Showing posts with label CCNA 4 v6.0. Show all posts

CCNA 4 Chapter 1 Exam Answers v5.0.3 & v6.0

1. A small company with 10 employees uses a single LAN to share information between computers. Which type of connection to the Internet would be appropriate for this company?private dedicated lines through their local service provider
  a dialup connection that is supplied by their local telephone service provider
  Virtual Private Networks that would enable the company to connect easily and securely with employees
  a broadband service, such as DSL, through their local service provider*
  
  For this small office, an appropriate connection to the Internet would be through a common broadband service called Digital Subscriber Line (DSL), available from their local telephone service provider. With so few employees, bandwidth is not a significant problem. If the company were bigger, with branch offices in remote sites, private lines would be more appropriate. Virtual Private Networks would be used if the company had employees who needed to connect to the company via Internet.
2. Which network scenario will require the use of a WAN?Employees need to connect to the corporate email server through a VPN while traveling.*
  Employees in the branch office need to share files with the headquarters office that is located in a separate building on the same campus network.
  Employees need to access web pages that are hosted on the corporate web servers in the DMZ within their building.
  Employee workstations need to obtain dynamically assigned IP addresses.
  
  When traveling employees need to connect to a corporate email server through a WAN connection, the VPN will create a secure tunnel between an employee laptop and the corporate network over the WAN connection. Obtaining dynamic IP addresses through DHCP is a function of LAN communication. Sharing files among separate buildings on a corporate campus is accomplished through the LAN infrastructure. A DMZ is a protected network inside the corporate LAN infrastructure.
3. Which statement describes a characteristic of a WAN?
  A WAN operates within the same geographic scope of a LAN, but has serial links.
  A WAN provides end-user network connectivity to the campus backbone.
  WAN networks are owned by service providers.*
  All serial links are considered WAN connections.
  
  WANs are used to interconnect the enterprise LAN to remote branch site LANs and telecommuter sites. A WAN is owned by a service provider. Although WAN connections are typically made through serial interfaces, not all serial links are connected to a WAN. LANs, not WANs, provide end-user network connectivity in an organization.
4. What are two common types of circuit-switched WAN technologies? (Choose two.)ISDN*
  DSL
  PSTN*
  ATM
  Frame Relay
  
  The two most common types of circuit-switched WAN technologies are the public switched telephone network (PSTN) and the integrated services digital network (ISDN). Frame Relay and ATM are packet-switched WAN technologies. DSL is a WAN technology that offers broadband Internet access.
5. Which two devices are needed when a digital leased line is used to provide a connection between the customer and the service provider? (Choose two.)dialup modem
  access server
  DSU*
  Layer 2 switch
  CSU*
  
  Digital leased lines require a channel service unit (CSU) and a data service unit (DSU). An access server concentrates dialup modem dial-in and dial-out user communications. Dialup modems are used to temporarily enable the use of analog telephone lines for digital data communications. A Layer 2 switch is used to connect a LAN.
6. What is a requirement of a connectionless packet-switched network?Full addressing information must be carried in each data packet.*
  A virtual circuit is created for the duration of the packet delivery.
  The network predetermines the route for a packet.
  Each packet has to carry only an identifier.
  
  A connection-oriented system predetermines the network path, creates a virtual circuit for the duration of the packet delivery, and requires that each packet only carry an identifier. A connectionless packet-switched network, such as the Internet, requires each data packet to carry addressing information.
7. What is an advantage of packet-switched technology over circuit-switched technology?Packet-switched networks do not require an expensive permanent connection to each endpoint.
  Packet-switched networks can efficiently use multiple routes inside a service provider network.*
  Packet-switched networks are less susceptible to jitter than circuit-switched networks are.
  Packet-switched networks usually experience lower latency than circuit-switched networks experience.
  
  Packet switching does not require a circuit to be established and is able to route packets across a shared network. The cost of packet switching is lower than that of circuit-switching.
8. A new corporation needs a data network that must meet certain requirements. The network must provide a low cost connection to sales people dispersed over a large geographical area. Which two types of WAN infrastructure would meet the requirements? (Choose two.)private infrastructure
  public infrastructure*
  satellite
  Internet*
  dedicated
  
  VPNs over the Internet provide low cost, secure connections to remote users. VPNs are deployed over the Internet public infrastructure.
9. What is a long distance fiber-optic media technology that supports both SONET and SDH, and assigns incoming optical signals to specific wavelengths of light?DWDM*
  ISDN
  MPLS
  ATM
  
  ISDN (Integrated Services Digital Network), ATM (Asynchronous Transfer Mode), and MPLS (Multiprotocol Label Switching) do not describe optic fiber technologies.
10. What are two common high-bandwidth fiber-optic media standards? (Choose two.)SONET*
  SDH*
  ANSI
  ATM
  ITU
  
  ATM (Asynchronous Transfer Mode) is a Layer 2 technology. ANSI (American National Standards Institute) and ITU (international Telecommunication Union) are standards organizations.
11. Which WAN technology is cell-based and well suited to carry voice and video traffic?VSAT
  Frame Relay
  ISDN
  ATM*
  
  ATM is cell-based architecture. The small and fixed cells are well-suited for carrying voice and video traffic because this traffic is intolerant of delay. Video and voice traffic do not have to wait for larger data packets to be transmitted. ISDN is circuit-switched. Frame Relay and VSAT are packet-switched.
12. Which two technologies use the PSTN network to provide an Internet connection? (Choose two.)MPLS
  ATM
  dialup*
  Frame Relay
  ISDN*
  
  Dialup and ISDN use the PSTN network to provide WAN connectivity. ATM, MPLS, and Frame Relay require the service providers to build a specific network cloud to support each technology.
13. A company needs to interconnect several branch offices across a metropolitan area. The network engineer is seeking a solution that provides high-speed converged traffic, including voice, video, and data on the same network infrastructure. The company also wants easy integration to their existing LAN infrastructure in their office locations. Which technology should be recommended?Frame Relay
  ISDN
  VSAT
  Ethernet WAN*
  
  Ethernet WAN uses many Ethernet standards and it connects easily to existing Ethernet LANs. It provides a switched, high-bandwidth Layer 2 network capable of managing data, voice, and video all on the same infrastructure. ISDN, while capable of supporting both voice and data, does not provide high bandwidth. VSAT uses satellite connectivity to establish a private WAN connection but with relatively low bandwidth. Use of VSAT, ISDN, and Frame Relay require specific network devices for the WAN connection and data conversion between LAN and WAN.
14. Which solution can provide Internet access to remote locations where no regular WAN services are available?WiMAX
  VSAT*
  Ethernet
  municipal Wi-Fi
  
  VSAT provides Internet access through satellites, which is a solution for remote areas. WiMAX and municipal Wi-Fi are used to provide Internet connections in a metropolitan area. Ethernet is a LAN technology.
15. Which WAN technology establishes a dedicated constant point-to-point connection between two sites?ATM
  Frame Relay
  ISDN
  leased lines*
  
  A leased link establishes a dedicated constant point-to-point connection between two sites. ATM is cell-switched. ISDN is circuit-switched. Frame Relay is packet-switched.
16. A customer needs a metropolitan area WAN connection that provides high-speed, dedicated bandwidth between two sites. Which type of WAN connection would best fulfill this need?MPLS
  Ethernet WAN*
  circuit-switched network
  packet-switched network
  
  MPLS can use a variety of underlying technologies such as T- and E-Carriers, Carrier Ethernet, ATM, Frame Relay, and DSL, all of which support lower speeds than an Ethernet WAN. Neither a circuit-switched network, such as the public switched telephone network (PSTN) or Integrated Service Digital Network (ISDN), nor a packet-switched network, is considered high speed.
17. Which feature is used when connecting to the Internet using DSL?DSLAM*
  LTE
  CMTS
  IEEE 802.16
  
