CCNA 2 R&S Essentials Practice Final v5.0 Exam Answers 2014

Thứ Năm, 20 tháng 2, 2014

CCNA 2 R&S Essentials Practice Final v5.0 Exam Answers 2014

1
Which command would be best to use on an unused switch port if a company adheres to the best practices as recommended by Cisco?

switchport port-security mac-address sticky
ip dhcp snooping
switchport port-security mac-address sticky mac-address
switchport port-security violation shutdown
shutdown*

Refer to the exhibit. An administrator is trying to configure PAT on R1, but PC-A is unable to access the Internet. The administrator tries to ping a server on the Internet from PC-A and collects the debugs that are shown in the exhibit. Based on this output, what is most likely the cause of the problem?

The inside global address is not on the same subnet as the ISP.*
The NAT source access list matches the wrong address range.
The address on Fa0/0 should be 64.100.0.1.
The inside and outside NAT interfaces have been configured backwards.

3
A small company has a web server in the office that is accessible from the Internet. The IP address 192.168.10.15 is assigned to the web server. The network administrator is configuring the router so that external clients can access the web server over the Internet. Which item is required in the NAT configuration?

the ip nat inside source command to link the inside local and inside global addresses*
an ACL to identify the local IPv4 address of the web server
the keyword overload for the ip nat inside source command
an IPv4 address pool

4
Which type of static route typically uses the distance parameter in the ip route global configuration command?

default static route
standard static route
summary static route
floating static route*

Refer to the exhibit. What address will be used as the router ID for the OSPFv3 process?

2001:DB8:CAFE:1::1
192.168.1.1
10.1.1.1*
1.1.1.1
2001:DB8:ACAD:1::1

6
What is the order of packet types used by an OSPF router to establish convergence?

LSU, LSAck, Hello, DBD, LSR
Hello, DBD, LSR, LSU, LSAck*
LSAck, Hello, DBD, LSU, LSR
Hello, LSAck, LSU, LSR, DBD

Refer to the exhibit. If the IP addresses of the default gateway router and the DNS server are correct, what is the configuration problem?

The default-router and dns-server commands need to be configured with subnet masks.
The IP address of the default gateway router is not contained in the excluded address list.*
The IP address of the DNS server is not contained in the excluded address list.
The DNS server and the default gateway router should be in the same subnet.

8
A network administrator is testing IPv6 connectivity to a web server. The network administrator does not want any other host to connect to the web server except for the one test computer. Which type of IPv6 ACL could be used for this situation?

a standard or extended ACL
only a named ACL*
only an extended ACL
an extended, named, or numbered ACL
only a standard ACL

Launch PT Hide and Save PT
Open the PT activity. Perform the tasks in the activity instructions and then answer the question.
To verify that the SVI is configured correctly, answer this question: Which ping command completed successfully?

ping 192.168.25.9*
ping 192.168.25.10
ping 192.168.25.7
ping 192.168.25.8
CONFIGURATION

SW0(config)#interface vlan 10
SW0(config-if)#ip address 192.168.63.2 255.255.255.0
SW0(config-if)#exit
SW0(config)#ip default-gateway 192.168.63.1
SW0(config)#end

10
What is an advantage of using dynamic routing protocols instead of static routing?

ability to actively search for new routes if the current path becomes unavailable*
fewer router resource overhead requirements
easier to implement
more secure in controlling routing updates

11
How many classful networks are summarized by the static summary route ip route 192.168.32.0 255.255.248.0 S0/0/0?

16
4
2
8*

12
Which switching method provides error-free data transmission?

fast-forward
fragment-free
store-and-forward*
integrity-checking

13
A client is using SLAAC to obtain an IPv6 address for its interface. After an address has been generated and applied to the interface, what must the client do before it can begin to use this IPv6 address?

It must send a DHCPv6 INFORMATION-REQUEST message to request the address of the DNS server.
It must send a DHCPv6 REQUEST message to the DHCPv6 server to request permission to use this address.
It must send an ICMPv6 Neighbor Solicitation message to ensure that the address is not already in use on the network.*
It must send an ICMPv6 Router Solicitation message to determine what default gateway it should use.

Refer to the exhibit. Inter-VLAN communication between VLAN 10, VLAN 20, and VLAN 30 is not successful. What is the problem?

The switch interface FastEthernet0/1 is configured to not negotiate and should be configured to negotiate.
The switch interface FastEthernet0/1 is configured as an access interface and should be configured as a trunk interface.*
The access interfaces do not have IP addresses and each should be configured with an IP address.
The switch interfaces FastEthernet0/2, FastEthernet0/3, and FastEthernet0/4 are configured to not negotiate and should be configured to negotiate.

15
Which network design may be recommended for a small campus site that consists of a single building with a few users?

a network design where the access and core layers are collapsed into a single layer
a three-tier campus network design where the access, distribution, and core are all separate layers, each one with very specific functions
a collapsed core network design*
a network design where the access and distribution layers are collapsed into a single layer

16
How is the router ID for an OSPFv3 router determined?

the highest EUI-64 ID on an active interface
the highest IPv4 address on an active interface*
the highest IPv6 address on an active interface
the lowest MAC address on an active interface

Refer to the exhibit. In the routing table entry, what is the administrative distance?

