Rabu, 12 Januari 2011

CCNA 2 - Final

1 What are some reasons to change the configuration register setting? (Choose two.)
• to force the system to ignore the configuration file stored in NVRAM
• to monitor password changes
• to change the POST sequence
• to force the router to boot the IOS from NVRAM
• to force the system into ROM monitor mode

2 Given the output shown in the exhibit, in what order and location will the router search for the IOS if no boot system commands are found in the startup-config file?
• ROM, Flash, TFTP server
• Flash, NVRAM, RAM
• ROM, TFTP server, Flash
• RAM, Flash, NVRAM
• Flash, TFTP server, ROM

3 Which statements are true regarding setup mode? (Choose three.)
• Press Ctrl-z to terminate setup mode.
• Enter a question mark (?) for help at any point.
• Press Spacebar to accept the default settings.
• Use setup mode to enter complex protocol features.
• Press Enter to accept the default settings.
• Press Ctrl-c to abort configuration dialog.

4 What are two possible reasons for this result? (Choose two.)
• The startup-config file was not saved to RAM before reboot.
• The IOS has been erased.
• The router has not been configured.
• The startup-config file cannot be located.
• The router will not enter initial configuration dialog.

5 A new technician must add boot system commands to one of the department routers. Which available commands will the router return as output when the command shown below is entered? (Choose two.)

Router(config)# boot system ?

• RAM
• NVRAM
• IOS
• IP Address
• TFTP
• FLASH



6 Router A and Router B have been correctly configured to use RIP as a dynamic routing protocol and all intefaces on Router A and Router B are reporting "interface is up, line protocol is up" status. RIP is then configured on Router C using the following commands:
RouterC(config)# router rip
RouterC(config-router)# network 192.168.4.0
RouterC(config-router)# network 172.16.0.0
If no additional routing is configured on Router A, Router B, and Router C, what will be the result?

• Networks 192.168.12.0/24, 192.168.4.0/24, and 172.16.0.0/16 will be unreachable from Router A.
• Router A will have no knowledge of network 192.168.12.0/24, but will have routes to networks 192.168.4.0/24 and 172.16.0.0/16.
• All networks shown in the graphic will be reachable by Router A, Router B, and Router C.
• Networks 192.168.4.0/24 and 172.16.0.0/16 will be unreachable from Router A and Router B.

7 The Suffolk router is directly connected to the networks shown in the graphic and has a default route that points to the Richmond router. All interfaces are active and properly addressed. However, when the workstation on network 172.29.5.0/24 sends a packet to destination address 172.29.198.5, it is discarded by the Suffolk router. What can be a reason for this result?
• The ip classless command is not enabled on the Richmond router.
• The route was ignored if the Richmond router did not include the 172.29.198.0/24 network in its routing updates.
• The Richmond router is in a different autonomous system than the Suffolk router.
• The ip subnet-zero command was not configured on the Suffolk router.
• The ip classless command is not enabled on the Suffolk router.

8 A network administrator has enabled RIP on routers B and C in the network diagram. Which of the following commands will prevent RIP updates from being sent to Router A?

• A(config)# router rip
A(config-router)# passive-interface S0/0

• B(config)# router rip
B(config-router)# network 192.168.25.48
B(config-router)# network 192.168.25.64

• A(config)# router rip
A(config-router)# no network 192.168.25.32

• B(config)# router rip
B(config-router)# passive-interface S0/0


• A(config)# no router rip

9 Which router component stores the information that is displayed by the show running-config command?
• flash
• NVRAM
• RAM
• ROM

10 If a PC does not have network connectivity to a router, which router port can be used to establish communication?
• console
• Ethernet
• serial
• VTY

11 What information can be learned during the initial router bootup? (Choose two.)
• the configuration register value
• the number and types of interfaces installed
• the router model and the amount of memory that is available

• the amount of memory required to load the IOS and configuration
• the number of interfaces with connected cables

12 Which devices can be used to convert the data from a WAN router at the customer site into a form acceptable for use by the WAN service provider? (Choose three.)
• Ethernet switch
• DTE
• modem
• hub
• DCE device
• CSU/DSU

13 What are the primary functions of a router? (Choose two.)
• determine the best path for packets
• prevent collisions on the network LAN
• regulate flow control between sender and receiver
• provide domain name resolution
• forward packets to the appropriate interface

14 Which of the following are correct statements verified by the router output shown in the graphic? (Choose two.)
• Layer 3 connectivity exists between BigCity and the devices in the Device ID column.
• Layer 2 connectivity exists between BigCity and the devices in the Device ID column.
• All devices shown in the Device ID column use the TCP/IP protocol suite.
• All devices shown in the Device ID column can be pinged from BigCity.
• All devices listed in the Device ID column are directly connected to BigCity.

