Networking (FGE -ENT)

1
a
b
c
d

2
a
b
c
d

3
a
b
c
d
e

4
a
b
c
d

5
a
b
c
d

6
a
b
c
d

7
a
b
c
d

8
a
b
c
d

9
a
b
c
d
e
f

10
a
b
c
d

11
a
b
c
d

12
a
b
c
d

13
a
b
c
d

14
a
b
c
d

15
a
b
c
d
 16
a
b
c
d

17
a
b
c
d

18
a
b
c
d

19
a
b

20
a
b
c
d

21
a
b
c
d

22
a
b
c
d

23
a
b
c
d
e
 24
a
b
c
d
e

25
a
b
c
d

26
a
b
c
d

27
a
b
c
d
e

28
a
b
c
d

29
a
b

30
a
b
c
d
e

31

a
b
c
d

32
a
b
c
d
e

33
a
b
c
d
e

34
a
b
c
d
e

35
a
b
c
d

36
a
b
c
d

37
a
b
c
d

38
a
b
c
d

39
a
b
c
d
e

40
a
b
c
d

41
a
b

42
a
b

43
a
b
c
d
e

44
a
b
c
d

45
a
b
c
d

46
a
b
c
d

47
a
b
c
d

48
a
b
c
d

49
a
b
c
d

50
a
b
c
d

51
a
b
c
d

52
a
b
c
d
e

53
a
b
c
d
e

54
a
b
c
d

55
a
b
c
d

56
a
b
c
d

57
a
b
c
d

58

a
b
c
d

59
a
b
c
d
e

60
a
b
c
d

61
a
b
c
d

Answer

62
a
b
c
d

Answer

63
a
b
c
d

Answer

64
a
b
c
d

Answer

65
a
b
c
d

Answer

66
a
b

answer
 67
a
b

answer

68
a
b

answer

69
a
b
c
d

answer

70
a
b
c
d
e
answer

71
a
b
c
d
e
f

answer

72
a
b
c
d

answe

73
a
b
c
d

answer

74
a
b
c
d
e
f

answer

75
a
b

answer

76
a
b

answer

77
a
b
c
d

answer

78
a
b
c
d
e
f

answer

79
a
b
c
d

answer

80
a
b

answer

81
a
b

answer

82
a
b

answer

83
a
b
c

answer

84
a
b

answer

85
a
b

answer

86
a
b

answer
 87
a
b
c
d

answer

88
a
b

answer

89
a
b
c

answer

90
a
b
c

answer

91
a
b
c

answer

92
a
b
c

answer

93
a
b
c
answer

94
a
b

answer

95
a
b
c
d

answer

96
a
b

Answer

97
a
b
c
d

answer

98
a
b
c

answer

99
a
b

answer

100
a
b
c
d
answer
 Networking (FGE -ENT)
Packet switching is provided by
Router
Switch
Hud
Gateway

List the protocols at Layer 7 of OSI Model

Telnet
UDP
HTTP
IOS

A 3-way handshake consists of below packets

SYN
Hello
ACK
RST
FIN

Reliable data delivery ensures

confidentiality
integrity
availability
Reliability

Define Metric
Distance to the destination network
Distance to the destination host
length of cable in meters to destination network
length of cable in meters to destination host

Which OSI layer is used for reliable communication

Layer 1
Layer 2
Layer 3
Layer 4

A 10 port hub has

0 collision and 0 broadcast domains
1 collision and 1 broadcast domains
10 collision and 1 broadcast domain
1 collision and 10 broadcasr domains

The most effective way to mitigate congestion on a LAN would be to

Upgrade the network cards
Upgrade the CPUs in the routers
Change the cabling to CAT 6
Replace the hubs with switches

Which of the following is an example of a routed protocol?

OSPF
EIGRP
IP
IS-IS
ARP
IPX

How many pairs of wires are used in Full duplex

ff:ff:ff:ff:ff:ff signifies which of the following

Broadcast at Layer 3
Broadcast at layer 2
Multicast at layer 3
Multicast at layer 4

What ports are used for managing the device

Console
Management
Ethernet
Gigabit Ethernet

Correct encapsulation sequence is

data,segment,packets,frames,bits
bits,frames,packets,segment,data
data,packets,segments,frames,bits
bits,frames,segments,packets,data

CRC is run on
frame
packet
segment
data

Address Resolution Protocol is used to

Map domain name to IP address
Map MAC address to IP address
Map hostname to MAC address
Map IP address to MAC address
Which of the following is decimal 99
01110111
01101011
01100011
01010111

In which if the following situations you should not use full-duplex?

