Refer to the topology.

Using the information shown, answer the five questions shown

on the Questions tab.

Question 1:

On which router should a default route be configured?

A – on the ISP router

B – on R1
C – on R2
D – on R3
E – on R4

Answer: B

Question 2:

With all links operational and all routers converged, which of the following describes
the messaging between routers?

A – Hellos are sent every five seconds.

B – Multicasts are sent every 60 seconds.
C – Broadcasts are sent every 30 seconds.
D – No messaging unless the topology changes.

Answer: C
Question 3:

Which of the following describes the route update process if the interface from R4
connected to LAN 4 goes down?

A – No updates occur
B – R4 tells both R1 and R3 the network not accessible. Both R3 and R1 update R2.
C – R4 tells only R1 the network is not accessible. R1 updates R2 and R2 updates R3.
D – R4 tells only R3 the network is not accessible. R3 updates R2 and R2 updates R1.

Answer: B

Question 4:

Why would RIP be used rather than static routes on R1, R2, R3, and R4?

A – RIP creates more accurate than static routes.

B – RIP uses less network resources than do static routes.
C – RIP is supported by more different vendors equipment than static routes.
D – RIP requires less configuration to automatically adjust when links go down than
static routes.

Answer: D

Question 5:

On which router should a static route be configured?

A – on the ISP router

B – on R1
C – on R2
D – on R3
E – on R4

Answer: A

Question 1

As a network technician, you must know the various layers of the OSI model. At which
layers of the OSI Model do Wide Area Networks operate in? (Choose two)
A. Physical Layer
B. Datalink Layer
C. Network Layer
D. Session Layer
E. Transport Layer
F. Presentation Layer
G. Application Layer

Answer: A B

Explanation

Frame Relay is a high-performance WAN protocol that operates at the physical and data
link layers of the OSI reference model.

Question 2

Network equipment supporting the use of flow control mechanisms has been recently
installed in the network. What is the purpose of flow control in a data network?

A. It ensures that data is retransmitted if an acknowledgment is not received.

B. It reassembles segments in the correct order on the destination device.
C. It provides a mechanism for the receiver to control the transmission speed.
D. It regulates the size of each datagram segment.
E. All of the above are functions of flow control

Answer: C

Explanation

Flow control is the process that control the rates at which data is transferred between
two endpoints, enabling a receiving device to signal congestion to a sending device,
which allows for the sending device to temporarily halt transmission, alleviating
congestion at the receiving device.

Question 3

You are a network administrator working in the communication company. One day, you
find that the encapsulation has been altered by someone on a synchronous serial line
and this new configuration is not the optimal one. So you attempt to return the
encapsulation to the default. Which measure will you take to reach this goal?

A. Issue the shutdown then no shutdown commands to reset the encapsulation on the
interface.
B. Reboot the router and allow it to reload the configuration.
C. Configure the interface for HDLC encapsulation.
D. Change the encapsulation to ARPA.

Answer: C

Explanation

We can’t use the “shutdown” & “no shutdown” commands to reset the encapsulation
because it doesn’t affect the encapsulation type -> A is not correct.

Reboot the router and reload the configuration can solve this problem but other
configuration will be erased too -> not a good choice.

The question asks “attempt to return the encapsulation to the default” and the default
encapsulation on a Cisco router is HDLC so we can configure the interface for HDLC
encapsulation -> C is the correct.

D is not correct as ARPA is not the default WAN encapsulation of a Cisco router.
ARPA is the standard Ethernet version 2.0 encapsulation.

Question 4

During your interview for a network administrator job, your interviewer gives you some
statements to judge. The following options are all related to the configuration of a serial
link on a Cisco router. You should point out which one is the correct. What is your
answer?

A. The clock rate command is a requirement for DCE interfaces.

B. If the clock rate command is configured, then the bandwidth command is required.
C. If the bandwidth command is configured, then the clock rate command is required.
D. Cisco routers are DCE devices.

Answer: A

Explanation

The purpose of DCE equipment is to provide clocking and switching services in a

network. Clock rate doesn’t have a default value so we have to configure it manually
(while bandwidth does have a default value). Cisco routers can be configured as DTE or
DCE devices.

Implementation SIM 2
April 16th, 2011 in LabSim Go to comments
This topology contains 3 routers and 1 switch. Complete the topology.

Drag the appropriate device icons to the labeled Device

Drag the appropriate connections to the locations labeled Connections.
Drag the appropriate IP addresses to the locations labeled IP address

(Hint: use the given host addresses and Main router information)
To remove a device or connection, drag it away from the topology.

Use information gathered from the Main router to complete the configuration of
any additional routers. No passwords are required to access the Main router. The
config terminal command has been disabled for the HQ router. The router does not
require any configuration.

Configure each additional router with the following:

Configure the interfaces with the correct IP address and enable the interfaces.
Set the password to allow console access to consolepw
Set the password to allow telnet access to telnetpw
Set the password to allow privilege mode access to privpw

Note: Because routes are not being added to the configurations, you will not be
able to ping through the internetwork.
All devices have cable autosensing capabilities disabled.
All hosts are PC’s
Answer and explanation:

Specify appropriate devices and drag them on the “Device” boxes

For the device at the bottom-right box, we notice that it has 2 interfaces Fa0/2 and
Fa0/4; moreover the link connects the PC on the right with the device on the bottom-
right is a straight-through link -> it is a switch

The question stated that this topology contains 3 routers and 1 switch -> two other
devices are routers

Place them on appropriate locations as following:

(Host D and host E will be automatically added after placing two routers. Click on them
to access neighboring routers)

Specify appropriate connections between these devices:

