NATIONAL EXAM PREPARATION COACHING

SECTION A: Attempt all questions (55 marks)

01. A. Define Computer network (5marks)
B. Outline elements of computer network
Answer:
A. Computer network: is a group of computers that use a set of common
communication protocols over digital interconnection for the purpose of
sharing resources located on or provided by the network (2mark)
B. Elements of computer network
 Hardware (1mark)
 Software (1mark)
 Protocol (1mark)
Reference: Learning Outcome 1 Introduction to Network Concepts
Indicative Content:1.1. Description of Network concepts and
Technologies
Curriculum Level III in Networking Internet technology page 3 year 2022,
(Remembering)

02. A. What is Protocol. (4marks)

B. What are the types of Protocols.
Answer:
Protocol: is a set of rules or guideline that govern how data is transmitted and
received in a communication system. (1mark)
Types of protocol
 Internet protocols (1mark)
 Wireless network protocol (1mark)
 Network routing protocols (1mark)
Reference: Learning Outcome 1 Introduction to Network Concepts Indicative
Content :1.1. Description of Network concepts and Technologies
Curriculum Level III in Networking Internet technology page 3 year 2022,
(Remembering)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 03. What do you understand by the following protocols: (5marks)
a) DHCP
b) AppleTalk
c) CSMA/CD
d) CSMA/CA
e) TCP
Answer:
a) DHCP: is a networking protocol that is designed to provide ip address
automatically to the network users (1mark)
b) Apple talk: is a protocol that simple and efficient means of transferring
small amounts of data across a network. (1mark)
c)CSMA/CD: this is used to detect and reduced the chances of collisions
mostly in wireless network. (1mark)
d) CSMA/CA: is develop to minimize or reduced the potential or effect of a
collision occurring when two or more stations send data over data link layer.
(1mark)
e) TCP: This is a networking protocol that is used to transmit data and messages
through networks. (1mark)
Reference:( Learning outcome 2: Apply network protocols and communications,
indicative content 2.3. Description of Network Protocols curriculum level III,
page 5, year 2022 (understanding)

04. Outline the types of transmission media and two (2) examples for each. (4marks)
Answer:
 Wired(guided) (1mark)
Examples: coaxial cable, fiber optical, twisted pair cable. (1mark)
 Wireless(unguided) (1mark)
Examples: radio wave, infrared, microwave, Bluetooth. (1mark)
Reference: Learning Outcome 1 Introduction to Network Concepts Indicative
Content:1.4. description of network concepts and technologies. Curriculum Level
III in Networking
Internet technology page 4 year 2022 (Remembering)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
 05. What type of network cable would you use to connect two different devices? (1mark)
Answer
 Straight cable (1mark)
Reference: Learning Outcome 2: network protocols and communication
Indicative Content:2.3. description of network media and transmission.
Curriculum Level III in Networking Internet technology page 5 year 2022
(Remembering)
06. write the classes of IP address and their range
Answer: (5marks)
CLASSES RANGE
Class A/0.5mark 1-126 /0.5mark
class B/0.5mark 128-191/0.5mark
Class C/0.5mark 192-223/0.5mark
Class D/0.5mark 224-239/0.5mark
Class E/0.5mark 240-255/0.5mark
Reference: Learning outcome 3: Apply IP Addressing
(IPv4&IPv6). Indicative content:3.1. Description of IP addressing
concepts Curriculum Level III in networking and internet technology
page 7 year 2022 (Remembering)
07. Explain the benefit of using sub-netting
Answer: (3marks)

1. Conservation of IP addresses: Imagine having a network of 20 hosts. Using

a Class C network will waste a lot of IP addresses (254-20=234). Breaking
up large networks into smaller parts would be more efficient and would
conserve a great amount of addresses. (1mark)
2. Reduced network traffic: The smaller networks that created the smaller
broadcast domains are formed, hence less broadcast traffic on network
boundaries. (1mark)
3. Simplification: Breaking large networks into smaller ones could simplify fault
troubleshooting by isolating network problems down to their specific
existence. (1mark)
Reference: Learning outcome 3: Apply IP Addressing

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 (IPv4&IPv6) Indicative content: 3.3. Application of IPv4 concepts. Curriculum
Level III in networking and internet technology page 7 year 2022
(understanding

08. Describe the types of network standards (4marks)

Answer:
De Facto standards: A format, or protocol that has become a standard not
because it has been approved by a standards organization but because it is
widely used and recognized by the industry as being standard. Examples of de
facto standards include but not limited to: the QWERTY keyboard, the
Windows operating system and breadcrumb trail technology; a navigation aid
used when moving through a website that indicates the current page in relation
to the website's remaining pages. (2marks)

De Jure standards: De jure standards are those which have been approved by
formal authorities like the Institute of Electrical and Electronics Engineers
(IEEE) and the International Organization for Standardization (ISO) (2marks)
Reference: Learning outcome 2: Network protocols and communications. I
C.2.2. Description of Network standards
Curriculum Level III in networking and internet technology page 5-year 2022
(understanding)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 09. According to the class of network devices belong in table below, give at least two (2) (3marks)
examples for each class:

Classes of network devices Examples

Access devices
Interconnection devices
End device
Answer:

Classes of network devices Examples

Access devices -NIC (0.5mark)
-Access point (0.5mark)
Interconnection devices -bridge (0.5mark)
-Access point
-router (0.5mark)
End device -Security camera (0.5mark)
-Computer (0.5mark)
Reference: Learning Outcome 1 Introduction to Network Concepts Indicative
Content:1.4. classification of network device. Curriculum Level III in
Networking Internet technology page 4 year 2022 (understanding)
10. List three (3) major types of signals transmitted through logical media (3marks)
Answer:
Radio wave (1mark) Infrared
(1mark) Microwaves (1mark)
Reference: Learning outcome 2: Network protocols and communications. I
C.2.3. Description of Network media and transmission. Curriculum Level III
in networking and internet technology page 4 year 2022 (Remembering)
11. In the following IP addresses select IP address which is in class B:
a) 100.10.10.3
b) 234.168.4.4
(2marks)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 c) 28.28.11.6
d) 128.10.10.0
Answer:
d)128.10.10.0 (2marks)
Reference: Learning outcome 3: Apply IP Addressing (IPv4&IPv6)
Indicative Content.3.1. Description of IP addressing concepts Curriculum Level
III in networking and internet technology page 5 year 2022 (Applying)

12. Show the use of baseband and broadband. (4marks)

Answer:
Baseband via broadband
Baseband technology transmits a single data/stream/channel at a time (2marks)
while broadband technology transmits multiple data signals/stream/channels
simultaneously at the same time. (2marks)
Or (consider 4 points for each column)