120*
12
2
24

18
What does an OSPF area contain?

routers that share the same router ID
routers whose SPF trees are identical
routers that share the same process ID
routers that have the same link-state information in their LSDBs*

19
Which command will create a static default route on R1 to send all traffic to the Internet and use serial 0/0 as the exit interface?

R1(config)# ip route 255.255.255.255 0.0.0.0 serial 0/0
R1(config)# ip route 0.0.0.0 255.255.255.0 serial 0/0
R1(config)# ip route 0.0.0.0 255.255.255.255 serial 0/0
R1(config)# ip route 0.0.0.0 0.0.0.0 serial 0/0*

20
What is a result of connecting two or more switches together?

The number of collision domains is reduced.
The size of the broadcast domain is increased.*
The number of broadcast domains is increased.
The size of the collision domain is increased.

21
Which DHCP IPv4 message contains the following information?

Destination address: 255.255.255.255
Client IPv4 address: 0.0.0.0
Default gateway address: 0.0.0.0
Subnet mask: 0.0.0.0

DHCPDISCOVER*
DHCPACK
DHCPOFFER
DHCPREQUEST

22
What is meant by the term “best match” when applied to the routing table lookup process?

exact match
longest match*
network match
supernet match

23
Fill in the blank.
Using router-on-a-stick inter-VLAN routing, how many subinterfaces have to be configured to support 10 VLANs? ”10 ”

Refer to the exhibit. The student on the H1 computer continues to launch an extended ping with expanded packets at the student on the H2 computer. The school network administrator wants to stop this behavior, but still allow both students access to web-based computer assignments. What would be the best plan for the network administrator?

Apply an inbound extended ACL on R1 Gi0/0.*
Apply an inbound standard ACL on R1 Gi0/0.
Apply an outbound extended ACL on R1 S0/0/1.
Apply an outbound standard ACL on R2 S0/0/1.
Apply an inbound extended ACL on R2 Gi0/1.

Refer to the exhibit. A network administrator is investigating a lag in network performance and issues the show interfaces fastethernet 0/0 command. Based on the output that is displayed, what two items should the administrator check next? (Choose two.)

electrical interference
duplex settings*
incorrect cable types
cable lengths*
damaged cable termination

Refer to the exhibit. A network administrator is configuring inter-VLAN routing on a network. For now, only one VLAN is being used, but more will be added soon. What is the missing parameter that is shown as the highlighted question mark in the graphic?

It identifies the number of hosts that are allowed on the interface.
It identifies the subinterface.
It identifies the native VLAN number.
It identifies the VLAN number.*
It identifies the type of encapsulation that is used.

Place the options in the following order:
hierarchical
modularity
resiliency
– not scored –
flexibility

28
Which command will verify the status of both the physical and the virtual interfaces on a switch?

show running-config
show vlan
show startup-config
show ip interface brief*

Refer to the exhibit. Which would be chosen as the router ID of R2?

The router ID has to be manually configured.*
2001:DB8:CAFE:2::/64
2001:DB8:CAFE:A001::/64
LLA: FE80::2

30
A router with two LAN interfaces, two WAN interfaces, and one configured loopback interface is operating with OSPF as its routing protocol. What does the router OSPF process use to assign the router ID?

the highest IP address that is configured on the WAN interfaces
the IP address of the interface that is configured with priority 0
the highest IP address on the LAN interfaces
the OSPF area ID that is configured on the interface with the highest IP address
the loopback interface IP address*

31
Which two pieces of information are required when creating a standard access control list? (Choose two.)

subnet mask and wildcard mask
access list number between 100 and 199
source address and wildcard mask*
access list number between 1 and 99*
destination address and wildcard mask

32
What is the effect of the access control list wildcard mask 0.0.0.15? (Choose two.)

The first 28 bits of a supplied IP address will be ignored.
The first 28 bits of a supplied IP address will be matched.*
The first 32 bits of a supplied IP address will be matched.
The last four bits of a supplied IP address will be ignored.*
The last four bits of a supplied IP address will be matched.
The last five bits of a supplied IP address will be ignored.

33
A college student is studying for the Cisco CCENT certification and is visualizing extended access lists. Which three keywords could immediately follow the keywords permit or deny as part of an extended access list? (Choose three.)

telnet
www
udp*
tcp*
ftp
icmp*

34
Which two keywords can be used in an access control list to replace a wildcard mask or address and wildcard mask pair? (Choose two.)

any*
some
gt
most
host*
all

Place the options in the following order:
Step 3
– target left blank –
Step 4
Step 2
Step 1

36
Fill in the blank. Do not use abbreviations.
The “duplex full” command configures a switch port to operate in the full-duplex mode.

Refer to the exhibit. R1 and R2 are OSPFv3 neighbors. Which address would R1 use as the next hop for packets that are destined for the Internet?

