What service on the network is responsible for converting the FQDN(Fully Qualified Domain Name) to an IP address?
DNS is responsible for converting the friendly name such as www.github.com to an IP address.
You are monitoring network traffic and you notice a number of DHCP discover messages on the network. Which of the following is the destination address of the DHCP discover message?
The DHCP discover message is a broadcast message which is used to locate the DHCP server on the network. FF-FF-FF-FF-FF-FF is the layer-2 representation of a broadcast address
What device is responsible for regenerating the signal so that the signal can travel a greater distance?
A repeater is a Layer 1 device that is responsible for regenerating the signal
A device that can send and receive information, but not at the same time, is said to be
Half Dublex When a device can send and receive information, but not at the same time, it is known as half-duplex communication. Full duplex is when the device can send and receive at the same time.
A group of systems that can receive one another’s broadcast messages is known as a
Broadcast domain. A broadcast domain is a group of systems that can receive one another’s broadcast message. You can break your network into multiple broadcast domains by using routers or VLANs
You are monitoring network traffic and notice that there is a large number of broadcast messages sent across the wire. You would like to separate your network into multiple broadcast domains. How can you do this? (Select two.)
VLANs and Router
You can use VLANs or a router to break the network into multiple broadcast domains
A group of systems that can have their data collide with one another is known as a
Collision domain A collision domain is an area of the network where one system can collide with another system. Each port on a network switch or bridge creates a separate collision domain, whereas all ports on a hub are part of the same collision domain
Which of the following are considered layer-2 devices? (Choose two.)
Bridge Switch
Both bridges and switches run at layer 2 and are devices that filter traffic by the MAC address.
Which of the following are considered layer-1 devices? (Choose two.)
A hub and a repeater are examples of layer-1 devices. Remember that a layer-1 device works with the electrical signal
Which Gigabit Ethernet standard uses UTP cabling to reach 1000 Mbps?
The gigabit ethernet standard that uses UTP cabling is 1000BaseTX
Which 10 Gigabit Ethernet standard uses multimode fiber-optic cabling
The 10 Gbps standard that uses multimode fiber-optic cabling is 10GbaseSR. Remember that the S stands for short range, and multimode fiber-optic cabling is used for short distances
What type of cable would you use if you wanted to connect a system to an RJ-45 port on a switch?
Straight-through cables are used to connect dissimilar devices such as a computer to a switch or a router to a switch
You wish to network two systems by connecting a computer directly to another computer. Which type of cable would you use?
To connect two systems directly together, you use a crossover cable
You need to create a crossover cable. What wires would you cross on one of the ends?
In order to create a crossover cable, you would cross wires 1 and 2 with wires 3 and 6 on one of the ends
You have a UTP cable that has been configured at both ends with the 568B standard. What type of cable is it?
A straight-through cable is wired the same at both ends of the cable
You wish to create a crossover cable and have wired one end of the cable with the 568A standard, What standard should you use to wire the opposite end of the cable?
To create a crossover cable, you wire one end of the cable with 568A and the other end of the cable with 568B.
Which protocol is responsible for converting the logical address to a physical address?
The ARP request message is a broadcast message and is therefore destined for the broadcast address of FF-FF-FF-FF-FF-FF
Which of the following does TCP use to guarantee delivery?
Sequence numbers and acknowledgements TCP assigns each message (known as a segment) a sequence number. When a message is received at the destination, it sends an acknowledgement based on the received sequence number indicating that the message has been received.
Which TCP/IP protocol is responsible for error and status reporting?
Internet Control Message Protocol (ICMP) is responsible for error and status reporting and runs at the network lay
The router looks at which field in the IP header to decide where to send the packet?
Destination IP address When a router receives a packet, it compares the destination IP address in the IP header against the routing table to determine where to send the packet
Which flag is set in a TCP packet that indicates a previous packet was received?
The acknowledgement flag (ACK) is set on a packet to indicate that the message is confirming a previous packet has been received.
You wish to allow echo request messages to pass through the firewall. What ICMP type is used in an echo request message?
ICMP type 8 is used for echo requests, whereas echo reply messages are ICMP type 0.
Which of the following are fields found in the IP header? (Select all that apply.)
Source IP address
Time to Live The IP header contains information used by the IP protocol. Things such as the source and destination IP address, along with the TTL, are stored in the IP header. Source and destination port information are stored in the TCP or UDP header, and sequence numbers and acknowledgements are stored in the TCP header.
Which TCP flag is responsible for dropping a connection at any point in time?,
RST (Reset Flag) is used to drop the TCP connection at any time
Which of the following is the IPv6 equivalent to 127.0.0.1?
::1
The IPv6 loopback address is 0000:0000:0000:0000:0000:0000:0000:0001, which can be shortened as ::1. To shorten an address you are allowed to remove leading zeros to make the address 0:0:0:0:0:0:0:1. But then you are allowed to collapse multiple zeros with a colon between them to a double colon (::), which gives you ::1.
Your manager has been hearing a lot about IPv6 addressing, and asks you which of the following statements are true about IPv6 unicast addresses? (Select two.)
global address starts with 2000
The loopback address is ::1 The loopback address in IPv6 is ::1, whereas global addresses start with 2000. Be sure to know the IPv6 address types for the CCNA exams!
Which of the following is an example of an IPv6 link-local address?
fe80::f407:622c:a0ce:90cc Link-local addresses in IPv6 are similar to APIPA addresses in IPv4 and start with FE80. Be sure to study the IPv6 address types for the CCNA exams!
Your manager has asked you what some of the benefits of transitioning from IPv4 to IPv6 are. (Select two.)
(A) IPSec is optional
(B) No broadcast messages
(C) A 64-bit address scheme
(D) Telnet passwords are encrypted
(E) Automatic configuration
No broadcast messages
Automatic configuration There are some huge changes with IPv6, and two of those changes are the elimination of broadcast messages and the fact that IPv6 uses automatic configuration.
What IPv6 address type is similar to an IPv4 private IP address and starts with FC00?
Unique local address is similar to an IPv4 private address and starts with FC00
POP3 uses TCP port 110. Note that FTP uses TCP 21 and 20, IMAP uses TCP 143, and HTTPS uses TCP 443 SNMP uses UDP port 161
You are designing the IPv4 address scheme for the network. How do you calculate the broadcast address of a subnet?
Set all host bits to 1 In order to calculate the broadcast address of a subnet, you set all host bits to 1 and then convert to decimal
Your manager would like you to subnet the 129.65.0.0 network into six different networks. What is your new subnet mask?
255.255.224.0 To create six new subnets, you need to actually create eight subnets by borrowing three bits from the host ID portion of the subnet mask and converting them to subnet bits.
You are designing the IP address scheme for your network and you need to subnet the 142.65.0.0 network into 12 different networks. What is your new subnet mask?
(A) 255.255.240.0
(B) 255.255.192.0
(C) 255.255.224.0
(D) 255.255.248.0
255.255.240.0 In order to get support for 12 subnets you would need to subnet with 4 bits (24 = 16 networks). Because you started as a class B (the value of the first octet falls between 128 and 191) with a default subnet mask of 255.255.0.0, to add 4 subnet bits you would get a new subnet mask of 255.255.240.0.
See below: 11111111.11111111.11110000.00000000
equals 255. 255. 240. 0
32-12 =20 /20 olan
You are designing your IPv4 address scheme. How do you calculate the network ID of a subnet?
(A) Set all host bits to 0.
(B) Set all host bits to 1.
(C) Set all network bits to 1.
(D) Set all subnet bits to 0.
The network ID for a subnet can be calculated by having all host bits set to 0 and then converting to decimal.
How many hosts can exist on a network with the address of 180.45.10.20/20?
(A) 1,024
(B) 4,096
(C) 4,094
(D) 1,022
With a subnet mask of /20, 12 bits remain for host bits. You can calculate how many hosts are valid with the formula of 212 = 4,096 – 2 = 4,094 valid addresses.
How many subnet bits do you need to create 6 networks?
(A) 3
(B) 4
(C) 5
(D) 6
If you were to use only 2 bits to create subnets, you would get 4 of them (22 = 4). Because that is not enough, you need to add one more bit to get 23 = 8 networks! Three subnet bits are used to create between 5 and 8 networks.
The Fast Ethernet port on a router is assigned the IP address of 131.107.16.1/20. How many hosts can exist on the subnet?
There are 4,094 systems supported on the network. To calculate this, you look at the existing subnet mask in CIDR notation (/20) — meaning 20 bits are used for network bits. You then take that away from the possible 32 bits to calculate the number of host bits and get 12. You then calculate how many hosts (or systems) are supported by using the formula of 212 = 4,096 – 2 = 4,094. (Remember you need to take two away from the 4,096 because two host addresses are always illegal to use for hosts — the network ID and broadcast address.)
You want to assign your serial interface the third valid IP address in the second subnet of 192.168.2.0/26. Which IP address would you use?
(A) 192.168.2.3
(B) 192.168.2.35
(C) 192.168.2.64
(D) 192.168.2.67
192.168.2.67 The second subnet is the 192.168.2.64 subnet, with the third valid address being 192.168.2.67. Remember that the first address (64) is the network ID, so the first valid address is 65, then 66, and the third valid address is 67.
With the goal of preserving addresses, which of the following subnet masks would you use to create a subnet of up to 60 hosts?
(A) 255.255.255.224
(B) 255.255.255.192
(C) 255.255.255.252
(D) 255.255.255.248
. 255.255.255.192 You would need 6 host bits to support a minimum of 60 hosts
(26 = 64 – 2 = 62 valid IP addresses). This would create the following subnet mask in binary: 11111111.11111111.11111111.11000000 This converts to decimal as 255.255.255.192
You need to assign the fourth valid IP address of 107.53.100.10/12 to the Fast Ethernet port on the router. What address would you use?
(A) 107.53.0.4
(B) 107.53.100.4
(C) 107.0.0.4
(D) 107.48.0.4
107.48.0.4 To figure this question out, you must first determine the subnet range. You can do this by looking at the address first and determining that it is a class A address. Then look at the number of bits used in the network ID (/12) and note that it is 4 bits more than a default class A (/8). This means the network is subnetted. Look at the value of the last subnet bit (the 4th bit), which is 16, and that becomes the increment for you to determine the network IDs. The network IDs are:
107.0.0.0/12
107.16.0.0/12
107.32.0.0/12
107.48.0.0/12
107.64.0.0/12
A network administrator is working with the 195.34.56.0 network, which has been subnetted into 8 networks. Which of the following two addresses can be assigned to hosts on the same subnet? (Select two.)
(A) 195.34.56.35
(B) 195.34.56.14
(C) 195.34.56.76
(D) 195.34.56.58
(E) 195.34.56.98
(F) 195.34.56.129
What is the network ID of 190.53.159.150/22?
(A) 190.53.132.0
(B) 190.53.144.0
(C) 190.53.152.0
(D) 190.53.156.0
Which IP feature allows you to use different subnet masks on different subnets within the network?
(A) IP Subnet Zero
(B) RIPv1
(C) VLSM
(D) RIPv2
VLSM The variable-length subnet masks feature allows you to use different subnet masks for different subnets within your organization.
You are connecting two of your office locations together over a WAN link. Each office has a router with an IP address assigned. What should your subnet mask be in order to leverage the best use of address space?
(A) 255.255.255.0
(B) 255.255.255.192
(C) 255.255.255.224
(D) 255.255.255.252
255.255.255.252 To make the most efficient use of addressing, you should use a subnet mask that supports only the number of addresses needed. In this case, only two IP addresses are needed on the WAN link so you need 2 host bits (22 = 4 – 2 = 2 valid addresses). If you have 2 host bits, this means you would have 30 network bits, giving you a subnet mask of 255.255.255.252.
Cisco devices will have different types of ports, but the most common are the console (CON) port and the auxiliary (AUX) port.
The console port is used for local administration, whereas the auxiliary port is used to connect a modem to a router and to remotely manage the router.
Serial ports are used to connect to a WAN environment by connecting to an external CSU/DSU. Serial ports can also be used to connect two routers directly together with a back-to-back serial cable. In this example, one router will act as the DCE device and the other will act as the DTE device (specified on each end of the cable). The DCE device will need to specify the clock rate command
DTE == uç cihaz, PC yazıcı, router gibi son kullanıcı cihaz.
DCE == servis sağlayıcıların ağlarına ulaşabilmek için kullandıkları modem, multiplexer gibi cihazlardır.
There are different types of memory on the Cisco device.
Flash memory is used to store the Cisco IOS;
NVRAM is used to store the startup configuration; RAM or VRAM is used to store the running configuration; and
ROM is used to store the POST routines,
bootstrap program, and mini-IOSes, such as ROMMON, which you can use to troubleshoot problems with the real IOS.
Which of the following represents a purpose for the serial port on a Cisco router?
(A) To connect to the LAN
(B) To connect the console port
(C) To connect to the WAN
(D) To connect a modem
To connect to the WAN The serial port is typically used to connect to the WAN environment with an external CSU/DSU.
You could also use the serial port to connect directly to the serial port of another router for a back-to-back serial link.
You are configuring the DCE end of a point-to-point serial link between two routers. What extra command is typed on the DCE end of the link?
(A) clock rate 64000
(B) encapsulation hdlc
(C) ip address w.x.y.z
(D) no shutdown
clock rate 64000 The clock rate command should be configured on the DCE end of a point-to-point serial link. Note that if you are connecting your serial port to the ISP, then they are the DCE end of the communication channel and will configure the clock rate
The external CSU/DSU connects to which port on the router?
(A) FastEthernet0/0
(B) Con 0
(C) Aux 0
(D) Serial0/0/0
Serial0/0/0 The serial port is used to connect to a WAN environment and is typically connected to an external CSU/DSU if you do not have an integrated CSU/DSU in the router.
