Sponsor

CCNA 3 Routing and Switching Scaling Networks OSPF Practice Skills Assessment – Packet Tracer

Thứ Ba, 15 tháng 4, 2014
CCNA Routing and Switching
Scaling Networks
OSPF Practice Skills Assessment – Packet Tracer
A few things to keep in mind while completing this activity:
  1. Do not use the browser Back button or close or reload any exam windows during the exam.
  2. Do not close Packet Tracer when you are done. It will close automatically.
  3. Click the Submit Assessment button in the browser window to submit your work.
Introduction
In Part I of this practice skills assessment, you will configure the Company A network with routing and ACLs. You will configure dynamic routing with OSPFv2 and distribute a default route. In addition, you will configure two access control lists.
In Part II of this practice skills assessment, you will configure the Company A network with RPVST+, port security, EtherChannel, DHCP, VLANs and trunking, and routing between VLANs. In addition you will perform an initial configuration on a switch, secure switch ports and create SVIs. You will also control access to the switch management network with an access control list.
All IOS device configurations should be completed from a direct terminal connection to the device console from an available host.
Some values that are required to complete the configurations have not been given to you. In those cases, create the values that you need to complete the requirements. These values may include certain IP addresses, passwords, interface descriptions, banner text, and other values.
For the sake of time, many repetitive but important configuration tasks have been omitted from this activity. Many of these tasks, especially those related to device security, are essential elements of a network configuration. The intent of this activity is not to diminish the importance of full device configurations.
You will practice and be assessed on the following skills:
  • Configuration of initial device settings
  • IPv4 address assignment and configuration
  • Configuration and addressing of device interfaces
  • Configuration of the OSPFv2 routing protocol
  • Configuration of a default route
  • Configuration of ACL to limit device access
  • Configuration of switch management settings including SSH
  • Configuration of port security
  • Configuration of unused switch ports according to security best practices
  • Configuration of RPVST+
  • Configuration of  EtherChannel
  • Configuration of a router as a DHCP server
  • Configuration of VLANs and trunks
  • Configuration of routing between VLANs
You are required to do the following:
Site 1:
  • Configure initial device settings.
  • Configure interfaces with IPv4 addresses, descriptions, and other settings.
  • Configure and customize OSPFv2.
HQ:
  • Configure interfaces with IPv4 addresses, descriptions, and other settings.
  • Configure and customize OSPFv2.
  • Configure named and numbered ACLs.
  • Configure and propagate a default route through OSPFv2.
Site 2:
  • Configure interfaces with IPv4 addresses, descriptions, and other settings.
  • Configure DHCP pools and excluded addresses.
  • Configure routing between VLANs.
  • Configure a standard ACL.
  • Configure OSPFv2.
SW-A:
  • Create and name VLANs.
  • Configure EtherChannel.
  • Configure trunking.
  • Assign access ports to VLANs.
  • Configure remote management settings.
  • Activate and configure RPVST+.
  • Secure unused switch ports.
  • Configure port security.
SW-B:
  • Create and name VLANs.
  • Configure EtherChannel.
  • Configure trunking.
  • Assign access ports to VLANs.
  • Configure remote management settings with SSH.
  • Activate RPVST+.
SW-C:
  • Create and name VLANs.
  • Configure EtherChannel.
  • Configure trunking.
  • Assign access ports to VLANs.
  • Configure remote management settings.
  • Activate and configure RPVST+.
  • Configure switch ports with PortFast and BPDU Guard.
Internal PC hosts:
  • Configure as DHCP clients.
  • Assign static IPv4 addresses where indicated.

Tables
Note: You are provided with the networks that interfaces should be configured on. Unless you are told to do differently in the detailed instructions below, you are free to choose the host addresses to assign.
Addressing Table:
Device
Interface
Network
Configuration Details
Site 1
S0/0/0
192.168.100.20/30
any address in the network
G0/0
192.168.8.0/24
first host address
G0/1
192.168.9.0/24
first host address
HQ
S0/0/0
192.168.100.20/30
any address in the network
S0/0/1
192.168.100.36/30
any address in the network
S0/1/0
203.0.113.16/29
(The first address in this network is already in use on the ISP router. Any other address in the network can be assigned to this interface.)
Site 2
S0/0/1
192.168.100.36/30
any address in the network
G0/1.2
10.10.2.0/24
first address in the network
G0/1.4
10.10.4.0/24
first address in the network
G0/1.8
10.10.8.0/24
first address in the network
G0/1.15
10.10.15.0/24
first address in the network
G0/1.25
10.10.25.0/24
first address in the network
SW-A
SVI
10.10.25.0/24
the highest address in the network
SW-B
SVI
10.10.25.0/24
the second to the highest address in the network
SW-C
SVI
10.10.25.0/24
the third to the highest address in the network
Manage-1A
NIC
192.168.8.0/24
any address in the network
Clerk-1C
NIC
192.168.9.0/24
any address in the network
Admin-A
NIC
10.10.15.0/24
any available address in network
Admin-B
NIC
10.10.15.0/24
any available address in network
VLAN Switch Port Assignment Table:
VLAN
Name
Network
Device
Switch Ports
2
sales
10.10.2.0/24
SW-A
Fa0/5
SW-C
Fa0/7
4
prod
10.10.4.0/24
SW-A
Fa0/10
SW-C
Fa0/10
8
acct
10.10.8.0/24
SW-A
Fa0/15
SW-C
Fa0/15
15
admin
10.10.15.0/24
SW-A
Fa0/24
SW-C
Fa0/24
25
SVI-NET
10.10.25.0/24
SW-A
SVI
SW-B
SVI
SW-C
SVI
99
null
N/A
SW-A
all unused ports
Port-Channel Groups:
Channel
Device
Interfaces
1
SW-A
Fa0/1, Fa0/2
SW-C
Fa0/1, Fa0/2
2
SW-A
Fa0/3, Fa0/4
SW-B
Fa0/3, Fa0/4
3
SW-B
Fa0/5, Fa0/6
SW-C
Fa0/5, Fa0/6
Instructions

All configurations must be performed through a direct terminal connection to the device console line from an available host.