2001:DB8:ACAD:1::2
FE80::21E:BEFF:FEF4:5538*
2001:DB8:C5C0:1::2
FF02::5

38
In a routing table which route can never be an ultimate route?

child route
level one route
parent route*
level two route

Refer to the exhibit. Host A has sent a packet to host B. What will be the source MAC and IP addresses on the packet when it arrives at host B?

Source MAC: 00E0.FE10.17A3
Source IP: 10.1.1.10

Source MAC: 00E0.FE91.7799
Source IP: 10.1.1.1

Source MAC: 00E0.FE91.7799
Source IP: 192.168.1.1

Source MAC: 00E0.FE91.7799
Source IP: 10.1.1.10*

Source MAC: 00E0.FE10.17A3
Source IP: 192.168.1.1

40
What is the effect of entering the network 192.168.10.1 0.0.0.0 area 0 command in router configuration mode?

This command will have no effect because it uses a quad zero wildcard mask.
The interface with the IPv4 address 192.168.10.1 will be a passive interface.
OSPF advertisements will include the specific IPv4 address 192.168.10.1.
OSPF advertisements will include the network on the interface with the IPv4 address 192.168.10.1.*

41
An administrator is trying to remove configurations from a switch. After using the command erase startup-config and reloading the switch, the administrator finds that VLANs 10 and 100 still exist on the switch. Why were these VLANs not removed?

These VLANs cannot be deleted unless the switch is in VTP client mode.
These VLANs are default VLANs that cannot be removed.
These VLANs can only be removed from the switch by using the no vlan 10 and no vlan 100 commands.
Because these VLANs are stored in a file that is called vlan.dat that is located in flash memory, this file must be manually deleted.*

42
What is a disadvantage when both sides of a communication use PAT?

Host IPv4 addressing is complicated.
End-to-end IPv4 traceability is lost.*
The flexibility of connections to the Internet is reduced.
The security of the communication is negatively impacted.

43
What is associated with link-state routing protocols?

shortest-path first calculations*
low processor overhead
split horizon
poison reverse
routing loops

Refer to the exhibit. A PC at address 10.1.1.45 is unable to access the Internet. What is the most likely cause of the problem?

The NAT pool has been exhausted.*
Access-list 1 has not been configured properly.
The inside and outside interfaces have been configured backwards.
The wrong netmask was used on the NAT pool.

45
In which type of attack does a malicious node request all available IP addresses in the address pool of a DHCP server in order to prevent legitimate hosts from obtaining network access?

CAM table overflow
DHCP snooping
MAC address flooding
DHCP starvation*

46
When does a switch use frame filtering?

The destination MAC address is for a host with no entry in the MAC address table.
The destination MAC address is for a host on a network supported by a different router.
The destination MAC address is for a host on a different network segment from the source of the traffic.
The destination MAC address is for a host on the same network segment as the source of the traffic.*

47
How will a router handle static routing differently if Cisco Express Forwarding is disabled?

Static routes that use an exit interface will be unnecessary.
It will not perform recursive lookups.
Ethernet multiaccess interfaces will require fully specified static routes to avoid routing inconsistencies.*
Serial point-to-point interfaces will require fully specified static routes to avoid routing inconsistencies.

48
An administrator created and applied an outbound Telnet extended ACL on a router to prevent router-initiated Telnet sessions. What is a consequence of this configuration?

The ACL will not work as desired because an outbound ACL cannot block router-initiated traffic.*
The ACL will work as long as it will be applied to all vty lines.
The ACL will work as desired as long as it is applied to the correct interface.
The ACL will not work because only standard ACLs can be applied to vty lines.

49
An administrator attempts to change the router ID on a router that is running OSPFv3 by changing the IPv4 address on the router loopback interface. Once the IPv4 address is changed, the administrator notes that the router ID did not change. What two actions can the administrator take so that the router will use the new IPv4 address as the router ID? (Choose two.)

Reboot the router.*
Disable and re-enable IPv4 routing.
Shut down and re-enable the loopback interface.
Copy the running configuration to NVRAM.
Clear the IPv6 OSPF process.*

50
When routing a large number of VLANs, what are two disadvantages of using the router-on-a-stick inter-VLAN routing method rather than the multilayer switch inter-VLAN routing method? (Choose two.)

Router-on-a-stick requires multiple physical interfaces on a router.
A dedicated router is required.*
Multiple subinterfaces may impact the traffic flow speed.*
Router-on-a-stick requires subinterfaces to be configured on the same subnets.
Multiple SVIs are needed.

CCNA 2 R&S Essentials Chapter 11 v5.0 Exam Answers 2014

Thứ Năm, 20 tháng 2, 2014

CCNA 2 R&S Essentials Chapter 11 v5.0 Exam Answers 2014

1
Which version of NAT allows many hosts inside a private network to simultaneously use a single inside global address for connecting to the Internet?

dynamic NAT
port forwarding
PAT*
static NAT

2
What is the group of public IPv4 addresses used on a NAT-enabled router known as?

inside local addresses
outside global addresses
inside global addresses*
outside local addresses

Launch PT Hide and Save PT
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
What problem is causing PC-A to be unable to communicate with the Internet?