  Long-Term Evolution (LTE) is used with cellular networks. IEEE 802.16 is used by WiMAX networks which provide high-speed broadband wireless service. The cable modem termination system (CMTS) is used by cable networks. A DSL access multiplexer (DSLAM) is used at an Internet provider location to connect multiple subscriber lines to the provider network.
18. Which connectivity method would be best for a corporate employee who works from home two days a week, but needs secure access to internal corporate databases?WiMAX
  DSL
  VPN*
  cable
  
  VPNs are used by companies for site-to-site connectivity and by remote users to connect securely into the corporate network by the use of VPN client software.
19. Which wireless technology provides Internet access through cellular networks?LTE*
  municipal WiFi
  satellite
  WiMAX
  
  LTE or LongTerm Evolution is a fourth-generation cellular access technology that supports Internet access.
20. A home user lives within 10 miles (16 kilometers) of the Internet provider network. Which type of technology provides high-speed broadband service with wireless access for this home user?municipal Wi-Fi
  DSL
  WiMAX*
  802.11
  
  WiMAX provides high-speed broadband service with wireless access and provides broad coverage. Municipal Wi-Fi is used for emergency services such as fire and police. DSL is a wired solution. 802.11 is a wireless LAN solution.
21. What is the recommended technology to use over a public WAN infrastructure when a branch office is connected to the corporate site?VPN*
  ATM
  ISDN
  municipal Wi-Fi
  
  ISDN and ATM are Layer 1 and 2 technologies that are typically used on private WANs. Municipal WiFi is a wireless public WAN technology. Corporate communications over public WANs should use VPNs for security.
22. What can cause a reduction in available bandwidth on a cable broadband connection?committed information rate
  number of subscribers*
  distance from the central office of the provider
  smaller cells
  
  Because the local subscribers share the same cable bandwidth, as more cable modem subscribers join the service, available bandwidth may decrease.
23. Which equipment is needed for an ISP to provide Internet connections through cable service?access server
  CMTS*
  CSU/DSU
  DSLAM
  
  The equipment located at a cable service provider office, the cable modem termination system (CMTS), sends and receives digital cable modem signals on a cable network to provide Internet services to cable subscribers. A DSLAM performs a similar function for DSL service providers. A CSU/DSU is used in leased line connections. Access servers are needed to process multiple simultaneous dial-up connections to a Central Office (CO).
24. Which geographic scope requirement would be considered a distributed WAN scope?one-to-many
  global
  regional
  local
  many-to-many*
  one-to-one
  
  In a business context, a one-to-one scope would encompass a corporation that has a single branch office. A one-to-many WAN scope would encompass a corporation with multiple branch offices. A distributed WAN would have many branch offices connected to many other sites.
25. A corporation is looking for a solution to connect multiple, newly established remote branch offices. Which consideration is important when selecting a private WAN connection rather than a public WAN connection?higher data transmission rate
  lower cost
  data security and confidentiality during transmission*
  website and file exchange service support
  
  A private WAN solution that involves dedicated links between sites offers the best security and confidentiality. Both private and public WAN solutions offer comparable connection bandwidth, depending on the technology chosen. Connecting multiple sites with private WAN connections could be very expensive. The website and file exchange service support is not relevant.
26. Question as presented:
27. Question as presented:

Older Version

What are two structured engineering principles necessary for successful implementation of a network design? (Choose two.)
- quality of service
- resiliency *
- modularity *
- security
- availability
What is an important first consideration when starting to design a network?
- access security
- type of applications
- size of the network*
- protocols to be used
Which two devices would commonly be found at the access layer of the hierarchical enterprise LAN design model? (Choose two.)
- access point*
- firewall
- Layer 2 switch*
- Layer 3 device
- modular switch
In which layer of the hierarchical enterprise LAN design model would PoE for VoIP phones and access points be considered?
- access*
- core
- data link
- distribution
- physical
Refer to the exhibit. Which type of Cisco hierarchical LAN design model is used at school site 1?
- 3 layer
- 7 layer
- two-tier collapsed core*
- three-tier
In a hierarchical network design, which layers may be combined into a collapsed core for smaller networks?
- core and access
- core and distribution*
- distribution and access
- core, distribution, and access
The network design for a college with users at five sites is being developed. Where in the campus network architecture would servers used by all users be located?
- access-distribution
- data center*
- enterprise edge
- services
What is one advantage to designing networks in building block fashion for large companies?
- failure isolation*
- increased network access time
- mobility
- redundancy
A network engineer wants to redesign the wireless network and make use of wireless network controllers that manage the many deployed wireless access points. In which network design module of the campus network architecture would the centralized wireless network controllers be found?
- access-distribution
- data center
- enterprise edge
- services*
Which network module is the fundamental component of a campus design?
- access-distribution module*
- services module
- data center
- enterprise edge
Which approach in networking allows for network changes, upgrades, or the introduction of new services in a controlled and staged fashion?
- borderless
- static
- modular*
- network module
Refer to the exhibit. Which type of ISP connectivity to the service provider edge is being used by company A?
- single-homed
- dual-homed
- multihomed*
- dual-multihomed
Which three network architectures have been introduced by Cisco to address the emerging technology challenges created by the evolving business models? (Choose three.)
- Cisco Borderless*
- Cisco Enterprise Edge
- Cisco Data Center*
- Cisco Enterprise Campus
- Cisco Collaboration*
- Cisco Enterprise Branch
Which layer of the Cisco Collaboration Architecture contains unified communications and conference software such as Cisco WebEx Meetings, WebEx Social, Cisco Jabber, and TelePresence?
- applications and devices*
- enterprise WAN
- services module
- service provider edge
Which Cisco technology allows diverse network devices to connect securely, reliably, and seamlessly to enterprise network resources?
- building distribution
- Cisco AnyConnect*
- enterprise edge
- service provider edge
What is creating a new challenge for IT departments by changing the border of the enterprise network?
- company-owned desktops
- access layer switching
- tablets*
- energy costs
Which network architecture functions through a combination of technologies that include wired, wireless, security, and more?
- Cisco Enterprise Campus
- Cisco Enterprise Branch
- Cisco Borderless*
- Cisco Enterprise Edge
Which network architecture combines individual components to provide a comprehensive solution allowing people to cooperate and contribute to the production of something?
- Cisco Enterprise Campus Architecture
- Cisco Enterprise Branch Architecture
- Cisco Borderless Network Architecture
- Cisco Collaboration Architecture*

Fill in the blank.
Reducing the complexity of network design by dividing a network into smaller areas is an example of a hierarchical network model.
Fill in the blank. Use the abbreviation.
Under the Cisco Enterprise Edge module, the submodule that provides remote access including authentication and IPS appliances is the VPN and remote access submodule.
Fill in the blank.
Reducing the complexity of network design by dividing a network into smaller
areas is an example of a ” hierarchical ” network model.
Match the layer to the corresponding device. (Not all options are used.)

Place the options in the following order:
– not scored –
core -> high-speed switches
access -> Layer 2 switches
distribution -> Layer 3 switches
Match the submodule to the correct Cisco Enterprise Architecture module. (Not all options are used.)

Place the options in the following order:
Cisco Enterprise Campus
[+] campus core
[+] building distribution
[+] data center
Cisco Enterprise Edge
[#] VPN and remote access
[#] DMZ
[#] e-commerce
What are two of the top trends that affect network architecture design? (Choose two.)
Internet security
internal security attacks
speed of Internet connectivity
cloud computing*
BYOD*
Why would a company want network engineers to adhere to structured engineering principles when designing networks?
The resiliency of a network depends on being able to modify portions of the network, add services, or increase network capacity without adding new hardware devices.
The network is not expected to remain available under abnormal conditions such as extreme traffic loads or denial-of-service events.
The network can be easily designed because of the separation of the various functions that exist on a network into modules.*
A hierarchical network model is a useful high-level tool for designing a reliable network infrastructure, although it increases the complexity of network design.
Refer to the exhibit.

