Bank SRC NWC204 Module+Check
Bank SRC NWC204 Module+Check
2.9.4 Module Quiz – Basic Switch and End Device Configuration Answers
PlayvolumeAd
1. What are two services performed by the data link layer of the OSI model?
(Choose two.)
It encrypts data packets.
It determines the path to forward packets.
It accepts Layer 3 packets and encapsulates them into frames.
It provides media access control and performs error detection.
It monitors the Layer 2 communication by building a MAC address table.
Explanation: The data link layer is responsible for the exchange of frames between nodes over a
physical network media. Specifically the data link layer performs two basic services:
It accepts Layer 3 packets and encapsulates them into frames.
It provides media access control and performs error detection.
Path determination is a service provided at Layer 3. A Layer 2 switch builds a MAC address table as
part of its operation, but path determination is not the service that is provided by the data link layer.
2. What does a router do after de-encapsulating a received frame?
determines the best path
de-encapsulates the frame
re-encapsulates the packet into a new frame
forwards the new frame onto the network medium
Explanation: Routers are responsible for encapsulating a frame with a proper format for the
physical network media the routers connect. At each hop along the path, a router does the
following:
1. Accepts a frame from a medium
2. De-encapsulates the frame
3. Determines the best path to forward the packet
4. Re-encapsulates the packet into a new frame
5. Forwards the new frame appropriate to the medium of that segment of the physical network
3. What attribute of a NIC would place it at the data link layer of the OSI
model?
attached Ethernet cable
IP address
MAC address
RJ-45 port
TCP/IP protocol stack
Explanation: The data link layer describes media access and physical addressing. The encoding
of a MAC address on a NIC places it at that layer. Ports and cables are placed at the physical layer
of the OSI model. IP addresses are placed at the network layer. The TCP/IP protocol stack
describes a different model.
4. Although CSMA/CD is still a feature of Ethernet, why is it no longer
necessary?
the virtually unlimited availability of IPv6 addresses
the use of CSMA/CA
the use of full-duplex capable Layer 2 switches
the development of half-duplex switch operation
the use of Gigabit Ethernet speeds
Explanation: The use of Layer 2 switches operating in full-duplex mode eliminates collisions,
thereby eliminating the need for CSMA/CD.
5. What type of physical topology can be created by connecting all Ethernet
cables to a central device?
bus
ring
star
mesh
Explanation: Devices connected to the Ethernet star topology connect to either a hub or a
switch.
6. A technician has been asked to develop a physical topology for a network
that provides a high level of redundancy. Which physical topology requires
that every node is attached to every other node on the network?
bus
hierarchical
mesh
ring
star
Explanation: The mesh topology provides high availability because every node is connected to
all other nodes. Mesh topologies can be found in WANs. A partial mesh topology can also be used
where some, but not all, end points connect to one another.
7. Which statement describes the half-duplex mode of data transmission?
Data that is transmitted over the network can only flow in one direction.
Data that is transmitted over the network flows in one direction at a
time.
Data that is transmitted over the network flows in one direction to many different
destinations simultaneously.
Data that is transmitted over the network flows in both directions at the same time.
Explanation: The data that is transmitted over the network can flow using one of three modes:
Simplex – Data can only flow in one direction.
Half-duplex – Data flows in one direction at a time.
Full-duplex – Data flows in both directions at the same time.
1. Network congestion has resulted in the source learning of the loss of TCP
segments that were sent to the destination. What is one way that the TCP
protocol addresses this?
The source decreases the amount of data that it transmits before it
receives an acknowledgement from the destination.
The source decreases the window size to decrease the rate of transmission from the
destination.
The destination decreases the window size.
The destination sends fewer acknowledgement messages in order to conserve
bandwidth.
Explanation: If the source determines that the TCP segments are either not being acknowledged
or are not acknowledged in a timely manner, then it can reduce the number of bytes it sends before
receiving an acknowledgment. This does not involve changing the window in the segment header.
The source does not decrease the window that is sent in the segment header. The window in the
segment header is adjusted by the destination host when it is receiving data faster than it can
process it, not when network congestion is encountered.
2. Which two operations are provided by TCP but not by UDP? (Choose two.)
identifying the applications
acknowledging received data
tracking individual conversations
retransmitting any unacknowledged data
reconstructing data in the order received
Explanation: Numbering and tracking data segments, acknowledging received data, and
retransmitting any unacknowledged data are reliability operations to ensure that all of the data
arrives at the destination. UDP does not provide reliability. Both TCP and UDP identify the
applications and track individual conversations. UDP does not number data segments and
reconstructs data in the order that it is received.
3. What is the TCP mechanism used in congestion avoidance?
three-way handshake
socket pair
two-way handshake
sliding window
Explanation: TCP uses windows to attempt to manage the rate of transmission to the maximum
flow that the network and destination device can support while minimizing loss and retransmissions.
When overwhelmed with data, the destination can send a request to reduce the of the window. This
congestion avoidance is called sliding windows.
4. What is a responsibility of transport layer protocols?
providing network access
tracking individual conversations
determining the best path to forward a packet
translating private IP addresses to public IP addresses
Explanation: There are three main responsibilities for transport layer protocols TCP and UDP:
Tracking individual conversations
Segmenting data and reassembling segments
Identifying the applications
5. How does a networked server manage requests from multiple clients for
different services?
The server sends all requests through a default gateway.
Each request is assigned source and destination port numbers.
The server uses IP addresses to identify different services.
Each request is tracked through the physical address of the client.
Explanation: Each service provided by a server, such as email or file transfers, uses a specific
port number. The source port number of a service request identifies the client that is requesting
services. The destination port number identifies the specific service. Servers do not use address
information to provide services. Routers and switches use addressing information to move traffic
through the network.
6. Which two services or protocols use the preferred UDP protocol for fast
transmission and low overhead? (Choose two)
FTP
DNS
HTTP
POP3
VoIP
Explanation: Both DNS and VoIP use UDP to provide low overhead services within a network
implementation.
7. What is the purpose of using a source port number in a TCP
communication?
to notify the remote device that the conversation is over
to assemble the segments that arrived out of order
to keep track of multiple conversations between devices
to inquire for a nonreceived segment
Explanation: The source port number in a segment header is used to keep track of multiple
conversations between devices. It is also used to keep an open entry for the response from the
server. The incorrect options are more related to flow control and guaranteed delivery.
8. Which number or set of numbers represents a socket?
01-23-45-67-89-AB
21
192.168.1.1:80
10.1.1.15
Explanation: A socket is defined by the combination of an IP address and a port number, and
uniquely identifies a particular communication.
9. Which two flags in the TCP header are used in a TCP three-way handshake
to establish connectivity between two network devices? (Choose two.)
ACK
FIN
PSH
RST
SYN
URG
Explanation: TCP uses the SYN and ACK flags in order to establish connectivity between two
network devices.
10. What happens if part of an FTP message is not delivered to the
destination?
The message is lost because FTP does not use a reliable delivery method.
The FTP source host sends a query to the destination host.
The part of the FTP message that was lost is re-sent.
The entire FTP message is re-sent.
Explanation: Because FTP uses TCP as its transport layer protocol, sequence and
acknowledgment numbers will identify the missing segments, which will be re-sent to complete the
message.
11. What type of applications are best suited for using UDP?
applications that are sensitive to delay
applications that need reliable delivery
applications that require retransmission of lost segments
applications that are sensitive to packet loss
Explanation: UDP is not a connection-oriented protocol and does not provide retransmission,
sequencing, or flow control mechanisms. It provides basic transport layer functions with a much
lower overhead than TCP. Lower overhead makes UDP suitable for applications which are sensitive
to delay.
12. Which action is performed by a client when establishing communication
with a server via the use of UDP at the transport layer?
The client sets the window size for the session.
The client sends an ISN to the server to start the 3-way handshake.
The client randomly selects a source port number.
The client sends a synchronization segment to begin the session.
Explanation: Because a session does not have to be established for UDP, the client selects a
random source port to begin a connection. The random port number selected is inserted into the
source port field of the UDP header.
13. Which transport layer feature is used to guarantee session
establishment?
UDP ACK flag
TCP 3-way handshake
UDP sequence number
TCP port number
Explanation: TCP uses the 3-way handshake. UDP does not use this feature. The 3-way
handshake ensures there is connectivity between the source and destination devices before
transmission occurs.
14. What is the complete range of TCP and UDP well-known ports?
0 to 255
0 to 1023
256 – 1023
1024 – 49151
Explanation: There are three ranges of TCP and UDP ports. The well-know range of port
numbers is from 0 – 1023.
15. What is a socket?
the combination of the source and destination IP address and source and destination
Ethernet address
the combination of a source IP address and port number or a
destination IP address and port number
the combination of the source and destination sequence and acknowledgment numbers
the combination of the source and destination sequence numbers and port numbers
Explanation: A socket is a combination of the source IP address and source port or the
destination IP address and the destination port number.
1. Which two traffic types require delay sensitive delivery? (Choose two.)
email
web
FТР
voice
video
Explanation: Voice and video traffic have delay sensitive characteristics and must be given
priority over other traffic types such as web, email, and file transfer traffic.
2. A network technician suspects that a particular network connection
between two Cisco switches is having a duplex mismatch. Which command
would the technician use to see the Layer 1 and Layer 2 details of a switch
port?
show interfaces
show running-config
show ip interface brief
show mac-address-table
Explanation: The show interfaces command can be used on both routers and switches to
see speed, duplex, media type, MAC address, port type, and other Layer 1/Layer 2-related
information.
3. Which statement is true about CDP on a Cisco device?
The show cdp neighbor detail command will reveal the IP address of a neighbor only if
there is Layer 3 connectivity.
To disable CDP globally, the no cdp enable command in interface configuration mode
must be used.
CDP can be disabled globally or on a specific interface.
Because it runs at the data link layer, the CDP protocol can only be implemented in
switches.
Explanation: CDP is a Cisco-proprietary protocol that can be disabled globally by using the no
cdp run global configuration command, or disabled on a specific interface, by using the no cdp
enable interface configuration command. Because CDP operates at the data link layer, two or
more Cisco network devices, such as routers can learn about each other even if Layer 3
connectivity does not exist. The show cdp neighbors detail command reveals the IP address
of a neighboring device regardless of whether you can ping the neighbor.
4. What factor should be considered in the design of a small network when
devices are being chosen?
cost of devices
redundancy
traffic analysis
ISP
Explanation: Factors to consider when designing a network include the cost of devices, speed,
modularity and scalability, and ease of managing the network.
5. A user is unable to reach the website when typing http://www.cisco.com in
a web browser, but can reach the same site by typing http://72.163.4.161.
What is the issue?
default gateway
DHCP
DNS
TCP/IP protocol stack
Explanation: Domain Name Service (DNS) is used to translate a web address to an IP address.
The address of the DNS server is provided via DHCP to host computers.
6. Where are Cisco IOS debug output messages sent by default?
memory buffers
vty lines
Syslog server
console line
Explanation: Debug messages, like other IOS log messages, are sent to the console line by
default. Sending these messages to the terminal lines requires the terminal monitor command.