The interface type specified does not exist. Using the interface ID of “e” means you are referencing an Ethernet port (which is a 10 Mbps port). In this example, Fast Ethernet ports run at 100 Mbps and should be referenced with the ID of “f” or “Fa.
Which of the following are stored in ROM on the Cisco device?
(A) Startup config
(B) POST
(C) Bootstrap
(D) IOS
(E) ROMMON
(F) Running config
B. POST C. Bootstrap E. ROMMON ROM memory on a Cisco device is used to store the Power On Self Test (POST) routines, the bootstrap program, and the ROMMON
What command would you use to navigate from priv exec mode to user exec mode?
(A) disable
(B) shutdown
(C) enable
(D) exit
The disable command is used to move from priv exec mode to user exec mode.
What is the purpose of the POST?
(A) Locate the IOS in flash memory.
(B) Locate the IOS in ROM.
(C) Verify that hardware is functioning.
(D) Apply the startup configuration.
Verify that hardware is functioning. The POST is the first step performed in the boot process and is responsible for verifying that the hardware is functioning
You have rebooted your Cisco switch and it displays an amber light on the system LED during POST. What does this indicate?
(A) A failure during POST
(B) System booted without fault
(C) A successful POST
(D) Failed communication with router
A failure during POST When the system LED is displaying an amber light it means that the device had a failure during POST and is not operating properly
Which of the following best identifies the boot order of a Cisco device?
(A) Bootstrap loads IOS from flash; POST; apply startup configuration to running config.
(B) Bootstrap loads IOS from flash; apply startup configuration to running config; POST. (C) POST; apply startup configuration to running config; bootstrap loads IOS from flash.
(D) POST; bootstrap loads IOS from flash; apply startup configuration to running config.
POST; bootstrap loads IOS from flash; apply startup configuration to running config
When a device boots up, the POST first verifies the hardware, and then the bootstrap program loads the IOS image file from flash memory. Once the IOS has been loaded, the startup configuration is read from NVRAM and copied to the running configuration.
Your manager is wondering how many Fast Ethernet ports are on the router. What command would you use to find that out?
(A) show help
(B) show modules
(C) show fastethernet
(D) show version
The show version command displays the types of ports detected on the device and how many of each type of port.
Note that it also displays some important information regarding your Cisco device, such as the version of the IOS you are running, the IOS image filename, and the configuration register value
You wish to view the current value of the configuration register. What command would you use?
show version
You wish to disable the Fast Ethernet interface on your router. What command would you use?
router(config-if)#shutdown
Which of the following are encapsulation protocols that can be used on a serial link for a Cisco router? (Select all that apply.)
(A) IPX
(B) PPP
(C) PPTP
(D) HDLC
(E) RIP
PPP and HDLC
You can configure the serial interfaces of a Cisco router for either the HDLC encapsulation protocol or the PPP protocol
PPP and HDLC are layer-2 protocols used on a serial link. PPP is an industry-standard protocol and should be used when connecting heterogeneous environments, whereas HDLC is used only when connecting Cisco devices together
You would like to configure the Fast Ethernet port on your router for full duplex. What commands would you use?
R1#conf t
R1(config)#interface f0/0
R1(config-if)#duplex full
In order to configure full duplex mode on an interface, you must first navigate to the interface and then use the duplex command, followed by the word “full” as a parameter
When looking at the interface fastethernet 0/1 command, what is the port number for the interface?
The syntax to reference an interface is first the type of interface, followed by the slot/ port. In this example, the FastEthernet 0/1 is referencing slot 0, but the interface is 1.
In a point-to-point serial link between two routers, which router sets the clock rate?
DCE
Which of the following are additional commands needed to configure a serial interface over what is needed when configuring an Ethernet interface? You are configuring the DCE device on a serial link. (Select all that apply.)
(A) clock rate 64000
(B) description WAN link
(C) encapsulation hdlc
(D) ip address dhcp
clock rate 64000
encapsulation hdlc
When configuring a serial interface that acts as the DCE device, you need to provide the encapsulation protocol and the clock rate
What command do you use on the interface to assign an IP address to the interface automatically via DHCP?
R1(config-if)#ip address dhcp
In order to assign an IP address to an interface via DHCP, you use the ip address command but pass in the word dhcp as a parameter instead of an actual IP address
You would like to encrypt all passwords configured on the router. What command would you use?
service password-encryption
To encrypt all passwords in the configuration files on the router, you use the service password-encryption command — a great command to be familiar with for exam purposes and the real world!
You are administering a Cisco router. When you have a typo in the command name, you have to wait for the router to do a DNS lookup before getting control of the console again — an annoying problem. What command would fix it?
no ip domain lookup The no ip domain lookup command can be used to disable DNS lookups on the Cisco device
You would like the console to time out after a minute and 45 seconds of inactivity. What command would you use?
exec-timeout 1 45 You can use the exec-timeout command on the console port to specify a timeout value for the console.
When you do this, you specify the duration of inactivity in the format of minutes (space) seconds
What command can be used to modify the history size on the Cisco router?
R1#terminal history size 30 The command to increase the number of commands that are stored in the history buffer is the terminal history size command, which is executed from priv exec mode
After creating a user named Bob, you would like to ensure that the console port prompts for username and password. What command would you use?
r1(config-line)# login local
To configure the Cisco device to prompt for a username and password when connecting to the console port, you must first navigate to the console port and then use the login local command. This command tells the Cisco device to prompt for a username and password and authenticate against the local list of usernames.
You would like to delete the configuration on your router and start with a clean configuration. Which two commands would you use? (Select two.)
reload
erase startup-config
In order to delete the configuration off your router you would first erase the startup
config and then use the reload command to reboot the router. When the router reboots there is no startup-config to apply (so the router will prompt you to enter setup mode).
A network technician is having trouble connecting two routers across the serial ports. One router is a Cisco router, whereas the other router is from a different manufacturer. You have loaded HDLC on both routers. What should you do?
(A) Ensure the subnet mask on the serial ports is 255.255.255.252.
(B) Change the frame size on the serial interfaces.
(C) Use PPP as the serial link protocol.
(D) Change the buffer size on the serial interfaces
Use PPP as the serial link protocol.
The HDLC protocol on Cisco routers is a proprietary implementation of the protocol and can only be used to communicate with other Cisco routers via serial ports. If you have an environment that uses routers from different manufacturers, you will need to use an industry standard serial link protocol such as PPP.
You would like to verify the status of one of your interfaces. What command would you use?
The show interfaces command is used to view all interfaces and their status. You can also use the show interface command to view the status of a particular interface.
Which of the following commands display information on the IOS version? (Select three.)
(A)show version
(B) show IOS
(C) show hardware
(D) show flash
(E) show running-config
A. show version
D. show flash
E. show running-config
To view information on the IOS version that is running on your Cisco device, you can use the show version command, the show flash command, or the show running-config command.
The serial port has the wrong cable connected. The figure is showing that router R1 has the DTE end of the serial cable, but it appears as if the router is configured as the DCE end of the link when looking at the output of the show controllers command
You need to find out if the serial port on your router is acting as the DCE device in the point-to-point link with another router. What command do you need to use?
show controllers serial0/0 The show controllers command is used on an interface to display the clock rate on the link and to indicate whether the interface acts as the DTE or DCE device
You are troubleshooting communication across a serial port and use the show interfaces command to get the output displayed below. What is the problem? Serial0/2/0 is down, line protocol is down
. Check the physical connection. When looking at the status of an interface, the output first displays physical layer status (serial0/2/0 is down) followed by a comma, then the layer-2 status (line protocol is down). The layer-2 status relates to the protocol being used to carry data across the link (such as HDLC or PPP). If there is a problem with the physical connection, then the interface will appear as down. It is important to note that when the interface is “down,” the line protocol will always be “down.” In this case, you should be troubleshooting layer 1, the physical connection. If the interface is up and the line protocol is down, then you know there is a physical link, but there is a problem with the protocol or clock rate.
You use the show interfaces command and get the status below on your serial port. Which layer of the OSI model has a problem?
Serial0/2/0 is up, line protocol is down
Layer-2 problem
When using the show interfaces command, you see the status of the link shown in the format of Serial0/2/0 is up, line protocol is down. The Serial0/2/0 is up part indicates whether there is a link (layer-1), whereas the line protocol down part indicates whether the layer-2 protocol has been configured properly
Using the output below from the show interfaces command, what is most likely the problem?
Serial0/2/0 is up, line protocol is down
A protocol or clock rate has not been set. If the line protocol is down, there is a problem with the configuration of the serial link protocol or the clock rate. Also note that if the protocol has not been configured properly on the other end, the line protocol still displays as down
You must know the syntax for the copy command (copy ) to perform backup and restores of your IOS image and configuration files. For example, copy flash TFTP would back up your IOS to a TFTP server, but copy TFTP runningconfig would restore your running configuration from a TFTP server.
Know the ports used by the protocols discussed in this chapter. Telnet uses TCP port 23, SSH uses TCP port 22, and TFTP uses UDP port 69.
The Cisco Discovery Protocol is a Cisco proprietary protocol used to discover information about neighboring (directly connected) Cisco devices.
Know that the CDP advertisements are sent out every 60 seconds (known as the CDP timer) and stored for 180 seconds (known as the hold timer) by the receiving Cisco device.
You can change the CDP timer and hold timer with the global configuration commands of cdp timer and cdp holdtimer.
You can also use the show cdp command to view the configuration of CDP.
Which of the following connectionless application layer protocols is used to transfer Cisco IOS images and configuration files to a backup location?
TFTP is UDP based and is the protocol Cisco devices use to backup the IOS image and configuration files to a remote server.
A few weeks ago, you backed up your router configuration to a TFTP and now you wish to restore the configuration back to your router. What command would you use?
copy tftp running-config
In order to copy your configuration from a TFTP server to your router, you will use the copy command and specify TFTP as the source, and running-config as the destination. For example: Copy tftp running-config The Cisco device will prompt you for the IP address of the TFTP server to connect to for the configuration
Replace the IOS –> copy tftp flash
Back up the IOS –> copy flash tftp
Cisco exams will have drag-and-drop questions where you must drag the command onto the appropriate description, so be prepared for questions like this. In this case, the description and corresponding commands that are true in regards torestoring the IOS is the copy tftp flash command.
To do the opposite and back up the IOS, you would switch the source and destination parameters on the copy command — copy flash tftp
Which of the following commands allows you to view the filename of your IOS?
The show flash command can be used to view the contents of flash memory and includes showing you the file name and size of the IOS image
You are looking to create a backup copy of your Cisco IOS to a TFTP server. What command would you use?
The copy command backs up the Cisco IOS. Because the IOS resides in flash memory and you are sending the copy to the TFTP server, you need to use the copy flash tftp syntax.
You have three IOS image files in flash memory. What command would you use to control which IOS is used when the router starts up?
boot system You can use the boot system command followed by where the boot image can be found, then the filename of the boot image. Syntax is similar to: Boot system <flash/tftp> <filename.bin
What command would you use to ensure that the Cisco router loads the IOS image file of c2800nmadvipservicesk9-mz.124-15.T1.bin from flash memory?
boot system flash c2800nm-advipservicesk9-mz.124-15.T1.bin
In order to specify an image to use that is located in flash memory, you would use the boot system command followed by where the IOS image is stored (in this case, flash memory), followed by the image filename. For example: boot system flash c2800nm-advipservicesk9-mz.124-15.T1.bin
R1, R2, SW3
When you use the show cdp neighbors command to view other devices on the network, you will only see devices that are directly connected. These directly connected devices are known as neighboring devices
A. CDP is a Cisco proprietary protocol
D. CDP runs at the data link layer
F. CDP discovers directly connected devices.
CDP is a layer-2 protocol that Cisco created that is designed to discover neighboring (directly connected) Cisco devices and their details.
You are the network administrator for a small network. You are connected to the console port on a switch and would like to telnet into the router on the network, but you forget the IP address of the router. What command could you use to determine the IP address of the router?
You could use the show cdp neighbors detail command to view a list of neighboring devices and their details, such as type of device, model, and IP address
There is a switch on the network called NY-SW1. What command would you use on the router to determine the model number of that switch?
show cdp entry NY-SW1
To display details about a specific neighboring device, use the show cdp entry command with the device ID. This displays information about the device, such as the device ID, IP address, and the platform (model).
The frequency at which CDP messages are sent out is known as the CDP TIMER
CDP advertisement messages are sent out every 60 seconds by default. The interval of which messages are sent is known as the CDP timer and can be changed with the cdp timer command
You wish to view only the IP addresses of neighboring devices; what command do you use?
show cdp entry * protocol
The show cdp entry * protocol command shows all devices, and their IP addresses — and that’s all. Similarly, the show cdp neighbors detail command displays all devices and their IP addresses, but since it also displays additional information, this is an incorrect choice
You would like to alter the amount of time that CDP information is stored on a Cisco device. What command should you use?
cdp holdtime
To alter how long a Cisco device stores CDP advertisement information it receives from other Cisco devices, you would use the cdp holdtime command. Note that the default hold timer value is set to 180 seconds
What command do you use to disable CDP on the serial interface?
No cdp enable
Your manager is concerned that hackers can discover information about the network via CDP and asks you to disable CDP on your router. What command would you use?
no cdp run To disable CDP on the router and not just on an interface, use the no cdp run command.
You have suspended a Telnet session and wish to reconnect to that session again; what command do you use?
resume <Device ID>
In order to resume a suspended Telnet session, you use the resume command and specify the device ID as a parameter
What command do you use to determine if you have any suspended Telnet sessions?
The show sessions command displays a list of suspended Telnet sessions
Your manager would like you to monitor who is remotely connected to the router via Telnet. What command would you use?
In order to view who is connected to your Cisco device, you can use the show users command. It will display any connections, including console connections and remote connection to the device through the VTY ports.