Baseband transmission Broadband transmission

Transmit digital signals Transmit analog signals
(0.5mark) (0.5mark)
To boost signal strength, use To boost signal strength, use
repeaters (0.5mark) amplifiers (0.5mark)
Can transmit only a single data Can transmit multiple signal waves
stream at a time. (0.5mark) at a time. (0.5mark)

Support bidirectional communication Support unidirectional

simultaneously. (0.5mark) communication only. (0.5mark)

Support TDM based multiplexing Support FDM based multiplexing

(0.5mark) (0.5mark)
Use coaxial,twisted-pair,and fiber – Use radio waves, coaxial
optic cables. (0.5mark) cables, and fiber optical
cables. (0.5mark)
Mainly used in Ethernet LAN Mainly used in cable and
networks. (0.5mark) telephone networks.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 (0.5mark)
Reference:( Learning outcome 2: Apply network protocols and
communications, indicative content 2.3. Description of Network Media and
Transmission curriculum level III, page 5, year 2022 (Applying)

13. Ipv4 has 32bits, how do we find these bits? (3marks)

Answer:
IP address has 4 parts (1.5marks)
1 2 3 4
And each part has 8bits which means it is 11111111.11111111.11111111.11111111
32 bits when count ones together is equal to 32bits (1.5marks)
Reference: Learning outcome 3: Apply IP Addressing (IPv4&IPv6) Indicative
content: 3.2. application of IP configuration Curriculum Level III in
networking and internet technology page 8 year 2022 (Applying)

14. Which command that shows if you are in global configuration mode (2marks)
Answer:
Router(config)# (1mark)
Switch(config)# (1mark)
Reference: Learning outcome 3: Apply IP Addressing (IPv4&IPv6).
Indicative content:3.5 Application of IP configuration. Curriculum Level III
in networking and internet technology page 8 year 2022 (Applying)

15. choose the correct IP address used in ipv6 from the following: (1mark)
a) 2001:0DB8:AC10: FE01::0000
b)4F23::00D3::0000:13B4 c)37B0:4480:14BF: B464
answer:
c)37B0:4480:14BF: B464 (1mark)
Reference: Learning outcome 3: Apply IP Addressing

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
 (IPv4&IPv6). Indicative content:3.4 Application of IPv6 concepts
Curriculum Level III in networking and internet technology page 8 year 2022
(Applying)
16. Among the following tools, materials and equipment select only equipment (2marks)
needed in LAN:
a. Switch
b. Ethernet cable
c. Computer
d. Plier
e. RJ-45
Answer:
a. Switch (1mark)
b. Computer (1mark)
Reference: Learning outcome 1: Description of network concepts and
technologies. Indicative Content.1.5. Description of network models.
Curriculum Level III in networking and internet technology page 4 year 2022
(understanding)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 17. . Match the following network standard with their technologies: (4marks)
a) IEEE 802.3 1. Wireless
b) IEEE 802.16 2. VLANS
c) IEEE 802.1Q 3. Fiber optic
d) IEEE 802.11
4. Bluetooth
e) IEEE 802.15 5. Token ring
f) IEEE 802.8 6. Ethernet
g) IEEE 802.5 7. WIMAX
Answer:
a=6 (0.5mark)
b=7 (0.5mark)
c=2 (0.5mark)
d=1 (0.5mark)
e=4 (0.5mark)
f=3 (0.5mark)
g=5 (1mark) OR
a) IEEE 802.3 equivalent to 6. Ethernet (0.5mark)
b) IEEE 802.16 equivalent to 7. WIMAX (0.5mark)
c) IEEE 802.1Q equivalent to 2. VLANS (0.5mark)
d) IEEE 802.11 equivalent to 1. Wireless
(0.5mark)
e) IEEE 802.15 equivalent to 4. Bluetooth (0.5mark)
f) IEEE 802.8 equivalent to 3. Fiber optic (0.5mark)
g) IEEE 802.5 equivalent to 5. Token ring (1mark)
Reference: Learning outcome 1: Identify network concepts
Indicative content:1.1. Description of network concepts and technologies.
Curriculum Level III in networking and internet technology page 3 year 2022
(Remembering)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Section B: Attempt any three (3) questions (30 marks)

18. Examine ipv6 and give four (4) advantages and four (4) disadvantages (10marks)
Answer:
Ipv6 or internet protocol version 6 is a network layer protocol that allows
communication to take place over network.
Ipv6 was the deigned by internet engineering task force(IETF)with the purpose of
superseding the ipv4 due to the global exponentially growing internet users. (2marks)
Advantages of ipv6 (consider only 4 items)
 Reliability (1mark)
 Faster speeds: ipv6 supports multicast rather than broadcast in ipv4.this
feature allows bandwidth-intensive packet flows (like multimedia streams) to
be sent to multiple destinations all at once. (1mark)
 Stringer security: IP security, which provides confidentiality and data
integrity, is embedded into ipv6. (1mark)
 Routing efficiency (1mark)
 Most important it’s the final solution for growing nodes in
global-network. (1mark)
Disadvantages of ipv6 (consider only 4 items)
1. Compatibility issue.one major drawback of IPv6 is the lack of backward
compatibility with IPv4. (1mark)
2. Implementation complexity: implementing IPv6 can be more complex
than IPv4 due to its new addressing scheme, header format, and routing
protocol. (1mark)
3. Cost of transition: Transitioning from IPv4 to IPv6 can be costly for
organization, may require upgrade to networking equipment, software and
infrastructure to support the new protocol. (1mark)
4. Security concerns: While IPv6 includes build-in security features,
such as IPsec, the increased address space and complexity of the
protocol can introduce new security
vulnerability. (1mark)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 5. Addressing and routing overhead: (1mark)
6. LACK OF UNIVERSAL ADOPTION: (1mark)
Reference: Learning outcome 3: Apply IP Addressing (IPv4&IPv6) Indicative
content: 3.4. Application of IPv6 concepts
Curriculum Level III in networking and internet technology page 8 year 2022
(Analyzing)
19. As network administrator of EEEECC Company you are requested to satisfy a (10marks)
network to the staff members and their customers with IP address of 192.168.10.0/26
a. What are the number of subnets?
b. How many valid hosts will be connected on each subnet?
c. What will be the new subnet mask?
d. What will be the host range?
e. Use table to show (first id, and broadcast) for each subnet.
Answer:
Given: IP address:192.168.10.0/26
a) What are the number of subnet we slash notation of 26 then by default class
is /24 the borrowed bits are 2?
11111111.11111111.11111111.11000000
Number of subnets=2x=22=4subnets (1mark)
b) How many hosts will be connected on each subnet? number of

host =2y-2=26-2=64-2=62hosts (1mark)

c) new subnet mask

11111111.11111111.11111111.11000000
255. 255. 255. 192 (2marks)
d) host range: 2y=26=64 or full subnet mask-new subnet mask 256-192=64
(2marks)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 e)

