CCNA4 All Chapters
CCNA4 All Chapters
CCNA4 All Chapters
VPN
Refer to the exhibit. If the firewall module has been correctly configured using best practices
for network security, which statement is true about the security design for the network?
Servers in the DMZ are protected from internal and external attacks
provides defined entry and exit points so that filtering and securing traffic is easier
Refer to the exhibit. The server broadcasts an ARP request for the MAC address of its
default gateway. If STP is not enabled, what is the result of this ARP request?
Switch_A and Switch_B continuously flood the message onto the network
Refer to the exhibit. What happens when Host 1 attempts to send data?
Frames from Host 1 cause the interface to shut down, and a log message is sent
Which two statements are true regarding network convergence? (Choose two.)
In a large network, using the EIGRP or OSPF routing protocols rather than RIPv2 may
improve convergence time
Route summarization improves convergence time by minimizing the size of the routing
table.
The network administrator is designing network connectivity for a home teleworker. The
teleworker needs secure
access to download and upload documents on the network file server. What network
connection would be most
cost efficient while still meeting the security and connectivity needs of this teleworker?
Which three functions are performed at the distribution layer of the hierarchical network
model? (Choose three.)
isolating network problems to prevent them from affecting the core layer
What are two mechanisms that provide redundancy for server farm implementations?
(Choose two.)
172.16.3.0/24?
172.16.0.0/22
Which three statements describe the functions of the Cisco hierarchical network design
model? (Choose three.)
The distribution layer is responsible for traffic filtering and isolating failures from the
core.
Two goals of the core layer are 100 percent uptime and maximizing throughput.
The access layer provides a means of connecting end devices to the network.
Refer to the exhibit. Which two devices are part of the access design layer? (Choose two.)
FC-AP
FC-ASW-2
Refer to the exhibit. The network administrator creates a standard access control list to
prohibit traffic from the 192.168.1.0/24 network from reaching the 192.168.2.0/24 network
while still permitting Internet access for all networks. On which router interface and in
which direction should it be applied?
Which two considerations are valid when designing access layer security? (Choose two.)
Disabling unused ports on the switches helps prevent unauthorized access to the network
What are two best practices in wireless LAN design to ensure secure wireless access to the
corporate network? (Choose two.)
Configure WPA.
A network designer is creating a new network. The design must offer enough redundancy to
provide protection against a single link or device failure, yet must not be too complex or
expensive to implement. What topology would fill these needs?
partial mesh
Refer to the exhibit. What effect does the ACL shown have on network traffic, assuming that
it is correctly applied to the interface?
All Telnet traffic from the 172.16.0.0 network to any destination is denied
Centralizing servers in a data center server farm can provide which benefit over a
distributed server environment?
It is easier to filter and prioritize traffic to and from the data center
Servers in the DMZ provide limited information that can be accessed from external
networks.
Refer to the exhibit. Which two statements correctly describe the benefits of the network
access layer design that is shown? (Choose two.)
If host A sends a broadcast message, only hosts in VLAN10 receive the broadcast frame
Segmenting all voice traffic on a separate VLAN facilitates the implementation of QoS
Which two items in a physical WLAN design can be identified through a site survey?
(Choose two.)
What kind of ACL inspects outbound UDP, TCP, and ICMP traffic and allows inbound
access only to traffic that belongs to these established sessions?
reflexive ACL
What are three ways to ensure that an unwanted user does not connect to a wireless
network and view the data? (Choose three.)
During an evaluation of the currently installed network, the IT staff performs a gap analysis
to determine whether the existing network infrastructure can support the desired new
features. At which stage of the Cisco Lifecycle Services approach does this activity occur?
Plan Phase
pre-sales engineer
Optimize Phase
A network engineer working for ABC company is writing a response to an RFP for a
network upgrade and must create an executive summary. Which statement describes the
basic components of an executive summary?
quick overview of the problem, the recommended solution, and the justification for ABC
company doing the job
to clarify project scope and timelines not included in the original request for proposal
Which two statements best describe the responsibilities of an account manager? (Choose
two.)
acts as the primary point of contact between the company and the client
to check that the newly installed network meets the business goals and design
requirements
customer satisfaction
profitability
software running on a managed device to collect network information and allow that
device to be managed by a management station
A corporation (client) wants a network upgrade and is putting out a request for services to
various network consulting companies (contractors). Which statement is true concerning the
required RFQ?
sent from the client to the contractors in place of a RFP when the technical specifications
of a project are known
A major corporation has decided to hire someone to upgrade their network infrastructure.
