49 of 50

EWAN Final Exam - CCNA Exploration: Accessing the WAN (Version 4.0)
1 When NAT is in use, what is used to determine the addresses that can be translated on a Cisco router?
access control list routing protocol inbound interface ARP cache

Refer to the e hibit! Which "#AN will carr$ untagged traffic on %ast&thernet '(1?
"#AN 1 "#AN 2 "#AN 11 "#AN 12 "#AN )' "#AN ***

Refer to the e hibit! Which data transmission technolog$ is being represented?

T+, PPP -+#C .#/P

A networ1 administrator is instructing a technician on best practices for appl$ing AC#s! Which two suggestions should the administrator pro2ide? 3Choose two!4
Named AC#s are less efficient than numbered AC#s! .tandard AC#s should be applied inside the core la$er! Place standard AC#s as close to the destination as possible! AC#s applied to outbound interfaces re5uire fewer router resources! & tended AC#s should be applied closest to the source that is specified b$ the AC#!

A networ1 administrator has changed the "#AN configurations on his networ1 switches o2er the past wee1end! -ow can the administrator determine if the additions and changes impro2ed performance and a2ailabilit$ on the compan$ intranet?
Conduct a performance test and compare with the baseline that was established pre2iousl$! /nter2iew departmental secretaries and determine if the$ thin1 load time for web pages has impro2ed! +etermine performance on the intranet b$ monitoring load times of compan$ web pages from remote sites! Compare the hit counts on the compan$ web ser2er for the current wee1 to the 2alues that were recorded in pre2ious wee1s!

Which three guidelines would help contribute to creating a strong password polic$? 3Choose three!4
8nce a good password is created, do not change it! +eliberatel$ misspell words when creating passwords! Create passwords that are at least 9 characters in length! :se combinations of upper case, lower case, and special characters! Write passwords in locations that can be easil$ retrie2ed to a2oid being loc1ed out!

:se long words found in the dictionar$ to ma1e passwords that are eas$ to remember!

Refer to the e hibit! Router RT is not recei2ing routing updates from router RTA! What is causing the problem?
The ip rip authentication key-chain command specifies e am rather than test! The name of the 1e$string is not the name of the neighboring router! The 1e$ chains are gi2en the same name on both routers! The passive-interface command was issued for RTA!

9 Refer to the e hibit! %rom the output of the show interfaces and ping commands, at which la$er of the 8./ model is a fault indicated?
application transport networ1 data lin1 ph$sical

Refer to the e hibit! -ead5uarters is connected through the /nternet to branch office A and branch office <! Which WAN technolog$ would be best suited to pro2ide secure connecti2it$ between head5uarters and both branch offices?
AT, "PN /.+N %rame Rela$ broadband +.#

1' What function does NCP perform in the establishment of a PPP session?
/t opens the connections and negotiates configuration options! /t completes the specific configuration of the networ1 la$er protocol that is being used! /t tests the lin1 to determine whether the lin1 5ualit$ is sufficient to bring up networ1 la$er protocols! /t pro2ides automatic configuration of the interfaces at each end including detecting common configuration errors!

11

Refer to the e hibit! A pac1et is being sent from -ost A to -ost < through the "PN tunnel between R1 and R)! When the pac1et first arri2es at R), what are the source and destination /P addresses of the pac1et?
.ource 1*2!179!1!2 = +estination 1*2!179!0!2 .ource 1*2!179!)!1 = +estination 1*2!179!)!2 .ource 1*2!179!2!1 = +estination 1*2!179!)!2 .ource 1*2!179!)!1 = +estination 1*2!179!0!2

12

Refer to the e hibit! A technician is teaching a trainee to interpret the results of 2arious %rame Rela$ troubleshooting commands! What conclusion can be drawn from the output tha is shown?
Neighboring routers should use +#C/ 1;; to reach the <ranch router! +#C/ 1;; will be used to identif$ all broadcasts that are sent out the <ranch router! The <ranch router has the address 1*2!179!)!1 configured for the .'('(' interface! To reach 1*2!179!)!1, the <ranch router will use the 2irtual circuit that is identified b$ +#C/ 1;;!

1) What are the s$mptoms when the s'('(' interface on a router is attached to an operational C.:(+.: that is generating a cloc1 signal, but the far end router on the point=to=point lin1 has not been acti2ated?
show controllers indicates cable t$pe +C& "!)6! show interfaces s0/0/0 indicates serial down, line protocol down! show controllers indicates cable t$pe +C& "!)6! show interfaces s0/0/0 indicates serial up, line protocol down! show controllers indicates cable t$pe +T& "!)6! show interfaces s0/0/0 indicates serial up, line protocol down!

show controllers indicates cable t$pe +T& "!)6! show interfaces s0/0/0 indicates serial down, line protocol down!