subnet id first host last host Broadcast

192.168.10.0 192.168.10.1 192.168.10.62 192.168.10.63
(0.5mark) (0.5mark)
192.168.10.64 192.168.10.65 192.168.10.126 192.168.10.127
(0.5mark) (0.5mark)
192.168.10.128 192.168.10.129 192.168.10.190 192.168.10.191
(0.5mark) (0.5mark)
192.168.10.192 192.168.10.193 192.168.10.254 192.168.10.255
(0.5mark) (0.5mark)
Reference: Learning outcome 3: Apply IP Addressing (IPv4&IPv6) Indicative Refe
renc
content: 3.1. Description of IP addressing concepts
e:(
Curriculum Level III in networking and internet technology page 7 year Lear
2022(Evaluating) ning
20. Define IP address, then compare ipv4 and ipv6 with at least four (4) points for outc
each ome
3:
Answer: Appl
IP address: is a unique number that is identify host on the network. y IP
(2marks) addr
essin
IP version 4 IP version 6 g,
indic
 This is 32 bits address  This is 128 bits address (16
ative
(4bytes) (1mark) bytes) (1mark)
cont
 This has 5 different classes of IP  This does not contain ent
address (class A, B, C, D and E) classes of IP address 3.1.
(1mark) (1mark) Desc
ripti
 This support VLSM  This does not support
on
(1mark) VLSM
of IP
 This has limited number of ip  Ipv6 has a large number of IP addr
addresses (1mark) addresses (1mark) ess
conc
 IPv4 is dotted decimal  IPv6 is hexadecimal
ept
notation. notation. (1mark)
curr
iculu

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 m level

(10marks)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 III, page 7, year 2022 (Analyzing)
21. Compare OSI model layers from TCP/IP model layers (10marks)
Answer:

OSI model layer TCP/IP model layer

Application layer (1mark)
Presentation layer(1mark) Session layer Application layer (1mark)
(0.5mark)
Transport layer (1mark) Transport layer (1mark)
Network layer (1mark) Internet layer (1mark)
Data link layer (1mark) Network access layer (1mark)
Physical link layer (0.5mark)
Reference:( Learning outcome 2: Apply network protocols and
communications, indicative content 2.3. Description of Network Protocols
curriculum level III, page 5, year 2022 (Analyzing)
22. As a trainee who completed this module of network fundamental criticize (10marks)
classification of network based on geographical area and based on components
roles
Answer:
Based on geographical are:
Local Area Network (LAN) –LAN or Local Area Network connects network devices
in such a way that personal computer and workstations can share data, tools and
programs. The group of computers and devices are connected together by a switch, or
stack of switches, using a private addressing scheme as defined by the TCP/IP
protocol. (2marks)
Metropolitan Area Network (MAN) –MAN or Metropolitan Area Network covers a
larger area than that of a LAN and smaller area as compared to WAN. It connects two
or more computers that are apart but resides in the same or different cities. It covers a
large geographical area and may serve as an ISP (Internet Service Provider). MAN is
designed for customers who need a high-speed connectivity.
Speeds of MAN ranges in terms of Mbps. (2marks)
Wide Area Network (WAN) –WAN or Wide Area Network is a computer network
that extends over a large geographical area, although it might

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 be confined within the bounds of a state or country. A WAN could be a connection of
LAN connecting to other LAN’s via telephone lines and radio waves and may be
limited to an enterprise (a corporation or an organization) or accessible to the public.
The technology is high speed and relatively expensive. (2marks)
Based on component roles:
Client-Server Network: This model is broadly used network model. In Client-Server
Network, Clients and server are differentiated, specific server and clients are present.
In Client-Server Network, Centralized server is used to store the data because its
management is centralized. In Client-Server Network, Server respond the services
which is request by Client. (2marks)
Peer-to-Peer Network: This model does not differentiate the clients and the servers,
in this each and every node is itself client and server. In Peer-to-Peer Network, Each
and every node can do both request and respond for the services. (2marks)
Reference: Learning Outcome 1 Introduction to Network Concepts Indicative
Content:1.1. Description of network concepts and technologies Curriculum Level
III in Networking Internet technology page 3 year 2022, (Evaluating)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Section C: Attempt only one (1) question (15 marks)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Suppose you are requested to build a network topology that has a central node. (15marks)
a) Draw and explain that topology
b) Give three (3) advantages and three (3) disadvantages of that topology
answer:
a) Star topology: this is a network topology where all devices are connected
to the central device called Hub or Switch. (3marks)

(2marks)

b) Advantages of star topology (consider only 3 items) /5marks

 Easy to use (1.5mark)
 Easy to implement (1.5mark)
 Easy to understand (2marks)
 Fast performance with few nodes and low network traffic.
 Hub can be upgraded easily.
 Easy to troubleshoot.
 Easy to setup and modify.
Only that node is affected which has failed, rest of the nodes can work smoothly.
Disadvantages of star topology (consider only 3 items) /5marks
 Cost of installation is high. (1.5mark)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Expensive to use. (1.5mark)
 If the hub fails, then the whole network is stopped because all the nodes
depend on the hub. (2marks)
 Performance is based on the hub that is it depends on its capacity
 Require more cables
Reference: Learning outcome 1.1 Introduction to Network Concepts.
Indicative content:1.2. Description of Network topology. Curriculum
Level III in networking internet technology page 3 year 2022(Creating)

24. . As technician hired by magnet telecommunication company located at Remera to fix (15marks)
the problem of having insufficient network cable and they decided to make new cable,
what are the steps should be followed during the process of making a new cable
Answer:
steps should be followed during the process of making new cable Step1: Arrange
all required equipment. (3marks)
Step2: use crimping tool to remove the outer shell or cover of the cable. (3marks)
Step3: Arrange the colors according to the type of cable are you willing or supposed
to do and align them. (3marks)
Step4: Fixation of cable inside the RJ-45 connector and close the RJ-
45. (3marks)
Step5: check cable functionality by cable tester device. (3marks)
Reference:( Learning outcome 2: Apply network protocols and communications,
indicative content 2.3. Description of Network Media and Transmission
curriculum level III, page 5, year 2022
(creating)

01. Define the following terms:

a) Wireless communication (2marks)
b) infrared communication

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Answer:
A) Wireless communication is the transfer of information (telecommunication)
between two or more points without the use of an electrical conductor, optical
fiber or other continuous guided medium for the transfer. (1mark) OR
Wireless communication is the transmission of voice and data without cable or
wires.
B) Infrared (IR) is a wireless mobile technology used for device
communication over short ranges. (1mark)
Reference: Learning outcome 1: Apply wireless network Concepts. Indicative
content1: Introduction to Wireless network. Curriculum level 3 page 4, year
2022. Remembering