A network consulting company wants the job. What document must the network consulting
company obtain to learn about the business goals, the project scope, the requirements for the
new network and the expected deliverables?
Which stage of the Cisco Lifecycle Services strategy is usually completed before an
organization issues a Request For Proposal (RFP) or Request For Quotation (RFQ)?
Prepare Phase
What is a business constraint that may impact the WAN design of a company?
company policy requiring the use of specific vendor networking equipment due to
partnerships
Which software component is installed on network devices that are managed through
SNMP?
management agents
What are two benefits of using a top-down approach instead of a bottom-up approach to
network design? (Choose two.)
clarifies design goals from the perspective of applications and network solutions
When should a network baseline be performed within the stages of the Cisco Lifecycle
Services?
Operate Phase
Which two statements are true regarding the response to an RFQ? (Choose two.)
The response helps the customer compare pricing with other potential contractors
What are two disadvantages of using a bottom-up approach instead of a top-down approach
to network design?
(Choose two.)
Software running on a managed device to collect network information and allow that device
to be managed by a management station
/
Refer to the exhibit. The top of the output shows the Cisco Feature Navigator regarding a
Cisco IOS image that the administrator wants to install on a router. Below it is the output
from the show version command for that router. Which statement is true regarding the
capacity of the router to run this Cisco IOS image?
During a site survey, the network designer noticed that people were accessing the company
wireless network from the parking lot. What should be done to stop the wireless signal from
radiating out into the parking lot?
When planning an IOS upgrade, what are two pieces of information that need to be collected
before selecting the new IOS? (Choose two.)
A company is beginning to analyze their new Cisco IOS upgrade requirements. What is one
of the router components that a network administrator must consider when selecting a new
Cisco IOS version?
What section of the Network Design Requirements document usually details the physical
areas, applications, and user groups affected by the network upgrade?
network requirements
What are two practices a network technician should follow when installing a new interface
card in a router? (Choose two.)
Push the interface card into place until the edge connector is seated securely
Which two items are objectives of a WLAN design site survey? (Choose two.)
Refer to the exhibit. Based upon the Cisco IOS file naming convention, what is represented
by the value ipvoicek9 listed in the IOS filename?
feature set
The new serial interface card for the router arrives and the network technician reads that it is
hot-swappable. What does this mean?
The card can be installed while the router is powered on if the router supports this
technology
The new network design for AnyCompany must include support of voice and video traffic.
Before upgrading, the network designer checks whether the existing devices can support the
new requirements. Which three items does the designer need to check? (Choose three.)
Refer to the exhibit. What two items can be determined from the output? (Choose
two.)
R2 is a Cisco 2600 device
determine what current network devices require upgrades to meet the new
requirements
Refer to the exhibit. The network administrator is attempting to install a new version
of the IOS on R2. Based on the exhibited output, what are two possible reasons that
the transfer failed? (Choose two.)
The administrator did not verify that the TFTP server is running.
A production router is reloaded and finishes with a Router> prompt. What three
facts can be determined? (Choose three.)
location of the AP
Project Scope
Refer to the exhibit. A network administrator issues the command shown to gain
knowledge about a poorly documented network. Which two pieces of information
can the network administrator discover from the command output? (Choose two.)
to the exhibit. Which of the three Cisco IOS images shown will load into RAM?
The router selects an image depending on the boot system command in the
configuration
Refer to the exhibit. If a reload command is issued on router FC-CPE-1, where does
the router first search for the Cisco IOS image?
flash
A new Cisco IOS version has been copied into flash from a TFTP server. When a
reload is issued to upgrade the Cisco IOS, the router freezes part of the way through
the loading process. What could be the problem?
Which three pieces of information need to be considered when selecting the proper
Cisco IOSversion for an upgrade?
(Choose three.)
amount of DRAM
device make and model
size of system flash memory
An administrator wants to download a new Cisco IOS software version to the local
router. Which command performs this task?
