CCNA2 v7

  • CCNA 2 v7 Modules 14 – 16: Routing Concepts and Configuration Exam Answers

    How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer.

    CCNA 2 v7 Modules 14 – 16: Routing Concepts and Configuration Exam Answers

     

    Q(1). Which feature on a Cisco router permits the forwarding of traffic for which there is no specific route?

    (a)    next-hop

    (b)   gateway of last resort

    (c)     route source

    (d)    outgoing interface

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(2). Which three advantages are provided by static routing? (Choose three.)

    (a)    Static routing does not advertise over the network, thus providing better security.

    (b)    Configuration of static routes is error-free.

    (c)     Static routes scale well as the network grows.

    (d)   Static routing typically uses less network bandwidth and fewer CPU operations than dynamic routing does.

    (e)    The path a static route uses to send data is known.

    (f)      No intervention is required to maintain changing route information.

     

    Correct Answer: (a), (d) & (e)

    Explanation:

    No answer description available for this question


    Q(3). What are two functions of dynamic routing protocols? (Choose two.)

    (a)    to maintain routing tables

    (b)    to assure low router overhead

    (c)     to avoid exposing network information

    (d)   to discover the network

    (e)    to choose the path that is specified by the administrator

     

    Correct Answer: (a) & (d)

    Explanation:

    No answer description available for this question


    Q(4). What is an advantage of using dynamic routing protocols instead of static routing?

    (a)    easier to implement

    (b)    more secure in controlling routing updates

    (c)     fewer router resource overhead requirements

    (d)   ability to actively search for new routes if the current path becomes unavailable

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(5). What happens to a static route entry in a routing table when the outgoing interface associated with that route goes into the down state?

    (a)    The static route is removed from the routing table.

    (b)    The router polls neighbors for a replacement route.

    (c)     The router automatically redirects the static route to use another interface.

    (d)    The static route remains in the table because it was defined as static.

     

    Correct Answer: (a)

    Explanation:

    When the interface associated with a static route goes down, the router will remove the route because it is no longer valid.


    Q(6). What is a characteristic of a static route that matches all packets?

    (a)    It uses a single network address to send multiple static routes to one destination address.

    (b)   It identifies the gateway IP address to which the router sends all IP packets for which it does not have a learned or static route.

    (c)     It backs up a route already discovered by a dynamic routing protocol.

    (d)    It is configured with a higher administrative distance than the original dynamic routing protocol has.

     

    Correct Answer: (b)

    Explanation:

    A default static route is a route that matches all packets. It identifies the gateway IP address to which the router sends all IP packets for which it does not have a learned or static route. A default static route is simply a static route with 0.0.0.0/0 as the destination IPv4 address. Configuring a default static route creates a gateway of last resort.


    Q(7). When would it be more beneficial to use a dynamic routing protocol instead of static routing?

    (a)    in an organization where routers suffer from performance issues

    (b)    on a stub network that has a single exit point

    (c)     in an organization with a smaller network that is not expected to grow in size

    (d)   on a network where there is a lot of topology changes

     

    Correct Answer: (d)

    Explanation:

    Dynamic routing protocols consume more router resources, are suitable for larger networks, and are more useful on networks that are growing and changing.


    Q(8). Which route would be used to forward a packet with a source IP address of 192.168.10.1 and a destination IP address of 10.1.1.1?

    (a)    C 192.168.10.0/30 is directly connected, GigabitEthernet0/1

    (b)   O 10.1.1.0/24 [110/65] via 192.168.200.2, 00:01:20, Serial0/1/0

    (c)     S* 0.0.0.0/0 [1/0] via 172.16.1.1

    (d)    S 10.1.0.0/16 is directly connected, GigabitEthernet0/0

     

    Correct Answer: (b)

    Explanation:

    Even though OSPF has a higher administrative distance value (less trustworthy), the best match is the route in the routing table that has the most number of far left matching bits.


    Q(9). Refer to the exhibit. What is the administrative distance value of the route for router R1 to reach the destination IPv6 address of 2001:DB8:CAFE:4::A?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 1

    (a)    120

    (b)    110

    (c)     1

    (d)    4

     

    Correct Answer: (a)

    Explanation:

    The RIP route with the source code R is used to forward data to the destination IPv6 address of 2001:DB8:CAFE:4::A. This route has an AD value of 120.


    Q(10). Which value in a routing table represents trustworthiness and is used by the router to determine which route to install into the routing table when there are multiple routes toward the same destination?

    (a)    administrative distance

    (b)    metric

    (c)     outgoing interface

    (d)    routing protocol

     

    Correct Answer: (a)

    Explanation:

    The administrative distance represents the trustworthiness of a particular route. The lower an administrative distance, the more trustworthy the learned route is. When a router learns multiple routes toward the same destination, the router uses the administrative distance value to determine which route to place into the routing table. A metric is used by a routing protocol to compare routes received from the routing protocol. An exit interface is the interface used to send a packet in the direction of the destination network. A routing protocol is used to exchange routing updates between two or more adjacent routers.


    Q(11). Refer to the graphic. Which command would be used on router A to configure a static route to direct traffic from LAN A that is destined for LAN C?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 2

    (a) A(config)# ip route 192.168.3.0 255.255.255.0 192.168.3.1

    (b) A(config)# ip route 192.168.3.2 255.255.255.0 192.168.4.0

    (c) A(config)# ip route 192.168.4.0 255.255.255.0 192.168.5.2

    (d) A(config)# ip route 192.168.5.0 255.255.255.0 192.168.3.2

    (e) A(config)# ip route 192.168.4.0 255.255.255.0 192.168.3.2

     

    Correct Answer: (e)

    Explanation:

    The destination network on LAN C is 192.168.4.0 and the next-hop address from the perspective of router A is 192.168.3.2.


    Q(12). On which two routers would a default static route be configured? (Choose two.)

    (a)    any router where a backup route to dynamic routing is needed for reliability

    (b)    the router that serves as the gateway of last resort

    (c)     any router running an IOS prior to 12.0

    (d)   stub router connection to the rest of the corporate or campus network

    (e)    edge router connection to the ISP

     

    Correct Answer: (d) & (e)

    Explanation:

    A stub router or an edge router connected to an ISP has only one other router as a connection. A default static route works in those situations because all traffic will be sent to one destination. The destination router is the gateway of last resort. The default route is not configured on the gateway, but on the router sending traffic to the gateway. The router IOS does not matter.


    Q(13). Refer to the exhibit. This network has two connections to the ISP, one via router C and one via router B. The serial link between router A and router C supports EIGRP and is the primary link to the Internet. If the primary link fails, the administrator needs a floating static route that avoids recursive route lookups and any potential next-hop issues caused by the multiaccess nature of the Ethernet segment with router B. What should the administrator configure?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 3

    (a)    Create a static route pointing to 10.1.1.1 with an AD of 95.

    (b)    Create a fully specified static route pointing to Fa0/0 with an AD of 1.

    (c)    Create a fully specified static route pointing to Fa0/0 with an AD of 95.

    (d)    Create a static route pointing to 10.1.1.1 with an AD of 1.

    (e)    Create a static route pointing to Fa0/0 with an AD of 1.

     

    Correct Answer: (c)

    Explanation:

    A floating static route is a static route with an administrative distance higher than that of another route already in the routing table. If the route in the table disappears, the floating static route will be put into the routing table in its place. Internal EIGRP has an AD of 90, so a floating static route in this scenario would need to have an AD higher than 90. Also, when creating a static route to a multiaccess interface like a FastEthernet segment a fully specified route should be used, with both a next-hop IP address and an exit interface. This prevents the router from doing a recursive lookup, but still ensures the correct next-hop device on the multiaccess segment forwards the packet.


    Q(14). What is a characteristic of a floating static route?

    (a)    When it is configured, it creates a gateway of last resort.

    (b)    It is used to provide load balancing between static routes.

    (c)     It is simply a static route with 0.0.0.0/0 as the destination IPv4 address.

    (d)   It is configured with a higher administrative distance than the original dynamic routing protocol has.

     

    Correct Answer: (d)

    Explanation:

    Floating static routes are static routes used to provide a backup path to a primary static or dynamic route, in the event of a link failure. They must be configured with a higher administrative distance than the original dynamic routing protocol has. A default static route is simply a static route with 0.0.0.0/0 as the destination IPv4 address. Configuring a default static route creates a gateway of last resort.


    Q(15). What network prefix and prefix-length combination is used to create a default static route that will match any IPv6 destination?

    (a)    FFFF::/128

    (b)    ::1/64

    (c)     ::/128

    (d)   ::/0

     

    Correct Answer: (d)

    Explanation:

    A default static route configured for IPv6, is a network prefix of all zeros and a prefix mask of 0 which is expressed as ::/0.


    Q(16). Consider the following command:

    ip route 192.168.10.0 255.255.255.0 10.10.10.2 5

    What does the 5 at the end of the command signify?

    (a)    exit interface

    (b)    maximum number of hops to the 192.168.10.0/24 network

    (c)     metric

    (d)   administrative distance

     

    Correct Answer: (d)

    Explanation:

    The 5 at the end of the command signifies administrative distance. This value is added to floating static routes or routes that only appear in the routing table when the preferred route has gone down. The 5 at the end of the command signifies administrative distance configured for the static route. This value indicates that the floating static route will appear in the routing table when the preferred route (with an administrative distance less than 5) is down.


    Q(17). Refer to the exhibit. The routing table for R2 is as follows:

    Gateway of last resort is not set

    10.0.0.0/30 is subnetted, 2 subnets
    C 10.0.0.0 is directly connected, Serial0/0/0
    C 10.0.0.4 is directly connected, Serial0/0/1
    192.168.10.0/26 is subnetted, 3 subnets
    S 192.168.10.0 is directly connected, Serial0/0/0
    C 192.168.10.64 is directly connected, FastEthernet0/0
    S 192.168.10.128 [1/0] via 10.0.0.6

    What will router R2 do with a packet destined for 192.168.10.129?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 4

    (a)    send the packet out interface FastEthernet0/0

    (b)   send the packet out interface Serial0/0/1

    (c)     drop the packet

    (d)    send the packet out interface Serial0/0/0

     

    Correct Answer: (b)

    Explanation:

    When a static route is configured with the next hop address (as in the case of the 192.168.10.128 network), the output of the show ip route command lists the route as “via” a particular IP address. The router has to look up that IP address to determine which interface to send the packet out. Because the IP address of 10.0.0.6 is part of network 10.0.0.4, the router sends the packet out interface Serial0/0/1.


    Q(18). An administrator issues the ipv6 route 2001:db8:acad:1::/32 gigabitethernet0/0 2001:db8:acad:6::1 100 command on a router. What administrative distance is assigned to this route?

    (a)    0

    (b)    1

    (c)     32

    (d)   100

     

    Correct Answer: (d)

    Explanation:

    The command ipv6 route 2001:db8:acad:1::/32 gigabitethernet0/0 2001:db8:acad:6::1 100 will configure a floating static route on a router. The 100 at the end of the command specifies the administrative distance of 100 to be applied to the route.


    Q(19). Refer to the exhibit. Which default static route command would allow R1 to potentially reach all unknown networks on the Internet?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 5

    (a) R1(config)# ipv6 route 2001:db8:32::/64 G0/0

    (b) R1(config)# ipv6 route ::/0 G0/0 fe80::2

    (c) R1(config)# ipv6 route 2001:db8:32::/64 G0/1 fe80::2

    (d) R1(config)# ipv6 route ::/0 G0/1 fe80::2

     

    Correct Answer: (d)

    Explanation:

    To route packets to unknown IPv6 networks a router will need an IPv6 default route. The static route ipv6 route ::/0 G0/1 fe80::2 will match all networks and send packets out the specified exit interface G0/1 toward R2.


    Q(20). Refer to the exhibit. The network engineer for the company that is shown wants to use the primary ISP connection for all external connectivity. The backup ISP connection is used only if the primary ISP connection fails. Which set of commands would accomplish this goal?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 6

    (a) ip route 0.0.0.0 0.0.0.0 s0/0/0
     ip route 0.0.0.0 0.0.0.0 s0/1/0

    (b) ip route 0.0.0.0 0.0.0.0 s0/0/0
     ip route 0.0.0.0 0.0.0.0 s0/1/0 10

    (c) ip route 198.133.219.24 255.255.255.252
     ip route 64.100.210.80 255.255.255.252 10

    (d) ip route 198.133.219.24 255.255.255.252
     ip route 64.100.210.80 255.255.255.252

     

    Correct Answer: (b)

    Explanation:

    A static route that has no administrative distance added as part of the command has a default administrative distance of 1. The backup link should have a number higher than 1. The correct answer has an administrative distance of 10. The other quad zero route would load balance packets across both links and both links would appear in the routing table. The remaining answers are simply static routes (either a default route or a floating static default route).


    Q(21). Refer to the exhibit. Which set of commands will configure static routes that will allow the Park and the Alta routers to a) forward packets to each LAN and b) direct all other traffic to the Internet?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 7

    (a) Park(config)# ip route 0.0.0.0 0.0.0.0 192.168.14.1
     Alta(config)# ip route 10.0.234.0 255.255.255.0 192.168.14.2
     Alta(config)# ip route 0.0.0.0 0.0.0.0 s0/0/0

    (b) Park(config)# ip route 0.0.0.0 0.0.0.0 192.168.14.1
     Alta(config)# ip route 10.0.234.0 255.255.255.0 192.168.14.2
     Alta(config)# ip route 198.18.222.0 255.255.255.255 s0/0/0

    (c) Park(config)# ip route 172.16.67.0 255.255.255.0 192.168.14.1
     Park(config)# ip route 0.0.0.0 0.0.0.0 192.168.14.1
     Alta(config)# ip route 10.0.234.0 255.255.255.0 192.168.14.2

    (d) Park(config)# ip route 172.16.67.0 255.255.255.0 192.168.14.1
     Alta(config)# ip route 10.0.234.0 255.255.255.0 192.168.14.2
     Alta(config)# ip route 0.0.0.0 0.0.0.0 s0/0/1

     

    Correct Answer: (a)

    Explanation:

    The LAN connected to the router Park is a stud network, therefore, a default route should be used to forward network traffic destined to non-local networks. The router Alta connects to both the internet and the Park router, it would require two static routes configured, one toward the internet and the other toward the LAN connected to the router Park.


    Q(22). Refer to the exhibit. The small company shown uses static routing. Users on the R2 LAN have reported a problem with connectivity. What is the issue?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 8

    (a)    R1 needs a static route to the R2 LAN.

    (b)    R2 needs a static route to the R1 LANs.

    (c)     R1 needs a default route to R2.

    (d)    R2 needs a static route to the Internet.

    (e)    R1 and R2 must use a dynamic routing protocol.

     

    Correct Answer: (a)

    Explanation:

    R1 has a default route to the Internet. R2 has a default route to R1. R1 is missing a static route for the 10.0.60.0 network. Any traffic that reached R1 and is destined for 10.0.60.0/24 will be routed to the ISP.


    Q(23). Refer to the exhibit. An administrator is attempting to install an IPv6 static route on router R1 to reach the network attached to router R2. After the static route command is entered, connectivity to the network is still failing. What error has been made in the static route configuration?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 9

    (a)    The next hop address is incorrect.

    (b)   The interface is incorrect.

    (c)     The destination network is incorrect.

    (d)    The network prefix is incorrect.

     

    Correct Answer: (b)

    Explanation:

    In this example the interface in the static route is incorrect. The interface should be the exit interface on R1, which is s0/0/0.


    Q(24). Refer to the exhibit. How was the host route 2001:DB8:CAFE:4::1/128 installed in the routing table?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 10

    (a)    The route was dynamically created by router R1.

    (b)    The route was dynamically learned from another router.

    (c)    The route was manually entered by an administrator.

    (d)    The route was automatically installed when an IP address was configured on an active interface.

     

    Correct Answer: (c)

    Explanation:

    A host route is an IPv6 route with a 128-bit mask. A host route can be installed in a routing table automatically when an IP address is configured on a router interface or manually if a static route is created.


    Q(25). Refer to the exhibit. HostA is attempting to contact ServerB. Which two statements correctly describe the addressing that HostA will generate in the process? (Choose two.)

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 11

    (a)    A packet with the destination IP address of RouterA.

    (b)    A frame with the destination MAC address of SwitchA.

    (c)    A packet with the destination IP address of ServerB.

    (d)   A frame with the destination MAC address of RouterA.

    (e)    A frame with the destination MAC address of ServerB.

    (f)      A packet with the destination IP address of RouterB.

     

    Correct Answer: (c) & (d)

    Explanation:

    In order to send data to ServerB, HostA will generate a packet that contains the IP address of the destination device on the remote network and a frame that contains the MAC address of the default gateway device on the local network.


    Q(26). Refer to the exhibit. A ping from R1 to 10.1.1.2 is successful, but a ping from R1 to any address in the 192.168.2.0 network fails. What is the cause of this problem?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 12

    (a)    There is no gateway of last resort at R1.

    (b)   The static route for 192.168.2.0 is incorrectly configured.

    (c)     A default route is not configured on R1.

    (d)    The serial interface between the two routers is down.

     

    Correct Answer: (b)


    Q(27). Refer to the exhibit. An administrator is attempting to install a default static route on router R1 to reach the Site B network on router R2. After entering the static route command, the route is still not showing up in the routing table of router R1. What is preventing the route from installing in the routing table?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 13

    (a)    The netmask is incorrect.

    (b)    The exit interface is missing.

    (c)    The next hop address is incorrect.

    (d)    The destination network is incorrect.

     

    Correct Answer: (c)

    Explanation:

    The next hop address is incorrect. From R1 the next hop address should be that of the serial interface of R2, 209.165.202.130.


    Q(28). Refer to the exhibit. The Branch Router has an OSPF neighbor relationship with the HQ router over the 198.51.0.4/30 network. The 198.51.0.8/30 network link should serve as a backup when the OSPF link goes down. The floating static route command ip route 0.0.0.0 0.0.0.0 S0/1/1 100 was issued on Branch and now traffic is using the backup link even when the OSPF link is up and functioning. Which change should be made to the static route command so that traffic will only use the OSPF link when it is up?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 14

    (a)    Add the next hop neighbor address of 198.51.0.8.

    (b)    Change the administrative distance to 1.

    (c)     Change the destination network to 198.51.0.5.

    (d)   Change the administrative distance to 120.

     

    Correct Answer: (d)

    Explanation:

    The problem with the current floating static route is that the administrative distance is set too low. The administrative distance will need to be higher than that of OSPF, which is 110, so that the router will only use the OSPF link when it is up.


    Q(29). What characteristic completes the following statement?
    When an IPv6 static route is configured, the next-hop address can be ……

    (a)    a destination host route with a /128 prefix.

    (b)    the “show ipv6 route static” command.

    (c)    an IPv6 link-local address on the adjacent router.

    (d)    the interface type and interface number.

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(30). Gateway of last resort is not set.

    172.19.115.0/26 is variously subnetted, 7 subnets, 3 masks
    O 172.19.115.0/26 [110/10] via 172.19.39.1, 00:00:24, Serial0/0/0
    O 172.19.115.64/26 [110/20] via 172.19.39.6, 00:00:56, Serial 0/0/1
    O 172.19.115.128/26 [110/10] via 172.19.39.1, 00:00:24, Serial 0/0/0
    C 172.19.115.192/27 is directly connected, GigabitEthernet0/0
    L 172.19.115.193/27 is directly connected, GigabitEthernet0/0
    C 172.19.115.224/27 is directly connected, GigabitEthernet0/1
    L 172.19.115.225/27 is directly connected, GigabitEthernet0/1
    172.19.39.0/24 is variably subnetted, 4 subnets, 2 masks
    C 172.19.39.0/30 is directly connected, Serial0/0/0
    L 172.19.39.2/32 is directly connected, Serial0/0/0
    C 172.19.39.4/30 is directly connected, Serial0/0/1
    L 172.19.39.5/32 is directly connected, Serial0/0/1
    S 172.19.40.0/26 [1/0] via 172.19.39.1, 00:00:24, Serial0/0/0
    R1#

    Refer to the exhibit. Which interface will be the exit interface to forward a data packet that has the destination IP address 172.19.115.206?

    (a)    GigabitEthernet0/1

    (b)    None, the packet will be dropped.

    (c)    GigabitEthernet0/0

    (d)    Serial0/0/1

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(31). Refer to the exhibit. What routing solution will allow both PC A and PC B to access the Internet with the minimum amount of router CPU and network bandwidth utilization?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 15

    (a)    Configure a dynamic routing protocol between R1 and Edge and advertise all routes.

    (b)    Configure a static route from R1 to Edge and a dynamic route from Edge to R1.

    (c)    Configure a static default route from R1 to Edge, a default route from Edge to the Internet, and a static route from Edge to R1.

    (d)    Configure a dynamic route from R1 to Edge and a static route from Edge to R1.

     

    Correct Answer: (c)

    Explanation:

    Two routes have to be created: a default route in R1 to reach Edge and a static route in Edge to reach R1 for the return traffic. This is a best solution once PC A and PC B belong to stub networks. Moreover, static routing consumes less bandwidth than dynamic routing.


    Q(32). Refer to the exhibit. What would happen after the IT administrator enters the new static route?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 16

    (a)    The 172.16.1.0 static route would be entered into the running-config but not shown in the routing table.

    (b)   The 172.16.1.0 route learned from RIP would be replaced with the 172.16.1.0 static route.

    (c)     The 0.0.0.0 default route would be replaced with the 172.16.1.0 static route.

    (d)    The 172.16.1.0 static route is added to the existing routes in the routing table.

     

    Correct Answer: (b)

    Explanation:

    A route will be installed in a routing table if there is not another routing source with a lower administrative distance. If a route with a lower administrative distance to the same destination network as a current route is entered, the route with the lower administrative distance will replace the route with a higher administrative distance.


    Q(33). What two pieces of information are needed in a fully specified static route to eliminate recursive lookups? (Choose two.)

    (a)    the interface ID of the next-hop neighbor

    (b)   the interface ID exit interface

    (c)     the IP address of the exit interface

    (d)   the IP address of the next-hop neighbor

    (e)    the administrative distance for the destination network

     

    Correct Answer: (b) & (d)

    Explanation:

    A fully specified static route can be used to avoid recursive routing table lookups by the router. A fully specified static route contains both the IP address of the next-hop router and the ID of the exit interface.


    Q(34). Refer to the exhibit. Which command will properly configure an IPv6 static route on R2 that will allow traffic from PC2 to reach PC1 without any recursive lookups by router R2?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 17

    (a) R2(config)# ipv6 route ::/0 2001:db8:32::1

    (b) R2(config)# ipv6 route 2001:db8:10:12::/64 S0/0/0

    (c) R2(config)# ipv6 route 2001:db8:10:12::/64 2001:db8:32::1

    (d) R2(config)# ipv6 route 2001:db8:10:12::/64 S0/0/1

     

    Correct Answer: (b)

    Explanation:

    A nonrecursive route must have an exit interface specified from which the destination network can be reached. In this example 2001:db8:10:12::/64 is the destination network and R2 will use exit interface S0/0/0 to reach that network. Therefore, the static route would be ipv6 route 2001:db8:10:12::/64 S0/0/0.


