Wednesday, January 25, 2012

CCNA – Access List Questions 2

Question 1
Refer to the exhibit. What will happen to HTTP traffic coming from the Internet that is destined for 172.16.12.10 if the traffic is processed by this ACL?
router#show access-lists
Extended IP access list 110
10 deny tcp 172.16.0.0 0.0.255.255 any eq telnet
20 deny tcp 172.16.0.0 0.0.255.255 any eq smtp
30 deny tcp 172.16.0.0 0.0.255.255 any eq http
40 permit tcp 172.16.0.0 0.0.255.255 any
A. Traffic will be dropped per line 30 of the ACL.
B. Traffic will be accepted per line 40 of the ACL.
C. Traffic will be dropped, because of the implicit deny all at the end of the ACL.
D. Traffic will be accepted, because the source address is not covered by the ACL.

Answer: C
Explanation
The syntax of an extended access list is:
access-list access-list-number {permit | deny} protocol source {source-mask} destination {destination-mask} [eq destination-port]
Notice that in our access list, the network 172.16.0.0 0.0.255.255 is specified as the source but the question asks about “HTTP traffic coming from the Internet that is destined for 172.16.12.10″, which means 172.16.0.0 0.0.255.255 is the destination network. So in this case there is no match in our access list and the traffic will be dropped because of the implicit deny all at the end of the ACL. It is surely a tricky question!

Question 2
Refer to the exhibit. Which statement describes the effect that the Router1 configuration has on devices in the 172.16.16.0 subnet when they try to connect to SVR-A using Telnet or SSH?
extended_access_list.jpg
A. Devices will not be able to use Telnet or SSH.
B. Devices will be able to use SSH, but not Telnet.
C. Devices will be able to use Telnet, but not SSH.
D. Devices will be able to use Telnet and SSH.

Answer: B
Explanation
Let’s analyze the access list 100:
+ 10 permit tcp 172.16.16.0 0.0.0.15 host 172.16.48.63 eq 22: allows TCP traffic from network 172.16.16.0/28 to access host 172.16.48.63 with a destination port of 22 (SSH)
+ 20 permit tcp 172.16.16.0 0.0.0.15 eq telnet host 172.16.48.63: allows TCP traffic from network 172.16.16.0/28 with a source port of 23 (telnet) to access host 172.16.48.63
Notice that if a device wants to telnet (or SSH) to SVR-A server it must use the destination port of 23 (or 22), not a source port of 23 (or 22).
Access list 100 is applied on the inbound direction of Fa0/0 so it will only filter traffic from 172.16.16.0 subnet to the SVR-A server.
Access list 101 is very similar to access list 100 but it is applied on the inbound direction of Fa0/1 so it will filter traffic from SVR-A server to 172.16.16.0 subnet. In ACL 101:
+ 10 permit tcp host 172.16.48.63 eq 22 172.16.16.0 0.0.0.15: allows TCP traffic from host 172.16.48.63 with a source port of 22 (SSH) to access network 172.16.16.0/28.
+ 20 permit tcp host 172.16.48.63 172.16.16.0 0.0.0.15 eq telnet: allows TCP traffic from host 172.16.48.63 to access network 172.16.16.0/28 with a destination port of telnet.
Notice that the returned traffic from SVR-A to network 172.16.16.0/28 (resulting from telnet or SSH session) will have a source port of 23 (Telnet) or 22 (SSH)
In conclusion, the first statements of each ACL will allow devices to “SSH” to SVR-A. But they can’t telnet because of the implicit deny all at the end of the ACL.
In this question, the second statements of each ACL can be considered “wrong” if we intend to filter telnet or SSH traffic and they have no effect on the Telnet or SSH traffic.

Question 3
Refer to the exhibit. Which three variables (router, protocol port, and router ACL direction) apply to an extended ACL that will prevent student 01 from securely browsing the internet?
Apply_acess_list.jpg
A. OUT
B. Router 3
C. HTTPS
D. IN
E. Router 1

Answer: B C D
Explanation
There are 3 routers we can place this access list: Router 1, Router Main and Router 3 but in theory, an extended access list should be placed close to the source -> Router 3 is the best choice -> B is correct.
The traffic we need to filter here is “securely browsing the internet” so it is HTTPS -> C is correct.
Finally we should apply this access list to the inbound direction so that Router 3 will filter this traffic before making routing decision. It helps save processing resources on Router 3 -> D is correct.

Question 4
Which two statements apply to dynamic access lists? (choose two)
A. they offer simpler management in large internetworks.
B. you can control logging messages.
C. they allow packets to be filtered based on upper-layer session information.
D. you can set a time-based security policy.
E. they provide a level of security against spoofing.
F. they are used to authenticate individual users.