7. Which element of scaling a network involves identifying the physical and
logical topologies?
traffic analysis
network documentation
device inventory
cost analysis
Explanation: To scale a network, several elements are required:
Network documentation – physical and logical topology
Device Inventory – list of devices that use or make up the network
Budget – Itemized IT budget, including fiscal year equipment purchasing budget
Traffic analysis – protocols, applications, and services and their respective traffic
requirements should be documented
8. What mechanism can be implemented in a small network to help minimize
network latency for real-time streaming applications?
QoS
PoE
AAA
ICMP
Explanation: Quality of service (QoS) is a mechanism which is used to classify and prioritize
traffic through the network. This enables network devices to minimize the latency for real-time
applications such as voice and video.
9. Which process failed if a computer cannot access the internet and received
an IP address of 169.254.142.5?
IP
DNS
DHCP
HTTP
Explanation: When a Windows computer cannot communicate with an IPv4 DHCP server, the
computer automatically assigns itself an IP address in the169.254.0.0/16 range. Linux and Apple
computers do not automatically assign an IP address.
10. A small company has only one router as the exit point to its ISP. Which
solution could be adopted to maintain connectivity if the router itself, or its
connection to the ISP, fails?
Activate another router interface that is connected to the ISP, so the traffic can flow
through it.
Have a second router that is connected to another ISP.
Purchase a second least-cost link from another ISP to connect to this router.
Add more interfaces to the router that is connected to the internal network.
Explanation: Small networks generally have only one link to an ISP to establish a connection to
the Internet. Problems can occur in the network, which can cause the disruption of this service. In
order to keep connectivity, redundancy has to be provided. If the problem is in the router interface
that is connected to the ISP, another interface can be activated on the router, so if one interface
fails, traffic may be redirected toward the other interface. However, if the router itself fails, a second
router that is connected to another ISP can be used as a backup.
11. When should an administrator establish a network baseline?
when the traffic is at peak in the network
when there is a sudden drop in traffic
at the lowest point of traffic in the network
at regular intervals over a period of time
Explanation: An effective network baseline can be established by monitoring the traffic at regular
intervals. This allows the administrator to take note when any deviance from the established norm
occurs in the network.
12. Which network design consideration would be more important to a large
corporation than to a small business?
Internet router
firewall
low port density switch
redundancy
Explanation: Small businesses today do need Internet access and use an Internet router to
provide this need. A switch is required to connect the two host devices and any IP phones or
network devices such as a printer or a scanner. The switch may be integrated into the router. A
firewall is needed to protect the business computing assets. Redundancy is not normally found in
very small companies, but slightly larger small companies might use port density redundancy or
have redundant Internet providers/links.
13. A newly hired network technician is given the task of ordering new
hardware for a small business with a large growth forecast. Which primary
factor should the technician be concerned with when choosing the new
devices?
devices with a fixed number and type of interfaces
devices that have support for network monitoring
redundant devices
devices with support for modularity
Explanation: In a small business with a large growth forecast, the primary influencing factor
would be the ability of devices to support modularity. Devices with a fixed type/number of interfaces
would not support growth. Redundancy is an important factor, but typically found in large
enterprises. Network monitoring is also an important consideration, but not as important as
modularity.
14. What type of traffic would most likely have the highest priority through
the network?
FTP
instant messaging
voice
SNMP
Explanation: Not all traffic should receive the same treatment or priority through a network.
Some types of traffic, such as voice and video, require the highest priority because they are very
sensitive to network latency and delay. Other types of traffic, such as FTP, which is not sensitive to
latency and delay, should be given the lowest level of priority so that the higher priority traffic can
get through.
15. A network technician is investigating network connectivity from a PC to a
remote host with the address 10.1.1.5. Which command, when issued on a
Windows PC, will display the path to the remote host?
trace 10.1.1.5
traceroute 10.1.1.5
tracert 10.1.1.5
ping 10.1.1.5
Explanation: The tracert command is used to initiate a trace from the command prompt on a
Windows PC. The traceroute command is used to initiate a trace from a Cisco router or switch.
Some other PC operating systems, such as Linux and Mac OS also use the traceroute command.
The ping command does not display the network path to the remote host.
1. When designers follow accepted standards and protocols, which of the four
basic characteristics of network architecture is achieved?
fault tolerance
Scalability
QoS
Security
Explanation: Scalability happens when designers follow accepted standards and protocols.
2. Confidentiality, integrity, and availability are requirements of which of the
four basic characteristics of network architecture?
fault tolerance
Scalability
QoS
Security
Explanation: Confidentiality, integrity, and availability are requirements of security.
3. With which type of policy, a router can manage the flow of data and voice
traffic, giving priority to voice communications if the network experiences
congestion?
fault tolerance
Scalability
QoS
Security
Explanation: QoS means that a router will manage the flow of data and voice traffic, giving
priority to voice communications.
4. Having multiple paths to a destination is known as redundancy. This is an
example of which characteristic of network architecture?
fault tolerance
Scalability
QoS
Security
Explanation: Redundancy is an example a fault-tolerant network architecture.
1.7.10 Check Your Understanding – Network Trends
Playvolume00:00/01:03TruvidfullScreen
1. Which feature is a good conferencing tool to use with others who are
located elsewhere in your city, or even in another country?
BYOD
Video communications
Cloud computing
Explanation: Video communications is a good conferencing tool to use with others who are
located elsewhere in your city, or even in another country.
2. Which feature describes using personal tools to access information and
communicate across a business or campus network?
BYOD
Video communications
Cloud computing
Explanation: BYOD feature describes using personal tools to access information and
communicate across a business or campus network.
3. Which feature contains options such as Public, Private, Custom and
Hybrid?
BYOD
Video communications
Cloud computing
Explanation: Cloud computing contains options such as Public, Private, Custom and Hybrid.
4. Which feature is being used when connecting a device to the network
using an electrical outlet?
Smart home technology
Powerline
Wireless broadband
Explanation: Powerline is being used when connecting a device to the network using an
electrical outlet.
5. Which feature uses the same cellular technology as a smart phone?
Smart home technology
Powerline
Wireless broadband
Explanation: Wireless broadband uses the same cellular technology as a smart phone.
Console
Telnet/SSH
Aux
Explanation: Because a new switch would not have any initial configurations, it could only be
configured through the console port.
2. Which access method would be most appropriate if your manager gave you
a special cable and told you to use it to configure the switch?
Console
Telnet/SSH
Aux
Explanation: Connecting a computer to a Cisco device through the console port requires a
special console cable.
3. Which access method would be the most appropriate in-band access to the
IOS over a network connection?
Console
Telnet/SSH
Aux
Explanation: Both Telnet and SSH are in-band access methods that require an active network
connection to the device.
4. Which access method would be the most appropriate if you call your
manager to tell him you cannot access your router in another city over the
internet and he provides you with the information to access the router
through a telephone connection?
Console
Telnet/SSH
Aux
Explanation: The AUX port on a Cisco device provided out-of-band connections over a
telephone line.
1. Which IOS mode allows access to all commands and features?
Playvolume00:00/01:03TruvidfullScreen
hostname Sw-Floor-2
host name Sw-Floor-2
name Sw-Floor-2
Explanation: The global configuration command to set the host name on a Cisco device is
hostname. So, in this example the full command is Switch(config)# hostname Sw-Floor-2.
2. How is the privileged EXEC mode access secured on a switch?
enable class
secret class
enable secret class
service password-encryption
Explanation: Securing access to the EXEC mode on a Cisco switch is accomplished with the
enable secret command followed by the password. In this example the command is Switch(config)#
enable secret class.
3. Which command enables password authentication for user EXEC mode
access on a switch?
enable secret
login
secret
service password-encryption
Explanation: User EXEC mode access through the console port is enabled with the login
command entered in line mode. For example: Switch(config-line)# login.
4. Which command encrypts all plaintext passwords access on a switch?
enable secret
login
secret
service password-encryption
Explanation: The service password-encryption command entered in global configuration mode
will encrypt all plaintext passwords.
5. Which is the command to configure a banner to be displayed when
connecting to a switch?
banner $ Keep out $
banner motd $ Keep out $
display $ Keep out $
login banner $ Keep out $
Explanation: The command to set a banner stating “Keep out” that will be displayed when
connection to a Cisco switch is Switch(config)# banner motd $ Keep out $
1. What is the structure of an IPv4 address called?
Playvolume00:00/01:03TruvidfullScreen
dotted-binary format
dotted-decimal format
dotted-hexadecimal format
Explanation: IPv4 addresses are written in dotted-decimal format. For example: 192.168.1.1.
2. How is an IPv4 address represented?
four binary numbers between 0 and 1 separated by colons.
four decimal numbers between 0 and 255 separated by periods.
thirty-two hexadecimal numbers separated by colons.
thirty-two hexadecimal numbers separated by periods.
Explanation: IPv4 addresses are written as four groups of decimal numbers separated by
periods. For example: 192.168.1.1.
3. What type of interface has no physical port associated with it?
console
Ethernet
serial
switch virtual interface (SVI)
Explanation: Switch virtual interfaces (SVIs) are virtual and have no physical port. Layer 2
switches use SVIs for remote management.
1. What is the process of converting information into the proper form for
transmission?
Playvolume00:00/01:03TruvidfullScreen
Formatting
Encoding
Encapsulation
Explanation: One of the first steps to sending a message is encoding. During the encoding
process, information is converted from its original form into an acceptable form for transmission.
2. Which step of the communication process is concerned with properly
identifying the address of the sender and receiver?
Formatting
Encoding
Encapsulation
Explanation: Messages sent over a computer network must be in the correct format for them to
be delivered and processed. Part of the formatting process is properly identifying the source of the
message and its destination.
3. Which three are components of message timing? (Choose three.)
Flow control
Sequence numbers
Access method
Retransmit time
Response timeout
Explanation: Flow control is the managing of the rate of transmission. Response timeout is how
long to wait for responses. Access methods determine when someone can send a message. These
are the three components of message timing.
4. Which delivery method is used to transmit information to one or more end
devices, but not all devices on the network?
Unicast
Multicast
Broadcast
Explanation: Multicast messages are addressed for transmission to one or more end devices on
a network. Broadcast messages are addressed for transmission to all devices on the network.
Unicast messages are addressed for transmission to one device on the network.
1. BGP and OSPF are examples of which type of protocol?
Playvolume00:00/01:03TruvidfullScreen
network communication
network security
routing
service discovery
Explanation: BGP and OSPF are routing protocols. They enable routers to exchange route
information to reach remote networks.
2. Which two protocols are service discovery protocols? (Choose two.)
DNS
TCP
SSH
DHCP
Explanation: Service discovery protocols, such as DNS and DHCP enable automatic detection
of service. DHCP is used to discover services for automatic IP address allocation and DNS for
name-to-IP address resolution services.