02. List at least four (4) types of wireless network (4marks)

Answer:
✓ Wireless PAN (1mark)

✓ Wireless LAN (1mark)

✓ Wireless MAN (1mark)

✓ Wireless WAN (1mark)

Reference. Learning outcome 1: Apply wireless network Concepts. Indicative
content2. Identification of wireless network Types. Curriculum level 3 page 4,
year 2022. Remembering

03. Name any five (5) wireless network components. (5marks)

Answer/choose 5
✓ Wireless NICs (1mark)
✓ Wireless Router/Home router (1mark)
✓ Access point (1mark)

✓Wireless Antennas (1mark)

✓Wireless controller (1mark)
✓Wireless bridges (1mark)
Reference. Learning outcome 1: Apply wireless network Concepts. Indicative
content3. Identification of wireless network components.Curriculum level 3

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 page 4, year 2022. Remembering
04. Illustrate two (2) application of wireless network technologies (2marks)
Answer:
✓Short range /Low power (1mark)
✓Large range (1mark)
Reference. Learning outcome 1: Apply wireless network Concepts. Indicative
content4. Application of Wireless technologies. Curriculum level 3 page 4, year
2022.
Understanding

05. Which of the following is an example of wireless network standards? (2marks)

A. IEEE802.11ax
B. IEEE802.11a
C. IEEE802.a
D. IEEE802.b
Answer:
A. IEEE802.11ax (1mark)
B. IEEE802.11a (1mark)
C. IEEE802.a
D. IEEE802.b
A and B are the correct answer (2marks)
Reference. Learning outcome 1: Apply wireless network Concepts. Indicative
content5. Classification of Wireless network standards Curriculum level 3
page 4, year 2022. Understanding

06. Explain the Ad-hoc mode in wireless network and give two examples. (4marks)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Answer:
An ad hoc wireless network is when two wireless devices communicate in a peer-
to-peer (P2P) manner without using APs or wireless routers. (2marks)
Examples include Bluetooth and Wi-Fi Direct. (2marks)
A variation of the ad hoc topology is when a smart phone or tablet with cellular data
access is enabled to create a personal hotspot.
Reference. Learning outcome 1: Apply wireless network Concepts Indicative
content6. Operation mode of Wireless network Curriculum level 3 page 5,
year 2022 Understanding

07. Give two (2) requirements needed before to make an installation of wireless (2marks)
network indoor.
Answer:
Two requirements needed before to install wireless network indoor:
 Conduct physical environment visit (1mark)
 Record site information (1mark)
Reference. Learning outcome 2: Plan wireless network indoor installation.
Indicative content1: Identification of wireless network indoor installation
requirements. Curriculum level 3 page 6, year 2022 Remembering

08. Outline five (5) most common devices that create interference and noise in a (5marks)
wireless infrastructure.
Answer:
choose 5
Microwave ovens. (1mark)
CCTV wireless surveillance video cameras. (1mark)
Wireless baby monitors. (1mark) Bluetooth
devices. (1mark) iBeacons. (1mark)
Some car alarms. (1mark)
Wireless phones. (1mark)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Wireless microphones (1mark)
ZigBee (802.15.4). (1mark)
Wi-Fi jammers. (1mark)
Reference. Learning outcome 2: Plan wireless network indoor installation.
Indicative content1: Identification of wireless network indoor installation
requirements. Curriculum level 3 page 6, year 2022. Understanding

09. What is” cost estimation” in wireless network indoor installation? (2marks)
Answer:
Cost estimation is the process of forecasting the cost and other resources needed to
complete a project within a defined scope. Cost estimation accounts for each element
required for the project and calculates a total amount that determines a project’s
budget.
2marks
Reference. Learning outcome 2: Plan wireless network indoor installation.
Indicative content 3. Estimation of wireless network indoor installation
cost. Curriculum level 3 page 6, year 2022 Remembering

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 10. Circle the letter that corresponding to the correct answer of the following questions: (2marks)
I. Which of the following does Temporal Key Integrity Protocol (TKIP) support?
A. Multicast and broadcast messages
B. Coordination of IEEE 802.11 protocols
C. Wired Equivalent Privacy (WEP) systems
D. Synchronization of multiple devices
II. AES stands for
A. Advance Electronic standard
B. Application Email Standard
C. Advanced Encryption Standard
D. Analytics Engineer Standard
Answer:

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Circle the letter that corresponding to the correct answer of the following questions
I. Which of the following does Temporal Key Integrity Protocol (TKIP) support?
A. Multicast and broadcast messages
B. Coordination of IEEE 802.11 protocols
C. Wired Equivalent Privacy (WEP) systems (1mark)
D. Synchronization of multiple devices
II. AES stands for
A. Advance Electronic standard
B. Application Email Standard
C. Advanced Encryption Standard (1mark)
D. Analytics Engineer Standard
Reference: Learning outcome 3: Deploy wireless network indoor
Indicative content 2. Basic Configuration of wireless network devices.
Curriculum level 3 page 7-8, year 2022. Applying

11. As a technician you are installing the wireless network and there is a problem of (3marks)
signal stability, identify the best ways used to solve this issue of signal stability.
Answer:
- Check and reduce interference (1mark)
- Check obstacle (1mark)
- Add a wireless repeater (1mark)
Reference. Learning outcome 4: maintain wireless network indoor. Indicative
content1. Performing Preventive maintenance Curriculum level 3 page 9-10,
year 2022.
Applying

12. Write the following in full words: (4marks)

A. SSID
B. WEP

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 C. WAP

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 D. IP
Answer:
A. SSID: Service Set Identifier (1mark)
B. Wired: Equivalency Privacy (1mark)
C. Wi-Fi: Protected Access (1mark)
D. IP: Internet Protocol (1mark)
Reference. Learning outcome 3: Deploy wireless network indoor
Indicative content2. Basic Configuration of wireless network devices.
curriculum level 3-page 9-10 year 2022 Remembering
Differentiate Mac address filtering and Parental control. (4marks)
Answer:
MAC address filtering allows you to block traffic coming from certain known
machines or devices. The router uses the MAC address of a computer or device on
the network to identify it and block or permit the access. (2marks)
13. While

Parental control allows you to set up unique restrictions on internet access for
each member of your family. You can block inappropriate content, set daily limits
for the total time spent online and restrict internet access to certain times of the day.
(2marks)
Reference. Reference. Learning outcome 3: Deploy wireless network indoor.
Indicative content3: Application of Access restrictions parameters. curriculum
level 3, page 8 year 2022 Understanding

14. Testing performance determines whether the WLAN can satisfy user needs for using (5marks)
specific applications over the WLAN. If the PC is operational but the wireless
connection is performing poorly, demonstrate how to check the root cause of this
problem.
Answer:
 How far is the PC from an AP? Is the PC out of the planned coverage
area (BSA)? (1mark)
 Check the channel settings on the wireless client. The client software