Which Cisco Enterprise Architecture module is shown?
campus infrastructure
enterprise campus*
enterprise edge
remote
service provider edge
What feature is more important at the core layer than at any other hierarchical network design layer?
easy access of end devices
aggregation of network links
QoS classification and marking
data security
packet switching speed*
Which product corresponds to a layer of the Cisco Collaboration Architecture?
Mobility with Cisco Motion
Cisco Unified Management Solutions
Network and Computer Infrastructure*
Unified Fabric Solutions

When should a network performance baseline be measured?
- during normal work hours of an organization*
- immediately after the main network devices restarted
- after normal work hours to reduce possible interruptions
- when a denial of service attack to the network is detected and blocked
A network engineer issues the show cdp neighbor command on several network devices during the process of network documentation. What is the purpose of performing this command?
- to obtain information about directly connected Cisco devices*
- to check the networks that are advertised by the neighboring routers
- to verify the network addresses that are attached to the network devices
- to check the connectivity of PCs that are connected to the network devices
Users are reporting longer delays in authentication and in accessing network resources during certain time periods of the week. What kind of information should network engineers check to find out if this situation is part of a normal network behavior?
- syslog records and messages
- the network performance baseline*
- debug output and packet captures
- network configuration files

In which step of gathering symptoms does the network engineer determine if the problem is at the core, distribution, or access layer of the network?
- Document the symptoms.
- Determine the symptoms.
- Gather information.
- Determine ownership.
- Narrow the scope.*
A network technician is troubleshooting an email connection problem. Which question to the end-user will provide clear information to better define the problem?
- Is your email working now?
- How big are the emails you tried to send?
- What kind of equipment are you using to send emails?
- When did you first notice your email problem? *
A team of engineers has identified a solution to a significant network problem. The proposed solution is likely to affect critical network infrastructure components. What should the team follow while implementing the solution to avoid interfering with other processes and infrastructure?
- change-control procedures*
- one of the layered troubleshooting approaches
- knowledge base guidelines
- syslog messages and reports
After which step in the network troubleshooting process would one of the layered troubleshooting methods be used?
- documenting symptoms
- determining ownership
- narrowing the scope
- gathering symptoms from suspect devices*
A user reports that the workstation cannot connect to a networked printer in the office in order to print a report created with word processing software. Which troubleshooting action by the helpdesk technician would follow the divide-and-conquer approach?
- Ask the user to launch the web browser.
- Ask the user to save the working document.
- Ask the user to issue the ipconfig command.*
- Ask the user to unplug and reattach the network cable.
A network engineer is troubleshooting a network problem and can successfully ping between two devices. However, Telnet between the same two devices does not work. Which OSI layers should the administrator investigate next?
- all of the layers
- from the network layer to the application layer*
- from the network layer to the physical layer
- only the network layer
Which troubleshooting method begins by examining cable connections and wiring issues?
- top-down
- bottom-up*
- substitution
- divide-and-conquer
Which number represents the most severe level of syslog logging?
- 0*
- 1
- 7
- 10
- 100
A company is setting up a web site with SSL technology to protect the authentication credentials required to access the web site. A network engineer needs to verify that the setup is correct and that the authentication is indeed encrypted. Which tool should be used?
- fault-management tool
- protocol analyzer*
- baselining tool
- cable analyzer
Which two specialized troubleshooting tools can monitor the amount of traffic that passes through a switch? (Choose two.)
- TDR
- digital multimeter
- NAM*
- portable network analyzer*
- DTX cable analyzer
Refer to the exhibit. Which two statements describe the results of entering these commands? (Choose two.)
- R1 will send system messages of levels 0 (emergencies) to level 4 (warnings) to a server.*
- R1 will not send critical system messages to the server until the command debug all is entered.
- R1 will reset all the warnings to clear the log.
- R1 will output the system messages to the local RAM.
- The syslog server has the IPv4 address 192.168.10.10.*
An administrator is troubleshooting an Internet connectivity problem on a router. The output of the show interfaces gigabitethernet 0/0 command reveals higher than normal framing errors on the interface that connects to the Internet. At what layer of the OSI model is the problem likely occurring?
- Layer 1
- Layer 2*
- Layer 3
- Layer 4
- Layer 7
Users report that the new web site http://www.company1.biz cannot be accessed. The helpdesk technician checks and verifies that the web site can be accessed with http://www.company1.biz:90. Which layer in the TCP/IP model is involved in troubleshooting this issue?
- application
- transport*
- internet
- network access
A user reports that after an OS patch of the networking subsystem has been applied to a workstation, it performs very slowly when connecting to network resources. A network technician tests the link with a cable analyzer and notices that the workstation sends an excessive number of frames smaller than 64 bytes and also other meaningless frames. What is the possible cause of the problem?
- cabling faults
- corrupted NIC driver*
- Ethernet signal attenuation
- corrupted application installation
A network administrator is configuring SSH on a router. When verifying the configuration, the administrator notices that the SSH connection requests fail, but the Telnet connection requests from the same workstation are successful. Which two parts of the router configuration should be checked to try to locate the problem? (Choose two.)
- The ip access-class command is missing.
- The password is misconfigured on the console line.
- The transport input command is incorrect on the vty lines.*
- A standard ACL is possibly blocking the workstation from access to the router.
- An extended ACL that is referencing the port argument for SSH is misconfigured.*
A user in a large office calls technical support to complain that a PC has suddenly lost connectivity to the network. The technician asks the caller to talk to nearby users to see if other machines are affected. The caller reports that several immediate neighbors in the same department have a similar problem and that they cannot ping each other. Those who are seated in other departments have connectivity. What should the technician check as the first step in troubleshooting the issue?
- the power outlet to the PC that is used by the caller
- the trunks between switches in the wiring closet
- the status of the departmental workgroup switch in the wiring closet*
- the cable that connects the PC of the caller to the network jack
- the cable connection between a PC and a network outlet that is used by a neighbor
A group of Windows PCs in a new subnet has been added to an Ethernet network. When testing the connectivity, a technician finds that these PCs can access local network resources but not the Internet resources. To troubleshoot the problem, the technician wants to initially confirm the IP address and DNS configurations on the PCs, and also verify connectivity to the local router. Which three Windows CLI commands and utilities will provide the necessary information? (Choose three.)
- arp -a
- ipconfig*
- nslookup*
- ping*
- telnet
- tracert
- netsh interface ipv6 show neighbor
After cables were reconnected to a switch in a wiring closet, several PCs that had been previously configured manually can no longer access resources outside the local network. The PC configurations were not altered in the process and resources on the local network can still be accessed. What is a possible cause of the problem?
- The cabling to the PCs is faulty.
- The PCs are no longer on the correct VLAN.*
- The DHCP server has been misconfigured.
- The DNS configuration on the PCs is incorrect.
Refer to exhibit. A network engineer is troubleshooting a WAN connectivity problem. A ping to a remote router is successful and an attempt to telnet to the same router displays the exhibited output. What does the output verify?
- A Telnet password has not been configured on the remote router.
- The web server service is password protected.
- The transport layer is connecting successfully.*
- The remote router IPv6 address is incorrect.
Refer to the exhibit. On the basis of the output, which two statements about network connectivity are correct? (Choose two.)
- There is connectivity between this device and the device at 192.168.100.1.*
- The connectivity between these two hosts allows for videoconferencing calls.
- There are 4 hops between this device and the device at 192.168.100.1.*
- The average transmission time between the two hosts is 2 miliseconds.
- This host does not have a default gateway configured.
Fill in the blank.
Use the ARP cache to verify IPv4 address to Layer 2 Ethernet address mappings on a host computer.
Match the troubleshooting tool to the correct category. (Not all options are used.)