Answer: A F
Explanation
Dynamic ACLs have the following security benefits over standard and static extended ACLs:
+ Use of a challenge mechanism to authenticate individual users
+ Simplified management in large internetworks
+ In many cases, reduction of the amount of router processing that is required for ACLs
+ Reduction of the opportunity for network break-ins by network hackers
+ Creation of dynamic user access through a firewall, without compromising other configured security restrictions
(Reference: CCNA Exploration 4 – Dynamic ACLs)

Question 5
Which command shows if an access list is assigned to an interface?
A. show ip interface [interface] access-lists
B. show ip access-lists interface [interface]
C. show ip interface [interface]
D. show ip access-lists [interface]

Answer: C
Explanation
The output of “show ip interface [interface]” command is shown below:
show_ip_interface.jpg
In the output we can see the access list 1 is applied to this interface on inbound direction.

Question 6
Which item represents the standard IP ACL?
A. access-list 50 deny 192.168.1.1 0.0.0.255
B. access-list 110 permit ip any any
C. access-list 2500 deny tcp any host 192.168.1.1 eq 22
D. access-list 101 deny tcp any host 192.168.1.1

Answer: A
Explanation
The standard access lists are ranged from 1 to 99 and from 1300 to 1999 so only access list 50 is a standard access list.

Question 7
Which statement about access lists that are applied to an interface is true?
A. you can apply only one access list on any interface
B. you can configure one access list, per direction, per layer 3 protocol
C. you can place as many access lists as you want on any interface
D. you can configure one access list, per direction, per layer 2 protocol

Answer: B
Explanation
We can have only 1 access list per protocol, per direction and per interface. It means:
+ We can not have 2 inbound access lists on an interface
+ We can have 1 inbound and 1 outbound access list on an interface

Question 8
A network engineer wants to allow a temporary entry for a remote user with a specific username and password so that the user can access the entire network over the internet. Which ACL can be used?
A. reflexive
B. extended
C. standard
D. dynamic

Answer: D
Explanation
We can use a dynamic access list to authenticate a remote user with a specific username and password. The authentication process is done by the router or a central access server such as a TACACS+ or RADIUS server. The configuration of dynamic ACL can be read here: http://www.cisco.com/en/US/tech/tk583/tk822/technologies_tech_note09186a0080094524.shtml

Question 9
Which parameter standard access list takes into consideration for traffic filtering decisions?
A. Source MAC address
B. Destination IP address
C. Destination MAC address
D. Source IP address

Answer: D

Question 10
In which solution is a router ACL used?
A. protecting a server from unauthorized access
B. controlling path selection, based on the route metric
C. reducing router CPU utilization
D. filtering packets that are passing through a router

Answer: D
Posted by at No comments:
Labels:

CCNA – Access List Questions

Question 1
Your boss is learning a CCNA training course, refer to the exhibit. The access list has been configured on the S0/0 interface of router RTB in the outbound direction. Which two packets, if routed to the interface, will be denied? (Choose two)
accesslist1
access-list 101 deny tcp 192.168.15.32 0.0.0.15 any eq telnet
access-list 101 permit ip any any

A. source ip address: 192.168.15.5; destination port: 21
B. source ip address: 192.168.15.37 destination port: 21
C. source ip address: 192.168.15.41 destination port: 21
D. source ip address: 192.168.15.36 destination port: 23
E. source ip address: 192.168.15.46; destination port: 23
F. source ip address: 192.168.15.49 destination port: 23

Answer: D E
Explanation
First we notice that telnet uses port 23 so only D, E & F can satisfy this requirement.
The purpose of this access-list is to deny traffic from network 192.168.15.32 255.255.255.240 (to find out the subnet mask just convert all bit “0″ to “1″ and all bit “1″ to “0″ of the wildcard mask) to telnet to any device. So we need to figure out the range of this network to learn which ip address will be denied.
Increment: 16
Network address: 192.168.15.32
Broadcast address: 192.168.15.47
-> Only 192.168.15.36 (Answer D) & 192.168.15.46 (Answer E) belong to this range so they are the correct answer.

Question 2
Refer to the graphic. It has been decided that PC1 should be denied access to Server. Which of the following commands are required to prevent only PC1 from accessing Server1 while allowing all other traffic to flow normally? (Choose two)
accesslist2
A – Router(config)# interface fa0/0
Router(config-if)# ip access-group 101 out
B – Router(config)# interface fa0/0
Router(config-if)# ip access-group 101 in
C – Router(config)# access-list 101 deny ip host 172.16.161.150 host 172.16.162.163
Router(config)# access-list 101 permit ip any any
D – Router(config)# access-list 101 deny ip 172.16.161.150 0.0.0.255 172.16.162.163 0.0.0.0
Router(config)# access-list 101 permit ip any any

