Name _________________________________________________________________

Time limit is 1 hour and 30 minutes

1. Which three features identify the traditional business model? (Choose three.)
A) vertical business organization
B) high efficiency
C) long production cycles
D) instant access to relevant information

2. Which three items are considered organizational goals? (Choose three.)

A) reduce costs
B) determine budget
C) improve customer support
D) improve QoS

3. Which command can you use to determine the average CPU use on a Cisco router?
A) command show processes memory
B) command show processes cpu
C) command show cpu utilization
D) command show cpu

4. Starting at the first step, number each step below according to the sequence of the
topdown design stages:
--- 1 define upper OSI layers
--- 2. analyze customer requirements
--- 3. choose underlying technology
--- 4. gather additional information during design

5. Which three are considered to be technical constraints? (Choose three.)

A) available budget
B) existing equipment
C) company policy
D) bandwidth availability
E) application compatibility
F) scheduling

6. Which three commands reveal information about individual applications, protocols, or

flows? (Choose three.)
A) command show processes memory
B) command show ip nbar protocol-discovery
C) command show ip interface
D) command show ip cache flow
E) command show processes cpu
7. The E-Commerce module uses three types of servers --------, ----------, and -------- for
web communication with users who are running applications and storing data.
(Choose three.)
A) Database
B) Web
C) Private
D) Application
E) Public
F) Internet

8. Which three modules are parts of the Enterprise Campus functional area? (choose 3)
A) Network management module
B) Edge Distribution module
C) Internet Connectivity module
D) E-Commerce module
E) Server Farm module

9. Which three choices are intelligent network services? (Choose three.)

A) IP Telephony
B) IP forwarding
C) Security
D) EIGRP
E) QoS
F) High availability

10. Which statement is true when securing the Server Farm module?
A) Firewalls can never be used to protect the Server Farm module
B) Often, much higher performance is needed, which limits the choices of protection
mechanisms
C) Intrusion detection is not recommended as it lowers network performance
D) Servers in the Server Farm module are never multitiered and do not need
isolated LAN networks.

11. Place the authentication mechanisms in order of lowest to highest authentication

strength.
1. Plain passwords
2. A door, which needs a key, a password, and a fingerprint scan to unlock
3. Token cards, which generate passwords and require a memorized PIN code
to unlock

12. A company has deployed Cisco IP/TV, a product that utilizes IP multicast to deliver
video and audio streams. The routers are configured for IP multicast. Taking into
account that the majority of the LAN switches are low-end switches, which protocol
should you enable on the LAN switches to reduce flooding?
A) GMRP
B) VTP
C) CGMP
D) STP
E) PIM
13. Which WAN technology is commonly used to provide redundancy in an Enterprise
Edge environment?
A) ISDN
B) Frame Relay
C) leased lines
D) Point-to-Point Protocol

14. Two workstations located in separated VLANs must exchange data directly. The
workstations are physically connected in different buildings. What type of
communication will they use?
A) Enterprise Edge application
B) client-server
C) peer-peer
D) workgroup-workgroup

15. Select three benefits of using a modular approach for a network solution (choose 9)
A) Facilitates changes
B) maintains integrity through the entire network
C) identifies interfaces between modules
D) encourages replication of design elements
E) confines complexity to a small subset

16. Which type of cable is the optimal solution for connecting a Building Access switch to
a Building Distribution switch when the distance is 120 m?
A) Power cable
B) UTP
C) multimode optical cable
D) single-mode optical cable

17. Select two typically planned applications for an organization. (Choose two.)
A) e-mail
B) groupware
C) video on demand
D) IP telephony
E) QoS

18. Which three network features are needed to achieve organizational goals?
A) Scalability
B) High availability
C) Self-adaptability
D) Performance
E) Adherence to business standards

19. The planning phase requirements have a direct influence on the _______ phase
decisions.
A) retirement
B) design
C) optimization
D) test
20. The________ phase is important for design verification.
A) design
B) planning
C) building
D) implementation

Corporation X is planning to introduce e-Learning for its employees. Videoconferencing

will be its next step in facilitating organizational meetings. The company is looking for an
alternative telephony service to reduce their operational costs.