Which two network applications are most affected by network congestion and
delays? (Choose two.)
IP telephony
Refer to the exhibit. If ACL 150 identifies only voice traffic from network
192.168.10.0/24 and no other traffic, which queue will voice traffic from other
networks use?
Default
What is the primary goal of QoS?
RTCP
RTP
Refer to the exhibit. Which option correctly matches the terms on top with its
definition on the bottom?
NBAR
NetFlow
What design strategy should be followed when designing a network that uses video
on demand?
CoS
Which two major differences are associated with IP telephony when compared to
traditional telephony that uses a PBX? (Choose two)
Refer to the exhibit. After configuring QoS, a network administrator issues the
command show queueing interface s0/1. What two pieces of information can an
administrator learn from the output of this command? (Choose two.)
type of queuing being implemented
real-time video
A company is considering adding voice and video to the data networks. Which two
statements are true if voice and video are added? (Choose two.)
HSRP
RSTP
Which two traffic types are examples of external traffic flows? (Choose two.)
QoS
Several web and email servers have recently been installed as part of an enterprise
network. The security administrator has been asked to provide a summary of
security features that can be implemented to help prevent unauthorized traffic from
being sent into or out of sensitive internal networks. Which three features should the
security administrator recommend? (Choose three.)
Firewalls
Delay
Jitter
Which two items can be determined by diagramming internal traffic flow? (Choose
two.)
Atomic
When implementing VoIP services, which two design considerations should be
followed? (Choose two.)
Voice-enabled routers or a server must be used for call control and signalling.
Power to the phones can be supplied through properly equipped patch panels or
switches
A customer purchases tickets online and pays using a credit card, but the system
goes down before the transaction is complete. What transaction type retains a record
of this transaction after the system failure so that the customer will still receive the
tickets and the credit card account will be debited accordingly?
Durable
In addition to the technical considerations, what other major factor is used to evaluate the
success of a network installation?
user satisfaction
Conduct an inventory of all networking devices that includes model numbers and memory
configurations
flexible bandwidth
Which two factors should be considered when designing a wireless LAN that
provides seamless roaming capabilities? (Choose two.)
coverage
What characteristic in a routing protocol allows it to support the network design
criteria for availability?
fast convergence
Refer to the exhibit. What is an advantage of having two links connected between the
two switches shown?
provides connectivity when one of the connections between the switches fails
A state-funded college wants to implement Cisco wireless IP phones for employees
to use while on campus. The college currently has only wired network device access.
Which two devices must be incorporated into the network design to best
accommodate roaming for wireless IP phones? (Choose two.)
What is integrated into a Cisco IP phone to reduce the number of ports needed in the
wiring closet?
Switch
Refer to the exhibit. Which statement is true regarding how the ISP router filters traffic?
All traffic from the 64.100.0.0/21 network can access the Internet.
Which two statements are true regarding the following extended ACL? (Choose two.)
SNMP
switch clustering
Using expandable, modular network devices is a key element of what network design
criteria?
Scalability
What characteristic of a network supports high availability to provide the 99.999% uptime
requirement?
Redundancy
What limitations of the 2960 switch prevent it from providing the services needed in the
Distribution layer?
Which network design process identifies the best locations to place access points?
site survey
When applying network security, what security measure should be implemented first?
Which three design requirements are implemented at the access layer? (Choose three.)
PoE
VLANs
Which rule should be followed when implementing the security requirements of a network
design?
packet switched
What is a function of the access layer in the Cisco three-layer hierarchical internetworking
model?
To reduce office overhead, a downtown company now requires that their customer service
representatives work from home. All of the employees are located either downtown or in a
nearby suburban area. Each employee requires high speed service and connectivity to the
Internet through their local ISP. Which term describes this WAN service?
DSL
Refer to the exhibit. The branch office needs constant access to the servers in the enterprise
headquarters. Therefore, a backup Frame Relay link is added. A network administrator is
configuring the routers in the branch office to make sure that when the backup Frame Relay
link is used, only the traffic to access the enterprise headquarters is allowed. Which
statement is true about the routing configuration on branch office edge routers?