Answer: B C

Question 3
Refer to the exhibit. Why would the network administrator configure RA in this manner?
accesslist3
A. to give students access to the Internet
B. to prevent students from accessing the command prompt of RA
C. to prevent administrators from accessing the console of RA
D. to give administrators access to the Internet
E. to prevent students from accessing the Internet
F. to prevent students from accessing the Admin network

Answer: B
Explanation
Although the access-list is used to “permit” network 10.1.1.0/24 but the best answer here is “to prevent students from accessing the command prompt of RA”. From the picture above, we know that 10.1.1.0/24 is the “Admin” network. This access list is applied to “line vty 0 4″ so it will permit only Telnet traffic from “Admin” to RA while drop all other traffic (because of the implicit “deny all” command at the end of the access list). Therefore we can deduce that it will “prevent students from accessing the command prompt of RA”.
This access list only filters Telnet traffic (because it is applied to vty line) so it will not prevent or allow anyone to access the Internet -> A, D, E are not correct.
C is not correct as this access list allows administrators to access the console of RA.
F is not correct as this access list does not proceed TCP, UDP or IP traffic so the students still access the Admin network.
(Notice that the “command prompt” here implies telnet as telnet is the only way to remotely access RA)

Question 4
An access list was written with the four statements shown in the graphic. Which single access list statement will combine all four of these statements into a single statement that will have exactly the same effect?
accesslist4
A. access-list 10 permit 172.29.16.0 0.0.0.255
B. access-list 10 permit 172.29.16.0 0.0.1.255
C. access-list 10 permit 172.29.16.0 0.0.3.255
D. access-list 10 permit 172.29.16.0 0.0.15.255
E. access-list 10 permit 172.29.0.0 0.0.255.255

Answer: C
Explanation
Four statements above allow 4 networks (from 172.29.16.0/24 to 172.29.19.0/24) to go through so we can summary them as network 172.29.16.0/22.
/22 = 255.255.252.0 so it equals 0.0.3.255 when converting into wildcard mask -> C is correct.
A, B, D are not correct as their wildcard masks are false. For example:
Answer A allows from 172.29.16.0 to 172.29.16.255
Answer B allows from 172.29.16.0 to 172.29.17.255
Answer D allows from 172.29.16.0 to 172.29.31.255
Both the network address and wildcard mask of answer E are false as it allows the whole major network 172.29.0.0/16 to go through.
 
Question 5
A network administrator wants to add a line to an access list that will block only Telnet access by the hosts on subnet 192.168.1.128/28 to the server at 192.168.1.5. What command should be issued to accomplish this task?
A – access-list 101 deny tcp 192.168.1.128 0.0.0.15 192.168.1.5 0.0.0.0 eq 23
access-list 101 permit ip any any
B – access-list 101 deny tcp 192.168.1.128 0.0.0.240 192.168.1.5 0.0.0.0 eq 23
access-list 101 permit ip any any
C – access-list 1 deny tcp 192.168.1.128 0.0.0.255 192.168.1.5 0.0.0.0 eq 21
access-list 1 permit ip any any
D – access-list 1 deny tcp 192.168.1.128 0.0.0.15 host 192.168.1.5 eq 23
access-list 1 permit ip any any

Answer: A
Explanation:
First the question asks to block only Telnet access so the port we have to use is 23 -> C is not correct.
Next we need to block traffic from hosts on the subnet 192.168.1.128/28, which is 192.168.1.128 0.0.0.15 if we convert to wildcard mask (just invert all bits of the subnet mask,from 0 to 1 and from 1 to 0 we will get the equivalent wildcard mask of that subnet mask) -> so B is incorrect
In this case, we have to use extended access list because we need to specify which type of traffic (TCP) and which port (23) we want to block -> so D is incorrect because it uses standard access list.
Question 6
As a network administrator, you have been instructed to prevent all traffic originating on the LAN from entering the R2 router. Which the following command would implement the access list on the interface of the R2 router?
accesslist_blocktraffic

A – access-list 101 in
B – access-list 101 out
C – ip access-group 101 in
D – ip access-group 101 out

Answer: C
Question 7
The following access list below was applied outbound on the E0 interface connected to the 192.169.1.8/29 LAN:
access-list 135 deny tcp 192.169.1.8 0.0.0.7 eq 20 any
access-list 135 deny tcp 192.169.1.8 0.0.0.7 eq 21 any
How will the above access lists affect traffic?
A – FTP traffic from 192.169.1.22 will be denied
B – No traffic, except for FTP traffic will be allowed to exit E0
C – FTP traffic from 192.169.1.9 to any host will be denied
D – All traffic exiting E0 will be denied
E – All FTP traffic to network 192.169.1.9/29 will be denied

