Answer B is the correct answer. A /28 network would give you 14 hosts on each network. The network increment of a /28 network is 16. Because the ip subnet-zero command is on the router, you can use the zero subnet, making the second subnet 192.168.25.16 and the first useable IP address 192.168.25.17. Answers A, C, D, and E are incorrect because each of these addresses is on a different subnet.
Answer E is the correct answer. According to the diagram, the network attached to the FastEthernet0/3 interface is 172.21.248.0/23, although the configuration shows that FastEthernet 0/3 is configured for 172.21.254.1/23, which is on a different subnet. Answer A is incorrect because there is nothing incorrect with the pool configuration. Answer B is incorrect because the ip nat outside and ip nat inside commands are on the correct interfaces. Answer C is incorrect because the scenario does not ask you to overload your pool of addresses. Answer D is incorrect because there is nothing incorrect with the access list configuration.
Answer D is the correct answer. A denial of service is an attack where a malicious hacker will attempt to disable access to a host, network, or application. A common type of denial of service attack is a SYN flood, where an attacker will send thousands of packets with the SYN bit set, but will not respond with an ACK when the system sends back a SYN-ACK message. This results in filling up the maximum number of allowable half-open TCP sessions on a host, which could potentially prevent some systems from accepting legitimate TCP requests. Answers A, B, and C are incorrect because these attacks do not involve sending SYN floods.
Answer A is correct. A Service Set Identifier (SSID) is used to identify a wireless network. Answer B is incorrect because WEP keys are used for securing wireless networks but do not identify wireless networks. Answer C is incorrect because 802.11g is a type of wireless network, but does not identify wireless networks. Answer D is incorrect because Extended Service Set (ESS) is a method of grouping multiple basic service set (BSS) networks and is identified by a single SSID.
Answer B is correct. Switches use the Dynamic Trunking Protocol to dynamically negotiate a trunk. If DTP is turned off (as it is in the output), the interface will not negotiate to be a trunk link. With the interface being set to static access, it is manually configured to be an access link. Answer A is incorrect because you do not put an IP address on a Layer 2 switched port and it is irrelevant to bringing up a trunk link. Answer C is incorrect because VTP pruning does not impact trunk negotiation. Answer D is incorrect because having an interface configured for a VLAN does not impact trunk negotiation.
Answers A, C, and D are the correct answers. EIGRP supports AppleTalk, IP, and IPX. Answers B and E are incorrect because EIGRP does not support Banyan VINES or LAT.
Answer C is the correct answer. You want to configure two Telnet sessions. Because Cisco begins its numbering with 0, you would configure lines 0 through 1. The commands to configure Telnet authentication are login and password. The service password-encryption global configuration command is used to encrypt all unencrypted passwords on your router. Only answer C has the correct configuration. Answer A is incorrect because it configures all five Telnet lines and not just the first two. Answer A is also incorrect because it is not encrypting your passwords. Answer B is incorrect because it configures the first three Telnet lines and not just the first two. Answer D is incorrect because it does not have the proper configuration for Telnet authentication. Finally, answer E is incorrect because it configures all five configuration lines and not just the first two.
Answer B is the correct answer. RouterA is learning of the networks attached to RouterD via OSPF and RIP. When a router is learning of networks through more than one routing source, it chooses the best path based on whichever source has the lowest administrative distance. RouterA is learning the path through OSPF from RouterB and through RIP from RouterE. OSPF has an administrative distance of 110, and RIP has an administrative distance of 120. Because RIP’s administrative distance is higher than OSPF’s administrative distance, the path through RouterB is preferred. Answer A is incorrect because OSPF has a lower administrative distance than RIP. Answer C is incorrect because RouterA will choose RouterB based on administrative distance. Answer D is incorrect because enough information is given to answer this question.
Answers A and D are the correct answers. Answers B and C are incorrect because these are network addresses and therefore cannot be configured on hosts.
Answer D is the correct answer. Answers A and C are incorrect because Telnet uses TCP and not UDP. Answer B is incorrect because the wildcard mask for the 172.19.40.0/21 network is incorrect.
Answer B is the correct answer. OSPF will first choose the highest IP address on any loopback interface for its router ID. If no loopback interfaces are configured, the highest IP address on any active physical interface is chosen. Answer A is incorrect because you do not loopback interfaces to run OSPF. Answer C is incorrect because the interfaces must be active (up) when OSPF is initialized in order for OSPF to consider using them as the router ID. Answer D is incorrect because the highest IP address is chosen, not the lowest.