Part I: OSPFv2 Router Configuration
Step 1: Plan the Addressing.
Determine the IP addresses that you will use for the required interfaces on the devices and LAN hosts. Follow the configuration details provided in the Addressing Table.
Step 2: Configure Site 1.
Configure Site 1 with initial settings:
  • Configure the router host name: Site-1. This value must be entered exactly as it appears here.
  • Prevent the router from attempting to resolve command line entries to IP addresses.
  • Protect device configurations from unauthorized access with an encrypted secret password.
  • Secure the router console and remote access lines.
  • Prevent system status messages from interrupting console output.
  • Configure a message-of-the-day banner.
  • Encrypt all clear text passwords.
Step 3: Configure the Router Interfaces.
Configure the interfaces of all routers for full connectivity with the following:
  • IP addressing
  • Descriptions for serial interfaces.
  • Configure DCE settings where required. Use a rate of 128000.
  • The Ethernet subinterfaces on Site 2 will configured later in this assessment.
Step 4: Configure inter-VLAN routing on Site 2.
Configure router Site 2 to route between VLANs using information in the Addressing Table and VLAN Switch Port Assignment Table. The VLANs will be configured on the switches later in this assessment.
  • Do not route the VLAN 99 network.
Step 5: Configure Default Routing.
On HQ, configure a default route to the Internet. Use the exit interface argument. 
Step 6: Configure OSPF Routing.
a. On all routers:
  • Configure multiarea OSPFv2 to route between all internal networks. Use a process ID of 1.
  • Use the area numbers shown in the topology.
  • Use the correct wild card masks for all network statements.
  • You are not required to route the SVI-NET VLAN network on Site 2.
  • Prevent routing updates from being sent to the LANs.
b. On the HQ router:
  • Configure multiarea OSPFv2 to distribute the default route to the other routers.
Step 7: Customize Multiarea OSPFv2.
Customize multiarea OSPFv2 by performing the following configuration tasks:
a. Set the bandwidth of all serial interfaces to 128 kb/s.
b. Configure OSPF router IDs as follows:
  • Site 1: 1.1.1.1
  • HQ: 2.2.2.2
  • Site 2: 3.3.3.3
  • The configured router IDs should be in effect on all three routes.
c. Configure the OSPF cost of the link between Site 1 and HQ to 7500.
Step 8: Configure OSPF MD5 Authentication on the Required Interfaces.
Configure OSPF to authenticate routing updates with MD5 authentication on the OSPF interfaces.
  • Use a key value of 1.
  • Use xyz_OSPF as the password.
  • Apply MD5 authentication to the required interfaces.
Step 9: Configure Access Control Lists.
You will configure two access control lists in this step. You should use the any and host keywords in the ACL statements as required. The ACL specifications are as follows:
a. Restrict access to the vty lines on HQ with an ACL:
  • Create a named standard ACL using the name TELNET-BLOCK. Be sure that you enter this name exactly as it appears in this instruction.
  • Allow only Admin Host to access the vty lines of HQ.
  • No other Internet hosts (including hosts not visible in the topology) should be able to access the vty lines of HQ.
  • Your solution should consist of one ACL statement.
  • Your ACL should be placed in the most efficient location as possible to conserve network bandwidth and device processing resources.
b. Block ping requests from the Internet with an ACL:
  • Use access list number 101.
  • Allow only Admin Host to ping addresses within the Company A network. Only echo messages should be permitted.
  • Prevent all other Internet hosts (not only the Internet hosts visible in the topology) from pinging addresses inside the Company A network. Block echo messages only.
  • All other traffic should be allowed.
  • Your ACL should consist of three statements.
  • Your ACL should be placed in the most efficient location as possible to conserve network bandwidth and device processing resources.
c. Control access to the management interfaces (SVI) of the three switches attached to Site 2 as follows:
  • Create a standard ACL.
  • Use the number 1 for the list.
  • Permit only addresses from the admin VLAN network to access any address on the SVI-NET VLAN network.
  • Hosts on the  admin VLAN network should be able to reach all other destinations.
  • Your list should consist of one statement.
  • Your ACL should be placed in the most efficient location as possible to conserve network bandwidth and device processing resources.
  • You will be able to test this ACL at the end of Part II  of this assessment.
Part II: Switching and DHCP Configuration
Step 1: Create and name VLANs.
On all three switches that are attached to Site 2, create and name the VLANs shown in the VLAN Table.
  • The VLAN names that you configure must match the values in the table exactly.
  • Each switch should be configured with all of the VLANs shown in the table.
Step 2:  Assign switch ports to VLANs.
Using the VLAN table, assign switch ports to the VLANs you created in Step 1, as follows:
  • All switch ports that you assign to VLANsn should be configured to static access mode.
  • All switch ports that you assign to VLANs should be activated.
  • Note that all of the unused ports on SW-A should be assigned to VLAN 99. This configuration step on switches SW-B and SW-C is not required in this assessment for the sake of time.
  • Secure the unused switch ports on SW-A by shutting them down.