Place the options in the following order:
[+] CiscoView
[+] What’s Up Gold
[+] HP OpenviewBTO
[#] SolarWinds LAN surveyor
[#] CyberGauge software
[*] Internet search engines
[*] Cisco Tools & Resources web site
[+] Order does not matter within this group.
[#] Order does not matter within this group.
[*] Order does not matter within this group.
Here are some updated questions and answers as of 08/18/20115. (Currently in class)
26. Which statement describes the physical topology for a LAN?
It shows the order in which hosts access the network.
It describes whether the LAN is a broadcast or token-passing network.
It defines how hosts and network devices connect to the LAN.*
It depicts the addressing scheme that is employed in the LAN.
27. What is a purpose of establishing a network baseline?
It provides a statistical average for network performance.
It checks the security configuration of network devices.
It manages the performance of network devices.
It creates a point of reference for future network evaluations.*
28. The newly configured ASBR that connects a company to the Internet has a default route configured and has the default-information originate command entered. Devices connected through this router can access the Internet. The problem is that no other OSPF routers have a default route in the routing table and no other users throughout the organization can access the Internet. What could be the problem?
The ASBR should use the exit_interface argument instead of next-hop on the default route.
The ASBR does not have OSPF configured.
The ASBR does not have an OSPF neighbor.*
The other routers are not configured to accept LSA type 4s.
29. An internal corporate server can be accessed by internal PCs, but not by external Internet users that should have access. What could be the issue?
The switch port to which the server connects has an incorrect VLAN configured.
Static NAT has not been configured properly or at all.*
The default gateway router for the server does not have a default route.
The server does not have a private IP address assigned.
30. A networked PC is having trouble accessing the Internet, but can print to a local printer and ping other computers in the area. Other computers on the same network are not having any issues. What is the problem?
The default gateway router does not have a default route.
The switch port to which the PC connects has an incorrect VLAN configured.
The PC has a missing or incorrect default gateway.*
The link between the switch to which the PC connects and the default gateway router is down.
31. Which type of tool would an administrator use to capture packets that are going to and from a particular device?
baselining tool
protocol analyzer*
knowledge base
NMS tool

1. What is an example of an M2M connection in the IoT?A user sends an email over the Internet to a friend.
  Sensors in a warehouse communicate with each other and send data to a server block in the cloud.*
  Redundant servers communicate with each other to determine which server should be active or standby.
  An automated alarm system in a campus sends fire alarm messages to all students and staff.
  
  The Internet of Things (IoT) connects devices that traditionally are not connected to the Internet, such as sensors and actuators. A machine-to-machine (M2M) connection is unique to the IoT in that devices are connected together and communicate with each other. These devices can send data to a server block in the cloud for analysis and further operation change.
2. What is the term for the extension of the existing Internet structure to billions of connected devices?M2M
  digitization
  IoT*
  SCADA
  
  The Internet of Things (IoT) refers to the interconnection of billions of things, or “smart dust.” SCADA refers to a type of IoT system applied to the industrial Internet. Digitization has several meanings. It can refer to the process of converting analog to digital, or it can refer to the process by which an organization modernizes by planning and ultimately building, a sophisticated and forward-thinking IT network ecosystem that will allow for greater connectivity, productivity, and security. Finally, M2M refers to communication from machine to machine.
3. Which statement describes the Cisco IoT System?It is a switch operating system to integrate many Layer 2 security features.
  It is an advanced routing protocol for cloud computing.
  It is an infrastructure to manage large scale systems of very different endpoints and platforms.*
  It is a router operating system combining IOS and Linux for fog computing.
  
  Cisco developed the Cisco IoT System to help organizations and industries adopt IoT solutions. The IoT system provides an infrastructure to manage large scale systems of very different endpoints and platforms, and the huge amount of data that they create. Cisco IOx combines IOS and Linux to support fog computing.
4. Which three network models are described in the fog computing pillar of the Cisco IoT System? (Choose three.)fog computing*
  client/server*
  P2P
  cloud computing*
  peer-to-peer
  enterprise WAN
  
  The network models describe how data flows within a network. The network models described in the Fog computing pillar of the Cisco IoT System include:
  Client/Server model – Client devices request services of servers. Servers are often located locally and managed by the organization.
  Cloud computing model – a newer model where servers and services are dispersed globally in distributed data centers. Data is synchronized across multiple servers.
  Fog computing – This model identifies a distributed computing infrastructure closer to the network edge. It enables edge devices to run applications locally and make immediate decisions.
5. Which IoT pillar extends cloud connectivity closer to the network edge?network connectivity pillar
  fog computing pillar*
  management and automation pillar
  application enablement platform pillar
  
  By running distributed computing infrastructure closer to the network edge, fog computing enables edge devices to run applications locally and make immediate decisions.
6. Which cybersecurity solution is described in the security pillar of the Cisco IoT System to address the security of power plants and factory process lines?IoT network security
  cloud computing security
  operational technology specific security*
  IoT physical security
  
  The Cisco IoT security pillar offers scalable cybersecurity solutions that include the following:
  Operational Technology specific security – the hardware and software that keeps the power plants running and manages factory process lines
  IoT Network security – network and perimeter security devices such as switches, routers, and ASA Firewall devices
  IoT Physical Security – include Cisco Video Surveillance IP Cameras that enable surveillance in a wide variety of environments
7. Which cloud computing opportunity would provide the use of network hardware such as routers and switches for a particular company?infrastructure as a service (IaaS)*
  software as a service (SaaS)
  browser as a service (BaaS)
  wireless as a service (WaaS)
  
  This item is based on information contained in the presentation.
  Routers, switches, and firewalls are infrastructure devices that can be provided in the cloud.
8. What technology allows users to access data anywhere and at any time?Cloud computing*
  virtualization
  micromarketing
  data analytics
  
  Cloud computing allows organizations to eliminate the need for on-site IT equipment, maintenance, and management. Cloud computing allows organizations to expand their services or capabilities while avoiding the increased costs of energy and space.
9. The exhibit is not required to answer the question. The exhibit shows a fog covering trees on the side of a mountain.What statement describes Fog computing? It requires Cloud computing services to support non-IP enabled sensors and controllers.
  It supports larger networks than Cloud computing does.
  It creates a distributed computing infrastructure that provides services close to the network edge.*
  It utilizes a centralized computing infrastructure that stores and manipulates big data in one very secure data center.
  
  Three of the defining characteristics of Fog computing are as follows:
  its proximity to end-users
  its distributed computing infrastructure that keeps it closer to the network edge
  its enhanced security since data is not released into the Cloud
10. Which Cloud computing service would be best for a new organization that cannot afford physical servers and networking equipment and must purchase network services on-demand?ITaaS
  SaaS
  PaaS
  IaaS*
  
  Infrastructure as a service (IaaS) provides an environment where users have an on-demand infrastructure that they can install any platform as needed.
11. Which cloud model provides services for a specific organization or entity?a public cloud
  a hybrid cloud
  a private cloud*
  a community cloud
  
  Private clouds are used to provide services and applications to a specific organization and may be set up within the private network of the organization or managed by an outside organization.
12. How does virtualization help with disaster recovery within a data center?improvement of business practices
  supply of consistent air flow
  support of live migration*
  guarantee of power
  
  Live migration allows moving of one virtual server to another virtual server that could be in a different location that is some distance from the original data center.
13. What is a difference between the functions of Cloud computing and virtualization?Cloud computing separates the application from the hardware whereas virtualization separates the OS from the underlying hardware.*
  Cloud computing requires hypervisor technology whereas virtualization is a fault tolerance technology.
  Cloud computing utilizes data center technology whereas virtualization is not used in data centers.
  Cloud computing provides services on web-based access whereas virtualization provides services on data access through virtualized Internet connections.
  