    Q(35). Refer to the exhibit. Which static route would an IT technician enter to create a backup route to the 172.16.1.0 network that is only used if the primary RIP learned route fails?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 18

    (a) ip route 172.16.1.0 255.255.255.0 s0/0/0

    (b) ip route 172.16.1.0 255.255.255.0 s0/0/0 121

    (c) ip route 172.16.1.0 255.255.255.0 s0/0/0 111

    (d) ip route 172.16.1.0 255.255.255.0 s0/0/0 91

     

    Correct Answer: (b)

    Explanation:

    A backup static route is called a floating static route. A floating static route has an administrative distance greater than the administrative distance of another static route or dynamic route.


    Q(36). Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.

    Modules 14 – 16: Routing Concepts and Configuration Exam

    A user reports that PC0 cannot visit the web server www.server.com . Troubleshoot the network configuration to identify the problem.

    What is the cause of the problem?

    (a)    The clock rate on one of the serial links is configured incorrectly.

    (b)    A serial interface on Branch is configured incorrectly.

    (c)     The DNS server address on PC0 is configured incorrectly.

    (d)   Routing between HQ and Branch is configured incorrectly.

     

    Correct Answer: (d)

    Explanation:

    In order to allow communication to remote networks, proper routing, either static or dynamic, is necessary. Both routers must be configured with a routing method.


    Q(37). Match the routing table entry to the corresponding function. (Not all options are used.)

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 19


    Q(38). Refer to the exhibit. PC A sends a request to Server B. What IPv4 address is used in the destination field in the packet as the packet leaves PC A?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 20

    (a)    192.168.11.1

    (b)    192.168.10.1

    (c)    192.168.12.16

    (d)    192.168.10.10

     

    Correct Answer: (c)

    Explanation:

    The destination IP address in packets does not change along the path between the source and destination.


    Q(39). What does R1 use as the MAC address of the destination when constructing the frame that will go from R1 to Server B?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 21

    (a)    If the destination MAC address that corresponds to the IPv4 address is not in the ARP cache, R1 sends an ARP request.

    (b)    R1 uses the destination MAC address of S1.

    (c)     The packet is encapsulated into a PPP frame, and R1 adds the PPP destination address to the frame.

    (d)    R1 leaves the field blank and forwards the data to the PC.

     

    Correct Answer: (a)

    Explanation:

    Communication inside a local network uses Address Resolution Protocol to obtain a MAC address from a known IPv4 address. A MAC address is needed to construct the frame in which the packet is encapsulated.


    Q(40). What route would have the lowest administrative distance?

    (a)    a route received through the OSPF routing protocol

    (b)   a directly connected network

    (c)     a static route

    (d)    a route received through the EIGRP routing protocol

     

    Correct Answer: (b)

    Explanation:

    The most believable route or the route with the lowest administrative distance is one that is directly connected to a router.


    Q(41). What characteristic completes the following statement?
    When an IPv6 static route is configured, as a backup route to a static route in the routing table, the “distance” command is used with ……

    (a)    the “show ipv6 route static” command.

    (b)   an administrative distance of 2.

    (c)     a destination host route with a /128 prefix.

    (d)    the interface type and interface number.

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(42). A router has used the OSPF protocol to learn a route to the 172.16.32.0/19 network. Which command will implement a backup floating static route to this network?

    (a) ip route 172.16.0.0 255.255.224.0 S0/0/0 100

    (b) ip route 172.16.0.0 255.255.240.0 S0/0/0 200

    (c) ip route 172.16.32.0 255.255.224.0 S0/0/0 200

    (d) ip route 172.16.32.0 255.255.0.0 S0/0/0 100

     

    Correct Answer: (c)

    Explanation:

    OSPF has an administrative distance of 110, so the floating static route must have an administrative distance higher than 110. Because the target network is 172.16.32.0/19, that static route must use the network 172.16.32.0 and a netmask of 255.255.224.0.


    Q(43). Consider the following command:

    ip route 192.168.10.0 255.255.255.0 10.10.10.2 5

    How would an administrator test this configuration?

    (a)    Delete the default gateway route on the router.

    (b)   Manually shut down the router interface used as a primary route.

    (c)     Ping from the 192.168.10.0 network to the 10.10.10.2 address.

    (d)    Ping any valid address on the 192.168.10.0/24 network.

     

    Correct Answer: (b)

    Explanation:

    A floating static is a backup route that only appears in the routing table when the interface used with the primary route is down. To test a floating static route, the route must be in the routing table. Therefore, shutting down the interface used as a primary route would allow the floating static route to appear in the routing table.


    Q(44). Refer to the exhibit. Which type of IPv6 static route is configured in the exhibit?

    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 22

    (a)    floating static route

    (b)    fully specified static route

    (c)    recursive static route

    (d)    directly attached static route

     

    Correct Answer: (c)

    Explanation:

    The route provided points to another address that must be looked up in the routing table. This makes the route a recursive static route.


    Q(45). What characteristic completes the following statement?
    When an IPv6 static route is configured, it is first necessary to configure ……

    (a)    the next-hop address of two different adjacent routers.

    (b)   the “ipv6 unicast-routing” command.

    (c)     an IPv6 link-local address on the adjacent router.

    (d)    an administrative distance of 2.

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(46). Gateway of last resort is not set.

    172.18.109.0/26 is variously subnetted, 7 subnets, 3 masks

    O 172.18.109.0/26 [110/10] via 172.18.32.1, 00:00:24, Serial0/0/0

    O 172.18.109.64/26 [110/20] via 172.18.32.6, 00:00:56, Serial 0/0/1

    O 172.18.109.128/26 [110/10] via 172.18.32.1, 00:00:24, Serial 0/0/0

    C 172.18.109.192/27 is directly connected, GigabitEthernet0/0

    L 172.18.109.193/27 is directly connected, GigabitEthernet0/0

    C 172.18.109.224/27 is directly connected, GigabitEthernet0/1

    L 172.18.109.225/27 is directly connected, GigabitEthernet0/1

    172.18.32.0/24 is variably subnetted, 4 subnets, 2 masks

    C 172.18.32.0/30 is directly connected, Serial0/0/0

    L 172.18.32.2/32 is directly connected, Serial0/0/0

    C 172.18.32.4/30 is directly connected, Serial0/0/1

    L 172.18.32.5/32 is directly connected, Serial0/0/1

    S 172.18.33.0/26 [1/0] via 172.18.32.1, 00:00:24, Serial0/0/0

    R1#

    Refer to the exhibit. Which interface will be the exit interface to forward a data packet that has the destination IP address 172.18.109.152?

    (a)    GigabitEthernet0/0

    (b)    GigabitEthernet0/1

    (c)    Serial0/0/0

    (d)    None, the packet will be dropped.

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(47). Refer to the exhibit. What will the router do with a packet that has a destination IP address of 192.168.12.227?
    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 23

    (a)    Drop the packet.

    (b)    Send the packet out the GigabitEthernet0/0 interface.

    (c)    Send the packet out the Serial0/0/0 interface.

    (d)    Send the packet out the GigabitEthernet0/1 interface.

     

    Correct Answer: (c)

    Explanation:

    After a router determines the destination network by ANDing the destination IP address with the subnet mask, the router examines the routing table for the resulting destination network number. When a match is found, the packet is sent to the interface associated with the network number. When no routing table entry is found for the particular network, the default gateway or gateway of last resort (if configured or known) is used. If there is no gateway of last resort, the packet is dropped. In this instance, the 192.168.12.224 network is not found in the routing table and the router uses the gateway of last resort. The gateway of last resort is the IP address of 209.165.200.226. The router knows this is an IP address that is associated with the 209.165.200.224 network. The router then proceeds to transmit the packet out the Serial0/0/0 interface, or the interface that is associated with 209.165.200.224.


    Q(48). Consider the following command:

    ip route 192.168.10.0 255.255.255.0 10.10.10.2 5

    Which route would have to go down in order for this static route to appear in the routing table?

    (a)    a default route

    (b)   a static route to the 192.168.10.0/24 network

    (c)     an OSPF-learned route to the 192.168.10.0/24 network

    (d)    an EIGRP-learned route to the 192.168.10.0/24 network

     

    Correct Answer: (b)

    Explanation:

    The administrative distance of 5 added to the end of the static route creates a floating static situation for a static route that goes down. Static routes have a default administrative distance of 1. This route that has an administrative distance of 5 will not be placed into the routing table unless the previously entered static route to the 192.168.10.0/24 goes down or was never entered. The administrative distance of 5 added to the end of the static route configuration creates a floating static route that will be placed in the routing table when the primary route to the same destination network goes down. By default, a static route to the 192.168.10.0/24 network has an administrative distance of 1. Therefore, the floating route with an administrative distance of 5 will not be placed into the routing table unless the previously entered static route to the 192.168.10.0/24 goes down or was never entered. Because the floating route has an administrative distance of 5, the route is preferred to an OSPF-learned route (with the administrative distance of 110) or an EIGRP-learned route (with the administrative distance of 110) to the same destination network.


    Q(49). What are two advantages of static routing over dynamic routing? (Choose two.)

    (a)    Static routing is more secure because it does not advertise over the network.

    (b)    Static routing scales well with expanding networks.

    (c)     Static routing requires very little knowledge of the network for correct implementation.

    (d)   Static routing uses fewer router resources than dynamic routing.

    (e)    Static routing is relatively easy to configure for large networks.

     

    Correct Answer: (a) & (d)

    Explanation:

    Static routing requires a thorough understanding of the entire network for proper implementation. It can be prone to errors and does not scale well for large networks. Static routing uses fewer router resources, because no computing is required for updating routes. Static routing can also be more secure because it does not advertise over the network.


    Q(50). What characteristic completes the following statement?
    When an IPv6 static route is configured, it is possible that the same IPv6 link-local address is used for …

    (a)    A destination host route with a /128 prefix.

    (b)    The “ipv6 unicast-routing” command.

    (c)    The next-hop address of two different adjacent routers.

    (d)    An administrative distance of 2.

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(51). A network administrator configures the interface fa0/0 on the router R1 with the command ip address 172.16.1.254 255.255.255.0. However, when the administrator issues the command show ip route, the routing table does not show the directly connected network. What is the possible cause of the problem?

    (a)    The subnet mask is incorrect for the IPv4 address.

    (b)    The configuration needs to be saved first.

    (c)    The interface fa0/0 has not been activated.

    (d)    No packets with a destination network of 172.16.1.0 have been sent to R1.

     

    Correct Answer: (c)

    Explanation:

    A directly connected network will be added to the routing table when these three conditions are met: (1) the interface is configured with a valid IP address; (2) it is activated with no shutdown command; and (3) it receives a carrier signal from another device that is connected to the interface. An incorrect subnet mask for an IPv4 address will not prevent its appearance in the routing table, although the error may prevent successful communications.


    Q(52). Refer to the exhibit. What command would be used to configure a static route on R1 so that traffic from both LANs can reach the 2001:db8:1:4::/64 remote network?


    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 24

    (a) ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::1

    (b) ipv6 route 2001:db8:1::/65 2001:db8:1:3::1

    (c) ipv6 route ::/0 serial0/0/0

    (d) ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::2

     

    Correct Answer: (d)

    Explanation:

    To configure an IPv6 static route, use the ipv6 route command followed by the destination network. Then add either the IP address of the adjacent router or the interface R1 will use to transmit a packet to the 2001:db8:1:4::/64 network.


    Q(53). Refer to the exhibit. What two commands will change the next-hop address for the 10.0.0.0/8 network from 172.16.40.2 to 192.168.1.2? (Choose two.)
    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 25

    (a) A(config)# ip route 10.0.0.0 255.0.0.0 192.168.1.2

    (b) A(config)# ip route 10.0.0.0 255.0.0.0 s0/0/0

    (c) A(config)# no ip address 10.0.0.1 255.0.0.0 172.16.40.2

    (d) A(config)# no network 10.0.0.0 255.0.0.0 172.16.40.2

    (e) A(config)# no ip route 10.0.0.0 255.0.0.0 172.16.40.2

     

    Correct Answer: (a) & (e)

    Explanation:

    The two required commands are A(config)# no ip route 10.0.0.0 255.0.0.0 172.16.40.2 and A(config)# ip route 10.0.0.0 255.0.0.0 192.168.1.2.


    Q(54). Refer to the exhibit. Which interface will be the exit interface to forward a data packet that has the destination IP address 192.168.139.244?

    Gateway of last resort is not set.

    192.168.139.0/26 is variously subnetted, 7 subnets, 3 masks

    O 192.168.139.0/26 [110/10] via 192.168.70.1, 00:00:24, Serial0/0/0

    O 192.168.139.64/26 [110/20] via 192.168.70.6, 00:00:56, Serial 0/0/1

    O 192.168.139.128/26 [110/10] via 192.168.70.1, 00:00:24, Serial 0/0/0

    C 192.168.139.192/27 is directly connected, GigabitEthernet0/0

    L 192.168.139.193/27 is directly connected, GigabitEthernet0/0

    C 192.168.139.224/27 is directly connected, GigabitEthernet0/1

    L 192.168.139.225/27 is directly connected, GigabitEthernet0/1

    192.168.70.0/24 is variably subnetted, 4 subnets, 2 masks

    C 192.168.70.0/30 is directly connected, Serial0/0/0

    L 192.168.70.2/32 is directly connected, Serial0/0/0

    C 192.168.70.4/30 is directly connected, Serial0/0/1

    L 192.168.70.5/32 is directly connected, Serial0/0/1

    S 192.168.71.0/26 [1/0] via 192.168.70.1, 00:00:24, Serial0/0/0

    R1#

    (a)    GigabitEthernet0/1

    (b)    None, the packet will be dropped.

    (c)     Serial0/0/1

    (d)    GigabitEthernet0/0

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(55). What characteristic completes the following statement?
    When an IPv6 static route is configured, a fully-specified configuration should be used with …

    (a)    ::/0.

    (b)    the “ipv6 unicast-routing” command.

    (c)     the next-hop address of two different adjacent routers.

    (d)   a directly connected multiaccess network.

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(56). Refer to the exhibit. Which interface will be the exit interface to forward a data packet that has the destination IP address 192.168.71.52?

    Gateway of last resort is not set.

    192.168.139.0/26 is variously subnetted, 7 subnets, 3 masks

    O 192.168.139.0/26 [110/10] via 192.168.70.1, 00:00:24, Serial0/0/0

    O 192.168.139.64/26 [110/20] via 192.168.70.6, 00:00:56, Serial 0/0/1

    O 192.168.139.128/26 [110/10] via 192.168.70.1, 00:00:24, Serial 0/0/0

    C 192.168.139.192/27 is directly connected, GigabitEthernet0/0

    L 192.168.139.193/27 is directly connected, GigabitEthernet0/0

    C 192.168.139.224/27 is directly connected, GigabitEthernet0/1

    L 192.168.139.225/27 is directly connected, GigabitEthernet0/1

    192.168.70.0/24 is variably subnetted, 4 subnets, 2 masks

    C 192.168.70.0/30 is directly connected, Serial0/0/0

    L 192.168.70.2/32 is directly connected, Serial0/0/0

    C 192.168.70.4/30 is directly connected, Serial0/0/1

    L 192.168.70.5/32 is directly connected, Serial0/0/1

    S 192.168.71.0/26 [1/0] via 192.168.70.1, 00:00:24, Serial0/0/0

    R1#

    (a)    The packet will take the gateway of last resort.

    (b)    GigabitEthernet0/1

    (c)    Serial0/0/0

    (d)    None, the packet will be dropped.

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(57). What characteristic completes the following statement?
    When an IPv6 static route is configured, the installation of the route can be verified with ……

    (a)    a destination host route with a /128 prefix.

    (b)    the interface type and interface number.

    (c)    the “show ipv6 route static” command.

    (d)    an administrative distance of 2.

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(58). Refer to the exhibit. Which interface will be the exit interface to forward a data packet that has the destination IP address 10.55.99.78?

    Gateway of last resort is not set.

    10.55.99.0/26 is variously subnetted, 7 subnets, 3 masks

    O 10.55.99.0/26 [110/10] via 10.55.18.1, 00:00:24, Serial0/0/0

    O 10.55.99.64/26 [110/20] via 10.55.18.6, 00:00:56, Serial 0/0/1

    O 10.55.99.128/26 [110/10] via 10.55.18.1, 00:00:24, Serial 0/0/0

    C 10.55.99.192/27 is directly connected, GigabitEthernet0/0

    L 10.55.99.193/27 is directly connected, GigabitEthernet0/0

    C 10.55.99.224/27 is directly connected, GigabitEthernet0/1

    L 10.55.99.225/27 is directly connected, GigabitEthernet0/1

    10.55.18.0/24 is variably subnetted, 4 subnets, 2 masks

    C 10.55.18.0/30 is directly connected, Serial0/0/0

    L 10.55.18.2/32 is directly connected, Serial0/0/0

    C 10.55.18.4/30 is directly connected, Serial0/0/1

    L 10.55.18.5/32 is directly connected, Serial0/0/1

    S 10.55.19.0/26 [1/0] via 10.55.18.1, 00:00:24, Serial0/0/0

    R1#

    (a)    None, the packet will be dropped.

    (b)    GigabitEthernet0/0

    (c)     GigabitEthernet0/1

    (d)   Serial0/0/1

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(59). A network administrator configures the interface fa0/0 on the router R1 with the command ip address 172.16.1.254 255.255.255.0 . However, when the administrator issues the command show ip route , the routing table does not show the directly connected network. What is the possible cause of the problem?

    (a)    The subnet mask is incorrect for the IPv4 address.

    (b)    No packets with a destination network of 172.16.1.0 have been sent to R1.

    (c)     The configuration needs to be saved first.

    (d)   The interface fa0/0 has not been activated.

     

    Correct Answer: (d)

    Explanation:

    A directly connected network will be added to the routing table when these three conditions are met: (1) the interface is configured with a valid IP address; (2) it is activated with no shutdown command; and (3) it receives a carrier signal from another device that is connected to the interface. An incorrect subnet mask for an IPv4 address will not prevent its appearance in the routing table, although the error may prevent successful communications.


    Q(60). Refer to the exhibit. Which interface will be the exit interface to forward a data packet that has the destination IP address 10.3.86.2?

    Gateway of last resort is not set.

    10.3.86.0/26 is variously subnetted, 7 subnets, 3 masks

    O 10.3.86.0/26 [110/10] via 10.3.2.1, 00:00:24, Serial0/0/0

    O 10.3.86.64/26 [110/20] via 10.3.2.6, 00:00:56, Serial 0/0/1

    O 10.3.86.128/26 [110/10] via 10.3.2.1, 00:00:24, Serial 0/0/0

    C 10.3.86.192/27 is directly connected, GigabitEthernet0/0

    L 10.3.86.193/27 is directly connected, GigabitEthernet0/0

    C 10.3.86.224/27 is directly connected, GigabitEthernet0/1

    L 10.3.86.225/27 is directly connected, GigabitEthernet0/1

    10.3.2.0/24 is variably subnetted, 4 subnets, 2 masks

    C 10.3.2.0/30 is directly connected, Serial0/0/0

    L 10.3.2.2/32 is directly connected, Serial0/0/0

    C 10.3.2.4/30 is directly connected, Serial0/0/1

    L 10.3.2.5/32 is directly connected, Serial0/0/1

    S 10.3.3.0/26 [1/0] via 10.3.2.1, 00:00:24, Serial0/0/0

    R1#

    (a)    GigabitEthernet0/1

    (b)    Serial0/0/1

    (c)     GigabitEthernet0/0

    (d)   Serial0/0/0

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(61). Match the characteristic to the corresponding type of routing. (Not all options are used.)

    Correct Answer


    Q(62). Refer to the exhibit. Which interface will be the exit interface to forward a data packet that has the destination IP address 172.25.128.244?


    CCNA 2 v7 Modules 14 - 16: Routing Concepts and Configuration Exam Answers 28

    (a)    GigabitEthernet0/0

    (b)   GigabitEthernet0/1

    (c)     None, the packet will be dropped.

    (d)    Serial0/0/1

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(63). Ipv6 route 2001:0DB8::/32 2001:0DB8:3000::1
    Which static route is configured here?

    (a)    Floating static

    (b)   Recursive static

    (c)     Directly attached static

    (d)    Fully specified static

     

    Correct Answer: (b)

    Explanation:

    The Router has to look up in the routing table twice to find the exit interface. The first is shown in the Question now the router has to look up what interface ex.s0/0/0 that the 3000::1 address is associated with. Route table ex. 2001:0DB8:3000::1 is directly connected, Serial0/0/0. This is the 2nd lookup in the table to find out that the packet needs to exit the s0/0/0 interface making the first route a recursive and 2nd route a direct.


  • CCNA 2 v7 Modules 10 – 13: L2 Security and WLANs Exam Answers

    How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer.

    CCNA 2 v7 Modules 10 – 13: L2 Security and WLANs Exam Answers

     

    Q(1). Which Layer 2 attack will result in legitimate users not getting valid IP addresses?

    (a)    ARP spoofing

    (b)   DHCP starvation

    (c)     IP address spoofing

    (d)    MAC address flooding

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(2). What mitigation plan is best for thwarting a DoS attack that is creating a MAC address table overflow?

    (a)    Disable DTP.

    (b)    Disable STP.

    (c)    Enable port security.

    (d)    Place unused ports in an unused VLAN.

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(3). Which three Cisco products focus on endpoint security solutions? (Choose three.)

    (a)    IPS Sensor Appliance

    (b)   Web Security Appliance

    (c)    Email Security Appliance

    (d)    SSL/IPsec VPN Appliance

    (e)    Adaptive Security Appliance

    (f)     NAC Appliance

     

    Correct Answer: (b), (c) & (d)

    Explanation:

    No answer description available for this question


    Q(4). True or False?
    In the 802.1X standard, the client attempting to access the network is referred to as the supplicant.

    (a)    true

    (b)    false

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(5). Which authentication method stores usernames and passwords in the router and is ideal for small networks?

    (a)    server-based AAA over TACACS+

    (b)    local AAA over RADIUS

    (c)     server-based AAA

    (d)    local AAA over TACACS+

    (e)    local AAA

    (f)      server-based AAA over RADIUS

     

    Correct Answer: (e)

    Explanation:

    In a small network with a few network devices, AAA authentication can be implemented with the local database and with usernames and passwords stored on the network devices. Authentication using the TACACS+ or RADIUS protocol will require dedicated ACS servers although this authentication solution scales well in a large network.


    Q(6). What represents a best practice concerning discovery protocols such as CDP and LLDP on network devices?

    (a)    Enable CDP on edge devices, and enable LLDP on interior devices.

    (b)    Use the open standard LLDP rather than CDP.

    (c)     Use the default router settings for CDP and LLDP.

    (d)   Disable both protocols on all interfaces where they are not required.

     

    Correct Answer: (d)

    Explanation:

    Both discovery protocols can provide hackers with sensitive network information. They should not be enabled on edge devices, and should be disabled globally or on a per-interface basis if not required. CDP is enabled by default.


    Q(7). Which protocol should be used to mitigate the vulnerability of using Telnet to remotely manage network devices?