Answer A is the correct answer. The summary address for 172.20.0.0/24–172.20.4.0/24 is 172.20.0.0/22. To determine a summary address for a range of networks, work out the bits that are the same for each network and ignore the rest. Answer B is incorrect because it is the wrong mask. Answer C is incorrect because it is the wrong mask and summarized network. Answer D is incorrect because it is the wrong summarized network.
Answers A, B, C, D, and E are the correct answers. You can view all of these with the show cdp neighbors detail command. Note that the show cdp entry * command is equivalent.
Answer D is the correct answer. Only VTP Server mode allows you to make VLAN changes that propagate out to other switches. Currently, the switch operates in VTP Transparent mode, so any changes are local to the switch. Answers A, B, and C are incorrect because domain name, version numbers, and VTP pruning are irrelevant to passing VLAN information between switches.
Answer B is the correct answer. Routers break up your broadcast domains. There is one router in this diagram with two interfaces. Each interface is in its own broadcast domain, so there are two broadcast domains in this diagram.
Answer B is the correct answer. Interface Serial0/0 on RouterA is on the 172.16.20.0/22 network, but interface Serial0/0 on RouterB is on the 172.16.24.0/22 network. Answers A and D are incorrect because there is nothing incorrect with the static routes. Answer C is incorrect because the server and the router’s interface are on the 172.16.128.0/22 network. Finally, answer E is incorrect because the IP address 172.16.64.201/22 is a completely valid IP address.
Answer A is the correct answer. The root bridge should be the central point in your topology because all its ports will be forwarding, allowing for optimal data transfer. Because VLAN 200 has the majority of communication going to SwitchA, SwitchA should be the root bridge. Answers B, C, D, and E are incorrect because that might place some ports on SwitchA into Blocking mode, which would allow suboptimal paths in your switched network.
Answer A is the correct answer. EIGRP is classful by default, which means that it automatically summarizes your subnetworks at the /8, /16, and /24 bit boundaries. The no auto-summary command, entered within the EIGRP configuration mode, causes EIGRP to become classless and sends out the subnet mask in updates. Answer B is incorrect because there is nothing incorrect with the network statements. Answer C is incorrect because the mask is not necessary. (As a side note, EIGRP can use wildcard masks like OSPF, but they are not required.) Answer D is incorrect because you want to disable auto-summary, not turn it on. Finally, answer E is incorrect because the maximum-paths command modifies load-balancing parameters, which is irrelevant to the problem.
Answer C is correct. Unlike OSPF and RIP, EIGRP can load balance across unequal cost paths. In this scenario, your router can load balance across three unequal cost paths. Answer A is incorrect because EIGRP will load balance across unequal and equal cost paths. Answer B is incorrect because there can be many EIGRP networks in the routing table and maximum path does not refer to the maximum number of entries in a routing table. Answer D is incorrect because maximum path does not refer to the networks EIGRP know about (this is found under “Routing for Networks”).
Answer A is the correct answer. Only answer A has the correct configuration that allows for a pool of six addresses. Answers B and D are incorrect because the access lists are referencing the inside global addresses instead of the inside local addresses and the pools are referencing inside local addresses instead of inside global addresses. Answer C is incorrect because the pool allows for seven addresses and not six.
Answer B is the correct answer. Although the LMI types do not have to match, the encapsulation types do. One router uses IETF encapsulation, and the other uses the default (Cisco). Answer A is incorrect because the routers can run different LMI types. (LMI runs only from the router to the Frame Relay provider and can therefore be different on both sides of the Frame Relay virtual circuit.) Answer C is incorrect because the configuration is complete. Answer D is incorrect because the routers are both on the same 10.250.86.64/30 subnet.
Answer A is the correct answer. Ping and Traceroute use ICMP, which operates at the network layer.
Answers C and E are the correct answers. The 192.168.5.0/24 network is not in the routing table, and a default route was not set up (as evidenced by the statement GATEWAY OF LAST RESORT IS NOT SET). Therefore, you can say goodbye to any packet destined for the 192.168.5.0/24 network. The router drops the packet and sends back an ICMP type 3 Destination Unreachable (DU) message to the source of the packet. Because the routing table does not have this entry, answers A, B, and D are incorrect.
Answers B and D are correct. This command creates a static route that will forward all traffic destined for the 192.168.1.0/24 network to the router with the IP address of 10.1.24.1. Answer A is incorrect because this is not a default route. An example of a default route would be ip route 0.0.0.0 0.0.0.0 10.1.24.1. Answer C is incorrect because it describes the opposite of what the static route is doing. Answer E is incorrect because this command is used for a static route and not for routing protocols.