Add the entry to the hostname table In order to resolve the name to an IP address, you must add the name and its corresponding IP address to the MAC address table.
To configure your router to query a DNS server, what command do you use?
ip name-server 23.0.0.10 The ip name-server command configures your router to send name queries to a DNS server.
You have configured your router for a name server, but you still find that names are not being resolved. What command would you execute?
ip domain-lookup
If you have configured your router for a name server, you may have to enable domain lookups if the administrator has disabled domain lookup. Use the ip domain-lookup command from global configuration to enable domain lookups
NY-R1(dhcp-config)#default-router 23.0.0.1
You can use the default-router command at the DHCP prompt to configure the DHCP server to hand out the default gateway setting
service dhcp In order to start the DHCP service, you can use the service dhcp command in global configuration
no service dhcp In order to stop the DHCP service, you can use the no service dhcp command from global configuration mode
You want to create configure DHCP on your router to give out IP addresses for the second subnet of 192.168.3.0/27. The addresses should be leased to clients for 7 days. What commands would you use?
This is a tricky question. It is a subnetting question mixed with a configuration of DHCP question. The first step is to note that the question asks to configure DHCP for the second subnet. With an increment of 32 (/27), the second subnet is 192.168.3.32. Then to create the DHCP pool you first use the ip dhcp pool global configuration command. Then specify the network range and any DHCP options, such as the lease time of 7 days in this case. Note that the syntax to specify the lease time is days hours minutes (7 0 0)
You are monitoring DHCP usage on your router. What command would you use to see how many DHCP related messages the router has received?
show ip dhcp server statistics
In order to view statistics on your server, you use the show ip dhcp server statistics command.
You are administering the DHCP service on your Cisco router and would like to look at the DHCP leases, What command would you use?
show ip dhcp binding In order to view the addresses that your DHCP has assigned to clients on the network, you use the show ip dhcp binding command
Your serial port is connected to the WAN environment, with your Fast Ethernet port connected to the LAN. When configuring NAT, how would you configure the serial port?
NY-R1(config-if)#ip nat outside
Since the serial port is connected to the WAN, you want to share that IP address with all other systems connected on the LAN. Part of the process to configure NAT is to configure the interfaces as either inside (they are connected to the LAN) or outside (connected to the WAN/Internet).
NY-R1(config)#ip nat inside source list 1 interface serial 0/0 overload
You need to configure NAT and specify access list 1 as the inside source list. In the same command, you are specifying serial 0/0 is to overload its IP address
What type of NAT maps a single public address to all internal addresses?
Overloading is a type of NAT that translates all private addresses on the network to the one public address. Overloading is achieved through port address translation (PAT)
What command can you use to view the NAT translation table?
show ip nat translations
To view the translation table of internal addresses to external addresses, you can use the show ip nat translations command
What is the default configuration register on most Cisco routers?
Most routers are configured for a default register of 0x2102, which specifies to load an IOS from flash memory and the startup config from NVRAM
After you have recovered the password on a Cisco device, what command would you use to set the configuration register back to the default?
config-register 0x2102
After you have recovered the password at the global config prompt, you can type the config-register command and use the original configuration register value of 0x2102
Access lists have an implied deny all at the bottom.
It is important to remember that access lists have an implied deny all rule at the bottom of each access list. This means that unless you specify traffic to be allowed, all traffic is disallowed. When creating access lists, if you expect all other traffic to be allowed you must have that as the last rule
You would like to ensure that only systems on the 216.83.11.64/26 subnet can telnet into your router. What commands would you use?
access-list 20 permit 216.83.11.64 0.0.0.63
line vty 0 4
access-class 20 in
When configuring access lists to control telnet access, you first create the access list. In this case, you have to specify a standard access list that includes the network ID and the wildcard mask to include the system in that network ID. It is important to note when creating the access lists, you do not use the subnet mask. Once the access list is created, you apply it to the telnet ports with the access-class command.
You have created a standard access list # 20 that permits a group of IP addresses. You would like to use this access list to control who can telnet into the router. What command would you use on the telnet ports?
access-class 20 in
When applying an access list to the telnet ports, you use the access-class command when at the prompt for the port. It is important to note that when assigning an access list to an interface you would use access-group instead of access-class while at the interface prompt.
A static route is one that is manually added to the router’s routing table.
You can use the ip route command to add a static route to the routing table.
You can delete a route from the routing table using the no ip route command. When troubleshooting routing issues, use the show ip route command to view the routing table
The gateway of last resort (GWLR) feature can be configured on your router so that your router will forward all packets that it has no destination route for to a different router. To configure the GWLR, you use the ip route command to add a route to the 0.0.0.0 network.
What type of memory stores the routing table on Cisco routers
RAM
The routing table is stored in volatile memory (VRAM, also known as RAM) and is retained through reboots only because it is rebuilt from the startup-config.
A. The destination IP address is that of Computer B
E. the destination MAC address is that of router R1.
When traffic is traveling the network, the source and destination IP addresses always stay the same each step of the way so that the big picture is always maintained, but the source and destination MAC addresses are always changing to suit the current phase of the communication
Your manager has disabled routing on the router by mistake. What command could you use to enable routing again?
ip routing
If you want to enable routing on your router, you can use the ip routing command. In order to disable routing, you use the no ip routing command
You delete a static route using the no ip route command
You have configured static routing on your router and would like to remove an entry from the routing table. What command would you use?
no ip route 27.0.0.0 255.0.0.0 26.0.0.2
You are the administrator for a small network made up of two routers. What is a quick method you can use to configure routing between all networks?
Configure the GWLR on both routers to point to one another.
In order to have each router send data to networks it is unaware of, you can configure the GWLR for each router to reference one another. For example, when RouterA does not know what to do with a packet it could forward to RouterB, and when RouterB does not know what to do with a packet it could be sending to RouterA
Your routers are running the RIP routing protocol and you type the following command. What is the outcome of typing this command?
Ip route 0.0.0.0 0.0.0.0 55.12.4.38
If there is no matching destination network in the routing table, the router will send the packet to 55.12.4.38.
This command will configure the Gateway of Last Resort (GWLR), also known as a default route, so that if there is no entry in the routing table for the destination network, the router will send the traffic to 55.12.4.38
ip route 0.0.0.0 0.0.0.0 145.66.77.99
When you configure the Gateway of Last Resort (GWLR), you configure a static route to the 0.0.0.0 network with a subnet mask of 0.0.0.0 and then specify where to send the traffic for unknown destinations.
Gateway of last resort The gateway of last resort shows as an entry in the routing table with the destination network ID of 0.0.0.0.
You are configuring router on a stick. Which of the following commands would create a subinterface on the router?
interface fa0/0.20
In order to create a sub-interface, you would use the interface command and reference the physical interface followed by a. (dot) and then a unique number to represent the interface. For example: Interface fa0/0.20
Data will be sent to 26.0.0.2.
Looking at the results of the show ip route command on the router, you can see the routing table. In the routing table, it is showing that there is a static route for the 29.0.0.0 network and traffic is to be sent to 26.0.0.2 to reach that network
Using the output shown below, which resulted from the show ip route command, what is the hop count to reach the 29.0.0.0 network?
S 29.0.0.0 [1/5] via 26.0.0.2
The hop count is shown after the administrative distance within the [1/5]. In this case, the hop count is 5.
To display your routing table, use the show ip route command. To view routing protocol details, you use the show ip protocols command.
Distance vector routing protocols send the entire routing table in an update at regular intervals to neighboring routers, while link state routing protocols are aware of the entire network topology and the state of the links. Distance vector routing protocols use the hop count metric, while link state uses the availability of the link and bandwidth.
RIP is an example of a distance vector routing protocol. To enable RIPv1, you use the router rip command to navigate to the router prompt and then enable RIP on each network interface with the network command. If you wish to use RIPv2, you then type the version 2 command at the router prompt.
When troubleshooting RIP, you can turn on RIP debugging with the debug ip rip command. Be sure to turn off all debugging, when you finish troubleshooting, with the no debug all command.
Which of the following is true of distance vector routing protocols?
Routers share routing table with neighboring routers
Sends entire routing table as an update Distance vector routing protocols share their routing table with neighboring routers and typically send the entire routing table as an update.
How frequently does RIPv2 send out routing updates?
30 seconds
The RIP routing protocol, whether RIPv1 or RIPv2, sends routing updates out every 30 seconds. RIPv2 does send those updates out as multicast traffic instead of broadcast traffic, as is the case with RIPv1.
Which of the following is true regarding link state routing protocols?
Routers share routing table information with all other routers on the networkMaintains multiple tables in memory —
one for neighboring routers, one to store the entire topology, and final table is the routing table. Link state routing protocols are aware of the entire network topology because there are multiple tables maintained in memory: a topology table, neighboring routers table, and the routing table. The routing table is shared with all other routers on the network.
You wish to see how RIP has been configured on the router. What command would you use?
RouterA#show ip protocols
To view the current RIP configuration after RIP has been enabled, you can use the show ip protocols command
You need to enable RIPng on each interface.
RIPng is the next generation version of RIP for IPv6 and requires you to enable RIPng on each interface.
RouterA(config-router)#passive-interface serial 0/1
To disable sending RIP update messages, you can use the passive-interface command at the router prompt.
What type of OSPF router connects one or more areas to the backbone network?
ABR
An area border router is designed to connect areas together; specifically, it is designed to connect OSPF areas to the backbone area known as area 0.
When configuring OSPF on your router, you have specified an interface to be part of area 0. What is the area known as?
Area 0 is known as the backbone of your network. When configuring OSPF, you start with the backbone and then create other areas for remote offices.
show ip protocols
show ip ospf neighbor
When troubleshooting OSPF, you can use the show ip protocols command to view which routing protocol is loaded and the show ip ospf neighbor to verify there are neighboring relationships with other routers
Which of the following commands enables an OSPFv3 process?
ipv6 router ospf 5
In order to enabled an OSPFv3 process, you use the IPv6 router OSPF 5 command. Note that OSPFv3 is OSPF for the IPv6 protocol
The mode button on the front of the switch toggles the display mode, which changes the meaning of the LEDs on the front of the switch. For example, if you are in status display mode, a blinking light means traffic is being transmitted on that port. But if the display mode is set to speed, then a blinking light on a port means you are running at 1 Gbps
Bob calls complaining that he cannot access the network. When you look at the switch, you notice the port he is connected to is displaying an amber light. What does this mean?
If the port has been disabled by an administrator (or automatically shut down through a feature such as port security), the port displays an amber light when a system is connected to the port. You will need to enable the port before you can use it
After powering on the Cisco switch you notice that the System LED is green. What does this indicate?
The system started without problems and is operational.
When the System LED on the switch displays a solid green light, this means that the system booted without any problems
After powering on the Cisco switch, you notice that the System LED is amber. What does this indicate?
There were POST errors.
When the switch powers on, it performs a POST. If there are problems with the POST, the System LED on the switch displays amber. A successful POST results in a green-lit System LED
You wish to verify which ports on the switch are running in full duplex mode. How would you do this
Switch the display mode to duplex and watch for a solid green light on the different ports. When you toggle the display mode of the switch to duplex, the port LEDs display a green solid light to indicate they are running in full duplex mode. If the port is running in half duplex, no light appears on the port LED.
When your switch is set to the display mode of speed, what does the LED for a 1 Gbps port look like?
Flashing green
This could change per switch, but typically, if the port is running at 1 Gbps it displays a flashing green light when the switch display mode is toggled to speed mode
The switch display mode is set to duplex and you have a computer connected to port number 4 with no light displaying on the port. What is the problem?
The port is running in half duplex. Light indicators and display modes seem to change a little with each Cisco model switch, but in general, when you are in the duplex display mode if the port is running at half duplex then the port LED does not light up.
Switches filter traffic and only send the traffic to the destination port, while a hub sends all traffic to all ports. A switch offers the benefit of filtering traffic and only sending traffic to the port where the destination system resides. This gives a huge security advantage and bandwidth benefit.
Fragment-free is the switch operation mode that processes frames by waiting to receive the first 64 bytes before forwarding the frame on
Which switch operation mode waits until the entire frame is received before forwarding the frame on to its destination?
The store-and-forward operation mode processes a frame by waiting till the entire frame has been received before forwarding the frame on to its destination
Which of the following commands assigns a default gateway address to your switch?
Switch(config)# ip default-gateway 24.0.0.1
The IP default-gateway command is used to configure your switch for a default gateway address. Note that this command is executed from global configuration mode
How long does a dynamic entry stay in the MAC address table?
300 seconds from last time used
dynamic entry in the MAC address table is one that is learned automatically by the switch based off traffic it has received and stays in the MAC address table for 300 seconds since last time it was used (by default).
The switch has learned the address based off traffic received.
A dynamic address in the MAC address table is one that the switch has learned from the source address located in the frames as it received them
You would like to change the amount of time an entry stays in the MAC address table on the switch to 400. What command would you use?
mac-address-table aging-time 400 The amount of time an entry stays in the MAC address table is known as the aging time and is set with the mac-address-table aging-time command
Your manager would like a port description configured to port number 5 on the switch labeling the port as being used by the file server. What set of commands would you use?
Switch#conf t
Switch(config)#interface f0/5
Switch(config-if)#description File Server Port
Jeff has disabled all of the unused ports on the switch. You would like to enable port 12. What command would you use?
no shutdown
You first navigate to the port you wish to enable, and then you can use the no shutdown command to enable a port
You wish to configure port 8 on the switch to negotiate its speed with the connecting system. What command would you use?
speed auto
In order to have the switch negotiate the speed with the connecting system, you would configure the speed setting to auto
You wish to configure port number 8 for full duplex. What command would you use?
duplex full
In order to configure full duplex, you must first navigate to the interface and then use the duplex full command.