+ The router on the left is connected with the Main router through FastEthernet
interfaces: use a crossover cable
+ The router on the right is connected with the Main router through Serial interfaces:
use a serial cable
+ The router on the right and the Switch: use a straight-through cable
+ The router on the left and the computer: use a crossover cable

(To remember which type of cable you should use, follow these tips:

- To connect two serial interfaces of 2 routers we use serial cable

– To specify when we use crossover cable or straight-through cable, we should
remember:
Group 1: Router, Host, Server
Group 2: Hub, Switch
One device in group 1 + One device in group 2: use straight-through cable
Two devices in the same group: use crossover cable

For example: we use straight-through cable to connect switch to router, switch to host,
hub to host, hub to server… and we use crossover cable to connect switch to switch,
switch to hub, router to router, host to host… )
Assign appropriate IP addresses for interfaces:

From Main router, use show running-config command:

(Notice that you may see different IP addresses in the real CCNA exam, the ones shown
above are just used for demonstration)

From the output we learned that the ip address of Fa0/0 interface of the Main router is
192.168.152.177/28. This address belongs to a subnetwork which has:

Increment: 16 (/28 = 255.255.255.240 or 1111 1111.1111 1111.1111 1111.1111 0000)

Network address: 192.168.152.176 (because 176 = 16 * 11 and 176 < 177)
Broadcast address: 192.168.152.191 (because 191 = 176 + 16 – 1)

And we can pick up an ip address from the list that belongs to this subnetwork:
192.168.152.190 and assign it to the Fa0/0 interface the router on the left

Use the same method for interface Serial0/0 with an ip address of 192.168.152.161

Increment: 16
Network address: 192.168.152.160 (because 160 = 16 * 10 and 160 < 161)
Broadcast address: 192.168.152.175 (because 176 = 160 + 16 – 1)

-> and we choose 192.168.152.174 for Serial0/0 interface of the router on the right
Interface Fa0/1 of the router on the left

IP (of the computer on the left) : 192.168.152.129/28

Increment: 16
Network address: 192.168.152.128 (because 128 = 16 * 8 and 128 < 129)
Broadcast address: 192.168.152.143 (because 143 = 128 + 16 – 1)

-> we choose 192.168.152.142 from the list

Interface Fa0/0 of the router on the right

IP (of the computer on the left) : 192.168.152.225/28

Increment: 16
Network address: 192.168.152.224 (because 224 = 16 * 14 and 224 < 225)
Broadcast address: 192.168.152.239 (because 239 = 224 + 16 – 1)

-> we choose 192.168.152.238 from the list

Let’s have a look at the picture below to summarize

Configure two routers on the left and right with these commands:
Router1 = router on the left

Assign appropriate IP addresses to Fa0/0 & Fa0/1 interfaces:

Router1>enable
Router1#configure terminal
Router1(config)#interface fa0/0
Router1(config-if)#ip address 192.168.152.190 255.255.255.240
Router1(config-if)#no shutdown

Router1(config-if)#interface fa0/1
Router1(config-if)#ip address 192.168.152.142 255.255.255.240
Router1(config-if)#no shutdown

Set passwords (configure on two routers)

+ Console password:

Router1(config-if)#exit
Router1(config)#line console 0
Router1(config-line)#password consolepw
Router1(config-line)#login
Router1(config-line)#exit

+ Telnet password:

Router1(config)#line vty 0 4
Router1(config-line)#password telnetpw
Router1(config-line)#login
Router1(config-line)#exit

+ Privilege mode password:

Router1(config)#enable password privpw

Save the configuration:

Router1(config)#exit
Router1#copy running-config startup-config

Configure IP addresses of Router2 (router on the right)

Router2>enable
Router2#configure terminal
Router2(config)#interface fa0/0
Router2(config-if)#ip address 192.168.152.238 255.255.255.240
Router2(config-if)#no shutdown
Router2(config-if)#interface serial0/0
Router2(config-if)#ip address 192.168.152.174 255.255.255.240
Router2(config-if)#no shutdown

and set console, telnet and privilege mode passwords for Router2 as we did for Router1,
remember to save the configuration when you finished

Implementation SIM
April 15th, 2011 in LabSim Go to comments

Question:

You have been hired by PC Consultants Incorporated to document the layout of the
network. Complete the following tasks:
Complete the network topology shown in the graphic by dragging the labels below with
the appropriate router types, interface types and IP addresses to the graphic. Find the
information you need by using the router console attached to the Home router.

Answer and Explanation:

First we have to find out the types of these routers to place them in correct positions by
using show cdp neighbors command on HOME router:

There are 3 columns we should pay more attention to:

+ Local Intrfce (Local Interface): the interface on the device you are using “show cdp
neighbors” command. In this case it is the interface of HOME router

+ Platform: the platform of neighbor device

+ Port ID: the neighbor device’s port or interface which links to the HOME router

From the exhibit, the “Local Interface”, “Platform” and “Port ID” columns, we can
identify where these four routers should be placed and their corresponding associated
ports

Finally, we need to identify the IP addresses of four interfaces on neighboring routers

using show running-config command:
And we can easily assign corresponding ip addresses to four neighbor routers, which are
on the same network with HOME router’s interfaces

Please remember in the real CCNA Exam the routers’ types, ip addresses and interfaces
may be different! So make sure you understand how it works!

Question 1
As a network technician, you must know the various layers of the OSI model. At which
layers of the OSI Model do Wide Area Networks operate in? (Choose two)

A. Physical Layer
B. Datalink Layer
C. Network Layer
D. Session Layer
E. Transport Layer
F. Presentation Layer
G. Application Layer

Answer: A B

Explanation

Frame Relay is a high-performance WAN protocol that operates at the physical and data
link layers of the OSI reference model.