Step 3:  Configure the SVIs.
Refer to the Addressing Table. Create and address the SVIs on all three of the switches that are attached to Site 2. Configure the switches so that they can communicate with hosts on other networks. Full connectivity will be established after routing between VLANs has been configured later in this assessment.
Step 4:  Configure Trunking and EtherChannel.
a. Use the information in the Port-Channel Groups table to configure EtherChannel as follows:
  • Use LACP.
  • The switch ports on both sides of Channels 1 and 2 should initiate negotiations for channel establishment.
  • The switch ports on the SW-B side of Channel 3 should initiate negotiations with the switch ports on SW-C.
  • The switch ports on the SW-C side of Channel 3 should not initiate negotiations with the switch ports on the other side of the channel.
  • All channels should be ready to forward data after they have been configured.
b. Configure all port-channel interfaces as trunks.
c. Configure static trunking on the switch port on SW-B that is connected to Site 2.
Step 5:  Configure Rapid PVST+.
Configure Rapid PVST+ as follows:
a. Activate Rapid PVST+ and set root priorities.
  • All three switches should be configured to run Rapid PVST+.
  • SW-A should be configured as root primary for VLAN 2 and VLAN 4 using the default primary priority values.
  • SW-A should be configured as root secondary for VLAN 8 and VLAN 15 using the default secondary priority values.
  • SW-C should be configured as root primary for VLAN 8 and VLAN 15 using the default primary priority values.
  • SW-C should be configured as root secondary for VLAN 2 and VLAN 4 using the default secondary priority values.
b. Activate PortFast and BPDU Guard on the active SW-C switch access ports.
  • On SW-C, configure PortFast on the access ports that are connected to hosts.
  • On SW-C, activate BPDU Guard on the access ports that are connected to hosts.
Step 6:  Configure switch security.
You are required to complete the following only on some of the devices in the network for this assessment. In reality, security should be configured on all devices in the network.
a. Configure port security on all active access ports that have hosts connected on SW-A.
  • Each active access port should accept only two MAC addresses before a security action occurs.
  • The learned MAC addresses should be recorded in the running configuration.
  • If a security violation occurs, the switch ports should provide notification that a violation has occurred but not place the interface in an err-disabled state.
b. On SW-B, configure the virtual terminal lines to accept only SSH connections.
  • Use a domain name of ccnaPTSA.com.
  • Use SW-B as the host name.
  • Use a modulus value of 1024.
  • Configure SSH version 2.
  • Configure the vty lines to only accept SSH connections.
  • Configure user-based authentication for the SSH connections with a user name ofnetadmin and a secret password of SSH_secret9. The user name and password must match the values provided here exactly.
c. Ensure that all unused switch ports on SW-A have been secured as follows:
  • They should be assigned to VLAN 99.
  • They should all be in access mode.
  • They should be shutdown.
Step 7: Configure Site 2 as a DHCP server for the hosts attached to the SW-A and SW-C switches.
Configure three DHCP pools as follows:
  • Refer to the information in the Addressing Table.
  • Create a DHCP pool for hosts on VLAN 2 using the pool name vlan2pool.
  • Create a DHCP pool for hosts on VLAN 4 using the pool name vlan4pool.
  • Create a DHCP pool for hosts on VLAN 8 using the pool name vlan8pool.
  • All VLAN pool names must match the provided values exactly.
  • Exclude the first five addresses from each pool.
  • Configure a DNS server address of 192.168.200.225.
  • All hosts should be able to communication with hosts on other networks.
Step 8: Configure host addressing.
Hosts should be able to ping each other and external hosts after they have been correctly addressed, where permitted.
  • Hosts on VLANs 2, 4, and 8 should be configured to receive addresses dynamically over DHCP.
  • Hosts on VLAN 15 should be addressed statically as indicated in the Addressing Table. Once configured, the hosts should be able to ping hosts on other networks.
  • Hosts on the LANs attached to Site 1 should be statically assigned addresses that enable them to communicate with hosts on other networks, as indicated in the Addressing Table.