The access list used in the NAT process is referencing the wrong subnet.
The static route should not reference the interface, but the outside address instead.
The NAT interfaces are not correctly assigned.*
This router should be configured to use static NAT instead of PAT.
The ip nat inside source command refers to the wrong interface.

4
What is a disadvantage of NAT?

There is no end-to-end addressing.*
The internal hosts have to use a single public IPv4 address for external communication.
The router does not need to alter the checksum of the IPv4 packets.
The costs of readdressing hosts can be significant for a publicly addressed network.

5
Which statement accurately describes dynamic NAT?

It provides a mapping of internal host names to IP addresses.
It always maps a private IP address to a public IP address.
It provides an automated mapping of inside local to inside global IP addresses.*
It dynamically provides IP addressing to internal hosts.

6
When dynamic NAT without overloading is being used, what happens if seven users attempt to access a public server on the Internet when only six addresses are available in the NAT pool?

All users can access the server.
The first user gets disconnected when the seventh user makes the request.
The request to the server for the seventh user fails.*
No users can access the server.

7
What is the purpose of port forwarding?

Port forwarding allows an external user to reach a service on a private IPv4 address that is located inside a LAN.*
Port forwarding allows users to reach servers on the Internet that are not using standard port numbers.
Port forwarding allows an internal user to reach a service on a public IPv4 address that is located outside a LAN.
Port forwarding allows for translating inside local IP addresses to outside local addresses.

Refer to the exhibit. What has to be done in order to complete the static NAT configuration on R1?

R1 should be configured with the command ip nat inside source static 209.165.200.1 192.168.11.11.
R1 should be configured with the command ip nat inside source static 209.165.200.200 192.168.11.11.
Interface S0/0/0 should be configured with the command ip nat outside.*
Interface Fa0/0 should be configured with the command no ip nat inside.

9
When NAT is employed in a small office, which address type is typically used for hosts on the local LAN?

Internet-routable addresses
both private and public IP addresses
private IP addresses*
global public IP addresses

Refer to the exhibit. What is the purpose of the command marked with an arrow shown in the partial configuration output of a Cisco broadband router?

defines which addresses can be translated*
defines which addresses are allowed into the router
defines which addresses are assigned to a NAT pool
defines which addresses are allowed out of the router

11
A network administrator configures the border router with the command R1(config)# ip nat inside source list 4 pool corp. What is required to be configured in order for this particular command to be functional?

a VLAN named corp to be enabled and active and routed by R1
an access list named corp that defines the private addresses that are affected by NAT
ip nat outside to be enabled on the interface that connects to the LAN affected by the NAT
an access list numbered 4 that defines the starting and ending public IP addresses
a NAT pool named corp that defines the starting and ending public IP addresses*

Refer to the exhibit. R1 is configured for NAT as displayed. What is wrong with the configuration?

Access-list 1 is misconfigured.
NAT-POOL2 is not bound to ACL 1.*
Interface Fa0/0 should be identified as an outside NAT interface.
The NAT pool is incorrect.

13
A network engineer has configured a router with the command ip nat inside source list 4 pool corp overload. Why did the engineer use the overload option?

The company needs to have more public IP addresses available to be used on the Internet.
The company has a small number of servers that should be accessible by clients from the Internet.
The company has more private IP addresses than available public IP addresses.*
The company router must throttle or buffer traffic because the processing power of the router is not enough to handle the normal load of external-bound Internet traffic.

Refer to the exhibit. What will be the effect of entering the command that is shown in the exhibit on R2 as part of the dynamic NAT configuration?

It will bind NAT-POOL1 with ACL 1.*
It will identify an inside NAT interface.
It will define a pool of addresses for translation.
It will define the source ACL for the external interface.

15
Which configuration would be appropriate for a small business that has the public IP address of 209.165.200.225/30 assigned to the external interface on the router that connects to the Internet?

access-list 1 permit 10.0.0.0 0.255.255.255
ip nat pool comp 192.0.2.1 192.0.2.8 netmask 255.255.255.240
ip nat inside source list 1 pool comp overload

access-list 1 permit 10.0.0.0 0.255.255.255
ip nat pool comp 192.0.2.1 192.0.2.8 netmask 255.255.255.240
ip nat inside source list 1 pool comp overload
ip nat inside source static 10.0.0.5 209.165.200.225

access-list 1 permit 10.0.0.0 0.255.255.255
ip nat pool comp 192.0.2.1 192.0.2.8 netmask 255.255.255.240
ip nat inside source list 1 pool comp

access-list 1 permit 10.0.0.0 0.255.255.255
ip nat inside source list 1 interface serial 0/0/0 overload ********

16
Which type of NAT maps a single inside local address to a single inside global address?

dynamic
port address translation
static*
overloading

17
Typically, which network device would be used to perform NAT for a corporate environment?

host device
router*
DHCP server
server
switch

18
Several key servers in an organization must be directly accessible from the Internet. What addressing policy should be implemented for these servers?