3. What is the purpose of the sequencing function in network
communication?
to uniquely label transmitted segments of data for proper
reassembly by the receiver
to determine if data is corrupted during transmission
to ensure data flows at an efficient rate between sender and receiver
to guarantee delivery of data
Explanation: Sequencing uniquely identifies or labels each transmitted segment with a sequence
number that is used by the receiver to reassemble the segments in the proper order.
4. This protocol is responsible for guaranteeing the reliable delivery of
information.
TCP
IP
HTTP
Ethernet
Explanation: Transmission Control Protocol (TCP) manages the conversation between end
devices and guarantees the reliable delivery of information.
1. UDP and TCP belong to which layer of the TCP/IP protocol?
Playvolume00:00/01:03TruvidfullScreen
application
transport
internet
network access
Explanation: TCP and UDP are both transport layer protocols.
2. Which two protocols belong in the TCP/IP model application layer?
EIGRP
DNS
OSPF
ICMP
DHCP
Explanation: DHCP and DNS are both application layer protocols.
3. Which protocol operates at the network access layer of the TCP/IP model?
HTTP
IP
DNS
Ethernet
Explanation: Ethernet is a network access layer protocol.
4. Which of the following are protocols that provide feedback from the
destination host to the source host regarding errors in packet delivery?
(Choose two.)
IPv4
TCP
ICMPv4
IPv6
UDP
ICMPv6
Explanation: ICMPv4 and ICMPv6 provide feedback when errors occur.
5. A device receives a data link frame with data and processes and removes
the Ethernet information. What information would be the next to be
processed by the receiving device?
HTTP at the application layer
HTML at the application layer
IP at the internet layer
UDP at the internet layer
TCP at the transport layer
Explanation: Data is de-encapsulated so the next layer to receive the data would be the internet
layer.
6. Which services are provided by the internet layer of the TCP/IP protocol
suite? (Choose three.)
File Transfer
Address Resolution
Routing Protocols
Messaging
Ethernet
Internet Protocol
Explanation: IP (Internet Protocol), ICMP (Messaging), and Routing Protocols are services
provided at the Internet Layer.
1. True or false. Standards organizations are usually vendor-neutral.
Playvolume00:00/01:00TruvidfullScreen
True
False
Explanation: The correct answer is True. Most standards organizations are vendor-neutral, non-
profit organizations that develop and promote open standards.
2. This standards organization is concerned with the Request for Comments
(RFC) documents that specify new protocols and update existing ones.
Internet Society (ISOC)
Internet Engineering Task Force (IETF)
Internet Architecture Board (IAB)
Internet Research Task Force (IRTF)
Explanation: The IETF develops and maintains the specifications for new protocols and updates
to existing protocols through published documents called Request for Comments (RFCs).
3. This standards organization is responsible for IP address allocation and
domain name management.
Internet Society (ISOC)
Internet Engineering Task Force (IETF)
Internet Architecture Board (IAB)
Internet Assigned Numbers Authority (IANA)
Explanation: IANA is responsible for overseeing and managing IP address allocation, domain
name management, and protocol identifiers for ICANN.
4. What types of standards are developed by the Electronics Industries
Alliance (EIA)?
electric wiring and connectors
radio equipment and cell towers
video compression and broadband communications
Voice over IP (VoIP) and satellite communications
Explanation: The Electronics Industries Alliance (EIA) develops standards related to electrical
wiring, connectors, and network equipment racks.
1. What is the process of dividing a large data stream into smaller pieces
prior to transmission?
Playvolume00:00/01:03TruvidfullScreen
sequencing
duplexing
multiplexing
segmentation
Explanation: Segmentation is the process of dividing a large data stream into smaller pieces
which are then transmitted to the receiver.
2. What is the PDU associated with the transport layer?
segment
packet
bits
frame
Explanation: The transport layer PDU is known as a segment.
3. Which protocol stack layer encapsulates data into frames?
data link
transport
network
application
Explanation: The data link layer encapsulates data into a frame.
4. What is the name of the process of adding protocol information to data as
it moves down the protocol stack?
de-encapsulation
sequencing
segmentation
encapsulation
Explanation: As data moves down the protocol stack, protocol data is added to the original data.
This process is known as encapsulation.
1. True or false? Frames exchanged between devices in different IP networks
must be forwarded to a default gateway.
Playvolume00:00/01:03TruvidfullScreen
True
False
Explanation: The correct answer is True. When two devices are on different IP networks, frames
cannot be sent directly to the receiver since it is on a different logical network. The frames must first
be forwarded to a default gateway (router).
2. True or false? The right-most part of an IP address is used to identify the
network that a device belongs to.
True
False
Explanation: The correct answer is False. It is the left-most portion of an IP address that
identifies the network. The right-most portion is used to identify the specific device or interface.
3. What is used to determine the network portion of an IPv4 address?
subnet mask
MAC address
right-most part of the IP address
left-most part of the MAC address
Explanation: It is the subnet mask used in IPv4 that is used to determine the network portion of
an IPv4 address.
4. Which of the following statements are true regarding network layer and
data link layer addresses? (Choose three.)
Data link layer addresses are logical and network layer addresses are physical.
Network layer addresses are expressed as 12 hexadecimal digits and data link layer
addresses are decimal.
Network layer addresses are logical and data link addresses are
expressed as 12 hexadecimal digits.
Data link layer addresses are physical and network layer addresses
are logical.
Network layer addresses are either 32 or 128 bits in length.
Data link layer addresses are 32 bits in length.
Explanation: MAC addresses are physical addresses and 48 bits or 12 hex digits in length. IPv4
addresses and IPv6 addresses are logical. IPv4 addresses are 32 bits and IPv6 addresses are 128
bits.
5. What is the order of the two addresses in the data link frame?
source MAC, destination MAC
destination MAC, source IP
destination IP, source IP
destination MAC, source MAC
source IP, destination IP
Explanation: The data link frame addressing consists of a destination and source MAC address
in that order.
6. True or False? Data Link addresses are physical so they never change in
the data link frame from source to destination.
True
False
Explanation: The correct answer is False. Data link addresses change within the data link frame
when the receiving device is not on the same network.
1. True or false? The physical layer is only concerned with wired network
connections.
Playvolume00:00/01:03TruvidfullScreen
true
false
Explanation: The correct answer is False. The physical layer provides the means to transport
bits over the network whether the network is wired or wireless.
2. True or false? When a frame is encoded by the physical layer, all bits are
sent over the media at the same time.
true
false
Explanation: The correct answer is False. When encoded, the bits making up a frame are
transmitted over the media one at a time.
3. The physical layer of the receiving device passes bits up to which higher
level layer?
application
presentation
network
data link
Explanation: The physical layer receives frames from the data-link layer and converts it to bits
for transmission. On the sending device the physical layer passes the transmitted bits up to the data
link layer as a complete frame.
4. What PDU is received by the physical layer for encoding and transmission?
frame
segment
packet
Explanation: The physical layer receives frames from the data link layer for encoding and
transmission.
1. Which media uses patterns of microwaves to represent bits?
Playvolume00:00/01:03TruvidfullScreen
copper
wireless
fiber-optic
Explanation: In wireless networks data is represented by patterns of microwave transmissions.
2. Which media uses patterns of light to represent bits?
copper
wireless
fiber-optic
Explanation: Fiber-optic cables use patterns of light to represent bits.
3. Which media uses electrical pulses to represent bits?
copper
wireless
fiber-optic
Explanation: Electrical pulses are used to represent bits on networks using copper cable media.
4. Which of these is the name for the capacity of a medium to carry data?
bandwidth
throughput
goodput
Explanation: Bandwidth is the capacity of a network medium to carry data.
5. Which of these is a measure of the transfer of bits across the media?
bandwidth
throughput
goodput
Explanation: The transfer of bits across the network media over a period of time is known as
throughput.
36. What are two functions of NVRAM? (Choose two.)
to store the routing table
to retain contents when power is removed
to store the startup configuration file
to contain the running configuration file
to store the ARP table
UTP
STP
coaxial
Explanation: Coaxial cable, which is used for cable TV and internet service, is also used to
attach antennas to wireless devices.
2. Which of the following counters EMI and RFI by using shielding techniques
and special connectors?
UTP
STP
coaxial
Explanation: Shielded twisted pair cable (STP) incorporates shielding and special connectors to
prevent signal interference from other wires, EMI, and RFI.
3. Which of the following is the most common network media?
UTP
STP
coaxial
Explanation: Unshielded twisted pair cable (UTP) is the most common type of wired network
media.
4. Which of the following terminates with BNC, N type and F type connectors?
UTP
STP
coaxial
Explanation: Coaxial cable, which is used for cable TV and internet service and to attach
antennas to wireless devices, uses several types of connectors to include BNC, N type, and F type
connectors.
1. Which of the following attaches antennas to wireless devices? It can also
be bundled with fiber-optic cabling for two-way data transmission.
Playvolume00:00/01:03TruvidfullScreen
UTP
STP
coaxial
Explanation: Coaxial cable, which is used for cable TV and internet service, is also used to
attach antennas to wireless devices.
2. Which of the following counters EMI and RFI by using shielding techniques
and special connectors?
UTP
STP
coaxial
Explanation: Shielded twisted pair cable (STP) incorporates shielding and special connectors to
prevent signal interference from other wires, EMI, and RFI.
3. Which of the following is the most common network media?
UTP
STP
coaxial
Explanation: Unshielded twisted pair cable (UTP) is the most common type of wired network
media.
4. Which of the following terminates with BNC, N type and F type connectors?
UTP
STP
coaxial
Explanation: Coaxial cable, which is used for cable TV and internet service and to attach
antennas to wireless devices, uses several types of connectors to include BNC, N type, and F type
connectors.
1. True or false. Wireless is not well suited for enterprise networks.
Playvolume00:00/01:03TruvidfullScreen
true
false
Explanation: The correct answer is False. Wireless provides the greatest mobility of all media
and is gaining popularity in enterprise networks.
2. True or false. Wireless LANs operate in full-duplex allowing all devices to
send or receive data at the same time so the number of users does not
impact performance.
true
false
Explanation: The correct answer is False. WLANs operate in half-duplex, which means only one
device can send or receive at a time. This can impact network performance if there are many users
accessing the WLAN at the same time.
3. Which of the following wireless standards is best suited for industrial and
IoT environments?
Zigbee
WiMAX
Wi-Fi
Bluetooth
Explanation: Zigbee is intended for applications that require short-range, low data-rates, and
long battery life, making it well suited for industrial and IoT applications.
4. Which of the following wireless standards is used for Personal Area
Networks (PANs) and allows devices to communicate over distances of 1 to
100 meters?
Zigbee
WiMAX
Wi-Fi
Bluetooth
Explanation: This wireless standard is used for Personal Area Networks (PANs) and allows
devices to communicate over distances of 1 to 100 meters.
1. Which is the binary equivalent to the 192.168.11.10 IP address?
Playvolume00:00/01:03TruvidfullScreen
11000000.11000000.00001011.00001010
11000000.10101000.00001011.00001010
11000000.10101000.00001010.00001011
11000000.10101000.00001011.00010010
Explanation: 192.168.11.10 is equivalent to 11000000.10101000.00001011.00001010
2. Which of the following is the binary equivalent to the 172.16.31.30 IP
address?