    (a)    SNMP

    (b)    TFTP

    (c)    SSH

    (d)    SCP

     

    Correct Answer: (c)

    Explanation:

    Telnet uses plain text to communicate in a network. The username and password can be captured if the data transmission is intercepted. SSH encrypts data communications between two network devices. TFTP and SCP are used for file transfer over the network. SNMP is used in network management solutions.


    Q(8). Which statement describes the behavior of a switch when the MAC address table is full?

    (a)    It treats frames as unknown unicast and floods all incoming frames to all ports on the switch.

    (b)    It treats frames as unknown unicast and floods all incoming frames to all ports across multiple switches.

    (c)    It treats frames as unknown unicast and floods all incoming frames to all ports within the local VLAN.

    (d)    It treats frames as unknown unicast and floods all incoming frames to all ports within the collision domain.

     

    Correct Answer: (c)

    Explanation:

    When the MAC address table is full, the switch treats the frame as an unknown unicast and begins to flood all incoming traffic to all ports only within the local VLAN.


    Q(9). What device is considered a supplicant during the 802.1X authentication process?

    (a)    the router that is serving as the default gateway

    (b)    the authentication server that is performing client authentication

    (c)    the client that is requesting authentication

    (d)    the switch that is controlling network access

     

    Correct Answer: (c)

    Explanation:

    The devices involved in the 802.1X authentication process are as follows:

    ·         The supplicant, which is the client that is requesting network access

    ·         The authenticator, which is the switch that the client is connecting to and that is actually controlling physical network access

    ·         The authentication server, which performs the actual authentication


    Q(10). Refer to the exhibit. Port Fa0/2 has already been configured appropriately. The IP phone and PC work properly. Which switch configuration would be most appropriate for port Fa0/2 if the network administrator has the following goals?

    CCNA 2 v7 Modules 10 - 13: L2 Security and WLANs Exam Answers 1

    No one is allowed to disconnect the IP phone or the PC and connect some other wired device.
    If a different device is connected, port Fa0/2 is shut down.
    The switch should automatically detect the MAC address of the IP phone and the PC and add those addresses to the running configuration.

    (a)    SWA(config-if)# switchport port-security
    SWA(config-if)# switchport port-security mac-address sticky

    (b)    SWA(config-if)# switchport port-security
    SWA(config-if)# switchport port-security maximum 2
    SWA(config-if)# switchport port-security mac-address sticky
    SWA(config-if)# switchport port-security violation restrict

    (c)     SWA(config-if)# switchport port-security mac-address sticky
    SWA(config-if)# switchport port-security maximum 2

    (d)   SWA(config-if)# switchport port-security
    SWA(config-if)# switchport port-security maximum 2
    SWA(config-if)# switchport port-security mac-address sticky

     

    Correct Answer: (d)

    Explanation:

    The default mode for a port security violation is to shut down the port so the switchport port-security violation command is not necessary. The switchport port-security command must be entered with no additional options to enable port security for the port. Then, additional port security options can be added.


    Q(11). Refer to the exhibit. Port security has been configured on the Fa 0/12 interface of switch S1. What action will occur when PC1 is attached to switch S1 with the applied configuration?

    CCNA 2 v7 Modules 10 - 13: L2 Security and WLANs Exam Answers 2

    (a)    Frames from PC1 will be forwarded since the switchport port-security violation command is missing.

    (b)    Frames from PC1 will be forwarded to its destination, and a log entry will be created.

    (c)     Frames from PC1 will be forwarded to its destination, but a log entry will not be created.

    (d)   Frames from PC1 will cause the interface to shut down immediately, and a log entry will be made.

    (e)    Frames from PC1 will be dropped, and there will be no log of the violation.

    (f)      Frames from PC1 will be dropped, and a log message will be created.

     

    Correct Answer: (d)

    Explanation:

    Manual configuration of the single allowed MAC address has been entered for port fa0/12. PC1 has a different MAC address and when attached will cause the port to shut down (the default action), a log message to be automatically created, and the violation counter to increment. The default action of shutdown is recommended because the restrict option might fail if an attack is underway.


    Q(12). Which type of VLAN-hopping attack may be prevented by designating an unused VLAN as the native VLAN?

    (a)    DHCP spoofing

    (b)    DHCP starvation

    (c)    VLAN double-tagging

    (d)    DTP spoofing

     

    Correct Answer: (c)

    Explanation:

    Spoofing DTP messages forces a switch into trunking mode as part of a VLAN-hopping attack, but VLAN double tagging works even if trunk ports are disabled. Changing the native VLAN from the default to an unused VLAN reduces the possibility of this type of attack. DHCP spoofing and DHCP starvation exploit vulnerabilities in the DHCP message exchange.


    Q(13). A network administrator is configuring DAI on a switch with the command ip arp inspection validate src-mac. What is the purpose of this configuration command?

    (a)    It checks the source MAC address in the Ethernet header against the user-configured ARP ACLs.

    (b)    It checks the source MAC address in the Ethernet header against the MAC address table.

    (c)    It checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body.

    (d)    It checks the source MAC address in the Ethernet header against the target MAC address in the ARP body.

     

    Correct Answer: (c)

    Explanation:

    DAI can be configured to check for both destination or source MAC and IP addresses:

    ·         Destination MAC – Checks the destination MAC address in the Ethernet header against the target MAC address in the ARP body.

    ·         Source MAC – Checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body.

    ·         IP address – Checks the ARP body for invalid and unexpected IP addresses including addresses 0.0.0.0, 255.255.255.255, and all IP multicast addresses.


    Q(14). Which two commands can be used to enable BPDU guard on a switch? (Choose two.)

    (a)    S1(config)# spanning-tree bpduguard default

    (b)    S1(config-if)# spanning-tree portfast bpduguard

    (c)    S1(config)# spanning-tree portfast bpduguard default

    (d)    S1(config-if)# enable spanning-tree bpduguard

    (e)    S1(config-if)# spanning-tree bpduguard enable

     

    Correct Answer: (c) & (e)

    Explanation:

    BPDU guard can be enabled on all PortFast-enabled ports by using the spanning-tree portfast bpduguard default global configuration command. Alternatively, BPDU guard can be enabled on a PortFast-enabled port through the use of the spanning-tree bpduguard enable interface configuration command.


    Q(15). As part of the new security policy, all switches on the network are configured to automatically learn MAC addresses for each port. All running configurations are saved at the start and close of every business day. A severe thunderstorm causes an extended power outage several hours after the close of business. When the switches are brought back online, the dynamically learned MAC addresses are retained. Which port security configuration enabled this?

    (a)    auto secure MAC addresses

    (b)    dynamic secure MAC addresses

    (c)     static secure MAC addresses

    (d)   sticky secure MAC addresses

     

    Correct Answer: (d)

    Explanation:

    With sticky secure MAC addressing, the MAC addresses can be either dynamically learned or manually configured and then stored in the address table and added to the running configuration file. In contrast, dynamic secure MAC addressing provides for dynamically learned MAC addressing that is stored only in the address table.


    Q(16). Which type of management frame may regularly be broadcast by an AP?

    (a)    authentication

    (b)    probe request

    (c)     probe response

    (d)   beacon

     

    Correct Answer: (d)

    Explanation:

    Beacons are the only management frame that may regularly be broadcast by an AP. Probing, authentication, and association frames are used only during the association (or reassociation) process.


    Q(17). What are the two methods that are used by a wireless NIC to discover an AP? (Choose two.)

    (a)    delivering a broadcast frame

    (b)   receiving a broadcast beacon frame

    (c)     initiating a three-way handshake

    (d)    sending an ARP request

    (e)    transmitting a probe request

     

    Correct Answer: (b) & (e)

    Explanation:

    Two methods can be used by a wireless device to discover and register with an access point: passive mode and active mode. In passive mode, the AP sends a broadcast beacon frame that contains the SSID and other wireless settings. In active mode, the wireless device must be manually configured for the SSID, and then the device broadcasts a probe request.


    Q(18). A technician is configuring the channel on a wireless router to either 1, 6, or 11. What is the purpose of adjusting the channel?

    (a)    to enable different 802.11 standards

    (b)   to avoid interference from nearby wireless devices

    (c)     to disable broadcasting of the SSID

    (d)    to provide stronger security modes

     

    Correct Answer: (b)

    Explanation:

    Channels 1, 6, and 11 are selected because they are 5 channels apart. thus minimizing the interference with adjacent channels. A channel frequency can interfere with channels on either side of the main frequency. All wireless devices need to be used on nonadjacent channels.


    Q(19). While attending a conference, participants are using laptops for network connectivity. When a guest speaker attempts to connect to the network, the laptop fails to display any available wireless networks. The access point must be operating in which mode?

    (a)    mixed

    (b)    passive

    (c)    active

    (d)    open

     

    Correct Answer: (c)

    Explanation:

    Active is a mode used to configure an access point so that clients must know the SSID to connect to the access point. APs and wireless routers can operate in a mixed mode meaning that that multiple wireless standards are supported. Open is an authentication mode for an access point that has no impact on the listing of available wireless networks for a client. When an access point is configured in passive mode, the SSID is broadcast so that the name of wireless network will appear in the listing of available networks for clients.


    Q(20). A network administrator is required to upgrade wireless access to end users in a building. To provide data rates up to 1.3 Gb/s and still be backward compatible with older devices, which wireless standard should be implemented?

    (a)    802.11n

    (b)   802.11ac

    (c)     802.11g

    (d)    802.11b

     

    Correct Answer: (b)

    Explanation:

    802.11ac provides data rates up to 1.3 Gb/s and is still backward compatible with 802.11a/b/g/n devices. 802.11g and 802.11n are older standards that cannot reach speeds over 1Gb/s. 802.11ad is a newer standard that can offer theoretical speeds of up to 7 Gb/s.


    Q(21). A technician is about to install and configure a wireless network at a small branch office. What is the first security measure the technician should apply immediately upon powering up the wireless router?

    (a)    Enable MAC address filtering on the wireless router.

    (b)    Configure encryption on the wireless router and the connected wireless devices.

    (c)    Change the default user-name and password of the wireless router.

    (d)    Disable the wireless network SSID broadcast.

     

    Correct Answer: (c)

    Explanation:

    The first action a technician should do to secure a new wireless network is to change the default user-name and password of the wireless router. The next action would usually be to configure encryption. Then once the initial group of wireless hosts have connected to the network, MAC address filtering would be enabled and SSID broadcast disabled. This will prevent new unauthorized hosts from finding and connecting to the wireless network.


    Q(22). On a Cisco 3504 WLC dashboard, which option provides access to the full menu of features?

    (a)    Access Points

    (b)    Network Summary

    (c)    Advanced

    (d)    Rogues

     

    Correct Answer: (c)

    Explanation:

    The Cisco 3504 WLC dashboard displays when a user logs into the WLC. It provides some basic settings and menus that users can quickly access to implement a variety of common configurations. By clicking the Advanced button, the user will access the advanced Summary page and access all the features of the WLC.


    Q(23). Which step is required before creating a new WLAN on a Cisco 3500 series WLC?

    (a)    Create a new SSID.

    (b)    Build or have an SNMP server available.

    (c)     Build or have a RADIUS server available.

    (d)   Create a new VLAN interface.

     

    Correct Answer: (d)

    Explanation:

    Each new WLAN configured on a Cisco 3500 series WLC needs its own VLAN interface. Thus it is required that a new VLAN interface to be created first before a new WLAN can be created.


    Q(24). A network engineer is troubleshooting a newly deployed wireless network that is using the latest 802.11 standards. When users access high bandwidth services such as streaming video, the wireless network performance is poor. To improve performance the network engineer decides to configure a 5 Ghz frequency band SSID and train users to use that SSID for streaming media services. Why might this solution improve the wireless network performance for that type of service?

    (a)    Requiring the users to switch to the 5 GHz band for streaming media is inconvenient and will result in fewer users accessing these services.

    (b)   The 5 GHz band has more channels and is less crowded than the 2.4 GHz band, which makes it more suited to streaming multimedia.

    (c)     The 5 GHz band has a greater range and is therefore likely to be interference-free.

    (d)    The only users that can switch to the 5 GHz band will be those with the latest wireless NICs, which will reduce usage.

     

    Correct Answer: (b)

    Explanation:

    Wireless range is determined by the access point antenna and output power, not the frequency band that is used. In this scenario it is stated that all users have wireless NICs that comply with the latest standard, and so all can access the 5 GHz band. Although some users may find it inconvenient to switch to the 5 Ghz band to access streaming services, it is the greater number of channels, not just fewer users, that will improve network performance.


    Q(25). A network administrator is configuring a RADIUS server connection on a Cisco 3500 series WLC. The configuration requires a shared secret password. What is the purpose for the shared secret password?

    (a)    It is used by the RADIUS server to authenticate WLAN users.

    (b)    It is used to authenticate and encrypt user data on the WLAN.

    (c)    It is used to encrypt the messages between the WLC and the RADIUS server.

    (d)    It allows users to authenticate and access the WLAN.

     

    Correct Answer: (c)

    Explanation:

    The RADIUS protocol uses security features to protect communications between the RADIUS server and clients. A shared secret is the password used between the WLC and the RADIUS server. It is not for end users.


    Q(26). Which three parameters would need to be changed if best practices are being implemented for a home wireless AP? (Choose three.)

    (a)    wireless client operating system password

    (b)    antenna frequency

    (c)    wireless network password

    (d)    wireless beacon time

    (e)    AP password

    (f)     SSID

     

    Correct Answer: (c), (e) & (f)

    Explanation:

    As soon as an AP is taken out of a box, the default device password, SSID, and security parameters (wireless network password) should be set. The frequency of a wireless antenna can be adjusted, but doing so is not required. The beacon time is not normally configured. The wireless client operating system password is not affected by the configuration of a home wireless network.


    Q(27). Which access control component, implementation, or protocol is based upon usernames and passwords?

    (a)    802.1X

    (b)    accounting

    (c)    authentication

    (d)    authorization

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(28). Which type of wireless network is based on the 802.11 standard and a 2.4-GHz or 5-GHz radio frequency?

    (a)    wireless metropolitan-area network

    (b)    wireless wide-area network

    (c)    wireless local-area network

    (d)    wireless personal-area network

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(29). Which two Cisco solutions help prevent DHCP starvation attacks? (Choose two.)

    (a)    DHCP Snooping

    (b)    IP Source Guard

    (c)     Dynamic ARP Inspection

    (d)   Port Security

    (e)    Web Security Appliance

     

    Correct Answer: (a) & (d)

    Explanation:

    Cisco provides solutions to help mitigate Layer 2 attacks including these:

    ·         IP Source Guard (IPSG) – prevents MAC and IP address spoofing attacks

    ·         Dynamic ARP Inspection (DAI) – prevents ARP spoofing and ARP poisoning attacks

    ·         DHCP Snooping – prevents DHCP starvation and SHCP spoofing attacks

    ·         Port Security – prevents many types of attacks including MAC table overflow attacks and DHCP starvation attacks

    Web Security Appliance (WSA) is a mitigation technology for web-based threats.


    Q(30). What are three techniques for mitigating VLAN attacks? (Choose three.)

    (a)    Enable trunking manually.

    (b)   Disable DTP.

    (c)     Enable Source Guard.

    (d)   Set the native VLAN to an unused VLAN.

    (e)    Use private VLANs.

    (f)      Enable BPDU guard.

     

    Correct Answer: (a), (b) & (d)

    Explanation:

    Mitigating a VLAN attack can be done by disabling Dynamic Trunking Protocol (DTP), manually setting ports to trunking mode, and by setting the native VLAN of trunk links to VLANs not in use.


    Q(31). Refer to the exhibit. What can be determined about port security from the information that is shown?

    CCNA 2 v7 Modules 10 - 13: L2 Security and WLANs Exam Answers 3

    (a)    The port has the maximum number of MAC addresses that is supported by a Layer 2 switch port which is configured for port security.

    (b)    The port has been shut down.

    (c)    The port violation mode is the default for any port that has port security enabled.

    (d)    The port has two attached devices.

     

    Correct Answer: (c)

    Explanation:

    The Port Security line simply shows a state of Enabled if the switchport port-security command (with no options) has been entered for a particular switch port. If a port security violation had occurred, a different error message appears such as Secure-shutdown. The maximum number of MAC addresses supported is 50. The Maximum MAC Addresses line is used to show how many MAC addresses can be learned (2 in this case). The Sticky MAC Addresses line shows that only one device has been attached and learned automatically by the switch. This configuration could be used when a port is shared by two cubicle-sharing personnel who bring in separate laptops.


    Q(32). A network administrator of a college is configuring the WLAN user authentication process. Wireless users are required to enter username and password credentials that will be verified by a server. Which server would provide such service?

    (a)    AAA

    (b)    NAT

    (c)    RADIUS

    (d)    SNMP

     

    Correct Answer: (c)

    Explanation:

    Remote Authentication Dial-In User Service (RADIUS) is a protocol and server software that provides user-based authentication for an organization. When a WLAN is configured to use a RADIUS server, users will enter username and password credentials that are verified by the RADIUS server before allowing to the WLAN.


    Q(33). A technician is troubleshooting a slow WLAN that consists of 802.11b and 802.11g devices . A new 802.11n/ac dual-band router has been deployed on the network to replace the old 802.11g router. What can the technician do to address the slow wireless speed?

    (a)    Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band.

    (b)    Update the firmware on the new router.

    (c)     Configure devices to use a different channel.

    (d)    Change the SSID.

     

    Correct Answer: (a)

    Explanation:

    Splitting the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band will allow for the 802.11n to use the two bands as two separate wireless networks to help manage the traffic, thus improving wireless performance.


    Q(34). The company handbook states that employees cannot have microwave ovens in their offices. Instead, all employees must use the microwave ovens located in the employee cafeteria. What wireless security risk is the company trying to avoid?

    (a)    improperly configured devices

    (b)    rogue access points

    (c)    accidental interference

    (d)    interception of data

     

    Correct Answer: (c)

    Explanation:

    Denial of service attacks can be the result of improperly configured devices which can disable the WLAN. Accidental interference from devices such as microwave ovens and cordless phones can impact both the security and performance of a WLAN. Man-in-the-middle attacks can allow an attacker to intercept data. Rogue access points can allow unauthorized users to access the wireless network.


    Q(35). What is the function provided by CAPWAP protocol in a corporate wireless network?

    (a)    CAPWAP creates a tunnel on Transmission Control Protocol (TCP) ports in order to allow a WLC to configure an autonomous access point.

    (b)   CAPWAP provides the encapsulation and forwarding of wireless user traffic between an access point and a wireless LAN controller.

    (c)     CAPWAP provides connectivity between an access point using IPv6 addressing and a wireless client using IPv4 addressing.

    (d)    CAPWAP provides the encryption of wireless user traffic between an access point and a wireless client.

     

    Correct Answer: (b)

    Explanation:

    CAPWAP is an IEEE standard protocol that enables a WLC to manage multiple APs and WLANs. CAPWAP is also responsible for the encapsulation and forwarding of WLAN client traffic between an AP and a WLC.


    Q(36). Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.

    Modules 10 – 13: L2 Security and WLANs Exam Answers

    Which event will take place if there is a port security violation on switch S1 interface Fa0/1?

    (a)    A syslog message is logged.

    (b)    The interface will go into error-disabled state.

    (c)    Packets with unknown source addresses will be dropped.

    (d)    A notification is sent.

     

    Correct Answer: (c)

    Explanation:

    The violation mode can be viewed by issuing the show port-security interface <int>command. Interface FastEthernet 0/1 is configured with the violation mode of protect. If there is a violation, interface FastEthernet 0/1 will drop packets with unknown MAC addresses.


    Q(37). Match each functional component of AAA with its description. (Not all options are used.)
    Correct Answer

    CCNA 2 v7 Modules 10 - 13: L2 Security and WLANs Exam Answers 4

    Explanation:

    No answer description available for this question


    Q(38). What are two protocols that are used by AAA to authenticate users against a central database of usernames and password? (Choose two.)

    (a)    SSH

    (b)    HTTPS

    (c)    TACACS+

    (d)   RADIUS

    (e)    CHAP

    (f)      NTP

     

    Correct Answer: (c) & (d)

    Explanation:

    By using TACACS+ or RADIUS, AAA can authenticate users from a database of usernames and passwords stored centrally on a server such as a Cisco ACS server.


    Q(39). What is the result of a DHCP starvation attack?

    (a)    The attacker provides incorrect DNS and default gateway information to clients.

    (b)    The IP addresses assigned to legitimate clients are hijacked.

    (c)     Clients receive IP address assignments from a rogue DHCP server.

    (d)   Legitimate clients are unable to lease IP addresses.

     

    Correct Answer: (d)

    Explanation:

    DCHP starvation attacks are launched by an attacker with the intent to create a DoS for DHCP clients. To accomplish this goal, the attacker uses a tool that sends many DHCPDISCOVER messages to lease the entire pool of available IP addresses, thus denying them to legitimate hosts.


    Q(40). Which feature or configuration on a switch makes it vulnerable to VLAN double-tagging attacks?

    (a)    the limited size of content-addressable memory space

    (b)    the automatic trunking port feature enabled for all ports by default

    (c)    the native VLAN of the trunking port being the same as a user VLAN

    (d)    mixed duplex mode enabled for all ports by default

     

    Correct Answer: (c)

    Explanation:

    A double-tagging (or double-encapsulated) VLAN hopping attack takes advantage of the way that hardware on most switches operates. Most switches perform only one level of 802.1Q de-encapsulation, which allows an attacker to embed a hidden 802.1Q tag inside the frame. This tag allows the frame to be forwarded to a VLAN that the original 802.1Q tag did not specify. An important characteristic of the double-encapsulated VLAN hopping attack is that it works even if trunk ports are disabled, because a host typically sends a frame on a segment that is not a trunk link. This type of attack is unidirectional and works only when the attacker is connected to a port residing in the same VLAN as the native VLAN of the trunk port.


    Q(41). Which component of AAA allows an administrator to track individuals who access network resources and any changes that are made to those resources?

    (a)    authentication

    (b)   accounting

    (c)     accessibility

    (d)    authorization

     

    Correct Answer: (b)

    Explanation:

    One of the components in AAA is accounting. After a user is authenticated through AAA, AAA servers keep a detailed log of exactly what actions the authenticated user takes on the device.


    Q(42). Refer to the exhibit. PC1 and PC2 should be able to obtain IP address assignments from the DHCP server. How many ports among switches should be assigned as trusted ports as part of the DHCP snooping configuration?

    CCNA 2 v7 Modules 10 - 13: L2 Security and WLANs Exam Answers 5

    (a)    1

    (b)    3

    (c)     5

    (d)   7

     

    Correct Answer: (d)

    Explanation:

    The DHCP snooping configuration includes building the DHCP Snooping Binding Database and assigning necessary trusted ports on switches. A trusted port points to the legitimate DHCP servers. In this network design, because the DHCP server is attached to AS3, seven switch ports should be assigned as trusted ports, one on AS3 toward the DHCP server, one on DS1 toward AS3, one on DS2 toward AS3, and two connections on both AS1 and AS2 (toward DS1 and DS2), for a total of seven.