Answer: D
Explanation:
There is always an implicit “deny all” command at the end of every access list, so if an access list doesn’t have any “permit” command, it will block all the traffic. If we use the command “access-list 135 permit ip any any” at the end of this access list then the answer should be C – FTP traffic from 192.169.1.9 to any host will be denied.
Question 8
The access control list shown in the graphic has been applied to the Ethernet interface of router R1 using the ip access-group 101 in command. Which of the following Telnet sessions will be blocked by this ACL? (Choose two)
accesslist
A – from host PC1 to host 5.1.1.10
B – from host PC1 to host 5.1.3.10
C – from host PC2 to host 5.1.2.10
D – from host PC2 to host 5.1.3.8

Answer: B D
Explanation
Below is the simple syntax of an extended access list:
access-list access-list-number {deny | permit} {ip|tcp|udp|icmp} source [source-mask] dest [dest-mask] [eq dest-port]
Notice that this access list is applied to the Ethernet interface of R1 in the “in direction” so in this case, it will filter all the packets originated from E1 network (host PC1 and PC2) with these parameters:
Source network: 5.1.1.8 0.0.0.3 which means 5.1.1.8/252 (just invert all the wildcard bits to get the equivalent subnet mask) -> Packets from 5.1.1.8 to 5.1.1.11 will be filtered.
Destination network: 5.1.3.0 0.0.0.255 which means 5.1.3.0/24-> Packets to 5.1.3.0/24 will be filtered
Therefore packets originated from 5.1.1.8 to 5.1.1.11 and have the destination to the host 5.1.3.x (via Telnet) will be denied.
Question 9
The following configuration line was added to router R1
Access-list 101 permit ip 10.25.30.0 0.0.0.255 any
What is the effect of this access list configuration?
A – permit all packets matching the first three octets of the source address to all destinations
B – permit all packet matching the last octet of the destination address and accept all source addresses
C – permit all packet matching the host bits in the source address to all destinations
D – permit all packet from the third subnet of the network address to all destinations

Answer: A
Posted by at No comments:
Labels:

Wednesday, January 18, 2012

CCNA – Show Command Questions


Question 1
Refer to the exhibit. What can be determined from the output?
show_ip_arp.jpg
A. 192.168.1.2 is local to the router.
B. 192.168.3.1 is local to the router.
C. 192.168.1.2 will age out in less than 1 minute.
D. 192.168.3.1 has aged out and is marked for deletion.

Answer: B
Explanation
The “Age” field in the “show ip arp” command is the age in minutes of the cache entry. A hyphen (-) means the address is local so in this case 192.168.1.1 & 192.168.3.1 are local to this router -> B is correct.
Note: The “Age 0″ means that the address was cached less than 1 minute ago.
Question 2
Refer to the exhibit. What could be possible causes for the “Serial0/0 is down” interface status? (Choose two)
show_interfaces_serial.jpg
A. A Layer 1 problem exists.
B. The bandwidth is set too low.
C. A protocol mismatch exists.
D. An incorrect cable is being used.
E. There is an incorrect IP address on the Serial 0/0 interface.

Answer: A D
Explanation
The first part of the “Serial0/0 is down, line protocol is down” indicates a layer 1 problem while the second part indicates a layer 2 problem -> A is correct.
Some popular layer 1 problems are listed below:
+ device power off
+ device power unplugged
+ loose network cable connection
+ incorrect cable type
+ faulty network cable
Answer B “The bandwidth is set too low” will not make a layer 1 problem.
Answer C is a layer 2 problem.
Answer E is a layer 3 problem.
Question 3
Which line from the output of the show ip interface command indicates a layer 1 problem?
A. Serial0/1 is up, line protocol is down
B. Serial0/1 is down, line protocol is down
C. Serial0/1 is up, line protocol is up
D. Serial0/1 is administratively down, line protocol is down

Answer: B
Explanation
Same as question 1.
Question 4
Refer to the exhibit. What is the meaning of the output MTU 1500 bytes?
show_interfaces_ethernet.jpg
A. The maximum number of bytes that can traverse this interface per second is 1500.
B. The minimum segment size that can traverse this interface is 1500 bytes.
C. The minimum segment size that can traverse this interface is 1500 bytes.
D. The minimum packet size that can traverse this interface is 1500 bytes.
E. The maximum packet size that can traverse this interface is 1500 bytes.
F. The maximum frame size that can traverse this interface is 1500 bytes.

Answer: E
Explanation
The Maximum Transmission Unit (MTU) defines the maximum Layer 3 packet (in bytes) that the layer can pass on-wards.
Question 5
The network administrator normally establishes a Telnet session with the switch from host A. The administrator’s attempt to establish a connect via Telnet to the switch from host B fails, but pings from host B to other two hosts are successful. What is the issue for this problem?
show_ip_int_brief.jpg
A. Host B and the switch need to be in the same subnet.
B. The switch needs an appropriate default gateway assigned.
C. The switch interface connected to the router is down.
D. Host B need to be assigned an IP address in vlan 1.