11000000.00010000.00011111.00011110
10101000.00010000.00011111.00011110
10101100.00010000.00011110.00011110
10101100.00010000.00011111.00011110
Explanation: 172.16.31.30 is equivalent to 10101100.00010000.00011111.000111110
1. Which is the hexadecimal equivalent of 202?
Playvolume00:00/01:00TruvidfullScreen
B10
BA
C10
CA
Explanation: The hexadecimal equivalent of 202 is CA.
2. Which is the hexadecimal equivalent of 254?
EA
ED
FA
FE
Explanation: The hexadecimal equivalent of 254 is FE.
3. Which is the decimal equivalent of A9?
168
169
170
171
Explanation: The decimal equivalent of A9 is 169.
4. Which of the following is the decimal equivalent of 7D?
124
125
126
127
Explanation: The decimal equivalent of 7D is 125.
1. What is another name for the OSI data link layer?
Playvolume00:00/01:03TruvidfullScreen
Layer 1
Layer 2
Layer 3
Layer 6
Explanation: The data link layer is Layer 2 of the OSI model.
2. The IEEE 802 LAN/MAN data link layer consists of which two sublayers?
(Choose two.)
Network Control Protocol
Logical Link Control
Media Access Control
Link Control Protocol
Explanation: The data link layer consists of two sublayers. These are Logical Link Control (LLC)
and Media Access Control (MAC)
3. What is the responsibility of the MAC sublayer?
Adds Layer 3 addresses to the frame
Communicates with the network layer (Layer 3)
Provides the method to get the frame on and off the media
Transmits the bits on the media
Explanation: The MAC sublayer of the data link layer is responsible for getting frames on and off
the media.
4. What Layer 2 function does a router perform? (Choose three.)
Accepts a frame from a medium
De-encapsulates the frame
Refers to its Layer 3 routing table for a matching destination network
Re-encapsulates the packet into a new frame
Explanation: Routers perform four functions at Layer 2. They accept a frame from the media, de-
encapsulate the packet from a frame, re-encapsulate the packet into a new frame, and forwards the
new frame appropriate to the medium of that segment of the physical network.
5. The media access control method used depends on which two criteria?
Layer 3 IP protocol
Media sharing
Topology
Transport layer protocol
Type of data
Explanation: The two criteria for determining the media access control method used are the type
of media sharing involved and the topology.
6. Which organization defines standards for the network access layer (i.e.,
the OSI physical and data link layers)?
Cisco
IANA
IEEE
IETF
Explanation: The IEEE defines standards for the TCP/IP network access layer, which are the
OSI physical and data link layers.
1. Which topology displays networking device layer IP addresses?
Playvolume00:00/01:03TruvidfullScreen
aerial topology
IP address topology
logical topology
physical topology
Explanation: The logical topology shows the IP addresses assigned to device interfaces.
2. What kind of network would use point-to-point, hub and spoke, or mesh
topologies?
PAN
LAN
WLAN
WAN
Explanation: Wide Area Networks (WANs) come in many topologies, to include point-to-point,
hub-and-spoke, and mesh.
3. Which LAN topology is a hybrid topology?
bus
extended star
ring
star
Explanation: The extended star topology is considered a hybrid topology because it combines
multiple star topologies.
4. Which duplex communication method is used in WLANs?
full-duplex
half-duplex
simplex
Explanation: Wireless LANs (WLANs) only support half-duplex because only one device can
access the media at a time.
5. Which media access control method is used in legacy Ethernet LANs?
carrier sense multiple access/collision annoyance
carrier sense multiple access/collision avoidance
carrier sense multiple access/collision destruction
carrier sense multiple access/collision detection
Explanation: Carrier sense multiple access /collision detection (CSMA/CD) is the media access
control method used in legacy Ethernet LANs.
1. What does the data link layer add to a Layer 3 packet to create a frame?
(Choose two.)
Playvolume00:00/01:03TruvidfullScreen
flags
sequence number
header
trailer
Explanation: The data link layer adds a header which contains the source and destination Layer
2 address and a trailer that contains a frame check sequence (FCS).
2. What is the function of the last field in a data link layer frame?
To determine whether the frame experienced transmission errors
To identify special flow control services such as quality of service (QoS)
To identify the beginning and end limits of the frame
To identify the Layer 3 protocol in the data field
Explanation: The last field in the data link frame is the frame check sequence (FCS) which is
used to determine if the frame has experienced transmission errors.
3. Which lists the Layer 2 and Layer 3 address fields in the correct order?
destination NIC address, source NIC address, source IP address,
destination IP address
source NIC address, destination NIC address, source IP address, destination IP address
destination NIC address, source NIC address, destination IP address, source IP address
source NIC address, destination NIC address, destination IP address, source IP address
Explanation: The correct order of Layer 2 and Layer 3 address fields is: destination NIC
address, source NIC address, source IP address, destination IP address
4. Which of the following are data link layer protocols? (Choose three)
802.11
Ethernet
IP
PPP
UDP
Explanation: 802.11, Ethernet, and PPP are Layer 2 protocols. IP is Layer 3 and UDP is Layer
4.
1. Which part of an Ethernet Frame uses a pad to increase the frame field to
at least 64 bytes?
Playvolume00:00/01:03TruvidfullScreen
EtherType
Preamble
Start of Frame Delimiter
Data field
Explanation: All frames must be at least 64 bytes long. Additional bits called a “pad” are used to
increase the size of small frames to the minimum size.
2. Which part of an Ethernet frame detects errors in the frame?
Preamble
Start of Frame Delimiter
Frame Check Sequence
Explanation: The FCS field uses a CRC to detect errors in a frame.
3. Which part of an Ethernet Frame describes the higher-layer protocol that is
encapsulated?
EtherType
Preamble
Start of Frame Delimiter
Frame Check Sequence
Explanation: The EtherType field identifies the upper layer protocol that is encapsulated in the
Ethernet Frame.
4. Which part of an Ethernet Frame notifies the receiver to get ready for a
new frame?
Start of Frame Delimiter
Frame Check Sequence
Preamble
Data field
Explanation: The first few bytes of the preamble inform the receiver of a new frame.
5. Which data link sublayer controls the network interface through software
drivers?
MAC
LLC
Explanation: The LLC sublayer is responsible for controlling the network interface card through
software drivers
6. Which data link sublayer works with the upper layers to add application
information for delivery of data to higher level protocols?
MAC
LLC
Explanation: The LLC works with upper layers to support higher level protocols.
7. What is a function of the MAC sublayer? (Choose three.)
controls access to the media
checks for errors in received bits
uses CSMA/CD or CSMA/CA to support Ethernet technology
communicates between software at the upper layers and the device hardware at the
lower layers
allows multiple Layer 3 protocols to use the same network interface and media
Explanation: The MAC sublayer checks for bit errors, supports Ethernet technologies, and
controls access to the media.
1. What are two methods for switching data between ports on a switch?
(Choose two.)
Playvolume00:00/01:03TruvidfullScreen
cut-off switching
cut-through switching
store-and-forward switching
store-and-supply switching
store-and-restore switching
Explanation: The two methods for switching data between ports on a switch are cut-through
switching and store-and-forward switching.
2. Which switching method can be implemented using fast-forward switching
or fragment-free switching?
cut-off switching
cut-through switching
store-and-forward switching
store-and-restore switching
Explanation: Cut-through switching is implemented using either fast-forward switching or
fragment-free switching.
3. Which two types of memory buffering techniques are used by switches?
(Choose two.)
long-term memory buffering
port-based memory buffering
shared memory buffering
short-term memory buffering
Explanation: Switches use two memory buffering techniques: Port-based memory buffering and
shared memory buffering.
4. What feature automatically negotiates the best speed and duplex setting
between interconnecting devices?
auto-MDIX
autobots
autonegotiation
autotune
Explanation: Autonegotiation is a technology that automatically negotiates the speed and duplex
between two connected devices.
1. Which OSI layer sends segments to be encapsulated in an IPv4 or IPv6
packet?
Playvolume00:00/01:03TruvidfullScreen
destination IP address
protocol
Time to Live
source IP address
Differentiated Services (DS)
Explanation: The IP header fields that identify where the packet originated and where it is going
are Source IP Address and Destination IP Address.
2. Which statement is correct about IPv4 packet header fields?
The source and destination IPv4 addresses remain the same while
travelling from source to destination.
The Time to Live field is used to determine the priority of each packet.
The Total Length and Header Checksum fields are used to reorder a fragmented packet.
The Version field identifies the next level protocol.
Explanation: The source and destination IP addresses in the IP packet do not change in route
from source to destination.
3. Which field is used to detect corruption in the IPv4 header?
Header Checksum
Time to Live
Protocol
Differentiated Services (DS)
Explanation: The Header Checksum field in an IPv4 header is used to detect corrupt packets.
4. Which field includes common values such as ICMP (1), TCP (6), and UDP
(17)?
Header Checksum
Time to Live
Protocol
Differentiated Services (DS)
Explanation: The protocol field identifies the upper layer protocol that is carried inside the IP
packet. Common protocols are TCP, UDP, and ICMP.
1. Which three options are major issues associated with IPv4? (Choose three.)
Playvolume00:00/01:03TruvidfullScreen
IP address depletion
increased network complexity and Internet routing table expansion
always on connections
lack of end-to-end connectivity
global and political boundaries
too many IPv4 addresses available
Explanation: IPv4 was standardized in the 1980s and has several technological limitations, such
as lack of end-to-end connectivity and a depleted address space.
2. Which two options are improvements provided by IPv6 as compared to
IPv4? (Choose two.)
header supports additional fields for complex packets
increased the IP address space
standardizes the use of NAT
supports class-based networks
uses a simpler header to provide improved packet handling
Explanation: There are several technical improvements made to IPv6, two of which are a vastly
larger IP address pool and a simplified protocol header.
3. Which is true of the IPv6 header?
it consists of 20 octets.
it consists of 40 octets.
it contains 8 header fields.
it contains 12 header fields.
Explanation: The IPv6 header is a fixed length of 40 octets and contains 8 header fields.
4. Which is true of the IPv6 packet header?
The Hop Limit field replaces the IPv4 Time to Live field.
The Source and Destination IPv6 addresses change while travelling from source to
destination.
The Time to Live field replaces the DiffServ field.
The Version field identifies the next header.
Explanation: Several fields in the IPv6 header replaced fields in the IPv4 header. For example,
the Hop Limit field replaced the IPv4 header Time to Live field.
1. Which statement about host forwarding decisions is true?
Playvolume00:00/01:00TruvidfullScreen
Neighbor Advertisement
Neighbor Solicitation
Router Advertisement
Router Solicitation
Explanation: The two ICMPv6 messages used in SLAAC are the router solicitation and the
router advertisement.
2. Which two ICMPv6 messages are used in to determine the MAC address of
a known IPv6 address?