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 should detect the appropriate channel as long as the

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 SSID is correct. (1mark)
 Check for the presence of other devices in the area that may be interfering
with the 2.4 GHz band. (1mark)
Examples of other devices are cordless phones, baby monitors, microwave
ovens, wireless security systems, and potentially rogue APs. Data from these
devices can cause interference in the WLAN and intermittent connection
problems between a wireless client and AP.
 Next, ensure that all the devices are actually in place. Consider a possible
physical security issue. Is there power to all devices and are they powered
on? (1mark)
 Finally, inspect links between cabled devices looking for bad connectors
or damaged or missing cables. (1mark)
Reference: Learning outcome 3. Deploy wireless network indoor
Indicative content 4: Testing of deployed wireless network indoor.
curriculum level 3, page 8 year 2022 Applying

15. Answer By True Or False. Answer: (2marks)

A. IPv4 Internet Address is a unique address of 32-bit. TRUE (1mark)
B. IPv6 Internet Address is unique address of 132-bit. FALSE (1mark)
Reference: Learning outcome 3. Deploy wireless network indoor
Indicative content5: Documentation of deployed wireless network.
curriculum level 3, page 8 year 2022 Remembering

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 16. How does ping and traceroute work? (2marks)
Answer:
Ping uses ICMP (Internet Control Message Protocol) Echo messages to see if a
remote host is active or inactive, how long a round trip message takes to reach the
target host and return, and any packet loss. (1mark)
traceroute sends three packets of data to test each 'hop' (when a packet is passed
between routers it is called a 'hop'). (1mark)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Reference: Learning outcome 3. Deploy wireless network indoor
IC5: Documentation of deployed wireless network. Curriculum level 3,
page 8 year 2022. Applying
17. Once a wireless network has been installed, you want to know if there is reliable (5marks)
internet connection. Show the parameters you will use to check whether the
wireless network is working properly.
Answer: choose 5
- Signal strength (1mark)
- Link quality (1mark)
- Throughput (1mark)
- Latency (1mark)
- Packet loss (1mark)
- Interference (1mark)
- Client connectivity (1mark)
- Availability (1mark)
Reference: Learning outcome 3: Deploy wireless network indoor
IC3: Application of Access restrictions parameters. Curriculum level 3, page 8
year 2022. Applying

Section B: Attempt any three (3) questions (30 marks)

18. Considering the aspects in the table below, distinguish the function of Wireless (10marks)
Antennas and the function of Wireless controller:

Aspect Wireless Antennas Wireless Controllers

Definition

Functionality

Role

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Impact on Network

Example

Answer:

Aspect Wireless Antennas Wireless Controllers

Centralized devices managing and

Devices that transmit and coordinating wireless network
receive wireless signals. traffic. (1mark)
Definition (1mark)

Capture and radiate Manage network policies,

radio frequency (RF) authentication, and traffic shaping.
Functionality signals. (1mark) (1mark)

Passive components in Active components that orchestrate

wireless networks. (1mark) network operations. (1mark)
Role

Influences coverage area,

signal quality, and data Directly affects network
Impact on throughput. (1mark) performance, security, and
Network scalability. (1mark)

External antennas on Wi-Fi Cisco Wireless LAN Controllers,

routers and access points. Aruba Mobility Controllers.
Example (1mark) (1mark)

Reference: Learning outcome 1: Apply wireless network Concepts. IC3. - Ide

Identification of wireless network components. Curriculum level 3 page 4, nti
year 2022 Analysing fyi
19. The process of locating, diagnosing, and fixing errors or malfunctions in a ng
system after they happen known as corrective maintenance. How can Fa
corrective maintenance be carried out? ult
s:
Answer: Th

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 e first step in corrective maintenance is identifying faults or issues within
the system. (2marks)
- Diagnosing the Problem: Once a fault is identified, the next step is to
diagnose the underlying problem causing the issue. (10marks)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 (2marks)
- Prioritizing Maintenance Tasks: Not all faults require immediate
attention, and prioritizing maintenance tasks is crucial to ensure efficient
allocation of resources. (2marks)
- Implementing Remedial Actions: Once the problem is diagnosed and
prioritized, remedial actions are implemented to address the fault and
restore the system to normal operation. (2marks)
- Documenting Maintenance Activities: It is essential to document all
corrective maintenance activities for future reference and analysis. (2marks)
Reference learning outcome 4. Maintain wireless network indoor. IC2:
Performing Corrective maintenance. Curriculum level 3 page 9, year 2022.
Analyzing

20. Compare the factors you consider while you’re going to make software
maintenance by considering the table below:
(10marks)
Corrective Adaptive Perfective
Factor Maintenance Maintenance Maintenance

Definition

Testing

Risk

Answer:

Corrective Adaptive Perfective

Factor Maintenance Maintenance Maintenance

Modifying software to Enhancing software to

Fixing bugs accommodate changes improve performance,
and errors in the environment or usability, or other
found in the requirements (1mark) quality attributes
software (1mark)
Definition (1mark)

Testing Testing required to Extensive testing may

primarily ensure the adapted be required to validate
focuses on software functions changes
Testing

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 the fixed correctly in the new and ensure no
issues or bugs environment unintended
(1mark) (1mark) consequences
(1mark)

Risks primarily
associated with
not addressing Risks associated with not Risks associated with
identified issues adapting to changing introducing new bugs or
or bugs requirements or breaking existing
(1mark) environments functionality (1.5marks)
(1.5marks)
Risk

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Reference: Learning outcome 4: maintain wireless network indoor. indicative
content1. Performing Preventive maintenance. Curriculum level 3 page 9, year
2022. Analyzing
21. To evaluate the physical topology of a wireless network, you need to consider (10marks)
several factors related to its layout: design, and infrastructure. How can you assess - E
the physical topology effectively? nv
Answer: ir
on
- coverage Area: Evaluate the coverage area of the wireless network to
m
ensure that it meets the requirements of the intended use case. (1mark)
en
- Access Point Placement: Review the placement of access points (APs) tal
to ensure optimal coverage and minimal signal interference. (1mark) Fa
- Cabling Infrastructure: Assess the cabling infrastructure supporting ct
the wireless network, including Ethernet cables connecting APs to or
network switches or routers. (1mark) s:
C
- Power Supply: Evaluate the availability and reliability of power sources on
for APs and other network equipment. (1mark)
si
- Antenna Configuration: Review the configuration of antennas used with de
APs to optimize signal propagation and coverage patterns. (1mark) r
- Physical Security: Assess the physical security measures in place to en
vir
protect network equipment, such as APs, switches, and cabling
on
infrastructure. (1mark)
m
en
tal
fa
ct
or
s
th
at
m
ay
im
pa
ct
th
e
pe
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
 rformance and reliability of the wireless network, such as temperature,
humidity, and exposure to dust or moisture. (1mark)
- Scalability: Evaluate the scalability of the physical topology to
accommodate future growth and expansion of the wireless network.
(1mark)
- Documentation and Labelling: Review documentation and labelling
practices to ensure that all network equipment, cables, and connections
are properly documented and labelled. (2marks)
Reference learning outcome 2. Plan wireless network indoor installation.
Iindicative content 2: Designing Wireless network Blueprint. Curriculum
level 3 page 6, year 2022. Evaluating
22. 22. Compare the following settings of wireless network devices, according to
their configurations. Administration parameters setting, Accessibility
settings and Security mode setting. Answer:

Settings Configuration (10marks)

Administration parameters setting - gateway IP address
(1mark)
- username (1mark)
- password (1mark)
Accessibility setting - Radio mode selection
(1mark)
- Channel selection
(1mark)
- SSID (1mark)
- Password/key (1mark)
Security mode setting - WEP (1mark)
- WPA (1mark)
- WPA2 /WPA3 (1mark)

Reference: Learning outcome 3: Deploy wireless network indoor

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Iindicative content2. Basic Configuration of wireless network devices. Curriculum
level 3 page 6, year 2022. Evaluating

Section C: Attempt only one (1) question (15 marks)

23.A. Draw and explain a ring topology composed of five (5) nodes. (10marks)
B. Explain what happens if a device in a ring topology fails?
(5marks) Answer:

A) Ring topology is a type of network configuration where devices are connected

in a circular manner, forming a closed loop. In this setup, each device is connected
to exactly two other devices, creating a continuous pathway for data transmission.
This means that data travels in only one direction around the ring, passing through
each device until it reaches its destination. (10marks)

(5marks)
B) If a device in a ring fails, it can disrupt the entire network. (5marks)
In such cases, the data transmission is interrupted, and the network becomes
inaccessible.
Reference. Learning outcome 3. Plan wireless network indoor installation. IC2.
Designing Wireless Network Blueprint
curriculum level 3, page 8 year 2022. Creating

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

24. Elaborate all the steps to follow while making an Ethernet cable. (15marks)

Answer:

1. Strip your cable. (1mark)

2. Untwist the twisted pair wires all the way back to the jacket. (1mark)

3. Align the untwisted wires in the order necessary for your needs. (1mark)

4. Cut the extra wire. (1mark)

5. Push the remaining wires into the RJ45 head. (1mark)

6.Double-check that the wires are all the way up into the gold pins of the head and
made it up in the proper order. (2marks)

7. Push the head into the open space of the crimping tool and squeeze it
closed, hard. (2marks)

8.Open the crimping tool and remove your newly-crimped Ethernet connector.
(2marks)

9. Repeat the crimping process on the other side of the cable if you're making a
completely new cable. (2marks)

10. Plug one end of the cable into the tan, two-port end of the cable tester, and
the other end into the other part of the tester with the graphic display window.
(2marks)

Reference. Learning outcome 3: Deploy wireless network indoor

IC1. Mounting Wireless Network equipment. Curriculum level 3, page 8 year

2022. Creating

01. Define network topology as used in wireless network.

Answer:
The topology of a wireless network is simply the way network components are
arranged. It describes both the physical layout of devices, routers, and gateways, and
the paths that data follows between them. /2marks
References (wireless network outdoor, L.O.1: plan wireless network outdoor
installation, IC .1.3. Design wireless network topology, RQF Level:4, Page 5)
Remembering (1)
02. Match the following elements with their corresponding meaning in the table below:

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Elements Meanings Answers
1. Network a) It is the number of cycles done by a 1……
coverage area data when is traveling or passing
through the air from a transmitter to a
receiver.
2. Interference b) is geographical area covered by the 2……..
network of a service provider
3. Frequency c) is a wireless network provided outside of 3………
the building. It is designed to be used in, or
carried on in the open air.
4.Wireless d) is an unwanted wireless signal injected 4……..
network into the original signal which may result in
a temporary loss of wireless signals, poor
receiver performance, or bad quality of
output by the electronic equipment.

5. wireless 5……..
network
outdoor

Answer:

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 (2marks)

1: b /1 mark
2: d /1 mark
3: a /1 mark
4:
5: c /1 mark
Reference: (wireless network outdoor, L.O.1: plan wireless network
outdoor installation, IC.1.1: Identification of network requirements,
RQF Level:4, Page 3)
Remembering (2)
03. What does the terminology “network monitoring” mean in wireless (2 marks)
network?
Answer:
Network monitoring is the process of collecting, analyzing, and interpreting
data/1mark from a computer network to evaluate its performance and health.
/1mark the goal of network monitoring is to detect and troubleshoot issues
before they can cause network downtime or negatively impact the user
experience.
Reference: (wireless network outdoor, LO.3. Maintain wireless network
outdoor, IC.3.1. Monitoring wireless network Outdoor, RQF Level:4,
Page 10)
Remembering (3)

04. Select the correct answer for each of the statements below as used in (3 marks)
wireless network outdoor set up:
A. An access point (AP) in a wireless network is defined as:
i. Wireless device itself
ii. Both device that allows wireless devices to connect to a
wired network and wireless devices itself.
iii. Device that allows wireless device to connect to a wired
network
B. The frequency range of IEEE 802.11a standard is:
i. 2.4 Gbps
ii. 5 Gbps
iii. 2.4 GHz
iv. 5 GHz

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 C. The frequency range of IEEE 802.11b standard is:
i. 2.4 Gbps
ii. 5 Gbps

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 iii. 2.4 GHz
iv. 5 GHz
Answer:
A. iii. Device that allows wireless device to connect to a wired
network /1 mark
B. iv. 5GHz
/1 mark
C. iii.2.4 GHz
/1 mark
Reference: (wireless network outdoor, LO.2. Deploy wireless network
outdoor, IC.2.2 Installation of wireless network devices, RQF Level:4,
page 7)
Remembering (4)
05. What does wireless mesh network topology mean?
Answer: (2 marks)
A wireless mesh network is mesh network created through the connection
of wireless access point (WAP) node installed at each network users
locate. /1mark The network infrastructure is decentralized and
simplified because each node need only transmit as far the next node.
/1mark

References (wireless network outdoor, LO.2. Deploy wireless network

outdoor, IC.2.4. Set Up Outdoor-Specific Features, RQF Level:4, page 8)
Remembering (5)

06. What do you understand by the term wireless upgrading? (2 marks)

Answer:
Wireless upgrading means a modification or addition to transmission-
related facilities that are integrated with and support the transmission
system for general benefit of all users of such transmission system /2
marks
Reference: (wireless network outdoor, LO.3. Maintain wireless network
outdoor, IC.3.3. Upgrading wireless network Outdoor, RQF Level:4,
Page 8) Remembering (6)