Question 2

Network equipment supporting the use of flow control mechanisms has been recently
installed in the network. What is the purpose of flow control in a data network?

A. It ensures that data is retransmitted if an acknowledgment is not received.

B. It reassembles segments in the correct order on the destination device.
C. It provides a mechanism for the receiver to control the transmission speed.
D. It regulates the size of each datagram segment.
E. All of the above are functions of flow control

Answer: C

Explanation

Flow control is the process that control the rates at which data is transferred between
two endpoints, enabling a receiving device to signal congestion to a sending device,
which allows for the sending device to temporarily halt transmission, alleviating
congestion at the receiving device.

Question 3

You are a network administrator working in the communication company. One day, you
find that the encapsulation has been altered by someone on a synchronous serial line
and this new configuration is not the optimal one. So you attempt to return the
encapsulation to the default. Which measure will you take to reach this goal?
A. Issue the shutdown then no shutdown commands to reset the encapsulation on the
interface.
B. Reboot the router and allow it to reload the configuration.
C. Configure the interface for HDLC encapsulation.
D. Change the encapsulation to ARPA.

Answer: C

Explanation

We can’t use the “shutdown” & “no shutdown” commands to reset the encapsulation
because it doesn’t affect the encapsulation type -> A is not correct.

Reboot the router and reload the configuration can solve this problem but other
configuration will be erased too -> not a good choice.

The question asks “attempt to return the encapsulation to the default” and the default
encapsulation on a Cisco router is HDLC so we can configure the interface for HDLC
encapsulation -> C is the correct.

D is not correct as ARPA is not the default WAN encapsulation of a Cisco router.
ARPA is the standard Ethernet version 2.0 encapsulation.

Question 4

During your interview for a network administrator job, your interviewer gives you some
statements to judge. The following options are all related to the configuration of a serial
link on a Cisco router. You should point out which one is the correct. What is your
answer?

A. The clock rate command is a requirement for DCE interfaces.

B. If the clock rate command is configured, then the bandwidth command is required.
C. If the bandwidth command is configured, then the clock rate command is required.
D. Cisco routers are DCE devices.

Answer: A

Explanation

The purpose of DCE equipment is to provide clocking and switching services in a

network. Clock rate doesn’t have a default value so we have to configure it manually
(while bandwidth does have a default value). Cisco routers can be configured as DTE or
DCE devices.

Question 5
As a network technician, you should know how to gain information from the exhibit.
According to the command output displayed in the following exhibit, please point out
the correct description about interface Serial 0/0/0.

Exhibit

Router#show running-config
Building configuration

Current configuration :59 bytes

<output omitted>

interface Serial0/0/0
ip address 209.165.200.225 255.255.255.224
!

A. The configuration is incomplete, which will cause the interface status to be

“Serial0/0/0 is down, line protocol is down”
B. The interface is using Cisco HDLC for layer 2 encapsulation.
C. The configuration is incomplete, which will cause the interface status to be
“Serial0/0/0 is up, line protocol is down”.
D. A ping to the remote address 209.165.200.226 will be successful.

Answer: B

Explanation

The configuration is correct and the “no shutdown” command was used (because we
don’t see a “shutdown” line in the output) so we can see at least “Serial0/0/0 is up” -> A
is not correct.

Although the configuration is correct but we don’t know if this interface is connected
with another router or not. If it is connected with another interface (on another router)
and that interface is up, we will see the “Serial0/0/0 is up, line protocol is up”.
Otherwise we will see “Serial0/0/0 is up, line protocol is down” -> we can’t guarantee
answer C is correct.

Answer D is the same with C because we don’t know if the remote interface
209.165.200.226 exists (and turned up) or not.

For WAN interface (serial interface), the default layer 2 encapsulation is HDLC -> B is
correct.

Question 6
Router2#show interface serial 0/0
Serial0/0 is up, line protocol is down
Hardware is PowerQUICC Serial
Internet address is 172.16.10.1/30
MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255 load 1/255
Encapsulation HDLC, loopback not set, keepalive set (10 sec)
<output omitted>

You work as a network administrator. You study the exhibits carefully. The corporate
office and branch office have been attached through two non-Cisco routers over a
highly reliable WAN connection over a year. A new Cisco router has been installed to
replace the hardware at the branch location. Since the installation, IP communication
cannot be verified across the link.

Given the output on router R1, what could be a logical first step to take to resolve this
problem?

A. Ensure an exact match between the bandwidth setting on Router1 and Router2
B. Change the encapsulation on Router1 to PPP.
C. Change the bandwidth setting on Router1 to match the actual line speed
D. Verify successful DCE communication between the two sites.
E. Verify Layer1 communication on the Router1 Serial0/0 interface

Answer: B

Explanation

HDLC is a Cisco proprietary protocol so we can’t use it when connecting to a non-

Cisco router. PPP is the standard protocol that is widely supported and used by many
ISPs.

Question 7
From the choices shown above, which port can be used for a WAN T1 connection?

A. Console
B. Serial 0
C. AUI
D. BRI
E. None of the other alternatives apply

Answer: B

Explanation

The console port is intended for local administrative access from an ASCII terminal or a
computer using a terminal emulator.

Serial ports support WAN T1 connection.

Attachment Unit Interface (AUI) ports are designed to connect to an external transceiver
for conversion to a specific media type (such as twisted pair, coax, or fiber). AUI can
transfer only 1 bit at a time.

BRI ports are used for ISDN services (mostly voice).

Question 8

A WAN connection is shown below:

Based on this diagram, which two devices can be used to complete the connection
between the WAN router at the customer site and the service provider? (Choose two)

A. CSU/DSU
B. modem
C. WAN switch
D. ATM switch
E. Frame Relay switch
F. ISDN TA

Answer: A B
Explanation

A modem or CSU/DSU can provide clock rate so it can be used for the topology above.