Answer: B
Explanation
Host A (172.19.1.1) and the management IP address of the Switch (172.19.1.250) are in the same subnet so telnet from host A to the switch can be successful even if a default gateway is not set on host A.
But host B (172.19.32.2) and the management IP address of the Switch (172.19.1.250) are not in the same subnet so host B needs a default gateway to telnet to the switch. The default gateway on host B should be 172.19.32.254.
Question 6
Which command displays CPU utilization?
A. show protocols
B. show process
C. show system
D. show version

Answer: B
Explanation
The “show process” (in fact, the full command is “show processes”) command gives us lots of information about each process but in fact it is not easy to read. Below shows the output of this command (some next pages are omitted)
show_process.jpg
A more friendly way to check the CPU utilization is the command “show processes cpu history”, in which the total CPU usage on the router over a period of time: one minute, one hour, and 72 hours are clearly shown:
show processes cpu history.jpg
+ The Y-axis of the graph is the CPU utilization.
+ The X-axis of the graph is the increment within the period displayed in the graph
For example, from the last graph (last 72 hours) we learn that the highest CPU utilization within 72 hours is 37% about six hours ago.
Question 7
Refer to the exhibit. You are connected to the router as user Mike. Which command allows you to see output from the OSPF debug command?
show_users.jpg
A. terminal monitor
B. show debugging
C. show sessions
D. show ip ospf interface

Answer: A
Explanation
By default, Cisco IOS does not send log messages to a terminal session over IP like Telnet, SSH but console connections do have logging feature enabled by default. To display debug command output and system error messages for Telnet or SSH session, use the “terminal monitor” command in privileged mode.



Posted by at No comments:
Labels:

CCNA – OSI Model Questions


Question 1
Which of the following correctly describe steps in the OSI data encapsulation process? (Choose two)
A. The transport layer divides a data stream into segments and may add reliability and flow control information.
B. The data link layer adds physical source and destination addresses and an FCS to the segment.
C. Packets are created when the network layer encapsulates a frame with source and destination host addresses and protocol-related control information.
D. Packets are created when the network layer adds Layer 3 addresses and control information to a segment.
E. The presentation layer translates bits into voltages for transmission across the physical link.

Answer: A D
Explanation
The transport layer segments data into smaller pieces for transport. Each segment is assigned a sequence number, so that the receiving device can reassemble the data on arrival.
The transport layer also use flow control to maximize the transfer rate while minimizing the requirements to retransmit. For example, in TCP, basic flow control is implemented by acknowledgment by the receiver of the receipt of data; the sender waits for this acknowledgment before sending the next part.
-> A is correct.
The data link layer adds physical source and destination addresses and an Frame Check Sequence (FCS) to the packet (on Layer 3), not segment (on Layer 4) -> B is not correct.
Packets are created when network layer encapsulates a segment (not frame) with source and destination host addresses and protocol-related control information. Notice that the network layer encapsulates messages received from higher layers by placing them into datagrams (also called packets) with a network layer header -> C is not correct.
The Network layer (Layer 3) has two key responsibilities. First, this layer controls the logical addressing of devices. Second, the network layer determines the best path to a particular destination network, and routes the data appropriately.
-> D is correct.
The Physical layer (presentation layer) translates bits into voltages for transmission across the physical link -> E is not correct.
Question 2
Which layer of the OSI reference model uses the hardware address of a device to ensure message delivery to the proper host on a LAN?
A. physical
B. data link
C. network
D. transport

Answer: B
Explanation
The hardware address of a device or the Media Access Control (MAC) address is added in the Data Link layer. An Ethernet MAC address is a 48-bit binary value expressed as 12 hexadecimal digits (for example: 00:15:A4:CB:03:CA).
Question 3
Which layer of the OSI reference model uses flow control, sequencing, and acknowledgments to ensure that reliable networking occurs?
A. data link
B. network
C. transport
D. presentation
E. physical

Answer: C
Question 4
Which layer in the OSI reference model is responsible for determining the availability of the receiving program and checking to see if enough resources exist for that communication?
A. transport
B. network
C. presentation
D. session
E. application

Answer: E
Question 5
Data transfer is slow between the source and destination. The quality of service requested by the transport layer in the OSI reference model is not being maintained. To fix this issue, at which layer should the troubleshooting process begin?
A. presentation
B. session
C. transport
D. network
E. physical

Answer: D
Question 6
Which protocols are found in the network layer of the OSI reference model and are responsible for path determination and traffic switching?
A. LAN
B. routing
C. WAN
D. network

Answer: B
Question 7
Refer to the exhibit. An administrator pings the default gateway at 10.10.10.1 and sees the output as shown. At which OSI layer is the problem?
C:\> ping 10.10.10.1
Pinging 10.10.10.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 10.10.10.1:
Packets: sent – 4, Received = 0, Lost – 4 (100% loss)
A. data link layer
B. application layer
C. access layer
D. session layer
E. network layer