Configuration
#####–SITE 1
hostname East
no ip domain-lookup
enable secret cisco
line console 0
logging synchronous
password cisco
login
line aux 0
password cisco
login
line vty 0 15
password cisco
login
service password-encryption
banner motd @Authorized acces only!@
interface serial 0/0/0
bandwidth 128
clock rate 12800
ip address 192.168.100.22 255.255.255.252
description 2-Central
ip ospf cost 7500
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
no shutdown
exit
interface gi 0/0
ip address 192.168.8.1 255.255.255.0
description Manage-1A
no shutdown
interface gi 0/1
ip address 192.168.9.1 255.255.255.0
description Clerk-1C
no shutdown
exit
— OSPF
router ospf 1
router-id 1.1.1.1
area 0 authentication message-digest
network 192.168.100.20 0.0.0.3 area 0
network 192.168.8.0 0.0.0.255 area 1
network 192.168.9.0 0.0.0.255 area 1
passive-interface GigabitEthernet0/0
passive-interface GigabitEthernet0/1
no auto-summary
exit
####################
########–HQ
hostname Central
no ip domain-lookup
enable secret cisco
line console 0
logging synchronous
password cisco
login
line aux 0
password cisco
login
line vty 0 15
password cisco
login
service password-encryption
banner motd @Authorized acces only @
ip route 0.0.0.0 0.0.0.0 s0/1/0
interface serial 0/0/0
bandwidth 128
ip address 192.168.100.21 255.255.255.252
description 2-East
ip ospf cost 7500
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
no shutdown
exit
interface serial 0/0/1
bandwidth 128
ip address 192.168.100.37 255.255.255.252
description 2-West
clock rate 128000
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
no shutdown
exit
interface serial 0/1/0
bandwidth 128
ip address 203.0.113.18 255.255.255.248
description 2-INTERNET
no shutdown
exit
— OSPF
router ospf 1
router-id 2.2.2.2
area 0 authentication message-digest
default-information originate
network 192.168.100.20 0.0.0.3 area 0
network 192.168.100.36 0.0.0.3 area 0
passive-interface Serial0/1/0
no auto-summary
exit
–ACCESS LIST
ip access-list standard TELNET-BLOCK
permit host 198.51.100.5
line vty 0 15
access-class TELNET-BLOCK in
interface serial 0/1/0
ip access-group 101 in
exit
#######################
###### –SITE 2
hostname West
no ip domain-lookup
enable secret cisco
line console 0
logging synchronous
password cisco
login
line vty 0 15
password cisco
login
service password-encryption
banner motd @Authorized acces only.@
interface serial 0/0/1
bandwidth 128
ip address 192.168.100.38 255.255.255.252
description 2-Central
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
no shutdown
interface gi 0/1
no shutdown
interface gi 0/1.2
encapsulation dot1q 2
ip address 10.10.2.1 255.255.255.0
interface gi 0/1.4
encapsulation dot1q 4
ip address 10.10.4.1 255.255.255.0
interface gi 0/1.8
encapsulation dot1q 8
ip address 10.10.8.1 255.255.255.0
interface gi 0/1.15
encapsulation dot1q 15
ip address 10.10.15.1 255.255.255.0
interface gi 0/1.25
encapsulation dot1q 25
ip address 10.10.25.1 255.255.255.0
exit
— OSPF
router ospf 1
router-id 3.3.3.3
passive-interface GigabitEthernet0/1
network 192.168.100.36 0.0.0.3 area 0
network 10.10.2.0 0.0.0.255 area 2
network 10.10.4.0 0.0.0.255 area 2
network 10.10.8.0 0.0.0.255 area 2
network 10.10.15.0 0.0.0.255 area 2
no auto-summary
passive-interface g0/1.2
passive-interface g0/1.4
passive-interface g0/1.8
passive-interface g0/1.15
exit
– ROUTE SUMMARIZATION
interface serial 0/0/1
ip summary-address eigrp 100 10.10.0.0 255.255.240.0
– DHCP
ip dhcp excluded-address 10.10.2.1 10.10.2.5
ip dhcp excluded-address 10.10.4.1 10.10.4.5
ip dhcp excluded-address 10.10.8.1 10.10.8.5
ip dhcp pool vlan2pool
network 10.10.2.0 255.255.255.0
default-router 10.10.2.1
dns-server 192.168.200.225
ip dhcp pool vlan4pool
network 10.10.4.0 255.255.255.0
default-router 10.10.4.1
dns-server 192.168.200.225
ip dhcp pool vlan8pool
network 10.10.8.0 255.255.255.0
default-router 10.10.8.1
dns-server 192.168.200.225
exit
–ACCESS LIST
access-list 1 permit 10.10.15.0 0.0.0.255
interface gi0/1.25
ip access-group 1 out
#######–SW-A
hostname Bldg1
no ip domain-lookup
enable secret cisco
line console 0
logging synchronous
password cisco
login
line vty 0 15
password cisco
login
service password-encryption
banner motd @Authorized acces only!@
ip default-gateway 10.10.25.1
vlan 2
name sales
vlan 4
name prod
vlan 8
name acct
vlan 15
name admin
vlan 25
name SVI-NET
vlan 99
name null
interface vlan 25
ip address 10.10.25.254 255.255.255.0
no shutdown
interface fa0/5
switchport mode acces
switchport acces vlan 2
interface fa0/10
switchport mode acces
switchport acces vlan 4
interface fa0/15
switchport mode acces
switchport acces vlan 8
interface fa0/24
switchport mode acces
switchport acces vlan 15
interface range fa0/6-9,fa0/11-14,fa0/16-23
switchport mode acces
switchport acces vlan 99
shutdown
interface range gi1/1-2
switchport mode acces
switchport acces vlan 99
shutdown
– ETHERCHANNEL
interface range fa0/1-2
channel-group 1 mode active
interface port-channel 1
switchport mode trunk
interface range fa0/3-4
channel-group 2 mode active
interface port-channel 2
switchport mode trunk
exit
–PVST+
spanning-tree mode rapid-pvst
spanning-tree vlan 2 root primary
spanning-tree vlan 4 root primary
spanning-tree vlan 8 root secondary
spanning-tree vlan 15 root secondary
–SECURITY
interface fa0/5
switchport port-security
switchport port-security violation restrict
switchport port-security maximum 2
switchport port-security mac-address sticky
interface fa0/10
switchport port-security
switchport port-security violation restrict
switchport port-security maximum 2