Neighbor Advertisement
Neighbor Solicitation
Router Advertisement
Router Solicitation
Explanation: The two ICMPv6 messages used in determining the MAC address of a known IPv6
address are the neighbor solicitation and the neighbor advertisement.
3. To what type of address are ICMPv6 neighbor solicitation messages sent?
unicast
multicast
broadcast
Explanation: ICMPv6 neighbor solicitation messages are sent as a multicast.
1. Host-A has the IPv4 address and subnet mask 10.5.4.100 255.255.255.0.
What is the network address of Host-A?
Playvolume00:00/01:03TruvidfullScreen
10.0.0.0
10.5.0.0
10.5.4.0
10.5.4.100
Explanation: The network address for 10.5.4.100 with a subnet mask of 255.255.255.0 is
10.5.4.0.
2. Host-A has the IPv4 address and subnet mask 172.16.4.100 255.255.0.0.
What is the network address of Host-A?
172.0.0.0
172.16.0.0
172.16.4.0
172.16.4.100
Explanation: The network address for 172.16.4.100 with a subnet mask of 255.255.0.0 is
172.16.0.0.
3. Host-A has the IPv4 address and subnet mask 10.5.4.100 255.255.255.0.
Which of the following IPv4 addresses would be on the same network as
Host-A? (Choose all that apply)
10.5.4.1
10.5.0.1
10.5.4.99
10.0.0.98
10.5.100.4
Explanation: Host A is on network 10.5.4.0. Therefore, devices with the IPv4 addresses 10.5.4.1
and 10.5.4.99 are on the same network.
4. Host-A has the IPv4 address and subnet mask 172.16.4.100 255.255.0.0.
Which of the following IPv4 addresses would be on the same network as
Host-A? (Choose all that apply)
172.16.4.99
172.16.0.1
172.17.4.99
172.17.4.1
172.18.4.1
Explanation: Host A is on network 172.16.0.0. Therefore, devices with the IPv4 addresses
172.16.4.99 and 172.16.0.1 are on the same network.
5. Host-A has the IPv4 address and subnet mask 192.168.1.50 255.255.255.0.
Which of the following IPv4 addresses would be on the same network as
Host-A? (Choose all that apply)
192.168.0.1
192.168.0.100
192.168.1.1
192.168.1.100
192.168.2.1
Explanation: Host A is on network 192.168.1.0. Therefore, devices with the IPv4 addresses
192.168.1.1 and 192.168.1.100 are on the same network.
1. Which two statements are correct about private IPv4 addresses? (Choose
two.)
Playvolume00:00/01:03TruvidfullScreen
Ethernet switch
router
Windows PC
None of the above. All devices forward IPv4 broadcast packets by default.
Explanation: Routers will not forward an IPv4 broadcast packet by default.
2. Which two situations are the result of excessive broadcast traffic? (Choose
two)
slow network operations
slow device operations
when devices on all adjacent networks are affected
when the router has to forward an excessive number of packets
Explanation: Slow network operations and slow device operations are the result of excessive
broadcast traffic.
1. What is the most important motivating factor for moving to IPv6?
Playvolume00:00/01:03TruvidfullScreen
better performance with IPv6
IPv6 addresses that are easier to work with
better security with IPv6
depletion of IPv4 addresses
Explanation: The main driver or most important factor for IPv6 is the depletion of the IPv4
address space.
2. True or False: 4 out of 5 RIRs no longer have enough IPv4 addresses to
allocate to customers on a regular basis.
True
False
Explanation: The correct answer is True. Four of the five RIRs, ARIN, APNIC, LACNIC, and
RIPENCC have exhausted their IPv4 address pools. Only AfriNIC has remaining IPv4 address
space to allocate to customers.
3. Which of the following techniques use native IPv6 connectivity?
dual stack
tunneling
translation
all of the above
Explanation: Only dual stack uses native IPv6 connectivity.
1. What is the recommended prefix length for most IPv6 subnets?
Playvolume00:00/01:03TruvidfullScreen
/32
/48
/64
/128
Explanation: Most IPv6 subnets will have a prefix length of /64.
2. Which part of a GUA is assigned by the ISP?
Global Routing Prefix
Global Routing Prefix and Subnet ID
Prefix
RIR Prefix
Explanation: The global routing prefix is the part of a GUA that is assigned by an ISP.
3. Which type of IPv6 unicast address is not routable between networks?
unique local address
GUA
embedded IPv4 address
LLA
Explanation: Link-local IPv6 addresses are for link only communication and are not routable.
4. True or False: The Subnet ID field in an GUA must borrow bits from the
interface ID.
True
False
Explanation: The correct answer is False. GUAs do not use a bit from the interface ID to create
subnets.
5. What type of IPv6 address begins with fe80?
GUA
LLA
multicast address
None. An IPv6 address must begin with 2001
Explanation: Link-local IPv6 addresses start with the prefix fe80.
1. True or False. RA messages are sent to all IPv6 routers by hosts requesting
addressing information.
Playvolume00:00/01:03TruvidfullScreen
True
False
Explanation: The correct answer is False. Router Advertisement (RA) messages are sent to all
IPv6 nodes. If Method 1 (SLAAC only) is used, the RA includes network prefix, prefix-length, and
default-gateway information.
2. Which dynamic addressing method for GUAs is the one where devices rely
solely on the contents of the RA message for their addressing information?
Method 1: SLAAC
Method 2: SLAAC and Stateless DHCPv6
Method 3: Stateful DHCPv6
Explanation: SLAAC is a method where devices create their own GUA without the services of
DHCPv6. Using SLAAC, devices rely on the local router ICMPv6 RA messages to obtain the
necessary information.
3. Which dynamic addressing method for GUAs is the one where devices rely
solely on a DHCPv6 server for their addressing information?
Method 1: SLAAC
Method 2: SLAAC and Stateless DHCPv6
Method 3: Stateful DHCPv6
Explanation: Stateful DHCPv6 is a method where devices automatically receive their addressing
information including a GUA, prefix length, and the addresses of DNS servers from a stateful
DHCPv6 server.
4. Which dynamic addressing method for GUAs is the one where devices get
their IPv6 configuration in a RA message and request DNS information from a
DHCPv6 server?
Method 1: SLAAC
Method 2: SLAAC and Stateless DHCPv6
Method 3: Stateful DHCPv6
Explanation: SLAAC and stateless DHCPv6 is a method where devices use SLAAC for the GUA
and default gateway address. The devices then use a stateless DHCPv6 server for DNS servers
and other addressing information.
5. What are the two methods a device can use to generate its own IPv6
interface ID?
SLAAC
stateless DHCPv6
stateful DHCPv6
EUI-64
randomly generated
Explanation: When the RA message is either SLAAC or SLAAC with stateless DHCPv6, the
client must generate its own interface ID using the EUI-64 process or a randomly generated 64-bit
number.
1. True or False? IPv6 was designed with subnetting in mind.
Playvolume00:00/01:03TruvidfullScreen
True
False
Explanation: The correct answer is True. IPv6 has a separate subnet ID field in the network
prefix portion of the address that can be used to create subnets.
2. Which field in an IPv6 GUA is used for subnetting?
Prefix
Network
Global Routing Prefix
Subnet ID
Interface ID
Explanation: The Subnet ID field, which is between the Global Routing Prefix field and the
Interface ID field, is used for subnetting.
3. Given a /48 Global Routing Prefix and a /64 prefix, what is the subnet
portion of the following address: 2001:db8:cafe:1111:2222:3333:4444:5555
café
1111
2222
3333
4444
Explanation: The subnet portion of the address is the 16 bits between the /48 and /64 prefixes,
which are 2222.
4. Given a /32 Global Routing Prefix and a /64 prefix, how many bits would be
allocated for the Subnet ID?
8
16
32
48
64
Explanation: The subnet portion of the address consists of the 32 bits between the /32 and /64
prefixes.
26. Which two types of IPv6 messages are used in place of ARP for address
resolution?
anycast
broadcast
echo reply
echo request
neighbor solicitation
neighbor advertisement
A network administrator is testing network connectivity by issuing the ping
command on a router. Which symbol will be displayed to indicate that a time
expired during the wait for an ICMP echo reply message?
U
.
!
$
13. What is the aim of an ARP spoofing attack?
to associate IP addresses to the wrong MAC address
to overwhelm network hosts with ARP requests
to flood the network with ARP reply broadcasts
to fill switch MAC address tables with bogus addresses
1. Which two types of ICMP messages are common to both ICMPv4 and
ICMPv6? (Choose two.)
Playvolume00:00/01:03TruvidfullScreen
application layer
data link layer
network layer
physical layer
transport layer
Explanation: The transport layer is responsible for establishing a temporary communication
session between the source and destination host applications.
2. Which three are transport layer responsibilities? (Choose three.)
conversation multiplexing
identifying frames
identifying routing information
segmenting data and reassembling segments
tracking individual conversations
Explanation: The transport layer is responsible for conversation multiplexing, segmenting data
and reassembling segments, and tracking individual conversations.
3. Which transport layer protocol statement is true?
TCP has fewer fields than UDP.
TCP is faster than UDP.
UDP is a best-effort delivery protocol.
UDP provides reliability.
Explanation: UDP is a best-effort delivery protocol while TCP is a reliable transport protocol.
4. Which transport layer protocol would be used for VoIP applications?
Session Information Protocol (SIP)
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
VoIP Transfer Protocol
Explanation: UDP would be used by time sensitive VoIP applications.
1. Which transport layer protocol ensures reliable same-order delivery?
Playvolume00:00/01:03TruvidfullScreen
ICMP
IP
TCP
UDP
Explanation: The TCP transport layer protocol ensures reliable same-order delivery.
2. Which TCP header statement is true?
It consists of 4 fields in an 8-byte header.
It consists of 8 fields in a 10-byte header.
It consists of 10 fields in a 20-byte header.
It consists of 20 fields in a 40-byte header.
Explanation: The TCP header consists of 10 fields in a 20-byte header.
3. Which two applications would use the TCP transport layer protocol?
(Choose two.)
FTP
HTTP
ICMP
TFTP
VoIP
Explanation: FTP and HTTP require the use of the TCP transport layer protocol.
1. Which of the following is a stateless best-effort delivery transport layer
protocol?
Playvolume00:00/01:03TruvidfullScreen
ICMP
IP
TCP
UDP
Explanation: UDP is a stateless best-effort delivery transport layer protocol.
2. Which UDP header statement is true?
It consists of 4 fields in an 8-byte header.
It consists of 8 fields in a 10-byte header.
It consists of 10 fields in a 20-byte header.
It consists of 20 fields in a 40-byte header.
Explanation: The UDP header consists of four fields in an 8-byte header.
3. Which two applications would use the UDP transport layer protocol?
(Choose two.)
FTP
HTTP
ICMP
TFTP
VoIP
Explanation: TFTP and VoIP require the use of the UDP transport layer protocol.
4. Which two fields are the same in a TCP and UDP header? (Choose two.)
Control bits
Destination port number
Sequence number
Source port number
Well-known port number
Explanation: Both TCP and UDP headers include a source and destination port number fields.