15 What are the results of setting the boot field bits in the configuration register to "0000"? (Choose two.)
• The startup-config file will be ignored at bootup.
• The router will load the IOS from Flash.
• The router will enter ROM monitor mode upon reload.
• The router will enter boot ROM mode and have limited capabilities.
• The administrator can enter the b command to manually boot the IOS.

16 What can a network administrator do to recover from a lost router password?
• perform a reload or reset
• telnet from another router and issue the show running-config command to view the password
• boot the router to ROM monitor mode and configure the router to ignore NVRAM when it initializes
• boot the router to bootROM mode and enter the b command to load the IOS manually

17 Which router components and operations are correctly described? (Choose two.)
• RAM - stores the ARP cache
• NVRAM - store the operating system
• ROM - stores the backup IOS
• POST - verifies the validity of the running-config
• Flash - executes diagnostics at bootup
• DRAM - loads the bootstrap

18 Which of the following commands will correctly configure an extended ACL? (Choose two).
• Router(config)# access-list 18 permit tcp host 192.168.73.3 eq 25
• Router(config)# access-list 102 permit tcp 10.43.0.0 0.0.255.255 any eq 80
• Router(config)# access-list 187 permit tcp host 192.168.42.34 172.29.0.0 0.0.255.255 eq 23

• Router(config)# access-list 99 permit host 10.217.32.3
• Router(config)# access-list 128 permit tcp host 192.168.100.31 eq 23

19 The following access list has been created to prevent traffic from the 192.0.2.63 host on the Sales LAN from accessing servers and hosts on the Payroll LAN.
access-list 26 deny host 192.0.2.63
access-list 26 permit any
Refer to the exhibit. Which group of commands will properly place the access list so that only the host on the Sales LAN is denied access to the 172.29.7.0 network but all other traffic is permitted?

• Payroll(config)# interface fa0/0
Payroll(config-if)# ip access-group 26 out

• Payroll(config)# interface fa0/1
Payroll(config-if)# ip access-group 26 out


• Sales(config)# interface fa0/1
Sales(config-if)# ip access-group 26 in

• Sales(config)# interface fa0/0
Sales(config-if)# ip access-group 26 out

20 Refer to the graphic. Communication is needed between the LAN connected to the fa0/0 interface of the Kansas router and the fa0/0 interface of the Maine router. All hosts on those LANs also need connectivity to the Internet. Which commands will allow this communication? (Choose three).
• Kansas(config)# ip route 192.168.6.0 255.255.255.0 172.18.64.2
• Kansas(config)# ip route 192.168.6.0 255.255.255.0 s0/1
• Kansas(config)# ip route 0.0.0.0 0.0.0.0 s0/1
• Maine(config)# ip route 192.168.6.0 255.255.255.0 172.18.64.1
• Maine(config)# ip route 0.0.0.0 0.0.0.0 s0/1
• Maine(config)# ip route 172.16.32.0 255.255.255.0 172.18.64.2

21 A network administrator must configure a FastEthernet interface with an IP address. The configuration must also identify the remote site to which the interface is connected. Which set of commands will meet these requirements?

