Answers B and E are the correct answers. The 192.168.14.69 host is on the 192.168.14.64/28 network with an Increment of 16 with 14 valid host addresses on each subnet. The range of valid host addresses for this network is 192.168.14.65 through 192.168.14.78. Answers B and E both fall within this range. Answer A is incorrect because this is a broadcast address. Answer C is incorrect because this address is on a different network. Answer D is incorrect because this is a network address.
Answers A, B, and D are the correct answers. You need a trunk configured between the two switches for VTP to work. Both switches need to be in the same VTP domain and have the same VTP password. Answer C is incorrect because the modes can differ. Answer E is incorrect because the hostname is irrelevant.
Answers C and D are the correct answers. When configuring subinterfaces, you should configure the encapsulation on the main interface but take the IP address off of it and place it under the subinterface. Answer A is incorrect because the DLCI should go under the subinterface and not on the main interface. Answer B is incorrect because the IP address should go under the subinterface. Answer E is incorrect because the Frame Relay encapsulation goes on the main interface and not the subinterface.
Answer B is the correct answer. Named access lists allow you to delete individual lines; numbered do not. If you attempt to delete an individual line out of a numbered access list, the entire list will be removed. Answer A is incorrect because you can do both an IP extended and an IP standard named access list. Answer C is incorrect because named access lists can be used for more than just VTY line access control. Answer D is incorrect because you can do named access lists for other protocols—such as IPX—as well.
Answers A and D are correct. An access port is one that is connected directly to an end device, such as a PC, using a straight-through cable. The port carries traffic for a single VLAN. Answers B and C are incorrect because these describe trunk links.
Answer B is the correct answer. The switch with the lowest Bridge ID is the root bridge. A Bridge ID consists of a configurable priority value followed by the base MAC address. In this example, SwitchB has the numerically lowest Bridge ID. The other answers are incorrect because they have numerically higher Bridge IDs.
Answer D is the correct answer. Split horizon is working (which makes answer A incorrect) because the routes received on Serial 0 are not sent back out Serial 0. Answer B is incorrect because version 1 is being used, not version 2. Answer C is incorrect because the router is on the 10.0.0.0 and 192.168.0.0 network and not the 172.16.0.0 network. Finally, answer E is incorrect because you can ping the host 172.18.15.9 because it is only three hops away.
Answer C is the correct answer. The default state of an interface is shut down. Unless the no shut command is entered, the interface remains down and you are unable to ping it. Answer A is incorrect because nothing in the scenario or configuration indicates that there is a problem with the encapsulation. Answer B is incorrect because the Telnet configuration is complete. Answer D is incorrect because the order of the commands under the VTY lines does not matter. Finally, answer E is incorrect because a console password is not necessary to telnet into a router.
Answer B is the correct answer. show ip ospf interface shows you if you are a DR, BDR, or DROTHER (not a DR or BDR). Answer A is incorrect because the show ip ospf database command shows you the OSPF LSA database, but not if you are the DR. Answer C is incorrect because the show ip ospf command shows you general information about the OSPF process, but not about the DR decisions. Answer D is incorrect because the show ip ospf summary-address shows you networks that have been summarized, but not the DR or BDR routers.
Answer A is the correct answer. Application, Presentation, and Session layers all relate to data. The Transport layer relates to segments. The Network layer relates to packets (also called datagrams). The Data Link layer relates to frames. Finally, the Physical layer relates to bits. The other answers are wrong because the orders of the PDUs are incorrect.
Answer D is the correct answer. Your ARP table contains the IP address to MAC address mappings and can be viewed on a Windows PC with the arp -a command. Answer A is incorrect because that command will display your PC network configuration. Answer B is incorrect because that command will test your TCP/IP protocol stack. Finally, answer C is wrong because tracert displays the list of routers on a path to a network destination.
Answer D is the correct answer. When a new router boots up it will take you to the system configuration dialog, which will ask a series of questions that lead you through the initial system configuration. Answers A and B are incorrect because you will first be prompted with the initial system configuration dialog. Answer C is incorrect because there is no default password of ciscorouter. (There are some routers that do ship with a default password, but the password is not ciscorouter, and the exam does not test on this.)
Answers B and C are the correct answers. Both commands will show you the IP address (layer 3 information) of neighboring devices. Below is sample output of these commands with the layer three (network layer) information highlighted.
------------------------- Device ID: Router Entry address(es): IP address: 192.168.100.254 Platform: cisco 1604, Capabilities: Router Interface: Serial0, Port ID (outgoing port): Serial0 Holdtime : 128 sec <...output omitted for brevity...>
Answer A is incorrect because this command is limited and does not give you the IP address. Answer D is incorrect because this command shows only CDP statistics, not IP addresses.
Answer B is the correct answer. The Floor2 switch has the lowest priority (16384) so is therefore the root bridge. The Floor1 and Floor3 switch (answers A and C) have higher priorities, so therefore they are not the root bridge. Answer D is incorrect because enough information is included in the question to answer it.
