Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 5)
What are two benefits of using NAT? (Choose two.)
A. NAT facilitates end-to-end communication when IPsec is enabled.
B. NAT eliminates the need to re-address all hosts that require external access.
C. NAT conserves addresses through host MAC-level multiplexing.
D. Dynamic NAT facilitates connections from the outside of the network.
E. NAT accelerates the routing process because no modifications are made on the packets.
F. NAT protects network security because private networks are not advertised.
Answer: B,F
Explanation:
By not revealing the internal IP addresses, NAT adds some security to the inside network -
> F is correct.
NAT has to modify the source IP addresses in the packets -> E is not correct.
Connection from the outside of the network through a “NAT” network is more difficult than a more network because IP addresses of inside hosts are hidden -> C is not correct.
In order for IPsec to work with NAT we need to allow additional protocols, including Internet Key Exchange (IKE), Encapsulating Security Payload (ESP) and Authentication Header (AH) -> more complex -> A is not correct.
By allocating specific public IP addresses to inside hosts, NAT eliminates the need to re- address the inside hosts -> B is correct.
NAT does conserve addresses but not through host MAC-level multiplexing. It conserves addresses by allowing many private IP addresses to use the same public IP address to go to the Internet -> C is not correct.
Q2. - (Topic 3)
On a corporate network, hosts on the same VLAN can communicate with each other, but they are unable to communicate with hosts on different VLANs. What is needed to allow communication between the VLANs?
A. a router with subinterfaces configured on the physical interface that is connected to the switch
B. a router with an IP address on the physical interface connected to the switch
C. a switch with an access link that is configured between the switches
D. a switch with a trunk link that is configured between the switches
Answer: A
Explanation:
Different VLANs can't communicate with each other, they can communicate with the help of Layer3 router. Hence, it is needed to connect a router to a switch, then make the sub- interface on the router to connect to the switch, establishing Trunking links to achieve communications of devices which belong to different VLANs.
When using VLANs in networks that have multiple interconnected switches, you need to use VLAN trunking between the switches. With VLAN trunking, the switches tag each frame sent between switches so that the receiving switch knows to what VLAN the frame belongs. End user devices connect to switch ports that provide simple connectivity to a single VLAN each. The attached devices are unaware of any VLAN structure.
By default, only hosts that are members of the same VLAN can communicate. To change this and allow inter-VLAN communication, you need a router or a layer 3 switch.
Here is the example of configuring the router for inter-vlan communication
RouterA(config)#int f0/0.1 RouterA(config-subif)#encapsulation ? dot1Q IEEE 802.1Q Virtual LAN
RouterA(config-subif)#encapsulation dot1Q or isl VLAN ID RouterA(config-subif)# ip address x.x.x.x y.y.y.y
Q3. - (Topic 5)
Which three features are added in SNMPv3 over SNMPv2?
A. Message Integrity
B. Compression
C. Authentication
D. Encryption
E. Error Detection
Answer: A,C,D
Explanation:
Cisco IOS software supports the following versions of SNMP:
+ SNMPv1 – The Simple Network Management Protocol: A Full Internet Standard, defined in RFC 1157. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098.) Security is based on community strings.
+ SNMPv2c – The community-string based Administrative Framework for SNMPv2. SNMPv2c (the “c” stands for “community”) is an Experimental Internet Protocol defined in RFC 1901, RFC 1905, and RFC 1906. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of SNMPv1.
+ SNMPv3 – Version 3 of SNMP. SNMPv3 is an interoperable standards-based protocol defined in RFCs 2273 to 2275. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network. The security features provided in SNMPv3 are as follows:
– Message integrity: Ensuring that a packet has not been tampered with in transit.
– Authentication: Determining that the message is from a valid source.
– Encryption: Scrambling the contents of a packet prevent it from being learned by an unauthorized source.
Q4. - (Topic 7)
Which router IOS commands can be used to troubleshoot LAN connectivity problems? (Choose three.)