switchport port-security mac-address sticky
interface fa0/15
switchport port-security
switchport port-security violation restrict
switchport port-security maximum 2
switchport port-security mac-address sticky
interface fa0/24
switchport port-security
switchport port-security violation restrict
switchport port-security maximum 2
switchport port-security mac-address sticky
#######–SW-B
hostname Bldg2
no ip domain-lookup
enable secret cisco
line console 0
logging synchronous
password cisco
login
line vty 0 15
password cisco
login
service password-encryption
banner motd @Authorized acces only!@
– SSH
ip ssh version 2
ip domain-name ccnaPTSA.com
crypto key generate rsa
username netadmin password SSH_secret9
line vty 0 4
login local
transport input ssh
line vty 5 15
login local
transport input ssh
ip default-gateway 10.10.25.1
vlan 2
name sales
vlan 4
name prod
vlan 8
name acct
vlan 15
name admin
vlan 25
name SVI-NET
vlan 99
name null
interface vlan 25
ip address 10.10.25.253 255.255.255.0
no shutdown
interface gi 1/1
switchport mode trunk
– ETHERCHANNEL
interface range fa0/3-4
channel-group 2 mode active
interface port-channel 2
switchport mode trunk
interface range fa0/5-6
channel-group 3 mode active
interface port-channel 3
switchport mode trunk
–PVST+
spanning-tree mode rapid-pvst
#########– SW-C
hostname Bldg3
no ip domain-lookup
enable secret cisco
line console 0
logging synchronous
password cisco
login
line vty 0 15
password cisco
login
service password-encryption
banner motd @Authorized acces only !@
ip default-gateway 10.10.25.1
vlan 2
name sales
vlan 4
name prod
vlan 8
name acct
vlan 15
name admin
vlan 25
name SVI-NET
vlan 99
name null
interface vlan 25
ip address 10.10.25.252 255.255.255.0
no shutdown
interface fa0/7
switchport mode acces
switchport acces vlan 2
interface fa0/10
switchport mode acces
switchport acces vlan 4
interface fa0/15
switchport mode acces
switchport acces vlan 8
interface fa0/24
switchport mode acces
switchport acces vlan 15
– ETHERCHANNEL
interface range fa0/1-2
channel-group 1 mode active
no shutdown
interface port-channel 1
switchport mode trunk
interface range fa0/5-6
channel-group 3 mode passive
no shutdown
interface port-channel 3
switchport mode trunk
–PVST+
spanning-tree mode rapid-pvst
spanning-tree vlan 2 root secondary
spanning-tree vlan 4 root secondary
spanning-tree vlan 8 root primary
spanning-tree vlan 15 root primary
–Port Fast BPDU Guard
interface range fa0/7, fa0/10, fa0/15, fa0/24
spanning-tree portfast
spanning-tree bpduguard enable
no shutdown
Read more ...
Postado por �s
Marcadores: , , , , , , ,

CCNA 3 Routing and Switching Scaling Networks Final Exam Answers 2014

Thứ Ba, 15 tháng 4, 2014

CCNA 3 Routing and Switching Scaling Networks Final Exam Answers 2014

Take Assessment Download PDF
1
Refer to the exhibit. A network administrator is attempting to upgrade the IOS system image on a Cisco 2901 router. After the new image has been downloaded and copied to the TFTP server, what command should be issued on the router before the IOS system image is upgraded on the router?
ping 10.10.10.1
dir flash:
ping 10.10.10.2*
copy tftp: flash0:
2
Fill in the blank.
The ”  backbone  ”  area interconnects with all other OSPF area types.
3
Which address is used by an IPv6 EIGRP router as the source for hello messages?
the interface IPv6 link-local address*
the 32-bit router ID
the all-EIGRP-routers multicast address
the IPv6 global unicast address that is configured on the interface
4
Refer to the exhibit. A network administrator issues the show ipv6 eigrp neighbors command. Which conclusion can be drawn based on the output?
The link-local addresses of neighbor routers interfaces are configured manually.*
If R1 does not receive a hello packet from the neighbor with the link-local address FE80::5 in 2 seconds, it will declare the neighbor router is down.
R1 has two neighbors. They connect to R1 through their S0/0/0 and S0/0/1 interfaces.
The neighbor with the link-local address FE80::5 is the first EIGRP neighbor that is learned by R1.
5
Refer to the exhibit. Which two conclusions can be derived from the output? (Choose two.)
The network 192.168.10.8/30 can be reached through 192.168.11.1.
The reported distance to network 192.168.1.0/24 is 41024256.
Router R1 has two successors to the 172.16.3.0/24 network.
There is one feasible successor to network 192.168.1.8/30.*
The neighbor 172.16.6.1 meets the feasibility condition to reach the 192.168.1.0/24 network.*
6

Refer to the exhibit. An administrator attempts to configure EIGRP for IPv6 on a router and receives the error message that is shown. Which command must be issued by the administrator before EIGRP for IPv6 can be configured?
eigrp router-id 100.100.100.100
no shutdown
ipv6 eigrp 100
ipv6 cef
ipv6 unicast-routing*
7
What two conditions have to be met in order to form a cluster that includes 5 access points? (Choose two.)
The APs must use different cluster names.
The APs must all be configured to use different radio modes.
At least two controllers are needed to form the cluster.
The APs have to be connected on the same network segment.*
Clustering mode must be enabled on the APs.*
8
Which technological factor determines the impact of a failure domain?
the forwarding rate of the switches used on the access layer
the number of layers of the hierarchical network
the role of the malfunctioning device*
the number of users on the access layer
9
Which mode configuration setting would allow formation of an EtherChannel link between switches SW1 and SW2 without sending negotiation traffic?