Answers A and D are the correct answers. This question depends on your ability to memorize facts; you either know this, or you don’t. Answers B and C are incorrect because these are LMI types and not Frame Relay encapsulations.
Answer C is the correct answer. The subnet mask 255.255.255.224 with the ip subnet-zero command allows for 8 subnets and 30 hosts on each subnet. Answer A is incorrect because it allows only for 2 subnets. Answer B is incorrect because this allows only for 4 subnets. Answers D and E are incorrect because you can get more subnets out of a mask of 255.255.255.224 than you can with masks of 255.255.255.240 (/28) or 255.255.255.248 (/29).
Answer D is the correct answer. OSPF has an unlimited hop count. Answer A is incorrect because this is the hop count for RIP. Answer B is incorrect because this is the maximum hop count for EIGRP. Answer C is incorrect because this is the maximum hop count for IGRP.
Answers B and D are the correct answers. UDP uses less bandwidth and is a connection-less protocol. Answers A and C are incorrect because these describe TCP.
Answer B is correct. You use a rollover cable to connect a PC to a console port (Con0) on a router. A crossover cable (answer A) is used between two end devices or between two routers. A straight-through cable (answer C) is used between a switch and an end device. A serial cable (answer D) is used for wide-area network (WAN) connections.
Answer C is the correct answer. There is no way to assign a password to a VLAN. Answers A, B, and D are all incorrect because these are steps you would take to create a VLAN.
Answer C is the correct answer. When the packet is returning on the remote segment, it will have the source MAC address of HostB and the destination MAC address of RouterB. Answers A, B, and D are incorrect because they do not return on any of these choices.
Answers A and D are the correct answers. Answer A is a private Class B address, whereas answer D is a private Class A address. Answers B and C are incorrect because they are public addresses.
Answer B is the correct answer. A switch uses ASIC chips and is therefore faster than a bridge (making answer A incorrect). Answers C and D are incorrect because bridges and switches are both Layer 2 devices.
Answer C is the correct answer. This is the only answer with the correct configuration. Answers A and D are incorrect because these are extended access lists, which is not necessary on VTY lines. Answer B is incorrect because the wrong command is used to apply the access list on the VTY lines.
Answer C is the correct answer. OSPF priority is changed on an interface with the ip ospf priority command. Answers A and B are incorrect because the commands are done on an interface and not under the OSPF router configuration mode. Answer D is incorrect because the wrong command is used under the interface.
Answer A is the correct answer. To enable an interface from the administratively down state, you must execute the no shutdown command. Answer B is incorrect because nothing is wrong with the cable. Answer C is incorrect because there is no such thing as the interface up command. Answer D is incorrect because the clock rate command is not necessary to take an interface out of the administratively down state.
Answer B is the correct answer. HostB has a network address and not a valid host address. Answers A, C, and D are incorrect because these are all valid IP addresses.
Answer B is correct. You can use port security to allow only certain hosts access to a network. Answer A is incorrect because access lists are typically put on Layer 3 routed ports, not Layer 2 switched ports. Answer C is incorrect because encrypted enable secret passwords are used to secure a network device, such as a switch, but have no bearing on preventing unauthorized hosts on a network. Finally, answer D is incorrect because WEP uses a key, not a username and password (and even if it did, this would prevent only a user and not a host).
Answer B is the correct answer. banner motd is used to create a banner. Answers A, C, and D are incorrect because these are all bogus commands.
Answer A is correct. show controllers is the only command listed that will inform you if clocking is stopped on an interface. Answers B and C will show you information about the interface but not about clocking. Answer D will not show you whether clocking is working correctly.
Answer E is the correct answer. Windowing and sequence numbers are components of TCP, which is found at the transport layer. TCP is not found at the other layers, so answers A, B, C, and D are incorrect.
Answer B is correct. The switch with the lowest Bridge ID is the root bridge. In this scenario, the switch has a Bridge ID of 32768.0003.2201.830D.E774, whereas the root bridge has a lower Bridge ID of 4106.0003.C832.9885. (Note that the switch is using Per-VLAN Spanning Tree + [PVST+], which extends the bridge ID by adding the VLAN number to the base priority.) Answer A is incorrect because if the switch had a lower Bridge ID, it would be the root. Answer C is incorrect because a root bridge would have all its ports in the designated state, not root state. Answer D is incorrect because the cost is not the initial factor in determining the root bridge.
Answer C is the correct answer. There are four collision domains on the left out of the router’s ethernet 0 interface (one collision domain for each segment coming out of the switch), and there is one collision domain on the right out of the router’s ethernet 1 interface. Because there are only five collision domains in all, answers A, B, D, and E are all incorrect.
Answer C is correct. A rogue AP is usually put in place by a malicious attacker or an inside facilitator to capture information from clients that associate to it unknowingly. Answers A, B, and D have nothing to do with rogue access points.
Answer A is the correct answer. You need a default router on RouterA to allow the users to access the Internet. The ISP, however, would suffice with a simple static route because there is only one network attached to RouterA. Answers B, C, D, and E are incorrect because these solutions would not meet the objective.