    Q(43). An IT security specialist enables port security on a switch port of a Cisco switch. What is the default violation mode in use until the switch port is configured to use a different violation mode?

    (a)    shutdown

    (b)    disabled

    (c)     restrict

    (d)    protect

     

    Correct Answer: (a)

    Explanation:

    If no violation mode is specified when port security is enabled on a switch port, then the security violation mode defaults to shutdown.


    Q(44). A laptop cannot connect to a wireless access point. Which two troubleshooting steps should be taken first? (Choose two.)

    (a)    Ensure that the correct network media is selected.

    (b)    Ensure that the laptop antenna is attached.

    (c)    Ensure that the wireless NIC is enabled.

    (d)   Ensure that the wireless SSID is chosen.

    (e)    Ensure that the NIC is configured for the proper frequency.

     

    Correct Answer: (c) & (d)

    Explanation:

    No answer description available for this question


    Q(45). What is an advantage of SSID cloaking?

    (a)    Clients will have to manually identify the SSID to connect to the network.

    (b)    It is the best way to secure a wireless network.

    (c)     SSIDs are very difficult to discover because APs do not broadcast them.

    (d)    It provides free Internet access in public locations where knowing the SSID is of no concern.

     

    Correct Answer: (a)

    Explanation:

    SSID cloaking is a weak security feature that is performed by APs and some wireless routers by allowing the SSID beacon frame to be disabled. Although clients have to manually identify the SSID to be connected to the network, the SSID can be easily discovered. The best way to secure a wireless network is to use authentication and encryption systems. SSID cloaking does not provide free Internet access in public locations, but an open system authentication could be used in that situation.


    Q(46). What is a wireless security mode that requires a RADIUS server to authenticate wireless users?

    (a)    personal

    (b)    shared key

    (c)    enterprise

    (d)    WEP

     

    Correct Answer: (c)

    Explanation:

    WPA and WPA2 come in two types: personal and enterprise. Personal is used in home and small office networks. Shared key allows three different authentication techniques: (1) WEP, (2) WPA, and (3) 802.11i/WPA2. WEP is an encryption method.


    Q(47). A company has recently implemented an 802.11n wireless network. Some users are complaining that the wireless network is too slow. Which solution is the best method to enhance the performance of the wireless network?

    (a)    Disable DHCP on the access point and assign static addresses to the wireless clients.

    (b)    Upgrade the firmware on the wireless access point.

    (c)    Split the traffic between the 2.4 GHz and 5 GHz frequency bands.

    (d)    Replace the wireless NICs on the computers that are experiencing slow connections.

     

    Correct Answer: (c)

    Explanation:

    Because some users are complaining about the network being too slow, the correct option would be to split the traffic so that there are two networks using different frequencies at the same time. Replacing the wireless NICs will not necessarily correct the network being slow and it could be expensive for the company. DHCP versus static addressing should have no impact of the network being slow and it would be a huge task to have all users assigned static addressing for their wireless connection. Upgrading the firmware on the wireless access point is always a good idea. However, if some of the users are experiencing a slow network connection, it is likely that this would not substantially improve network performance.


    Q(48). Which protocol can be used to monitor the network?

    (a)    DHCP

    (b)   SNMP

    (c)     RADIUS

    (d)    AAA

     

    Correct Answer: (b)

    Explanation:

    Simple Network Management Protocol (SNMP) is used to monitor the network.


    Q(49). A network administrator deploys a wireless router in a small law firm. Employee laptops join the WLAN and receive IP addresses in the 10.0.10.0/24 network. Which service is used on the wireless router to allow the employee laptops to access the internet?

    (a)    DHCP

    (b)    RADIUS

    (c)     DNS

    (d)   NAT

     

    Correct Answer: (d)

    Explanation:

    Any address with the 10 in the first octet is a private IPv4 address and cannot be routed on the internet. The wireless router will use a service called Network Address Translation (NAT) to convert private IPv4 addresses to internet-routable IPv4 addresses for wireless devices to gain access to the internet.


    Q(50). Which service can be used on a wireless router to prioritize network traffic among different types of applications so that voice and video data are prioritized over email and web data?

    (a)    QoS

    (b)    DNS

    (c)     DHCP

    (d)    NAT

     

    Correct Answer: (a)

    Explanation:

    Many wireless routers have an option for configuring quality of service (QoS). By configuring QoS, certain time-sensitive traffic types, such as voice and video, are prioritized over traffic that is not as time-sensitive, such as email and web browsing.


    Q(51). Which access control component, implementation, or protocol is based on device roles of supplicant, authenticator, and authentication server?

    (a)    accounting

    (b)    authentication

    (c)     authorization

    (d)   802.1X

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(52). Which type of wireless network is suitable for national and global communications?

    (a)    wireless metropolitan-area network

    (b)    wireless local-area network

    (c)     wireless personal-area network

    (d)   wireless wide-area network

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(53). Which feature on a switch makes it vulnerable to VLAN hopping attacks?

    (a)    the mixed duplex mode enabled for all ports by default

    (b)    the limited size of content-addressable memory space

    (c)     mixed port bandwidth support enabled for all ports by default

    (d)   the automatic trunking port feature enabled for all ports by default

     

    Correct Answer: (d)

    Explanation:

    A VLAN hopping attack enables traffic from one VLAN to be seen by another VLAN without routing. In a basic VLAN hopping attack, the attacker takes advantage of the automatic trunking port feature enabled by default on most switch ports.


    Q(54). Which component of AAA is used to determine which resources a user can access and which operations the user is allowed to perform?

    (a)    accounting

    (b)    authentication

    (c)     auditing

    (d)   authorization

     

    Correct Answer: (d)

    Explanation:

    One of the components in AAA is authorization. After a user is authenticated through AAA, authorization services determine which resources the user can access and which operations the user is allowed to perform.


    Q(55). Refer to the exhibit. The Fa0/2 interface on switch S1 has been configured with the switchport port-security mac-address 0023.189d.6456 command and a workstation has been connected. What could be the reason that the Fa0/2 interface is shutdown?

    CCNA 2 v7 Modules 10 - 13: L2 Security and WLANs Exam Answers 55

    (a)    The Fa0/24 interface of S1 is configured with the same MAC address as the Fa0/2 interface.

    (b)    The connection between S1 and PC1 is via a crossover cable.

    (c)     S1 has been configured with a switchport port-security aging command.

    (d)   The MAC address of PC1 that connects to the Fa0/2 interface is not the configured MAC address.

     

    Correct Answer: (d)

    Explanation:

    The security violation counter for Fa0/2 has been incremented (evidenced by the 1 in the SecurityViolation column). The most secure addresses allowed on port Fa0/2 is 1 and that address was manually entered. Therefore, PC1 must have a different MAC address than the one configured for port Fa0/2. Connections between end devices and the switch, as well as connections between a router and a switch, are made with a straight-through cable.


    Q(56). A network administrator enters the following commands on the switch SW1.

    SW1(config)# interface range fa0/5 – 10

    SW1(config-if)# ip dhcp snooping limit rate 6

    What is the effect after these commands are entered?

    (a)    If any of the FastEthernet ports 5 through 10 receive more than 6 DHCP messages per second, the port will be shut down.

    (b)    FastEthernet ports 5 through 10 can receive up to 6 DHCP messages per second of any type.

    (c)     If any of the FastEthernet ports 5 through 10 receive more than 6 DHCP messages per second, the port will continue to operate and an error message will be sent to the network administrator.

    (d)   FastEthernet ports 5 through 10 can receive up to 6 DHCP discovery messages per second.

     

    Correct Answer: (d)

    Explanation:

    When DHCP snooping is being configured, the number of DHCP discovery messages that untrusted ports can receive per second should be rate-limited by using the ip dhcp snooping limit rate interface configuration command. When a port receives more messages than the rate allows, the extra messages will be dropped.


    Q(57). A network administrator is configuring port security on a Cisco switch. The company security policy specifies that when a violation occurs, packets with unknown source addresses should be dropped and no notification should be sent. Which violation mode should be configured on the interfaces?

    (a)    off

    (b)    restrict

    (c)    protect

    (d)    shutdown

     

    Correct Answer: (c)

    Explain:

    On a Cisco switch, an interface can be configured for one of three violation modes, specifying the action to be taken if a violation occurs:Protect – Packets with unknown source addresses are dropped until a sufficient number of secure MAC addresses are removed, or the number of maximum allowable addresses is increased. There is no notification that a security violation has occurred.
    Restrict – Packets with unknown source addresses are dropped until a sufficient number of secure MAC addresses are removed, or the number of maximum allowable addresses is increased. In this mode, there is a notification that a security violation has occurred.
    Shutdown – The interface immediately becomes error-disabled and the port LED is turned off.


    Q(58). A network administrator is working to improve WLAN performance on a dual-band wireless router. What is a simple way to achieve a split-the-traffic result?

    (a)    Add a Wi-Fi range extender to the WLAN and set the AP and the range extender to serve different bands.

    (b)    Check and keep the firmware of the wireless router updated.

    (c)    Make sure that different SSIDs are used for the 2.4 GHz and 5 GHz bands.

    (d)    Require all wireless devices to use the 802.11n standard.

     

    Correct Answer: (c)

    Explanation:

    By default, dual-band routers and APs use the same network name on both the 2.4 GHz band and the 5 GHz band. The simplest way to segment traffic is to rename one of the wireless networks.


    Q(59). Which access control component, implementation, or protocol controls what users can do on the network?

    (a)    accounting

    (b)    802.1X

    (c)    authorization

    (d)    authentication

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(60). Which type of wireless network is suitable for providing wireless access to a city or district?

    (a)    wireless wide-area network

    (b)    wireless personal-area network

    (c)     wireless local-area network

    (d)   wireless metropolitan-area network

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(61). On a Cisco 3504 WLC Summary page ( Advanced > Summary ), which tab allows a network administrator to access and configure a WLAN for a specific security option such as WPA2?

    (a)    MANAGEMENT

    (b)    WIRELESS

    (c)    WLANs

    (d)    SECURITY

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(62). What type of wireless antenna is best suited for providing coverage in large open spaces, such as hallways or large conference rooms?

    (a)    Yagi

    (b)   omnidirectional

    (c)     dish

    (d)    directional

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(63). What security benefit is gained from enabling BPDU guard on PortFast enabled interfaces?

    (a)    preventing buffer overflow attacks

    (b)   preventing rogue switches from being added to the network

    (c)     protecting against Layer 2 loops

    (d)    enforcing the placement of root bridges

     

    Correct Answer: (b)

    Explanation:

    BPDU guard immediately error-disables a port that receives a BPDU. This prevents rogue switches from being added to the network. BPDU guard should only be applied to all end-user ports.


    Q(64). Which access control component, implementation, or protocol logs EXEC and configuration commands configured by a user?

    (a)    authentication

    (b)    authorization

    (c)     802.1X

    (d)   Accounting

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(65). Which type of wireless network uses transmitters to provide coverage over an extensive geographic area?

    (a)    wireless metropolitan-area network

    (b)    wireless local-area network

    (c)     wireless personal-area network

    (d)   wireless wide-area network

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(66). Which access control component, implementation, or protocol controls who is permitted to access a network?

    (a)    authorization

    (b)    802.1X

    (c)     accounting

    (d)   authentication

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(67). What two IEEE 802.11 wireless standards operate only in the 5 GHz range? (Choose two.)

    (a)    802.11g

    (b)    802.11ad

    (c)    802.11ac

    (d)   802.11a

    (e)    802.11n

    (f)      802.11b

     

    Correct Answer: (c) & (d)

    Explanation:

    The 802.11a and 802.11ac standards operate only in the 5 GHZ range. The 802.11b and 802.11g standards operate only in the 2.4 GHz range. The 802.11n standard operates in both the 2.4 and 5 GHz ranges. The 802.11ad standard operates in the 2.4, 5, and 60 GHz ranges.


    Q(68). Which type of wireless network uses low powered transmitters for a short-range network, usually 20 to 30 ft. (6 to 9 meters)?

    (a)    wireless metropolitan-area network

    (b)   wireless personal-area network

    (c)     wireless local-area network

    (d)    wireless wide-area network

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(69). Which wireless network topology would be used by network engineers to provide a wireless network for an entire college building?

    (a)    ad hoc

    (b)    hotspot

    (c)    infrastructure

    (d)    mixed mode

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(70). Which type of wireless network uses transmitters to provide wireless service over a large urban region?

    (a)    wireless wide-area network

    (b)    wireless personal-area network

    (c)    wireless metropolitan-area network

    (d)    wireless local-area network.

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(71). Which type of wireless network is suitable for use in a home or office?

    (a)    wireless wide-area network

    (b)    wireless personal-area network

    (c)    wireless local-area network

    (d)    wireless metropolitan-area network

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(72). Which access control component, implementation, or protocol indicates success or failure of a client-requested service with a PASS or FAIL message?

    (a)    accounting

    (b)    authentication

    (c)     802.1X

    (d)   Authorization

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(73). Which type of wireless network often makes use of devices mounted on buildings?

    (a)    wireless local-area network

    (b)   wireless metropolitan-area network

    (c)     wireless personal-area network

    (d)    wireless wide-area network

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(74). A network administrator is configuring DAI on a switch with the command ip arp inspection validate src-mac . What is the purpose of this configuration command?

    (a)    It checks the source MAC address in the Ethernet header against the user-configured ARP ACLs.

    (b)    It checks the source MAC address in the Ethernet header against the MAC address table.

    (c)    It checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body.

    (d)    It checks the source MAC address in the Ethernet header against the target MAC address in the ARP body.

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(75). Which access control component, implementation, or protocol collects and reports usage data?

    (a)    accounting

    (b)    authentication

    (c)     authorization

    (d)    802.1X

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(76). Which type of wireless network uses transmitters to cover a medium-sized network, usually up to 300 feet (91.4 meters)?

    (a)    Wireless LANs (WLAN)

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(77). Which access control component, implementation, or protocol audits what users actions are performed on the network?

    (a)    Accounting

    (b)    Authorization

    (c)     Authentication

    (d)    802.1X

     

    Correct Answer: (a)

    Explanation:
    The final plank in the AAA framework is accounting, which measures the resources a user consumes during access. This can include the amount of system time or the amount of data a user has sent and/or received during a session. Accounting is carried out by logging of session statistics and usage information and is used for authorization control, billing, trend analysis, resource utilization, and capacity planning activities.


    Q(78). Which type of wireless network commonly uses Bluetooth or ZigBee devices?

    (a)    wireless wide-area network

    (b)   wireless personal-area network

    (c)     wireless local-area network

    (d)    wireless metropolitan-area network

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(79). Which access control component, implementation, or protocol is implemented either locally or as a server-based solution?

    (a)    authorization

    (b)    802.1X

    (c)     accounting

    (d)   authentication

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(80). A technician is troubleshooting a slow WLAN and decides to use the split-the-traffic approach. Which two parameters would have to be configured to do this? (Choose two.)

    (a)    Configure the 5 GHz band for streaming multimedia and time sensitive traffic.

    (b)    Configure the security mode to WPA Personal TKIP/AES for one network and WPA2 Personal AES for the other network

    (c)    Configure the 2.4 GHz band for basic internet traffic that is not time sensitive.

    (d)    Configure the security mode to WPA Personal TKIP/AES for both networks.

    (e)    Configure a common SSID for both split networks.

     

    Correct Answer: (a) & (c)

    Explanation:

    No answer description available for this question


    Q(81). Which access control component, implementation, or protocol restricts LAN access through publicly accessible switch ports?

    (a)    802.1X

    (b)    authorization

    (c)     accounting

    (d)    authentication

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


  • CCNA 2 v7 Modules 7 – 9: Available and Reliable Networks Exam Answers

    How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer.

    CCNA 2 v7 Modules 7 – 9: Available and Reliable Networks Exam Answers

     

    Q(1). A DHCP-enabled client PC has just booted. During which two steps will the client PC use broadcast messages when communicating with a DHCP server? (Choose two.)

    (a)    DHCPDISCOVER

    (b)    DHCPACK

    (c)     DHCPOFFER

    (d)   DHCPREQUEST

    (e)    DHCPNAK

     

    Correct Answer: (a) & (d)

    Explanation:

    No answer description available for this question


    Q(2). An administrator issues the commands:

    Router(config)# interface g0/1

    Router(config-if)# ip address dhcp

    What is the administrator trying to achieve?

    (a)    configuring the router to act as a DHCPv4 server

    (b)   configuring the router to obtain IP parameters from a DHCPv4 server

    (c)     configuring the router to act as a relay agent

    (d)    configuring the router to resolve IP address conflicts

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(3). When a client is requesting an initial address lease from a DHCP server, why is the DHCPREQUEST message sent as a broadcast?

    (a)    The client does not yet know the IP address of the DHCP server that sent the offer.

    (b)    The DHCP server may be on a different subnet, so the request must be sent as a broadcast.

    (c)     The client does not have a MAC address assigned yet, so it cannot send a unicast message at Layer 2.

    (d)   The client may have received offers from multiple servers, and the broadcast serves to implicitly decline those other offers.

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(4). Which DHCP IPv4 message contains the following information?

    Destination address: 255.255.255.255
    Client IPv4 address: 0.0.0.0
    Default gateway address: 0.0.0.0
    Subnet mask: 0.0.0.0

    (a)    DHCPACK

    (b)   DHCPDISCOVER

    (c)     DHCPOFFER

    (d)    DHCPREQUEST

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(5). Place the options in the following order:

    A client initiating a message to find a DHCP server – DHCPDISCOVER

    A DHCP server responding to the initial request by a client – DHCPOFFER

    The client accepting the IP address provided by the DHCP server – DHCPREQUEST

    The DHCP server confirming that the lease has been accepted – DHCPACK

     

    Correct Answer

    Explanation:

    No answer description available for this question


    Q(6). Which protocol automates assignment of IP addresses on a network, and which port number does it use? (Choose two.)

    (a)    DHCP

    (b)    DNS

    (c)     SMB

    (d)    53

    (e)    67

    (f)      80

     

    Correct Answer: (a) & (e)

    Explanation:

    DNS uses port 53 and translates URLs to IP addresses. SMB provides shared access to files and printers and uses port 445. Port 80 is used by HTTP. HTTP is a protocol used to communicate between a web browser and a server.


    Q(7). Refer to the exhibit. PC1 is configured to obtain a dynamic IP address from the DHCP server. PC1 has been shut down for two weeks. When PC1 boots and tries to request an available IP address, which destination IP address will PC1 place in the IP header?

    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 1

    (a)    192.168.1.1

    (b)    192.168.1.255

    (c)    255.255.255.255

    (d)    192.168.1.8

     

    Correct Answer: (c)

    Explanation:

    When a host boots and has been configured for dynamic IP addressing, the device tries to obtain a valid IP address. It sends a DHCPDISCOVER message. This is a broadcast message because the DHCP server address is unknown (by design). The destination IP address in the IP header is 255.255.255.255 and the destination MAC address is FF:FF:FF:FF:FF:FF.


    Q(8). Which message does an IPv4 host use to reply when it receives a DHCPOFFER message from a DHCP server?

    (a)    DHCPOFFER

    (b)    DHCPDISCOVER

    (c)    DHCPREQUEST

    (d)    DHCPACK

     

    Correct Answer: (c)

    Explanation:

    When the client receives the DHCPOFFER from the server, it sends back a DHCPREQUEST broadcast message. On receiving the DHCPREQUEST message, the server replies with a unicast DHCPACK message.


    Q(9). Which command, when issued in the interface configuration mode of a router, enables the interface to acquire an IPv4 address automatically from an ISP, when that link to the ISP is enabled?

    (a)    service dhcp

    (b)   ip address dhcp

    (c)     ip helper-address

    (d)    ip dhcp pool

     

    Correct Answer: (b)

    Explanation:

    The ip address dhcp interface configuration command configures an Ethernet interface as a DHCP client. The service dhcp global configuration command enables the DHCPv4 server process on the router. The ip helper-address command is issued to enable DHCP relay on the router. The ip dhcp pool command creates the name of a pool of addresses that the server can assign to hosts.


    Q(10). Which kind of message is sent by a DHCP client when its IP address lease has expired?

    (a)    a DHCPDISCOVER unicast message

    (b)    a DHCPREQUEST broadcast message

    (c)    a DHCPREQUEST unicast message

    (d)    a DHCPDISCOVER broadcast message

     

    Correct Answer: (c)

    Explanation:

    When the IP address lease time of the DHCP client expires, it sends a DHCPREQUEST unicast message directly to the DHCPv4 server that originally offered the IPv4 address.


    Q(11). A host PC is attempting to lease an address through DHCP. What message is sent by the server to let the client know it is able to use the provided IP information?

    (a)    DHCPDISCOVER

    (b)    DHCPOFFER

    (c)     DHCPREQUEST

    (d)   DHCPACK

    (e)    DHCPNACK

     

    Correct Answer: (d)

    Explanation:

    When a host uses DHCP to automatically configure an IP address, the typically sends two messages: the DHCPDISCOVER message and the DHCPREQUEST message. These two messages are usually sent as broadcasts to ensure that all DHCP servers receive them. The servers respond to these messages using DHCPOFFER, DHCPACK, and DHCPNACK messages, depending on the circumstance.


    Q(12). What is one indication that a Windows computer did not receive an IPv4 address from a DHCP server?

    (a)    The computer cannot ping 127.0.0.1.

    (b)   The computer receives an IP address that starts with 169.254.

    (c)     Windows displays a DHCP timeout message.

    (d)    The computer cannot ping other devices on the same network with IP addresses in the 169.254.0.0/16 range.

     

    Correct Answer: (b)

    Explanation:

    When a Windows PC cannot communicate with an IPv4 DHCP server, the computer automatically assigns an IP address in the 169.254.0.0/16 range. Any other device on the same network that receives an address in the same range is reachable.


    Q(13). Which DHCPv4 message will a client send to accept an IPv4 address that is offered by a DHCP server?

    (a)    broadcast DHCPACK

    (b)   broadcast DHCPREQUEST

    (c)     unicast DHCPACK

    (d)    unicast DHCPREQUEST

     

    Correct Answer: (b)

    Explanation:

    When a DHCP client receives DHCPOFFER messages, it will send a broadcast DHCPREQUEST message for two purposes. First, it indicates to the offering DHCP server that it would like to accept the offer and bind the IP address. Second, it notifies any other responding DHCP servers that their offers are declined.


    Q(14). A small coffee shop is offering free Wi-Fi to customers. The network includes a wireless router and a DSL modem that is connected to the local phone company. What method is typically used to configure the connection to the phone company?

    (a)    Set the WAN connection in the wireless router as a DHCP client.

    (b)    Set the connection between the wireless router and the DSL modem as a private IP network.

    (c)     Set the DSL modem as a DHCP client to get a public IP address from the wireless router.

    (d)    Set the DSL modem as a DHCP client to the phone company and a DHCP server for the internal connection.

     

    Correct Answer: (a)

    Explanation:

    In a SOHO environment, a wireless router connects to an ISP via a DSL or cable modem. The IP address between the wireless router and ISP site is typically assigned by the ISP through DHCP. The DSL modem does not manage IP address allocation.