The Channel Service Unit (CSU) can echo loopback signals from the phone company
for testing purposes.

The Data Service Unit (DSU) manages line control, and converts input and output
between RS-232C, RS-449, or V.35 frames from the LAN and the time-division
multiplexed (TDM) DSX frames on the T-1 line. The DSU provides a modem-like
interface between the computer as Data Terminal Equipment (DTE) and the CSU.

Security Testlet
April 25th, 2011 in ICND1 Go to comments

Question

Not sure about the requirement of this question but it is something like this:

Before this switch and router can be put to use in the network, what security risks can
be found…

We are still not sure about the configurations in this sim but we got some information to
share with you (updated on December-07-2011. Thanks Joe Mendola, xallax and many
candidates who share the information!):

Maybe this is the configurations on Router and Switch (but notice that they are surely
missing something):
ROUTER A CONFIGURATION

!
no service password-encryption
!
enable password cisco
!
username ciscouser privilege 15 password 0 cisco
!
banner motd ^CWelcome! If you encountered any problem, please consult the
administrator^C
!
line vty 0 4
password 4t&34rkf
login local
transport input telnet ssh
!

SWITCH A CONFIGURATION

!
no service password-encryption
!
line console 0
line vty o 4
no login
transport input telnet ssh (????)
line vty 5 15 (????)
login (????)
transport input telnet ssh (????)
banner motd ^CWelcome! If you encountered any problem, please consult the
administrator^C

Note: This is just what we gather and guess. In the exam the configurations may be
different so make sure you understand about “enable secret”, “enable password”,
“login”, “login local”, “transport input”, “line vty”, “service password-
encryption”, “bannder motd”, “privilege” before taking this exam!

This sim has 4 questions:

Question 1

Identify security threats on RouterA (select 3)

A. unencrypted password set

B. unsecured message on banner
C. remote access can only be made through telnet or SSH
D. user gets level 15 automatically by default

Answer: A C D

Guideline to answer this question:

Because the “service password-encryption” is not set on RouterA so the password to

access privileged mode (via the command “enable password cisco”) is unencrypted.
Also, the password for VTY is unencrypted (notice that the password “4t&34rkf” is in
fact unencrypted) -> A is correct.

Although the banner says “Welcome …” but it does not leak any security information
so it is still safe -> B is not correct.

From the command “transport input telnet ssh” we learn that remote access can be mad
through telnet or SSH. This is also the default setting of Cisco router -> C is correct.

In the “line vty 0 4″ configuration, the type of login is specified as “login local”. It
means that the router will not use the password configured under “line vty 0 4″ (in this
case “4t&34rkf”) but it will use the user & password configured in “username ciscouser
privilege 15 password cisco” command. The command “username ciscouser privilege
15 password cisco” will grant the privilege of 15 for “ciscouser” user -> D is correct.

Question 2

Which two of the following are true regarding the configuration of RouterA (choose
two)

A. at least 5 simultaneous remote connect are possible

B. only telnet protocol connections to Router A are supported
C. remotely connection to RouterA using telnet will succeed
D. console line connection will never time out due to inactivity
E. since DHCP is not used on Fa0/1 there is not a need to use the NAT protocol

Answer: A C

Guideline to answer this question:

A is correct as we can telnet from line 0 to line 4 (line vty o 4).

We can use both telnet and SSH to connect to this router (transport input telnet ssh) ->
B is not correct.

C is correct as we can telnet to it.

D is not correct because by default, the timeout is set to 10 minutes on both the console
and the vty ports.

E is not correct as NAT can be used even DHCP is not used.

Question 3

Select the options which are security issues which need to be modified before RouterA
is used (not sure how many answers we can choose)

A. unencrypted weak password is configured to protect privilege mode

B. inappropriate wording in banner message
C. the virtual terminal lines have weak password configured
D. virtual terminal lines have a password, but it will not be used
E. configuration supports in-secure web server access

Answer: A D

Guideline to answer this question:

Privilege mode on RouterA is protected with unencrypted password (via “enable

password” command) -> A is correct.

B is not correct as mentioned above.

The password of VTY lines is “4t&34rkf”. Although it is unencrypted but it is not a

weak password because it has number & special characters inside -> C is not correct.

Although a password of “4t&34rkf” is configured but with the command “login local”,
router will use the username of “ciscouser” & password of “cisco” (configured in
“username ciscouser privilege 15 password 0 cisco” command) -> D is correct.

By checking the configuration of routerA with the “show run” command. To support
web server access it must have the command “ip http server” but it does not -> E is not
correct.

Question 4

Select three options which are security issues with the current configuration of Switch
A. (Choose three)

A. privilege mode is protected with an unencrypted password

B. inappropriate wording in banner message
C. virtual terminal lines are protected only by a password requirement
D. both the username and password are weak
E. telnet connections can be used to remotely manage the switch
F. Cisco user will be granted privilege level 15 by default
Answer: not sure

Guideline to answer this question:

We haven’t had enough information about switch configuration so we can’t be sure

about the correct answers but the below is a guideline:

Answer B is surely not correct as the wording in banner does not leak any security
information.

If under “line vty 0 4″ you see the “login” command but it does not have a password
then maybe answer C is correct. In this case if we try to telnet/ssh to the switch then we
will receive a message “Password required, but none set” then we are kicked out ^^.

If you see popular username and password then maybe answer D is correct.

If the command “transport input …” specifies “telnet” as a method then answer E is

correct.

For answer F, if you see something like this:

line vty 0 4
privilege level 15

or these lines:

username ciscouser privilege 15 password cisco

and

login local (in “line vty 0 4″)

then answer F is correct.