A. ping
B. tracert
C. ipconfig
D. show ip route
E. winipcfg
F. show interfaces
Answer: A,D,F
Explanation:
Ping, show ip route, and show interfaces are all valid troubleshooting IOS commands. Tracert, ipconfig, and winipcfg are PC commands, not IOS.
Q5. - (Topic 3)
Which two are advantages of static routing when compared to dynamic routing? (Choose two.)
A. Configuration complexity decreases as network size increases.
B. Security increases because only the network administrator may change the routing table.
C. Route summarization is computed automatically by the router.
D. Routing tables adapt automatically to topology changes.
E. An efficient algorithm is used to build routing tables, using automatic updates.
F. Routing updates are automatically sent to neighbors.
G. Routing traffic load is reduced when used in stub network links.
Answer: B,G
Explanation:
Since static routing is a manual process, it can be argued that it is more secure (and more prone to human errors) since the network administrator will need to make changes to the routing table directly. Also, in stub networks where there is only a single uplink connection, the load is reduced as stub routers just need a single static default route, instead of many routes that all have the same next hop IP address.
Q6. - (Topic 8)
Which MAC protocol sets a random timer to reattempt communication?
A. IEEE 802.1x
B. RARP
C. CSMA/CA
D. CSMA/CD
Answer: D
Q7. - (Topic 3)
If IP routing is enabled, which two commands set the gateway of last resort to the default gateway? (Choose two.)
A. ip default-gateway 0.0.0.0
B. ip route 172.16.2.1 0.0.0.0 0.0.0.0
C. ip default-network 0.0.0.0
D. ip default-route 0.0.0.0 0.0.0.0 172.16.2.1
E. ip route 0.0.0.0 0.0.0.0 172.16.2.1
Answer: C,E
Explanation:
Both the “ip default-network” and “ip route 0.0.0.0 0.0.0.0 (next hop)” commands can be used to set the default gateway in a Cisco router.
Q8. - (Topic 7)
Refer to the exhibit.
A problem with network connectivity has been observed. It is suspected that the cable connected to switch port Fa0/9 on Switch1 is disconnected. What would be an effect of this cable being disconnected?
A. Host B would not be able to access the server in VLAN9 until the cable is reconnected.
B. Communication between VLAN3 and the other VLANs would be disabled.
C. The transfer of files from Host B to the server in VLAN9 would be significantly slower.
D. For less than a minute, Host B would not be able to access the server in VLAN9. Then normal network function would resume.
Answer: D
Explanation:
Spanning-Tree Protocol (STP) is a Layer 2 protocol that utilizes a special-purpose algorithm to discover physical loops in a network and effect a logical loop-free topology. STP creates a loop-free tree structure consisting of leaves and branches that span the entire Layer 2 network. The actual mechanics of how bridges communicate and how the STP algorithm works will be discussed at length in the following topics. Note that the terms bridge and switch are used interchangeably when discussing STP. In addition, unless otherwise indicated, connections between switches are assumed to be trunks.
Q9. - (Topic 8)
Which statement about LLDP is true?
A. It is a Cisco proprietary protocol.
B. It is configured in global configuration mode.
C. The LLDP update frequency is a fixed value.
D. It runs over the transport layer.
Answer: B
Q10. - (Topic 3)
Refer to the exhibit.
For what two reasons has the router loaded its IOS image from the location that is shown? (Choose two.)