  Cloud computing separates the application from the hardware. Virtualization separates the OS from the underlying hardware. Virtualization is a typical component within cloud computing. Virtualization is also widely used in data centers. Although the implementation of virtualization facilitates an easy server fault tolerance setup, it is not a fault tolerance technology by design. The Internet connection from a data center or service provider needs redundant physical WAN connections to ISPs.
14. Which two business and technical challenges does implementing virtualization within a data center help businesses to overcome? (Choose two.)physical footprint*
  server hardware needs
  virus and spyware attacks
  power and air conditioning*
  operating system license requirements
  
  Traditionally, one server was built within one machine with one operating system. This server required power, a cool environment, and a method of backup. Virtualized servers require more robust hardware than a standard machine because a computer or server that is in a virtual machine commonly shares hardware with one or more servers and operating systems. By placing multiple servers within the same physical case, space is saved. Virtualized systems still need the proper licenses for operating systems or applications or both and still need the proper security applications and settings applied.
15. Which statement describes the concept of cloud computing?separation of operating system from hardware
  separation of management plane from control plane
  separation of application from hardware*
  separation of control plane from data plane
  
  Cloud computing is used to separate the application or service from hardware. Virtualization separates the operating system from the hardware.
16. Which is a characteristic of a Type 2 hypervisor?best suited for enterprise environments
  installs directly on hardware
  does not require management console software*
  has direct access to server hardware resources
  
  Type 2 hypervisors are hosted on an underlaying operating system and are best suited for consumer applications and those experimenting with virtualization. Unlike Type 1 hypervisors, Type 2 hypervisors do not require a management console and do not have direct access to hardware.
17. Which is a characteristic of a Type 1 hypervisor?does not require management console software
  installed directly on a server*
  installed on an existing operating system
  best suited for consumers and not for an enterprise environment
  
  Type 1 hypervisors are installed directly on a server and are known as “bare metal” solutions giving direct access to hardware resources. They also require a management console and are best suited for enterprise environments.
18. How is the control plane modified to operate with network virtualization?Control plane redundancy is added to each network device.
  The control plane on each device is interconnected to a dedicated high-speed network.
  A hypervisor is installed in each device to allow multiple instances of the control plane.
  The control plane function is consolidated into a centralized controller.*
  
  In network virtualization design, the control plane function is removed from each network device and is performed by a centralized controller. The centralized controller communicates control plane functions to each network device and each device focuses on forwarding data.
19. Which technology virtualizes the network control plane and moves it to a centralized controller?IaaS
  SDN*
  fog computing
  cloud computing
  
  Networking devices operate in two planes: the data plane and the control plane. The control plane maintains Layer 2 and Layer 3 forwarding mechanisms using the CPU. The data plane forwards traffic flows. SDN virtualizes the control plane and moves it to a centralized network controller.
20. Which two layers of the OSI model are associated with SDN network control plane functions that make forwarding decisions? (Choose two.)Layer 1
  Layer 2*
  Layer 3*
  Layer 4
  Layer 5
  
  The SDN control plane uses the Layer 2 ARP table and the Layer 3 routing table to make decisions about forwarding traffic.
21. What pre-populates the FIB on Cisco devices that use CEF to process packets?the adjacency table
  the routing table*
  the DSP
  the ARP table
  
  CEF uses the FIB and adjacency table to make fast forwarding decisions without control plane processing. The adjacency table is pre-populated by the ARP table and the FIB is pre-populated by the routing table.
22. Which type of hypervisor would most likely be used in a data center?Type 1*
  Hadoop
  Nexus
  Type 2
  
  The two type of hypervisors are Type 1 and Type 2. Type 1 hypervisors are usually used on enterprise servers. Enterprise servers rather than virtualized PCs are more likely to be in a data center.
23. What component is considered the brains of the ACI architecture and translates application policies?the Application Network Profile endpoints
  the Nexus 9000 switch
  the hypervisor
  the Application Policy Infrastructure Controller*
  
  The ACI architecture consists of three core components: the Application Network Profile, the Application Policy Infrastructure Controller, which serves as the brains of the ACI architecture, and the Cisco Nexus 9000 switch.
24. Fill in the blank.
  In an IoT implementation, devices will be connected to a
  network to share the same infrastructure and to facilitate communications, analytics, and management.
  Correct Answer: converged
  Currently, many things are connected using a loose collection of independent use-specific networks. In an IoT implementation, devices will be connected to a converged network to share the same infrastructure and to facilitate communications, analytics, and management.
25. Fill in the blank.
  In a scenario where a user with a laptop running the Mac OS installs a Windows virtual OS instance, the user is implementing a Type
  hypervisor.
  Correct Answer: 2
  Type 2 hypervisors, also know as hosted hypervisors, are installed on top of an existing operating system, such as Mac OS, Windows, or Linux.

Older Version

A network design engineer is planning the implementation of a cost-effective method to interconnect multiple networks securely over the Internet. Which type of technology is required?
- a GRE IP tunnel
- a leased line
- a VPN gateway*
- a dedicated ISP
What is one benefit of using VPNs for remote access?
- lower protocol overhead
- ease of troubleshooting
- potential for reduced connectivity costs*
- increased quality of service
How is “tunneling” accomplished in a VPN?
- New headers from one or more VPN protocols encapsulate the original packets.*
- All packets between two hosts are assigned to a single physical medium to ensure that the packets are kept private.
- Packets are disguised to look like other types of traffic so that they will be ignored by potential attackers.
- A dedicated circuit is established between the source and destination devices for the duration of the connection.
Two corporations have just completed a merger. The network engineer has been asked to connect the two corporate networks without the expense of leased lines. Which solution would be the most cost effective method of providing a proper and secure connection between the two corporate networks?
- Cisco AnyConnect Secure Mobility Client with SSL
- Cisco Secure Mobility Clientless SSL VPN
- Frame Relay
- remote access VPN using IPsec
- site-to-site VPN*
Which two scenarios are examples of remote access VPNs? (Choose two.)
- A toy manufacturer has a permanent VPN connection to one of its parts suppliers.
- All users at a large branch office can access company resources through a single VPN connection.
- A mobile sales agent is connecting to the company network via the Internet connection at a hotel.*
- A small branch office with three employees has a Cisco ASA that is used to create a VPN connection to the HQ.
- An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.*
Which statement describes a feature of site-to-site VPNs?
- The VPN connection is not statically defined.
- VPN client software is installed on each host.
- Internal hosts send normal, unencapsulated packets.*
- Individual hosts can enable and disable the VPN connection.
What is the purpose of the generic routing encapsulation tunneling protocol?
- to provide packet level encryption of IP traffic between remote sites
- to manage the transportation of IP multicast and multiprotocol traffic between remote sites*
- to support basic unencrypted IP tunneling using multivendor routers between remote sites
- to provide fixed flow-control mechanisms with IP tunneling between remote sites
Which remote access implementation scenario will support the use of generic routing encapsulation tunneling?
- a mobile user who connects to a router at a central site
- a branch office that connects securely to a central site
- a mobile user who connects to a SOHO site
- a central site that connects to a SOHO site without encryption*
Refer to the exhibit. A tunnel was implemented between routers R1 and R2. Which two conclusions can be drawn from the R1 command output? (Choose two.)
- This tunnel mode is not the default tunnel interface mode for Cisco IOS software.
- This tunnel mode provides encryption.
- The data that is sent across this tunnel is not secure.*
- This tunnel mode does not support IP multicast tunneling.
- A GRE tunnel is being used.*
Refer to the exhibit. Which IP address would be configured on the tunnel interface of the destination router?
- 172.16.1.1
- 172.16.1.2*
- 209.165.200.225
- 209.165.200.226
Which statement correctly describes IPsec?
- IPsec works at Layer 3, but can protect traffic from Layer 4 through Layer 7.*
- IPsec uses algorithms that were developed specifically for that protocol.
- IPsec implements its own method of authentication.
- IPsec is a Cisco proprietary standard.
Which function of IPsec security services allows the receiver to verify that the data was transmitted without being changed or altered in any way?
- anti-replay protection
- authentication
- data integrity*
- confidentiality
Which statement describes a characteristic of IPsec VPNs?
- IPsec is a framework of Cisco proprietary protocols.
- IPsec can secure traffic at Layers 1 through 3.
- IPsec encryption causes problems with routing.
- IPsec works with all Layer 2 protocols.*
What is an IPsec protocol that provides data confidentiality and authentication for IP packets?
- AH
- ESP*
- RSA
- IKE
What two encryption algorithms are used in IPsec VPNs? (Choose two.)
- DH
- PSK
- IKE
- AES *
- 3DES*
Which algorithm is an asymmetrical key cryptosystem?
- RSA*
- AES
- 3DES
- DES
Which two algorithms use Hash-based Message Authentication Code for message authentication? (Choose two.)
- 3DES
- DES
- AES
- MD5 *
- SHA*
Which three statements describe the building blocks that make up the IPsec protocol framework? (Choose three.)
- IPsec uses encryption algorithms and keys to provide secure transfer of data.*
- IPsec uses Diffie-Hellman algorithms to encrypt data that is transferred through the VPN.
- IPsec uses 3DES algorithms to provide the highest level of security for data that is transferred through a VPN.
- IPsec uses secret key cryptography to encrypt messages that are sent through a VPN.*
- IPsec uses Diffie-Hellman as a hash algorithm to ensure integrity of data that is transmitted through a VPN.
- IPsec uses ESP to provide confidential transfer of data by encrypting IP packets.*
A network design engineer is planning the implementation of an IPsec VPN. Which hashing algorithm would provide the strongest level of message integrity?
- SHA-1
- MD5
- AES
- 512-bit SHA*
What is the purpose of utilizing Diffie-Hellman (DH) algorithms as part of the IPsec standard?
- DH algorithms allow unlimited parties to establish a shared public key that is used by encryption and hash algorithms.
- DH algorithms allow two parties to establish a shared secret key that is used by encryption and hash algorithms.*
- DH algorithms allow unlimited parties to establish a shared secret key that is used by encryption and hash algorithms.
- DH algorithms allow two parties to establish a shared public key that is used by encryption and hash algorithms.
What is the purpose of a message hash in a VPN connection?
- It ensures that the data cannot be read in plain text.
- It ensures that the data has not changed while in transit.*
- It ensures that the data is coming from the correct source.
- It ensures that the data cannot be duplicated and replayed to the destination.
Which Cisco VPN solution provides limited access to internal network resources by utilizing a Cisco ASA and provides browser-based access only?
- clientless SSL VPN*
- client-based SSL VPN
- SSL
- IPsec
What key question would help determine whether an organization should use an SSL VPN or an IPsec VPN for the remote access solution of the organization?
- Is a Cisco router used at the destination of the remote access tunnel?
- What applications or network resources do the users need for access?
- Are both encryption and authentication required?
- Do users need to be able to connect without requiring special VPN software?*
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question. What problem is preventing the hosts from communicating across the VPN tunnel?