10 When implementing a d$namic AC#, wh$ is it necessar$ to include an e tended AC# as part of the configuration process?
to disable the router 2t$ lines to reduce the d$namic AC# filtering load to o2erride an$ pre2ious AC# that might be applied to the router to pro2ide a controlled situation of allowing traffic through a router

16

Refer to the e hibit! Which configuration command would result in the output in the e hibit?
ip nat inside source static 10.1.200.254 172.16.76. ip nat inside source static 10.1.200.254 1!2.16".0.10 ip nat inside source static 172.16.76. 10.1.200.254 ip nat inside source static 172.16.76. 1!2.16".0.10 ip nat inside source static 1!2.16".0.10 172.16.76. ip nat inside source static 1!2.16".0.10 10.1.200.254

17 Technicians from Compan$ A and Compan$ < are comparing +.# transfer rates at their respecti2e companies! <oth companies are in the same cit$, use the same ser2ice pro2ider, and ha2e the same rate(ser2ice plan! Compan$ A, howe2er, reports higher download speeds than Compan$ <! Which option best e plains the reason for Compan$ A ha2ing the higher download speeds?
Compan$ A onl$ uses microfilters on branch locations! Compan$ < has a higher 2olume of P8T. 2oice traffic than does Compan$ A! Compan$ < shares the connection to the +.#A, with a larger number of clients than Compan$ A shares! The length of the local loop between Compan$ A and the C8 is shorter than the length of the local loop between Compan$ < and C8!

1; Which t$pe of de2ice is located at the central office of a carrier and combines indi2idual +.# connections from multiple users into one high=capacit$ lin1 to the /nternet?

splitter +.#A, microfilter transcei2er la$er ) switch

19 An issue of response time has recentl$ arisen on an application ser2er! The new release of a software pac1age has also been installed on the ser2er! The configuration of the networ1 has changed recentl$! To identif$ the problem, indi2iduals from both teams responsible for the recent changes begin to in2estigate the source of the problem! Which statement applies to this situation?
.cheduling will be eas$ if the networ1 and software teams wor1 independentl$! /t will be difficult to isolate the problem if two teams are implementing changes independentl$! Results from changes will be easier to reconcile and document if each team wor1s in isolation! 8nl$ results from the software pac1age should be tested as the networ1 is designed to accommodate the proposed software platform!

1* At what ph$sical location does the responsibilt$ for a WAN connection change from the user to the ser2ice pro2ider?
demilitari>ed >one 3+,?4 demarcation point local loop cloud

2' Which %rame Rela$ flow control mechanism is used to signal routers that the$ should reduce the flow rate of frames?
+& <& C/R %&CN C</R

21 What is tunneling?
using digital certificates to ensure that data endpoints are authentic creating a hash to ensure the integrit$ of data as it tra2erses a networ1 using alternate paths to a2oid access control lists and b$pass securit$ measures encapsulating an entire pac1et within another pac1et for transmission o2er a networ1

22 Which data lin1 la$er encapsulation protocol is used b$ default for serial connections between two Cisco routers?
AT,

%rame Rela$ -+#C PPP .+#C

2)

Refer to the e hibit! A networ1 administrator is attempting to configure a %rame Rela$ networ1! The administrator enters the commands as shown in the e hibit on R2, but the %rame Rela$ P"Cs are inacti2e! What is the problem?
The incorrect +#C/ numbers are being configured on R2! The .'('(' interface on R2 needs to be point=to=point! The fra#e-relay #ap commands are missing the cisco 1e$word at the end! A single router interface cannot connect to more than one %rame Rela$ peer at a time!

20

Refer to the e hibit! A host connected to %a'(' is unable to ac5uire an /P address from this +-CP ser2er! The output of the de$ug ip dhcp server command shows @+-CP+A there is

no address pool for 1*2!179!1!1@! What is the problem?

The default router for the 1*2Networ1 pool is incorrect! The 1*2!179!1!1 address has not been e cluded from the +-CP pool! The 1*2!179!1!1 address is alread$ configured on %a'('! The pool of addresses for the 1*2Networ1 pool is incorrect!

26

Refer to the e hibit! Which statement correctl$ describes how Router1 processes an %TP re5uest pac1et that enters interface .'('(', and is destined for an %TP ser2er at /P address 1;2!17!1!6?