You would like to configure all 24 ports on the switch for 100 Mbps. Which of the following represents the best way to do this?
What command shows you MAC addresses associated with each port on the switch?
show mac-address-table
To display the MAC addresses associated with each port on the switch, you view the MAC address table, which resides in memory on the switch. Use the show mac-address-table command
Half duplex Looking at the output shown in the figure,
which is the result of the show interface command being used, you can see that the port is running in half-duplex mode (third to last line).
show interface fa0/ 8 output
You wish to view the speed that port number 5 is using. What command would you use?
show interface f0/5 In order to view the settings on the port, you must use the show interface command and then the port number
100 Mbps
The output in the figure is showing the results of the show interface command being executed, where you can see the port is configured for half duplex at 100 Mbps (third to last line in the output).
When you connect the workstation to port 6, you can ping three other systems on the network, but you cannot seem to connect to the file server. You verify that others can connect to the file server, but you cannot connect to those other systems as well. What could be the problem?
You are in a different VLAN than the file server.
If you find that you can communicate with some systems on the network but not with others, it is possible that you are connected to a port that is part of a VLAN — meaning that you will not be able to communicate with others that are in a different VLAN unless a router is being used.
What Cisco switch feature will allow you to control which systems can connect to a port on the switch?
The Port Security feature allows you to control which systems can connect to the individual ports. You can limit systems that can connect by their MAC address
What option allows you to configure a static MAC address on the switch by using the MAC of the connected system?
The sticky option is important when configuring Port Security. It allows you to configure a port to allow traffic only from the current or first MAC address (assuming you set the maximum addresses to 1).
Which of the following violation modes would block traffic not coming from the correct MAC address, but allow traffic from the specified MAC address?
If you configure the address violation to restrict when you configure Port Security, the switch will allow the system with the valid MAC address to communicate over the port, but no other MAC address will be able to.
Which of the following actions disables the port when an address violation occurs?
Shutdown is the action you can configure on the switch that tells the switch to disable the port if there is an address violation.
show port-security interface f0/6
The output in the figure is showing the results of the show port-security interface command. You can use this command to verify that you have configured Port Security on the interface properly.
What mode must you place the interface into before you are able to configure Port Security on the interface?
Access
Before you can configure Port Security on a port, you must first put the port in access mode by using the port-security mode access command
You are having trouble with a system connecting to port 5 on the switch. You want to see if the port has been configured for Port Security. What command do you use?
show port-security interface f0/5
To view the Port Security settings on a port, you use the show port-security interface command
show port-security address
The output shown in the figure is created by using the show port-security address command. This command is used to view the Port Security addresses that have been configured on the switch.
What are the three actions that you can configure when an address violation occurs?
When configuring Port Security, you can configure one of three actions to be taken upon address violation: restrict, shutdown, or protect
Your manager has heard a lot about the VLAN feature available on switches and is wondering what the benefit is. What would your response be?
(A) To create communication boundaries
(B) Filters traffic based off layer-3 address
(C) Filters traffic based off layer-4 address
(D) Used to prevent loops on the network
To create communication boundaries VLANs are a great way to create communication boundaries because when a system is part of a VLAN it can only communicate with other systems in the same VLAN by default. It is possible to configure a router to route between the VLANs.
You wish to view the VLAN configuration on the switch. What command do you use?You are troubleshooting communication problems and suspect that a port is in the wrong VLAN.
show vlan
Which of the following protocols are used to carry VLAN traffic between switches? (Choose two.)
802.1q and ISL are two protocols used to tag VLAN traffic so that the data can be sent to another switch and processed. The receiving switch looks at the VLAN information to determine what ports to send the traffic to.
What command would you use on a port to specify that it is allowed to carry all VLAN traffic across the port?
switchport mode trunk.
You would configure the port in trunk mode in order for it to carry all VLAN traffic across the port to another switch
Which of the following commands is used to place port 6 in VLAN 2?
Switch(config)#interface f0/6
Switch(config-if)#switchport access vlan 2
In order to place a port in a VLAN, you must first navigate to the interface (port 6) and then place the port in access mode and associate a VLAN with the port at the same time.
The pings were unsuccessful. In the figure, you can see that there are 5 periods (.), each one indicating a ping reply that was not received.
You are troubleshooting communication problems on a network on the other side of the country. What command do you use to identify at what point in the communication pathway there is a failure?
traceroute ip_address
When trying to identify the point in the communication pathway that is failing, use the traceroute command, which sends you status information with each router that is hit on the way to the destination.
You receive the following output when looking at the show interfaces command. What should you check?
Serial0/2/0 is down, line protocol is down
Check the physical aspects of the link, such as the cable.
When an interface shows a status of down and the line protocol is down, you should look to the physical (layer-1) components of the network because the line protocol will not be up unless the interface is up — meaning you don’t know if the line protocol is a problem (even though it shows as down) until you fix the problem with the interface
R1 The ARP request would be sent to router R1 because that is the device Computer A needs to send the data to in order to have the data leave the network
Having a green link light indicates that which of the following conditions have been met? (Select two.)
The network media is attached at both ends of the link
a layer-2 protocol has been loaded and configured at either end of the link. If the link light on an interface displays green, it indicates that a physical connection is established between the two points, and a data link protocol is configured at either end.
There is an implied deny all traffic at the end of the ACL.
In this example, the access control list was created to allow telnet and SMTP traffic to pass through the router. There is an implied deny all other traffic rule at the end of the ACL, so if you expect traffic to pass through the router you must explicitly specify it.
You have a switch using multiple VLANs that is connected to a router using a straight-through cable. You have configured the router as a router on the stick. You have configured the subinterfaces on the router, but communication is not occurring between the VLANs. How do you fix the problem?
Enable trunking on the port connecting the switch to the router.
After configuring the router with sub-interfaces, you need to ensure that you configure the port on the switch that is connected to the router as a trunk port so that it can carry the VLAN traffic.
show ip arp
The command is displaying the ARP cache on the Cisco device. In order to view the ARP cache, you would use the show ip arp command
Which of the following commands can you use to figure out the IP address of a neighboring router?
show cdp neighbors detail
Of the commands listed, only the show cdp neighbors detail command displays a list of neighboring devices and their IP addresses
Looking at the output in the figure, you can see that the serial port on the router is configured as the data communication equipment ( DCE). The other end of the point-to-point link would be the opposite, data terminal equipment (DTE).
How do you view your ARP cache on a Cisco router? (Select two.)
show ip arp
show arp
The show ip arp command and the show arp command can be used to view the ARP cache on a Cisco router.
The show ip arp command only displays mac addresses that map to the IP Layer 3 protocol, while show arp will display all mac addresses for all Layer 3.
64 Kbps
You can view the clock rate on a serial link DCE link when using the show controllers command. Note that the clock rate is set to 64000, or 64 Kbps.
You receive the following output from the show interfaces command. What should you check?
Serial0/2/0 is up, line protocol is down
Check that the data link protocol is configured.
When the interface status displays as up and the protocol is down, this is an indication that the data link protocol has not been configured properly.
With a serial port, check that a layer-2 protocol such as HDLC or PPP has been configured.
You are having trouble communicating with a remote network. You have checked the status of the interfaces: Each interface is up, and the IP addresses look fine. What command do you use next?
show ip route
After you have verified the physical components and the IP addresses, you should verify that there is a route in the routing table to the destination network
Which of the following commands would you use to troubleshoot issues at layer 3? (Select three.)
(A) show ip interface brief
(B) show interfaces
(C) show protocols
(D) show controllers
(E) show ip route
show ip interface brief
show protocols
show ip route
When answering questions such as this, ask yourself what happens at layer 3 of the OSI model. The answer is the routing and logical addressing (which is handled by the IP protocol). So any commands that relate to routing or the IP protocol would be layer-3 Troubleshooting Commands. Be familiar with each of these show commands for the exam. You will need to use them in different simulators to identify the problem.
What command do you use to view whether your serial port is the DCE or DTE device?
show controllers serial 0/0
When troubleshooting your serial port and wanting to verify whether you have configured the interface as the DCE or DTE device, use the show controllers serial slot/ port command.
Which of the following commands would you use to check for issues at layers 1 and 2? (Select two.)
show interfaces
show controllers
Layer 1 deals with the physical aspect of the network, such as a link being present, while layer 2 of the OSI model deals with the protocol used to carry frames. The show interfaces command and show controllers command are used to troubleshoot layer 1 and layer 2.
Which of the following could be an indication of excessive collisions or bad packets submitted by a malfunctioning network card? (Select two.)
Runt
CRC
The runt and CRC count can be viewed on an interface to determine the number of small packets received and the number of packets received that do not have the CRC information matching the calculated checksum.
Both of these are an indication of collisions on the network or a bad network card sending garbage packets out on the network.
6
A runt is a packet that is smaller than the allowable size for the network. With Ethernet networks, that is 64 bytes. Looking at the figure, you can see that there are 6 runt messages received. Runt could be due to collisions or a malfunctioning network card sending garbage packets out on the network
You would like to see the number of runt packets received. What command would you use?
show interfaces To view the number of runt packets, which are packets too small for the network, you can use the show interfaces command
87
When looking at the show interface command, you can see the output of the interface in the last 5 minutes toward the bottom of the output. In this example, notice that there are 87 collisions on the fourth to last line of the output
Which of the following commands is recommended to disable debugging
no debug all
When you disable debugging, use the no debug all command so that you can be sure that all levels of debugging are disabled. Debugging places extra processing load on the router, which means you do not want it running if it is not needed.
You are troubleshooting problems with RIP and suspect that your router is no longer receiving RIP updates. What command would you use to help diagnose the problem?
debug ip rip When troubleshooting communication problems, you can use a number of debug commands in order to see different activity on the router. In order to view rip message sent and received, you can use the debug ip rip command.
You would like to view the details of all packets sent or received by the router. What command would you use?
debug ip packet
In order to view all packets being sent and received, including their details, you can use the debug ip packet command
What type of firewall can filter traffic by analyzing the payload of a packet?
An application layer firewall, also known as a proxy server, can filter traffic not only by IP address and port information, but also by analyzing the application data and determining if the packet is allowed through based on the contents of the data
What type of firewall filters traffic based on the context of the conversation and the layer-3 and layer-4 header?
A stateful packet inspection firewall is more advanced that a simple packet filtering firewall in the sense that it understands the timing of a packet and whether or not that packet is suited for that part of the communication
What type of attack involves the hacker altering the source IP address of a packet in order to bypass your packet filtering rules on the router?
Spoofing is when the hacker alters the source address to make the packet look like it is coming from somewhere else. Common examples of spoofing are MAC spoofing, IP spoofing, and e-mail spoofing.
For security reasons, you have decided to disable the built-in web server on the Cisco device. Which command would you use?
R1(config)# no ip http server
In order to disable the internal web server, you would use the no ip http server command in global configuration.
You would like to create a user named Bob that has privilege level 3. What command would you use?
R1(config)# username Bob privilege 3 password P@ssw0rd
To create a user with privilege level 3, you need to be in global configuration and use the username command with the privilege 3 option.
How would you view your current privilege level on a Cisco device?
show privilege
To display your privilege level, you can use the show privilege command
You wish to limit which device can connect to each port on the switch by configuring port security with the MAC address of each system currently connected to the switch. What command would you use?
SW1(config-if)#switchport port-security mac-address sticky.
You will need to use the sticky option on the switchport port-security macaddress command within the interface prompt for the interface you are configuring a MAC address for
You would like to configure port 5 on your switch to allow only one system to connect to the port that uses the MAC address of 1111.2222.3333. Which of the following configurations would you use?
SW1(config)#interface f0/5
SW1(config-if)#switchport mode access
SW1(config-if)#switchport port-security
SW1(config-if)#switchport port-security mac-address 1111.2222.3333
SW1(config-if)#switchport port-security maximum 1
SW1(config-if)#switchport port-security violation shutdown
In order to configure port security on a port, you must first navigate to the interface, then place the interface in access mode. You then enable port security and specify the MAC address to associate to the port. Finally, you limit the maximum number of MAC addresses used by the port to 1 and specify your violation mode.
Your manager would like to ensure that remote access to the router is only allowed using a secure communication protocol. Which command would you use
router(config-line)#transport input ssh
To ensure only secure communication is used to remotely connect to the router, you must configure SSH but also configure the VTY ports to use only SSH as the transport protocol
You are responsible for configuring Telnet access to the router. Which of the following commands would you use to ensure a username and password are required for Telnet access?
ROUTERA(config)#username bob password pass
ROUTERA(config)#line vty 0 4
ROUTERA(config-line)#login local
The username and password are created in global configuration mode, but then to ensure that anyone connecting through Telnet is prompted for a username and password you must navigate to the Telnet ports and use the login local command.
Which of the following commands are used to configure the router to only support SSH for remote management?
In order to configure your Cisco device for SSH, you would create a username and password (command not shown, but it is username bob password P@ssw0rd). Then generate a cryptographic key used to secure the communication (crypto key generate rsa). Once you create the key, you would then navigate to the VTY ports (line vty 0 4) and configure the ports to prompt for username and passwords (login local). Finally, you then ensure that the ports only accept SSH communication (transport input ssh).
What command would you use to configure the Telnet ports to support both SSH and Telnet as protocols?
transport input ssh telnet
To enable both SSH and Telnet access to the device for remote administration, you can use the transport input command on the VTY ports
What type of wireless network involves two wireless clients connecting to one another?
An ad-hoc wireless network is a wireless network that does not have a wireless access point and the systems connect directly to one another
Which agency is responsible for defining the wireless standards?
The IEEE is responsible for defining the wireless standards such as 802.11a, 802.11b, 802.11g, and 802.11n
An ESS wireless network covers a large area by having multiple access points using the same SSID and different channels. This enables users to roam around within the office and not lose their wireless connection
A Basic Service Set (BSS) is the name used for a wireless network involving clients connecting to an access point to gain network access
You are experiencing intermittent problems with your wireless network and you suspect it is interference from other wireless devices. What can you do to solve the problem?