21. Which three are considered to be technical goals? (Choose three.)

A) high security
B) ease of management
C) available budget
D) higher reliability
E) increased revenue
F) facilitated customer support

22. Which three tasks are part of the characterization process of an existing network?
A) collecting information using the existing documentation and direct
organizational input
B) using tools to analyze network traffic
C) using design tools to create a framework for the design
D) using tools for automated auditing of the network
E) identifying the organization's business objectives

23. Select four determinants of the design project scope. (Choose four.)
A) WAN upgrade
B) campus upgrade
C) network layer redundancy
D) data link layer redundancy
E) application layer redundancy
F) network redesign

24. Choose the two correct types of tools that should be used during the network design
process. (Choose two)
A) network modeling tools
B) network management tools
C) simulate and test tools
D) network implementation tools

25. A new bank network is being designed. Connections to bank subsidiaries are
required to be redundant to reduce the possibility of connection outages. The
importance of secure transactions was emphasized throughout the initial requirement
documents and verbal communications with the customer. Number the design issues
in the correct order according to their importance under these particular
circumstances.
 --------1. Physical topology design
--------2. addressing design
---------3. security design
---------4. modularizing the network

26. What three components does the design document usually include? (Choose three.)
A) design
B) existing cabling
C) design requirements
D) summary of L2 devices
E) implementation plan

27. A design that describes the introduction of IPSec encryption and authentication is
required for an existing network's classical WAN module. Which approach would
you use to verify the design?
A) pilot network
B) prototype network
C) live network
D) cable network

28. A corporate network is spread over three floors. There is one data link layer switch on each floor with
more than one VLAN. One connection from each floor goes to the basement, where all WAN
connections are terminated. Currently, servers are installed in each VLAN but the company will
soon move the servers to the basement. Traffic between VLANs is essential. What network design
should the company use?
A) Connect the multilayer switch on each floor to a data link layer switch in the
basement
B) Connect the data link layer switch on each floor to a multilayer switch in the
basement
C) Connect the data link layer switch on each floor to a data link layer switch in the
basement and the VLAN router
D) Connect the data link layer switch on each floor to a multilayer switch on the
same floor for inter-VLAN communication

29. In which case does a network security mechanism mitigate the risk associated with a
physical attack?
A) when a router containing clear text administrator passwords is stolen
B) when an attacker obtains physical access to the leased line, where only
encrypted traffic is routed
C) when an attacker obtains physical access to a firewall
D) when the network management station is stolen

30. Which three are components of a typical security policy? (Choose three.)
A) an "acceptable use" policy
B) a compilation of all local laws relating to computer intrusions
C) in-depth descriptions of individual network device configurations
D) incident handling guidelines
E) an access control policy
31. Which two cryptographic mechanisms provide transmission integrity for data?
(Choose two.)
A) Encryption
B) digital signatures
C) key exchange
D) authentication
E) secure fingerprints

32. How is the risk of administrator responsibility avoidance managed?

A) with management auditing and good organizational practices
B) with strong authentication of administrators only
C) with host intrusion detection on the management stations
D) with firewall, performing access control to the management network
E) with secure management protocols

33. Which three pieces of information must you identify before the network design can
commence? (Choose three.)
A) organizational and technical goals
B) technical constraints
C) existing and new network applications
D) expected revenue growth
E) ROI

34. Which three options are the components of a network architecture? (Choose three.)
A) product navigator
B) applications
C) intelligent network services
D) corporate messenger
E) training
F) enabling network solutions

35. Fill in the missing item. The network health analysis produces a report that
is_________
A) based on the organizational requirements
B) based on the existing network and expected functionality
C) used to sell more boxes
D) stored in a Microsoft Word document

36. Which two modules are connected to the Remote Access and VPN module?
(Choose two.)
A) Service Provider module
B) PSTN module
C) Server Farm module
D) WAN module
E) Internet Connectivity module
37. An organization requires its Campus Backbone network to have high resilience.
The servers that are directly attached to the Campus Backbone submodule produce
a large amount of multicast traffic. What switch design is appropriate for this network?
A) multiple data link layer switches with full-mesh topology
B) a data link layer switch with redundant connectivity to other network modules
C) multiple multilayer switches with full-mesh topology and servers in a separate
VLAN
D) a non-modular multilayer switch and servers attached to it in a separate VLAN