The EIGRP configuration is incorrect.
The tunnel destinations addresses are incorrect.
The tunnel IP addresses are incorrect.*
The tunnel source interfaces are incorrect
Which critical function that is provided by IPsec ensures that data has not been changed in transit between the source and destination?
integrity*
anti-replay protection
confidentiality
authentication
Which service of IPsec verifies that secure connections are formed with the intended sources of data?
encryption
authentication*
confidentiality
data integrity
Fill in the blank.
“__GRE__” is a site-to-site tunnel protocol developed by Cisco to allow multiprotocol and IP multicast traffic between two or more sites.
What is an advantage of using the Cisco Secure Mobility Clientless SSL VPN?
Security is provided by prohibiting network access through a browser.
Any device can connect to the network without authentication.
Clients do not require special software.*
Clients use SSH to access network resources.
How can the use of VPNs in the workplace contribute to lower operating costs?
VPNs prevents connectivity to SOHO users.
VPNs can be used across broadband connections rather than dedicated WAN links.*
VPNs require a subscription from a specific Internet service provider that specializes in secure connections.
High-speed broadband technology can be replaced with leased lines.
Which two characteristics describe IPsec VPNs? (Choose two.)
Key lengths range from 40 bits to 256 bits.
IPsec authentication is one-way or two-way.
Specific PC client configuration is required to connect to the VPN.*
IPsec is specifically designed for web-enabled applications.
IPsec authenticates by using shared secrets or digital certificates.*

When should a network performance baseline be measured?after normal work hours to reduce possible interruptions
during normal work hours of an organization*
when a denial of service attack to the network is detected and blocked
immediately after the main network devices restarted

The purpose of a network performance baseline is to record the characteristics of a network during normal operations. This can be used as a standard to determine when a network is performing abnormally. Measurements that are performed during particular circumstances (such as main network device restart or after working hours) will result in an inaccurate set of characteristics for the purpose of a baseline. A DoS attack might cause abnormal network performance, but once it is blocked, network performance should return to normal, so there is no immediate need to measure performance in order to establish a baseline.
What is a purpose of establishing a network baseline?It provides a statistical average for network performance.
It creates a point of reference for future network evaluations.*
It manages the performance of network devices.
It checks the security configuration of network devices.

A baseline is used to establish normal network or system performance. It can be used to compare with future network or system performances in order to detect abnormal situations.
Which three pieces of information are typically recorded in a logical topology diagram? (Choose three.)device models and manufacturers
device locations
cable specifications
static routes*
routing protocols*
IP address and prefix lengths*

There are two types of network topology diagrams: physical topology diagrams and logical topology diagrams. Logical topology diagrams show how devices are logically connected and how data moves through the network. Logical topology diagrams include information such as IP addresses, routing protocols, and static routes.
In which step of gathering symptoms does the network engineer determine if the problem is at the core, distribution, or access layer of the network?Determine the symptoms.
Narrow the scope.*
Determine ownership.
Gather information.
Document the symptoms.

In the “narrow the scope” step of gathering symptoms, a network engineer will determine if the network problem is at the core, distribution, or access layer of the network. Once this step is complete and the layer is identified, the network engineer can determine which pieces of equipment are the most likely cause.
A team of engineers has identified a solution to a significant network problem. The proposed solution is likely to affect critical network infrastructure components. What should the team follow while implementing the solution to avoid interfering with other processes and infrastructure?syslog messages and reports
one of the layered troubleshooting approaches
knowledge base guidelines
change-control procedures*

Change-control procedures should be established and applied for each stage to ensure a consistent approach to implementing the solutions, and to enable changes to be rolled back if they cause other unforeseen problems.
Refer to the exhibit. What action occurs at stage 3 of the general troubleshooting process?

Document symptoms.
Question end users.
Narrow the scope.
Correct the problem.*
There are three stages in the general troubleshooting process:
Gather symptoms
Isolate the problem
Correct the problem
If the problem is not corrected, the administrator documents the attempted solution, removes any changes made, and returns to gathering symptoms.
After which step in the network troubleshooting process would one of the layered troubleshooting methods be used?documenting symptoms
determining ownership
narrowing the scope
gathering symptoms from suspect devices*

A layered troubleshooting approach (top-down, bottom-up, or divide-and-conquer) is used to gather hardware and software symptoms from the suspect devices.
A network technician is troubleshooting an email connection problem. Which question to the end-user will provide clear information to better define the problem?How big are the emails you tried to send?
What kind of equipment are you using to send emails?
Is your email working now?
When did you first notice your email problem?*

To efficiently establish exactly when the user first experienced email problems, an open-ended question should be asked so that the user can state the day and time that the problem was first noticed. Closed questions only require a yes or no answer which will require further questions to determine the actual time of the problem.
A network engineer is troubleshooting a network problem and can successfully ping between two devices. However, Telnet between the same two devices does not work. Which OSI layers should the administrator investigate next?from the network layer to the physical layer
all of the layers
only the network layer
from the network layer to the application layer*

A successful ping indicates that everything is working on the physical, data link, and network layer. All of the other layers should be investigated.
A network administrator is having issues with a newly installed network not appearing in other routers. At which layer of the OSI model is the network administrator going to start the troubleshooting process when using a top-down approach?internet
application
network*
session
transport

Routing is a Layer 3 process. The network layer is another name for Layer 3. The top-down method of troubleshooting typically starts at the application layer, but when a problem is definitely a routing problem, there is no need for troubleshooting to be performed at the higher levels. The problem can only be a Layer 1, 2, or 3 problem.
Which troubleshooting method begins by examining cable connections and wiring issues?top-down
divide-and-conquer
substitution
bottom-up*