Change the channel on the wireless access point.
If you are experiencing connectivity issues with a wireless network and you suspect it could be due to interference, then you can change the channel on the wireless access point to change the frequency that it is using.
What type of wireless network involves the wireless clients connecting to a wireless access point to access the network?
Infrastructure Wireless networks are running in infrastructure mode when connecting to a wireless access point to gain wireless network access.
You can also configure wireless networks in ad-hoc mode with one wireless device connecting to another wireless device
The diagram represents an ESS network with both access points using the same SSID
Each access point is using a different channel. An ESS wireless network is one that has multiple access points using the same SSID, with each access point using a different channel. An ESS is designed to allow users to roam throughout the building and still have wireless access
Which of the following are requirements for an ESS network? (Select three.)
Use multiple access points with the same SSIDs.
Each access point uses a different frequency range.
Access points must overlap by 10 percent or greater
In order to have users roam a wireless network and jump from one access point to another in the ESS, you configure multiple access points with the same SSID, each having a different frequency range (or channel), and they must overlap by at least 10 percent.
Which agency is responsible for regulating the use of wireless and wireless frequencies?
FCC
The Federal Communications Commission ( FCC) is responsible for regulating the use of wireless and wireless frequencies. It is the governing body that legalized public use of the 900 MHz, 2.4 GHz, and 5 GHz frequencies
Which of the following is another term for an ad-hoc wireless network?
IBSS
An independent basic service set (IBSS) is another term for an ad-hoc wireless network. The term comes from the fact that a basic service set (BSS) is a term for a wireless network using an access point
You are the administrator for a small office and have configured four access points to create the WLAN. What type of WLAN is created?
You can create an ESS wireless network by using multiple access points with the SSID set the same. This allows you to cover a wide area and support roaming users. You must also set the access points to use different channels
Which type of wireless network uses a single wireless access point with an SSID assigned?
The Basic Service Set (BSS) is the type of wireless network that has a single access point with an SSID assigned
You have installed a single access point to create a WLAN for a small office. What type of WLAN did you create?
A single access point creates a BSS wireless network
Which agency is responsible for ensuring compatibility with wireless networking components?
The Wi-Fi alliance would test and certify components for Wi-Fi compliance
You have installed a single access point to create a WLAN for a small office. What type of WLAN did you create?
A single access point creates a BSS wireless network.
Which wireless LAN design ensures that a roaming user does not loose connectivity when moving from one wireless access point to another?
Ensure that the area of coverage by both access points overlaps by at least 10%.
In order to support roaming users, you must have multiple access points configured, with each access point overlapping the coverage area by at least 10%.
Which type of wireless network supports roaming users by having multiple access points share the same SSID?
Extended Service Set (ESS) is the term used for a wireless network that supports roaming users by having multiple access points use the same SSID. Remember that you must configure each access point to use a different channel, and they must have overlapping coverage of 10 percent or more.
Which of the following should be done with the SSID on a wireless network in order to follow good security practices? (Select two.)
Change the SSID
Disable SSID broadcasting
You should change the SSID to one that is not easily guessed and then disable SSID broadcasting so that your wireless does not advertise the newly configured SSID
Which of the following represent good security practices for wireless networks? (Select three.)
Enable WPA2
Enable MAC filtering
Disable SSID broadcasting
In order to secure wireless network environments you can follow a number of best practices, such as disable SSID broadcasting to hide the network, enable MAC filtering in order to control what devices can connect to the network, and enable WPA2 to encrypt the communication.
Which of the following wireless encryption protocols is an older protocol using RC4?
WEP
WEP is an older wireless encryption protocol that uses the RC4 symmetric encryption algorithm with a static key.
You are configuring a wireless network for a customer. What reason would you give the customer as to why WPA should be used instead of WEP for the encryption?
WPA rotates the key with each packet.
WPA uses TKIP as a key rotation protocol. For each packet sent with WPA, TKIP changes the encryption key based off the initial key and its algorithm.
Which WPA2 mode involves using a pre-shared key as the method of security?
Personal
WPA personal mode, also known as PSK (for pre-shared key) mode, involves configuring a wireless access point and clients with a WPA key in order to access the network
Which wireless encryption protocol uses the TKIP protocol?
WPA uses the TKIP protocol as part of the encryption process. TKIP is responsible for changing the pre-shared key with each packet sent
Which wireless encryption protocol uses AES for encryption?
WPA2 is the more secure encryption protocol of the three major protocols ( WEP, WPA, and WPA2) and uses the Advanced Encryption Standard (AES).
What method of encryption does WPA2 use?
WPA2 uses AES-CCMP as the encryption method. AES is a very strong symmetric encryption algorithm used in many technologies today
Which wireless standard delivers data at 11 Mbps within the 2.4 GHz frequency range?
The IEEE 802.11b standard defines wireless in the 2.4 GHz frequency range that runs at 11 Mbps
Which wireless standard is capable of transferring data over 150 Mbps and runs at both the 2.4 GHz and 5 GHz frequencies?
The 802.11n wireless standard transmits data over 150 Mbps and runs at the 2.4 GHz and 5 GHz frequency ranges
Which wireless standard runs at 54 Mbps and is compatible with 802.11b?
802.11g runs at 54 Mbps and is compatible with 802.11b devices because it runs at the same frequency range of 2.4 GHz.
Which wireless network standard runs at 54 Mbps and uses the 5 GHz frequency?
The 802.11a wireless standard runs at 54 Mbps in the 5 GHz frequency range
Which wireless standard is compatible with 802.11a?
802.11a and 802.11n both run at the 5 GHz frequency ranges and are therefore compatible. 802.11n also runs at the 2.4 GHz frequency range
What is the bandwidth of a T1 WAN link?
A T1 link is made up of twenty-three 64 Kbps data channels, which equates to 1.544 Mbps
Which of the following represents a dedicated WAN link that you pay a monthly subscription fee for?
A leased line is a dedicated WAN link that you pay a monthly fee for.
Which WAN technology needs to first establish a connection between two points before sending the data and has all the data travel the same pathway?
A circuit switched network must first establish a communication channel before sending data. This is different than a leased line, which is a dedicated connection the entire time.
What is the bandwidth of a BRI subscription?
A BRI ISDN subscription uses two 64 Kbps data channels, giving you 128 Kbps
What is the bandwidth of a T3 link?
A T3 link supports a bandwidth of 44.736 Mbps
Which of the following technologies are dedicated leased lines?
A T1 or T3 link is considered a dedicated leased line because the connection is always available and dedicated to your company
What is the bandwidth of a PRI subscription?
A PRI ISDN subscription has a bandwidth of 1.544 Mbps.
Which type of WAN technology dedicates the bandwidth to the communication until the connection is terminated?
Circuit switching is responsible for creating the circuit, which is the bandwidth and pathway dedicated to the communication until the connection is closed
Which of the following is considered a not-so-permanent WAN link?
A circuit switched link is a temporary link that is established when communication is required and then the communication channel is terminated
Which of the following is a circuit switching technology?
ISDN is an example of a circuit switched technology, where the bandwidth is allocated for the duration of the connection
Which of the following WAN technologies are packet switching technologies? (Select all that apply.)
X.25; Frame relay X.25 and frame relay are examples of packet switching technologies where each packet can take a different route.
Which device on a point-to-point link needs to have the clock rate set?
The DCE device is responsible for setting the clock rate
Which of the following ports would you use to connect to a T1 connection?
(A) AUI
(B) F0/1
(C) Serial 0/0
(D) Console
To connect a T1 line to your router, you could connect an external CSU/DSU to the serial port on the router.
Which of the following devices would typically connect the serial port on your router to a T1 line?
(A) External CSU/DSU
(B) Internal CSU/DSU
(C) External modem
(D) Internal modem
External CSU/DSU
An external CSU/DSU device would connect to the serial port on a router and then to the service provider’s line. An internal CSU/DSU module could be added, but it would not connect to the serial port on the router.
What is the default encapsulation protocol on a serial link for a Cisco router?
HDLC is the default encapsulation protocol for serial links on a Cisco router. You can modify this and use the PPP protocol to take advantage of authentication, if you like.
You are connecting your Cisco router to a non-Cisco router over the serial link. Which of the following commands will you use?
encapsulation ppp
When creating a serial connection to a non-Cisco router, you must use an industry standard protocol such as PPP as the encapsulation protocol.
You have disabled the serial 0/0 interface with the no shutdown command. How will the show interfaces command display the status of the interface?
Serial 0/0 is administratively down, line protocol is down
Because you have disabled the port manually yourself, the port status will display as “administratively down.” It is also important to note that if the link is not up (layer 1), then the line protocol will not be up either (layer 2).
You have configured a test lab and you want to allow communication between two routers using PPP. Review the following code and identify any reasons why the two routers cannot communicate over the serial link.
MTL-R1(config)#interface s0/0
MTL-R1(config-if )#ip address 24.0.0.1 255.0.0.0
The encapsulation protocol needs to be set to PPP. The default encapsulation protocol on a serial link is HDLC.
Looking at the serial port, you can see that the encapsulation protocol is set to HDLC
Looking at the output of the show controllers command, you can see that the serial interface is a DCE device.
Which of the following encapsulation protocols will allow communication with non-Cisco devices?
(A) PPP
(B) HDLC
(C) Frame relay
(D) IPX
The PPP encapsulation protocol is an industry standard available with most router manufacturers and can be used for authentication across router vendors.
Which packet switched technology uses a fixed length packet size known as a cell?
If you want to load a Cisco proprietary encapsulation protocol over the serial link, what command do you use?
encapsulation hdlc
To utilize the Cisco proprietary version of HDLC, you use the encapsulation hdlc command.
Your router is unable to communicate over the WAN link that is connected to serial 0/0. What commands would you use to verify the status of the port? (Select two.)
show interfaces
show ip interface brief
In order to verify the status of the serial interface, you can use the show interfaces command and the show ip interface brief command.
Change the encapsulation protocol.
You can see that the link is up, but the line protocol is down. The line protocol being down could be because the clock rate is not set or you are using the wrong encapsulation protocol on the serial interface
What encapsulation protocol would you use on the serial port in order to support authentication?
PPP
Cisco devices can use either HDLC or PPP as the encapsulation protocol, with PPP being the one supporting authentication.
A The link is up
C communication over the layer-2 protocol is working. When using the show interfaces command on your serial link, if you see a line protocol is up it means that there is a link and the layer-2 protocol is configured properly.
You are the network administrator who manages a router in the Toronto office named TOR-R1 and the New York office name NY-R1. You would like to configure PPP as the encapsulation protocol over the WAN link with PPP authentication between the two routers. Which of the following commands represent the configuration on the Toronto router?
TOR-R1(config)#interface serial 0/0
TOR-R1(config-if)#encapsulation ppp
TOR-R1(config-if)#ppp authentication chap
In order to configure PPP authentication, you would first create a username and
password on the Toronto router that matches the name of the New York router. You
then navigate to the serial interface and enable PPP as the encapsulation protocol and
CHAP as the authentication protocol.
Which authentication protocol with PPP is considered the most secure?
CHAP is the more secure PPP authentication protocol because the password is not passed in clear text across the network.
You should use CHAP as the authentication protocol because the username and password are not sent over clear text using that protocol. PAP is the other authentication protocol that could be used, but it sends username and password in clear text
Which of the following commands would you use on the serial interface to configure CHAP authentication?
ppp authentication chapTo configure CHAP as the authentication protocol, you would use the ppp authentication chap command while at the serial interface
Which of the IEEE standards defines Gigabit Ethernet over copper wires?
The IEEE standard for Gigabit Ethernet on copper wires (1000BaseT) is defined in 802.3ab.
SNMP using UDP 161 port
Which of the following IPv6 communication methods is best known as “1-to-nearest”?
Anycast addressing involves sending the information to the closest device that can service the request.
The first 24 bits of the MAC address is known as the
The first half of the MAC address is a unique identifier assigned to the manufacturer of the network card; this is known as the Organizational Unique Identifier (OUI)
You need to back up your router configuration to a TFTP server. Which of the following commands would you use?
R1#copy running-config tftp
To back up your configuration to a TFTP server, you use the copy command and specify running-config as the source and tftp as the destination.
You have shelled out of your telnet session and wish to view the telnet sessions that are currently running in the background. What command would you use?
R1>show sessions
The show sessions command will display any telnet sessions you have
You wish to recover a forgotten password on your router. What value would you set the configuration register to?
To bypass the password you have forgotten on the Cisco device, you will interrupt the boot process and then change the configuration register value to 2142 in order to not have the startup config applied when you reboot the router.
Which of the following does OSPF use to calculate the cost of a link?
Bandwidth
You are configuring a serial port on the router. What command would set the clock rate to 32 Kb/s?
clock rate 32000 (bit)
What are three metrics that are used by routing protocols to determine an optimal network path? (Select three.)
(A) hop count
(B) bandwidth
(C) delay
(D) packet length
(E) distance
(F) quantity
hop count
bandwidth
delay Hop count, bandwidth, and delay are commonly used metrics for routing protocols
Which dynamic routing protocols support both route summarization and VLSM? (Select three.)
Only EIGRP, RIP v2, and OSPF support both route summarization and VLSM
ip nat inside source list 1 interface FastEthernet 0/0 overload
ip nat pool no-overload 192.168.1.2 192.168.1.63
prefix 24 The difference between these two options is based on the final result that you desired. If your goal was to support a PAT configuration, then answer A enables overloading, which would allow your configuration to function, allowing more than one user out; but if you were attempting to perform NAT, then choice D defines a pool of outside addresses and assigns it to be used for NAT.
What is the purpose of the overload option when working with NAT?