38. What is a method used to mitigate identity spoofing in the Remote Access and VPN
module?
A) host hardening
B) QoS mechanisms
C) encryption algorithms
D) strong authentication

39. Match the lettered content delivery functions with the appropriate numbered
descriptions.
A) Content caching
B) Content routing
C) Content switching

--1. Redirects an end-user request to the best server based on a set of metrics
--2. Performs intelligent load balancing of traffic across multiple servers or
cache devices
--3. Accelerates content delivery by transparently storing frequently accessed
content

40. Match each design methodology step in the lettered list with the correct procedure description
in the numbered list.
A) Extracting customer requirements
B) Characterizing the existing network
C) Designing topology and network solutions
D) Building a pilot network
E) Planning the implementation
F) Documenting the design
G) Implementing and verifying the design
H) Monitoring and optional redesigning
-----1. build a prototype network
-----2. build a network, verify design
-----3. verify the health of the network
-----4. develop design documents.
-----5. perform network audit and analysis
-----6. identify initial design requirements
-----7. plan implementation steps, assess costs
-----8. create design and documentation, plan implementation
41. Select the statement that best describes the role of decision tables in the design
process.
A) Decision tables introduce the concept of modularity into the design process.
B) Decision tables enable the designer to create a network design based only on
data gathered from the network analysis.
C) Decision tables provide an accurate summary of the design, facilitating the
decision on the basis of appropriateness.
D) Decision tables provide a means for decision making when multiple solutions
exist for a given network issue.

42. Which three functions does the Building Access module of the enterprise network
provides for an IP telephony network solution? (Choose three.)
A) Call routing
B) Connections to the PSTN and IP WAN
C) IP Phone connectivity
D) Packet classification
E) Power to the IP Phone
F) Call setup

43. A connection (trunk) from the Building Distribution to the Campus Backbone switch is
100 Mbps, and the average utilization is 80 percent or more. Employees on the network
use web-based, business-critical applications. How would you minimize packet loss or
delay on the multilayer Building Distribution to avoid impacting the business applications?
A) Implement more VLANs on the Building Access switch so that the business users are
assigned to a separate VLAN.
B) Rewrite the priority bits on the Building Distribution switch
C) Implement QoS with classification and policing on the Building Distribution switch
D) Classify the users on the Building Access switch with different priority bits

44. The departments of a corporation are spread across several buildings, while they use
common servers. Network policy and security are important. Where should the corporation
place the servers and how should they be attached to the network?
A) The company should create a Server Farm module with its own switches
connected to the Campus Backbone submodule.
B) Each building should have some servers connected to the Building Distribution
switches
C) The servers should directly connect to the data link layer switches in the Campus
Backbone submodule of the network
D) The servers need to be close to users, so they should be attached to the Building
Access switch.

45. A large corporation has a campus network composed of the Building Access,
Building Distribution, Campus Backbone, and Server Farm modules. It needs to
implement a WAN connection to remote locations and to support Internet access.
How should the company implement the WAN and Internet connections to the
campus network?
A) using Building Access switches
B) using Building Distribution switches
C) using Edge Distribution switches with security
D) using multilayer Campus Backbone switches
46. Which type of server is typically located in the Internet Connectivity module?
A) Internet
B) Public
C) Private
D) Corporate

47. What is considered to be an organizational constraint?

A) Budget
B) planned applications
C) technical goals
D) legacy equipment

48. Which three of these items should be present in an implementation plan?(choose 3)

A) implementation description and references to the design document
B) old and new configurations of the network devices
C) roll-back procedure
D) time, date, and duration (optional cost)
E) application profile

49. Select the best answer. What input is used to create the documentation of an
existing network?
A) existing documentation and the organizational input
B) auditing and analytical tools
C) organizational input, auditing, and analytical tools
D) monitoring commands on routers and switches

50. An organization placed servers to which all corporate users have access in a
separate VLAN. The users are divided into organizational VLANs. However, some of
the common workgroup devices are still located within these VLANs. What is the
expected traffic flow?
A) Most of the traffic will be local
B) Most of the traffic will have to be multilayer switched
C) All traffic will require multilayer switching
D) There is no need for multilayer switching