Use dynamic NAT to provide addresses for the servers.
Place all of the servers in their own Class C private subnet.
Use DHCP to assign addresses from the pool of Class B addresses.
Assign static internal addresses and public external addresses to each of the servers.*

19
What is a characteristic of unique local addresses?

They are designed to improve the security of IPv6 networks.
Their implementation depends on ISPs providing the service.
They allow sites to be combined without creating any address conflicts.*
They are defined in RFC 3927.

Refer to the exhibit. Based on the output that is shown, what type of NAT has been implemented?

static NAT with a NAT pool
PAT using an external interface*
static NAT with one entry
dynamic NAT with a pool of two public IP addresses

Refer to the exhibit. The NAT configuration applied to the router is as follows:
ERtr(config)# access-list 1 permit 10.0.0.0 0.255.255.255
ERtr(config)# ip nat pool corp 209.165.201.6 209.165.201.30 netmask 255.255.255.224
ERtr(config)# ip nat inside source list 1 pool corp overload
ERtr(config)# ip nat inside source static 10.10.10.55 209.165.201.4
ERtr(config)# interface gigabitethernet 0/0
ERtr(config-if)# ip nat inside
ERtr(config-if)# interface serial 0/0/0
ERtr(config-if)# ip nat outside

Based on the configuration and the output shown, what can be determined about the NAT status within the organization?

Static NAT is working, but dynamic NAT is not.
NAT is working.
Not enough information is given to determine if both static and dynamic NAT are working.*
Dynamic NAT is working, but static NAT is not.

Place the options in the following order:
- not scored –
step 5
step 2
step 4
step 1
step 3

23
What are two required steps to configure PAT? (Choose two.)

Define the range of ports to be used.
Define a pool of global addresses to be used for overload translation.*
Identify the inside interface.*
Define a standard access list that allow the outside global addresses to be used.
Define a standard access list denying the addresses that should be translated.

CCNA 2 R&S Essentials Chapter 10 v5.0 Exam Answers 2014

Thứ Năm, 20 tháng 2, 2014

CCNA 2 R&S Essentials Chapter 10 v5.0 Exam Answers 2014

Refer to the exhibit. What should be done to allow PC-A to receive an IPv6 address from the DHCPv6 server?

Add the IPv6 address 2001:DB8:1234:5678::10/64 to the interface configuration of the DHCPv6 server.
Configure the ipv6 nd managed-config-flag command on interface Fa0/1.
Change the ipv6 nd managed-config-flag command to ipv6 nd other-config-flag.
Add the ipv6 dhcp relay command to interface Fa0/0.*

2
What is the reason why the DHCPREQUEST message is sent as a broadcast during the DHCPv4 process?

for routers to fill their routing tables with this new information
to notify other hosts not to request the same IP address
to notify other DHCP servers on the subnet that the IP address was leased*
for hosts on other subnets to receive the information

3
A company uses DHCP servers to dynamically assign IPv4 addresses to employee workstations. The address lease duration is set as 5 days. An employee returns to the office after an absence of one week. When the employee boots the workstation, it sends a message to obtain an IP address. Which Layer 2 and Layer 3 destination addresses will the message contain?

FF-FF-FF-FF-FF-FF and 255.255.255.255*
MAC address of the DHCP server and 255.255.255.255
FF-FF-FF-FF-FF-FF and IPv4 address of the DHCP server
both MAC and IPv4 addresses of the DHCP server

4
Fill in the blank. Do not abbreviate.
Type a command to exclude the first fifteen useable IP addresses from a DHCPv4 address pool of the network 10.0.15.0/24.
Router(config)# ip dhcp ” excluded-address 10.0.15.1 10.0.15.15”

Place the options in the following order:
[+] enabled in RA messages with the ipv6 nd other-config-flag command
[+] clients send only DHCPv6 INFORMATION-REQUEST messages to the server
[+] enabled on the client with the ipv6 address autoconfig command
[#] the M flag is set to 1 in RA messages
[#] uses the address command to create a pool of addresses for clients
[#] enabled on the client with the ipv6 address dhcp command

[+] Order does not matter within this group.
[#] Order does not matter within this group.

Refer to the exhibit. A network administrator is implementing stateful DHCPv6 operation for the company. However, the clients are not using the prefix and prefix-length information that is configured in the DHCP pool. The administrator issues a show ipv6 interface command. What could be the cause of the problem?

The router is configured for stateless DHCPv6 operation.*
No virtual link-local address is configured.
The router is configured for SLAAC DHCPv6 operation.
The Duplicate Address Detection feature is disabled.

7
A network engineer is troubleshooting hosts on a LAN that are not being assigned an IPv4 address from a DHCP server after a new Ethernet switch has been installed on the LAN. The configuration of the DHCP server has been confirmed as correct and the clients have network connectivity to other networks if a static IP address is configured on each one. What step should the engineer take next to solve the issue?

Issue the ipconfig/release command on each client.
Issue the show ip dhcp binding command on the switch.
Issue the show interface command on the router to confirm that the LAN gateway is operational.
Confirm that ports on the Layer 2 LAN switch are configured as edge ports.*
8
A network administrator configures a router to send RA messages with M flag as 0 and O flag as 1. Which statement describes the effect of this configuration when a PC tries to configure its IPv6 address?