1. Assume a host with IP address 10.1.1.10 wants to request web services
from a server at 10.1.1.254. Which of the following would display the correct
socket pair?
Playvolume00:00/01:03TruvidfullScreen
1099:10.1.1.10, 80:10.1.1.254
10.1.1.10:80, 10.1.1.254:1099
10.1.1.10:1099, 10.1.1.254:80
80:10.1.1.10, 1099:10.1.1.254
Explanation: The socket pair for a host with IP address 10.1.1.10 requesting web services from
a server at 10.1.1.254 would be 10.1.1.10:1099, 10.1.1.254:80.
2. Which port group includes port numbers for FTP, HTTP, and TFTP
applications?
dynamic ports
private ports
registered ports
well-known ports
Explanation: FTP, HTTP, and TFTP applications port numbers are defined in the well-known
port numbers group.
3. Which Windows command would display the protocols in use, the local
address and port numbers, the foreign address and port numbers, and the
connection state?
ipconfig /all
ping
netstat
traceroute
Explanation: The netstat Windows command would display protocols in use, the local address
and port numbers, the foreign address and port numbers, and the connection state.
1. Which of the following would be valid source and destination ports for a
host connecting to an email server?
Playvolume00:00/01:03TruvidfullScreen
Control Bits
Destination Port
Sequence Number
Source Port
Window Size
Explanation: The sequence number field is used by the destination host to reassemble
segments into the original order.
2. What field is used to provide flow control?
Control Bits
Destination Port
Sequence Number
Source Port
Window Size
Explanation: The Window Size field is used to provide flow control.
3. What happens when a sending host senses there is congestion?
The receiving host increases the number of bytes it sends before receiving an
acknowledgment from the sending host.
The receiving host reduces the number of bytes it sends before receiving an
acknowledgment from the sending host.
The sending host increases the number of bytes it sends before receiving an
acknowledgment from the destination host.
The sending host reduces the number of bytes it sends before
receiving an acknowledgment from the destination host.
Explanation: When a sending host senses congestion, it reduces the number of bytes it sends
before receiving an acknowledgment from the destination host.
1. Why is UDP desirable for protocols that make a simple request and reply
transactions?
Playvolume00:00/01:03TruvidfullScreen
Flow Control
Low overhead
Reliability
Same-order delivery
Explanation: UDP is desirable for protocols that make simple request and reply transactions
because of its low overhead.
2. Which UDP datagram reassembly statement is true?
UDP does not reassemble the data.
UDP reassembles the data in the order that it was received.
UDP reassembles the data using control bits.
UDP reassembles the data using sequence numbers.
Explanation: UDP reassembles the data in the order that it was received.
3. Which of the following would be valid source and destination ports for a
host connecting to a DNS server?
Source: 53, Destination: 49152
Source: 1812, Destination: 49152
Source: 49152, Destination: 53
Source: 49152, Destination: 1812
Explanation: The correct valid source and destination ports for a host requesting DNS service is
Source: 49152, Destination: 53.
1. This layer of the OSI model is concerned with the protocols that exchange
data between programs running on hosts.
Playvolume00:00/01:00TruvidfullScreen
application
transport
network
physical
Explanation: The application layer of the OSI model is the layer that is closest to the end user. It
provides an interface between application protocols exchanging data between hosts.
2. MKV, GIF, and JPG standards are associated with which OSI layer?
application
presentation
session
transport
Explanation: The presentation layer is concerned with formatting and presenting data in a format
that is compatible with the destination device. Examples of presentation layer standards are MKV,
GIF, JPG, MOV, and PNG.
3. These three OSI layers define the same functions as the TCP/IP model
application layer.
application
presentation
session
transport
network
data link
Explanation: The upper three OSI layers; application, presentation, and session, define the
application layer functions of the TCP/IP model.
4. Which two are protocols that belong in the OSI application layer?
PNG
DNS
SMTP
QuickTime
Explanation: The application layer of the OSI model provides an interface between applications
protocols exchanging data between hosts. Protocols at the application layer include DNS, HTTP,
SMTP, FTP, and IMAP.
5. This is a function of the OSI session layer.
compress and decompress data
provide an interface between applications
format data for the application layer
exchange of information to initiate dialog between peers
Explanation: The session layer of the OSI model creates and maintains the dialogs, or sessions,
between two communicating hosts.
1. True or false? The peer-to-peer networking model requires the
implementation of a dedicated server for data access.
Playvolume00:00/01:00TruvidfullScreen
True
False
Explanation: The correct answer is False. In the peer-to-peer model, clients can share resources
without using a dedicated server.
2. True or false? In a peer-to-peer network environment every peer can
function as both a client and a server.
True
False
Explanation: The correct answer is True. A peer-to-peer network does not require a dedicated
server because each peer can function as both a client and as a server.
3. Which peer-to-peer application allows users to share pieces of many files
with each other at the same time?
Hybrid
Gnutella
BitTorrent
Explanation: BitTorrent clients use a torrent file to locate other clients that are sharing pieces of
needed files. In this way, many files can be shared between clients at the same time.
4. Which of the following is a feature of the Gnutella protocol?
Users can share whole files with other users.
Users can share pieces of files with other users.
Users can access an index server to get the location of resources shared by other users.
Explanation: Gnutella is a peer-to-peer protocol that allows users to share whole files with other
users.
1. This message type is used when uploading data files to a web server.
Playvolume00:00/01:03TruvidfullScreen
GET
POST
PUT
Explanation: HTTP uses the POST message to upload data files to a web server. The GET
message is used by clients to request data and the PUT message is used to upload content such as
images.
2. This protocol is used by a web browser to establish a connection to a web
server.
HTTP
SSL
IMAP
SMTP
Explanation: Web browsers connect to web servers over HTTP. IMAP and SMTP are email
protocols. SSL is an encryption protocol used with HTTPS.
3. This protocol is used by a client to send email to a mail server.
POP
SMTP
IMAP
HTTP
Explanation: Email clients connect to SMTP servers over port 25 to send email. POP and IMAP
are used by clients to receive email. HTTP is used between web browsers and web servers.
4. Which is a feature of IMAP?
It uploads email messages to a server.
It listens passively on port 110 for client requests.
It downloads a copy of email messages leaving the original on the
server.
Explanation: IMAP is a protocol for clients to retrieve copies of email messages from an IMAP
server. The original messages remain on the server until manually deleted.
5. True or false? HTTP is a secure protocol.
True
False
Explanation: The correct answer is False. HTTP sends information in plaintext and is not
considered secure. If security is desired, HTTP Secure (HTTPS) should be used.
1. Which of the following DNS record types is used to resolve IPv6 addresses?
Playvolume00:00/01:03TruvidfullScreen
A
NS
AAAA
MX
Explanation: DNS AAAA records are used to resolve names to IPv6 addresses.
2. True or false? A DNS server that receives a request for a name resolution
that is not within its DNS zone will send a failure message to the requesting
client.
True
False
Explanation: The correct answer is False. When a DNS server receives a name resolution
request for a name not within its zone, the serve will forward the request to another DNS server.
3. Which of the following is displayed by the nslookup utility?
the configured default DNS server
the IP address of the end device
all cached DNS entries
Explanation: By issuing the nslookup command, the default DNS server that is configured is
displayed.
4. Which of the following DNS resource record types resolves authoritative
name servers?
NS
A
MX
AAAA
Explanation: NS records resolve authoritative name servers. DNS A records resolve IPv4
addresses. AAAA records resolve IPv6 addresses, and MX records resolve mail exchange servers.
1. How many connections are required by FTP between client and server?
Playvolume00:00/01:03TruvidfullScreen
1
2
3
4
Explanation: FTP requires two connections between the client and the server. One connection is
over port 21 for client commands and server replies. The other connection is over port 20 for data
transfer.
2. True or false? FTP data transfers take place from client to server (push)
and from server to client (pull).
True
False
Explanation: The correct answer is True. Data transfer over FTP can take place in either
direction, uploads from client to server, or downloads from server to client.
3. Which of these ports are used by FTP? (Choose two.)
20
21
25
110
Explanation: Ports 20 and 21 are used by FTP.
4. True or false? Resource sharing over SMB is only supported on Microsoft
operating systems.
True
False
Explanation: The correct answer is False. Resource sharing over SMB is also supported by
Apple Macintosh. Linux and Unix operating systems use a version of SMB called SAMBA.
1. What kind of threat is described when a threat actor sends you a virus that
can reformat your hard drive?
access attack
denial of service (DoS) attack
malware attack
reconnaissance attack
Explanation: A denial of service (DoS) attack, if successful, prevents authorized users from
accessing system resources.
2. George needed to share a video with a co-worker. Because of the large size
of the video file, he decided to run a simple FTP server on his workstation to
serve the video file to his co-worker. To make things easier, George created
an account with the simple password of “file” and provided it to his co-
worker on Friday. Without the proper security measures or a strong
password, the IT staff was not surprised to learn on Monday that George’s
workstation had been compromised and was trying to upload work related
documents to the internet. What type of attack is described in this scenario?
access attack
denial of service (DoS) attack
malware attack
reconnaissance attack
Explanation: An access attack, if successful, exploits known vulnerabilities. These attacks can
allow a threat actor to gain access to resources they have no rights to access.
3. Jeremiah was browsing the internet from his personal computer when a
random website offered a free program to clean his system. After the
executable was downloaded and running, the operating system crashed.
Crucial operating system related files had been corrupted and Jeremiah’s
computer required a full disk format and operating system re-installation.
What type of attack is described in this scenario?
access attack
denial of service (DoS) attack
malware attack
reconnaissance attack
Explanation: Malware attacks include viruses, worms, and Trojan horses. These types of attacks
can result in crashed systems and deleted or corrupted files.
4. Arianna found a flash drive lying on the pavement of a mall parking lot.
She asked around but could not find the owner. She decided to keep it and
plugged it into her laptop, only to find a photo folder. Feeling curious,
Arianna opened a few photos before formatting the flash drive for her own
use. Afterwards, Arianna noticed that her laptop camera was active. What
type of attack is described in this scenario?
access attack
denial of service (DoS) attack
malware attack
reconnaissance attack
Explanation: Malware attacks include viruses, worms, and Trojan horses. These types of attacks
can allow a threat actor to take control of an infected system.
5. A computer is used as a print server for ACME Inc. The IT staff failed to
apply security updates to this computer for over 60 days. Now the print
server is operating slowly, and sending a high number of malicious packets to
its NIC. What type of attack is described in this scenario?
access attack
denial of service (DoS) attack
malware attack
reconnaissance attack
Explanation: A denial of service (DoS) attack, if successful, prevents authorized users from
accessing system resources.
6. Sharon, an IT intern at ACME Inc., noticed some strange packets while
revising the security logs generated by the firewall. A handful of IP addresses
on the internet were sending malformed packets to several different IP
addresses, at several different random port numbers inside ACME Inc. What
type of attack is described in this scenario?
access attack
denial of service (DoS) attack
malware attack
reconnaissance attack
Explanation: In a reconnaissance attack, the threat actor can probe a system to find what ports
are open, and what services are running.