SW1: desirable
SW2: desirable
SW1: passive
SW2: active
SW1: on
SW2: on*
SW1: auto
SW2: auto
trunking enabled on both switches
SW1: auto
SW2: auto
PortFast enabled on both switches
10
In a large enterprise network, which two functions are performed by routers at the distribution layer? (Choose two.)
provide Power over Ethernet to devices
provide a high-speed network backbone
connect remote networks*
connect users to the network
provide data traffic security*
11
A network engineer is implementing security on all company routers. Which two commands must be issued to force authentication via the password 1C34dE for all OSPF-enabled interfaces in the backbone area of the company network? (Choose two.)
area 0 authentication message-digest*
ip ospf message-digest-key 1 md5 1C34dE*
username OSPF password 1C34dE
enable password 1C34dE
area 1 authentication message-digest
12
When does an OSPF router become an ABR?
when the router is configured as an ABR by the network administrator
when the router has interfaces in different areas*
when the router has an OSPF priority of 0
when the router has the highest router ID
13
Which characteristic would most influence a network design engineer to select a multilayer switch over a Layer 2 switch?
ability to have multiple forwarding paths through the switched network based on VLAN number(s)
ability to aggregate multiple ports for maximum data throughput
ability to build a routing table*
ability to provide power to directly-attached devices and the switch itself
14
A network designer is considering whether to implement a switch block on the company network. What is the primary advantage of deploying a switch block?
A single core router provides all the routing between VLANs.
This is network application software that prevents the failure of a single network device.
The failure of a switch block will not impact all end users.*
This is a security feature that is available on all new Catalyst switches.
15
A network administrator enters the spanning-tree portfast bpduguard default command. What is the result of this command being issued on a Cisco switch?
Any switch port will be error-disabled if it receives a BPDU.
Any switch port that has been configured with PortFast will be error-disabled if it receives a BPDU.*
Any trunk ports will be allowed to connect to the network immediately, rather than waiting to converge.
Any switch port that receives a BPDU will ignore the BPDU message.
16
What are two differences between the Cisco IOS 12 and IOS 15 versions? (Choose two.)
Every Cisco ISR G2 platform router includes a universal image in the IOS 12 versions, but not the IOS 15 versions.
The IOS version 15 license key is unique to each device, whereas the IOS version 12 license key is not device specific.*
The IOS 12 version has two trains that occur simultaneously, whereas the IOS 15 version still has two trains, but the versions occur in a single sequential order.
The IOS 12 version has commands that are not available in the 15 version.
IOS version 12.4(20)T1 is a mainline release, whereas IOS version 15.1(1)T1 is a new feature release.*
17
Refer to the exhibit. What are two results of issuing the displayed commands on S1, S2, and S3? (Choose two.)
S3 can be elected as a secondary bridge.
S2 can become root bridge if S3 fails.
S1 will automatically adjust the priority to be the lowest.*
S2 can become root bridge if S1 fails.*
S1 will automatically adjust the priority to be the highest.
18
A remote classroom can successfully access video-intensive streaming lectures via wired computers. However, when an 802.11n wireless access point is installed and used with 25 wireless laptops to access the same lectures, poor audio and video quality is experienced. Which wireless solution would improve the performance for the laptops?
Upgrade the access point to one that can route.
Decrease the power of the wireless transmitter.
Adjust the wireless NICs in the laptops to operate at 10GHz to be compatible with 802.11n.
Add another access point.*
19
A network engineer is troubleshooting a single-area OSPFv3 implementation across routers R1, R2, and R3. During the verification of the implementation, it is noted that the routing tables on R1 and R2 do not include the entry for a remote LAN on R3. Examination of R3 shows the following:
that all interfaces have correct addressing
that the routing process has been globally configured
that correct router adjacencies have formed
What additional action taken on R3 could solve the problem?
Force DR/BDR elections to occur where required.
Use the network command to configure the LAN network under the global routing process.
Enable the OSPFv3 routing process on the interface connected to the remote LAN.*
Restart the OPSFv3 routing process.
20
When should EIGRP automatic summarization be turned off?
when a network addressing scheme uses VLSM
when a router has more than three active interfaces
when a network contains discontiguous network addresses*
when a router has less than five active interfaces
when a router has not discovered a neighbor within three minutes
21
When will a router that is running EIGRP put a destination network in the active state?
when the EIGRP domain is converged
when there is outgoing traffic toward the destination network
when the connection to the successor of the destination network fails and there is no feasible successor available*
when there is an EIGRP message from the successor of the destination network
22
Which action should be taken when planning for redundancy on a hierarchical network design?
add alternate physical paths for data to traverse the network
continually purchase backup equipment for the network*
immediately replace a non-functioning module, service or device on a network
implement STP portfast between the switches on the network
23
Fill in the blank. Use the acronym.
Which encryption protocol is used by the WPA2 shared key authentication technique? ” AES ”
 24
Refer to the exhibit. When the show ip ospf neighbor command is given from the R1# prompt, no output is shown. However, when the show ip interface brief command is given, all interfaces are showing up and up. What is the most likely problem?
R1 has not sent a default route down to R2 by using the default-information originate command.
R2 has not brought the S0/0/1 interface up yet.
R1 or R2 does not have a network statement for the 172.16.100.0 network.*
The ISP has not configured a static route for the ABC Company yet.
R1 or R2 does not have a loopback interface that is configured yet.
25
Refer to the exhibit. If router B is to be configured for EIGRP AS 100, which configuration must be entered?
B(config-router)# network 192.168.10.4 0.0.0.3
B(config-router)# network 192.168.10.8 0.0.0.3
B(config-router)# network 192.168.10.64 0.0.0.63
B(config-router)# network 192.168.10.128 0.0.0.63
B(config-router)# network 192.168.10.192 0.0.0.63
B(config-router)# network 192.168.10.4 255.255.255.248
B(config-router)# network 192.168.10.8 255.255.255.248
B(config-router)#network 192.168.10.128 255.255.255.192
B(config-router)# network 192.168.10.0 255.255.255.0
B(config-router)# network 192.168.10.0 0.0.0.255
B(config-router)# network 192.168.10.4 0.0.0.3
B(config-router)# network 192.168.10.8 0.0.0.3
B(config-router)#network 192.168.10.128 0.0.0.63*
B(config-router)# network 192.168.10.4 0.0.0.3
B(config-router)# network 192.168.10.8 0.0.0.3
26
Refer to the exhibit. A network technician is troubleshooting missing OSPFv3 routes on a router. What is the cause of the problem based on the command output?