It changes the function of NAT to PAT.
Adding overload to your NAT configuration, either with a pool of addresses or with a single external address, changes the function to PAT
Which of the following commands would configure your router as a DHCP server, give out the address 192.168.1.1 as the default gateway value to clients, and lease the address to clients for 7 days?
R1(dhcp-config)#network 192.168.1.0 255.255.255.0
R1(dhcp-config)#default-router 192.168.1.1
R1(dhcp-config)#lease 7 0 0
To configure DHCP on your router, use the ip dhcp pool command in global
configuration mode. You then need to specify the network range that the DHCP
service is to have addresses out for, and then you can configure settings such as the
default-router address and lease time. The lease time is in the days_hours_mins
format.
What keystroke is used to suspend a telnet session?
To suspend your telnet session, you use the CTRL-SHIFT-6, then press X. You can then resume the session with the resume command.
You have client computers on your network that are having issues establishing sessions with a remote website. The router is performing NAT. You would like to reset their dynamic NAT addresses through the router. What command will erase their NAT entries in the router?
clear ip nat translations *
The clear ip nat translations * will remove all NAT associations. You will be able to verify this with the show ip nat translations command
Which of the following commands is used to assign a default gateway to a Cisco switch?
R1(config)#ip default-gateway 23.0.0.1
You should configure your switch for a default gateway if you’re going to telnet into the switch from a different network. Use the ip default-gateway global configuration command
Which of the selections will reduce the size of a collision domain? (Select two.)
Upgrading a hub to a switch
Adding a bridge between two hubs A collision domain is created when there is no filtering and directing of traffic based on MAC addresses. All ports on a hub will exist in a single collision domain; while each port on a bridge or switch is a separate collision domain. Implementing a bridge or switch to a network will increase the number of collision domains, but reduce the size of each collision domain. If there are fewer collisions on a network, then data will move more efficiently
Which of the following commands would you use if you wanted the port security feature to learn the MAC addresses of connected systems?
R1(config-if)#switchport port-security mac-address sticky
Use the sticky option with port security to indicate to the switch you wish it to learn the MAC address of the connected system and configure port security with that address. This saves a lot of typing of MAC addresses!
The figure is showing the output of the show cdp neighbors command. You can use this command to locate network devices that are close to you
Ağ ayağa kalktığında ping atmasak bile gösteriyor. Bize Local interface dediği Baktığımız cihazdaki interface Port Id dediği karşı cihazdaki interface yani Switch R2 R3 üzerindeki interface
VLAN information is propagated to all switches on a network through which protocol?
VLAN Trunking Protocol (VTP) is designed to synchronize the VLAN database on all switches on the network or within a VTP domain.
When a switch is participating in a STP network, how is the root bridge determined on the network? (Select two.)
Lowest priority
Lowest MAC address
When choosing the root bridge on a STP network, the switches will concatenate their configured priority and MAC address together, and the switch with the lowest value will be chosen as the root bridge
What are possible port states for a switch port that is participating in Spanning Tree Protocol (STP)? (Select three.)
Blocking
Learning
Forwarding
When a switch port has a device connected to a port, if the port is configured for STP, then the port will initially enter a Listening state,
where the switch will look for and process BPDU data. If the switch determines that it will not cause a network topology loop, the port will enter a Learning state,
when the switch will record a list of MAC addresses that exist on a network connected to that port. After a Learning period concludes, the port will enter a Forwarding state, where the port will forward traffic. If the switch (and the STP root bridge) determines that this port will create a loop on the network, then the port will enter a Blocking state.
Which port security violation mode disables the interface on the switch if an invalid system connects to the port until the administrator enables the interface?
The shutdown mode specifies to disable the interface till the administrator enables it
In order to configure port security on a Cisco switch, what mode does the port need to be running in?
Access
The port must be configured in access mode before configuring port security on the port.
You wish to verify that port security was configured on port 6 of the switch. What command would you use?
show port-security interface f0/6
You can verify that port security was configured on an interface by using the show port-security command along with the interface.
You are using Catalyst 2950 24 port switch. You have pressed the mode button to enable UTIL mode. All the port LEDs turn green except for the last GBIC port. What is the bandwidth utilization on the switch?
Between 25% and 50%
If all the LEDs were lit up, then the switch would be using more than 50% of its bandwidth; since there is still one LED that is out, the usage is between 25% and 50%.
The output shows 5 input errors and all 5 of those errors are CRC errors. This identifies that the payload data was damaged in transit
What are effects of using a half-duplex setting on a switch port? (Select two.)
Data can be sent only in one direction at a time
There will be an increase in the number of collisions.
Half-duplex settings only allow data to be sent in one direction at a time. This means that even on a port with a single device attached, there is an increased chance that another device will send data to the end node when that end node is attempting to send data, which will yield a collision. Full duplex settings would not have collisions in the same situation.
What information is displayed by the show version command?
How the system was last restarted
The version will usually display hardware model, IOS version, compilation date, uptime, what initiated the last restart, the system image filename, the active configuration register, and hardware configuration, such as ports, RAM, and NVRAM
Source IP address Standard ACLs are able to filter traffic based only on source IP address.
What is a valid purpose for implementing ACLs?
IP route filtering
ACLs filter IP-based traffic as it passes through the router
You have configured a router with an ACL and placed it on the inbound direction of an interface. When are packets processed against this ACL?
(A) Before and after routing packets to an outbound interface
(B) After routing packets to an outbound interface
(C) Before routing packets to an outbound interface
(D) None of the above
Before routing packets to an outbound interface
When an inbound ACL is placed on an interface, the ACL is processed when traffic enters the interface, before routing to an outbound interface. If the ACL is placed on an outbound interface, then the traffic is routed through the router before the ACL is processed.
You have used SSH to connect to your switch, which is experiencing performance issues. You have enabled several debug options, but you do not see the output of the commands on your screen. What must you do to enable this functionality?
Type terminal monitor.
Typing terminal monitor will copy all console messages over to the SSH or telnet session you are connected on. To stop this from happening, you will type terminal no monitor.
line vty 0 4
login local
transport input ssh
Your router does not have a boot directive in the current configuration. What is the order that the router will use to locate a valid IOS to load?
Flash, TFTP server, ROM
If there is no boot directive in the configuration, which specifies an IOS image to load, the router will search Flash for a valid IOS image. Then it will attempt to locate a TFTP server with an IOS image, and finally will load a mini IOS image that is found in ROM
You are implementing a new 802.11n network using the 2.4GHz channels. How many non-overlapping channels are available for use in the United States?
When using 802.11 technologies over the 2.4GHz frequencies, channels 1 to 11 have overlapping ranges, yielding a maximum of three non-overlapping choices.
Which selection is an authentication protocol that can be used on WAN connections that have used PPP encapsulation?
CHAP Challenge Handshake Authentication Protocol can be used for authentication on PPP links.
What component does your router use to connect to a T1 leased line?
CSU/DSU
To connect your router to a T1 line, you either connect a serial port to an external CSU/DSU or use an internal CSU/DSU on the router
Which layer of the OSI model does RSTP run at?
Data Link
Because RSTP (and STP) are protocols that run on the switch, they are layer-2 protocols (data link).
Which of the following is a benefit of RSTP over STP?
RSTP transitions to a forwarding state faster than STP does.
Rapid Spanning Tree Protocol (RSTP) introduces new port roles such as alternate so that when a port goes down instead of going through the entire election process again to determine which ports are in a forwarding state and which are in a blocking state, the switch enables the alternate port or the backup port.
Which of the following terms describes a spanning tree network where all switch ports are in either forwarding or blocking state?
Converged
The term used for when the switch has gone through the election process and determined which ports are to be in a forwarding state and which ones are to be in a blocking state is “converged
Which of the following is selected by STP as the root bridge?
(A) The switch with the highest priority
(B) The switch with the highest bridge ID
(C) The switch with the lowest IP address configured
(D) The switch with the lowest bridge ID
The switch with the lowest bridge ID The switch with the lowest bridge ID is selected as the STP root bridge. The root bridge has all its ports set to a forwarding state. The bridge ID is made up of the priority + MAC address of the switch.
PVST+ introduced which of the following port states?
Discarding
Per VLAN Spanning Tree (PVST)+ is based on the IEEE 802.1D standard, but uses only three port states of learning, forwarding, and discarding.
Which of the following represent STP port states? (Select three.)
(A) Blocking
(B) Listening
(C) Disabled
(D) Forwarding
Blocking
Listening
Forwarding
STP uses port states of blocking, listening, and forwarding. STP does not have a disabled port state.
Once the root switch has been selected, each switch must then determine its root port. Which port is selected as the root port?
(A) The port with the lowest MAC address
(B) The port with the highest MAC address
(C) The port with the lowest cost
(D) The port with the highest cost
The port with the lowest cost
The port with the lowest overall cost to the root bridge is selected as the root port.
The cost is determined based off the type of connection. For example, if the link is a 100 Mbps link, it will receive a cost of 19, while a 1 Gbps link has a cost of 4. In this case, the 1 Gbps link would be selected as the root port as it has the lowest cumulative cost.
Which of the following are true regarding RSTP?
Reduces converging time after a link failure
Uses additional port roles over STP
Transitions to a forwarding state faster than STP
Rapid Spanning Tree Protocol (RSTP) is designed to reduce the time it takes for STP to converge. With RSTP, additional port roles such as alternate and backup allow a switch to choose backup ports during conversion. This means that when a link goes down the alternate or backup ports can be used right away because they have already been identified. STP would go through the convergence process again
The show interface fastethernet 0/1 switchport command can be used to display trunking information such as the operational mode, the encapsulation protocol being used, the trunking VLANs, and the pruning VLANs.
Which of the following identifies additional port roles used by RSTP?
(A) Designated
(B) Root
(C) Blocking
(D) Alternate
Rapid Spanning Tree Protocol designates a backup port known as an alternate port should the root port go down.
You would like to ensure that when a system connects to a switch that it receives connectivity right away with little wait time. Which of the following commands would you use?
(config-if)#spanning-tree portfast
In scenarios where a system reboots a lot and you need it to come online as quickly as possible, you can enable the portfast option on the interface. This dramatically decreases the time it takes for the port to come only due to STP port states.
Decrease the priority below 4096.
To ensure that a switch is selected as a root bridge, you would lower the priority so it is the lowest priority switch. In this case, the existing root bridge has a priority of 4097 so you need to be lower than that
Which of the following statements are true of VLANs and their usage? (Select two.)
Communication between VLAN requires a router.
Each VLAN requires its own IP subnet.
VLANs are a great way to create communication boundaries on the network. If you have systems in multiple VLANs, you will need a router to route traffic between the VLANs. Each VLAN will need its own IP subnet.
Which of the following statements is true of the native VLAN?
Both sides of the trunk link should use the same native VLAN.
The native VLAN is the VLAN used on frames that have not been tagged for a particular VLAN. It is critical to set the native VLAN to the same VLAN on both ends of the trunk link.
You want to ensure that only VLAN 10 and VLAN 20 traffic can pass over a trunk link. Which command would you use?
SW1(config-if)#switchport trunk allowed vlan 10,20
By default, traffic for all VLANs is allowed to pass over a trunk port, but you can specify specific VLANs using the switchport trunk allowed vlan command.
F0/0 must be configured with sub-interfaces
F0/0 on R1 and F0/24 on the switch must use the same encapsulation protocol
Looking at the figure, in order to route between the two VLANs you must configure the router as a router on a stick. This involves configuring the interface on the router with sub-interfaces and enabling the connecting port on both the router and switch as a trunk port for the same encapsulation protocol.
Which of the following port types cannot be ISL trunk ports?
(A) 1 Gbps
(B) 100 Mbps Fast Ethernet
(C) 10 Mbps Ethernet
(D) 10 Gbps
10 Mbps Ethernet ISL trunk ports must be above 10 Mbps in order to carry the extra VLAN traffic.
You wish to prevent the sending of VLAN traffic to other switches if the destination switch does not have any ports in a specific VLAN. What VTP feature would you enable?
VTP pruning
The VTP pruning feature can be used to filter VTP messages that are destined for VLANs that exist on the switch
You would like to configure switch SW2 to receive VLAN information for the glensworld VTP domain. Which command(s) would allow you to do this?
vtp domain glensworld
vtp password P@ssw0rd
vtp mode client
In order to configure a switch to receive VLAN information via VTP, you must configure the switch for the VTP domain and supply the password for that domain. You then must put the switch in client mode so that it receives the list of VLANs from the VTP server.
Which VTP mode allows the creation of VLANs but does not accept changes from other VTP systems and does forward VTP messages on to other devices?
Transparent mode
VTP transparent mode allows a switch to create its own VLANs and will forward VTP messages on to other switches it is connected to.
Which of the following commands configures a port on the Cisco switch for trunking using 802.1q protocol?
Use the following commands:
sw(config-if)#switchport mode trunk
sw(config-if)#switchport trunk encapsulation dot1q
The VTP domain name is case sensitive. When configuring a VTP client, you must specify the VTP domain and the VTP password. It is important to note that the VTP domain is case sensitive
You wish to configure an Etherchannel link made up of two Fast Ethernet trunk ports without any negotiations. What command would you use when configuring the interfaces?
channel-group 1 mode on
Setting the channel-group mode to on forces the interface to be part of the grouping without any protocol negotiations. If you set the mode to active, then the interface can negotiate with other ports to be part of the grouping. Setting the mode to passive means that the port will not initiate the grouping, and setting it to off means it will not form the grouping
The system with the MAC address of 1111.2222.3333 can connect to port 8 along with two other systems.
The code example enables the port security feature with a maximum of three MAC addresses to be associated with the port. In the code example, one MAC address is being supplied so the other two MAC addresses can be dynamically learned.
You have configured three trunk ports in an Etherchannel group. What will happen when one port in the grouping fails?