07. Explain any three (3) wireless antenna categories available for wireless (3marks)
LAN.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Answer:

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Here are different antenna categories available for wireless LANs:
 Omni-directional
 Semi-directional
 highly directional.
 Directional antenna
 Yagi antennas
 Parabolic antennas
 Patch antennas
 Sector antenna
 Helical Antennas
o Omni-directional /0.5 marks – Omni directional antennas are
designed to radiate a signal in all directions. /0.5 marks
o Semi-directional /0.5 marks– Semi directional antennas are
designed to provide specific, directed signal coverage over large
areas. /0.5 marks
o Highly directional /0.5 marks - Highly directional antennas are
used for point-to-point links; for example, between two
buildings. /0.5 marks
References (wireless network outdoor, L.O.1: plan wireless network
outdoor installation, IC.1.1: Identification of network requirements,
RQF Level:4, Page 3)
Understanding (1)

08. List any four (4) factors to consider while selecting best Wi-Fi router. (4 marks)
Answer:
Some main factors to consider while selecting the best Wi-Fi router.
o Antenna
/1 mark
o Dual-band
/1 mark
o USB Port
/1 mark
o Security
/1 mark
o Speed Router
/1 mark

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
 o Brand name
/1mark
o Wi-Fi Range
/1mark
o Price
/1 mark
NB: Consider only four (4) factors
Reference: (wireless network outdoor, L.O.1: plan wireless
network outdoor installation, IC.1.2. Identification of Materials
and Equipment, RQF Level:4, Page 4)
Understanding (2)

09. Differentiate point to point from multipoint bridging as used in wireless (2 marks)
network.
Answer:
A point to point wireless bridge is a type of technology that is used in
Wi-Fi network that allows users to connect multiple locations together
in order to share a single internet connection, which can allow them to
share data across that shared network. /1 mark
While multipoint bridging is typically used for a large amount of
connections with lower bandwidth needs. /1 mark
Reference: (wireless network outdoor, LO.2. Deploy wireless network
outdoor, IC.2.4. Set Up Outdoor-Specific Features, RQF Level:4, page
8) Understanding (3)

10. By using a comparison table, distinguish between WPA2 and WEP. (3 marks)
Answer:
/0.5mark for each
NB: Consider only 3 difference for each
WPA2 WEP
 WPA2 Stands for Wi-Fi  WEP Stands for Wired
protected access version 2 equivalent
/0.5marks privacy/0.5marks
 WPA2 uses a dynamic network  WEP provides a static
access key and multiple layers encryption key, which is
of protection for any network it required to be changed is
protecting. /0.5marks manually. /0.5marks

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  WPA2 would take the  WEP can be cracked easily.
longest to crack /0.5marks /0.5marks
 Wpa2 supports faster  It has many security
roaming/0.5marks vulnerabilities and provides
less security. /0.5marks

References (wireless network outdoor, LO.2. Deploy wireless

network outdoor, IC.2.2. Installation of wireless network devices,
RQF Level:4, Page 7)
Understanding (4)

11. Identify any three (3) software tools which can be used in network (3 marks)
monitoring.
Answer:
Some software tools used to monitor network, are the following:
o Wireshark /1 mark
o Solar Winds Network Performance /1 mark
o Wi-Fi Analyzer /1 mark
Reference: (wireless network outdoor, LO.3. Maintain wireless network
outdoor, IC.3.1. Monitoring wireless network Outdoor, RQF Level:4,
Page 10) Understanding (5)

12. XYZ Company has deployed a new wireless network in their building (5 marks)
and you are appointed as wireless network consultant in XYZ Company
building, what are different network testing are you going to apply?
Answer:
 Signal coverage testing /1 mark
 Performance testing /1 mark
 In-motion testing /1 mark
 Security vulnerability testing /1 mark
 Acceptance /verification testing /1 mark
 Prototype testing /1 mark
 Simulation testing /1 mark
 Prototype testing /1 mark
 Pilot testing /1 mark
NB: Consider only 5 answers

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
 Reference:(wireless network outdoor, LO.2. Deploy wireless
network outdoor, IC. 2.5: Testing of deployed wireless network
outdoor, RQF Level:4, Page 7)
Applying (1)
13. Rearrange the following steps of performing a network upgrade according (5 marks)
to their good orders.
1.Review and evaluation
2.Implementation
3.Operation 4.Requirement
gathering 5.Selection and
design
Answer
1. Requirement gathering /1 mark
2. Selection and design /1 mark
3. Implementation /1 mark
4. Operation /1 mark
5. Review and evaluation /1 mark
Reference: (wireless network outdoor, LO.3. Maintain wireless
network
outdoor, IC.3.3. Upgrading wireless network Outdoor, RQF
Level:4, Page 8) Applying (2)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 14. When Monitoring wireless network Outdoor, you have to consider (3 marks)
monitoring metrics. Outline any three (3) network monitoring metrics.
Answer
o Signal Strength (Bandwidth and Latency) /1 mark
o Signal to noise Ratio /1 mark
o Data throughput /1 mark
o Jitter /1 mark
o Packet Loss and Re-transmissions /1 mark
NB: Consider only 3 answers
Reference: (wireless network outdoor, LO.3. Maintain wireless
network
outdoor, IC.3.1. Monitoring wireless network Outdoor, RQF
Level:4, Page 10) Remembering (7)

15. Identify any four (4) guidelines you can apply when you want to (4 marks)
position your wireless equipment for optimal network performance.

Answer: Choose only Four (4)

o Central location: /0.5 marks place a wireless router/access
point in a central location within your home or office to ensure
even coverage throughout. /0.5 marks
o Elevate the router: /0.5 marks Position the router/ access point
at elevated position to improve signal propagation. /0.5 marks
o Avoid obstructions: /0.5 marks position equipment away from
physical obstructions which can block or interfere with the
wireless signal. /0.5 marks
o Keep away from interference sources /0.5 marks: keep wireless
equipment away from source of interference such as microwaves
oven, cordless phones, Bluetooth devices, and other electronic
devices that can operate on the same frequency band. /0.5 marks
o Minimize distance: /0.5 marks reduce the distance between
the wireless router/access point and connected devices to
improve signal strength and reduce latency. /0.5 marks

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 o Use signal booster/repeater: /0.5 marks consider using
booster to extend the range the range of your wireless network.
/0.5 marks
o Adjust channel settings: /0.5 marks check for and adjust
channel settings to avoid interferences from neighboring wireless
networks. /0.5 marks
o Update firmware: /0.5 marks keep firmware up to date on your
wireless equipment to ensure optimal performance and security.
/0.5 marks
o Regular maintenance: periodically review and adjust the
positioning of wireless equipment as needed. /0.5 marks