Answer D is the correct answer. Cisco defines OSPF cost as 108/bandwidth. If you take 100,000,000 (108) and divide it by the 1,544,000 (a T1), you get 64.766. Because remainders are not factored into the metric, you are left with 64. For the test, you should know the common metrics such as 1 for a 100Mb connection, 10 for a 10Mb connection, 64 for a T1 connection, and 1,562 for a 64Kbs connection. Answer A is incorrect because this is the bandwidth of a T1 and not the cost. Answer B is incorrect because this is the cost for a 10Mb link. Answer C is incorrect because this would be the cost for a 1Mb link.
Answer D is the correct answer. A /30, or 255.255.255.252, mask is common on point-to-point wide area network links because this mask allows for two addresses. Because you need only two addresses on point-to-point links, this mask is ideal because it gives you just enough addresses to assign IP addresses to both routers while saving on your overall IP address space.
Answer C is the correct answer. Only answer C has the correct configuration to assign a default gateway. Answers A and D are incorrect because the command should be entered from global configuration mode. Answer B is incorrect because you do not enter the subnet mask with this command.
Answer B is the correct answer. Although the default maximum is 100, the absolute maximum hop count for EIGRP is 224. Answer A is incorrect because 255 is the absolute maximum hop count for IGRP, not EIGRP. Answer C is incorrect because this is the maximum hop count for RIP. Answer D is incorrect because this is the TTL used for routing updates, not the maximum hop count. (Having a TTL of 1 means that the routing updates will be sent only to the next router; the next router will then have to generate a new routing update and send it out to pass it on.) Answer E is incorrect because EIGRP does have a maximum hop count; OSPF is the routing protocol with an unlimited hop count.
Answer D is the correct answer. The spanning-tree states are blocking, listening, learning, and forwarding. In the learning state, the port is populating the MAC table so that when it moves to forwarding state, it is capable of making intelligent decisions as to where it should send frames. Otherwise, without the learning state, when the port becomes active, it would flood frames out all ports until it learns MAC addresses. Answer A is incorrect because this describes the listening state and not the learning state. Answer B is incorrect because this describes the blocking state. Finally, answer C is incorrect because this describes the forwarding state.
Answer D is the correct answer. You would use a straight-through cable between a router and switch. The switch is then responsible for crossing over the transmit and receive communication path. Answer A is incorrect because a rollover cable is used to connect to a console port. Answer B is incorrect because a null modem cable is used between two asynchronous serial ports. Answer C is incorrect because a crossover cable would be used between two switches or between two routers, but not between a router and a switch.
Answer A is the correct answer. Without the broadcast keyword, broadcast and multicast-based routing updates are not sent across the link. Answer B is incorrect because the RIP version is irrelevant to get RIP to work across Frame Relay. Answer C is incorrect because inverse-arp has nothing to do with getting your routing updates across a Frame Relay network. Finally, answer D is incorrect because RIP is activated on the interfaces. When you enter the network statements under the RIP configuration mode, it automatically enables RIP on the interfaces where those networks reside.
Answers A and C are the correct answers. IGRP and EIGRP can also factor in reliability, load, and MTU. Answer B is incorrect because this is the metric used by RIP. Answer D is incorrect because this is the metric used by OSPF and IS-IS.
Answer C is the correct answer. CHAP is a three-way handshake authentication protocol. One router sends a challenge, the second router sends an MD5 hash of the password, and the first router sends a success or fail response (therefore, three messages).
Answer C is the correct answer. The access list is permitting TCP port 110 and 25, which POP and SMTP use. Answer A is incorrect because NTP (UDP 123) or SNMP (UDP ports 160 and 161) do not use these ports. Answer B is incorrect because the masks are incorrect. Answer D is incorrect because SNMP traffic is not referenced in the access list; only POP and SMTP are.
Answer B is correct. You should use a crossover cable to connect two switches together. Answer A is incorrect because this is used to connect a switch to an end device, not two switches. Answer C is incorrect because a rollover cable is used to connect a PC to a network device via a console connection. Answer D is incorrect because V.35 cables are used for wide area networks.
Answer A is the correct answer. Routing occurs at the Internet layer of the TCP/IP model. Answer B is incorrect because the Network layer is on the OSI model, not the TCP/IP model. Answers C and D are incorrect because these are different layers.