ARP Testlet
April 24th, 2011 in ICND1 Go to comments

This is a testlet. The testlet consists of 4 questions that relate to the scenario below:
Directions: Refer to the exhibit. This testlet consists of four questions that address steps
in the process of data communication between host F and the server named WWW” on
another LAN. You are free to move back and forth between the questions to review
your answers.

Question 1:

In order to begin communicating with the server, host F sends out an ARP request. How
will the devices exhibited in the topology respond to this request?

A – Switch West _1 will reply with the MAC address of the server.
B – Hosts D and E will respond that the destination is not on the local LAN.
C – Router SFX will forward the ARP request to the ILM router .
D – Switch West _1 will block the request since the server is not on the LAN.
E – The ILM router will respond with the IP address of the WWW server.
F – Router SFX will respond with the MAC address of its Fa0/0 interface.

Answer: F

Explanation:

Because the server WWW is on another LAN of host F, host F knows that it has to send
its packets to the default gateway. Therefore, for the first time, it will send out an ARP
broadcast message asking for the MAC address of router SFX. Router SFX receives this
message and replies with the MAC address of Fa0/0 interface. Later, when host F wants
to send packets to WWW server, it will include the IP address of WWW server and the
MAC address of Fa0/0 interface of SFX router in the “destination IP address” and
“destination MAC address” fields, respectively.

Question 2:

The ARP reply has been received by host F, which needs to build the packet. What
information will be placed in the header of the packet that leaves host F if host F is to
communicate with the WWW server? (Choose two)
A – The destination address will be the IP address of interface Fa0/0 of the ILM router .
B – The destination address will be the IP address of the WWW server.
C – The destination address will be the IP address of interface Fa0/0 of router SFX.
D – The source address will be the IP address of host F.
E – The source address will be the IP address of interface Fa0/0 of router SFX.
F – The destination address will be the IP address of interface Fa0/0 of router SFX.

Answer: B D

Explanation:

After receiving ARP reply from SFX router, host F will place these fields in the header
of the packets:

Source addresses: the IP address of host F and the MAC address of host F
Destination addresses: the IP address of WWW server and the MAC address of SFX
router

Question 3:

The frame has been received by the ILM router and is to be delivered on the local LAN.
Which two statements describe the addressing of the Ethernet frame that has been
created by the ILM router ? (Choose two)

A – The destination address will the be the MAC address of the switch A port attached
to the Fa0/0 interface of the ILM router .
B – The destination address will be the MAC address of the WWW server.
C – The destination address will be the MAC address of the A switch port attached to
the WWW server.
D – The source address will be the MAC address of host F.
E – The source address will be the MAC address of interface Fa0/0 of the ILM router.

Answer: B E

Question 4:

Host F is displaying two World Wide Web documents from the WWW server in two
browser windows at the same time. How did the data find its way to the correct browser
windows?

A – The IP source addresses of the packets will be used to direct the data to the correct
browser window.
B – The browsers track the data by the URL.
C – TCP port numbers are used to direct the data to the correct application window.
D – The OSI application layer tracks the conversations and directs them to the correct
browser.
Answer: C

Explanation:

TCP and UDP protocol port numbers are designed to distinguish multiple applications
running on a single device from one another. In the TCP and UDP header, there are
“Source Port” and “Destination Port” fields which are used to indicate the message
sending process and receiving process identities defined. The combination of the IP
address and the port number is called “socket”.

Operations
April 5th, 2011 in ICND1 Go to comments

Here you will find answers to operation questions in ICND 1 exam

Question 1:

Refer to the exhibit. The junior network support staff provided the diagram as a
recommended configuration for the first phase of a four-phase network expansion
project. The entire network expansion will have over 1000 users on 14 network
segments and has been allocated this IP address space:

192.168.1.1 through 192.168.5.255

192.168.100.1 through 198.168.100.255

What are three problems with this design? (Choose three)

A – The AREA 1 IP address space is inadequate for the number of users.
B – The AREA 3 IP address space is inadequate for the number of users.
C – AREA 2 could use a mask of /25 to conserve IP address space.
D – The network address space that is provided requires a single network-wide mask.
E – The router-to-router connection is wasting address space.
F – The broadcast domain in AREA 1 is too large for IP to function.

Answer: A C E

Question 2:

Refer to the exhibit. A technician is testing connection problems in the internetwork.

What is the problem indicated by the output from HostA?
A – The routing on Router2 is not functioning properly.
B – An access list is applied to an interface of Router3.
C – The Fa0/24 interface of Switch1 is down.
D – The gateway address of HostA is incorrect or not configured.

Answer: D

Explanation:

When trying to ping the IP 192.168.3.254,you received the replies from that IP. It
means that you can reach the Fa0/0 interface of Router1. But notice that the IP of host A
(192.168.3.1/24) and the IP of the Fa0/0 interface of Router 1 (192.168.3.254/24) are on
the same network. So you don’t need a gateway address configured on HostA.
Therefore you can’t conclude the gateway address of HostA was configured correctly.

Lately, you tried to use the tracert command to reach another network (192.168.4.7). In
this case, a gateway address was required for reaching the network of hostB. But the
result told that “Destination host unreachable” – means that Host A can not find a route
to Host B -> The gateway address of Host A was incorrect (something other than
192.168.3.254) or not configured is a possibility.

A and B are incorrect because if there is a mis-configuration on Router 2 or Router 3

(while Router 1 is configurated correctly), you will see at least one successful line when
using tracert command likes the bold line below:

PC>tracert 192.168.4.7

Tracing route to 192.168.4.7 over a maximum of 30 hops:

1 62 ms 62 ms 46 ms 192.168.3.254
2 * * * Request timed out.