Answer: E
Explanation
The Network layer is responsible for network addressing and routing through the internetwork. So a ping fails, you may have an issue with the Network layer (although lower layers like Data Link & Physical may cause the problem).
Question 8
Which of the following are types of flow control? (Choose three)
A. buffering
B. cut-through
C. windowing
D. congestion avoidance
E. load balancing

Answer: A C D
Explanation
Three types of flow control are buffering, windowing & congestion avoidance:
Buffering: If a device receives packets too quickly for it to handle then it can store them in a memory section called a buffer and proceed them later.
Windowing: a window is the quantity of data segments that the transmitting device is allowed to send without receiving an acknowledgment for them. For example:
With the window size of 1, the sending device sends 1 segment and the receiving device must reply with 1 ACK before the sending device can send the next segment. This “waiting” takes some time.
By increasing the window size to 3, the sending device will send up to 3 segments before waiting an ACK -> helps reduce the waiting time.
Congestion avoidance: lower-priority traffic can be discarded when the network is overloaded -> minimize delays.
Question 9
A network administrator is verifying the configuration of a newly installed host by establishing an FTP connection to a remote server. What is the highest layer of the protocol stack that the network administrator is using for this operation?
A. application
B. presentation
C. session
D. transport
E. internet
F. data link

Answer: A
Explanation
FTP belongs to Application layer and it is also the highest layer of the OSI model.
Question 10
A receiving host computes the checksum on a frame and determines that the frame is damaged. The frame is then discarded. At which OSI layer did this happen?
A. session
B. network
C. physical
D. data link
E. transport

Answer: D
Explanation
When using the term “frame” we can easily recognize it belongs to the Data Link layer. In this layer, an Frame Check Sequence (FCS) field is added to the frame to verify that the frame data is received correctly.

Posted by at No comments:
Labels:

CCNA – Cisco IOS Questions 3


Question 1
Refer to the exhibit. A router boots to the prompt shown in the exhibit. What does this signify, and how should the network administrator respond?
rommon 1>
A. This prompt signifies that the configuration file was not found in NVRAM. The network administrator should follow the prompts to enter a basic configuration.
B. The prompt signifies that the configuration file was not found in flash memory. The network administrator should use TFTP to transfer a configuration file to the router.
C. The prompt signifies that the IOS image in flash memory is invalid or corrupted. The network administrator should use TFTP to transfer an IOS image to the router.
D. The prompt signifies that the router could not authenticate the user. The network administrator should modify the IOS image and reboot the router.

Answer: C
Explanation
If a Cisco router boots in ROMmon mode, it means:
+ The value of the configuration register is set to XXX(the boot field – fourth bit – is 0)
+ The router is unable to locate a valid Cisco IOS software image (you can use the “dir flash:” command in ROMmon mode to look for the IOS in the Flash then try to boot that flash with the “boot flash:<IOS image>” command).
If the IOS image is invalid or corrupted, the fastest way to re-install a new Cisco IOS software image on the router is to copy a new one from TFTP (with “tftpdnld” command).
Question 2
What should be done prior to backing up an IOS image to a TFTP server? (Choose three)
A. Make sure that the server can be reached across the network.
B. Check that authentication for TFTP access to the server is set.
C. Assure that the network server has adequate space for the IOS image.
D. Verify file naming and path requirements.
E. Make sure that the server can store binary files.
F. Adjust the TCP window size to speed up the transfer.

Answer: A C D
Question 3
Which two privileged mode cisco ios commands can be used to determine a cisco router chassis serial number? (choose two)
A. show inventory
B. show flash filesys
C. dir flash:|include chassis
D. show diag
E. show controllers

Answer: A D
Question 4
Which command helps a network administrator to manage memory by displaying flash memory and NVRAM utilization?
A. show secure
B. show file systems
C. show flash
D. show version

Answer: B
Question 5
A network administrator changes the configuration register to 0×2142 and reboots the router. What are two results of making this change? (Choose two)
A. The IOS image will be ignored.
B. The router will prompt to enter initial configuration mode.
C. The router will boot to ROM.
D. Any configuration entries in NVRAM will be ignored.
E. The configuration in flash memory will be booted.

