Q1. - (Topic 1)
Which statements accurately describe CDP? (Choose three.)
A. CDP is an IEEE standard protocol.
B. CDP is a Cisco proprietary protocol.
C. CDP is a datalink layer protocol.
D. CDP is a network layer protocol.
E. CDP can discover directly connected neighboring Cisco devices.
F. CDP can discover Cisco devices that are not directly connected.
Answer: B,C,E
Explanation:
CDP (Cisco Discovery Protocol) is a proprietary protocol designed by Cisco to help administrators collect information about both locally attached and remote devices. By using CDP, you can gather hardware and protocol information about neighbor devices containing useful info for troubleshooting and documenting the network.
Q2. - (Topic 7)
Which statement about routing protocols is true?
A. Link-state routing protocols choose a path by the number of hops to the destination.
B. OSPF is a link-state routing protocol.
C. Distance-vector routing protocols use the Shortest Path First algorithm.
D. IS-IS is a distance-vector routing protocol.
Answer: A
Explanation: Link State Routing Protocols
Link state protocols are also called shortest-path-first protocols. Link state routing protocols have a complete picture of the network topology. Hence they know more about the whole network than any distance vector protocol. Three separate tables are created on each link state routing enabled router. One table is used to hold details about directly connected neighbors, one is used to hold the topology of the entire internetwork and the last one is used to hold the actual routing table. Link state protocols send information about directly connected links to all the routers in the network. Examples of Link state routing protocols include OSPF - Open Shortest Path First and IS-IS - Intermediate System to Intermediate System. There are also routing protocols that are considered to be hybrid in the sense that they use aspects of both distance vector and link state protocols. EIGRP - Enhanced Interior Gateway Routing Protocol is one of those hybrid routing protocols.
Q3. - (Topic 7)
Which option is a valid hostname for a switch?
A. Switch-Cisco
B. Switch-Cisco!
C. SwitchCisco
D. SwitchCisc0
Answer: C
Q4. - (Topic 2)
A switch receives a frame on one of its ports. There is no entry in the MAC address table for the destination MAC address. What will the switch do with the frame?
A. drop the frame
B. forward it out of all ports except the one that received it
C. forward it out of all ports
D. store it until it learns the correct port
Answer: B
Explanation:
Understanding this concept is prime for understanding that when switch receives the data frame from the host not having the MAC address already in the MAC table, it will add the MAC address to the source port on the MAC address table and sends the data frame. If the switch already has the MAC address in its table for the destination, it will forward the frame directly to the destination port. If it was not already in its MAC table, then they frame would have been flooded out all ports except for the port that it came from.
Q5. - (Topic 3)
Which statements are TRUE regarding Internet Protocol version 6 (IPv6) addresses? (Choose three.)
A. An IPv6 address is divided into eight 16-bit groups.
B. A double colon (::) can only be used once in a single IPv6 address.
C. IPv6 addresses are 196 bits in length.
D. Leading zeros cannot be omitted in an IPv6 address.
E. Groups with a value of 0 can be represented with a single 0 in IPv6 address.
Answer: A,B,E
Explanation:
IPv6 addresses are divided into eight 16-bit groups, a double colon (::) can only be used
once in an IPv6 address, and groups with a value of 0 can be represented with a single 0 in
an IPv6 address.
The following statements are also true regarding IPv6 address:
IPv6 addresses are 128 bits in length.
Eight 16-bit groups are divided by a colon (:).
Multiple groups of 16-bit 0s can be represented with double colon (::).
Double colons (::) represent only 0s.
Leading zeros can be omitted in an IPv6 address.
The option stating that IPv6 addresses are 196 bits in length is incorrect. IPv6 addresses
are 128 bits in length.
The option stating that leading zeros cannot be omitted in an IPv6 address is incorrect.
Leading zeros can be omitted in an IPv6 address.
Q6. - (Topic 5)
Including the address on the Routed Ethernet interface, how many hosts can have IP addresses on the LAN to which Routed is connected?
A. 6
B. 30
C. 62
D. 126
Answer: A
Explanation:
This is a /29 address, so there are 6 usable IP’s on this subnet.