Answer D is the correct answer. The feasible successor is stored in the topology table. Should the successor route go down in the routing table, the feasible successor would take over and the DUAL algorithm would work to elect a new feasible successor. Answer A is incorrect because this is where you would find neighbor information and not the feasible successor. Answer B is incorrect because this is where you would find the successor. Answers C and E are incorrect because these tables are used with OSPF, not EIGRP.
Answers C and D are the correct answers. The IP address is on the 192.168.6.80/29 network. A /29 network uses an increment of 8, so the next network is 192.168.6.88. Therefore, your range is 192.168.6.80–192.168.6.87 but, because you cannot use the first or last address of each subnet (they are the network and broadcast addresses), your range of valid host addresses are 192.168.6.81–192.168.6.86. Only answers C and D have IP addresses in this range.
Answers A and B are the correct answers. DR elections are used with OSPF routing. These elections occur only on broadcast multi-access and nonbroadcast multi-access (NBMA) networks.
Answer C is the correct answer. If the router has a built-in CSU/DSU, you use a standard straight-through RJ-45 UTP connector coming from the wall jack to the router. While you may also use a RJ-48 STP connector, this was not one of the answers. If the CSU/DSU were external, you would have a straight-through cable from the wall jack to the CSU/DSU and then a serial cable from the CSU/DSU to the router. Because the question mentions a built-in CSU/DSU, you use a UTP cable.
Answer D is the correct answer. 802.1q is the IEEE standard for trunks. 802.1q trunking works by tagging frames with their associated VLAN ID. Answers A and C are incorrect because these are wireless standards. Answer B is incorrect because 802.1d is the standard for spanning tree.
Answer B is the correct answer. EIGRP and IGRP both require autonomous system numbers. This can be any number you want between 1 and 65,535, but all routers must share this same number for routing updates to pass between them. Answer A is incorrect because process IDs are used in OSPF, not EIGRP. Answer C is incorrect because the number is the AS number, not the number of networks. Answer D is incorrect because the router ID is chosen automatically and is not specified with the router eigrp command. Answer D is also incorrect because, although there are router IDs with EIGRP, at the CCNA level the router IDs take on only significance with OSPF.
Answer C is the correct answer. You need the enable secret and service password-encryption commands to encrypt your passwords. Because the question asks to configure only three Telnet lines, you configure lines 0–2. Therefore, answer C is correct. Answer A is incorrect because the enable password is not encrypted. Answer B is incorrect because the command line vty 0 3 encrypts four Telnet sessions and not two (which the question asks). Finally, answer D is incorrect because it configures all five Telnet sessions.
Answers A, B, and E are the correct answers. Reverse poisoning and triggered updates are other options used to prevent loops in switched networks. Answer C is incorrect because spanning-tree is used to prevent loops in switched networks, not routed networks. Answer D is incorrect because the Dijkstra algorithm is used with OSPF, which is a link state routing protocol, not distance vector.
Answer C is the correct answer. The subnet mask 255.255.255.192 is borrowing 10 bits from a Class B network. The formula to determine your networks (assuming that you cannot use subnet zero) is 2n-2. Borrowing 10 bits gives you 1,022 networks (210-2=1022). Answer A is incorrect because the 255.255.255.224 mask gives you 2,046 networks and 30 hosts. Although this meets the requirement of providing at least 1,000 networks, it does not provide as many host addresses as the 255.255.255.192 mask. (It provides 62 host addresses on each network.) Answer B is incorrect because it only gives you 62 networks. Answer D is incorrect because it only gives you 126 networks. Finally, answer E is incorrect because it only gives you 510 networks.
Answer E is the correct answer. A standard access list has been configured, and the general rule is that standard access lists should be applied as close to the destination as possible. The Ethernet 0 interface on RouterC is the interface closest to the destination. Therefore, answer E is correct, and the other answers, which apply it on other routers or on the wrong interface, are incorrect.
Answer A is the correct answer. A /21 subnet has a network increment of 8 in the third octet. The next network, then, is 172.19.56.0. One less than the next network is 172.19.55.255 (answer A). Answer B is incorrect because this is a valid host address on the same network. Answer C is incorrect because this is a broadcast address on the 172.19.56.0 network. Answer D is incorrect because this a valid host address on the same network. Finally, answer E is incorrect because this is a valid host address on the 172.19.64.0 network.
Answers A, B, and C are the correct answers. Having a hierarchical design makes it easy to supernet (summarize your networks). This question really tests to see if you understand the benefit of summarizing your networks. Summarizing your networks results in less overhead, which, subsequently, equate to smaller routing tables (answer A). If a particular subnet goes down, it does not affect the summarized route in other areas (answer B). Also, having fewer routes means that the routers have less to process, which results in faster convergence (answer C). Answer D is incorrect because summarization actually involves more configuration on a router, not less. Answer E is incorrect because feasible successors are used with EIGRP, not OSPF.