Answer: B D
Explanation
The router bypasses the startup configuration stored in NVRAM during its boot sequence so the router will enter initial configuration mode. This feature is normally used during a password recovery procedure.
Question 6
Refer to the exhibit. For what two reasons has the router loaded its IOS image from the location that is shown? (Choose two)
Router1> show version
Cisco Internetwork Operating System Software
IOS ™ 7200 Software (C7200-J-M), Experimental Version 11.3tl997091S:1647S2)
[hampton-nitro-baseline 249]
Copyright (c) 1986-1997 by cisco Systems, Inc.
Compiled Wed 08-0ct-97 06:39 by hampton
Image text-base: 0×60008900, data-base: 0x60B98000
ROM: System Bootstrap, Version 11.1(11855) [beta 2], INTERIM SOFTWARE
BOOTPLASH: 7200 Software (C7200-BOOT-M), Version 11.1(472), RELEASE SOFTWARE (fcl)
Router1 uptime is 23 hours, 33 minutes
System restarted by abort at PC 0x6022322C at 10:50:SS PDT Tue Oct 21 1997
System image file is “tftp://112.16.1.129/hampton/nitro/c7200-j-mz”
cisco 7206 (NPE150) processor with 57344K/8192K bytes of memory.
<output omitted>
Configuration register is 0×2102
A. Router1 has specific boot system command that instruct it to load IOS from TFTP server.
B. Router1 is acting as a TFTP server for other routers.
C. Router1 cannot locate a valid IOS image in flash memory.
D. Router1 defaulted to ROMMON mode and loaded the IOS image from a TFTP sewer.
E. Cisco routers will first attempt to load a image from TFTP for management purposes.

Answer: A C
Explanation
When powered on, the router first checks its hardware via Power-On Self Test (POST). Then it checks the configuration register to identify where to load the IOS image from. In the output above we learn that the Configuration register value is 0×2102 so the router will try to boot the system image from Flash memory first.
But we also see a line “System image file is “tftp://112.16.1.129/hampton/nitro/c7200-j-mz”. Please notice that this line tells us the image file that the device last started. In this case it is from a TFTP server. Therefore we can deduce that the router could not load the IOS image from the flash and the IOS image has been loaded from TFTP server.
Note:
If the startup-config file is missing or does not specify a location, it will check the following locations for the IOS image:
+ Flash (the default location)
+ TFTP server
+ ROM (used if no other source is found)


Posted by at No comments:
Labels:

CCNA – Cisco IOS Questions 2


Question 1
When you are logged into a switch, which prompt indicates that you are in privileged mode?
A. %
B. @
C. >
D. $
E. #

Answer: E
Explanation
The “#” (like Switch#) indicates you are in privileged mode while the “>” indicates you are in user mode.
Note: The “#” sign in “Switch(config)#” indicates this is only accessible at privileged EXEC mode. The “(config)#” part indicates we are in configuration mode.
Below lists popular modes in Cisco switch/router:
Router>User EXEC mode
Router#Privileged EXEC mode
Router(config)#Configuration mode
Router(config-if)#Interface level (within configuration mode)
Router(config-router)#Routing engine level (within configuration mode)
Router(config-line)#Line level (vty, tty, async) within configuration mode
Question 2
Which command is used to copy the configuration from RAM into NVRAM?
A. copy running-config startup-config
B. copy startup-config: running-config:
C. copy running config startup config
D. copy startup config running config
E. write terminal

Answer: A
Explanation
The running-config is saved in RAM while the startup-config is saved in NVRAM. So in order to copy the configuration from RAM into NVRAM we use the command “copy running-config startup-config” (syntax: copy ).
Question 3
Which command is used to load a configuration from a TFTP server and merge the configuration into RAM?
A. copy running-config: TFTP:
B. copy TFTP: running-config
C. copy TFTP: startup-config
D. copy startup-config: TFTP:

Answer: B
Explanation
The syntax of the copy command is “copy ” so to copy a configuration from a TFTP server into RAM we use the command “copy TFTP: running-config”.
Question 4
There are no boot system commands in a router configuration in NVRAM. What is the fallback sequence that router will use to find an IOS during reload?
A. Flash, TFTP server, ROM
B. Flash, NVRAM, ROM
C. ROM, NVRAM, TFTP server
D. NVRAM, TFTP server, ROM
E. TFTP server, Flash, NVRAM

Answer: A
Explanation
When you turn the router on, it runs through the following boot process.
The Power-On Self Test (POST) checks the router’s hardware. When the POST completes successfully, the System OK LED indicator comes on.
The router checks the configuration register to identify where to load the IOS image from. A setting of 0×2102 means that the router will use information in the startup-config file to locate the IOS image. If the startup-config file is missing or does not specify a location, it will check the following locations for the IOS image:
1. Flash (the default location)
2. TFTP server
3. ROM (used if no other source is found)
The router loads the configuration file into RAM (which configures the router). The router can load a configuration file from:
+ NVRAM (startup-configuration file)
+ TFTP server
If a configuration file is not found, the router starts in setup mode.
Question 5
A Cisco router is booting and has just completed the POST process.It is now ready to find and load an IOS image. What function does the router perform next?
A. It checks the configuration register
B. It attempts to boot from a TFTP server
C. It loads the first image file in flash memory
D. It inspects the configuration file in NVRAM for boot instructions