The local router has formed complete neighbor adjacencies, but must be in a 2WAY state for the router databases to be fully synchronized.
The neighbor IDs are incorrect. The interfaces must use only IPv6 addresses to ensure fully synchronized routing databases.
The dead time must be higher than 30 for all routers to form neighbor adjacencies.
There is a problem with the OSPFv3 adjacency between the local router and the router that is using the neighbor ID 2.2.2.2.*
27
Refer to the exhibit. Which two conclusions can be drawn from the output? (Choose two.)
The bundle is fully operational.
The port channel is a Layer 3 channel.
The EtherChannel is down.*
The port channel ID is 2.*
The load-balancing method used is source port to destination port.
28
Refer to the exhibit. Based on the command output shown, what is the status of the EtherChannel?
The EtherChannel is dynamic and is using ports Fa0/10 and Fa0/11 as passive ports.
The EtherChannel is in use and functional as indicated by the SU and P flags in the command output.*
The EtherChannel is down as evidenced by the protocol field being empty.
The EtherChannel is partially functional as indicated by the P flags for the FastEthernet ports.
29
A network engineer is configuring a LAN with a redundant first hop to make better use of the available network resources. Which protocol should the engineer implement?
FHRP
VRRP
GLBP*
HSRP
30
Users on an IEEE 801.11n network are complaining of slow speeds. The network administrator checks the AP and verifies it is operating properly. What can be done to improve the wireless performance in the network?
Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band.*
Set the AP to mixed mode.
Change the authentication method on the AP.
Switch to an 802.11g AP.
31
A network administrator is troubleshooting slow performance in a Layer 2 switched network. Upon examining the IP header, the administrator notices that the TTL value is not decreasing. Why is the TTL value not decreasing?
This is the normal behavior for a Layer 2 network.*
The VLAN database is corrupt.
The MAC address table is full.
The inbound interface is set for half duplex.
32
What is a wireless modulation technique used by 802.11 WLAN standards that can implement MIMO?
FHSS
OFDM*
BSS
DSSS
33
Which technology is an open protocol standard that allows switches to automatically bundle physical ports into a single logical link?
Multilink PPP
PAgP
DTP
LACP*
34
A set of switches is being connected in a LAN topology. Which STP bridge priority value will make it least likely for the switch to be selected as the root?
32768
4096
65535
61440*
35
Which wireless network topology is being configured by a technician who is installing a keyboard, a mouse, and headphones, each of which uses Bluetooth?
ad hoc mode*
hotspot
mixed mode
infrastructure mode
36
Refer to the exhibit. Which route or routes will be advertised to the router ISP if autosummarization is enabled?
10.0.0.0/8*
10.1.0.0/16
10.1.0.0/28
10.1.1.0/24
10.1.2.0/24
10.1.3.0/24
10.1.4.0/28
37
When are EIGRP update packets sent?
only when necessary*
every 30 seconds via broadcast
every 5 seconds via multicast
when learned routes age out
38
Which requirement should be checked before a network administrator performs an IOS image upgrade on a router?
The old IOS image file has been deleted.
The FTP server is operational.
There is sufficient space in flash memory.*
The desired IOS image file has been downloaded to the router.
39
What method of wireless authentication is dependent on a RADIUS authentication server?
WPA Personal
WEP
WPA2 Enterprise*
WPA2 Personal
40
A network administrator wants to verify the default delay values for the interfaces on an EIGRP-enabled router. Which command will display these values?
show running-config
show interfaces*
show ip protocols
show ip route
41
A network administrator in a branch office is configuring EIGRP authentication between the branch office router and the headquarters office router. Which security credential is needed for the authentication process?
a randomly generated key with the crypto key generate rsa command
a common key configured with the key-string command inside a key chain*
the username and password configured on the headquarters office router
the hostname of the headquarters office router and a common password
42
Refer to the exhibit. Interface FastEthernet 0/1 on S1 is connected to Interface FastEthernet 0/1 on S2, and Interface FastEthernet 0/2 on S1 is connected to Interface FastEthernet 0/2 on S2. What are two errors in the present EtherChannel configurations? (Choose two.)
Desirable mode is not compatible with on mode.
The trunk mode is not allowed for EtherChannel bundles.
Two auto modes cannot form a bundle.*
The channel group is inconsistent.*
The interface port channel ID should be different in both switches.
43
Which port role is assigned to the switch port that has the lowest cost to reach the root bridge?
disabled port
root port*
designated port
non-designated port
44
What are two features of OSPF interarea route summarization? (Choose two.)
ASBRs perform all OSPF summarization.
Routes within an area are summarized by the ABR.*
Route summarization results in high network traffic and router overhead.
ABRs advertise the summarized routes into the backbone.*
Type 3 and type 5 LSAs are used to propagate summarized routes.
45
Launch PT  Hide and Save PT
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
Which message was displayed on the web server?
Work done!
Congratulations!
Wonderful work!
You’ve made it!*
46
Refer to the exhibit. What two pieces of information could be determined by a network administrator from this output? (Choose two.)
The metric that will be installed in the routing table for the 10.0.0.0 route will be 65 (64+1).