    Q(15). A company uses DHCP to manage IP address deployment for employee workstations. The IT department deploys multiple DHCP servers in the data center and uses DHCP relay agents to facilitate the DHCP requests from workstations. Which two UDP ports are used to forward DHCP traffic? (Choose two.)

    (a)    23

    (b)    53

    (c)    67

    (d)   68

    (e)    80

     

    Correct Answer: (c) & (d)

    Explanation:

    The DHCP protocol operates with 2 UDP ports. UDP port 67 is the destination port for DHCP servers, and DHCP clients use UDP port 68.


    Q(16). A client device on an Ethernet segment needs an IP address in order to communicate on the network. A DHCP server with IP address 192.168.1.1 has been configured and enabled on the network. How will a client device obtain a usable IP address for this network?

    (a)    Send a DHCPACK packet to the default gateway address.

    (b)    Use a statically configured IP address from the pool of IP addresses that is offered by the DHCP server.

    (c)    Send a DHCPDISCOVER message to physical address FF-FF-FF-FF-FF-FF.

    (d)    Send a DHCPREQUEST packet to IP address 255.255.255.255.

     

    Correct Answer: (c)

    Explanation:

    Like IP addressing, there is also a special MAC address for broadcast purposes: FF-FF-FF-FF-FF-FF. When a DHCP client needs to send a DHCP Discover message in order to seek DHCP servers, the client will use this MAC address as the destination MAC address in the Ethernet frame. It does this because it has no knowledge of the IP and MAC addresses of DHCP servers.


    Q(17). What is an advantage of configuring a Cisco router as a relay agent?

    (a)    It can provide relay services for multiple UDP services.

    (b)    It reduces the response time from a DHCP server.

    (c)     It can forward both broadcast and multicast messages on behalf of clients.

    (d)    It will allow DHCPDISCOVER messages to pass without alteration.

     

    Correct Answer: (a)

    Explanation:

    By default, the ip helper-address command forwards the following eight UDP services:
    Port 37: Time
    Port 49: TACACS
    Port 53: DNS
    Port 67: DHCP/BOOTP client
    Port 68: DHCP/BOOTP server
    Port 69: TFTP
    Port 137: NetBIOS name service
    Port 138: NetBIOS datagram service


    Q(18). Which statement is true about DHCP operation?

    (a)    When a device that is configured to use DHCP boots, the client broadcasts a DHCPDISCOVER message to identify any available DHCP servers on the network.

    (b)    A client must wait for lease expiration before it sends another DHCPREQUEST message.

    (c)     If the client receives several DHCPOFFER messages from different servers, it sends a unicast DHCPREQUEST message to the server from which it chooses to obtain the IP information.

    (d)    The DHCPDISCOVER message contains the IP address and subnet mask to be assigned, the IP address of the DNS server, and the IP address of the default gateway.

     

    Correct Answer: (a)

    Explanation:

    The client broadcasts a DHCPDISCOVER message to identify any available DHCP servers on the network. A DHCP server replies with a DHCPOFFER message. This message offers to the client a lease that contains such information as the IP address and subnet mask to be assigned, the IP address of the DNS server, and the IP address of the default gateway. After the client receives the lease, the received information must be renewed through another DHCPREQUEST message prior to the lease expiration.


    Q(19). Order the DHCP message types as they would occur between a DHCP client and a DHCP server.
    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 2

    Explanation:

    The DHCPDISCOVER message is used to identify any DHCP servers on a network.
    The DHCPOFFER message is used by a server to offer a lease to a client. The DHCPREQUEST message is used to identify both the specific DHCP server and the lease that the client is accepting.
    The DHCPACK message is used by a server to finalize a successful lease with a client.
    The DHCPNAK message is used when an offered lease is no longer valid.


    Q(20). A network administrator configures a router to send RA messages with M flag as 0 and O flag as 1. Which statement describes the effect of this configuration when a PC tries to configure its IPv6 address?

    (a)    It should contact a DHCPv6 server for the prefix, the prefix-length information, and an interface ID that is both random and unique.

    (b)   It should use the information that is contained in the RA message and contact a DHCPv6 server for additional information.

    (c)     It should use the information that is contained in the RA message exclusively.

    (d)    It should contact a DHCPv6 server for all the information that it needs.

     

    Correct Answer: (b)

    Explanation:

    ICMPv6 RA messages contain two flags to indicate whether a workstation should use SLAAC, a DHCPv6 server, or a combination to configure its IPv6 address. These two flags are M flag and O flag. When both flags are 0 (by default), a client must only use the information in the RA message. When M flag is 0 and O flag is 1, a client should use the information in the RA message and look for the other configuration parameters (such as DNS server addresses) on DHCPv6 servers.


    Q(21). Refer to the exhibit. What should be done to allow PC-A to receive an IPv6 address from the DHCPv6 server?

    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 3

    (a)    Add the ipv6 dhcp relay command to interface Fa0/0.

    (b)    Change the ipv6 nd managed-config-flag command to ipv6 nd other-config-flag.

    (c)     Configure the ipv6 nd managed-config-flag command on interface Fa0/1.

    (d)    Add the IPv6 address 2001:DB8:1234:5678::10/64 to the interface configuration of the DHCPv6 server.

     

    Correct Answer: (a)

    Explanation:

    Client DHCPv6 messages are sent to a multicast address with link-local scope, which means that the messages will not be forwarded by routers. Because the client and server are on different subnets on different interfaces, the message will not reach the server. The router can be configured to relay the DHCPv6 messages from the client to the server by configuring the ipv6 dhcp relay command on the interface that is connected to the client.


    Q(22). Refer to the exhibit. A network administrator is implementing the stateless DHCPv6 operation for the company. Clients are configuring IPv6 addresses as expected. However, the clients are not getting the DNS server address and the domain name information configured in the DHCP pool. What could be the cause of the problem?

    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 4

    (a)    The DNS server address is not on the same network as the clients are on.

    (b)   The router is configured for SLAAC operation.

    (c)     The GigabitEthernet interface is not activated.

    (d)    The clients cannot communicate with the DHCPv6 server, evidenced by the number of active clients being 0.

     

    Correct Answer: (b)

    Explanation:

    The router is configured for SLAAC operation because there is no configuration command to change the RA M and O flag value. By default, both M and O flags are set to 0. In order to permint stateless DHCPv6 operation, the interface command ipv6 nd other-config-flag should be issued. The GigabitEthernet interface is in working condition because clients can get RA messages and configure their IPv6 addresses as expected. Also, the fact that R1 is the DHCPv6 server and clients are getting RA messages indicates that clients can communicate with the DHCP server. The number of active clients is 0 because the DHCPv6 server does not maintain the state of clients IPv6 addresses (it is not configured for stateful DHCPv6 operation). The DNS server address issue is not relevant to the problem.


    Q(23). Question as presented:

    A stateless DHCPv6 client would send a DHCPv6 INFORMATION-REQUEST message as step 3 in the process.


    Q(24). A company uses the SLAAC method to configure IPv6 addresses for the employee workstations. Which address will a client use as its default gateway?

    (a)    the global unicast address of the router interface that is attached to the network

    (b)    the unique local address of the router interface that is attached to the network

    (c)     the all-routers multicast address

    (d)   the link-local address of the router interface that is attached to the network

     

    Correct Answer: (d)

    Explanation:

    When a PC is configured to use the SLAAC method for configuring IPv6 addresses, it will use the prefix and prefix-length information that is contained in the RA message, combined with a 64-bit interface ID (obtained by using the EUI-64 process or by using a random number that is generated by the client operating system), to form an IPv6 address. It uses the link-local address of the router interface that is attached to the LAN segment as its IPv6 default gateway address.


    Q(25). Refer to the exhibit. A network administrator is configuring a router for DHCPv6 operation. Which conclusion can be drawn based on the commands?

    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 5

    (a)    The router is configured for stateful DHCPv6 operation, but the DHCP pool configuration is incomplete.

    (b)    The DHCPv6 server name is ACAD_CLASS.

    (c)     Clients would configure the interface IDs above 0010.

    (d)   The router is configured for stateless DHCPv6 operation.

     

    Correct Answer: (d)

    Explanation:

    The DHCPv6 is for the stateless DHCPv6 operation that is indicated by changing the O flag to 1 and leaving the M flag as default, which is 0. Therefore, it is not configured for stateful DHCPv6 operation. Although the DNS server has the interface ID 0010, clients in stateless DHCPv6 operation will configure their interface IDs either by EUI-64 or a random number. The ACAD_CLASS is the name of the DHCP pool, not the DHCP server name.


    Q(26). A network administrator is analyzing the features that are supported by different first-hop router redundancy protocols. Which statement describes a feature that is associated with HSRP?

    (a)    HSRP uses active and standby routers.

    (b)    HSRP is nonproprietary.

    (c)     It allows load balancing between a groups of redundant routers.

    (d)    It uses ICMP messages in order to assign the default gateway to hosts.

     

    Correct Answer: (a)

    Explanation:

    The HSRP first-hop router redundancy protocol is Cisco proprietary and supports standby and active devices. VRRPv2 and VRRPv3 are nonproprietary. GLBP is Cisco proprietary and supports load balancing between a group of redundant routers.


    Q(27). Refer to the exhibit. What protocol can be configured on gateway routers R1 and R2 that will allow traffic from the internal LAN to be load balanced across the two gateways to the Internet?

    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 6

    (a)    GLBP

    (b)    PVST+

    (c)     PVST

    (d)    STP

     

    Correct Answer: (a)

    Explanation:

    GLBP, or Group Load Balancing Protocol, allows multiple routers to act as a single default gateway for hosts. GLBP load balances the traffic across the individual routers on a per host basis.


    Q(28). Refer to the exhibit. A network engineer is troubleshooting host connectivity on a LAN that uses a first hop redundancy protocol. Which IPv4 gateway address should be configured on the host?

    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 7

    (a)    192.168.2.0

    (b)    192.168.2.1

    (c)     192.168.2.2

    (d)   192.168.2.100

     

    Correct Answer: (d)

    Explanation:

    The host default gateway address should be the FHRP (in this case GLBP) virtual IP address.


    Q(29). Refer to the exhibit. Which destination MAC address is used when frames are sent from the workstation to the default gateway?

    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 8

    (a)    MAC address of the virtual router

    (b)    MAC address of the standby router

    (c)     MAC addresses of both the forwarding and standby routers

    (d)    MAC address of the forwarding router

     

    Correct Answer: (a)

    Explanation:

    The IP address of the virtual router acts as the default gateway for all the workstations. Therefore, the MAC address that is returned by the Address Resolution Protocol to the workstation will be the MAC address of the virtual router.


    Q(30). Question as presented:

    Hot Standby Router Protocol (HSRP) is a Cisco-proprietary protocol that is designed to allow for transparent failover of a first-hop IPv4 device.

    Q(31). Which FHRP implementation is a Cisco-proprietary protocol that suppports IPv4 load sharing?

    (a)    IRDP

    (b)   GLBP

    (c)     VRRPv3

    (d)    GLBP for IPv6

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(32). The address pool of a DHCP server is configured with 10.92.71.0/25. The network administrator reserves 8 IP addresses for servers. How many IP addresses are left in the pool to be assigned to other hosts?

    (a)    122

    (b)   118

    (c)     119

    (d)    108

    (e)    116

     

    Correct Answer: (b)

    Explanation:

    Calculate the maximum number of hosts available for the slash value and subtract the required static IP addresses required for the devices.
    /24 = 254 hosts
    /25 = 126 hosts
    /26 = 62 hosts
    /27 = 30 hosts
    /28 = 14 hosts


    Q(33). Question as presented:

    The broadcast DHCPDISCOVER message finds DHCPv4 servers on the network. When the DHCPv4 server receives a DHCPDISCOVER message, it reserves an available IPv4 address to lease to the client and sends the unicast DHCPOFFER message to the requesting client. When the client receives the DHCPOFFER from the server, it sends back a DHCPREQUEST. On receiving the DHCPREQUEST message the server replies with a unicast DHCPACK message. DHCPREPLY and DHCPINFORMATION-REQUEST are DHCPv6 messages.


    Q(34). After a host has generated an IPv6 address by using the DHCPv6 or SLAAC process, how does the host verify that the address is unique and therefore usable?

    (a)    The host sends an ICMPv6 echo request message to the DHCPv6 or SLAAC-learned address and if no reply is returned, the address is considered unique.

    (b)   The host sends an ICMPv6 neighbor solicitation message to the DHCP or SLAAC-learned address and if no neighbor advertisement is returned, the address is considered unique.

    (c)     The host checks the local neighbor cache for the learned address and if the address is not cached, it it considered unique.

    (d)    The host sends an ARP broadcast to the local link and if no hosts send a reply, the address is considered unique.

     

    Correct Answer: (b)

    Explanation:

    Before a host can actually configure and use an IPv6 address learned through SLAAC or DHCP, the host must verify that no other host is already using that address. To verify that the address is indeed unique, the host sends an ICMPv6 neighbor solicitation to the address. If no neighbor advertisement is returned, the host considers the address to be unique and configures it on the interface.


    Q(35). Which statement describes HSRP?

    (a)    It is used within a group of routers for selecting an active device and a standby device to provide gateway services to a LAN.

    (b)    It uses ICMP to allow IPv4 hosts to locate routers that provide IPv4 connectivity to remote IP networks.

    (c)     If the virtual router master fails, one router is elected as the virtual router master with the other routers acting as backups.

    (d)    It is an open standard protocol.

     

    Correct Answer: (a)

    Explanation:

    It is VRRP that elects one router as the virtual router master, with the other routers acting as backups in case the virtual router master fails. HSRP is a Cisco-proprietary protocol. IRDP uses ICMP messages to allow IPv4 hosts to locate routers that provide IPv4 connectivity to other (nonlocal) IP networks. HSRP selects active and standby routers to provide gateway services to hosts on a LAN.


    Q(36). Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.


    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 9


    What is the keyword that is displayed on www.netacad.com?

    (a)    DHCP

    (b)    switch

    (c)    Router

    (d)    networking

    (e)    Cisco

    (f)      IPv6

     

    Correct Answer: (c)

    Explanation:

    In order for the host to receive the address of the DNS server, the host must use stateless DHCPv6. The router is configured with the correct DHCPv6 pool, but is missing the command ipv6 nd other-config-flag that signals to the host that it should use DHCPv6 to get additional address information. This command should be added to the interface Gigabit0/0 configuration on the router.


    Q(37). Match each DHCP message type with its description. (Not all options are used.)

     

    Correct Answer


    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 10

    Explanation:

    No answer description available for this question


    Q(38). Match the purpose with its DHCP message type. (Not all options are used.)

    Correct Answer


    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 11

    Explanation:

    No answer description available for this question


    Q(39). Match the DHCP message types to the order of the stateful DHCPv6 process when a client first connects to an IPv6 network. (Not all options are used.)

    Correct Answer

    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 12

    Explanation:

    No answer description available for this question


    Q(40). Match the step number to the sequence of stages that occur during the HSRP failover process. (Not all options are used.)

    Correct Answer


    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 13

    Explanation:

    No answer description available for this question


    Q(41). Match the FHRP protocols to the appropriate description. (Not all options are used.)

    Correct Answer


    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 14

    Explanation:

    No answer description available for this question


    Q(42). Match the DHCP message types to the order of the DHCPv4 process. (Not all options are used.)

    Correct Answer


    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 15

    Explanation:

    No answer description available for this question


    Q(43). The address pool of a DHCP server is configured with 192.168.234.0/27. The network administrator reserves 22 IP addresses for IP phones. How many IP addresses are left in the pool to be assigned to other hosts?

    (a)    10

    (b)    0

    (c)    8

    (d)    21

    (e)    18

     

    Correct Answer: (c)

    Explanation:

    Calculate the maximum number of hosts available for the slash value and subtract the required static IP addresses required for the devices.
    /24 = 254 hosts
    /25 = 126 hosts
    /26 = 62 hosts
    /27 = 30 hosts
    /28 = 14 hosts


    Q(44). A company uses DHCP servers to dynamically assign IPv4 addresses to employee workstations. The address lease duration is set as 5 days. An employee returns to the office after an absence of one week. When the employee boots the workstation, it sends a message to obtain an IP address. Which Layer 2 and Layer 3 destination addresses will the message contain?

    (a)    both MAC and IPv4 addresses of the DHCP server

    (b)    FF-FF-FF-FF-FF-FF and IPv4 address of the DHCP server

    (c)    FF-FF-FF-FF-FF-FF and 255.255.255.255

    (d)    MAC address of the DHCP server and 255.255.255.255

     

    Correct Answer: (c)

    Explanation:

    When the lease of a dynamically assigned IPv4 address has expired, a workstation will send a DHCPDISCOVER message to start the process of obtaining a valid IP address. Because the workstation does not know the addresses of DHCP servers, it sends the message via broadcast, with destination addresses of FF-FF-FF-FF-FF-FF and 255.255.255.255.


    Q(45). Which command will allow a network administrator to check the IP address that is assigned to a particular MAC address?

    (a)    Router# show running-config I section_dhcp

    (b)    Router# show ip dhcp server statistics

    (c)    Router# show ip dhcp binding

    (d)    Router# show ip dhcp pool

     

    Correct Answer: (c)

    Explanation:

    The show ip dhcp binding command will show the leases, including IP addresses, MAC addresses, lease expiration, type of lease, client ID, and user name.


    Q(46). What is the reason that an ISP commonly assigns a DHCP address to a wireless router in a SOHO environment?

    (a)    better network performance

    (b)    better connectivity

    (c)    easy IP address management

    (d)    easy configuration on ISP firewall

     

    Correct Answer: (c)

    Explanation:

    In a SOHO environment, a wireless router connects to the ISP via a DSL or cable modem. The IP address between the wireless router and ISP site is typically assigned by the ISP through DHCP. This method facilitates the IP addressing management in that IP addresses for clients are dynamically assigned so that if a client is dropped, the assigned IP address can be easily reassigned to another client.


    Q(47). What information can be verified through the show ip dhcp binding command?

    (a)    the IPv4 addresses that are assigned to hosts by the DHCP server

    (b)    that DHCPv4 discover messages are still being received by the DHCP server

    (c)     the IPv4 addresses that have been excluded from the DHCPv4 pool

    (d)    the number of IP addresses remaining in the DHCP pool

     

    Correct Answer: (a)

    Explanation:

    The show ip dhcp binding command shows a list of IPv4 addresses and the MAC addresses of the hosts to which they are assigned. Using this information an administrator can determine which host interfaces have been assigned to specific hosts.


    Q(48). What is the result of a network technician issuing the command ip dhcp excluded-address 10.0.15.1 10.0.15.15 on a Cisco router?

    (a)    The Cisco router will exclude only the 10.0.15.1 and 10.0.15.15 IP addresses from being leased to DHCP clients.

    (b)   The Cisco router will exclude 15 IP addresses from being leased to DHCP clients.

    (c)     The Cisco router will automatically create a DHCP pool using a /28 mask.

    (d)    The Cisco router will allow only the specified IP addresses to be leased to clients.

     

    Correct Answer: (b)

    Explanation:

    The ip dhcp excluded-address command is followed by the first and the last addresses to be excluded from being leased to DHCP clients.


    Q(49). Match the descriptions to the corresponding DHCPv6 server type. (Not all options are used.)

    Correct Answer


    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 16

    Explanation:

    No answer description available for this question


    Q(50). Refer to the exhibit. Based on the output that is shown, what kind of IPv6 addressing is being configured?

    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers

    (a)    stateless DHCPv6

    (b)    SLAAC

    (c)     static link-local

    (d)    stateful DHCPv6

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question

    Explanation:

    Stateful DHCPv6 pools are configured with address prefixes for hosts via the address command, whereas stateless DHCPv6 pools typically only contain information such as DNS server addresses and the domain name. RA messages that are sent from routers that are configured as stateful DHCPv6 servers have the M flag set to 1 with the command ipv6 nd managed-config-flag, whereas stateless DHCPv6 servers are indicated by setting the O flag to 1 with the ipv6 nd other-config-flag command.


    Q(51). Which FHRP implementation is a Cisco-proprietary protocol that suppports IPv6 load balancing?

    (a)    GLBP

    (b)   GLBP for IPv6

    (c)     VRRPv3

    (d)    VRRPv2

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(52). Which set of commands will configure a router as a DHCP server that will assign IPv4 addresses to the 192.168.100.0/23 LAN while reserving the first 10 and the last addresses for static assignment?

    (a)    ip dhcp excluded-address 192.168.100.1 192.168.100.9
    ip dhcp excluded-address 192.168.101.254
    ip dhcp pool LAN-POOL-100
    ip network 192.168.100.0 255.255.254.0
    ip default-gateway 192.168.100.1

    (b)    dhcp pool LAN-POOL-100
    ip dhcp excluded-address 192.168.100.1 192.168.100.9
    ip dhcp excluded-address 192.168.100.254
    network 192.168.100.0 255.255.254.0
    default-router 192.168.101.1

    (c)     ip dhcp excluded-address 192.168.100.1 192.168.100.10
    ip dhcp excluded-address 192.168.100.254
    ip dhcp pool LAN-POOL-100
    network 192.168.100.0 255.255.255.0
    ip default-gateway 192.168.100.1

    (d)   ip dhcp excluded-address 192.168.100.1 192.168.100.10
    ip dhcp excluded-address 192.168.101.254
    ip dhcp pool LAN-POOL-100
    network 192.168.100.0 255.255.254.0
    default-router 192.168.100.1

     

    Correct Answer: (d)

    Explanation:

    The /23 prefix is equivalent to a network mask of 255.255.254.0. The network usable IPv4 address range is 192.168.100.1 to 192.168.101.254 inclusive. The commands dhcp pool, ip default-gateway, and ip network are not valid DHCP configuration commands.


    Q(53). What is a result when the DHCP servers are not operational in a network?

    (a)    Workstations are assigned with the IP address 127.0.0.1.

    (b)    Workstations are assigned with IP addresses in the 10.0.0.0/8 network.

    (c)    Workstations are assigned with IP addresses in the 169.254.0.0/16 network.

    (d)    Workstations are assigned with the IP address 0.0.0.0.

     

    Correct Answer: (c)

    Explanation:

    When workstations are configured with obtaining IP address automatically but DHCP servers are not available to respond to the requests, a workstation can assign itself an IP addresses from the 169.254.0.0/16 network.


    Q(54). A company uses the method SLAAC to configure IPv6 addresses for the workstations of the employees. A network administrator configured the IPv6 address on the LAN interface of the router. The interface status is UP. However, the workstations on the LAN segment did not obtain the correct prefix and prefix length. What else should be configured on the router that is attached to the LAN segment for the workstations to obtain the information?

    (a)    R1(config)# ipv6 dhcp pool

    (b)    R1(config-if)# ipv6 enable

    (c)    R1(config)# ipv6 unicast-routing

    (d)    R1(config-if)# ipv6 nd other-config-flag

     

    Correct Answer: (c)

    Explanation:

    A PC that is configured to use the SLAAC method obtains the IPv6 prefix and prefix length from a router. When the PC boots, it sends an RS message to inform the routers that it needs the information. A router sends an RA message that includes the required information. For a router to be able to send RA messages, it must be enabled as an IPv6 router by the unicast ipv6-routing command in global configuration mode. The other options are not used to enable IPv6 routing on a router.