Q7. - (Topic 5)
Refer to the exhibit.
A network administrator has configured a Catalyst 2950 switch for remote management by pasting into the console the configuration commands that are shown in the exhibit. However, a Telnet session cannot be successfully established from a remote host. What should be done to fix this problem?
A. Change the first line to interface fastethernet 0/1.
B. Change the first line to interface vlan 0/1.
C. Change the fifth line to ip default-gateway 192.168.17.241.
D. Change the fifth line to ip route 0.0.0.0 0.0.0.0 192.168.17.1.
E. Change the sixth line to line con 0.
Answer: C
Explanation:
The default gateway must reside on the same IP subnet as the device. Here, the subnet mask for the VLAN interface is /228. Only choice C will fix this issue, as then the default gateway is on the same subnet as the 2950.
Q8. - (Topic 5)
Two routers named Atlanta and Brevard are connected by their serial interfaces as shown in the exhibit, but there is no data connectivity between them. The Atlanta router is known to have a correct configuration.
Given the partial configurations shown in the exhibit, what is the problem on the Brevard router that is causing the lack of connectivity?
A. A loopback is not set.
B. The IP address is incorrect.
C. The subnet mask is incorrect.
D. The serial line encapsulations are incompatible.
E. The maximum transmission unit (MTU) size is too large.
F. The bandwidth setting is incompatible with the connected interface.
Answer: B
Explanation:
The connection between two routers must have IP addresses that belong to the same subnet, but in this case Atlanta is using 192.168.10.1/24 and the other is in 192.168.11.1/24.
Q9. - (Topic 3)
Which command enables IPv6 forwarding on a Cisco router?
A. ipv6 host
B. ipv6 unicast-routing
C. ipv6 local
D. ipv6 neighbor
Answer: B
Explanation:
Enabling IPv6 on Cisco IOS Software Technology http://www.ciscopress.com/articles/article.asp?p=31948&seqNum=4 The first step of enabling IPv6 on a Cisco router is the activation of IPv6 traffic forwarding to forward unicast IPv6 packets between network interfaces. By default, IPv6 traffic forwarding is disabled on Cisco routers. The ipv6 unicast-routing command is used to enable the forwarding of IPv6 packets between interfaces on the router. The syntax for this command is as follows: Router(config)#ipv6 unicast-routing The ipv6 unicast-routing command is enabled on a global basis.
Q10. - (Topic 5)
From which of the following attacks can Message Authentication Code (MAC) shield your network?
A. DoS
B. DDoS
C. spoofing
D. SYN floods
Answer: C
Explanation:
Message Authentication Code (MAC) can shield your network from spoofing attacks. Spoofing, also known as masquerading, is a popular trick in which an attacker intercepts a network packet, replaces the source address of the packets header with the address of the authorized host, and reinserts fake information which is sent to the receiver. This type of attack involves modifying packet contents. MAC can prevent this type of attack and ensure data integrity by ensuring that no data has changed. MAC also protects against frequency analysis, sequence manipulation, and ciphertext-only attacks. MAC is a secure message digest that requires a secret key shared by the sender and receiver, making it impossible for sniffers to change both the data and the MAC as the receiver can detect the changes. A denial-of-service (DoS) attack floods the target system with unwanted requests, causing the loss of service to users. One form of this attack generates a flood of packets requesting a TCP connection with the target, tying up all resources and making the target unable to service other requests. MAC does not prevent DoS attacks. Stateful packet filtering is the most common defense against a DoS attack. A Distributed Denial of Service attack (DDoS) occurs when multiple systems are used to flood the network and tax the resources of the target system. Various intrusion detection systems, utilizing stateful packet filtering, can protect against DDoS attacks. In a SYN flood attack, the attacker floods the target with spoofed IP packets and causes it to either freeze or crash. A SYN flood attack is a type of denial of service attack that exploits the buffers of a device that accept incoming connections and therefore cannot be prevented by MAC. Common defenses against a SYN flood attack include filtering, reducing the SYN-RECEIVED timer, and implementing SYN cache or SYN cookies.