• StPetersburg(config)# banner San Jose T1
StPetersburg(config)# interface fa0/0
StPetersburg(config-if)# ip address 172.26.155.5 255.255.255.252

• StPetersburg(config)# interface fa0/0
StPetersburg(config-if)# ip address 172.26.155.5 netmask 255.255.255.252
StPetersburg(config-if)# description San Jose T1

• StPetersburg(config)# interface fa0/0
StPetersburg(config-if)# ip address 172.26.155.5 255.255.255.252
StPetersburg(config-if)# banner remote site San Jose T1

• StPetersburg(config)# interface fa0/0
StPetersburg(config-if)# ip address 172.26.155.5 255.255.255.252
StPetersburg(config-if)# description San Jose T1

22 A network administrator issues the erase startup-config command on a configured router with the configuration register set to 0x2102 and observes the following output:
Erasing the nvram filesystem will remove all files! Continue? [Confirm]
[OK]
Erase of nvram: complete
If the router unexpectedly loses power after this sequence, what will occur when power is restored?
• The router will enter ROM monitor mode upon completion of the power-on self test (POST).
• The router will load the last known valid configuration file.
• The router will enter Rx-boot mode.
• The router will prompt the user to enter setup mode or to continue without entering setup mode.

23 The main router of XYZ company has enough flash and RAM to store multiple IOS images. An administrator wants to upload a second IOS image from a TFTP server to the flash of the router. Which method will accomplish this task?
• Paste the IOS filename to the command line of the router while in global configuration mode. Press enter. Then issue the copy tftp flash command.
• Use the setup utility to load the new image to flash.
• Copy the IOS image file from a TFTP server using the command copy filename ip address flash .
• Copy the IOS image file from a TFTP server using the command copy tftp flash. When prompted, provide the IP address or name of the TFTP server and the IOS image filename.

24 What facts can be determined from the highlighted text shown in the exhibit? (Choose two.)
• A weak encryption was applied to all unencrypted passwords.
• The enable password is now more secure than the enable secret password.
• An MD5 hashing algorithm was used on all encrypted passwords.
• Any configured user EXEC mode or Telnet passwords will be encrypted in this configuration.
• The service password-encryption command was used to encrypt all passwords on the router including enable secret.

25 What are the features of a serial interface on a router? (Choose two.)
• enabled by default
• assigned a unique MAC address
• must be configured as a DCE in lab and production environments
• must be configured with the default clock rate of 56000
• may be administratively enabled by using the no shutdown command
• must be configured with a valid IP address and subnet mask in order to forward packets

26 What are two recommended uses of login banners? (Choose two.)
• to display security warning messages
• to welcome any user to the router
• to warn people about misusing privileged EXEC mode
• to identify circuits and other devices connected to the router
• to announce a scheduled system shutdown

27 While planning an IOS upgrade, the administrator issues the show version command. Based on the output in the graphic, what is the current IOS boot location?
• RAM
• NVRAM
• Flash
• ROM

28 Why are interface descriptions used in router configurations? (Choose three).
• to enable support personnel to easily identify networks and customers that may be affected by a possible interface issue
• to provide comments on the interface without affecting the router functionality

• to display access warning messages before users enter the interface configuration mode
• to eliminate the need to use IP addresses when using the ping and telnet commands
• to identify the purpose and location of the interface

29 What are two characteristics of the support for Telnet within Cisco IOS software? (Choose two.)
• Up to five separate Telnet lines are supported by default in standard edition IOS files.
• For security purposes, Telnet sessions are required to be established from the privileged mode.
• A router can host simultaneous Telnet sessions.
• Once established, a Telnet session can remain operational regardless of network status.
• Telnet tests wireless connectivity and does not require a physical connection between devices to gain remote access.

30 Neither router in the exhibit has a host table or DNS available. The interfaces and passwords have been correctly configured. Which of the following commands will initiate a Telnet session? (Choose two.)
• Tottenham# telnet Oxford
• Tottenham> telnet 198.18.139.1
• Oxford# connect 198.18.139.0
• Oxford> connect Tottenham
• Oxford# telnet Tottenham
• Oxford# 198.18.139.2

31 From the running-config, the following configuration entries are displayed:
Router(config)# line vty 0 2
Router(config-line)# password g8k33pr
Router(config-line)# login
What can be interpreted from the exhibited configuration? (Choose two.)

• Three Telnet lines are available for remote access.
• Two Telnet lines are available for remote access.
• Future configuration of the remaining Telnet lines will require the password to be set to g8k33pr.
• To login to the remote device, g8k33pr will be used as the Telnet and secret password.
• Remote access to this local router will require a Telnet password of g8k33pr.