The router matches the incoming pac1et to the statement that is created b$ access-list 201 per#it ip any any command and allows the pac1et into the router! The router reaches the end of AC# 1'1 without matching a condition and drops the pac1et because there is no statement that was created b$ access-list 101 per#it ip any any command! The router matches the incoming pac1et to the statement that was created b$ the access-list 101 per#it ip any 172.16.1.0 0.0.0.255 command, ignores the remaining statements in AC# 1'1, and allows the pac1et into the router! The router matches the incoming pac1et to the statement that was created b$ the access-list 201 deny ic#p 172.16.1.0 0.0.0.255 any command, continues comparing the pac1et to the remaining statements in AC# 2'1 to ensure that no subse5uent statements allow %TP, and then the router drops the pac1et!

27

Refer to the e hibit! Compan$ A<C e panded its business and recentl$ opened a new branch office in another countr$! /P27 addresses ha2e been used for the compan$ networ1! The data ser2ers .er2er1 and .er2er2 run applications which re5uire end=to=end

functionalit$, with unmodified pac1ets that are forwarded from the source to the destination! The edge routers R1 and R2 support dual stac1 configuration! What solution should be deplo$ed at the edge of the compan$ networ1 in order to successfull$ interconnect both offices?
a new WAN ser2ice supporting onl$ /P27 NAT o2erload to map inside /P27 addresses to outside /P20 address a manuall$ configured /P27 tunnel between the edge routers R1 and R2 static NAT to map inside /P27 addresses of the ser2ers to an outside /P20 address and d$namic NAT for the rest of the inside /P27 addresses

2; Which two statements are true about creating and appl$ing access lists? 3Choose two!4
8ne access list per port, per protocol, per direction is permitted! Access list entries should filter in the order from general to specific! .tatements are processed se5uentiall$ from top to bottom until a match is found! The term @inbound@ refers to traffic entering the networ1 from the router interface where the AC# is applied! .tandard AC#s should be applied closest to the source while e tended AC#s should be applied closest to the destination!

29

Refer to the e hibit! Computers on the internal networ1 need access to all ser2ers in the e ternal networ1! The onl$ traffic that is permitted from the e ternal networ1 must be responses to re5uests that are initiated on the internal networ1! Which securit$ measure would satisf$ this re5uirement?
a numbered e tended AC# a named standard AC# a refle i2e AC# a d$namic AC#

2*

Refer to the e hibit! A networ1 administrator has issued the commands that are shown on Router1 and Router2! A later re2iew of the routing tables re2eals that neither router is learning the #AN networ1 of the neighbor router! What is most li1el$ the problem with the R/Png configuration?
The serial interfaces are in different subnets! The R/Png process is not enabled on interfaces! The R/Png networ1 command is not configured! The R/Png processes do not match between Router1 and Router2!

)' Refer to the e hibit! The lin1 between the CTR# and <RB1 routers is configured as shown in the e hibit! Wh$ are the routers unable to establish a PPP session?
The cloc1 rate must be 67'''! The usernames are misconfigured! The /P addresses are on different subnets! The cloc1 rate is configured on the wrong end of the lin1! The C-AP passwords must be different on the two routers! /nterface serial '('(' on CTR# must connect to interface serial '('(1 on <RB1!

)1 What are two maCor characteristics of a worm? 3Choose two!4

e ploits 1nown 2ulnerabilities attaches itself to another program e ecuted b$ a predefined time or e2ent mas5uerades as an accepted program copies itself to the host and selects new targets

)2 A light manufacturing compan$ wishes to replace its +.# ser2ice with a non=line=of=sight broadband wireless solution that offers comparable speeds! Which solution should the customer choose?
Wi,AD ,etro &thernet satellite Wi=%i

)) At what point in the PPP connection process does the authentication phase occur?
after NCP establishes #a$er ) parameters before #CP begins the lin1 establishment process after the initial Configure=Re5uest message from the lin1 initiator after the lin1 initiator recei2es a Configure=Ac1 message from the responder

)0

Refer to the e hibit! Results of the show vlan and show vtp status commands for switches .1 and .2 are displa$ed in the e hibit! "#AN 11 was created on .1! Wh$ is "#AN 11 missing from .2?
There is a #a$er 2 loop! The "TP domain names do not match! 8nl$ one switch can be in ser2er mode! .2 has a higher spanning=tree priorit$ for "#AN 11 than .1 does!

)6

Refer to the e hibit! R/P22 has been configured on all routers in the networ1! Routers R1 and R) ha2e not recei2ed an$ R/P routing updates! What will fi the issue?
&nable R/P authentication on R2! /ssue the ip directed-$roadcast command on R2! Change the subnet mas1s to 1'!11!12!'(9 and 1;2!17!0'!'(17 on R2! &nable C+P on R2 so that the other routers will recei2e routing updates!