Interface Fa0/1 is not participating in the OSPF process.
R1 is the distribution point for the routers that are attached to the 10.0.0.4 network.
R1 is participating in multiarea OSPF.*
The OSPF process number that is being used is 0.
47
RouterA# -> copy flash0:tftp:
Source Filename? -> C1900-universalk9-m.SPA.152-4.M3.bin
Address or name of remote host ->2001:DB8:CAFE:100::9
48
A network administrator has configured an EtherChannel between two switches that are connected via four trunk links. If the physical interface for one of the trunk links changes to a down state, what happens to the EtherChannel?
Spanning Tree Protocol will recalculate the remaining trunk links.
The EtherChannel will remain functional.
The EtherChannel will transition to a down state.*
Spanning Tree Protocol will transition the failed physical interface into forwarding mode.
49
Refer to the exhibit. Which destination MAC address is used when frames are sent from the workstation to the default gateway?
MAC addresses of both the forwarding and standby routers
MAC address of the standby router
MAC address of the virtual router*
MAC address of the forwarding router
50
Refer to the exhibit. A company has migrated from single area OSPF to multiarea. However, none of the users from network 192.168.1.0/24 in the new area can be reached by anyone in the Branch1 office. From the output in the exhibit, what is the problem?
There are no interarea routes in the routing table for network 192.168.1.0.*
The OSPF routing process is inactive.
The router has not established any adjacencies with other OSPF routers.
The link to the new area is down.
51
What are two requirements when using out-of-band configuration of a Cisco IOS network device? (Choose two.)
Telnet or SSH access to the device
a connection to an operational network interface on the device
a direct connection to the console or AUX port*
a terminal emulation client*
HTTP access to the device
52
For troubleshooting missing EIGRP routes on a router, what three types of information can be collected using the show ip protocols command? (Choose three.)
any interfaces on the router that are configured as passive*
any ACLs that are affecting the EIGRP routing process*
any interfaces that are enabled for EIGRP authentication
networks that are unadvertised by the EIGRP routing protocol*
the local interface that is used to establish an adjacency with EIGRP neighbors
the IP addresses that are configured on adjacent routers
53
What are two requirements to be able to configure an EtherChannel between two switches? (Choose two.)
All the interfaces need to work at the same speed.*
All interfaces need to be assigned to different VLANs.
The interfaces that are involved need to be contiguous on the switch.
All the interfaces need to be working in the same duplex mode.*
Different allowed ranges of VLANs must exist on each end.
54
This type of LSA exists in multi-access & non-broadcast multi-access networks w/DR   =>   TYPE 2 LSA
This type of LSA describes routes to networks outside of the OSPF AS   =>  TYPE 5 LSA
This type of LSA is flooded only within the area which it originated    =>   TYPE 1 LSA
This type of LSA is used by ABR to advertise networks from other areas    =>   TYPE 3 LSA
55
At a local college, students are allowed to connect to the wireless network without using a password. Which mode is the access point using?
network
shared-key
open*
passive
56
What are three access layer switch features that are considered when designing a network? (Choose three.)
broadcast traffic containment
forwarding rate***
failover capability
Power over Ethernet***
speed of convergence
port density***
57
Refer to the exhibit. What can be concluded about network 192.168.1.0 in the R2 routing table?
This network has been learned from an internal router within the same area.
This network was learned through summary LSAs from an ABR.*
This network is directly connected to the interface GigabitEthernet0/0.
This network should be used to forward traffic toward external networks.
58
Which two statements are correct about EIGRP acknowledgment packets? (Choose two.)
The packets are sent as unicast.*
The packets are unreliable.*
The packets are used to discover neighbors that are connected on an interface.
The packets require confirmation.
The packets are sent in response to hello packets.
59
An STP instance has failed and frames are flooding the network. What action should be taken by the network administrator?
Broadcast traffic should be investigated and eliminated from the network.
Spanning tree should be disabled for that STP instance until the problem is located.
Redundant links should be physically removed until the STP instance is repaired.*
A response from the network administrator is not required because the TTL field will eventually stop the frames from flooding the network.
60
A network administrator issues the command R1(config)# license boot module c1900 technology-package securityk9 on a router. What is the effect of this command?
The IOS will prompt the user to provide a UDI in order to activate the license.
The IOS will prompt the user to reboot the router.
The features in the Security package are available immediately.
The Evaluation Right-To-Use license for the Security technology package is activated.*
61
A router has been removed from the network for maintenance. A new Cisco IOS software image has been successfully downloaded to a server and copied into the flash of the router. What should be done before placing the router back into service?
Delete the previous version of the Cisco IOS software from flash.
Copy the running configuration to NVRAM.
Back up the new image.
Restart the router and verify that the new image starts successfully.*
62
What are the two methods that are used by a wireless NIC to discover an AP? (Choose two.)
receiving a broadcast beacon frame*
delivering a broadcast frame
transmitting a probe request*
sending an ARP request
initiating a three-way handshak
63
Refer to the exhibit. Why did R1 and R2 not establish ad adjacency?
The link-local address must be the same on both routers.
The AS number must be the same on R1 and R2.*
R1 S0/0/0 and R2 S0/0/0 are on different networks.
The no shutdown command is misapplied on both routers.
The router ID must be the same on both routers.
64
feasible distance to 192.168.11.64 => 660110
new successor to network 192.168.1.0 => 192.168.3.1
destination network => 192.168.11.64

Read more ...
Postado por �s
Marcadores: , , , , , , ,
Đăng ký: Bài đăng (Atom)

Advertisment