32 Assuming the following ACL is correctly applied to a router interface, what can be concluded about this set of commands? (Choose two.)
Router(config)# access-list 165 deny tcp 192.28.115.0 0.0.0.255 172.20.0.0 0.0.255.255 eq 23
Router(config)# access-list 165 permit ip any any

• This is a standard IP access list that denies network 192.28.115.0 Telnet access to the 172.20.0.0 network.
• All Telnet traffic destined for 172.20.0.0 from any network will be denied access.
• Network 192.28.115.0 is denied Telnet access to the 172.20.0.0 network.
• Network 172.20.0.0 is denied Telnet access to the 192.28.115.0 network.
• All FTP and HTTP traffic destined for 172.20.0.0 will be permitted access.

33 What can be concluded from the output shown in the exhibit? (Choose three.)
• This is a standard IP access list.
• This is an extended IP access list.
• The keyword host is implied in the command line access-list 99 deny 10.213.177.76.
• The wildcard mask must be configured for this access list to function properly.
• Host 10.213.177.100 will be allowed access to the Serial0/1 interface.

34 access-list 199 deny tcp 178.15.0.0 0.0.255.255 any eq 23
access-list 199 permit ip any any
Assuming this ACL is correctly applied to a router interface, which statements describe traffic on the network? (Choose two.)
• All FTP traffic from network 178.15.0.0 will be permitted.
• All Telnet traffic destined for network 178.15.0.0 will be denied.
• Telnet and FTP will be permitted from all hosts on network 178.15.0.0 to any destination.
• Telnet will not be permitted from any hosts on network 178.15.0.0 to any destination.
• Telnet will not be permitted to any host on network 178.15.0.0 from any destination.


35 Hosts from the Limerick LAN are not allowed access to the Shannon LAN but should be able to access the Internet. Which set of commands will create a standard ACL that will apply to traffic on the Shannon router interface Fa0/0 implementing this security?

• access-list 42 deny 172.19.123.0 0.0.0.255 192.0.2.0 0.0.0.255
access-list 42 permit any

• access-list 56 deny 172.19.123.0 0.0.0.255
access-list 56 permit any


• access-list 61 deny 172.19.123.0 0.0.0.0
access-list 61 permit any

• access-list 87 deny ip any 192.0.2.0 0.0.0.255
access-list 87 permit ip any

36 Refer to the exhibit. Router D interface S0 on has gone down. What is the maximum time that will elapse before Router A learns that network 168.58.14.0 is down?
• 5 seconds
• 13 seconds
• 17 seconds
• 25 seconds
• 30 seconds
• 77 seconds

37 Refer to the graphic. Which series of commands will create static routes that will allow Router A and Router B to deliver packets destined for LAN A and LAN B, and direct all other traffic to the Internet?

• RouterA(config)# ip route 10.90.3.0 255.255.255.0 192.168.3.2
RouterB(config)# ip route 192.168.2.0 255.255.255.0 192.168.3.1
RouterB(config)# ip route 0.0.0.0 0.0.0.0 s0/0

• RouterA(config)# ip route 10.90.3.0 255.255.255.0 192.168.3.2
RouterA(config)# ip route 0.0.0.0 0.0.0.0 192.168.3.2
RouterB(config)# ip route 192.168.2.0 255.255.255.0 192.168.3.1

• RouterA(config)# ip route 0.0.0.0 0.0.0.0 192.168.3.2
RouterB(config)# ip route 192.168.2.0 255.255.255.0 192.168.3.1
RouterB(config)# ip route 172.20.20.4 255.255.255.252 s0/0

• RouterA(config)# ip route 0.0.0.0 0.0.0.0 192.168.3.2
RouterB(config)# ip route 192.168.2.0 255.255.255.0 192.168.3.1
RouterB(config)# ip route 0.0.0.0 0.0.0.0 s0/0

38. Refer to the exhibit. The new security policy for the company allows all IP traffic from the Engineering LAN to the Internet while only web traffic from the Marketing LAN is allowed to the Internet. Which ACL can be applied in the outbound direction of Serial 0/1 on the Marketing router to implement the new security policy?