)7 An administrator is unable to recei2e e=mail! While troubleshooting the problem, the administrator is able to ping the local mail ser2er /P address successfull$ from a remote networ1 and can successfull$ resol2e the mail ser2er name to an /P address 2ia the use of the nslookup command! At what 8./ la$er is the problem most li1el$ to be found?
ph$sical la$er data lin1 la$er networ1 la$er application la$er

); Which statement is true about wildcard mas1s?

/n2erting the subnet mas1 will alwa$s create the wildcard mas1! The wildcard mas1 performs the same function as a subnet mas1! A networ1 or subnet bit is identified b$ a @1@ in the wildcard mas1! /P address bits that must be chec1ed are identified b$ a @'@ in the wildcard mas1!

)9 While configuring a router using R/Png and dual=stac1 technolog$ with /P20 and /P27, the administrator recei2es an error message when inputting /P20 routes! What could cause the error message?
/P20 is not compatible with R/Png

R/Png is incompatible with dual=stac1 technolog$! The router interfaces ha2e been configured with incorrect addresses! When /P20 and /P27 are configured on the same interface, all /P20 addresses are shut down in fa2or of the newer technolog$!

)* Which two protocols in combination should be used to establish a lin1 with secure authentication between a Cisco and a non=Cisco router? 3Choose two!4
-+#C PPP .#/P PAP C-AP

0'

Refer to the e hibit! What is placed in the address field in the header of a frame that will tra2el from the .an Eose router to the +C router?
+#C/ 1') +#C/ )'1 1;2!17!1!19 1;2!17!1!1*

01 Refer to the e hibit! Communication between two peers has failed! <ased on the output that is shown, what is the most li1el$ cause?
interface reset unplugged cable improper #,/ t$pe

PPP negotiation failure

02

Refer to the e hibit! A networ1 administrator is considering updating the /8. on Router1! What 2ersion of /8. is currentl$ installed on Router1?
1 12!0 16 1901

0)

Refer to the e hibit! An AC# called ,anagers alread$ e ists on this router! What happens if the networ1 administrator issues the commands as shown in the e hibit?
The commands are added to the end of the e isting AC#! The e isting ,anagers AC# will be o2erwritten b$ the new AC#! The router will output an error message and no changes will be made! A duplicate ,anagers AC# will be created that will contain onl$ the new commands!

00 Where will a router operating s$stem image be copied after the copy flash% tftp command is issued?
flash +RA, N"RA, remote ser2er

06

Refer to the e hibit! A Cisco router, R1, and a non=Cisco router, R2, were able to communicate successfull$ using %rame Rela$ before the$ were remo2ed from production! An administrator decided to reuse R1 and R2 for another purpose b$ implementing a direct connection between the two routers, but the %rame Rela$ configurations were sa2ed! When %rame Rela$ encapsulation is remo2ed from both routers the connection fails! What will correct the problem?
Configure both routers to use PPP encapsulation! Clear the frame maps on both routers and reboot! .et up a routing protocol to communicate between the two routers! Configure both routers to use -+#C encapsulation and remo2e the bandwidth statements!

07 A networ1 administrator determines that falsified routing information is propagating through the networ1! What action can be used to address this threat?
:pdate the /8. images! Change console passwords! &mplo$ end=user authentication! Configure routing protocol authentication!

0; What is the result when the command per#it tcp 10.25.1 2.0 0.0.0.255 any e& s#tp is added to a named access control list and applied on the inbound interface of a router?
TCP traffic with a destination to the 1'!26!1)2!'(20 is permitted! 8nl$ Telnet traffic is permitted to the 1'!20!1)2!'(20 networ1 Ttraffic from 1'!26!1)2!'(20 is permitted to an$where on using an$ port! Traffic using port 26 from the 1'!26!1)2!'(20 is permitted to all destinations!

09 Which statement about a "PN is true?

"PN lin1 establishment and maintenance is pro2ided b$ #CP! +#C/ addresses are used to identif$ each end of the "PN tunnel!

"PNs use 2irtual #a$er ) connections that are routed through the /nternet! 8nl$ /P pac1ets can be encapsulated b$ a "PN for tunneling through the /nternet!

0*

Refer to the e hibit! The corporate networ1 that is shown has been assigned networ1 1;2!17!129!'(1* for use at branch office #ANs! /f "#., is used, what mas1 should be used for addressing hosts at <ranch0 with minimal waste from unused addresses?
(1* (2' (21 (22 (2) (20

6' Which securit$ solution has the responsibilit$ of monitoring suspicious processes that are running on a host and that might indicate infection of TroCan horse applications?
anti2irus application operating s$stem patches intrusion pre2ention s$stem Cisco Adapti2e .ecurit$ Appliance