The command ip route 128.107.0.0 255.255.0.0 serial 0/0 50 should be configured on BE2
Which network configuration would require the use of the no auto-summary command?
Refer to the exhibit. Which set of router commands is required to turn on unequal-cost load
sharing so that RTRA selects the path A-B-E and the lowest cost path A-C-E to the Internet?
172.16.50.97/27
192.168.8.0/24 - 192.168.15.0/24
A network engineer researched whether there are mechanisms available to help with the
transition from an IPv4 addressing structure to IPv6. What three options did the engineer
find? (Choose three.)
A protocol translation mechanism allows communication between the IPv4 and IPv6
networks.
A dual-stack network design allows both IPv4 and IPv6 addressing to be used on all
network devices.
Refer to the exhibit. A company has decided to add a new workgroup. If the subnetting
scheme for the network uses contiguous blocks of addresses, what subnet is assigned to
hosts connected to wgroup3?
172.16.3.16/29
Refer to the exhibit. The IT management is adding three VLANs to the wgroup3 switch. The
current subnet will be broken down to support 14 hosts for each of the new VLANs. What
will the new subnet mask be for these VLANs?
255.255.255.240
A network administrator is using the 10.0.0.0/8 network for the company. The administrator
must create a masking scheme to support 750 users at the main office and 620 users at the
remote office. What mask should be assigned to the 10.0.0.0/8 network to preserve the most
addresses?
255.255.252.0
Enter the interface mode for each IPv6 interface and enable RIPng with the ipv6
ripnameenable command
128
Refer to the exhibit. Assuming that the default EIGRP configuration is running on both
routers, which statement is true about Router A reaching the 2.2.2.0/24 network?
1080::1267:01A2
Which two are best practices for creating a new IP addressing scheme for a network?
(Choose two.)
With RIPv2, what should be done to avoid routing problems if a discontiguous network
exists?
Refer to the exhibit. What are the broadcast addresses for each subnet?
QA - 172.16.1.127
Sales - 172.16.63.255
Admin - 172.16.31.255
Development - 172.16.3.255
Refer to the exhibit. Which subnet will provide sufficient addresses for the Production
network with minimal waste?
172.16.0.192/27
A company is designing a new network that will accommodate new Cisco equipment and
multivendor legacy devices. The network designer has decided to select a hierarchical
routing protocol that will minimize traffic from routing updates and provide fast
convergence in the event of a topology change. Also, the existing IP addressing scheme
requires that the selected protocol support VLSM. Which routing protocol should be chosen?
EIGRP
How would the routes for networks 172.16.1.0/24, 172.16.3.0/24, and 172.16.15.0/24 be
summarized?
172.16.0.0/20
Refer to the exhibit. What must an administrator do on R3 to ensure that update packets are
sent with subnet mask information?
Refer to the exhibit. The IT management has determined that the new subnet for
WGROUP3 needs to be broken down into four more subnets. What would the subnet
mask be for the four newly created subnets within WGROUP3?
255.255.192.0
How do designers decide which network functions need to be included in the prototype
test?
They select the functions that align with the business goals
the exhibit. What two measures can be taken to address the areas of weakness circled in the
network design? (Choose two.)
Add a switch in the server block connecting the server farm to each core switch
Provide a redundant firewall router connecting to a second ISP, the core switches, and the
DMZ
Switch port Fa0/24 was previously configured as a trunk, but now it is to be used to connect
a host to the network. How should the network administrator reconfigure switch port
Fa0/24?
Use the switchport mode access command from interface configuration mode.
When a switch port is recovering from a failure, which protocol allows the port to transition
directly to the forwarding state?
RSTP
Refer to the exhibit. During prototyping, Layer 2 functionality is being tested. Based on the
output shown, which two pieces of information can be determined? (Choose two.)
Interface Fa0/2 on Switch1 is the alternate port used to reach the root bridge
Based on the entries in the "Role" column, it can be concluded that RSTP has been
implemented
A network designer must provide a rationale to a customer for a design which will move an
enterprise from a flat network topology to a hierarchical network topology. Which two
features of the hierarchical design make it the better choice? (Choose two.)
Refer to the exhibit. The users on the 192.168.10.192 network are not allowed Internet access.