    Q(55). Which FHRP implementation is a nonproprietary protocol which relies on ICMP to provide IPv4 redundancy?

    (a)    VRRPv3

    (b)    GLBP for IPv6

    (c)    IRDP

    (d)    GLBP

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(56). Refer to the exhibit. PC-A is unable to receive an IPv6 address from the stateful DHCPv6 server. What is the problem?


    CCNA 2 v7 Modules 7 - 9: Available and Reliable Networks Exam Answers 17

    (a)    The ipv6 dhcp relay command should be applied to interface Gig0/0.

    (b)    The ipv6 nd managed-config-flag should be applied to interface Gig0/1.

    (c)     The ipv6 dhcp relay command should use the link-local address of the DHCP server.

    (d)    The ipv6 nd managed-config-flag command should be ipv6 nd other-config-flag.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(57). Refer to the exhibit. A network administrator is configuring a router as a DHCPv6 server. The administrator issues a show ipv6 dhcp pool command to verify the configuration. Which statement explains the reason that the number of active clients is 0?

    (a)    The default gateway address is not provided in the pool.

    (b)    No clients have communicated with the DHCPv6 server yet.

    (c)     The IPv6 DHCP pool configuration has no IPv6 address range specified.

    (d)   The state is not maintained by the DHCPv6 server under stateless DHCPv6 operation.

     

    Correct Answer: (d)

    Explanation:
    Under the stateless DHCPv6 configuration, indicated by the command ipv6 nd other-config-flag, the DHCPv6 server does not maintain the state information, because client IPv6 addresses are not managed by the DHCP server. Because the clients will configure their IPv6 addresses by combining the prefix/prefix-length and a self-generated interface ID, the ipv6 dhcp pool configuration does not need to specify the valid IPv6 address range. And because clients will use the link-local address of the router interface as the default gateway address, the default gateway address is not necessary.


    Q(58). Which FHRP implementation is Cisco-proprietary and permits only one router in a group to forward IPv6 packets?

    (a)    VRRPv3

    (b)    HSRP

    (c)    HSRP for IPv6

    (d)    VRRPv2

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(59). Which FHRP implementation is a nonproprietary IPv4-only election protocol which has one master router per group?

    (a)    HSRP for IPv6

    (b)    GLBP

    (c)    VRRPv2

    (d)    VRRPv3

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question


    Q(60). The address pool of a DHCP server is configured with 172.18.93.0/25. The network administrator reserves 10 IP addresses for web servers. How many IP addresses are left in the pool to be assigned to other hosts?

    (a)    106

    (b)    117

    (c)     114

    (d)    120

    (e)    116

     

    Correct Answer: (e)

    Explanation:
    Calculate the maximum number of hosts available for the slash value and subtract the required static IP addresses required for the devices.
    /24 = 254 hosts
    /25 = 126 hosts
    /26 = 62 hosts
    /27 = 30 hosts
    /28 = 14 hosts


    Q(61). The address pool of a DHCP server is configured with 10.3.2.0/24. The network administrator reserves 3 IP addresses for printers. How many IP addresses are left in the pool to be assigned to other hosts?

    (a)    252

    (b)    241

    (c)     255

    (d)    249

    (e)    251

     

    Correct Answer: (e)

    Explanation:

    CIDR Subnet Calculator Online


    Q(62). The address pool of a DHCP server is configured with 172.23.143.0/26. The network administrator reserves 14 IP addresses for file servers. How many IP addresses are left in the pool to be assigned to other hosts?

    (a)    58

    (b)   48

    (c)     50

    (d)    61

    (e)    40

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(63). The address pool of a DHCP server is configured with 10.7.30.0/24. The network administrator reserves 5 IP addresses for printers. How many IP addresses are left in the pool to be assigned to other hosts?

    (a)    253

    (b)    239

    (c)    249

    (d)    250

    (e)    247

     

    Correct Answer: (c)

    Explanation:

    Calculate the maximum number of hosts available for the slash value and subtract the required static IP addresses required for the devices.
    /24 = 254 hosts
    /25 = 126 hosts
    /26 = 62 hosts
    /27 = 30 hosts
    /28 = 14 hosts


    Q(64). Which FHRP implementation is a nonproprietary IPv4-only election protocol with limited scalability?

    (a)    VRRPv2

    (b)    GLBP

    (c)     GLBP for IPv6

    (d)    IRDP

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(65). The address pool of a DHCP server is configured with 192.168.184.0/26. The network administrator reserves 18 IP addresses for access points. How many IP addresses are left in the pool to be assigned to other hosts?

    (a)    57

    (b)   44

    (c)     54

    (d)    36

    (e)    46

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(66). The address pool of a DHCP server is configured with 10.19.44.0/24. The network administrator reserves 3 IP addresses for servers. How many IP addresses are left in the pool to be assigned to other hosts?

    (a)    255

    (b)    252

    (c)     241

    (d)   251

    (e)    249

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(67). The address pool of a DHCP server is configured with 10.19.44.0/24. The network administrator reserves 6 IP addresses for servers. How many IP addresses are left in the pool to be assigned to other hosts?

    (a)    246

    (b)    252

    (c)     249

    (d)   248

    (e)    238

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


  • CCNA 2 v7 Modules 5 – 6: Redundant Networks Exam Answers

    How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer.

    CCNA 2 v7 Modules 5 – 6: Redundant Networks Exam Answers

     

    Q(1). What additional information is contained in the 12-bit extended system ID of a BPDU?

    (a)    MAC address

    (b)   VLAN ID

    (c)     IP address

    (d)    port ID

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(2). During the implementation of Spanning Tree Protocol, all switches are rebooted by the network administrator. What is the first step of the spanning-tree election process?

    (a)    Each switch with a lower root ID than its neighbor will not send BPDUs.

    (b)   All the switches send out BPDUs advertising themselves as the root bridge.

    (c)     Each switch determines the best path to forward traffic.

    (d)    Each switch determines what port to block to prevent a loop from occurring.

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(3). Which STP port role is adopted by a switch port if there is no other port with a lower cost to the root bridge?

    (a)    designated port

    (b)   root port

    (c)     alternate

    (d)    disabled port

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(4). Which two concepts relate to a switch port that is intended to have only end devices attached and intended never to be used to connect to another switch? (Choose two.)

    (a)    bridge ID

    (b)   edge port

    (c)     extended system ID

    (d)   PortFast

    (e)    PVST+

     

    Correct Answer: (b) & (d)

    Explanation:

    No answer description available for this question


    Q(5). Which three components are combined to form a bridge ID?

    (a)    extended system ID

    (b)    cost

    (c)     IP address

    (d)   bridge priority

    (e)    MAC address

    (f)      port ID

     

    Correct Answer: (a), (d) & (e)

    Explanation:

    The three components that are combined to form a bridge ID are bridge priority, extended system ID, and MAC address.


    Q(6). Match the STP protocol with the correct description. (Not all options are used.)

     

    Correct Answer


    CCNA 2 v7 Modules 5 - 6: Redundant Networks Exam Answers 1

    Explanation:

    No answer description available for this question


    Q(7). In which two port states does a switch learn MAC addresses and process BPDUs in a PVST network? (Choose two.)

    (a)    disabled

    (b)   forwarding

    (c)     listening

    (d)    blocking

    (e)    learning

     

    Correct Answer: (b) & (e)

    Explanation:

    Switches learn MAC addresses at the learning and forwarding port states. They receive and process BPDUs at the blocking, listening, learning, and forwarding port states.


    Q(8). If no bridge priority is configured in PVST, which criteria is considered when electing the root bridge?

    (a)    lowest MAC address

    (b)    lowest IP address

    (c)     highest IP address

    (d)    highest MAC address

     

    Correct Answer: (a)

    Explanation:

    Only one switch can be the root bridge for a VLAN. The root bridge is the switch with the lowest BID. The BID is determined by priority and the MAC address. If no priority is configured then all switches use the default priority and the election of the root bridge will be based on the lowest MAC address.


    Q(9). Match the spanning-tree feature with the protocol type. (Not all options are used.)

    Correct Answer

    CCNA-2-v7-Modules 5 - 6 Redundant Networks Exam 09

    Explanation:

    No answer description available for this question


    Q(10). When the show spanning-tree vlan 33 command is issued on a switch, three ports are shown in the forwarding state. In which two port roles could these interfaces function while in the forwarding state? (Choose two.)

    (a)    alternate

    (b)   designated

    (c)     disabled

    (d)    blocked

    (e)    root

     

    Correct Answer: (b) & (e)

    Explanation:

    The role of each of the three ports will be either designated port or root port. Ports in the disabled state are administratively disabled. Ports in the blocking state are alternate ports.


    Q(11). What is the function of STP in a scalable network?

    (a)    It decreases the size of the failure domain to contain the impact of failures.

    (b)    It protects the edge of the enterprise network from malicious activity.

    (c)     It combines multiple switch trunk links to act as one logical link for increased bandwidth.

    (d)   It disables redundant paths to eliminate Layer 2 loops.

     

    Correct Answer: (d)

    Explanation:

    STP is an important component in a scalable network because it allows redundant physical connections between Layer 2 devices to be implemented without creating Layer 2 loops. STP prevents Layer 2 loops from forming by disabling interfaces on Layer 2 devices when they would create a loop.


    Q(12). What is a characteristic of spanning tree?

    (a)    It is enabled by default on Cisco switches.

    (b)    It is used to discover information about an adjacent Cisco device.

    (c)     It has a TTL mechanism that works at Layer 2.

    (d)    It prevents propagation of Layer 2 broadcast frames.

     

    Correct Answer: (a)

    Explanation:

    Spanning tree does work at Layer 2 on Ethernet-based networks and is enabled by default, but it does not have a TTL mechanism. Spanning tree exists because Layer 2 frames do not have a TTL mechanism. Layer 2 frames are still broadcast when spanning tree is enabled, but the frames can only be transmitted through a single path through the Layer 2 network that was created by spanning tree. Cisco Discovery Protocol (CDP) is used to discover information about an adjacent Cisco device.


    Q(13). Which spanning tree standard supports only one root bridge so that traffic from all VLANs flows over the same path?

    (a)    PVST+

    (b)   802.1D

    (c)     MST

    (d)    Rapid PVST

     

    Correct Answer: (b)

    Explanation:

    MST is the Cisco implementation of MSTP, an IEEE standard protocol that provides up to 16 instances of RSTP. PVST+ provides a separate 802.1D spanning-tree instance for each VLAN that is configured in the network. 802.1D is the original STP standard defined by the IEEE and allows for only one root bridge for all VLANs. 802.1w, or RSTP, provides faster convergence but still uses only one STP instance for all VLANs.


    Q(14). What is the purpose of the Spanning Tree Protocol (STP)?

    (a)    creates smaller collision domains

    (b)    prevents routing loops on a router

    (c)    prevents Layer 2 loops

    (d)    allows Cisco devices to exchange routing table updates

    (e)    creates smaller broadcast domains

     

    Correct Answer: (c)

    Explanation:

    The Spanning-Tree Protocol (STP) creates one path through a switch network in order to prevent Layer 2 loops.


    Q(15). What is the value used to determine which port on a non-root bridge will become a root port in a STP network?

    (a)    the path cost

    (b)    the highest MAC address of all the ports in the switch

    (c)     the lowest MAC address of all the ports in the switch

    (d)    the VTP revision number

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(16). Refer to the exhibit. Which switch will be the root bridge after the election process is complete?

    CCNA-2-v7-Modules 5 - 6 Redundant Networks Exam 10

    (a)    S1

    (b)   S2

    (c)     S3

    (d)    S4

     

    Correct Answer: (b)

    Explanation:

    The root bridge is determined by the lowest bridge ID, which consists of the priority value and the MAC address. Because the priority values of all of the switches are identical, the MAC address is used to determine the root bridge. Because S2 has the lowest MAC address, S2 becomes the root bridge.


    Q(17). What are two drawbacks to turning spanning tree off and having multiple paths through the Layer 2 switch network? (Choose two.)

    (a)    The MAC address table becomes unstable.

    (b)    The switch acts like a hub.

    (c)     Port security becomes unstable.

    (d)   Broadcast frames are transmitted indefinitely.

    (e)    Port security shuts down all of the ports that have attached devices.

     

    Correct Answer: (a) & (d)

    Explanation:

    Spanning tree should never be disabled. Without it, the MAC address table becomes unstable, broadcast storms can render network clients and the switches unusable, and multiple copies of unicast frames can be delivered to the end devices.


    Q(18). A small company network has six interconnected Layer 2 switches. Currently all switches are using the default bridge priority value. Which value can be used to configure the bridge priority of one of the switches to ensure that it becomes the root bridge in this design?

    (a)    1

    (b)   28672

    (c)     32768

    (d)    34816

    (e)    61440

     

    Correct Answer: (b)

    Explanation:

    The default bridge priority value for all Cisco switches is 32768. The range is 0 to 61440 in increments of 4096. Thus, the values 1 and 34816 are invalid. Configuring one switch with the lower value of 28672 (and leaving the bridge priority value of all other switches unchanged) will make the switch become the root bridge.


    Q(19). Refer to the exhibit. The administrator tried to create an EtherChannel between S1 and the other two switches via the commands that are shown, but was unsuccessful. What is the problem?

    CCNA-2-v7-Modules 5 - 6 Redundant Networks Exam 19

    (a)    Traffic cannot be sent to two different switches through the same EtherChannel link.

    (b)    Traffic cannot be sent to two different switches, but only to two different devices like an EtherChannel-enabled server and a switch.

    (c)     Traffic can only be sent to two different switches if EtherChannel is implemented on Gigabit Ethernet interfaces.

    (d)    Traffic can only be sent to two different switches if EtherChannel is implemented on Layer 3 switches.

     

    Correct Answer: (a)

    Explanation:

    An EtherChannel link can only be created between two switches or between an EtherChannel-enabled server and a switch. Traffic cannot be sent to two different switches through the same EtherChannel link.


    Q(20). Which statement is true regarding the use of PAgP to create EtherChannels?

    (a)    It requires full duplex.

    (b)    It increases the number of ports that are participating in spanning tree.

    (c)     It requires more physical links than LACP does.

    (d)    It mandates that an even number of ports (2, 4, 6, etc.) be used for aggregation.

    (e)    It is Cisco proprietary.

     

    Correct Answer: (e)

    Explanation:

    PAgP is used to automatically aggregate multiple ports into an EtherChannel bundle, but it only works between Cisco devices. LACP can be used for the same purpose between Cisco and non-Cisco devices. PAgP must have the same duplex mode at both ends and can use two ports or more. The number of ports depends on the switch platform or module. An EtherChannel aggregated link is seen as one port by the spanning-tree algorithm.


    Q(21). What are two requirements to be able to configure an EtherChannel between two switches? (Choose two.)

    (a)    All the interfaces need to work at the same speed.

    (b)    All interfaces need to be assigned to different VLANs.

    (c)     Different allowed ranges of VLANs must exist on each end.

    (d)   All the interfaces need to be working in the same duplex mode.

    (e)    The interfaces that are involved need to be contiguous on the switch.

     

    Correct Answer: (a) & (d)

    Explanation:

    All interfaces in the EtherChannel bundle must be assigned to the same VLAN or be configured as a trunk. If the allowed range of VLANs is not the same, the interfaces do not form an EtherChannel even when set to auto or desirable mode.


    Q(22). Refer to the exhibit. On the basis of the output that is shown, what can be determined about the EtherChannel bundle?

    CCNA-2-v7-Modules 5 - 6 Redundant Networks Exam 20

    (a)    The EtherChannel bundle is down.

    (b)    Two Gigabit Ethernet ports are used to form the EtherChannel.

    (c)    A Cisco proprietary protocol was used to negotiate the EtherChannel link.

    (d)    The EtherChannel bundle is operating at both Layer 2 and Layer 3.

     

    Correct Answer: (c)

    Explanation:

    Two protocols can be used to send negotiation frames that are used to try to establish an EtherChannel link: PAgP and LACP. PAgP is Cisco proprietary, and LACP adheres to the industry standard.


    Q(23). Which two parameters must match on the ports of two switches to create a PAgP EtherChannel between the switches? (Choose two.)

    (a)    port ID

    (b)    PAgP mode

    (c)     MAC address

    (d)   speed

    (e)    VLAN information

     

    Correct Answer: (d) & (e)

    Explanation:

    For an EtherChannel to be created, the ports that are concerned on the two switches must match in terms of the speed, duplex, and VLAN information. The PAgP mode must be compatible but not necessarily equal. The port ID and the MAC addresses do not have to match.


    Q(24). Refer to the exhibit. A network administrator is configuring an EtherChannel link between two switches, SW1 and SW2. Which statement describes the effect after the commands are issued on SW1 and SW2?

    CCNA-2-v7-Modules 5 - 6 Redundant Networks Exam 21

    (a)    The EtherChannel is established after SW2 initiates the link request.

    (b)    The EtherChannel is established after SW1 initiates the link request.

    (c)     The EtherChannel is established without negotiation.

    (d)   The EtherChannel fails to establish.

     

    Correct Answer: (d)

    Explanation:

    The interfaces GigabitEthernet 0/1 and GigabitEthernet 0/2 are configured “on” for the EtherChannel link. This mode forces the interface to channel without PAgP or LACP. The EtherChannel will be established only if the other side is also set to “on”. However, the mode on SW2 side is set to PAgP desirable. Thus the EtherChannel link will not be established.


    Q(25). Refer to the exhibit. A network administrator is configuring an EtherChannel link between two switches, SW1 and SW2. However, the EtherChannel link fails to establish. What change in configuration would correct the problem?

    CCNA 2 v7 Modules 5 - 6: Redundant Networks Exam Answers 2

    (a)    Configure SW2 EtherChannel mode to desirable.

    (b)    Configure SW2 EtherChannel mode to on.

    (c)     Configure SW1 EtherChannel mode to on.

    (d)    Configure SW2 EtherChannel mode to auto.

     

    Correct Answer: (a)

    Explanation:

    The EtherChannel mode must be compatible on each side for the link to work. The three modes from PAgP protocol are on, desirable, and auto. The three modes from LACP protocol are on, active, and passive. The compatible modes include on-on, auto-desirable, desirable-desirable, active-passive, and active-active. Any other combinations will not form an EtherChannel link.


    Q(26). A network administrator configured an EtherChannel link with three interfaces between two switches. What is the result if one of the three interfaces is down?

    (a)    The remaining two interfaces continue to load balance traffic.

    (b)    The remaining two interfaces become separate links between the two switches.

    (c)     One interface becomes an active link for data traffic and the other becomes a backup link.

    (d)    The EtherChannel fails.

     

    Correct Answer: (a)

    Explanation:

    EtherChannel creates an aggregation that is seen as one logical link. It provides redundancy because the overall link is one logical connection. The loss of one physical link within the channel does not create a change in the topology; the EtherChannel remains functional.


    Q(27). A network administrator is configuring an EtherChannel link between switches SW1 and SW2 by using the command SW1(config-if-range)# channel-group 1 mode auto . Which command must be used on SW2 to enable this EtherChannel?

    (a)    SW2(config-if-range)# channel-group 1 mode passive

    (b)   SW2(config-if-range)# channel-group 1 mode desirable

    (c)     SW2(config-if-range)# channel-group 1 mode on

    (d)    SW2(config-if-range)# channel-group 1 mode active

     

    Correct Answer: (b)

    Explanation:

    The possible combinations to establish an EtherChannel between SW1 and SW2 using LACP or PAgP are as follows:
    PAgP
    on on
    auto desirable
    desirable desirable

    LACP
    on on
    active active
    passive active

    The EtherChannel mode chosen on each side of the EtherChannel must be compatible in order to enable it.


    Q(28). Which technology is an open protocol standard that allows switches to automatically bundle physical ports into a single logical link?

    (a)    PAgP

    (b)   LACP

    (c)     Multilink PPP

    (d)    DTP

     

    Correct Answer: (b)

    Explanation:

    LACP, or Link Aggregation Control Protocol, is defined by IEEE 802.3ad and is an open standard protocol. LACP allows switches to automatically bundle switch ports into a single logical link to increase bandwidth. PAgP, or Port Aggregation Protocol, performs a similar function, but it is a Cisco proprietary protocol. DTP is Dynamic Trunking Protocol and is used to automatically and dynamically build trunks between switches. Multilink PPP is used to load-balance PPP traffic across multiple serial interfaces.


    Q(29). What is a requirement to configure a trunking EtherChannel between two switches?

    (a)    The allowed range of VLANs must be the same on both switches.

    (b)    The participating interfaces must be assigned the same VLAN number on both switches.

    (c)     The participating interfaces must be physically contiguous on a switch.

    (d)    The participating interfaces must be on the same module on a switch.

     

    Correct Answer: (a)

    Explanation:

    To enable a trunking EtherChannel successfully, the range of VLANs allowed on all the interfaces must match; otherwise, the EtherChannel cannot be formed. The interfaces involved in an EtherChannel do not have to be physically contiguous, or on the same module. Because the EtherChannel is a trunking one, participating interfaces are configured as trunk mode, not access mode.


    Q(30). What are two advantages of using LACP? (Choose two.)

    (a)    It allows directly connected switches to negotiate an EtherChannel link.

    (b)    It eliminates the need for configuring trunk interfaces when deploying VLANs on multiple switches.

    (c)     It decreases the amount of configuration that is needed on a switch.

    (d)    It provides a simulated environment for testing link aggregation.

    (e)    It allows the use of multivendor devices.

    (f)      LACP allows Fast Ethernet and Gigabit Ethernet interfaces to be mixed within a single EtherChannel.

     

    Correct Answer: (a) & (e)

    Explanation:

    The Link Aggregation Control Protocol (LACP) allows directly connected multivendor switches to negotiate an EtherChannel link. LACP helps create the EtherChannel link by detecting the configuration of each side and making sure that they are compatible so that the EtherChannel link can be enabled when needed.


    Q(31). A switch is configured to run STP. What term describes a non-root port that is permitted to forward traffic on the network?

    (a)    root port

    (b)   designated port

    (c)     alternate port

    (d)    disabled

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(32). What are two advantages of EtherChannel? (Choose two.)

    (a)    Spanning Tree Protocol views the physical links in an EtherChannel as one logical connection.

    (b)    Load balancing occurs between links configured as different EtherChannels.

    (c)    Configuring the EtherChannel interface provides consistency in the configuration of the physical links.

    (d)    Spanning Tree Protocol ensures redundancy by transitioning failed interfaces in an EtherChannel to a forwarding state.

    (e)    EtherChannel uses upgraded physical links to provide increased bandwidth.

     

    Correct Answer: (a) & (c)

    Explanation:

    EtherChannel configuration of one logical interface ensures configuration consistency across the physical links in the EtherChannel. The EtherChannel provides increased bandwidth using existing switch ports without requiring any upgrades to the physical interfaces. Load balancing methods are implemented between links that are part of the same Etherchannel. Because EtherChannel views the bundled physical links as one logical connection, spanning tree recalculation is not required if one of the bundled physical links fail. If a physical interface fails, STP cannot transition the failed interface into a forwarding state.