C is incorrect because we can ping Router 1 -> port Fa0/24 on Switch 1 was turned on
and running correctly.

Question 3:

Refer to the exhibit. The internetwork is using subnets of the address 192.168.1.0 with a
subset mask of 255.255.255.224. The routing protocol in use is RIP version 1. Which
address could be assigned to the FastEthernet interface on RouterA?

A – 192.168.1.31
B – 192.168.1.64
C – 192.168.1.127
D – 192.168.1.190
E – 192.168.1.192

Answer: D

Explanation:

255.255.255.224 = 1111 1111.1111 1111.1111 1111.1110 0000 (binary form)

Increment: 32

First subnetwork: 192.168.1.0 -> 192.168.1.31 (A is incorrect because 192.168.1.31 is

a broadcast address)
Second subnetwork: 192.168.1.32 -> 192.168.1.63
Third subnetwork: 192.168.1.64 -> 192.168.1.95 (B is incorrect because 192.168.1.64
is a network address)
Fourth subnetwork: 192.168.1.96 -> 192.168.1.127 (C is incorrect because
192.168.1.127 is a broadcast address)
Fifth subnetwork: 192.168.1.128 -> 192.168.1.159
Sixth subnetwork: 192.168.1.160 -> 192.168.1.191 (D is correct because
192.168.1.190 is the last assignable host address of this subnetwork)
Seventh subnetwork: 192.168.1.192 -> 192.168.1.224 (E is incorrect because
192.168.1.192 is a network address)
Question 4:

Refer to the exhibit. For security reasons, information about RTA, including platform
and IP addresses, should not be accessible from the Internet. This information should,
however, be accessible to devices on the internal networks of RTA. Which command or
series of commands will accomplish these objectives?

A – RTA(config)#no cdp run

B – RTA(config)#no cdp enable
C – RTA(config)#interface s0/0
RTA(config-if)#no cdp run
D – RTA(config)#interface s0/0
RTA(config-if)#no cdp enable

Answer: D

Question 5:

Refer to the exhibit, PC1 pings PC2. What three things will CORE router do with the
data that is received from PC1? (Choose three)
A – The data frames will be forwarded out interface FastEthernet0/1 of CORE router.
B – The data frames will be forwarded out interface FastEthernet1/0 of CORE router.
C – CORE router will replace the destination IP address of the packets with the IP
address of PC2.
D – CORE router will place the MAC address of PC2 in the destination MAC address
of the frames.
E – CORE router will put the IP address of the forwarding FastEthernet interface in the
place of the source IP address in the packets.
F – CORE router will put the MAC address of the forwarding FastEthernet interface in
the place of the source MAC address.

Answer: B D F

Subnetting Questions
April 1st, 2011 in ICND1 Go to comments

Here you will find answers to subnetting questions in ICND 1 exam

Note: If you are not sure about subnetting, please read my Subnetting tutorial.

Question 1:

Refer to the exhibit. The goal of this network design is to provide the most efficient use
of IP address space in a network expansion. Each circle defines a network segment and
the number of users required on that segment. An IP subnetwork number and default
gateway address are shown for each segment.

What are three problems with the network design as shown? (Choose three)
A – Interface fa0/3 has an IP address that overlaps with network 10.1.3.0/30.
B – Interface fa0/1 has an invalid IP address for the subnet on which it resides.
C – Interface fa0/2 has an invalid IP address for the subnet on which it resides.
D – Network 10.1.2.0/25 requires more user address space.
E – Network 10.1.3.128/25 requires more user address space.
F – The IP subnet 10.1.1.0/30 is invalid for a segment with a single server.

Answer: A B D

Question 2:

If an ethernet port on a router was assigned an IP address of 172.16.112.1/20, what is

the maximum number of hosts allowed on this subnet?

A – 1024
B – 2046
C – 4094
D – 4096
E – 8190
Answer: C

Question 3:

Refer to the exhibit. The internetwork is using subnets of the address 192.168.1.0 with a
subnet mask of 255.255.255.224. The routing protocol in use is RIP version 2. Which
address could be assigned to the FastEthernet interface on RouterA?

A – 192.168.1.31
B – 192.168.1.64
C – 192.168.1.127
D – 192.168.1.190
E – 192.168.1.192

Answer: D

Question 4:

Refer to the exhibit. HostA cannot ping HostB. Assuming routing is properly
configured, what could be the cause of this problem?
A – HostA is not on the same subnet as its default gateway.
B – The address of SwitchA is a subnet address.
C – The Fa0/0 interface on RouterA is on a subnet that can’t be used.
D – The serial interfaces of the routers are not on the same subnet.
E – The Fa0/0 interface on RouterB is using a broadcast address.

Answer: D

Question 1:

Drag the appropriate command on the left to the configuration task it accomplishes (not
all options are used)

Answer:

1) service password-encryption
2) line console 0
password friendS0nly
3) enable secret noWay1n4u
4) line vty 0 4
password 2hard2Guess
5) enable password uwi11NeverNo

Question 2:

Construct the command sequence to configure an IP address on a serial interface (not all
options are used)

Answer:

1) Hub# configure terminal

2) Hub(config)# interface s0/0
3) Hub(config-if)# ip address 10.8.5.255 255.255.252.0
4) Hub(config-if)# no shutdown
5) Hub(config-if)# description T1 to WAN

Explanation:
One thing interesting in the answers is that the command ip address “10.8.5.255
255.255.252.0″ (answer 3) is correct because 10.8.5.255 255.255.255.0 is not a
broadcast address. Let’s analyze this case a bit closer:

Increment: 4 for the third octet (255.255.252.0 = 1111 1111.1111 1111.1111 1100.0000
0000)
First subnetwork range: 10.8.0.0 to 10.8.3.255
Second subnet range: 10.8.4.0 to 10.8.7.255
…

Therefore 10.8.3.255 and 10.8.7.255 are the broadcast addresses but not 10.8.5.255. So
we can assign this address to s0/0 interface.