• access-list 197 permit ip 192.0.2.0 0.0.0.255 any
access-list 197 permit ip 198.18.112.0 0.0.0.255 any eq www

• access-list 165 permit ip 192.0.2.0 0.0.0.255 any
access-list 165 permit tcp 198.18.112.0 0.0.0.255 any eq www
access-list 165 permit ip any any

• access-list 137 permit ip 192.0.2.0 0.0.0.255 any
access-list 137 permit tcp 198.18.112.0 0.0.0.255 any eq www

• access-list 89 permit 192.0.2.0 0.0.0.255 any
access-list 89 permit tcp 198.18.112.0 0.0.0.255 any eq www

39. What will occur when the following ACL is applied inbound to both FastEthernet interfaces of Router A in the graphic?
access-list 125 permit tcp 192.168.2.0 0.0.0.255 10.90.3.0 0.0.0.255 eq 23
access-list 125 permit tcp 10.90.3.0 0.0.0.255 192.168.2.0 0.0.0.255 eq 23
access-list 125 permit tcp 192.168.2.0 0.0.0.255 any eq www

• Workstations A and B will be able to Telnet to each other. Workstation A will be allowed to access Web servers on the Internet, while Workstation B will be denied Internet Web access.
• Workstations A and B will be able to Telnet to each other. All other traffic will be denied.
• The ACL will have no effect because it should be applied in the outbound direction on the FastEthernet interfaces.
• The ACL will deny all traffic because of the implied deny ip any any statement at the end of the ACL.

40 What are two possible reasons a router would not load a valid IOS from flash? (Choose two.)
• The configuration register is set to 0x2142.
• The first boot system command executed in the startup configuration file is boot system rom.
• The configuration register is set to 0x2100.

• The boot field is set to the hexadecimal number 2.
• The startup configuration file is missing or corrupt.

41 A network administrator has a console connection to the Fremantle router. Pings to Melville are successful, but pings to Cottesloe and Nedlands fail. What could be a first step in troubleshooting the problem?
• Use an extended ping from Fremantle to each router in the network.
• Use the show interfaces command from a Telnet session on Melville to check the connection to Cottesloe.
• Use the traceroute command to discover exactly which link in the network is down.
• Use the show cdp neighbors detail command from Fremantle to gather information about all Cisco routers in the network.

42 What are three features of CDP? (Choose three.)
• provides information on directly connected devices that have CDP enabled
• tests Layer 2 connectivity
• enabled by default on each interface

• provides a layer of security
• used for debugging Layer 4 connectivity issues

43 Which two steps describe how to create a functional physical connection between a router console and a terminal? (Choose two.)
• Use a crossover cable to connect the terminal serial port to the router console port.
• Use a rollover cable to connect the terminal NIC to the router console port.
• Use an RJ-45 to DB-9 adapter on the terminal serial port to connect to the cable going to the router console.
• Use a transceiver to connect a straight-through cable to the router console port.
• Use a straight-through cable to connect the router console port to the terminal NIC.
• Use a rollover cable to connect from a terminal serial port to the router console port.

44 Refer to the exhibit. Assuming default metrics are used and the network is fully converged, which path will RIP use to send a packet from Router A to Router F?
• A, D, E, F
• A, B, D, E, F
• A, C, D, E, G, F
• A, B, D, E, G, F

45 Based on this partial output of the show ip route command, which routing protocol is configured on the router?
I 172.16.3.0/24 [100/80135] via 172.16.2.2, 00:00:27, Serial0/0
• RIP v1
• RIP v2
• IGRP
• EIGRP
• OSPF
• IGP

46 Why are routed protocols important to networking? (Choose two.)
• Routed protocols detect collisions and fragments.
• Routers use routed protocols to calculate the best path to a destination.
• Routed protocols transport data across the network.
• The fields and formats used within a packet are defined by routed protocols.

• Routed protocols are used to configure the metrics used by routing protocols.

47 What could a Cisco support technician learn from the IOS filename c2600-d-mz.121-3? (Choose three.)
• the format of the file
• the RAM memory requirements of the file
• the version number of the file
• the size of the file
• the device platform of the file

48 What critical information about the status of the router can be found in the outputs of both the show interfaces and show protocols commands? (Choose two.)
• the Layer 3 address of each configured interface
• the routing protocol configured to forward updates out of each interface
• the operational status of each interface
• traffic statistics for each interface
• whether the interface is configured as a DTE or DCE

49 Which of the following are true statements regarding IGRP and RIP? (Choose two.)
• IGRP uses a combination of different metrics for path selection.
• RIP is a proprietary protocol developed by Cisco.
• RIP has the ability to scale to large networks.
• IGRP has the ability to scale to large networks.