In troubleshooting with the bottom-up method, a technician would start with the physical components of the network and move up through the layers of the OSI model until the cause of the problem is identified.
Refer to the exhibit. On the basis of the information presented, which two IP SLA related statements are true? (Choose two.)
IP SLA 99 will run forever unless explicitly disabled.*
IP SLA 99 is measuring jitter.
IP SLA 99 is configured with the type dns target-addr 192.168.2.1 command.
IP SLA 99 is sending echo requests from IP address 192.168.2.1.
IP SLA 99 is scheduled to begin in 2 hours.
IP SLA 99 is sending echo requests every 10 seconds.*

From the output, the IP SLA is configured to perform icmp-echo, the target device is 192.168.2.1, and the icmp-echo requests are sent every 10 seconds. “Start Time already passed” indicates that the operation has started. The “Life” parameter indicates that the setting is “Forever”.
A company is setting up a web site with SSL technology to protect the authentication credentials required to access the web site. A network engineer needs to verify that the setup is correct and that the authentication is indeed encrypted. Which tool should be used?baselining tool
cable analyzer
protocol analyzer*
fault-management tool

To verify that the authentication is indeed encrypted, the authentication process needs to be captured and investigated, which can be accomplished through a protocol analyzer, such as Wireshark. A baselining tool is used for automating the network documentation and baselining process. A fault-management tool is used to manage the fault tolerance of network devices . A cable analyzer is used to test and certify copper and fiber cables for different services and standards.
Which category of software troubleshooting tools provides device-level monitoring, configuration, and fault-management?host-based protocol analyzers
baselining tools
knowledge bases
network management system tools*

Network management system (NMS) tools include device-level monitoring, configuration, and fault-management tools. Knowledge bases are online repositories of experience-based information. Baselining tools perform tasks of network baselining documentation, network diagram drawings, and network performance statistics establishment. Host-based protocol analyzers capture and decode the various protocol layers in a recorded frame and present the information in a relatively easy to use format.
Which two specialized troubleshooting tools can monitor the amount of traffic that passes through a switch? (Choose two.)DTX cable analyzer
TDR
digital multimeter
portable network analyzer*
NAM*

Network analysis modules and portable network analyzers such as the Fluke OptiView can monitor network traffic to investigate the amount of data going through switch ports. TDRs, DMMs, and DTX cable analyzers are used to investigate physical media errors and lengths.
Which number represents the most severe level of syslog logging?0*
1
6
7

Syslog levels are numbered 0 through 7, with 0 being the most severe and 7 being the least severe.
A user in a large office calls technical support to complain that a PC has suddenly lost connectivity to the network. The technician asks the caller to talk to nearby users to see if other machines are affected. The caller reports that several immediate neighbors in the same department have a similar problem and that they cannot ping each other. Those who are seated in other departments have connectivity. What should the technician check as the first step in troubleshooting the issue?the power outlet to the PC that is used by the caller
the cable connection between a PC and a network outlet that is used by a neighbor
the cable that connects the PC of the caller to the network jack
the status of the departmental workgroup switch in the wiring closet*
the trunks between switches in the wiring closet
A user reports that after an OS patch of the networking subsystem has been applied to a workstation, it performs very slowly when connecting to network resources. A network technician tests the link with a cable analyzer and notices that the workstation sends an excessive number of frames smaller than 64 bytes and also other meaningless frames. What is the possible cause of the problem?corrupted application installation
cabling faults
corrupted NIC driver*
Ethernet signal attenuation

The symptom of excessive runt packets and jabber is typically a Layer 1 issue, such as caused by a corrupted NIC driver, which could be the result of a software error during the NIC driver upgrade process. Cable faults would cause intermittent connections, but in this case, the network is not touched and the cable analyzer has detected frame problems, not signal problems. Ethernet signal attenuation is caused by an extended or long cable, but in this case, the cable has not been changed. A NIC driver is part of the operating system, it is not an application.
An administrator is troubleshooting an Internet connectivity problem on a router. The output of the show interfaces gigabitethernet 0/0 command reveals higher than normal framing errors on the interface that connects to the Internet. At what layer of the OSI model is the problem likely occurring?Layer 1
Layer 2*
Layer 3
Layer 4
Layer 7

Framing errors are symptoms of problems at the data link layer, Layer 2, of the OSI model.
A group of Windows PCs in a new subnet has been added to an Ethernet network. When testing the connectivity, a technician finds that these PCs can access local network resources but not the Internet resources. To troubleshoot the problem, the technician wants to initially confirm the IP address and DNS configurations on the PCs, and also verify connectivity to the local router. Which three Windows CLI commands and utilities will provide the necessary information? (Choose three.)ping*
arp -a
netsh interface ipv6 show neighbor
nslookup*
tracert
ipconfig*
telnet

The ipconfig and nslookup commands will provide initial IP address and DNS configuration information to the technicians and determine if DHCP is assigning correct information to the PCs. The ping utility would be used to verify, or not, connectivity to the default gateway (router) using the configured default gateway address, or using the known correct default gateway address if these are found to be different. The arp -a or netsh interface ipv6 show neighbor commands could be used if the problem is then suspected to be an IP address to MAC address mapping issue. The telnet and tracert utilities could be used to determine where the problem was located in the network if the default gateway configuration was found to be correct.
Users report that the new web site http://www.company1.biz cannot be accessed. The helpdesk technician checks and verifies that the web site can be accessed with http://www.company1.biz:90. Which layer in the TCP/IP model is involved in troubleshooting this issue?transport*
application
network access
internet

The issue is that the new web site is configured with TCP port 90 for HTTP, which is different from the normal TCP port 80. Therefore, this is a transport layer issue.
A networked PC is having trouble accessing the Internet, but can print to a local printer and ping other computers in the area. Other computers on the same network are not having any issues. What is the problem?The PC has a missing or incorrect default gateway.*
The link between the switch to which the PC connects and the default gateway router is down.
The switch port to which the PC connects has an incorrect VLAN configured.
The default gateway router does not have a default route.

< div class="message_box success">Since other computers on the same network work properly, the default gateway router has a default route and the link between the workgroup switch and the router works. An incorrectly configured switch port VLAN would not cause these symptoms.

The newly configured ASBR that connects a company to the Internet has a default route configured and has the default-information originate command entered. Devices connected through this router can access the Internet. The problem is that no other OSPF routers have a default route in the routing table and no other users throughout the organization can access the Internet. What could be the problem?The ASBR should use the exit_interface argument instead of next-hop on the default route.
The ASBR does not have OSPF configured.
The ASBR does not have an OSPF neighbor.*
The other routers are not configured to accept LSA type 4s.

Because no other routers have a default route, the most likely problem is the link between the ASBR and other OSPF routers, or the advertisement of that link between the ASBR and the other OSPF routers. Cisco routers configured with OSPF automatically accept the common LSAs such as 1, 2, 3, 4, 5, and 7. The ASBR has OSPF configured or the default-information originate command would not have been able to have been entered.

An internal corporate server can be accessed by internal PCs, but not by external Internet users that should have access. What could be the issue?The default gateway router for the server does not have a default route.
The switch port to which the server connects has an incorrect VLAN configured.
The server does not have a private IP address assigned.
Static NAT has not been configured properly or at all.*

NAT/PAT allows a private IP address to be translated into a public address so that external users can access internal devices. Static NAT assigns one public address to a private address and is used with internal servers.

Fill in the blank.
Use the
cache to verify IPv4 address to Layer 2 Ethernet address mappings on a host computer.
Correct Answer: ARP

The ARP cache is used to store IPv4 addresses and the Ethernet physical addresses or MAC addresses to which the IPv4 addresses are mapped. Incorrect mappings of IP addresses to MAC addresses can result in loss of end-to-end connectivity.

Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
A user reports that PC0 cannot visit the web server www.server.com. Troubleshoot the network configuration to identify the problem.
What is the cause of the problem?The clock rate on Branch S0/0/0 is configured incorrectly.
A serial interface encapsulation is configured incorrectly.*
The DNS server address on PC0 is configured incorrectly.
A default route on HQ is not configured.

The status of interface S0/0/0 is up but the line protocol is down. A possible problem could be a framing error or an encapsulation error.