1. Which device controls traffic between two or more networks to help
prevent unauthorized access?
Playvolume00:00/01:03TruvidfullScreen
AAA Server
firewall
ESA/WSA
IPS
Explanation: A firewall is a dedicated device that helps prevent unauthorized access by not
allowing external traffic to initiate connections to internal hosts.
2. Which device is used by other network devices to authenticate and
authorize management access?
AAA Server
firewall
ESA/WSA
IPS
Explanation: AAA servers perform authentication, authorization and accounting services on
behalf of other devices to manage access to resources.
3. Which backup policy consideration is concerned with using strong
passwords to protect the backups and for restoring data?
frequency
storage
security
validation
Explanation: Backup validation is concerned with using strong passwords to protect backups
and for restoring data.
4. This zone is used to house servers that should be accessible to outside
users.
inside
outside
internet
DMZ
Explanation: The DMZ, or demilitarized zone, is used for servers that need to be accessible to
external users.
5. Which is appropriate for providing endpoint security?
a AAA server
antivirus software
a server-based firewall
an ESA/WSA
Explanation: Antivirus software running on an endpoint or host is part of a comprehensive
endpoint security solution.
1. Which statement correctly relates to a small network?
Playvolume00:00/01:03TruvidfullScreen
antivirus software
application layer services
gaming software
network applications
productivity software
virtual machine software
Explanation: Application layer services and network applications are two forms of software
programs that provide access to the network.
2. Which two network protocols are used to establish a remote access
network connection to a device? (Choose two.)
File Transfer Protocol (FTP)
Hypertext Transfer Protocol (HTTP).
Remote Connect (RC)
Secure Shell (SSH)
Simple Mail Transfer Protocol (SMTP)
Telnet
Explanation: SSH and Telnet are two network protocols that are used to establish a remote
access network connection to a device.
1. Which elements are required to scale to a larger network? (Choose two.)
Playvolume00:00/01:03TruvidfullScreen
budget
device configurations
increased bandwidth
network documentation
windows hosts
Explanation: Elements to scale to a larger network include budget, device inventory, network
documentation, and traffic analysis.
2. Which software installed on key hosts can reveal the types of network
traffic flowing through the network?
Linux
MacOS
SSH
Windows
Wireshark
Explanation: Wireshark can reveal the types of network traffic flowing through the network.
3. What Windows 10 tool is useful to determine which applications are using
network services on a host?
Control panel
Data Usage
File Manager
Windows Defender Firewall
Windows Explorer
Explanation: The Windows 10 Data Usage tool is useful to determine which applications are
using network services on a host.
1. A technician is troubleshooting a network problem and has just established
a theory of probable causes. What would be the next step in the
troubleshooting process?
Playvolume00:00/01:03TruvidfullScreen
Document findings, actions, and outcomes.
Establish a plan of action and implement the solution.
Identify the problem.
Test the theory to determine cause.
Verify solution and implement preventive measures.
Explanation: The next step after “Establish a Theory of Probable Causes” is to “Test the Theory
to Determine Cause”.
2. A technician is troubleshooting a network problem. After troubleshooting,
the technician concludes that a switch should be replaced. What should the
technician do next?
Email all users to let them know they are replacing a switch.
Escalate the trouble ticket to the manager to approve the change.
Purchase a new switch and replace the defective one.
Resolve the problem.
Explanation: The technician should escalate the problem to their manager.
3. A technician is using the debug ip icmp privileged EXEC command to
capture live router output. Which commands would stop this debug command
on a Cisco router? (Choose two.)
debug ip icmp off
no debug debug ip icmp
no debug ip icmp
undebug all
undebug debug ip icmp
Explanation: To disable the debug ip icmp command you can use no debug ip icmp, undebug ip
icmp, or undebug all.
4. A technician has established a remote connection to router R1 to observe
debug output. The technician enters the debug ip icmp command then pings
a remote destination. However, no output is displayed. Which command
would the technician have to enter to display log messages on a remote
connection?
monitor debug output
monitor terminal
terminal monitor
terminal monitor debug
Explanation: The terminal monitor command displays log messages on a remote connection.
Explanation: A GUI, or graphical user interface, allows the user to interact with the operating
system by pointing and clicking at elements on the screen. A CLI, or command-line interface,
requires users to type commands at a prompt in order to interact with the OS. The shell is the part
of the operating system that is closest to the user. The kernel is the part of the operating system
that interfaces with the hardware.
8. What happens when a switch receives a frame and the calculated CRC
value is different than the value that is in the FCS field?
The switch notifies the source of the bad frame.
The switch places the new CRC value in the FCS field and forwards the frame.
The switch drops the frame.
The switch floods the frame to all ports except the port through which the frame arrived to
notify the hosts of the error.
Explanation: The purpose of the CRC value in the FCS field is to determine if the frame has
errors. If the frame does have errors, then the frame is dropped by the switch.
9. Two network engineers are discussing the methods used to forward frames
through a switch. What is an important concept related to the cut-through
method of switching?
The fragment-free switching offers the lowest level of latency.
Fast-forward switching can be viewed as a compromise between store-and-forward
switching and fragment-free switching.
Fragment-free switching is the typical cut-through method of switching.
Packets can be relayed with errors when fast-forward switching is
used.
Explanation: Fast-forward switching offers the lowest level of latency and it is the typical cut-
through method of switching. Fragment-free switching can be viewed as a compromise between
store-and-forward switching and fast-forward switching. Because fast-forward switching starts
forwarding before the entire packet has been received, there may be times when packets are
relayed with errors.
10. Which two issues can cause both runts and giants in Ethernet networks?
(Choose two.)
using the incorrect cable type
half-duplex operations
a malfunctioning NIC
electrical interference on serial interfaces
CRC errors
Explanation: Because collisions are a normal aspect of half-duplex communications, runt and
giant frames are common by-products of those operations. A malfunctioning NIC can also place
frames on the network that are either too short or longer than the maximum allowed length. CRC
errors can result from using the wrong type of cable or from electrical interference. Using a cable
that is too long can result in late collisions rather than runts and giants.
11. Which two functions are performed at the LLC sublayer of the OSI Data Link Layer to
facilitate Ethernet communication? (Choose two.)
implements CSMA/CD over legacy shared half-duplex media
enables IPv4 and IPv6 to utilize the same physical medium
integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet
over copper
implements a process to delimit fields within an Ethernet 2 frame
places information in the Ethernet frame that identifies which
network layer protocol is being encapsulated by the frame
Other case
responsible for internal structure of Ethernet frame
applies source and destination MAC addresses to Ethernet frame
integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet
over copper
enables IPv4 and IPv6 to utilize the same physical medium
handles communication between upper layer networking software
and Ethernet NIC hardware
Other case
adds Ethernet control information to network protocol data
responsible for internal structure of Ethernet frame
implements trailer with frame check sequence for error detection
enables IPv4 and IPv6 to utilize the same physical medium
applies source and destination MAC addresses to Ethernet frame
Other case
implements CSMA/CD over legacy shared half-duplex media
adds Ethernet control information to network protocol data
places information in the Ethernet frame that identifies which
network layer protocol is being encapsulated by the frame
applies source and destination MAC addresses to Ethernet frame
integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet
over copper
Explanation: The data link layer is actually divided into two sublayers:
+ Logical Link Control (LLC): This upper sublayer defines the software processes that provide
services to the network layer protocols. It places information in the frame that identifies which
network layer protocol is being used for the frame. This information allows multiple Layer 3
protocols, such as IPv4 and IPv6, to utilize the same network interface and media.
+ Media Access Control (MAC): This lower sublayer defines the media access processes performed
by the hardware. It provides data link layer addressing and delimiting of data according to the
physical signaling requirements of the medium and the type of data link layer protocol in use.
12. Which two commands could be used to check if DNS name resolution is
working properly on a Windows PC? (Choose two.)
nslookup cisco.com
ping cisco.com
ipconfig /flushdns
net cisco.com
nbtstat cisco.com
Explanation: The ping command tests the connection between two hosts. When ping uses a
host domain name to test the connection, the resolver on the PC will first perform the name
resolution to query the DNS server for the IP address of the host. If the ping command is unable to
resolve the domain name to an IP address, an error will result.
Nslookup is a tool for testing and troubleshooting DNS servers.
13. A small advertising company has a web server that provides critical
business service. The company connects to the Internet through a leased line
service to an ISP. Which approach best provides cost effective redundancy for
the Internet connection?
Add a second NIC to the web server.
Add a connection to the Internet via a DSL line to another ISP.
Add another web server to prepare failover support.
Add multiple connections between the switches and the edge router.
Explanation: With a separate DSL connection to another ISP, the company will have a
redundancy solution for the Internet connection, in case the leased line connection fails. The other
options provide other aspects of redundancy, but not the Internet connection. The options of adding
a second NIC and adding multiple connections between the switches and the edge router will
provide redundancy in case one NIC fails or one connection between the switches and the edge
router fails. The option of adding another web server provides redundancy if the main web server
fails.
14. Only employees connected to IPv6 interfaces are having difficulty
connecting to remote networks. The analyst wants to verify that IPv6 routing
has been enabled. What is the best command to use to accomplish the task?
copy running-config startup-config
show interfaces
show ip nat translations
show running-config
15. Refer to the exhibit. A network administrator is connecting a new host to
the Registrar LAN. The host needs to communicate with remote networks.
What IP address would be configured as the default gateway on the new
host?
Floor(config-if)# no shutdown
Floor(config-if)# no shutdown
Floor(config-if)# no shutdown
Floor(config-if)# no shutdown
Floor(config-if)# end
192.168.235.234
203.0.113.3
192.168.235.1
10.234.235.254
192.168.234.114
16. Match the command with the device mode at which the command is
entered. (Not all options are used.)
Explanation: The enable command is entered in R1> mode. The login command is entered in
R1(config-line)# mode. The copy running-config startup-config command is entered in R1# mode.
The ip address 192.168.4.4 255.255.255.0 command is entered in R1(config-if)# mode. The service
password-encryption command is entered in global configuration mode.
17. A router boots and enters setup mode. What is the reason for this?
The IOS image is corrupt.
Cisco IOS is missing from flash memory.
The configuration file is missing from NVRAM.
The POST process has detected hardware failure.
Explanation: The startup configuration file is stored in NVRAM and contains the commands
needed to initially configure a router. It also creates the running configuration file that is stored in in
RAM.
20. Which command is used to manually query a DNS server to resolve a specific host
name?
tracert
ipconfig /displaydns
nslookup
net
Explanation: The nslookup command was created to allow a user to manually query a DNS
server to resolve a given host name. The ipconfig /displaydns command only displays previously
resolved DNS entries. The tracert command was created to examine the path that packets take as
they cross a network and can resolve a hostname by automatically querying a DNS server. The net
command is used to manage network computers, servers, printers, and network drives.