The channel cost is increased.
Because the Etherchannel group has lost some bandwidth, the cost on the grouped link is increased.
✓Your Cisco device has different types of memory: ROM memory stores the POST routines, bootstrap program, and the mini-IOSes, while flash memory stores the IOS images. RAM (or VRAM) stores temporary information such as your current configuration, MAC table, and routing table. Non-volatile RAM (or NVRAM) stores your startup configuration.
✓ Ensure you understand the boot process of a Cisco device. On startup, the POST routines are performed, then the bootstrap program locates an IOS in flash memory and extracts it to RAM. The system then checks for a startup configuration file; if one does not exist it will check for a TFTP server. If a TFTP server does not exist with the startup configuration then the device will prompt for the initial configuration dialog.
✓ Know that you can view the current IOS information with theshow version command. If you wish to view all of the IOS images you have in flash memory you can use the show flash command. Be sure to understand how to read the show version output and identify information from the IOS details displayed with that command.
Where is the POST routines stored on a Cisco device?
The POST routines on a Cisco device are stored in ROM memory
Which of the following describes the benefit of booting from a TFTP server?
A central place to upgrade the IOS The one benefit of booting from an IOS image located on a TFTP server is that you can have multiple Cisco devices using the IOS image.
When you decide to upgrade the IOS image, you simply upgrade the file on the TFTP server with no need to reconfigure each Cisco device or perform the upgrade on each device. The downfall is that if the device cannot communicate with the TFTP server, it will be unable to load the IOS.
What happens after the bootstrap program locates the IOS in flash memory?
The IOS is loaded into RAM.
After the bootstrap program locates the IOS in flash memory, it then copies the IOS into RAM.
Which type of memory is used to store the bootstrap program?
The bootstrap program is stored in ROM memory.
The startup configuration is stored in which type of memory?
The startup configuration is stored in non-volatile RAM
What happens if a startup config does not exist on boot-up?
The device will try to connect to a TFTP server for the configuration. If the startup config does not exist,
the Cisco device will then try to load a startup configuration from a TFTP server. If a TFTP does not exist, the device will then present the initial configuration dialog to configure the device
What command would you use to configure the router to not load the startup configuration?
config-register 2142
Which component is responsible for locating an operating system to load in memory?
The bootstrap, which is located in ROM, is responsible for locating the Cisco IOS and loading it in memory
boot system flash c2800nm-advipservicesk9-mz.124-15.T1.bin
To configure your Cisco device to boot from a specific IOS located in flash memory, use the boot system flash command followed by the filename of the IOS image located in flash memory.
What command would you use to change the configuration file that is applied on startup?
boot config <file>
To change the configuration file that is applied at startup, you can use the boot config command and then supply the filename with the configuration you wish to use
show boot
command is used to display your boot-up (or startup) settings. Note that this command is being replaced by the show bootvar command
The bootstrap program is stored in what type of memory on the Cisco router?
The bootstrap program is stored in ROM memory
You wish to back up your IOS image to a TFTP server. What command would you use?
copy flash tftp <file>
In order to back up your IOS, you can use the copy flash tftp command to copy a file from flash memory to a TFTP server. The Cisco IOS will prompt you for the filename details after the command is issued
You have a copy of your IOS image located on a TFTP server. What command would you use to restore the IOS to your device?
copy tftp flash
You would use the copy command to copy the IOS from the TFTP server to flash memory
What command would you use to configure the Cisco device to boot from an IOS image located on a TFTP server?
boot system tftp <filename.bin>
To configure the Cisco device to boot from an IOS image located on a TFTP server, you can use the boot system TFTP command.
What command would you use to specify a secondary bootstrap image?
boot bootstrap
You can use the boot command to alter a number of boot preferences, such as specifying a secondary bootstrap image. Use the boot bootstrap command to specify the secondary bootstrap image on your Cisco device
What command would you use to configure your router to load the IOS image from a TFTP server?
boot system tftp <filename>
Use the boot system tftp command to load the IOS from a TFTP server.
You wish to delete a file from flash memory. What command would you use?
delete flash: <filename>
To delete a file from flash memory, use the delete command followed by the type of memory you wish to delete a file from and then the filename
You wish to invoke the initial configuration dialog. What command would you use?
setup
You can invoke the initial configuration dialog by using the setup command. The initial configuration dialog will then walk you through typical configuration of the Cisco device.
Which file contained in flash memory on a Cisco switch is used to store secured configuration data such as cryptography keys?
private-config.text
The cryptography keys on a Cisco switch are stored in a file called private-config.text. This file is located in flash memory and can be seen with a dir flash command.
You wish to display the contents of flash memory using IFS commands. What command would you use?
dir flash:
You can use the dir flash: command to display the contents of flash memory
62720 K
Looking at the results of the show version command, you can see the IOS version, the number of interfaces that exist (and their types), and the memory installed in the device. Looking at the figure in this example, you can see that there are 239 K of NVRAM and 62720 K of flash memory.
You wish to remove a license from your Cisco device. What command would you use?
license clear ipservices
You can use the clear parameter on the license command to remove a license from your Cisco device.
You have copied a new Cisco license file called r1fs-ips from the TFTP server to flash memory. How do you install this new license on your Cisco switch?
license install flash: r1fs-ips
After you acquire a new license, you can install it by first copying it to flash memory and then using the license install command to activate the license
Through 12.0.0.2, and through 14.0.0.2
When looking at the routing table, you can see that the route to the 15.0.0.0 network has two pathways – one going through 12.0.0.2 and the other pathway going through 14.0.0.2. In this case, you will notice that the administrative distance (90) and the cost (2681856) are the same. When the cost is the same, the router will load balance between the routes
What are the three tables that a link state routing protocol typically uses? (Select three.)
Topology table
Neighbor table
Routing table
Link state routing tables use a topology table identifying the entire network topology, a neighbor table identifying neighboring routers, and a routing table which includes the current routes.
You would like to enable IPv6 routing on your Cisco router. What command would you use?
ipv6 unicast-routing
You can enable IPv6 routing on the router by using the ipv6 unicast-routing command
Which of the following is the term for packets that are flooded when a topology change occurs?
LSA
When a change occurs to the network topology, a router sends out LSA messages informing other routers on the network of the change. This causes the routers to recalculate routes and update their topology databases.
Which of the following causes a router to ignore updates from lower metric paths for a period of time?
Holddown timer
The holddown timer is a feature on a router that forces it to retain routing information for a short period of time even after receiving a routing update with conflicting information. Once a route is marked unreachable, the route is held for the duration of the timer before accepting a new route to the destination.
Which of the following is the term for preventing a router from sending updates on a route through the interface on which it received the knowledge of the route?
Split horizon is a feature to help prevent routing loops by preventing a router from sending knowledge of a route out the interface it received knowledge of the route through
Which of the following involves a router learning that a route is down from its neighbor, and then sending an update back to the neighbor on the route with an infinite metric?
Poison reverse is a routing feature to help reduce routing loops by a router sending an update back to its neighbor for a downed route with an infinite metric.
What is the goal of route summarization?
The goal of route summarization is to reduce the size of the routing table by not listing each different route — you can use route summarization to summarize multiple routes as one
You are configuring OSPF and need to determine the summary route for networks 131.107.16.0 up to 131.107.19.0. Which of the following identifies the summary route?
(A) 131.107.0.0/22
(B) 131.107.16.0/24
(C) 131.107.16.0/21
(D) 131.107.16.0/22
You have a router connected to a switch that has three VLANs. You would like to configure the router so that it can be used to route traffic between the three VLANs. What do you need to do?
Configure router on a stick
You can configure the router as a router-on-a-stick, which allows the router to route between the VLANs. In order to do this, you must configure the interface on the router that is connected to the switch with sub-interfaces. You must also configure the connected port on the switch for trunking and an encapsulation protocol.
Router R1 is connected to a switch that has three VLANs. You are configuring the router to route traffic between the three VLANs. What do you need to do? (Select two.)
Configure the interface that is connected to the switch as a trunk port using the same encapsulation protocol.
Configure the interface that is connected to the switch with three sub-interfaces. In order to create a router-on-a-stick scenario to route between VLANs, you will need to configure three sub-interfaces and ensure that the interfaces are using the same encapsulation protocol as the trunk port on the switch
RIP is a distance vector routing protocol that has two versions: RIPv1 and RIPv2. RIP has an administrative distance of 120 by default that sends routing updates every 30 seconds
✓ RIPv2 is a classless routing protocol that supports VLSM and authentication.
✓ OSPF is a link state routing protocol that has a default administrative distance of 110. OSPF identifies neighboring routers by sending Hello messages every ten seconds.
✓ OSPF does not auto summarize routes by default: You must configure summarization. OSPF uses a metric know as cost, which is calculated based on the bandwidth of the link.
✓ OSPF minimizes bandwidth usage by electing a Designated Router (DR) that all routers will exchange information with. The DR will then send routing information to all other routers. The DR is elected by the router with the highest OSPF priority. If there are multiple routers with the same priority, then the router with the highest router ID is used. If the router ID has not been set, then a router ID is chosen by (a) the highest IP address on a loopback interface, or (b) if there are no loopback addresses, then the highest IP on a physical interface.
After configuring RIP, you are not receiving any RIP entries in your routing table. What command could you use to verify you are receiving RIP updates?
debug ip rip
When troubleshooting any routing protocol, you can turn on debugging of that protocol. To enable debugging for rip, you would use the debug ip rip command
Which of the following identifies differences between RIPv1 and RIPv2? (Select two.) (A) RIPv2 sends updates every 60 seconds.
(B) RIPv2 is classful.
(C) RIPv2 sends updates using multicast communication.
(D) RIPv2 sends updates using broadcast communication.
(E) RIPv2 supports authentication.
RIPv2 sends updates using multicast communication
RIPv2 supports authentication. RIPv2 sends routing updates to a multicast address while RIPv1 broadcasts the address.
RIPv2 also supports authentication, whereas RIPv1 does not
You have configured RIPv2 and you do not want it to auto summarize routes. What command would you use?
RIPv2 automatically summarizes routes, and if you want to disable that feature you can use the no auto-summary command
Version 1
Looking at the figure, you can see that the router has received a v1 update, which means version 1. You can also notice that the router is sending updates to the address of 255.255.255.255, which is a broadcast address. RIPv1 broadcasted updates, while RIPv2 multicasted the updates
You want to change the administrative distance of RIP to a value other than its default. What command would you use?
R1(config-router)#distance 80
In order to change the administrative distance of RIP, you can use the distance command at the router prompt. In order to change the administrative distance to a value other than the default, you would not change it to 120, because that is the default value.
You have a router with two networks you wish to advertise through RIP – the 192.168.3.0 and the 192.168.4.0 networks. Which of the following identifies the commands you would use?
R1(config)#router rip
R1(config-router)#network 192.168.3.0
R1(config-router)#network 192.168.4.0
show ip protocols
What is the maximum number of equal cost routes that can exist in the routing table with OSPF?
OSPF will load balance between equal cost routes to the same destination. You can have a maximum of 4 equal cost routes to a destination
Which of the following does OSPF use as a metric value?
OSPF uses cost as a metric
When the OSPF priorities on all the routers are the same, how is the DR selected?
The router with the highest router ID
If the OSPF priority is the same on each router, then the DR is selected based on the router with the highest router ID. The highest router ID is first selected by the highest IP address assigned to a loopback interface. If there are no loopback interfaces then the router ID is the highest IP address assigned to a physical interface.
How frequently are hello messages sent with OSPF?
Hello messages are sent every 10 seconds with OSPF.
Which of the following areas is considered the “backbone” area with OSPF?
Area 0 is the identity of the backbone area and all other areas in your autonomous system connect to it.
What is the purpose of a Designated Router (DR) with OSPF?
All other routers exchange info with the DR to cut down on bandwidth usage.
The designated router is a router that shares routing information with other routers. Routers on the network share their routing information with the DR and then the DR informs all other routers. This prevents each router from needing to share routing information with all other routers.
You wish to ensure that router R1 never becomes the DR. What should you do?
Set the priority to 0.
An OSPF router with the priority set to 0 will never become the DR.
What happens when the DR fails?
The BDR becomes the DR and an election for a new BDR occurs.
When the DR fails on the network, the backup designated router (BDR) becomes the DR and a new BDR is elected.
What are two reasons why two OSPF routers would not be able to create neighbor relationships? (Select two.)
Hello and Dead Interval timers are not configured the same on both routers.
The routers are in different areas.
In order for two OSPF routers to create neighboring relations, they must have the same configuration values for the Hello and Dead Interval values. They also must be configured for the same area
What is the purpose of the BDR with OSPF?
The BDR is elected when the DR is elected, and it acts as a backup DR in case the DR fails.
You want to change the OSPF priority of router R1. What command would you use?
ip ospf priority 20
In order to change the priority on the router, you can use the ip ospf priority command. The router with the highest OSPF priority will become the DR
Which of the following is used to calculate OSPF cost?
Bandwidth With OSPF, you can calculate the cost of a link by 100 000 000 / bandwidth. For example, if you have a 10 MB link, then the cost is calculated as 100000000/10000000 = 10. The cost on a 10 MB link is 10
Which of the following is used when the successor route fails?
Feasible successor route EIGRP determines the best route to a destination which is known as a successor route, and it determines a backup route known as a feasible successor
Hello messages are sent to which of the following addresses?
OSPF hello messages are multicasted to the address of 224.0.0.5.
✓ Know the details of EIGRP, such as the fact that it is a hybrid routing protocol that uses some distance vector features and link state routing protocol features. EIGRP has an administrative distance and is a Cisco proprietary protocol.
✓ Know the difference between a successor route and a feasible successor route. EIGRP stores the best route to a destination, known as a successor route, in the routing table. All routes are stored in the topology table as well, including backup routes to the successor route. These backup routes are known as feasible successor routes.