CCNA 2 - Module 11

1 Which statements are true regarding the significance of the access control list wildcard mask 0.0.0.7? (Choose two.)
• The first 29 bits of a given IP address will be ignored.
• The last 3 bits of a given IP address will be ignored.
• The first 32 bits of a given IP address will be checked.
• The first 29 bits of a given IP address will be checked.
• The last 3 bits of a given IP address will be checked.

2 Which of the following parameters can ACLs use to filter traffic? (Choose three.)
• packet size
• protocol suite
• source address
• destination address

• source router interface
• destination router interface

3 Choose the commands that will correctly configure a standard ACL. (Choose two.)
• Router(config)# access-list 97 permit host 192.5.5.1
• Router(config)# access-list 32 permit 210.93.105.3 0.0.0.0

• Router(config)# access-list 148 permit 201.100.11.2 0.0.0.0
• Router(config)# access-list 107 permit host 192.5.5.1 213.45.27.0 0.0.0.255 eq 23
• Router(config)# access-list 10 permit tcp 192.5.5.1 0.0.0.255 201.100.11.0 0.0.0.255 eq 80

4 Select the statements that describe ACL processing of packets. (Choose three.)
• An implicit deny any rejects any packet that does not match any ACL statement.
• A packet can either be rejected or forwarded as directed by the statement that is matched.

• A packet that has been denied by one statement can be permitted by a subsequent statement.
• A packet that does not match the conditions of any ACL statements will be forwarded by default.
• Each statement is checked only until a match is detected or until the end of the ACL statement list.
• Each packet is compared to the conditions of every statement in the ACL before a forwarding decision is made.

5 Which of the following are reasons to use ACLs? (Choose three.)
• to provide a basic level of security for network access
• to speed up network performance by filtering priority packets
• to preserve bandwidth by providing a mechanism for traffic flow control
• to decide which packets are forwarded or blocked at the router console port
• to screen certain hosts to either allow or deny access to part of a network
• to allow all packets passing through the router access to all parts of the network

6

Assuming the ACL in the graphic is correctly applied to an interface, what effect will the ACL have on network traffic?
• All traffic to network 172.16.0.0 will be denied.
• All TCP traffic will be permitted to and from network 172.16.0.0.
• All telnet traffic from the 172.16.0.0 network to any destination will be denied.
• All port 23 traffic to the 172.16.0.0 network will be denied.
• All traffic from the 172.16.0.0 network will be denied to any other network.

7 Choose the command that will correctly configure a standard ACL.
• Router# access-list 10 permit any
• Router# access-list 101 permit any
• Router(config)# access-list 10 permit any
• Router(config)# access-list 101 permit any
• Router(config)# access-list 10 permit any any

8

Select the commands that will apply the ACL in the diagram to filter traffic going to the 192.168.2.0 network.

• Router1# configure terminal
Router1(config)# access-list 10 in E0

• outer1(config)# interface ethernet 0
Router1(config-if)# access-list 10 in

• Router2(config)# interface s1
Router2(config-if)# ip access-group 10 out

• Router2(config)# interface ethernet 0
Router2(config-if)# ip access-group 10 out


• Router1(config)# interface ethernet 0
Router1(config-if)# ip access-group 10 out

• Router2# configure terminal
Router2(config)# access-group 10 out

9

Assuming the ACL in the graphic is correctly applied to an interface, what effect will this ACL have on network traffic?
• Host 192.168.15.4 will be denied ftp access to any destination, but will be permitted all other access.
• All ftp traffic to host 192.168.15.4 will be denied.
• All traffic from that interface will be denied.
• No traffic will be denied because a "permit" statement does not exist in this ACL.