It should use the information that is contained in the RA message exclusively.
It should contact a DHCPv6 server for the prefix, the prefix-length information, and an interface ID that is both random and unique.
It should use the information that is contained in the RA message and contact a DHCPv6 server for additional information.*
It should contact a DHCPv6 server for all the information that it needs.

9
Which protocol supports Stateless Address Autoconfiguration (SLAAC) for dynamic assignment of IPv6 addresses to a host?

UDP
ICMPv6*
ARPv6
DHCPv6

10
A network administrator is implementing DHCPv6 for the company. The administrator configures a router to send RA messages with M flag as 1 by using the interface command ipv6 nd managed-config-flag. What effect will this configuration have on the operation of the clients?

Clients must use the prefix and prefix length that are provided by a DHCPv6 server and generate a random interface ID.
Clients must use the information that is contained in RA messages.
Clients must use the prefix and prefix length that are provided by RA messages and obtain additional information from a DHCPv6 server.
Clients must use all configuration information that is provided by a DHCPv6 server.*

11
Under which two circumstances would a router usually be configured as a DHCPv4 client? (Choose two.)

The router is meant to provide IP addresses to the hosts.
The router has a fixed IP address.
The router is intended to be used as a SOHO gateway.*
The administrator needs the router to act as a relay agent.
This is an ISP requirement.*

12
A company uses the SLAAC method to configure IPv6 addresses for the employee workstations. Which address will a client use as its default gateway?

the unique local address of the router interface that is attached to the network
the global unicast address of the router interface that is attached to the network
the link-local address of the router interface that is attached to the network*
the all-routers multicast address

Refer to the exhibit. Based on the output that is shown, what kind of IPv6 addressing is being configured?

static link-local
stateful DHCPv6
stateless DHCPv6*
SLAAC

14
A company implements the stateless DHCPv6 method for configuring IPv6 addresses on employee workstations. After a workstation receives messages from multiple DHCPv6 servers to indicate their availability for DHCPv6 service, which message does it send to a server for configuration information?

DHCPv6 INFORMATION-REQUEST*
DHCPv6 ADVERTISE
DHCPv6 REQUEST
DHCPv6 SOLICIT

15
An administrator issues the commands:

Router(config)# interface g0/1
Router(config-if)# ip address dhcp

What is the administrator trying to achieve?

configuring the router to obtain IP parameters from a DHCPv4 server*
configuring the router to act as a relay agent
configuring the router to resolve IP address conflicts
configuring the router to act as a DHCPv4 server

16
Which set of commands will configure a router as a DHCP server that will assign IPv4 addresses to the 192.168.100.0/23 LAN while reserving the first 10 and the last addresses for static assignment?

dhcp pool LAN-POOL-100
ip dhcp excluded-address 192.168.100.1 192.168.100.9
ip dhcp excluded-address 192.168.100.254
network 192.168.100.0 255.255.254.0
default-router 192.168.101.1

ip dhcp excluded-address 192.168.100.1 192.168.100.9
ip dhcp excluded-address 192.168.101.254
ip dhcp pool LAN-POOL-100
ip network 192.168.100.0 255.255.254.0
ip default-gateway 192.168.100.1

ip dhcp excluded-address 192.168.100.1 192.168.100.10
ip dhcp excluded-address 192.168.101.254
ip dhcp pool LAN-POOL-100
network 192.168.100.0 255.255.254.0
default-router 192.168.100.1 ************************

ip dhcp excluded-address 192.168.100.1 192.168.100.10
ip dhcp excluded-address 192.168.100.254
ip dhcp pool LAN-POOL-100
network 192.168.100.0 255.255.255.0
ip default-gateway 192.168.100.1

17
Which DHCPv4 message will a client send to accept an IPv4 address that is offered by a DHCP server?

broadcast DHCPACK
unicast DHCPACK
broadcast DHCPREQUEST*
unicast DHCPREQUEST

Launch PT Hide and Save PT
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.

How many IP addresses has the DHCP server leased and what is the number of DHCP pools configured? (Choose two.)

one pool*
three leases*
two pools
six pools
seven leases
five leases

Refer to the exhibit. A network administrator is implementing the stateless DHCPv6 operation for the company. Clients are configuring IPv6 addresses as expected. However, the clients are not getting the DNS server address and the domain name information configured in the DHCP pool. What could be the cause of the problem?

The DNS server address is not on the same network as the clients are on.
The clients cannot communicate with the DHCPv6 server, evidenced by the number of active clients being 0.
The GigabitEthernet interface is not activated.
The router is configured for SLAAC DHCPv6 operation.*

20
A host on the 10.10.100.0/24 LAN is not being assigned an IPv4 address by an enterprise DHCP server with the address 10.10.200.10/24. What is the best way for the network engineer to resolve this problem?

Issue the command ip helper-address 10.10.100.0 on the router interface that is the 10.10.200.0/24 gateway.
Issue the command default-router 10.10.200.10 at the DHCP configuration prompt on the 10.10.100.0/24 LAN gateway router.
Issue the command ip helper-address 10.10.200.10 on the router interface that is the 10.10.100.0/24 gateway.*
Issue the command network 10.10.200.0 255.255.255.0 at the DHCP configuration prompt on the 10.10.100.0/24 LAN gateway router.