✓ When the successor route fails, the feasible successor route immediately becomes the successor and a new feasible successor route is elected. Having the backup (feasible successor) stored in the topology table reduces convergence time because it is available immediately.
✓ Know the commands to configure EIGRP. You use the router eigrp <AS #> command to enable EIGRP. You then use the network command with the network ID and the wildcard mask to enable EIGRP routing on that network. Know how to calculate the wildcard mask.
The quickest method is to take the subnet mask away from 255.255.255.255. For example, if a subnet mask is 255.255.255.192, then the wildcard mask for that network is 0.0.0.63.
✓ Know your commands to troubleshoot EIGRP. Some commands you should be familiar with are show ip route, show ip eigrp neighbors, show ip eigrptopology, and show ip protocols. Know which commands display what information: That can help you troubleshoot in scenario-based questions.
What is the purpose of the feasible successor route?
It is a backup route located in the topology table.
The feasible successor router is a backup route stored in the topology table
Which of the following is true in regards to the autonomous system (AS) number with EIGRP?
It must match on all routers that you want to share routing information. The autonomous system (AS) value must be the same for all EIGRP routers you wish to share routing information with
What happens when EIGRP has two paths with equal metrics to the same destination?
It load balances between the two paths. If EIGRP has calculated equal metric values for multiple routes to the same network, it will load balance between those routes.
The EIGRP algorithm looks at all the routes in the topology table and chooses the best route to a destination. The best route is known as the
Successor route
The best route is known as the successor route and is placed in the routing table
Which table does the successor route exist in? (select two)
Topology table
Routing table
The successor route is stored in both the routing table and the topology table
Which table does the feasible successor route exist in?
Topology table
The feasible successor route is stored in the topology table
What is the benefit of having a feasible successor route with EIGRP?
Quicker convergence
The feasible successor is a backup route that is ready to be promoted to the successor route without the need for update messages and hello packets. This speeds up convergence.
Which of the following describes a feasible successor?
Backup route stored in topology table
The feasible successor routes are backup routes that are stored in the topology table
Which of the following is true of the EIGRP successor route? (Select two.)
Successor routes forward traffic
May have a backup in a feasible successor route.
Successor routes are used to forward traffic to the destination network because those routes are stored in the routing table. The successor route may have a backup route known as a feasible successor route.
Which of the following describes a successor route?
Primary route stored in routing table
A successor route is a primary route stored in the routing table. Know that the feasible successor route is a backup route stored in the topology table
Which of the following does EIGRP use as its metrics by default?
Bandwidth
Delay
By default, EIGRP uses bandwidth and delay to calculate its metrics
Which of the following are true regarding successor routes?
They are backed by feasible successor routes
They are used to forward traffic to the destination
They are stored in the routing table.
Successor routes have backup routes known as feasible successor routes and are stored in the routing table (as well as the topology table). Because the successor route is stored in the routing table, it is used to forward traffic to the destination network.
What does an EIGRP router do if its successor route is active but there is no feasible successor route?
The router sends a multicast message to all adjacent neighbors.
The EIGRP router will send a multicast query to all adjacent neighbors, asking for available routes to the destination network.
When looking at the EIGRP topology, what code is used to indicate that there are no changes in the EIGRP topology?
Passive
When looking at the topology table, you can see a status on the left side for each route. If the status displays passive, that is a good thing because it means there have been not changes to the route.
You wish to disable auto summarization with EIGRP. What command would you use?
R1(config-router)# no auto-summary
EIGRP auto summarizes routes by default; to disable auto summary, you would use the no auto-summary command at the router configuration.
You are configuring router R1 and wish to enable EIGRP on all interfaces for the 11.0.0.0 network and 12.0.0.0 network. What command would you use ?
R1(config)#router eigrp 10
R1(config-router)#network 11.0.0.0 0.255.255.255
R1(config-router)#network 12.0.0.0 0.255.255.255
When enabling EIGRP on a router, you must use the router eigrp command in global configuration. You then use the network command with the network ID and wildcard mask for all the networks you wish to enable EIGRP on.
You wish to change the administrative distance of EIGRP. What command would you use?
R1(config-router)#distance eigrp 35 35
In order to change the administrative distance, you can navigate to the EIGRP router prompt and use the distance eigrp <internal_distance> <external_distance> command.
You have started the EIGRP process. What command would you use to enable EIGRP for network 172.16.16.0/20?
network 172.16.16.0 0.0.15.255
Looking at the output of the show ip eigrp neighbors command, you can see that the queue count (Q Cnt) is set to 0.
You can see at the top of the show ip protocols command output that it says “Routing Protocol is eigrp 10”. The 10 signifies the autonomous system number
show ip eigrp neighbors
You would like to view the IP addresses of neighboring devices with EIGRP. What command should you use?
show ip eigrp neighbors
To view the IP addresses of neighboring routers with EIGRP, you use the show ip eigrp neighbors command.
R1 would alternate between 14.0.0.1 and 12.0.0.2. Because there are two pathways to the 15.0.0.0 network with equal metric values, EIGRP will load balance between them
You have configured EIGRP and wish to check the queue count and retransmit interval for established adjacency. What command would you use?
Using the show ip eigrp neighbors command, you can see a list of neighboring devices (adjacent devices) and their statistics, such as the smoothed round trip time (SRTT) and the queue count (Q count).
Looking at the output of the show ip protocols command, you can see that the maximum paths is set to 4.
This means that EIGRP can load-balance between four equal cost routes.
You are troubleshooting EIGRP. What commands could you use to view the autonomous system number? (Select two.)
show ip protocols
show ip eigrp topology
You can see the AS number on routers running EIGRP by using the show ip protocols command or the show ip eigrp topology command
Looking at the figure, you can see that the Smooth Round Trip Time (SRTT) to R1’s neighbor is 40 ms. This is the time it takes for a message to be sent to the neighbor and a reply to come back.
✓ Cisco does not provide its own Syslog server, so questions related to Syslog will focus on device configuration rather than server configuration. Many free and commercial servers are available to you, such as SolarWind’s Kiwi Syslog Server and the open source syslog-ng.
✓ Both HA and dynamic routing protocols allow for recovery when routers become unavailable, but all HA solutions allow for recovery times in seconds rather than minutes. Both protocols can play a role in an effective enterprise network.
✓ Know the differences between SNMP v2 and v3, the latter of which is primarily support for authentication and encryption, and is more complex in setup.
✓ Understand the concepts of the NetFlow process, and be aware that the data sent to the NetFlow collectors includes statistics about all data that passes the router, and who the endpoints were on either side of the conversation. So you will see information such as “IP x.x.x.x had 5 conversations with IP y.y.y.y, and each conversation took x bytes and x packets to conclude.” This is valuable information when attempting to diagnose network performance issues.
✓ Be aware that the server that collects, gathers, and analyzes NetFlow data is called a collector, and although Cisco has products that will perform the NetFlow collector function, many third-party products do so as well.
What configuration change is needed at the desktop workstation when activating a second router that has been configured using VRRP?
No client changes are required; the new VRRP master router will take over the existing address.
Which of the following are Cisco HA options for routing? (Select two.)
GLBP
VRRP
Gateway Load Balancing Protocol (GLBP), Hot Standby Router Protocol (HSRP), and Virtual Router Redundancy Protocol (VRRP) are all high availability options for routing.
What are requirements for VRRP to be used on a network? (Select two.)
Two routers
Additional virtual IP address
To implement VRRP on your network, you will require a least two routers, each with its own IP address, and one additional virtual IP, which will be used by one master router and will be taken over by the backup router in the event that the master router goes offline.
When using GLBP, if the AVG router fails, what router becomes the next AVG? (Select two.)
The router with the highest IP address
The router with the highest priority
When configuring GLBP, routers can be assigned priorities with the glbp priority [1-255] command. The router with the highest priority will be chosen as the new AVG. If all priorities are the same, then the router with the highest IP address will be chosen
What is the advertisement timer for VRRP?
1 second
The default advertisement timer is 1 second. This is used to send out hello messages, and failure to receive hello data will trigger a failover
What is the major difference between GLBP and either VRRP or HSRP?
What statements are true about GLBP? (Select two.)
Routers share a common virtual IP address.
Routers have unique virtual MAC addresses.
GLBP routing groups will all share the same IP address, but each will have a separate MAC address. All hosts initially communicate with the AVG, which assigns the session to a router in the group
Which HA option for routers will have the lowest level of impact to users on the network during a failover ?
GLBP
Since all traffic is already load balanced between several active nodes of the GLBP routing group, device failure in that environment will cause the least user impact. When using VRRP and HSRP (without SSO), there will be a brief interruption in data services (from 3 to 10 seconds) while the secondary router is activated or promoted to the master role.
When working with GLBP, what is the role of the AVG?
Manages which data will be processed by which router
The AVG (Active Virtual Gateway) manages the group of routers that are all Active Virtual Forwarders (AVF). The AVG responds to all ARP requests for the virtual IP address and responds with the MAC address of the AVF that it wants to process data for that device
What is the benefit offered by the SSO addition to HSRP?
Preserves forwarding path
While Hot Standby Redundancy Protocol (HSRP) allows for failover between two or more routers, adding Stateful Switchover (SSO) to this configuration allows for preserving forwarding information. It also is less disruptive to the data flow. All three Cisco redundancy options, HSRP, VRRP, and GLBP, make up the First Hop Redundancy Protocol (FHRP) choices. FHRP is a more generic or blanket term
Never.
GLBP uses the priority option to choose a router to act as the Active Virtual Gateway (AVG). Once a router is running as the AVG, it will continue until it goes offline, when the priority will be used to choose a new AVG. The exception to this behavior is when the command glbp preempt has been added to the configuration, which will cause Router1 to take back the role when it comes online.
All routers require matching VRRP primary and secondary IP addresses.
All routers in a VRRP group are required to use the same primary and secondary addresses. In this case, they are using one primary and one secondary address
You have configured HSRP but want to add SSO. What changes do you need to make to Router2 to complete this configuration?
Router1(config)#redundancy
Router1(config-red)#mode sso
Router1(config-red)#exit
Router1(config)#no standby sso
Router1(config)#standby sso
To enable SSO mode, you will first set the mode, then clear the current standby settings, and reset standby sso on the device
Members of a GLBP group communicate with hello messages using the IP address of ________ on ____ port ____
224.0.0.102, UDP, 3222 GLBP routers communicate with each other using the multicast address of 224.0.0.102 on UDP port 3222.
Group numbers match
Virtual IP addresses match
From the data that is displayed in the output, it is required that the group number and virtual IP addresses match. The other settings do not need to be the same on all members of the group, but it is advisable that all hello times do match to prevent possible issues in communications.
How many standby groups can be assigned to a router when using HSRP?
When working with Ethernet and FDDI, HSRP supports 256 standby groups, while
Token Ring supports only 3.
How does a syslog server separate incoming log information?
It depends on the server.
Most syslog servers will separate incoming log data by client IP address, but this varies by syslog server and is usually configurable on the server
C. The syslog server is configured for a non-standard port. By default, syslog services run on UDP port 514. If your syslog server has been configured for a different port, you need to use a command with this format: logging host 10.1.8.50 transport udp port
What is the default port on which a syslog server operates?
The default port for syslog servers is UDP 514.
What elements make up a basic syslog message? (Select two.)
Time
Severity
A syslog message from an IOS device will contain the following components:
✓ Facility: The IOS component source for the message.
✓ Severity: The importance of the message.
✓ Hostname: The name of the device generating the message.
✓ Timestamp: When the message was generated at the device.
✓ Message: The test string which contains the details of the event or message.
The format of the syslog message would be like this:
mm/dd/yyy:hh/mm/ss:facility-severity-MNEMONIC:
Message-text A sample message would look like this:
✓ Mar 6 22:48:34.452 UTC:%LINEPROTO-5-UPDOWN:
Line protocol on Interface Loopback0, changed state to up
What is the name given to an alert generated by an SNMP agent?
When SNMP generates an alert to be sent to a management server via SNMP, the alert is called a trap
What is the name given to a piece of data that can be retrieved via SNMP?
OID
SNMP structure and data object names are stored in a Management Information Base (MIB), while each piece of data that is stored in SNMP is called an Object Identifier (OID).
What is the default port used by SNMP?
The default port for SNMP is UDP 161
What is name of the documented list of OID for a product?
The Management Information Base (MIB) stores a documented list of OIDs for a product
What is the purpose of a community name in SNMP?
Security password
The community name in SNMP is a password used to secure access to the OID information.
What is the major advantage of SNMP v3 over SNMP v2? (Select two.)
User authentication
Data encryption
The two major advantages that SNMP v3 provides are user authentication and data encryption.
What security step can be used to secure SNMP?
Implement access lists The best method to restrict access to poll SNMP data is to implement an access list and allow only read-only (ro) access, using a set of commands like these:
Router1(config)# snmp-server community comsecret ro 10
What information is required to send NetFlow data to a collector? (Select two.)
The IP address of the collector
The port the collector is using
The two pieces of information that you will need to configure a device to send data to a NetFlow collector are the IP address of the collector and the port that it is receiving data on. The default port for NetFlow is UDP 9996.
Which of the following are components in NetFlow data analysis? (Select two.)
NetFlow-enabled device
NetFlow collector
The two main components required for NetFlow to function are a NetFlow-enabled device (which will send system counters to a NetFlow collector) and a NetFlow collector. Several collectors are available, including Cisco NetFlow Collector, and third-party tools, such as Fluke Networks, SolarWinds, and NTOP.
The collector is configured for a non-default port.
The collector is using a different version.
The NetFlow version that is being used can be 1 (default), 5, or 9. The default port is UDP 9996. If the collector is not matching the default values, then the router configuration commands will need to provide these options