10

Refer to the exhibit. The network administrator has connectivity to the routers and networks in the diagram. An ACL has been created to allow the network administrator FTP access to the webserver. This ACL must also deny FTP access to the server from the rest of the hosts on the LAN. Which interface in the exhibit is the recommended location to apply the ACL?
• FastEthernet 0/0 on the Carlisle router
• Serial 0/0 on the Carlisle router
• Serial 0/1 on the Mt. Holly router
• FastEthernet 0/0 on the Mt. Holly router

11 Select the correct statements about extended ACLs. (Choose two)
• Extended ACLs use a number range from 1-99.
• Extended ACLs end with an implicit permit statement.
• Extended ACLs evaluate the source and destination addresses.
• Port numbers can be used to add greater definition to an ACL.

• Multiple ACLs can be placed on the same interface as long as they are in the same direction.

12 The following commands were entered on a router:

Router(config)# access-list 2 deny 172.16.5.24
Router(config)# access-list 2 permit any

What can be concluded about this set of commands?
• The access list statements are misconfigured.
• All nodes on 172.16.0.0 will be denied access when these statements are applied.
• The default wildcard mask, 0.0.0.0 is assumed.
• The default wildcard mask 255.255.255.255 is assumed.

13 Where should a standard access control list be placed?
• close to the source
• close to the destination
• on an Ethernet port
• on a serial port

14 A router that has two Ethernet interfaces and one serial interface is configured to route both IP and IPX. What is the maximum number of IP ACLs that can be configured to filter packets on this router?
• 1
• 2
• 3
• 6
• 12

15 Which statement is true regarding wildcard masks?
• The wildcard mask and subnet mask perform the same function.
• The wildcard mask is always the inverse of the subnet mask.
• A "0" in the wildcard mask identifies IP address bits that must be checked.
• A "1" in the wildcard mask identifies a network or subnet bit.

16 ACL statements operate in sequential, logical order. If a condition match is true, the rest of the ACL statements are not checked. If all of the ACL statements are unmatched, what happens to the packet?
• The packets will be placed in a buffer and forwarded when the ACL is removed.
• The packets will be sent to the source with an error notification message.
• The implicit permit any statement placed at the end of the list will allow the packets to flow through uninhibited.
• The implicit deny any statement placed at the end of the list will cause the packets to be dropped.

17 Which of the following matches an ACL identification number with the correct protocol?(Choose three.)
• 0 - standard IP
• 99 - standard IP
• 100 - extended IP

• 210 - extended IP
• 678 - extended IPX
• 888 - standard IPX

18 The router IOS tests each condition statement in an ACL in sequence. Once a match is made, which of the following occurs? (Choose two.)
• The entire ACL must be deleted and recreated.
• The accept or reject action is performed.
• The packet is forwarded to the next hop.
• The remaining ACL statements are not checked.
• The router goes through the list again to verify that a match has been made.


19


Create a standard ACL that will deny traffic from 192.5.5.25 to the 210.93.105.0 network but will allow traffic from all other hosts. (Choose two.)

• Router(config)# access-list 22 deny 192.5.5.25 0.0.0.0

• Router(config)# access-list 22 deny host 192.5.5.25 0.0.0.0
Router(config)# access-list 22 permit any any

• Router(config)# access-list 22 deny 192.5.5.25 0.0.0.0
Router(config)# access-list 22 permit any


• Router(config)# access-list 22 deny host 192.5.5.25
Router(config)# access-list 22 permit any


• Router(config)# access-list 22 deny 192.5.5.0 0.0.0.255
Router(config)# access-list 22 permit any

CCNA 2 - Module 10

1 Which of the following describe how TCP adds reliability to communication? (Choose three.)
• Hosts using TCP set up virtual circuits at the beginning of the transmission using the three-way handshake.
• Hosts using TCP set the error-checking frequency at the beginning of the transmission and maintain this frequency for the duration of the data transfer.
• When a sending host does not receive an acknowledgment within a timed interval it retransmits data.
• The receiving host acknowledges that it has received the expected number of segments and requests additional data.

• The receiving host acknowledges any incorrectly received data and requests retransmission of damaged or missing bytes.
• The sending host transmits each segment twice to ensure that data is not lost.

2 A computer programmer is developing software that requires a reliable stream of data. Which protocol can be used in the software design to eliminate the need for building error detection and recovery into the application program?
• TCP
• IP
• ICMP
• UDP
• HTTP

3 Why is TCP considered a connection-oriented protocol?
• It establishes a virtual connection between hosts using a two-way handshake.
• It uses IP to guarantee delivery of packets between hosts.
• It requires hosts to go through a synchronization process prior to data transmission.
• It creates a connection that depends on application layer protocols for error detection.

