the exhibit on R2, but the
lrame ReIay PVCs are inactive. what is the probIem?
1he incorrecL DLCl numbers are being conigured on R2.
1he S0/0/0 inLerace on R2 needs Lo be poinL-Lo-poinL.
1he frame-reIay map commands are missing Lhe cisco keyword aL Lhe end.
A single rouLer inLerace cannoL connecL Lo more Lhan one Frame Relay peer aL a Lime.
45. which lP address and wiIdcard mask wouId be used in an ACL to bIock traffic from aII
hosts on the same subnet as host l92.l.l.43/2?
access-lisL 0 deny 92.68.6.0 0.0.0.3
access-lisL 0 deny 92.68.6.6 0.0.0.3
access-lisL 0 deny 92.68.6.32 0.0.0.6
access-lisL 0 deny 92.68.6.32 0.0.0.5
access-lisL 0 deny 92.68.6.43 0.0.0.6
4. which combination of Layer 2 protocoI and authentication shouId be used to estabIish a
Iink without sending authentication information in pIain text between a Cisco and a non-
Cisco router?
PPP wiLh PAP
PPP wiLh CHAP
HDLC wiLh PAP
HDLC wiLh CHAP
47. when wouId the muItipoint keyword be used in lrame ReIay PVCs configuration?
when global DLCls are in use
when using physical inLeraces
when mulLicasLs musL be supporLed
when parLicipaLing rouLers are in Lhe same subneL
4. A network technician anaIyzes the network and notices Iate coIIisions. The coIIisions occur
accompanied by jabber that originates from the server. what is the IikeIy cause of the
probIem?
aulLy swiLch porL
web server CPU overload
aulLy NlC in Lhe web server
misconiguraLion o web server services
49.
Refer to the exhibit. Rl is performing NAT overIoad for the l0.l.l.0/24 inside network. Host
A has sent a packet to the web server. what is the destination lP address of the return packet
from the web server?
0...2.234
72.30.20..234
72.30.20..3333
92.68..2.80
50.
Refer to the exhibit. AII devices are configured as shown in the exhibit. PCl is unabIe to ping
the defauIt gateway. what is the cause of the probIem?
1he deaulL gaLeway is in Lhe wrong subneL.
S1P has blocked Lhe porL LhaL PC is connecLed Lo.
PorL Fa0/2 on S2 is assigned Lo Lhe wrong vLAN.
S2 has Lhe wrong lP address assigned Lo Lhe vLAN30 inLerace.
5l. when lrame ReIay encapsuIation is used, what feature provides fIow controI and
exchanges information about the status of virtuaI circuits?
LCP
LMl
DLCl
lnverse ARP
52. A network administrator is tasked with maintaining two remote Iocations in the same city.
Both Iocations use the same service provider and have the same service pIan for D5L service.
when comparing downIoad rates, it is noticed that the Iocation on the ast side of town has a
faster downIoad rate than the Iocation on the west side of town. How can this be expIained?
1he WesL side has a high volume o PO1S Lraic.
1he WesL side o Lown is downloading larger packeLs.
1he service provider is closer Lo Lhe locaLion on Lhe FasL side.
More clienLs share a connecLion Lo Lhe DSLAM on Lhe WesL side