21
Which is a DHCPv4 address allocation method that assigns IPv4 addresses for a limited lease period?

pre-allocation
manual allocation
automatic allocation
dynamic allocation*

Place the options in the following order:
[+] Step 2
[+] Step 1
– not scored –
[+] Step 3
– not scored -

[+] Order does not matter within this group.

23
An administrator wants to configure hosts to automatically assign IPv6 addresses to themselves by the use of Router Advertisement messages, but also to obtain the DNS server address from a DHCPv6 server. Which address assignment method should be configured?

RA and EUI-64
stateful DHCPv6
stateless DHCPv6*
SLAAC

24
A company uses the method SLAAC to configure IPv6 addresses for the workstations of the employees. A network administrator configured the IPv6 address on the LAN interface of the router. The interface status is UP. However, the workstations on the LAN segment did not obtain the correct prefix and prefix length. What else should be configured on the router that is attached to the LAN segment for the workstations to obtain the information?

R1(config-if)# ipv6 nd other-config-flag
R1(config-if)# ipv6 enable
R1(config)# ipv6 dhcp pool <name of the pool>
R1(config)# ipv6 unicast-routing*

CCNA 2 R&S Essentials Chapter 9 v5.0 Exam Answers 2014

Thứ Năm, 20 tháng 2, 2014

CCNA 2 R&S Essentials Chapter 9 v5.0 Exam Answers 2014

1
A network administrator needs to configure a standard ACL so that only the workstation of the administrator with the IP address 192.168.15.23 can access the virtual terminal of the main router. Which two configuration commands can achieve the task? (Choose two.)

Router1(config)# access-list 10 permit 192.168.15.23 255.255.255.0
Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.0*
Router1(config)# access-list 10 permit 192.168.15.23 0.0.0.255
Router1(config)# access-list 10 permit 192.168.15.23 255.255.255.255
Router1(config)# access-list 10 permit host 192.168.15.23*

Refer to the exhibit. A router has an existing ACL that permits all traffic from the 172.16.0.0 network. The administrator attempts to add a new ACE to the ACL that denies packets from host 172.16.0.1 and receives the error message that is shown in the exhibit. What action can the administrator take to block packets from host 172.16.0.1 while still permitting all other traffic from the 172.16.0.0 network?

Manually add the new deny ACE with a sequence number of 5.*
Manually add the new deny ACE with a sequence number of 15.
Add a deny any any ACE to access-list 1.
Create a second access list denying the host and apply it to the same interface.

Launch PT – Hide and Save PT
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.

Why is the ACL not working?

The ACL is missing a deny ip any any ACE.
The ACL is applied in the wrong direction.
The access-list 105 command or commands are incorrect.
The ACL is applied to the wrong interface.*
No ACL is needed for this scenario.

4
Which statement describes a characteristic of standard IPv4 ACLs?

They are configured in the interface configuration mode.
They can be created with a number but not with a name.
They filter traffic based on source IP addresses only.*
They can be configured to filter traffic based on both source IP addresses and source ports.

Refer to the exhibit. The network administrator that has the IP address of 10.0.70.23/25 needs to have access to the corporate FTP server (10.0.54.5/28). The FTP server is also a web server that is accessible to all internal employees on networks within the 10.x.x.x address. No other traffic should be allowed to this server. Which extended ACL would be used to filter this traffic, and how would this ACL be applied? (Choose two.)

access-list 105 permit ip host 10.0.70.23 host 10.0.54.5
access-list 105 permit tcp any host 10.0.54.5 eq www
access-list 105 permit ip any any

R1(config)# interface s0/0/0
R1(config-if)# ip access-group 105 out

R1(config)# interface gi0/0
R1(config-if)# ip access-group 105 out ******************

access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21
access-list 105 permit tcp 10.0.0.0 0.255.255.255 host 10.0.54.5 eq www
access-list 105 deny ip any host 10.0.54.5
access-list 105 permit ip any any ********************

access-list 105 permit tcp host 10.0.54.5 any eq www
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 20
access-list 105 permit tcp host 10.0.70.23 host 10.0.54.5 eq 21

R2(config)# interface gi0/0
R2(config-if)# ip access-group 105 in
6
What are two possible uses of access control lists in an enterprise network? (Choose two.)

limiting debug outputs*
reducing the processing load on routers
controlling the physical status of router interfaces
controlling virtual terminal access to routers*
allowing Layer 2 traffic to be filtered by a router

7
An administrator has configured an access list on R1 to allow SSH administrative access from host 172.16.1.100. Which command correctly applies the ACL?

R1(config-line)# access-class 1 out
R1(config-line)# access-class 1 in*
R1(config-if)# ip access-group 1 out
R1(config-if)# ip access-group 1 in

8
Which three statements are generally considered to be best practices in the placement of ACLs? (Choose three.)

Place extended ACLs close to the source IP address of the traffic.*
For every inbound ACL placed on an interface, there should be a matching outbound ACL.
Place extended ACLs close to the destination IP address of the traffic.
Place standard ACLs close to the destination IP address of the traffic.*
Filter unwanted traffic before it travels onto a low-bandwidth link.*
Place standard ACLs close to the source IP address of the traffic.