Answer: A
Explanation
Same as Question 4
Question 6
Refer to the partial command output shown. Which two statements are correct regarding the router hardware? (Choose two)
system image file is “flash:c2600-do3s-mz.120-5.T1″
Cisco 2621 (MPC860) processor (revision 0×600) with 53248K/12288K bytes of memory
Processor board ID JAD05280307 (3536592999)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, version 3.0.0.
2 FastEthernet/IEEE 802.3 interface(s)
2 Serial(sync/async) network interface(s)
2 Low-speed serial(sync/async) network interface(s)
16 terminal line(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board system flash (Read/Write)
A. Total RAM size is 32 KB
B. Total RAM size is 16384 KB (16 MB)
C. Total RAM size is 65536 KB (64 MB)
D. Flash size is 32 KB
E. Flash size is 16384 KB (16 MB).
F. Flash size is 65536 KB (64 MB)

Answer: C E
Explanation
The line “Cisco 2621 (MPC860) processor (revision 0×600) with 53248K/12288K bytes of memory” tells how much RAM in your router. The first parameter (53248) specifies how much Dynamic RAM (DRAM) in your router while the second parameter (12288K) indicates how much DRAM is being used for Packet memory (used by incoming and outgoing packets) in your router. Therefore you have to add both numbers to find the amount of DRAM available on your router -> C is correct.
Note: Cisco 4000, 4500, 4700, and 7500 routers have separate DRAM and Packet memory, so you only need to look at the first number to find out the DRAM in that router.
The flash size is straightforward from the line “16384K bytes of processor board system flash (Read/Write)” -> E is correct.
Question 7
Which router IOS commands can be used to troubleshoot LAN connectivity problems? (Choose three)
A. ping
B. tracert
C. ipconfig
D. show ip route
E. winipcfg
F. show interfaces

Answer: A D F
Explanation
The ping command can be used to test if the local device can reach a specific destination -> A is correct.
“tracert” is not a valid command in Cisco IOS commands, the correct command should be “traceroute” -> B is not correct.
The ipconfig command is not a valid command in Cisco IOS too -> C is not correct.
The “show ip route” command can be used to view the routing table of the router. It is a very useful command to find out many connectivity problems (like directly connected networks, learned network via routing protocols…) -> D is correct.
“winipcfg” is an old tool in Windows 95/98 to view IP settings of the installed network interfaces. But it is not a valid command in Cisco IOS commands -> E is not correct.
The “show interfaces” command is used to check all the interfaces on the local device only. It has very limited information to trouble LAN connectivity problem but it is the most reasonable to choose -> F is acceptable.
Question 8
Which two locations can be configured as a source for the IOS image in the boot system command? (Choose two)
A. RAM
B. NVRAM
C. flash memory
D. HTTP server
E. TFTP server
F. Telnet server

Answer: C E
Explanation
The following locations can be configured as a source for the IOS image:
  1. + Flash (the default location)
  2. + TFTP server
  3. + ROM (used if no other source is found)
  4. (Please read the explanation of Question 4 for more information)
Question 9
Refer to the exhibit. Why is flash memory erased prior to upgrading the IOS image from the TFTP server?
Router# copy tftp flash
Address or name of remote host []? 192.168.2.167
Source filename []? c1600-k8sy-mz.123-16a.bin
Destination filename [c1600-k8sy-mz.123-16a.bin]?
Accessing tftp://192.168.2.167/ c1600-k8sy-mz.l23-16a.bin…
Erasing flash before copying? [confirm]
Erasing the flash filesystem will remove all files! continue? [confirm]
Erasing device
Eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Eeeeeeeeeeeeeeeeeeeeeeeeeeeeeee …erased
Erase of flash: complete
Loading c1600-k8sy-mz.l23-16a.bin from 192.168.2.167 (via Ethernet0):
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 6888962/13777920 bytes]
verifying checksum… OK (0x7BF3)
6888962 bytes copied in 209.920 secs (32961 bytes/sec)
Router#
A. The router cannot verify that the Cisco IOS image currently in flash is valid
B. Flash memory on Cisco routers can contain only a single IOS image.
C. Erasing current flash content is requested during the copy dialog.
D. In order for the router to use the new image as the default, it must be the only IOS image in flash.

Answer: C
Explanation
During the copy process, the router asked “Erasing flash before copying? [confirm]” and the administrator confirmed (by pressing Enter) so the flash was deleted.
Note: In this case, the flash has enough space to copy a new IOS without deleting the current one. The current IOS is deleted just because the administrator wants to do so. If the flash does not have enough space you will see an error message like this:
%Error copying tftp://192.168.2.167/ c1600-k8sy-mz.l23-16a.bin (Not enough space on device)
Question 10
Which command reveals the last method used to powercycle a router?
A. show reload
B. show boot
C. show running-config
D. show version

Answer: D
Explanation
The “show version” command can be used to show the last method to powercycle (reset) a router
show_version.gif

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)