With a connection from a switch to a switch
With a connection from a router to a router
With a connection from a host to a host
With a connection from a host to a hub

What is the default bit rate used to connect console port of a cisco router

DNS uses
TCP
UDP

What will a switch do if it learns same MAC address from two different ports
Stop forwarding packets
Forward same frame on both the ports
Forward frame on only first learnt port
send some packets over one port and few on other

A computer on network is unable to connect to network and its IP is 169.254.253.252. What does it indicate
Cannot reach the gateway
cannot reach the DNS server
cannot reach the DHCP server
cannot reach the switch

What must happen if a DHCP IP conflict occurs?

Proxy ARP will fix the issue.
The client uses a gratuitous ARP to fix the issue
The administrator must fix the conflict by hand at the DHCP server
The DHCP server will reassign new IP addresses to both computers

Which two of the following are private IP addresses?

182.192.168.252
172.21.106.10
192.186.168.103
172.33.251.11
192.168.10.33
What is the subnet number in which IP address 172.16.10.15/27 reside?
172.16.10.0
172.16.10.16
172.16.10.32
172.16.10.48
172.16.10.64

What is the subnet mask for /21 address?

255.255.224.0
255.255.248.0
255.255.252.0
255.255.255.128

what is the valid number of hosts in LAN subnet that use 255.255.255.224?

To test the IP stack on your local host, which IP address would you ping?
172.0.0.1
1.0.0.127
127.0.0.1
127.255.255.255
255.255.255.255

How many telnet lines can you configure a password for?

MTU, duplex and bandwidth can be seen in out of?

sh ip interface
sh interface

What could be the possible issue with the output below

R1#sh interfaces fa 0/0
FastEthernet0/0 is up, line protocol is up
Hardware is DEC21140, address is ca01.1cb4.0000 (bia ca01.1cb4.0000)
Internet address is 10.0.0.1/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:45, output 00:00:08, output hang never
 Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
145 packets input, 43533 bytes
Received 136 broadcasts, 0 runts, 0 giants, 0 throttles
3058429 input errors, 15028637 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
1230 packets output, 124293 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
2 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out

Speed mismatch
Excessive collisions
Large frames received
Interference
NIC card failure

You type the following command into the switch and receive the following output:
Switch#show fastethernet 0/1
^
% Invalid input detected at ^ marker.

Why was this error message displayed?

You need to be in privileged mode.
You cannot have a space between fastethernet and 0/1.
The switch does not have a Fastethernet 0/1 interface
Part of the command is missing.

Which of the following commands will display the current IP addressing and the layer 1 and 2 status of an interface?
show version
show interfaces
show controllers
show running-config
show ip interface

Which of the following is similar to CDP

LLDP
STP
EIGRP
DHCP
NDP

When you are sending ICMP echo to a distant host in remote network, what is the destination MAC address used?
MAC address of remote host
MAC address of the remote network
MAC address of the remote gateway
MAC address of host gateway
broadcase MAC address

What is default route

Where all packets are forwarded
Where unknown destined packets are forwarded
Where specific destined packets are forwarded
Where specific destined packets are dropped

What is prefix routing

Subnet mask information is not sent
Subnet mask information is sent
Classful subnet mask information is not sent
Classful subnet mask information is sent

"default-information originate" - what does this command do

Originate default route into its own routing table
Originate default route into its directly connected routers routing table
Originate default route into all the routers
Originate default route into neighbor routers where interfaces are not passive

Which of the following is routing types

Static
Dynamic
Default
Both A and B

Which of the following statements are true regarding the command ip route 172.16.4.0 255.255.255.0 192.168.4.2?
The command is used to establish a static route.
The default administrative distance is used.
The command is used to configure the default route.
The subnet mask for the source address is 255.255.255.0.
The command is used to establish a stub network.