Answer E is the correct answer. The blocking state takes 20 seconds, and the listening and learning states take 15 seconds each for a total of 50 seconds.
Answer C is the correct answer. Switches (and bridges) are used to create more collision domains because each segment on a switch or bridge is its own collision domain. Answer A is incorrect because a router is used to create more broadcast domains, not collision domains. Answer B is incorrect because a hub actually creates more congestion on a network and not fewer collision domains. Answer D is incorrect because a repeater amplifies only a signal and does not create more collision domains.
Answer A is the correct answer. show version displays the name of the current IOS version in use on a router. Answer B is incorrect because this shows you the name of all IOS images on a router but not the one currently in use. Answer C is incorrect because this is an invalid command. Finally, answer D is incorrect because this command shows you the current configuration in NVRAM and not the current IOS version.
Answer C is the correct answer. RouterB is missing the 172.17.0.0/16 network. Answer A is incorrect because the RIP version 2 is not necessary to make this scenario work. Answer B is incorrect because a default route is unnecessary. Answer D is incorrect because you do have enough information to answer this problem. Finally, although the interface connected to 172.18.0.0/16 does need to be up for you to communicate across the network, nothing in the scenario indicates that the interface is down. In addition, the better answer is C because, even if the interface is not shut down, it cannot work unless the 172.17.0.0/16 network is added under the RIP process on RouterB.
Answer A is the correct answer. RouterA uses HDLC encapsulation, and RouterB is using PPP encapsulation. Answers B and D are incorrect because nothing in the output indicates that there is a problem with the cabling. Answer C is incorrect because nothing in the output reveals information about how the provider is configured. Finally, answer E is incorrect because the problem is with the encapsulations, not clocking. However, clocking problems can cause the line protocol to not function, although the output indicates that the problem is with encapsulations and not clocking.
Answer C is the correct answer. OSPF uses wildcard masks and not subnet masks. The correct OSPF configuration is
Router OSPF 65545 network 192.168.0.4 0.0.0.3 area 0 network 192.168.0.8 0.0.0.7 area 1
Answer A is incorrect because the IP addresses on the interfaces are on the same networks referenced under the OSPF routing process configuration. Answer B is incorrect because the number of the process ID is irrelevant. Answer D is incorrect because the areas do not have to be the same number.
Answer B is the correct answer. The output shows the flag perm, which means that they were permanently learned through the IP host global configuration command. Answer A is incorrect because the flag temp would show if they were learned through a DNS server. Answer C is incorrect because there is no such thing as a DNS dynamic-discovery command. Answer D is incorrect because routing protocols have nothing to do with learning hostname to IP address mappings. Answer E is incorrect because DNS or static mappings are used to map IP address to hostnames, not ARP. ARP is used to map IP addresses to MAC addresses.
Answer C is the correct answer. The clock rate is typically configured on the CSU/DSU in production networks. Often, the CSU/DSU comes built into the router, but even if it is built into the router, the CSU/DSU still provides the clocking and not the router. Although it is true that you can configure clocking on a router with the clock rate interface command, this is done on lab environments and not on production networks. The question asks for the typical configuration, not for unique lab environments. Therefore, answer C is correct and answer A is incorrect. Answers B and D are incorrect because clocking is not configured on switching or on the provider’s network. Although it is possible to provide clocking from the provider, this is not the typical configuration. For the CCNA exam, remember that clocking is done at the CSU/DSU.
Answer A is the correct answer. CDP uses multicasts frames at the data link layer of the OSI model. All other answers reference other OSI layers and are therefore incorrect.
Answers B and D are correct. You can secure your remote access to a router by using SSH instead of Telnet because SSH encrypts traffic between your computer and the router. You can also configure an access list that allows only certain hosts access to the VTY lines. Answer A is incorrect because the enable password is not a method of providing added security to your router. Answer C is incorrect because configuring an access list on an interface to block Telnet access would only block Telnet traffic as it passes through a router and not Telnet attempts to a router.
Answers B, C, and D are the correct answers. In addition to these answers, the interfaces connecting the two routers must be configured to use the same timers and stub configuration (stub areas are covered more heavily on the CCNP exams and not at the CCNA level). Answer A is incorrect because the two routers can run different IOS versions. Answer E is incorrect because the process ID is locally significant to each router and does not have to match the process ID on other routers.