A. Router1 has specific boot system commands that instruct it to load IOS from a TFTP server.
B. Router1 is acting as a TFTP server for other routers.
C. Router1 cannot locate a valid IOS image in flash memory.
D. Router1 defaulted to ROMMON mode and loaded the IOS image from a TFTP server.
E. Cisco routers will first attempt to load an image from TFTP for management purposes.
Answer: A,C
Explanation:
The loading sequence of CISCO IOS is as follows: Booting up the router and locating the Cisco IOS
1. POST (power on self-test)
2. Bootstrap code executed
3. Check Configuration Register value (NVRAM) which can be modified using the config- register command
0 = ROM Monitor mode 1 = ROM IOS
2 - 15 = startup-config in NVRAM
4. Startup-config filE. Check for boot system commands (NVRAM)
If boot system commands in startup-config
a. Run boot system commands in order they appear in startup-config to locate the IOS
b. [If boot system commands fail, use default fallback sequence to locate the IOS (Flash, TFTP, ROM)?]
If no boot system commands in startup-config use the default fallback sequence in locating the IOS:
a. Flash (sequential)
b. TFTP server (netboot)
c. ROM (partial IOS) or keep retrying TFTP depending upon router model
5. If IOS is loaded, but there is no startup-config file, the router will use the default fallback sequence for locating the IOS and then it will enter setup mode or the setup dialogue.
Q11. - (Topic 5)
An administrator must assign static IP addresses to the servers in a network. For network 192.168.20.24/29, the router is assigned the first usable host address while the sales server is given the last usable host address. Which of the following should be entered into the IP properties box for the sales server?
A. IP address: 192.168.20.14
Subnet Mask: 255.255.255.248
Default Gateway: 192.168.20.9
B. IP address: 192.168.20.254
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.20.1
C. IP address: 192.168.20.30
Subnet Mask: 255.255.255.248
Default Gateway: 192.168.20.25
D. IP address: 192.168.20.30
Subnet Mask: 255.255.255.240
Default Gateway: 192.168.20.17
E. IP address: 192.168.20.30
Subnet Mask: 255.255.255.240
Default Gateway: 192.168.20.25
Answer: C
Explanation:
For the 192.168.20.24/29 network, the usable hosts are 192.168.24.25 (router) – 192.168.24.30 (used for the sales server).
Q12. - (Topic 8)
Which address class includes network 191.168.0.1/27?
A. Class C
B. Class B
C. Class D
D. Class A
Answer: B
Q13. - (Topic 7)
Refer to the exhibit.
The two connected ports on the switch are not turning orange or green. What would be the most effective steps to troubleshoot this physical layer problem? (Choose three.)
A. Ensure that the Ethernet encapsulations match on the interconnected router and switch ports.
B. Ensure that cables A and B are straight-through cables.
C. Ensure cable A is plugged into a trunk port.
D. Ensure the switch has power.
E. Reboot all of the devices.
F. Reseat all cables.
Answer: B,D,F
Explanation:
The ports on the switch are not up indicating it is a layer 1 (physical) problem so we should check cable type, power and how they are plugged in.
Q14. - (Topic 3)
Before installing a new, upgraded version of the IOS, what should be checked on the router, and which command should be used to gather this information? (Choose two.)
A. the amount of available ROM
B. the amount of available flash and RAM memory
C. the version of the bootstrap software present on the router
D. show version
E. show processes
F. show running-config
Answer: B,D
Explanation:
When upgrading a new version of the IOS we need to copy the IOS to the Flash so first we have to check if the Flash has enough memory or not. Also running the new IOS may require more RAM than the older one so we should check the available RAM too. We can check both with the “show version” command.
Q15. - (Topic 5)
Which three statements about HSRP operation are true? (Choose three.)
A. The virtual IP address and virtual MA+K44C address are active on the HSRP Master router.
B. The HSRP default timers are a 3 second hello interval and a 10 second dead interval.
C. HSRP supports only clear-text authentication.
D. The HSRP virtual IP address must be on a different subnet than the routers' interfaces on the same LAN.
E. The HSRP virtual IP address must be the same as one of the router's interface addresses on the LAN.
F. HSRP supports up to 255 groups per interface, enabling an administrative form of load balancing.
Answer: A,B,F
Explanation:
The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP version 2 uses a virtual MAC address of 0000.0C9F.FXXX (XXX: HSRP group in hexadecimal).