The network design calls for an extended ACL to be developed and tested. Where should
the ACL be placed for the least effect on other network traffic?
inbound on Fa0/1 of R3
Refer to the exhibit. Why are interfaces Fa0/11, Fa0/23, and Fa0/24 not shown in this switch
output?
Alternate
Refer to the exhibit. A network administrator has been given the task of creating a design for
a temporary classroom building that is to be set up outside an overcrowded school. In
testing the prototype, it is found that the student PC cannot ping the teacher PC. All the
switch interfaces are active and connected properly, as is interface Fa0/0 of the router. Given
that only the commands shown have been added to the router configuration, what is the
source of the problem?
Refer to the exhibit. The redundant paths are of equal bandwidth and EIGRP is the routing
protocol in use. Which statement describes the data flow from Server to PC2?
Test results are compared to the baseline to see how the test conditions increase processor
use or decrease available bandwidth
Refer to the exhibit. During prototype testing of the Cisco network shown, connectivity must
be verified. Assuming all connections are working and CDP is enabled on all devices and
interfaces, on which device was the command issued?
R1
While preparing a network test plan document, a network designer records all initial and
modified device configurations. Which section of the document typically contains this
information?
Appendix
What OSI model Layer 2 security measure can a network engineer implement when
prototyping network security?
Refer to the exhibit. After all the interfaces have stabilized, what is the spanning-tree state of
all the enabled interfaces of SW11?
Forwarding
Refer to the exhibit. In the router command encapsulation dot1q 10, what does the number
10 represent?
the number that must match the Fast Ethernet subinterface number
A network engineer has decided to pilot test a portion of a new network design rather than
rely on a prototype for proof-of-concept. What are two advantages of pilot testing a design
concept? (Choose two.)
For the multiple tests that are required to complete a LAN design test plan, which action
should be taken as a component of every test?
Designated
a network simulator
Which is the next step in evaluating the performance of a network once the prototype is
configured and basic connectivity is verified?
Refer to the exhibit. During prototype testing, verification of VLAN connectivity is being
performed. Based on the information shown, what command produced the output?
What are two components a network designer considers when planning a VPN? (Choose
two.)
Refer to the exhibit. What is placed in the address field of a frame that will travel from the
Orlando office to the DC office?
DLCI 100
An IP address has been assigned to the S0/0/0 interface of a new Cisco router. The
administrator wishes to quickly test basic connectivity with the serial interface of an
adjoining Cisco router via the use of the default WAN protocol. Which WAN protocol will
be used for this test?
HDLC
Refer to the exhibit. What statement is true about the configuration shown for R2?
Which two statements about split tunnels are true? (Choose two.)
Traffic to public web sites and general Internet navigation is not encrypted.
When identifying VPN requirements for endpoint users, what care must be taken to protect
the network when remote users log in from unsecured public locations?
Ensure that remote users can only access network resources that are appropriate to their job
function.
Which two statements are true regarding VPN security? (Choose two.)
Users that connect to a network through a VPN are considered trusted users on the network.
Users may establish a VPN connection from unsecure locations such as airports and hotel
lobbies.
Refer to the exhibit. Two directly connected routers are unable to ping each other through
the only active serial interfaces. What is the problem?
Network
administrative distance
Refer to the exhibit. The complete configuration of a Frame Relay interface on the Chicago
router is shown. How does the Chicago router know which DLCI is mapped to the IP
address of the remote router?
Inverse ARP
A company uses serial interfaces on its border router to connect to branch offices through
WAN connections. The security policy dictates that the encapsulation should use PPP with
authentication protocol CHAP. Which statement is true about the configuration requirement
of CHAP?
What is used to identify the path to the next Frame Relay switch in a Frame Relay network?
DLCI
Which bit is set by a Frame Relay switch to inform the source station that there is congestion
on the network?
FECN
A network administrator issued the command show frame-relay pvc. The response from the
router shows the status of a PVC as deleted. What is the reason for this status?
The DLCI configured on the CPE device does not match the DLCI on the interface
Which PVC status suggests that the router recognizes the DLCI configured on its interface as
being present on the Frame Relay switch, but the PVC associated with the DLCI is not
capable of end-to-end communication?