( Notice that the command Hub(config)# ip address 172.16.20.21 255.255.255.0 is only

correct only if it is in interface mode, which is Hub(config-if)# )

Question 3:

Drag the commands on the left to the appropriate functions on the right (Not all options
are used)

Answer:
1) ipconfig /all
2) tracert
3) telnet
4) ping 127.0.0.1
5) arp -a

Drag and Drop Questions 2

March 28th, 2011 in ICND1 Go to comments

Here you will find answers to ICND 1 – Drag and Drop Questions Part 2

Question 1

As a CCNA candidate, you should master the functions of various commands. Look at
the following items, some commands are listed on the left. The related roles are listed
on the right in a wrong sequence. Please match them together. (Not all options are used)

Answer:

1) Router#copy tftp flash: replace the IOS image

2) Router#copy flash tftp: backup the current IOS image
3) Router#copy running-config tftp: make a backup copy of configuration in RAM
4) Router#copy running-config startup-config: make the configuration in RAM the
configuration the router will use on startup
5) Router#copy tftp running-config: merge a backup configuration with the
configuration in RAM

Explanation
First please notice that by saying “replace” we often mean changes to NVRAM and
TFTP while saying “merge” or “add” we mean changes to RAM. Next we should
review the syntax of “copy” command:

Syntax: copy <source> <base config filename> <destination> <destination

filename.txt>

1) By default, the flash memory in a router is used to store the Cisco IOS image so the
requirement “replace the IOS image” means that moving file somewhere to the flash
memory. In the left columns we only have one choice which has the flash as the
destination ->copy tftp flash.

2) Same explanation as above, when saying “backup the current IOS image” the flash
takes the role as the source ->copy flash tftp. And “backup” means we should copy it to
somewhere like tftp server, CDROM…

3) The running-config is stored in the RAM so “make a backup copy of configuration in

RAM” means copy running configuration from RAM so backup server (tftp) -> copy
running-config tftp

4) “copy running-config startup-config” is a very common command so no more

explanation needed.

5) After solving 4 boxes above, we only have two choices left: “copy tftp running-
config” & “copy flash running-config”. The bottom-right box says “merge a backup
configuration” so it should be the tftp server and the command here is copy tftp
running-config.

Wireless Questions
March 25th, 2011 in ICND1 Go to comments

Here you will find answers to Wireless Questions – Part 1

If you are not sure about Wireless, please read my Wireless tutorial and Basic Wireless
Terminologies

Question 1

Which wireless LAN design ensures that a mobile wireless user will not lose
connectivity when moving from one access point to another on the WLAN?

A. Utilizing MAC address filtering to allow the client MAC address to authenticate with
the surrounding APs
B. Using adapters and access points manufactured by the same company
C. Overlapping the wireless cell coverage by at least 10%
D. Configuring all access points to use the same channel
Answer: C

Explanation

By using more than one Access Point (AP) we can create overlapping cells to allow
roaming in a larger area. But we have to ensure that two APs must have at least 10%
coverage overlap and they use non-overlapping channels.

Question 2

You need to troubleshoot an interference issue with the wireless LAN. Which two
devices can interfere with the operation of this network because they operate on similar
frequencies? (Choose two)

A. Microwave oven
B. AM radio
C. Toaster
D. Copier
E. Cordless phone
F. IP phone
G. Ipod

Answer: A E

Explanation

Microwave oven and cordless phone radiate energy in the 2.4 GHz unlicensed band so
they can interfere with some WLAN standards. As the result of that, you can’t hear
clearly on the phone or can’t surf web.

Question 3

Which of the following data network would you implement if you wanted a wireless
network that had a relatively high data rate, but was limited to very short distances?

A. Broadband personal comm. Service (PCS)

B. Broadband circuit
C. Infrared
D. Spread spectrum
E. Cable

Answer: C

Explanation
Infrared typically requires a line-of-sight (your TV remote control, for example) which
means that it is limited to very short distances. I am not sure if it is considered “relative
high data rate” but infrared can transfer up to 4Mpbs.

Question 4

You need to add a wireless access point to a new office. Which additional configuration
step is necessary in order to connect to an access point that has SSID broadcasting
disabled?

A. Configure open authentication on the AP and the client

B. Set the SSID value in the client software to public
C. Set the SSID value on the client to the SSID configured on the AP
D. Configure MAC address filtering to permit the client to connect to the AP

Answer: C

Explanation

Service Set Identifier (SSID) is the term to identify a WLAN. In most cases SSID is
broadcast by the AP, the user only needs to select that SSID and provides a correct
password to access it. But in some cases for security reason, the SSID can be disabled.
Users can only access to that network if they type both SSID and password correctly.

Question 5

You need to secure a new access point on the a wireless network. Which two practices
help secure the configuration utilities on wireless access points from unauthorized
access? (Choose two)

A. Changing the default SSID value

B. Configuring traffic filtering
C. Changing the mixed mode setting to single mode
D. Configuring a new administrator password
E. Assigning a private IP address to the AP

Answer: A D

Explanation

To improve security, you should change the default SSID value on your AP. For
example, Linksys routers (which are produced by Cisco) typically have an SSID of
“linksys” -> A is correct.
In an AP we can configure traffic filtering but it is mainly used for filtering which
services clients can use, IP ranges, ports, websites, time access… It has no effect on
securing your AP -> B is not correct.