    Q(33). Refer to the exhibit. What are the possible port roles for ports A, B, C, and D in this RSTP-enabled network?

    Modules 5 - 6: Redundant Networks Exam

    (a)    alternate, designated, root, root

    (b)    designated, alternate, root, root

    (c)     alternate, root, designated, root

    (d)    designated, root, alternate, root

     

    Correct Answer: (a)

    Explanation:

    Because S1 is the root bridge, B is a designated port, and C and D root ports. RSTP supports a new port type, alternate port in discarding state, that can be port A in this scenario.


    Q(34). Refer to the exhibit. Which switching technology would allow each access layer switch link to be aggregated to provide more bandwidth between each Layer 2 switch and the Layer 3 switch?

    CCNA-2-v7-Modules 5 - 6 Redundant Networks Exam 02

    (a)    trunking

    (b)    HSRP

    (c)     PortFast

    (d)   EtherChannel

     

    Correct Answer: (d)

    Explanation:

    PortFast is used to reduce the amount of time that a port spends going through the spanning-tree algorithm, so that devices can start sending data sooner. Trunking can be implemented in conjunction with EtherChannel, but trunking alone does not aggregate switch links. HSRP is used to load-balance traffic across two different connections to Layer 3 devices for default gateway redundancy. HSRP does not aggregate links at either Layer 2 or Layer 3 as EtherChannel does.


    Q(35). Refer to the exhibit. An administrator wants to form an EtherChannel between the two switches by using the Port Aggregation Protocol. If switch S1 is configured to be in auto mode, which mode should be configured on S2 to form the EtherChannel?

    CCNA-2-v7-Modules 5 - 6 Redundant Networks Exam 06

    (a)    auto

    (b)    on

    (c)     off

    (d)   desirable

     

    Correct Answer: (d)

    Explanation:

    An EtherChannel will be formed via PAgP when both switches are in on mode or when one of them is in auto or desirable mode and the other is in desirable mode.


    Q(36). Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
    Which set of configuration commands issued on SW1 will successfully complete the EtherChannel link between SW1 and SW2?

    CCNA-2-v7-Modules 5 - 6 Redundant Networks Exam 07

    (a)    interface GigabitEthernet0/1
    no shutdown

    (b)    interface Port-channel 1
    no shutdown

    (c)     interface GigabitEthernet0/2
    channel-group 2 mode desirable

    (d)   interface GigabitEthernet0/1
    channel-group 1 mode desirable

     

    Correct Answer: (d)

    Explanation:

    Issuing the show running-configuration command on SW1 shows that interface GigabitEthernet0/1 is missing the channel-group 1 mode desirable command which will compete the EtherChannel configuration for interface GigabitEthernet0/1 and interface GigabitEthernet0/2.


    Q(37). A set of switches is being connected in a LAN topology. Which STP bridge priority value will make it least likely for the switch to be selected as the root?

    (a)    65535

    (b)    4096

    (c)     32768

    (d)   61440

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(38). 38. In which two PVST+ port states are MAC addresses learned? (Choose two.)

    (a)    learning

    (b)   forwarding

    (c)     disabled

    (d)    listening

    (e)    blocking

     

    Correct Answer: (a) & (b)

    Explanation:

    The two PVST+ port states during which MAC addresses are learned and populate the MAC address table are the learning and the forwarding states.


    Q(39). Which port role is assigned to the switch port that has the lowest cost to reach the root bridge?

    (a)    designated port

    (b)    disabled port

    (c)    root port

    (d)    non-designated port

     

    Correct Answer: (c)

    Explanation:

    The root port on a switch is the port with the lowest cost to reach the root bridge.


    Q(40). A switch is configured to run STP. What term describes the switch port closest, in terms of overall cost, to the root bridge

    (a)    root port

    (b)    designated port

    (c)     alternate port

    (d)    disabled

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(41). A switch is configured to run STP. What term describes a field used to specify a VLAN ID?

    (a)    extended system ID

    (b)    port ID

    (c)     bridge priority

    (d)    bridge ID

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(42). A switch is configured to run STP. What term describes the reference point for all path calculations?

    (a)    root bridge

    (b)    root port

    (c)     designated port

    (d)    alternate port

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(43). A switch is configured to run STP. What term describes a field that has a default value of 32,768 and is the initial deciding factor when electing a root bridge?

    (a)    bridge priority

    (b)    MAC Address

    (c)     extended system ID

    (d)    bridge ID

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(44). Which statement describes an EtherChannel implementation?

    (a)    EtherChannel operates only at Layer 2.

    (b)    PAgP cannot be used in conjunction with EtherChannel.

    (c)    A trunked port can be part of an EtherChannel bundle.

    (d)    EtherChannel can support up to a maximum of ten separate links.

     

    Correct Answer: (c)

    Explanation:

    Up to 16 links can be grouped in an EtherChannel by using the the PAgP or LACP protocol. EtherChannel can be configured as a Layer 2 bundle or a Layer 3 bundle. Configuring a Layer 3 bundle is beyond the scope of this course. If a trunked port is a part of the EtherChannel bundle, all ports in the bundle need to be trunk ports and the native VLAN must be the same on all of these ports. A best practice is to apply the configuration to the port channel interface. The configuration is then automatically applied to the individual ports.


    Q(45). Refer to the exhibit. A network administrator issued the show etherchannel summary command on the switch S1. What conclusion can be drawn?

    CCNA2 v7 SRWE – Modules 5 – 6 Redundant Networks Exam Answers 46

    (a)    The EtherChannel is suspended.

    (b)   The EtherChannel is not functional.

    (c)     The port aggregation protocol PAgP is misconfigured.

    (d)    FastEthernet ports Fa0/1, Fa0/2, and Fa0/3 do not join the EtherChannel.

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(46). Which statement describes a characteristic of EtherChannel?

    (a)    It can combine up to a maximum of 4 physical links.

    (b)    It can bundle mixed types of 100 Mb/s and 1Gb/s Ethernet links.

    (c)     It consists of multiple parallel links between a switch and a router.

    (d)   It is made by combining multiple physical links that are seen as one link between two switches.

     

    Correct Answer: (d)

    Explanation:

    An EtherChannel is formed by combining multiple (same type) Ethernet physical links so they are seen and configured as one logical link. It provides an aggregated link between two switches. Currently each EtherChannel can consist of up to eight compatibly configured Ethernet ports.


    Q(47). Which two channel group modes would place an interface in a negotiating state using PAgP? (Choose two.)

    (a)    on

    (b)   desirable

    (c)     active

    (d)   auto

    (e)    passive

     

    Correct Answer: (b) & (d)

    Explanation:

    There are three modes available when configuring an interface for PAgP: on, desirable, and auto. Only desirable and auto place the interface in a negotiating state. The active and passive states are used to configure LACP and not PAgP.


    Q(48). Which mode configuration setting would allow formation of an EtherChannel link between switches SW1 and SW2 without sending negotiation traffic?

    (a)    SW1: on
    SW2: on

    (b)    SW1: desirable
    SW2: desirable

    (c)     SW1: auto
    SW2: auto
    trunking enabled on both switches

    (d)    SW1: auto
    SW2: auto
    PortFast enabled on both switches

    (e)    SW1: passive
    SW2: active

     

    Correct Answer: (a)

    Explanation:

    The auto channel-group keyword enables PAgP only if a PAgP device is detected on the opposite side of the link. If the auto keyword is used, the only way to form an EtherChannel link is if the opposite connected device is configured with the desirable keyword. PortFast and trunking technologies are irrelevant to forming an EtherChannel link. Even though an EtherChannel can be formed if both sides are configured in desirable mode, PAgP is active and PAgP messages are being sent constantly across the link, decreasing the amount of bandwidth available for user traffic.


    Q(49). Refer to the exhibit. An EtherChannel was configured between switches S1 and S2, but the interfaces do not form an EtherChannel. What is the problem?

    CCNA2 v7 SRWE – Modules 5 – 6 Redundant Networks Exam Answers 50

    (a)    The interface port-channel number has to be different on each switch.

    (b)    The switch ports were not configured with speed and duplex mode.

    (c)     The switch ports have to be configured as access ports with each port having a VLAN assigned.

    (d)   The EtherChannel was not configured with the same allowed range of VLANs on each interface.

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(50). When EtherChannel is configured, which mode will force an interface into a port channel without exchanging aggregation protocol packets?

    (a)    active

    (b)    auto

    (c)    on

    (d)    desirable

     

    Correct Answer: (c)

    Explanation:

    For both LACP and PAgP, the “on” mode will force an interface into an EtherChannel without exchanging protocol packets.


    Q(51). What are two load-balancing methods in the EtherChannel technology? (Choose two.)

    (a)    combination of source port and IP to destination port and IP

    (b)   source IP to destination IP

    (c)     source port to destination port

    (d)    combination of source MAC and IP to destination MAC and IP

    (e)    source MAC to destination MAC

     

    Correct Answer: (b) & (e)

    Explanation:

    Depending on the hardware platform, one or more load-balancing methods can be implemented. These methods include source MAC to destination MAC load balancing or source IP to destination IP load balancing, across the physical links.


    Q(52). Which protocol provides up to 16 instances of RSTP, combines many VLANs with the same physical and logical topology into a common RSTP instance, and provides support for PortFast, BPDU guard, BPDU filter, root guard, and loop guard?

    (a)    STP

    (b)    Rapid PVST+

    (c)     PVST+

    (d)   MST

     

    Correct Answer: (d)

    Explanation:

    MST is the Cisco implementation of MSTP, an IEEE standard protocol that provides up to 16 instances of RSTP and combines many VLANs with the same physical and logical topology into a common RSTP instance. Each instance supports PortFast, BPDU guard, BPDU filter, root guard, and loop guard. STP and RSTP assume only one spanning-tree instance for the entire bridged network, regardless of the number of VLANs. PVST+ provides a separate 802.1D spanning-tree instance for each VLAN that is configured in the network.


    Q(53). What is the outcome of a Layer 2 broadcast storm?

    (a)    Routers will take over the forwarding of frames as switches become congested.

    (b)   New traffic is discarded by the switch because it is unable to be processed.

    (c)     CSMA/CD will cause each host to continue transmitting frames.

    (d)    ARP broadcast requests are returned to the transmitting host.

     

    Correct Answer: (b)

    Explanation:

    When the network is saturated with broadcast traffic that is looping between switches, new traffic is discarded by each switch because it is unable to be processed.


    Q(54). Which two network design features require Spanning Tree Protocol (STP) to ensure correct network operation? (Choose two.)

    (a)    static default routes

    (b)    implementing VLANs to contain broadcasts

    (c)    redundant links between Layer 2 switches

    (d)    link-state dynamic routing that provides redundant routes

    (e)    removing single points of failure with multiple Layer 2 switches

     

    Correct Answer: (c) & (e)

    Explanation:

    No answer description available for this question


    Q(55). A network administrator has configured an EtherChannel between two switches that are connected via four trunk links. If the physical interface for one of the trunk links changes to a down state, what happens to the EtherChannel?

    (a)    Spanning Tree Protocol will transition the failed physical interface into forwarding mode.

    (b)    Spanning Tree Protocol will recalculate the remaining trunk links.

    (c)     The EtherChannel will transition to a down state.

    (d)   The EtherChannel will remain functional.

     

    Correct Answer: (d)

    Explanation:

    EtherChannel offers redundancy by bundling multiple trunk links into one logical connection. Failure of one physical link within the EtherChannel will not create a change in the topology and therefore a recalculation by Spanning Tree is unnecessary. Just one physical link must remain operational for the EtherChannel to continue to function.


  • CCNA 2 v7 Modules 1 – 4: Switching Concepts, VLANs, and InterVLAN Routing Exam Answers

    How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer.

    CCNA 2 v7 Modules 1 – 4: Switching Concepts, VLANs, and InterVLAN Routing Exam Answers

     

    Q(1). Which tasks can be accomplished by using the command history feature? (Choose two.)

    (a)    View a list of commands entered in a previous session.

    (b)    Recall up to 15 command lines by default.

    (c)    Set the command history buffer size.

    (d)   Recall previously entered commands.

    (e)    Save command lines in a log file for future reference.

     

    Correct Answer: (c) & (d)

    Explanation:

    No answer description available for this question


    Q(2). What is the first action in the boot sequence when a switch is powered on?

    (a)    load the default Cisco IOS software

    (b)    load boot loader software

    (c)     low-level CPU initialization

    (d)   load a power-on self-test program

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(3). What must an administrator have in order to reset a lost password on a router?

    (a)    a TFTP server

    (b)    a crossover cable

    (c)     access to another router

    (d)   physical access to the router

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(4). When configuring a switch for SSH access, what other command that is associated with the login local command is required to be entered on the switch?

    (a)    enable secret password

    (b)    password password

    (c)    username username secret secret

    (d)    login block-for seconds attempts number within*seconds*

     

    Correct Answer: (c)

    Explanation:

    No answer description available for this question

    Q(5). Which command displays information about the auto-MDIX setting for a specific interface?

    (a)    show interfaces

    (b)   show controllers

    (c)     show processes

    (d)    show running-config

     

    Correct Answer: (b)

    Explanation:

    To examine the auto-MDIX setting for a specific interface, the show controllers ethernet-controller command with the phy keyword should be used.


    Q(6). If one end of an Ethernet connection is configured for full duplex and the other end of the connection is configured for half duplex, where would late collisions be observed?

    (a)    on both ends of the connection

    (b)    on the full-duplex end of the connection

    (c)     only on serial interfaces

    (d)   on the half-duplex end of the connection

     

    Correct Answer: (d)

    Explanation:

    Full-duplex communications do not produce collisions. However, collisions often occur in half-duplex operations. When a connection has two different duplex configurations, the half-duplex end will experience late collisions. Collisions are found on Ethernet networks. Serial interfaces use technologies other than Ethernet.


    Q(7). Which command is used to set the BOOT environment variable that defines where to find the IOS image file on a switch?

    (a)    config-register

    (b)   boot system

    (c)     boot loader

    (d)    confreg

     

    Correct Answer: (b)

    Explanation:

    The boot system command is used to set the BOOT environment variable. The config-register and confreg commands are used to set the configuration register. The boot loader command supports commands to format the flash file system, reinstall the operating system software, and recover from a lost or forgotten password.


    Q(8). What does a switch use to locate and load the IOS image?

    (a)    BOOT environment variable

    (b)    IOS image file

    (c)     POST

    (d)    startup-config

    (e)    NVRAM

     

    Correct Answer: (a)

    Explanation:

    The BOOT environment variable contains the information about where to find the IOS image file.


    Q(9). Which protocol adds security to remote connections?

    (a)    FTP

    (b)    HTTP

    (c)     NetBEUI

    (d)    POP

    (e)    SSH

     

    Correct Answer: (e)

    Explanation:

    No answer description available for this question


    Q(10). What is a characteristic of an IPv4 loopback interface on a Cisco IOS router?

    (a)    The no shutdown command is required to place this interface in an UP state.

    (b)   It is a logical interface internal to the router.

    (c)     Only one loopback interface can be enabled on a router.

    (d)    It is assigned to a physical port and can be connected to other devices.

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(11). What is the minimum Ethernet frame size that will not be discarded by the receiver as a runt frame?

    (a)    64 bytes

    (b)    512 bytes

    (c)     1024 bytes

    (d)    1500 bytes

     

    Correct Answer: (a)

    Explanation:

    The minimum Ethernet frame size is 64 bytes. Frames smaller than 64 bytes are considered collision fragments or runt frames and are discarded.


    Q(12). After which step of the switch bootup sequence is the boot loader executed?

    (a)    after CPU initialization

    (b)    after IOS localization

    (c)     after flash file system initialization

    (d)   after POST execution

     

    Correct Answer: (d)

    Explanation:

    The correct bootup sequence order is as follows:
    1. The switch loads and executes the POST.
    2. The switch loads the boot loader software.
    3. The boot loader performs low-level CPU initialization.
    4. The boot loader initializes the flash memory.
    5. The boot loader locates and loads the default IOS image.


    Q(13). Which impact does adding a Layer 2 switch have on a network?

    (a)    an increase in the number of dropped frames

    (b)   an increase in the size of the broadcast domain

    (c)     an increase in the number of network collisions

    (d)    an increase in the size of the collision domain

     

    Correct Answer: (b)

    Explanation:

    Adding a Layer 2 switch to a network increases the number of collision domains and increases the size of the broadcast domain. Layer 2 switches do not decrease the amount of broadcast traffic, do not increase the amount of network collisions and do not increase the number of dropped frames.


    Q(14). Which characteristic describes cut-through switching?

    (a)    Error-free fragments are forwarded, so switching occurs with lower latency.

    (b)   Frames are forwarded without any error checking.

    (c)     Only outgoing frames are checked for errors.

    (d)    Buffering is used to support different Ethernet speeds.

     

    Correct Answer: (b)

    Explanation:

    Cut-through switching reduces latency by forwarding frames as soon as the destination MAC address and the corresponding switch port are read from the MAC address table. This switching method does not perform any error checking and does not use buffers to support different Ethernet speeds. Error checking and buffers are characteristics of store-and-forward switching.


    Q(15). What is the significant difference between a hub and a Layer 2 LAN switch?

    (a)    A hub extends a collision domain, and a switch divides collision domains.

    (b)    A hub divides collision domains, and a switch divides broadcast domains.

    (c)     Each port of a hub is a collision domain, and each port of a switch is a broadcast domain.

    (d)    A hub forwards frames, and a switch forwards only packets.

     

    Correct Answer: (a)

    Explanation:

    Hubs operate only at the physical layer, forwarding bits as wire signals out all ports, and extend the collision domain of a network. Switches forward frames at the data link layer and each switch port is a separate collision domain which creates more, but smaller, collision domains. Switches do not manage broadcast domains because broadcast frames are always forwarded out all active ports.


    Q(16). Which statement is correct about Ethernet switch frame forwarding decisions?

    (a)    Frame forwarding decisions are based on MAC address and port mappings in the CAM table.

    (b)    Cut-through frame forwarding ensures that invalid frames are always dropped.

    (c)     Only frames with a broadcast destination address are forwarded out all active switch ports.

    (d)    Unicast frames are always forwarded regardless of the destination MAC address.

     

    Correct Answer: (a)

    Explanation:

    Cut-through frame forwarding reads up to only the first 22 bytes of a frame, which excludes the frame check sequence and thus invalid frames may be forwarded. In addition to broadcast frames, frames with a destination MAC address that is not in the CAM are also flooded out all active ports. Unicast frames are not always forwarded. Received frames with a destination MAC address that is associated with the switch port on which it is received are not forwarded because the destination exists on the network segment connected to that port.


    Q(17). How do switch buffers affect network performance?

    (a)    They provide error checking on the data received.

    (b)   They store frames received, thus preventing premature frame discarding when network congestion occurs.

    (c)     They provide extra memory for a particular port if autonegotiation of speed or duplex fails.

    (d)    They hold data temporarily when a collision occurs until normal data transmission resumes.

     

    Correct Answer: (b)

    Explanation:

    Switches have large frame buffers that allow data waiting to be transmitted to be stored so the data will not be dropped. This feature is beneficial especially if the incoming traffic is from a faster port than the egress port used for transmitting.


    Q(18). Which switch characteristic helps keep traffic local and alleviates network congestion?

    (a)    high port density

    (b)    fast port speed

    (c)     large frame buffers

    (d)    fast internal switching

     

    Correct Answer: (a)

    Explanation:

    Switches that have a lot of ports (high port density) reduce the number of switches required and keep some of the traffic locally on the switch, thus removing the need to send it between switches.


    Q(19). Which switch component reduces the amount of packet handling time inside the switch?

    (a)    ASIC

    (b)    dual processors

    (c)     large buffer size

    (d)    store-and-forward RAM

     

    Correct Answer: (a)

    Explanation:

    Application-specific integrated circuits (ASICs) are used in Cisco switches to speed up switch operations so that the switch can have an increased number of ports without degrading switch performance.


    Q(20). Refer to the exhibit. A switch receives a Layer 2 frame that contains a source MAC address of 000b.a023.c501 and a destination MAC address of 0050.0fae.75aa. Place the switch steps in the order they occur. (Not all options are used.)

    CCNA2 v7 SRWE – Modules 1 – 4: Switching Concepts, VLANs, and InterVLAN Routing Exam Answers

    Correct Answer

    CCNA 2 v7 Modules 1 – 4: Switching Concepts, VLANs, and InterVLAN Routing Exam Answers

    Explanation:

    The first step a switch does when processing a frame is to see if the source MAC address is in the MAC address table. If the address is not there, the switch adds it. The switch then examines the destination MAC address and compares it to the MAC address table. If the address is in the table, the switch forwards the frame out the corresponding port. If the address is missing from the table, the switch will forward the frame to all ports except the port through which the frame arrived.


    Q(21). What information is added to the switch table from incoming frames?

    (a)    source MAC address and incoming port number

    (b)    destination MAC address and incoming port number

    (c)     source IP address and incoming port number

    (d)    destination IP address and incoming port number

     

    Correct Answer: (a)

    Explanation:

    A switch “learns” or builds the MAC address table based on the source MAC address as a frame comes into the switch. A switch forwards the frame onward based on the destination MAC address.


    Q(22). Which switching method ensures that the incoming frame is error-free before forwarding?

    (a)    cut-through

    (b)    FCS

    (c)     fragment free

    (d)   store-and-forward

     

    Correct Answer: (d)

    Explanation:

    Two methods used by switches to transmit frames are store-and-forward and cut-through switching. The store-and-forward method performs error checking on the frame using the frame check sequence (FCS) value before sending the frame. In contrast, cut-through switching sends the frame as soon as the destination MAC address part of the header has been read and processed.


    Q(23). Refer to the exhibit. How many broadcast domains are displayed?

    CCNA2 v7 SRWE – Modules 1 – 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 23

    (a)    1

    (b)    4

    (c)    8

    (d)    16

    (e)    55

     

    Correct Answer: (c)

    Explanation:

    A router defines a broadcast boundary, so every link between two routers is a broadcast domain. In the exhibit, 4 links between routers make 4 broadcast domains. Also, each LAN that is connected to a router is a broadcast domain. The 4 LANs in the exhibit result in 4 more broadcast domains, so there are 8 broadcast domains in all.


    Q(24). Under which two occasions should an administrator disable DTP while managing a local area network? (Choose two.)

    (a)    when connecting a Cisco switch to a non-Cisco switch

    (b)    when a neighbor switch uses a DTP mode of dynamic auto

    (c)     when a neighbor switch uses a DTP mode of dynamic desirable

    (d)   on links that should not be trunking

    (e)    on links that should dynamically attempt trunking

     

    Correct Answer: (a) & (d)

    Explanation:

    Cisco best practice recommends disabling DTP on links where trunking is not intended and when a Cisco switch is connected to a non-Cisco switch. DTP is required for dynamic trunk negotiation.


    Q(25). Which two characteristics describe the native VLAN? (Choose two.)

    (a)    Designed to carry traffic that is generated by users, this type of VLAN is also known as the default VLAN.

    (b)   The native VLAN traffic will be untagged across the trunk link.

    (c)     This VLAN is necessary for remote management of a switch.