4 At which point in the transmission process are segments numbered?
• when received
• when reassembling
• before transmission
• while negotiating window size

5 What is dynamically assigned by the source host when forwarding data?
• destination IP address
• destination port number
• default gateway address
• source IP address
• source port number

6 How are originating source port numbers assigned during the data encapsulation process?
• assigned manually by the user when starting the application
• assigned dynamically by the source host
• assigned by the routing protocol during the lookup process
• assigned by the destination host during session negotiation

7 Which of the following would an administrator do to defend against a denial of service SYN flooding attack? (Choose two.)
• Hide the source of incoming IP addresses.
• Decrease the connection timeout period.
• Synchronize all host communication.
• Increase the connection queue size.
• Flood the network with false SYN requests.

8 When a host receives a data segment, what allows the host to determine which application should receive the segment?
• IP source address
• IP destination address
• PAR
• sliding window
• port number
• SYN packet

9 What is used by UDP to determine if the data or header has been transferred without corruption?
• lower layer protocols
• checksum
• PAR
• sliding window
• acknowledgment and retransmission
• IP

10 What is the purpose of using port numbers in the transport layer?
• to identify the segment as being either TCP or UDP
• to provide reliability during data transport
• to identify the interface port number used by the router when forwarding data
• to track multiple conversations that occur between hosts

11 In the TCP header, which of the following determines the amount of data that can be sent before receiving an acknowledgment?
• segment number
• priority number
• window size
• value in the length field
• value in the port field
• acknowledgment number

12 What does TCP use to ensure reliable delivery of data segments?
• upper layer protocols
• lower layer protocols
• sequence numbers
• port numbers

13 Which of the following protocols uses UDP for transport layer services?
• SMTP
• HTTP
• DNS
• FTP

14 What type of segment and data is shown in the graphic?
• a UDP segment carrying e-mail traffic
• a TCP segment carrying FTP traffic
• an IP segment carrying FTP traffic
• a UDP segment carrying web traffic
• a TCP segment carrying web traffic
• an IP segment carrying e-mail traffic

15 What is the purpose of Positive Acknowledgment and Retransmission (PAR)?
• PAR allows the presentation layer to request that data be resent in a format the destination host can process.
• PAR provides a mechanism for the receiving device to request that all segments be retransmitted if one segment is corrupt.
• PAR helps ensure that a number of data segments sent by one host are received by another host before additional data segments are sent.
• PAR is used to renegotiate the window size during the synchronization process.

16 Which of the following are functions of the TCP protocol? (Choose three.)
• translation of data
• synchronization
• path determination
• flow control
• data representation
• reliability

17 What is used by both TCP and UDP when creating a segment?
• IP address
• MAC address
• IPX address
• socket or port number
• acknowledgment number
• sequence number

18 Which authority has control over the assignment of port numbers for applications?
• IEEE
• IANA
• InterNIC
• Software Developers Association

19 Which of the following describe types of port numbers that can be represented in the headers of TCP and UDP segments? (Choose three.)
• connectionless
• well-known
• operational
• dynamic
• registered

• static

20 What is the purpose of the three-way handshake that occurs between hosts using TCP as the transport layer protocol?
• to increase the number of packets that can be sent before an acknowledgment is required
• to allow a host to forward data to a router
• to establish a round trip connection between sender and receiver before data is transferred
• to provide a mechanism for data encryption and compression

21 During the encapsulation process, in which order are the IP address, MAC address, and port number assigned when the router is establishing communication with the TFTP server?
• IP address, MAC address, port number
• MAC address, IP address, port number
• port number, IP address, MAC address
• port number, MAC address, IP address

22 Which of the following describes a type of denial of service attack designed to exploit the normal function of the TCP three-way handshake?
• A host sends a packet with a spoofed source IP address.
• A host sends a packet with an incorrect destination IP address.
• A source sends a packet containing a garbled header.
• A host sends an oversized packet that fills the memory buffers of the destination host.
• A host sends a packet that contains a virus.
• A host sends a packet that contains a worm.

23 Which transport layer unit of information places the port number in the header?
• data
• segment
• packet
• frame
• bit