21. Which PDU is processed when a host computer is de-encapsulating a
message at the transport layer of the TCP/IP model?
bits
frame
packet
segment
Explanation: At the transport layer, a host computer will de-encapsulate a segment to
reassemble data to an acceptable format by the application layer protocol of the TCP/IP model.
22. Which two OSI model layers have the same functionality as two layers of the TCP/IP
model? (Choose two.)
data link
network
physical
session
transport
Explanation: The OSI transport layer is functionally equivalent to the TCP/IP transport layer, and
the OSI network layer is equivalent to the TCP/IP internet layer. The OSI data link and physical
layers together are equivalent to the TCP/IP network access layer. The OSI session layer (with the
presentation layer) is included within the TCP/IP application layer.
23. Which three layers of the OSI model are comparable in function to the application layer of
the TCP/IP model? (Choose three.)
presentation
physical
network
data link
transport
application
session
Explanation:
The TCP/IP model consists of four layers: application, transport, internet, and network access. The
OSI model consists of seven layers: application, presentation, session, transport, network, data link,
and physical. The top three layers of the OSI model: application, presentation, and session map to
the application layer of the TCP/IP model.
24. Network information:
* local router LAN interface: 172.19.29.254 / fe80:65ab:dcc1::10
* local router WAN interface: 198.133.219.33 / 2001:db8:FACE:39::10
* remote server: 192.135.250.103
What task might a user be trying to accomplish by using the ping
2001:db8:FACE:39::10 command?
verifying that there is connectivity within the local network
creating a network performance benchmark to a server on the company intranet
determining the path to reach the remote server
verifying that there is connectivity to the internet
25. Which two ICMP messages are used by both IPv4 and IPv6 protocols?
(Choose two.)
neighbor solicitation
router advertisement
router solicitation
protocol unreachable
route redirection
Explanation: The ICMP messages common to both ICMPv4 and ICMPv6 include: host
confirmation, destination (net, host, protocol, port) or service unreachable, time exceeded, and route
redirection. Router solicitation, neighbor solicitation, and router advertisement are new protocols
implemented in ICMPv6.
26. A network technician types the command ping 127.0.0.1 at the command
prompt on a computer. What is the technician trying to accomplish?
pinging a host computer that has the IP address 127.0.0.1 on the network
tracing the path to a host computer on the network and the network has the IP address
127.0.0.1
checking the IP address on the network card
testing the integrity of the TCP/IP stack on the local machine
Explanation: 127.0.0.1 is an address reserved by TCP/IP to test the NIC, drivers and TCP/IP
implementation of the device.
27. Although CSMA/CD is still a feature of Ethernet, why is it no longer
necessary?
the virtually unlimited availability of IPv6 addresses
the use of CSMA/CA
the use of full-duplex capable Layer 2 switches
the development of half-duplex switch operation
the use of Gigabit Ethernet speeds
Explanation: The use of Layer 2 switches operating in full-duplex mode eliminates collisions,
thereby eliminating the need for CSMA/CD.
28. What does a router do when it receives a Layer 2 frame over the network medium?
re-encapsulates the packet into a new frame
forwards the new frame appropriate to the medium of that segment of the physical
network
determines the best path
de-encapsulates the frame
Explanation: Routers are responsible for encapsulating a frame with the proper format for the
physical network media they connect. At each hop along the path, a router does the
following:Accepts a frame from a medium
De-encapsulates the frame
Determines the best path to forward the packet
Re-encapsulates the packet into a new frame
Forwards the new frame appropriate to the medium of that segment of the physical network
29. Which two acronyms represent the data link sublayers that Ethernet
relies upon to operate? (Choose two.)
SFD
LLC
CSMA
MAC
FCS
Explanation: For Layer 2 functions, Ethernet relies on logical link control (LLC) and MAC
sublayers to operate at the data link layer. FCS (Frame Check Sequence) and SFD (Start Frame
Delimiter) are fields of the Ethernet frame. CSMA (Carrier Sense Multiple Access) is the technology
Ethernet uses to manage shared media access.
30. A network team is comparing topologies for connecting on a shared
media. Which physical topology is an example of a hybrid topology for a LAN?
bus
extended star
ring
partial mesh
Explanation: An extended star topology is an example of a hybrid topology as additional
switches are interconnected with other star topologies. A partial mesh topology is a common hybrid
WAN topology. The bus and ring are not hybrid topology types.
31. Given network 172.18.109.0, which subnet mask would be used if 6 host bits were
available?
255.255.192.0
255.255.224.0
255.255.255.192
255.255.255.248
255.255.255.252
Explanation:
With an IPv4 network, the subnet mask is determined by the hosts bits that are required:
11 host bits required – 255.255.248.0
10 host bits required – 255.255.252.0
9 host bits required – 255.255.254.0
8 host bits required – 255.255.255.0
7 host bits required – 255.255.255.128
6 host bits required – 255.255.255.192
5 host bits required – 255.255.255.224
4 host bits required – 255.255.255.240
3 host bits required – 255.255.255.248
2 host bits required – 255.255.255.252
32. Three devices are on three different subnets. Match the network address
and the broadcast address with each subnet where these devices are located.
(Not all options are used.)
Device 1: IP address 192.168.10.77/28 on subnet 1
Device 2: IP address192.168.10.17/30 on subnet 2
Device 3: IP address 192.168.10.35/29 on subnet 3
Explanation: To calculate any of these addresses, write the device IP address in binary. Draw a
line showing where the subnet mask 1s end. For example, with Device 1, the final octet (77) is
01001101. The line would be drawn between the 0100 and the 1101 because the subnet mask is
/28. Change all the bits to the right of the line to 0s to determine the network number (01000000 or
64). Change all the bits to the right of the line to 1s to determine the broadcast address (01001111
or 79).
37. Which term describes a field in the IPv4 packet header that contains a unicast, multicast,
or broadcast address?
destination IPv4 address
protocol
TTL
header checksum
38. If the default gateway is configured incorrectly on the host, what is the
impact on communications?
There is no impact on communications.
The host is unable to communicate on the local network.
The host can communicate with other hosts on the local network, but
is unable to communicate with hosts on remote networks.
The host can communicate with other hosts on remote networks, but is unable to
communicate with hosts on the local network.
Explanation: A default gateway is only required to communicate with devices on another
network. The absence of a default gateway does not affect connectivity between devices on the
same local network.
39. Which is the compressed format of the IPv6 address
fe80:0000:0000:0000:0220:0b3f:f0e0:0029?
fe80:9ea:0:2200::fe0:290
fe80:9ea0::2020::bf:e0:9290
fe80::220:b3f:f0e0:29
fe80:9ea0::2020:0:bf:e0:9290
40. Refer to the exhibit. A user issues the command netstat –r on a
workstation. Which IPv6 address is one of the link-local addresses of the
workstation?
::1/128
fe80::30d0:115:3f57:fe4c/128
fe80::/64
2001:0:9d38:6ab8:30d0:115:3f57:fe4c/128
Explanation: In the IPv6 address scheme, the network of fe80::/10 is reserved for link-local
addresses. The address fe80::/64 is a network address that indicates, in this workstation, fe80::/64
is actually used for link-local addresses. Thus the address fe80::30d0:115:3f57:fe4c/128 is a valid
IPv6 link-local address.
SW1 will send an ARP reply with its Fa0/1 MAC address.
RT1 will send an ARP reply with its own Fa0/0 MAC address.
RT1 will forward the ARP request to PC3.
RT1 will send an ARP reply with the PC3 MAC address.
RT1 will send an ARP reply with its own Fa0/1 MAC address.
Explanation: When a network device has to communicate with a device on another network, it
broadcasts an ARP request asking for the default gateway MAC address. The default gateway
(RT1) unicasts an ARP reply with the Fa0/0 MAC address.
48. A network administrator is issuing the login block-for 180 attempts 2
within 30 command on a router. Which threat is the network administrator
trying to prevent?
a user who is trying to guess a password to access the router
a worm that is attempting to access another part of the network
an unidentified individual who is trying to access the network equipment room
a device that is trying to inspect the traffic on a link
Explanation: The login block-for 180 attempts 2 within 30 command will cause the device to
block authentication after 2 unsuccessful attempts within 30 seconds for a duration of 180 seconds.
A device inspecting the traffic on a link has nothing to do with the router. The router configuration
cannot prevent unauthorized access to the equipment room. A worm would not attempt to access
the router to propagate to another part of the network.
49. Which statement describes the characteristics of packet-filtering and stateful firewalls as
they relate to the OSI model?
A packet-filtering firewall uses session layer information to track the state of a connection,
whereas a stateful firewall uses application layer information to track the state of a
connection.
Both stateful and packet-filtering firewalls can filter at the application layer.
A packet-filtering firewall typically can filter up to the transport
layer, whereas a stateful firewall can filter up to the session layer.
A stateful firewall can filter application layer information, whereas a packet-filtering
firewall cannot filter beyond the network layer.
Explanation: Packet filtering firewalls can always filter Layer 3 content and sometimes TCP and
UDP-based content. Stateful firewalls monitor connections and thus have to be able to support up to
the session layer of the OSI model.
50. What are two ways to protect a computer from malware? (Choose two.)
Empty the browser cache.
Use antivirus software.
Delete unused software.
Keep software up to date.
Defragment the hard disk.
Explanation: At a minimum, a computer should use antivirus software and have all software up
to date to defend against malware.
51. The employees and residents of Ciscoville cannot access the Internet or any remote web-
based services. IT workers quickly determine that the city firewall is being flooded with so
much traffic that a breakdown of connectivity to the Internet is occurring. Which type of
attack is being launched at Ciscoville?
access
Trojan horse
reconnaissance
DoS
Explanation: A DoS (denial of service) attack prevents authorized users from using one or more
computing resources.
52. Which two statements describe the characteristics of fiber-optic cabling?
(Choose two.)
Fiber-optic cabling does not conduct electricity.
Multimode fiber-optic cabling carries signals from multiple sending devices.
Fiber-optic cabling is primarily used as backbone cabling.
Fiber-optic cabling uses LEDs for single-mode cables and laser technology for multimode
cables.
Fiber-optic cabling has high signal loss.
Explanation: Fiber-optic cabling is primarily used for high-traffic backbone cabling and does not
conduct electricity. Multimode fiber uses LEDs for signaling and single-mode fiber uses laser
technology. FIber-optic cabling carries signals from only one device to another.
53. What OSI physical layer term describes the measure of the transfer of
bits across a medium over a given period of time?
latency
goodput
throughput
bandwidth
54. Refer to the exhibit. What is the maximum possible throughput between
the PC and the server?
10 Mb/s
1000 Mb/s
128 kb/s
100 Mb/s
Explanation: The maximum throughput between any two nodes on a network is determined by
the slowest link between those nodes.
55. Match the description with the media. (Not all options are used.)
Explanation: UTP cables are used in wired office environments. Coaxial cables are used to
connect cable modems and televisions. Fiber optics are used for high transmission speeds and to
transfer data over long distances. STP cables are used in environments where there is a lot of
interference.