Inactive
Which statement identifies the IP address design for subinterfaces that are configured for a
Frame Relay network?
What statement correctly defines the purpose of the split horizon rule?
prevents routers from advertising a network through the interface from which the update
came
What tool can help ease the configuration of VPN servers on routers?
Cisco SDM
Two directly connected routers are able to ping each other through the Serial 0/0/0
interfaces. A network administrator changes the encapsulation on one router to PPP, and the
other is left at the default value. What statement would appear in the output of the show
interfaces command issued on one of the routers?
Which three algorithms can be used to encrypt user data in an IPSec VPN framework?
(Choose three.)
3DES
AES
DES
Refer to the exhibit. Which router command is used to associate a Layer 2 address with the
corresponding Layer 3 address?
Which flag is set by a Frame Relay switch to inform the receiving station that congestion was
experienced?
FECN
A company informs the account manager that the installation of a new edge router at the
customer remote branch location cannot be done at the scheduled time because of a large
order that the branch office needs to complete. As a result, the end date of the project must
be adjusted to accommodate the additional time. What action should the account manager
take?
Adjust the timeline documentation to show the company how the delay will affect the
project completion date.
Which two statements describe factors that influence the layout of a proposal? (Choose two.)
A designer chooses the layout if a written RFP does not specify an outline.
What two items are typically included in the executive summary of a proposal? (Choose
two.)
Which proposal section describes the intended routing protocol, security mechanisms, and
addressing for the planned network?
logical design
A network installation team is assigned to replace all core switches in an existing data
center. No other upgrades are planned. Which kind of installation is this?
a phased installation
What are two important guidelines when creating a slide presentation for a meeting with a
customer? (Choose two.)
A phased installation requires detailed planning in order to avoid disruption of user services
plan to add additional staff and resources to shorten the installation time after the new
equipment is delivered
renegotiate a new time frame with the customer to accommodate the delay
The operation of a new branch location network is delayed because a VPN cannot be
configured and established between the branch location and the main office. It is determined
that the router at the main office does not have enough memory and does not have the
correct Cisco IOS version image to support the VPN features. To prevent this delay, this
problem should have been identified and corrected during which part of the design project?
Included in a Bill of Materials (BOM) for a SOHO wired implementation is a Cisco 2811
router, Catalyst 2560 switch, four PCs, three laptops, and a networked printer. Wireless LAN
capability will be implemented on this network. Which two equipment types must be added
to the BOM to implement this request? (Choose two.)
wireless NICs
An upgraded version of a network simulator has been purchased. However, the CD arrived
damaged. How will this loss be covered?
a software warranty
AAA Financial Services Company is performing implementation planning for a core switch
upgrade. The company has 200 financial software programmers that work billable hours
during the week. They have critical, scheduled money transfer transmissions that occur at
hourly intervals every night. There are two, two-hour long IT maintenance windows
scheduled for software upgrades, one on Saturday and one on Sunday. The bank advertises
online banking as available 24 hours on business days and 21 hours on the weekends.
However, a network upgrade that is necessary to replace some switches is expected to take
four hours. Because of rack constraints, this time includes three hours to remove the old
switches before the new switches can be installed and one hour to test the logical
configuration. How should the implementation scheduling be handled?
Coordinate and publish an eight-hour downtime incorporating the Saturday window. This
will allow four hours for installation and logical testing, one hour for troubleshooting and
decision, and three hours to roll back to the previous configuration if the new switching
cannot pass the logical testing. Defer any software upgrades until the new network is
proven to be working correctly with the old software.
A Cisco 1841 router has been purchased without an agreement for SMARTnet Service. What
two items are guaranteed under the standard warranty? (Choose two.)
What are two factors that a network designer must take into account when planning a
project timeline? (Choose two.)
A customer has just taken delivery of a Cisco 2811 router and Catalyst 3560 switch. Included
with the purchase is the SMARTnet Service. Which two resources are included with
SMARTnet Service? (Choose two.)
Upon completion of a proposal, a network design team must sell their ideas to two key
stakeholders. Who are these two stakeholders? (Choose two.)
internal management
Which two items will a systems engineer include in an implementation plan? (Choose two.)