Older Version

What are the most common syslog messages?

those that occur when a packet matches a parameter condition in an access control list
link up and link down messages*
output messages that are generated from debug output
error messages about hardware or software malfunctions

When logging is used, which severity level indicates that a device is unusable?

Alert – Level 1
Critical – Level 2
Emergency – Level 0*
Error – Level 3

Refer to the exhibit. Which two conclusions can be drawn from the syslog message that was generated by the router? (Choose two.)

This message resulted from an unusual error requiring reconfiguration of the interface.
This message indicates that the interface should be replaced.
This message is a level 5 notification message. *
This message indicates that service timestamps have been configured.*
This message indicates that the interface changed state five times.

A network technician has issued the service timestamps log datetime command in the configuration of the branch router. Which additional command is required to include the date and time in logged events?

Branch1(config)# service timestamps log uptime
Branch1# clock set 08:00:00 05 AUG 2013*
Branch1(config)# service timestamps debug datetime
Branch1# copy running-config startup-config

Refer to the exhibit. From what location have the syslog messages been retrieved?

syslog server
syslog client
router RAM*
router NVRAM

Refer to the exhibit. What does the number 17:46:26.143 represent?

the time passed since the syslog server has been started
the time when the syslog message was issued*
the time passed since the interfaces have been up
the time on the router when the show logging command was issued

Which destination do Cisco routers and switches use by default when sending syslog messages for all severity levels?

console*
nearest syslog server
NVRAM
RAM

A network administrator has issued the logging trap 4 global configuration mode command. What is the result of this command?

After four events, the syslog client will send an event message to the syslog server.
The syslog client will send to the syslog server any event message that has a severity level of 4 and higher.
The syslog client will send to the syslog server any event message that has a severity level of 4 and lower.*
The syslog client will send to the syslog server event messages with an identification trap level of only 4.

Which statement describes SNMP operation?

An NMS periodically polls the SNMP agents that are residing on managed devices by using traps to query the devices for data.
A get request is used by the SNMP agent to query the device for data.
An SNMP agent that resides on a managed device collects information about the device and stores that information remotely in the MIB that is located on the NMS.
A set request is used by the NMS to change configuration variables in the agent device.*

What are SNMP trap messages?

messages that are used by the NMS to query the device for data
unsolicited messages that are sent by the SNMP agent and alert the NMS to a condition on the network*
messages that are used by the NMS to change configuration variables in the agent device
messages that are sent periodically by the NMS to the SNMP agents that reside on managed devices to query the device for data

Which SNMP feature provides a solution to the main disadvantage of SNMP polling?

SNMP set messages
SNMP trap messages*
SNMP get messages
SNMP community strings

When SNMPv1 or SNMPv2 is being used, which feature provides secure access to MIB objects?

packet encryption
message integrity
community strings*
source validation

A network administrator has issued the snmp-server user admin1 admin v3 encrypted auth md5 abc789 priv des 256 key99 command. What are two features of this command? (Choose two.)

It adds a new user to the SNMP group.*
It restricts SNMP access to defined SNMP managers.
It forces the network manager to log into the agent to retrieve the SNMP messages.
It uses the MD5 authentication of the SNMP messages.*
It allows a network administrator to configure a secret encrypted password on the SNMP server.

How can SNMP access be restricted to a specific SNMP manager?

Use the snmp-server community command to configure the community string with no access level.
Specify the IP address of the SNMP manager by using the snmp-server host command.
Use the snmp-server traps command to enable traps on an SNMP manager.
Define an ACL and reference it by using the snmp-server community command.*

A network administrator issues two commands on a router:
R1(config)# snmp-server host 10.10.50.25 version 2c campus
R1(config)# snmp-server enable traps
What can be concluded after the commands are entered?

No traps are sent, because the notification-types argument was not specified yet.
Traps are sent with the source IP address as 10.10.50.25.

If an interface comes up, a trap is sent to the server.*
The snmp-server enable traps command needs to be used repeatedly if a particular subset of trap types is desired.

Refer to the exhibit. What can be concluded from the produced output?

An ACL was configured to restrict SNMP access to an SNMP manager.*
This is the output of the show snmp command without any parameters.
The system contact was not configured with the snmp-server contact command.
The location of the device was not configured with the snmp-server location command.

What is a difference between SNMP and NetFlow?

Unlike NetFlow, SNMP uses a “push”-based model.
NetFlow collects more detailed traffic statistics on IP networks than SNMP does.*
SNMP only gathers traffic statistics, whereas NetFlow can also collect many other performance indicators, such as interface errors and CPU usage.
Unlike NetFlow, SNMP may be used to provide IP accounting for billing purposes.

How does NetFlow function on a Cisco router or multilayer switch?

Netflow captures and analyzes traffic.
One user connection to an application exists as two NetFlow flows.*
On 2960 switches, Netlow allows for data export.
NetFlow does not consume any additional memory.

Which type of information can an administrator obtain with the show ip cache flow command?

the NetFlow version that is enabled
whether NetFlow is configured on the correct interface and in the correct direction
the configuration of the export parameters
the protocol that uses the largest volume of traffic*

Which two statements describe items to be considered in configuring NetFlow? (Choose two.)

Netflow requires both management and agent software.
Netflow requires UDP port 514 for notification messages.
NetFlow consumes additional memory.*
Netflow can only be used in a unidirectional flow.*

NetFlow can only be used if all devices on the network support it.

What is the most common purpose of implementing NetFlow in a networked environment?

to support accounting and monitoring with consumer applications*
to actively capture traffic from networked devices
to monitor live data usage and to control traffic flow with set messages
to passively capture changing events that occur in the network and to perform after-the-fact-analysis

Refer to the exhibit. While planning an upgrade, a network administrator uses the Cisco NetFlow utility to analyze data flow in the current network. Which protocol used the greatest amount of network time?

TCP-Telnet

TCP-FTP
TCP-other
UDP-DNS
UDP-other *

Fill in the blank.
The syslogprotocol uses UDP port 514 and is the most common method to access system messages provided by networking devices.

When SNMPvl or SNMPv2 is being used, which feature provides secure access to MIB objects?
message integrity
source validation
community strings*
packet encryption

A network administrator has issued the snmp-server user adminl admin v3 encrypted auth md5 abc789 priv des 256 key99 command. What are two features of this command? (Choose two.)
It forces the network manager to log into the agent to retrieve the SNMP messages.
It restricts SNMP access to defined SNMP managers.
It uses the MD5 authentication of the SNMP messages.*
It allows a network administrator to configure a secret encrypted password on the SNMP server.
It adds a new user to the SNMP group.

Which SNMP version uses weak community string-based access control and supports bulk retrieval?
SNMPv3
SNMPv1
SNMPv2c*
SNMPv2Classic

Which protocol or service can be configured to send unsolicited messages to alert the network administrator about a network event such as an extremely high CPU utilization on a router?
SNMP*
NetFlow
syslog
NTP

Which protocol or service allows network administrators to receive system messages that are provided by network devices?
SNMP
syslog*
NetFlow
NTP

The command ntp server 10.1.1.1 is issued on a router. What impact does this command have?
determines which server to send system log files to
synchronizes the clock of the device to the timeserver that is located at IP address 10.1.1.1*
identifies the server on which to store backup configurations
ensures that all logging will have a time stamp associated with it

Which syslog message type is accessible only to an administrator and only via the Cisco CLI?
alerts
debugging*
emergency
errors

Which protocol is used by network administrators to track and gather statistics on TCP/IP packets that are entering or exiting network devices?
syslog
NetFlow*
NTP
SNMP

CCNAAPP

Menu

AD

CCNA 4 Chapter 1 Exam Answers v5.0.3 & v6.0

Older Version

CCNA 4 Chapter 9 Exam Answers v5.0.3 & v6.0

CCNA 4 Chapter 7 Exam Answers v5.0.3 & v6.0

Older Version

CCNA 4 Chapter 8 Exam Answers v5.0.3 & v6.0

Older Version

AD

Search This Blog

Blog Archive

AD

Popular Posts

Categories