“Mixed mode” here means we can configure AP to allow clients to use different
standard like 802.11b, g or n. But setting it to single mode doesn’t have any security
protection on it -> C is not correct.

We should also change the administrator password because everyone can access to the
admin page of an AP by open a web browser and type the IP address of that AP (for
example: http://192.168.1.1). Typically, Linksys Wireless routers have a default
username/password of “admin/admin” or “admin/[blank]” which are easily guessed or
found out -> D is correct.

We can access the AP by using a private IP address (in the same private network of the
AP – 192.168.1.1, for example) -> E is not correct.

Question 6

You need to determine the proper security settings on a new WLAN-capable office.
Which encryption type would WPA2 use in this office?

A. PSK
B. AES-CCMP
C. PPK via IV
D. TKIP/MIC
E. None of the other alternatives apply

Answer: B

Explanation

Advanced Encryption Standard (AES) is the cipher system used by RSN. It is the
equivalent of the RC4 algorithm used by WPA. However the encryption mechanism is
much more complex and does not suffer from the problems associated with WEP. AES
is a block cipher, operating on blocks of data 128bits long.

CCMP is the security protocol used by AES. It is the equivalent of TKIP in WPA.
CCMP computes a Message Integrity Check (MIC) using the well known, and proven,
Cipher Block Chaining Message Authentication Code (CBC-MAC) method. Changing
even one bit in a message produces a totally different result.

The AES-CCMP encryption algorithm used in the 802.11i (WPA2) security protocol. It
uses the AES block cipher, but restricts the key length to 128 bits. AES-CCMP
incorporates two sophisticated cryptographic techniques (counter mode and CBC-
MAC) and adapts them to Ethernet frames to provide a robust security protocol between
the mobile client and the access point.
Question 7

What is one reason why WPA encryption is preferred over WEP in this network?

A. The WPA key values remain the same until the client configuration is changed.
B. The values of WPA keys can change dynamically while the system is used.
C. The access point and the client are manually configured with different WPA key
values.
D. A WPA key is longer and requires more special characters than the WEP key.
E. None of the other alternatives apply

Answer: B

Explanation

Wireless Encryption Protocol (WEP) uses RC4 encryption and a static 64-bit key so it
can be easily broken as only 40-bits are encrypted and 24 bits are clear-text
IV(Initialization Vector). It was later upgraded to 128-bit, but the IV was still clear text
meaning it took slightly longer (minutes) to break-in.

WPA was introduced in 2003 as a replacement for WEP. WPA uses Temporal Key
Integrity Protocol (TKIP) to automatically change the keys. TKIP still uses RC4; it just
improves how it’s done

Question 8

In an effort to increase security within the wireless network, WPA is being utilized.
Which two statements shown below best describe the wireless security standard that is
defined by WPA? (Choose two)

A. It requires use of an open authentication method

B. It specifies use of a static encryption key that must be changed frequently to enhance
security
C. It includes authentication by PSK
D. It specifies the use of dynamic encryption keys that change each time a client
establishes a connection
E. It requires that all access points and wireless devices use the same encryption key
F. WPA works only with Cisc0 access points

Answer: C D

Question 9

You need to configure a new wireless access point for your network. What are three
basic parameters to configure an AP? (Choose three)
A. Authentication method
B. RTS/CTS
C. RF channel
D. SSID

Answer: A C D

Explanation

Below lists basic parameters to configure an AP

Wireless Questions 2
March 24th, 2011 in ICND1 Go to comments

Here you will find answers to Wireless – Part 2

If you are not sure about Wireless, please read my Wireless tutorial and Basic Wireless
Terminologies

Question 1

You have finished physically installing an access point on the ceiling at a newly opened
office. At a minimum, which parameter must you configure on the access point in order
to allow wireless clients to operate on it?

A. SSID
B. AES
C. TKIP
D. PSK
E. None of the other alternatives apply

Answer: A

Question 2

Part of the wireless LAN is shown below:

What two facts can be determined from the diagram of the WLAN shown above?
(Choose two)

A. Access points in each cell must be configured to use channel 1

B. The network diagram represents an extended service set (ESS)
C. The two APs should be configured to operate on different channels
D. The area of overlap of the two cells represents a basic service set (BSS)
E. The area of overlap must be less than 10% of the area to ensure connectivity
F. There are too many hosts on this WLAN

Answer: B C

Question 3

A single 802.11g access point has been configured and installed in the center of a square
shaped office. A few wireless users are experiencing slow performance and drops while
most users are operating at peak efficiency. From the list below, what are three likely
causes of this problem? (Choose three)

A. Null SSID
B. Mismatched TKIP encryption
C. Cordless phones
D. Antenna type or direction
E. Mismatched SSID
F. Metal file cabinets

Answer: C D F

Explanation

802.11g operates in 2.4 GHz ISM band. Some popular devices and technologies can
interfere 802.11g signal:

+ Newer cordless phones

+ Bluetooth
+ Microwaves
+ Metal surface (can cause interference)
+ Antenna (can reduce wireless signal)

Question 4

Three access points have been installed and configured to cover a small remote office.
What term defines the wireless topology?

A. SSID
B. BSS
C. ESS
D. IBSS
E. ASS

Answer: C

Question 5

Two workers have established wireless communication directly between their wireless
laptops. What type of wireless topology has been created by these employees?

A. ESS
B. IBSS
C. SSID
D. BSS

Answer: B

Explanation

Independent Basic Service Set – IBSS (ad hoc mode) does not use an AP. It allows two
devices to communicate directly.

Basic Service Set (BSS) is a single wireless LAN created with an AP and all devices
that associate with that AP.

Extended Service Set (ESS) consists of multiple APs, allowing roaming in a larger
coverage area.