If your routing table has a static, an RIP, and an EIGRP route to the same network along with default route, which route will
default?
Static
RIP
EIGRP
Default

ASBR must be present in Area 0

Type 5 LSA's are forwarded to NSSA

RIP,OSPF and EIGRP are configured on a router which have metric of 4, 2 and 205862 respectively for same destination net
installed in routing table
RIP
OSPF
EIGRP
All of them
None

Which command displays the current port security and status of a switch port
show interfaces port-security
show port-security interface
show ip interface
show interfaces switchport

Which of the below are trunking methods

802.1w
802.1q
802.1x
ISL

Which of the following commands will provide information about trunked port Fa 0/15
show interfaces trunk
sh interfaces fastEthernet 0/15 switchport
sh interfaces switchport
sh switchport

What is the only type of second VLAN of which an access port can be a member?
Secondary
Voice
Primary
Access

On a router subinterface, what must you configure for IP to communicate?

IP address
vlan ID
MAC address
None

"access-list 10 deny host 192.168.10.3" What does this command do when applied on interface Fa0/1?
deny any traffic from host 192.168.10.3 on interface Fa 0/1
deny all traffic on interface Fa 0/1
deny any traffic from host 192.168.10.3 on all interfaces of router
deny all traffic from host 192.168.10.3 to any remote network

show ip interface fa0/1 - Which of the below are included in output of stated command
Physical link and protocol status
IP address
Access-list configured
MAC address

You need to create an access list that will prevent hosts in the network range of 192.168.160.0 to 192.168.191.0. Which of
use?
access-list 10 deny 192.168.160.0 255.255.224.0
access-list 10 deny 192.168.160.0 0.0.191.255
access-list 10 deny 192.168.160.0 0.0.31.255
access-list 10 deny 192.168.0.0 0.0.31.255

Which of the following access lists will allow only HTTP traffic into network 196.15.7.0
access-list 100 permit tcp any 196.15.7.0 0.0.0.255 eq www
access-list 10 deny tcp any 196.15.7.0 eq www
access-list 100 permit 196.15.7.0 0.0.0.255 eq www
access-list 110 permit ip any 196.15.7.0 0.0.0.255
access-list 110 permit www 196.15.7.0 0.0.0.255

Bridge ID of root bridge consists of below

Bridge priority
Port priority
Bridge MAC address
Port MAC address
None of above

BPDU Guard should be enabled on

Trunk ports
Access ports
Hybrid ports
Never enable BPDU guard

What should the configuration register value be after you successfully complete the password recovery procedure and retu
operation?
0x2100
0x2101
0x2102
0x2142

Based on the routing table shown below, when the router receives a packet destined to 10.10.20.18 where will the router f
Router#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
o - ODR, * - candidate default

Gateway of last resort is 10.22.18.1 to network 0.0.0.0

10.0.0.0/8 is variably subnetted, 4 subnets, 4 masks

C 10.22.18.1/24 is directly connected, FastEthernet0/0
S 10.0.0.0/8 [1/0] via 10.22.18.21
S 10.10.0.0/16 [1/0] via 10.22.18.31
S 10.10.10.0/24 [1/0] via 10.22.18.41
S 10.10.10.10/32 [1/0] via 10.22.18.51
S* 0.0.0.0/0 [1/0] via 10.22.18.1

10.22.18.41
10.22.18.51
10.22.18.31
10.22.18.21

You work at a Network Operations Center (NOC) providing support for end users. You receive a call from an end user who p
in his office and now he claims the port is no longer operational. What is most likely the problem?
Port Fast caused the port to go into ERR-Disable as multiple MAC addresses were detected on the switch port
The switch he plugged into the wall jack malfunctioned and damaged the port on the company switch.
BPDU Guard shutdown the port because it detected BPDUs.
Port Security shutdown the port because it detected BPDUs on the link

Based on the debug ip packet detailed information shown below, what type of packet is this and where is it destined to?
IP: s=172.16.22.1 (FastEthernet0/0), d=224.0.0.5, len 72, rcvd 0, proto=89

This is an OSPF Hello packet destined to 172.16.22.1

This is an OSPF packet destined to all DR and BDR Routers on the FastEthernet0/0 network segment.
This is an RIP Packet destined to all RIP routers on the FastEthernet0/0 network segment.
This is an OSPF packet destined to all OSPF routers on the FastEthernet0/0 network segment.