    (d)    High priority traffic, such as voice traffic, uses the native VLAN.

    (e)    The native VLAN provides a common identifier to both ends of a trunk.

     

    Correct Answer: (b) & (e)

    Explanation:

    The native VLAN is assigned to 802.1Q trunks to provide a common identifier to both ends of the trunk link. Whatever VLAN native number is assigned to a port, or if the port is the default VLAN of 1, the port does not tag any frame in that VLAN as the traffic travels across the trunk. At the other end of the link, the receiving device that sees no tag knows the specific VLAN number because the receiving device must have the exact native VLAN number. The native VLAN should be an unused VLAN that is distinct from VLAN1, the default VLAN, as well as other VLANs. Data VLANs, also known as user VLANs, are configured to carry user-generated traffic, with the exception of high priority traffic, such as VoIP. Voice VLANs are configured for VoIP traffic. The management VLAN is configured to provide access to the management capabilities of a switch.


    Q(26). On a switch that is configured with multiple VLANs, which command will remove only VLAN 100 from the switch?

    (a)    Switch# delete flash:vlan.dat

    (b)    Switch(config-if)# no switchport access vlan 100

    (c)     Switch(config-if)# no switchport trunk allowed vlan 100

    (d)   Switch(config)# no vlan 100

     

    Correct Answer: (d)

    Explanation:

    To remove all VLANs from a switch, the delete flash:vlan.dat command would be used. To change the assigned VLAN for an interface, the no switchport access vlan 100 interface configuration command would be used. To remove VLAN 100 as an allowed VLAN on a trunk, the no switchport trunk allowed vlan 100 would be used, but this would not remove the VLAN from the switch. To delete a single VLAN, such as VLAN 100, the no vlan 100 global configuration command would be used.


    Q(27). Refer to the exhibit. A network administrator is reviewing port and VLAN assignments on switch S2 and notices that interfaces Gi0/1 and Gi0/2 are not included in the output. Why would the interfaces be missing from the output?

    CCNA 2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam 27

    (a)    There is a native VLAN mismatch between the switches.

    (b)    There is no media connected to the interfaces.

    (c)     They are administratively shut down.

    (d)   They are configured as trunk interfaces.

     

    Correct Answer: (d)

    Explanation:

    Interfaces that are configured as trunks do not belong to a VLAN and therefore will not show in the output of the show vlan brief commands.


    Q(28). A network contains multiple VLANs spanning multiple switches. What happens when a device in VLAN 20 sends a broadcast Ethernet frame?

    (a)    All devices in all VLANs see the frame.

    (b)    Devices in VLAN 20 and the management VLAN see the frame.

    (c)    Only devices in VLAN 20 see the frame.

    (d)    Only devices that are connected to the local switch see the frame.

     

    Correct Answer: (c)

    Explanation:

    VLANs create logical broadcast domains that can span multiple VLAN segments. Ethernet frames that are sent by a device on a specific VLAN can only be seen by other devices in the same VLAN.


    Q(29). Refer to the exhibit. All workstations are configured correctly in VLAN 20. Workstations that are connected to switch SW1 are not able to send traffic to workstations on SW2. What could be done to remedy the problem?

    CCNA2 v7 SRWE – Modules 1 – 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 29

    (a)    Allow VLAN 20 on the trunk link.

    (b)    Enable DTP on both ends of the trunk.

    (c)     Configure all workstations on SW1 to be part of the default VLAN.

    (d)    Configure all workstations on SW2 to be part of the native VLAN.

     

    Correct Answer: (a)

    Explanation:

    Enabling DTP on both switches simply allows negotiation of trunking. The “Negotiation of Trunking” line in the graphic shows that DTP is already enabled. The graphic also shows how the native VLAN is 1, and the default VLAN for any Cisco switch is 1. The graphic shows the PCs are to be in VLAN 20.


    Q(30). What happens to switch ports after the VLAN to which they are assigned is deleted?

    (a)    The ports are disabled.

    (b)    The ports are placed in trunk mode.

    (c)     The ports are assigned to VLAN1, the default VLAN.

    (d)   The ports stop communicating with the attached devices.

     

    Correct Answer: (d)

    Explanation:

    The affected ports must be reconfigured for an active VLAN.


    Q(31). Match the IEEE 802.1Q standard VLAN tag field with the description. (Not all options are used.)

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 31

    Explanation: 

    The IEEE 802.1Q standard header includes a 4-byte VLAN tag:

    ·         Type – A 2-byte value called the tag protocol ID (TPID) value.

    ·         User priority – A 3-bit value that supports level or service implementation.

    ·         Canonical Format Identifier (CFI) – A 1-bit identifier that enables Token Ring frames to be carried across Ethernet links.

    ·         VLAN ID (VID) – A 12-bit VLAN identification number that supports up to 4096 VLAN IDs.


    Q(32). Refer to the exhibit. In what switch mode should port G0/1 be assigned if Cisco best practices are being used?

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 32

    (a)    access

    (b)   trunk

    (c)     native

    (d)    auto

     

    Correct Answer: (b)

    Explanation:

    The router is used to route between the two VLANs, thus switch port G0/1 needs to be configured in trunk mode.


    Q(33). Match the DTP mode with its function. (Not all options are used.)

     

    Correct Answer

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 33

    Explanation:

    The dynamic auto mode makes the interface become a trunk interface if the neighboring interface is set to trunk or desirable mode. The dynamic desirable mode makes the interface actively attempt to convert the link to a trunk link. The trunk mode puts the interface into permanent trunking mode and negotiates to convert the neighboring link into a trunk link. The nonegotiate mode prevents the interface from generating DTP frames.


    Q(34). Port Fa0/11 on a switch is assigned to VLAN 30. If the command no switchport access vlan 30 is entered on the Fa0/11 interface, what will happen?

    (a)    Port Fa0/11 will be shutdown.

    (b)    An error message would be displayed.

    (c)    Port Fa0/11 will be returned to VLAN 1.

    (d)    VLAN 30 will be deleted.

     

    Correct Answer: (c)

    Explanation:

    When the no switchport access vlan command is entered, the port is returned to the default VLAN 1. The port will remain active as a member of VLAN 1, and VLAN 30 will still be intact, even if no other ports are associated with it.


    Q(35). Which command displays the encapsulation type, the voice VLAN ID, and the access mode VLAN for the Fa0/1 interface?

    (a)    show vlan brief

    (b)   show interfaces Fa0/1 switchport

    (c)     show mac address-table interface Fa0/1

    (d)    show interfaces trunk

     

    Correct Answer: (b)

    Explanation:

    The show interfaces switchport command displays the following information for a given port:
    Switchport
    Administrative Mode
    Operational Mode
    Administrative Trunking Encapsulation
    Operational Trunking Encapsulation
    Negotiation of Trunking
    Access Mode VLAN
    Trunking Native Mode VLAN
    Administrative Native VLAN tagging
    Voice VLAN


    Q(36). Refer to the exhibit. A technician is programming switch SW3 to manage voice and data traffic through port Fa0/20. What, if anything, is wrong with the configuration?


    CCNA 2 v7 Modules 1 - 4: Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 1

    (a)    There is nothing wrong with the configuration.

    (b)    Interface Fa0/20 can only have one VLAN assigned.

    (c)     The mls qos trust cos command should reference VLAN 35.

    (d)   The command used to assign the voice VLAN to the switch port is incorrect.

     

    Correct Answer: (d)

    Explanation:

    The voice VLAN should be configured with the switchport voice vlan 150 command. A switch interface can be configured to support one data VLAN and one voice VLAN. The mls qos trust cos associates with the interface. Voice traffic must be trusted so that fields within the voice packet can be used to classify it for QoS.


    Q(37). Which four steps are needed to configure a voice VLAN on a switch port? (Choose four).

    (a)    Configure the interface as an IEEE 802.1Q trunk.

    (b)   Assign the voice VLAN to the switch port.

    (c)     Activate spanning-tree PortFast on the interface.

    (d)   Ensure that voice traffic is trusted and tagged with a CoS priority value.

    (e)    Add a voice VLAN.

    (f)      Configure the switch port interface with subinterfaces.

    (g)    Assign a data VLAN to the switch port.

    (h)   Configure the switch port in access mode.

     

    Correct Answer: (b), (d), (e) & (h)

    Explanation:

    To add an IP phone, the following commands should be added to the switch port:
    SW3(config-vlan)# vlan 150
    SW3(config-vlan)# name voice
    SW3(config-vlan)# int fa0/20
    SW3(config-if)# switchport mode access
    SW3(config-if)# mls qos trust cos
    SW3(config-if)# switchport access vlan 150


    Q(38). Refer to the exhibit. PC1 is unable to communicate with server 1. The network administrator issues the show interfaces trunk command to begin troubleshooting. What conclusion can be made based on the output of this command?

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 38

    (a)    Interface G0/2 is not configured as a trunk.

    (b)    VLAN 20 has not been created.

    (c)     The encapsulation on interface G0/1 is incorrect.

    (d)    The DTP mode is incorrectly set to dynamic auto on interface G0/1.

     

    Correct Answer: (a)

    Explanation:

    In the show interfaces trunk output, the G0/2 interface of DLS1 is not listed. This indicates the interface has probably not been configured as a trunk link. In the show interfaces trunk output, the G0/2 interface of DLS1 is not listed. This indicates the interface has probably not been configured as a trunk link.


    Q(39). Refer to the exhibit. What is the cause of the error that is displayed in the configuration of inter-VLAN routing on router CiscoVille?

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 39

    (a)    The gig0/0 interface does not support inter-VLAN routing.

    (b)    The no shutdown command has not been configured.

    (c)     The IP address on CiscoVille is incorrect.

    (d)   The encapsulation dot1Q 20 command has not been configured.

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(40). Refer to the exhibit. A network administrator has configured router CiscoVille with the above commands to provide inter-VLAN routing. What command will be required on a switch that is connected to the Gi0/0 interface on router CiscoVille to allow inter-VLAN routing?

    CCNA 2 v7 Modules 1 - 4: Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 2

    (a)    switchport mode access

    (b)    no switchport

    (c)    switchport mode trunk

    (d)    switchport mode dynamic desirable

     

    Correct Answer: (c)

    Explanation:

    When they are configured for inter-VLAN routing, routers do not support the dynamic trunking protocol that is used by switches. For router-on-a-stick configurations to function, a connected switch must use the command switchport mode trunk.


    Q(41). A high school uses VLAN15 for the laboratory network and VLAN30 for the faculty network. What is required to enable communication between these two VLANs while using the router-on-a-stick approach?

    (a)    A multilayer switch is needed.

    (b)    A router with at least two LAN interfaces is needed.

    (c)     Two groups of switches are needed, each with ports that are configured for one VLAN.

    (d)   A switch with a port that is configured as a trunk is needed when connecting to the router.

     

    Correct Answer: (d)

    Explanation:

    With router-on-a-stick, inter-VLAN routing is performed by a router with a single router interface that is connected to a switch port configured with trunk mode. Multiple subinterfaces, each configured for a VLAN, can be configured under the single physical router interface. Switches can have ports that are assigned to different VLANs, but communication between those VLANs requires routing function from the router. A multilayer switch is not used in a router-on-a-stick approach to inter-VLAN routing.


    Q(42). When routing a large number of VLANs, what are two disadvantages of using the router-on-a-stick inter-VLAN routing method rather than the multilayer switch inter-VLAN routing method? (Choose two.)

    (a)    Multiple SVIs are needed.

    (b)   A dedicated router is required.

    (c)     Router-on-a-stick requires sub interfaces to be configured on the same subnets.

    (d)    Router-on-a-stick requires multiple physical interfaces on a router.

    (e)    Multiple sub interfaces may impact the traffic flow speed.

     

    Correct Answer: (b) & (e)

    Explanation:

    With the router-on-a-stick inter-VLAN routing method, a dedicated router is required. It only needs one physical interface on the router to route traffic among multiple VLANs, by using sub interfaces on one physical interface. On the other hand, since traffic of all VLANs will have to go through the same physical interfaces, the throughput will be impacted. Also, a multilayer switch can use multiple SVIs to perform inter-VLAN routing.


    Q(43). Refer to the exhibit. A network administrator is verifying the configuration of inter-VLAN routing. Users complain that PCs on different VLANs cannot communicate. Based on the output, what are two configuration errors on switch interface Gi1/1? (Choose two.)

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 43

    (a)    Gi1/1 is in the default VLAN.

    (b)    Voice VLAN is not assigned to Gi1/1.

    (c)    Gi1/1 is configured as trunk mode.

    (d)    Negotiation of trunking is turned on on Gi1/1.

    (e)    The trunking encapsulation protocol is configured wrong.

     

    Correct Answer: (a) & (c)

    Explanation:

    No answer description available for this question


    Q(44). Refer to the exhibit. A network administrator is verifying the configuration of inter-VLAN routing. Users complain that PC2 cannot communicate with PC1. Based on the output, what is the possible cause of the problem?

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 44

    (a)    Gi0/0 is not configured as a trunk port.

    (b)    The command interface GigabitEthernet0/0.5 was entered incorrectly.

    (c)     There is no IP address configured on the interface Gi0/0.

    (d)    The no shutdown command is not entered on subinterfaces.

    (e)    The encapsulation dot1Q 5 command contains the wrong VLAN.

     

    Correct Answer: (e)

    Explanation:

    In router-on-a-stick, the subinterface configuration should match the VLAN number in the encapsulation command, in this case, the command encapsulation dot1Q 10 should be used for VLAN 10. Since subinterfaces are used, there is no need to configure IP on the physical interface Gi0/0. The trunk mode is configured on the switch port that connects to the router. The subinterfaces are turned on when they are added.


    Q(45). Refer to the exhibit. A network administrator has configured router CiscoVille with the above commands to provide inter-VLAN routing. What type of port will be required on a switch that is connected to Gi0/0 on router CiscoVille to allow inter-VLAN routing?

    CCNA 2 v7 Modules 1 - 4: Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 3

    (a)    routed port

    (b)    access port

    (c)    trunk port

    (d)    SVI

     

    Correct Answer: (c)

    Explanation:

    To allow a router-on-a-stick configuration to function, a switch must be connected to the router via a trunk port to carry the VLANs to be routed. An SVI would be used on a multilayer switch where the switch is performing inter-VLAN routing.


    Q(46). Refer to the exhibit. A network administrator is configuring RT1 for inter-VLAN routing. The switch is configured correctly and is functional. Host1, Host2, and Host3 cannot communicate with each other. Based on the router configuration, what is causing the problem?

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 46

    (a)    Interface Fa0/0 is missing IP address configuration information.

    (b)   IP addresses on the subinterfaces are incorrectly matched to the VLANs.

    (c)     Each subinterface of Fa0/0 needs separate no shutdown commands.

    (d)    Routers do not support 802.1Q encapsulation on subinterfaces.

     

    Correct Answer: (b)

    Explanation:

    No answer description available for this question


    Q(47). Refer to the exhibit. A router-on-a-stick configuration was implemented for VLANs 15, 30, and 45, according to the show running-config command output. PCs on VLAN 45 that are using the 172.16.45.0 /24 network are having trouble connecting to PCs on VLAN 30 in the 172.16.30.0 /24 network. Which error is most likely causing this problem?

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 47

    (a)    The wrong VLAN has been configured on GigabitEthernet 0/0.45.

    (b)    The command no shutdown is missing on GigabitEthernet 0/0.30.

    (c)     The GigabitEthernet 0/0 interface is missing an IP address.

    (d)   There is an incorrect IP address configured on GigabitEthernet 0/0.30.

     

    Correct Answer: (d)

    Explanation:

    The subinterface GigabitEthernet 0/0.30 has an IP address that does not correspond to the VLAN addressing scheme. The physical interface GigabitEthernet 0/0 does not need an IP address for the subinterfaces to function. Subinterfaces do not require the no shutdown command.


    Q(48). What is a characteristic of a routed port on a Layer 3 switch?

    (a)    It supports trunking.

    (b)   It is not assigned to a VLAN.

    (c)     It is commonly used as a WAN link.

    (d)    It cannot have an IP address assigned to it.

     

    Correct Answer: (b)

    Explanation:

    A routed port on a Layer 3 switch is commonly used for connecting between distribution and core layer switches or between a Layer 3 switch and a router. This port does not get VLAN or trunking commands assigned to it. Instead, the port is programmed with an IP address. This is commonly used when static routing is configured on the switch or when a routing protocol is being run between the Layer 3 switch and the router or another Layer 3 switch.


    Q(49). Refer to the exhibit. A network administrator needs to configure router-on-a-stick for the networks that are shown. How many subinterfaces will have to be created on the router if each VLAN that is shown is to be routed and each VLAN has its own subinterface?

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 49

    (a)    1

    (b)    2

    (c)     3

    (d)   4

    (e)    5

     

    Correct Answer: (d)

    Explanation:

    No answer description available for this question


    Q(50). A technician is configuring a new Cisco 2960 switch. What is the effect of issuing the BranchSw(config-if)# mdix auto command?

    (a)    It automatically adjusts the port to allow device connections to use either a straight-through or a crossover cable.

    (b)    It applies an IPv4 address to the virtual interface.

    (c)     It applies an IPv6 address to the virtual interface.

    (d)    It permits an IPv6 address to be configured on a switch physical interface.

    (e)    It updates the MAC address table for the associated port.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(51). A technician is configuring a new Cisco 2960 switch. What is the effect of issuing the BranchSw(config-if)# ip address 172.18.33.88 255.255.255.0 command?

    (a)    It applies an IPv4 address to the virtual interface.

    (b)    It applies an IPv6 address to the virtual interface.

    (c)     It activates a virtual or physical switch interface.

    (d)    It permits an IPv6 address to be configured on a switch physical interface.

    (e)    It updates the MAC address table for the associated port.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(52). A technician is configuring a new Cisco 2960 switch. What is the effect of issuing the BranchSw# configure terminal command?

    (a)    It enters the global configuration mode.

    (b)    It enters configuration mode for a switch virtual interface.

    (c)     It applies an IPv4 address to the virtual interface.

    (d)    It updates the MAC address table for the associated port.

    (e)    It permits an IPv6 address to be configured on a switch physical interface.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(53). A technician is configuring a new Cisco 2960 switch. What is the effect of issuing the BranchSw# configure terminal command?

    (a)    It enters the global configuration mode.

    (b)    It saves the running configuration to NVRAM.

    (c)     It disables a virtual or physical switch interface.

    (d)    It updates the MAC address table for the associated port.

    (e)    It saves the startup configuration to the running configuration.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(54). A technician is configuring a new Cisco 2960 switch. What is the effect of issuing the BranchSw(config-if)# shutdown command?

    (a)    It disables a virtual or physical switch interface.

    (b)    It saves the running configuration to NVRAM.

    (c)     It activates a virtual or physical switch interface.

    (d)    It updates the MAC address table for the associated port.

    (e)    It saves the startup configuration to the running configuration.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(55). A technician is configuring a new Cisco 2960 switch. What is the effect of issuing the BranchSw(config-if)# shutdown command?

    (a)    It disables a virtual or physical switch interface.

    (b)    It applies an IPv6 address to the virtual interface.

    (c)     It applies an IPv4 address to the virtual interface.

    (d)    It permits an IPv6 address to be configured on a switch physical interface.

    (e)    It updates the MAC address table for the associated port.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(56). A technician is configuring a new Cisco 2960 switch. What is the effect of issuing the BranchSw(config-if)# ipv6 address 2001:db8:a2b4:88::1/64 command?

    (a)    It applies an IPv6 address to the virtual interface.

    (b)    It activates a virtual or physical switch interface.

    (c)     It applies an IPv4 address to the virtual interface.

    (d)    It permits an IPv6 address to be configured on a switch physical interface.

    (e)    It updates the MAC address table for the associated port.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(57). A technician is configuring a new Cisco 2960 switch. What is the effect of issuing the BranchSw(config-if)# exit command?

    (a)    It returns to global configuration mode.

    (b)    It returns to privileged mode.

    (c)     It configures the default gateway for the switch.

    (d)    It enters user mode.

    (e)    It saves the startup configuration to the running configuration.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(58). A technician is configuring a new Cisco 2960 switch. What is the effect of issuing the BranchSw> enable command?

    (a)    It enters privileged mode.

    (b)    It enters the global configuration mode.

    (c)     It enters configuration mode for a switch virtual interface.

    (d)    It updates the MAC address table for the associated port.

    (e)    It permits an IPv6 address to be configured on a switch physical interface.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(59). A technician is configuring a new Cisco 2960 switch. What is the effect of issuing the BranchSw(config-if)# duplex full command?

    (a)    It allows data to flow in both directions at the same time on the interface.

    (b)    It allows data to flow in only one direction at a time on the interface

    (c)     It automatically adjusts the port to allow device connections to use either a straight-through or a crossover cable.

    (d)    It configures the switch as the default gateway.

    (e)    It encrypts user-mode passwords when users connect remotely.

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(60). What type of VLAN should not carry voice and network management traffic?

    (a)    data VLAN

    (b)    trunk VLAN

    (c)     security VLAN

    (d)    voice VLAN

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(61). What type of VLAN is designed to reserve bandwidth to ensure IP Phone quality?

    (a)    voice VLAN

    (b)    trunk VLAN

    (c)     security VLAN

    (d)    management VLAN

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(62). What type of VLAN is initially the management VLAN?

    (a)    default VLAN

    (b)    native VLAN

    (c)     data VLAN

    (d)    management VLAN

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(63). What type of VLAN is designed to have a delay of less than 150 ms across the network?

    (a)    voice VLAN

    (b)    desirable VLAN

    (c)     trunk VLAN

    (d)    security VLAN

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(64). What type of VLAN is used to separate the network into groups of users or devices?

    (a)    data VLAN

    (b)    management VLAN

    (c)     voice VLAN

    (d)    native VLAN

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(65). What type of VLAN is configured specifically for network traffic such as SSH, Telnet, HTTPS, HTTP, and SNMP?

    (a)    management VLAN

    (b)    security VLAN

    (c)     trunk VLAN

    (d)    voice VLAN

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(66). What type of VLAN supports untagged traffic?

    (a)    native VLAN

    (b)    desirable VLAN

    (c)     trunk VLAN

    (d)    security VLAN

     

    Correct Answer: (a)

    Explanation:

    No answer description available for this question


    Q(67). Refer to the exhibit. A network administrator has configured R1 as shown. When the administrator checks the status of the serial interface, the interface is shown as being administratively down. What additional command must be entered on the serial interface of R1 to bring the interface up?

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 70

    (a)    IPv6 enable

    (b)    clockrate 128000

    (c)     end

    (d)   no shutdown

     

    Correct Answer: (d)

    Explanation:

    By default all router interfaces are shut down. To bring the interfaces up, an administrator must issue the no shutdown command in interface mode.


    Q(68). Refer to the exhibit. The network administrator wants to configure Switch1 to allow SSH connections and prohibit Telnet connections. How should the network administrator change the displayed configuration to satisfy the requirement?

    CCNA2 v7 Modules 1 - 4 Switching Concepts, VLANs, and InterVLAN Routing Exam Answers 71

    (a)    Use SSH version 1.

    (b)    Reconfigure the RSA key.

    (c)