51. Which two attacks can generally be prevented using network filtering access control
lists in a router or firewall? (Choose two.)
A) network mapping attacks
B) sending viruses in e-mail messages
C) compromise of a host application, which should never be exposed to the attacker
D) downloading malicious Internet code inside HTTP sessions
E) flooding a link with seemingly legitimate traffic

52. Why is securing e-commerce servers generally more important than securing
generic public web servers?
A) E-commerce servers are much more difficult to secure properly
B) E-commerce servers generally process and store more sensitive data
C) E-commerce servers are always more susceptible to attacks because of their complexity
D) E-commerce servers have a much higher performance, and only a few security
techniques can be used.
53. When should encryption be deployed on WAN links?
A) when there is a threat of integrity violations on the service provider WAN
B) when there is a threat of confidentiality breaches on the service provider WAN
C) when there is a need to authenticate peers in the WAN
D) when there is a need to perform network filtering in the WAN

54. Some users in a department use an organizational application that generates an

increased number of broadcast frames, which results in up to l0-Mbps
bandwidth utilization. Which solution is the best campus design choice?
A) Provide l00-Mbps connections or higher to all users in a domain.
B) Limit the number of broadcast frames in a domain for all department users
C) Optimize the application
D) Put the application users into a separate broadcast domain.

55. Which three parameters can you identify using a traffic analyzer? (Choose three.)
A) protocol specification (IP protocol ID, TCP/User Datagram Protocol (UDP)
port number)
B) average bit rate and packet rate
C) QoS requirements
D) importance of the application
E) devices that use the application and their addresses

56. Which module of the Enterprise Composite Network Model is responsible for
authentication, authorization, and accounting (AAA) of users, and stores One Time
Passwords (OTP)?
A) Remote Access/VPN Module
B) WAN Module
C) Internet Connectivity module
D) Network Management module
E) Server Farm module

57. Why is LAN switching technology better than shared LAN technology?
A) Shared LANs do not consume all the available bandwidth.
B) Switched LANs allow more than one port to communicate simultaneously
C) Switched LANs forward a unicast frame to all ports simultaneously
D) Switched LANs offer no benefits compared to a hub.

58. Which topology is best suited for connectivity in the Building Distribution
submodule?
A) Full mesh
B) hub and spoke
C) partial mesh
D) combination of full mesh and partial mesh
59. The network design should define an effective Layer 2 and Layer 3 topology in the
Enterprise Campus. Which information should you collect during a network audit to
help you determine the Layer 2 and Layer 3 topology? (Choose three.)
A) routing tables to determine suboptimal packet paths
B) geographica1 locations of each site
C) link use to determine overloaded links
D) external connections to Internet service providers and partner networks
E) configuration of network devices

60. Which two attacks can you prevent using network filtering such as a firewall?
(Choose two.)
A) An attacker, who has a legitimate account on a UNIX server, uses locally
available tools to obtain administrator privileges.
B) An attacker attempts to connect a sensitive nonpublic server of an organization
to the Internet
C) An attacker steals a bank ATM machine to obtain its cryptographic keys.
D) An attacker maps a company's network using network management tools.

61. Which cryptographic mechanism provides transmission confidentiality for data?

A) Encryption
B) Digital signatures
C) Key exchange
D) Authentication
E) Secure fingerprints

62 Which two protection properties do secure management and auditing support?

(Choose two.)
A) protection against device compromise over management protocols
B) protection against device theft
C) secure technology that eliminates human error
D) data about events, which can be used to detect intrusions
E) fault tolerance

63. Which are the two main benefits the SAFE Blueprint offers to a network security
designer? (Choose two.) .
A) It provides recommended configurations for every security device in a network
B) It offers guidelines on how to manage risks in several common design scenarios
C) It applies to every network and can always be implemented in its entirety
D) It allows network security to be implemented without regard to host and
application security
E) It offers suggestions on how to implement defense-in-depth.
64. Q3) Which two sets of policies affect the achievement of organizational goals?
(Choose two.)
A) external polices
B) organization-specific polices
C) employment polices
D) government polices
E) networked architecture polices

65. To allow a company to react more rapidly and compete more efficiently, the IT
infrastructure should reflect the organizational
A) government Structure
B) Procedures
C) Department
D) Management hierarchy