Answer D is the correct answer. You have 13 subnets, so you need a /28 subnet mask, which would allow for 13 hosts. Because the company is running RIPv1, you must use the same subnet mask on all links.
Answers A and C are the correct answer. This access list permits all hosts on the 172.17.80.0/20 network. The range of valid IP addresses would be 172.17.80.1 through 172.17.95.254. Only answers A and C fall within this range.
Answers B, C, and D are the correct answers. Answer A is incorrect because it is not a valid wide-area network encapsulation.
Answer B is the correct answer. The no auto-summary command is needed because you are using variable length subnet masks. Without the no auto-summary command, VLSM is not allowed. Answer A is incorrect because EIGRP does support VLSM. Answer C is incorrect because the subnet masks are not necessary to make this work. Answer D is incorrect because you need the no auto-summary command. (The auto-summary command is already there.) Answer E is incorrect because this is a RIP command, not an EIGRP command.
Answer A is the correct answer. The frame-relay map command is missing the keyword broadcast at the end, which is necessary to support the use of broadcast and multicast based routing protocols. Answer B is incorrect because the RIP configuration does specify the correct networks. Answer C is incorrect because inverse-arp is irrelevant to making this work. Answer D is incorrect because RIP will work across NBMA networks when you have the broadcast keyword added to the end of the frame-relay map command. Answer E is incorrect because the IP addresses are correct.
Answer D is correct. 802.11a uses the 5GHz range, not 2.4GHz, and certainly not anything in the MHz or KHz range.
Answer B is the correct answer. Assuming that you are running both EIGRP and RIP, the router will take the path that EIGRP chooses (lower administrative distance). Because EIGRP looks at bandwidth as one component of its composite metric, EIGRP would take the path through RtrC. This is the only path it would take; therefore, answers A, C, and D are incorrect.
Answer B is the correct answer. The ip nat inside and ip nat outside commands are missing from the interfaces. Answer A is incorrect because the access list configuration is correct. Answer C is incorrect because the IP addresses are correct. Answer D is incorrect because the configuration is performing NAT overload and does not need a pool.
Answer D is the correct answer. The two switches are using different VTP domain names. Answer A is incorrect because the modes are fine. Answer B is incorrect because nothing is wrong with the VTP version. Answer C is incorrect because VTP pruning does not need to be enabled to make VTP operational.
Answer C is the correct answer. The root bridge would be the Switch2. Interface Fa0/1 on Switch1 and Fa0/2 on Switch3 would both be root ports and go into forwarding mode. For Fa0/2 on Switch1 and Fa0/1 on Switch3, the tie breaker would be the bridge ID. Since Switch1 has a higher MAC address and the default priority is being used, Switch1 would place Fa0/2 in blocking mode and Fa0/1 on Switch3 would go into forwarding mode. Only Fa0/2 on Switch1 would be in blocking mode, so answers A, B, and D are incorrect.
Answers A, C, and D are the correct answers. Access ports are those ports connected to access devices such as computers. Answers B, E, and F are incorrect because these are trunk ports that are connecting switches and routers together.
Answer B is the correct answer. Inverse-arp maps a Frame Relay data link connection identifier (DLCI) to the next hop IP address. Answers A, C, and D are incorrect because these are not the correct definition of inverse arp.
Answers B and C are the correct answers. The O in the output, along with the administrative distance of 110, indicates that this entry was learned via OSPF. The cost is included next to the administrative distance (1562). Answer A is incorrect because the router is running OSPF and not EIGRP. Answer D is incorrect because OSPF uses cost as its metric and not hop count.
Answer C is the correct answer. If you only have a single network, a default route would be sufficient. Answers A, D, and E are incorrect because they are not necessary if you only have a single network.
Answers B and C are the correct answers. If Telnet has not been properly configured or an access list is blocking you, Telnet will not work. Answers A and D are incorrect because the question states that you are able to ping the router (which you would not be able to do if answers A and D were correct).
Answers A and D are the correct answers. Answer B is incorrect because this is a network address, and answer C is incorrect because this is a broadcast address.
Answers A and B are the correct answers. The router will drop the packet back and send an ICMP destination unreachable message back to the source. Answer C is incorrect because the router will drop the packet, not send it back. Answer D is incorrect because administratively prohibited messages are only sent if the packet was denied because of a filter such as an access list.
Answers B and C are the correct answers. The bridge ID is composed of a configurable priority plus the base MAC address. Answers A and D are incorrect because these are not used in calculating the bridge ID.
Answer B is the correct answer. The feasible successor is the backup route and is found in the topology table. Answers A and C are incorrect because the feasible successor route is not found in the neighbor or route table. Answer D is also incorrect because the feasible successor is not found in the adjacency table and because the adjacency table is used with OSPF and not EIGRP.
Answer B is correct. A packet will be processed before it is forwarded to an outbound interface when an inbound access list is applied. Answer A is incorrect because that describes an outbound access list. Answer C is incorrect because access lists used for packet filtering are processed when entering interface queues and not when performing a route lookup. Answer D is incorrect because there is no such thing as a “packet security engine.” That answer is there simply to distract and mislead you.