9
Which three implicit access control entries are automatically added to the end of an IPv6 ACL? (Choose three.)

deny icmp any any
deny ipv6 any any*
permit icmp any any nd-ns*
permit ipv6 any any
deny ip any any
permit icmp any any nd-na*

10
Which two characteristics are shared by both standard and extended ACLs? (Choose two.)

Both filter packets for a specific destination host IP address.
Both can be created by using either a descriptive name or number.*
Both include an implicit deny as a final ACE.*
Both can permit or deny specific services by port number.
Both kinds of ACLs can filter based on protocol type.

Place the options in the following order:

the first valid host address in a subnet
subnetwork address of a subnet with 14 valid host addresses
all IP address bits must match exactly
hosts in a subnet with the subnet mask 255.255.252.0
addresses with a subnet mask of 255.255.255.248
– not scored -
12
Consider the following access list that allows IP phone configuration file transfers from a particular host to a TFTP server:

R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000
R1(config)# access-list 105 deny ip any any
R1(config)# interface gi0/0
R1(config-if)# ip access-group 105 out

Which method would allow the network administrator to modify the ACL and include FTP transfers from any source IP address?

R1(config)# interface gi0/0
R1(config-if)# no ip access-group 105 out
R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20
R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21
R1(config)# interface gi0/0
R1(config-if)# ip access-group 105 out

R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20
R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21

R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000
R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20
R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21
R1(config)# access-list 105 deny ip any any
R1(config)# interface gi0/0
R1(config-if)# no ip access-group 105 out
R1(config)# no access-list 105
R1(config)# access-list 105 permit udp host 10.0.70.23 host 10.0.54.5 range 1024 5000
R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 20
R1(config)# access-list 105 permit tcp any host 10.0.54.5 eq 21
R1(config)# access-list 105 deny ip any any
R1(config)# interface gi0/0
R1(config-if)# ip access-group 105 out ******************

13
What two functions describe uses of an access control list? (Choose two.)

ACLs provide a basic level of security for network access.*
ACLs can control which areas a host can access on a network.*
Standard ACLs can restrict access to specific applications and ports.
ACLs can permit or deny traffic based upon the MAC address originating on the router.
ACLs assist the router in determining the best path to a destination.

14
Which feature is unique to IPv6 ACLs when compared to those of IPv4 ACLs?

an implicit permit of neighbor discovery packets*
an implicit deny any any ACE
the use of named ACL entries
the use of wildcard masks

15
Which three statements describe ACL processing of packets? (Choose three.)

Each packet is compared to the conditions of every ACE in the ACL before a forwarding decision is made.
A packet that has been denied by one ACE can be permitted by a subsequent ACE.
Each statement is checked only until a match is detected or until the end of the ACE list.*
An implicit deny any rejects any packet that does not match any ACE.*
A packet that does not match the conditions of any ACE will be forwarded by default.
A packet can either be rejected or forwarded as directed by the ACE that is matched.*

16
Which statement describes a difference between the operation of inbound and outbound ACLs?

On a network interface, more than one inbound ACL can be configured but only one outbound ACL can be configured.
In contrast to outbound ALCs, inbound ACLs can be used to filter packets with multiple criteria.
Inbound ACLs are processed before the packets are routed while outbound ACLs are processed after the routing is completed.*
Inbound ACLs can be used in both routers and switches but outbound ACLs can be used only on routers.

17
What is the only type of ACL available for IPv6?

named standard
numbered extended
named extended*
numbered standard

18
Which IPv6 ACL command entry will permit traffic from any host to an SMTP server on network 2001:DB8:10:10::/64?

permit tcp any host 2001:DB8:10:10::100 eq 23
permit tcp host 2001:DB8:10:10::100 any eq 23
permit tcp host 2001:DB8:10:10::100 any eq 25
permit tcp any host 2001:DB8:10:10::100 eq 25*

Refer to the exhibit. The IPv6 access list LIMITED_ACCESS is applied on the S0/0/0 interface of R1 in the inbound direction. Which IPv6 packets from the ISP will be dropped by the ACL on R1?

neighbor advertisements that are received from the ISP router
ICMPv6 packets that are destined to PC1*
packets that are destined to PC1 on port 80
HTTPS packets to PC1

20
If a router has two interfaces and is routing both IPv4 and IPv6 traffic, how many ACLs could be created and applied to it?

4
8*
6
16
12

21
Which IPv4 address range covers all IP addresses that match the ACL filter specified by 172.16.2.0 with wildcard mask 0.0.1.255?

172.16.2.1 to 172.16.255.255
172.16.2.1 to 172.16.3.254
172.16.2.0 to 172.16.2.255
172.16.2.0 to 172.16.3.255*

CCNA v7 v8 Final Exam Answers 2024 - 2025

Trang

Donate For Me

Sponsor