Which of the following are the valid numbers of standard ACL?

While you were troubleshooting a connection issue, a ping from one VLAN to another VLAN on the same switch failed. Wh
routing is enabled on interfaces and the local VLANs are up?
show ip interface brief
show ip nat statistics
show ip statistics
show ip route

Server load balancing provides

better network performance
better utiliation of physical servers
better server utilization by sending more requests to one server
a and b

Load balancing happens on

cookie name
source IP
destination IP
destination port

which of below is load balancing methods

Least connection
High connections
Round robin
short response

a,c,d

GSLB provides
server load balancing
network load balancing
server load balancing across geographical locations
network load balancing across geographical locations

In reverse proxy cache

request is served from real server
request is served from two real servers
request is served from four real servers
request is served from cache server

Virtual clustering provides

Fault tolernace for physical appliances
Fault tolerance for VIP's

b
what is vpn
secured connecction over public
secured connection over private network

What is stateful inspection

dynamic packet filtering where sessions are monitored
static packet filtering where sessions are logged

Why is Digital signatures used

verify authenticity of certificate authority
verify authenticity of sender
verify authenticity of receiver
verify integrity of sender

Advantages of GRE
GRE tunnels connect discontinuous sub-networks.
GRE tunnels allow VPNs across wide area networks (WANs).
GRE tunnels encase multiple protocols over a single-protocol backbone.
GRE tunnels provide workarounds for networks with limited hops
All of above
e

Firewalls work at what layer?

1
2
3
4
6
7

c,d,f

What is IP spoofing
target's source mac address is manipulated
target's source IP address is manipulated
target's destination IP address is manipulated
target's destination mac address is manipulated

IPS can detect

brute force attacks
vulnerabilities
DOS
all of the above

Types of methods that IPS uses to detect abnormal traffic

Signature-Based
Anomaly-Based
Policy-Based
Protocol-Analysis-Based
all of the above
a and c

DNS zone transfer happens on which port number

53
54

Secure remote access which can be used instead of telnet happens on which port number
22
2222

If you see 3 astericks for a hop in traceroute, what do they indicate

ICMP is blocked
ICMP time exceeded is blocked
ICMP is allowed
ICMP replies are blocked

Defence in depth is combination of below

IPS
antivirus
IDS
firewall
server ahrdening
all of the above

transparent firewall acts at

Layer 2
Layer 3
Layer 4
Layer 7

A firewall cannot protect

Outside attacks
Insider intruder attacks

Network layer firewalls are implemented by

ACL's
Policies

proxy servers are

applications that mediate between intranet and internet
applications that mediate between clients and hosts

What is perimiter based security

Securing entry points
Securing all exit points
Securing all entry and exit points

IDS can prevent future attacks

Yes
No

IPS can detect and prevent zero day threats

Yes
No

What is dual homing

A network with two or more exit/entry points
A network with only one exit/entry point

a
What is needed for Host based security
Antivirus
IPS
both a and b
none

What is logging
record all events on computer/router/firewall
archive all events on computer/router/firewall

Stealth rule applies for

servers behind the firewall
all devices behind firewall
firewall itself

Clean up rule
drops all traffic which is not allowed specifically
allows all traffic which is not allowed specifically
cleans all traffic which is not allowed specifically

Source NAT is
Natting either source or destination IP address
Natting only source IP address
Natting only destination IP address

Types of VPN
Site to site
Remote access
GRE

a and b

Explicit rule in Checkpoint is

Allows any traffic by default
Allow/deny only matched traffic
Deny any traffic by default
b

Port forwarding is possible in

Automatic NAT
Manual NAT

Which protocol uses both TCP and UDP

DNS
FTP
TFTP
DHCP

DNS Zone transfer happens using

TCP
UDP

NTP works on port

53
123
143
25

Web servers should be placed in

DMZ
Inside
Outside

QOS
Quality of service
Quantity of server

ARP is
IP to MAC resolution
MAC to IP resolution
Name to IP resolution
IP to Name resolution
a
a

ac

ac

d
cf

ab

d 64
32
0
2
1
c

be
c

de
d

be

ae
d

abc

ab

b
a

bd

ab

b
abc

ac

c
d

ab