NB: Consider only four (4) answers

Reference: (wireless network outdoor, LO.2. Deploy wireless network
outdoor, IC.2.2. Installation of wireless network devices, RQF
Level:4, Page 7), Applying (3)
16. AB Business company located in RUBAVU has a wireless router with 40 (3 marks)
concurrent users that use internet services such as Chatting, e- mail,
YouTube, web browsing and video streaming. As a result, an estimated
bandwidth per user is 2.5 Mbps. How many bandwidths the company
needs so as to satisfy all users?
Answer
o Data given:
Number of users=40 /0.5marks
Bandwidth per user=2.5 Mbps /0.5 marks
o Asked question
Total bandwidth? /0.5 marks
o Formula
Total bandwidth=number of users*bandwidth per user /0.5 marks
Answer= 40*2.5Mbps=100 Mbps
The company needs 100 Mbps to satisfy all users /1 marks
Reference: (wireless network outdoor, L.O.1: plan wireless network
outdoor installation, IC.1.1: Identification of network requirements,
RQF Level:4, Page 3) Applying (4)

17. Draw the following network topology used in WLAN set up. (5 marks)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 a) Ring topology

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 b) Star topology
c) Mesh topology
Answer:
a) Ring topology /1.5 marks

b) Start Topology /1.5 marks

C) Mesh Topology /2 marks

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 References (wireless network outdoor, L.O.1: plan wireless network
outdoor installation, IC.1.3. Design wireless network topology, RQF
Level:4) Applying (5)

18. There are two standards of making a straight through cable (EIA/TIA- (10marks)
568-A and EIA/TIA-568-B). after defining what is a straight through
cable, Arrange the following color according to those above commonly
known standards.
Green, Orange-White, Blue, Orange, Blue-White, Brown, Green-
White, Brown-White.

Standard A (EIA/TIA- Standard B EIA/TIA-568-

568-A) B)
1. 1.
2. 2.
3. 3.
4. 4.
5. 5.
6. 6.
7. 7.
8. 8.

Answer:
Straight through cable: this refers to network cables that connect two
different types of end devices; such as PC to switch, PC to router, etc….
/2marks

Standard A (EIA/TIA-568-A) Standard B EIA/TIA-568-B)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 1.Green/white /0.5marks 1.White/orange /0.5marks
2.Green /0.5marks 2.Orange /0.5marks
3.Orange/white /0.5marks 3.White/green /0.5marks
4.Blue /0.5marks 4.Blue /0.5marks
5.Blue/white /0.5marks 5.White/blue /0.5marks
6.Orange /0.5marks 6.Green /0.5marks
7.Brown/white /0.5marks 7.White/brown /0.5marks
8.Brown /0.5marks 8.Brown /0.5marks

Reference: (wireless network outdoor, LO.2. Deploy wireless

network outdoor, IC.2.2. Installation of wireless network devices,
RQF Level:4, Page 7)
Evaluating (1)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 19. A wireless site survey is a physical survey of the premises where a (10marks)
wireless network will be installed. Briefly explain key points to base on
when conducting wireless site survey?

Answer:
The following are key points to base on when conducting wireless site
survey:
o Understand the wireless requirements: You must have a good
understanding of specific requirements for the network that impacts
signal coverage. /2 marks
o Obtain a facility diagram: Before getting too far with the site
survey, locate a set of building blueprints or city maps. If none are
available, prepare a drawing that depicts the location of walls,
walkways, etc./2 marks
o Visually inspect the facility: Walk through the facility before
performing any testing to verify the accuracy of the facility diagram.
This is a good time to note any potential attenuation barriers that may
affect the propagation of RF signals. /2 marks
o Assess existing network infrastructure: Determine the
capacity of any existing wired networks that can interface the
access points or mesh nodes. Most buildings have Ethernet and, in
some cases, optical fiber networks. /2 marks
o Identify coverage areas: On the facility diagram or city map,
indicate all areas where coverage is needed, such as offices,

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 hallways, stairwells, utility rooms, bathrooms, break rooms, patios,
parking garages, and elevators. /2 marks
o Determine preliminary access point locations: By considering
the location of wireless users and range estimations of the wireless
LAN products you’re using, approximate the locations of access
points that will provide adequate coverage throughout the user areas.
/2 marks
o Verify access point locations: This is when the site survey
testing begins.
/2 marks
NB: Consider only 5 points
References (wireless network outdoor, L.O.1: plan wireless network
outdoor installation, IC.1.1 Identification of network requirements.,
RQF Level:4, Page 4) Analysis

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 20. You are hired as network technician at any school and you are assigned (10marks)
to create a wireless network so that all staffs will have internet access
easily. Explain any ten (10) steps that will be followed while configuring
a wireless router so that all staffs and teachers will be connected. Use any
type of wireless router of your choice.

Answer:
Step 1: Get to know your wireless router /1 mark
Step 2: Connect your router to Laptop/PC for initial setup /1 mark
Step 3: Identify router’s default credentials /1 mark
Step4: Open web browser and type router’s default IP address. /1 mark
Step 5: Determine your broadband /1 mark
Step 6: Configure your broadband connection: On this model, you clicked
the "Setup" menu "Basic setup" submenu. Again, your model may differ,
and newer models may include a guided wizard that takes you through
these steps`/1 mark
Step 7: Configure your wireless network basics: If your router is
connected to broadband and it is working successfully, we can setup the
wireless networking configuration /1 mark
Step 8: Configure your wireless security: Most wireless network users will
select one of four degrees of encryption security available in wireless
hardware today. /1 mark

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Step 9: Save settings /1 mark
Step 10: Restart your wireless router to apply settings /1 mark
References (wireless network outdoor, LO.2. Deploy wireless
network outdoor, IC.2.3. Configuration of wireless devices, RQF
Level:4), Evaluating (2)
(10marks)
21. Using a classification table, Classify the following elements used in wireless
network setup and configuration: Knife, Routers, Hammer Drill, Ethernet
Cables, Outdoor Access Points, cable tester, Antennas Power-Over-
Ethernet, RJ-45, Cable manager and wire stripper into tools, material and
equipment.
Answer:
/1 mark for each

Tools Material Equipment

Knife RJ-45 Outdoor Access Points
Hammer Cable Manager Antennas Power-Over-
Drill Ethernet
Cable Tester Ethernet Cable Router
Wire
Stripper

Reference:(wireless network outdoor, LO.2. Deploy wireless

(10marks)
network
outdoor, IC.2.1 Selection of tools, Materials and Equipment, RQF
Level:4, Page 6)Analyzing (2)
22. Packet loss refers to the failure of data packets to reach their
destination across network. As a network technician, analyze
different causes of packet loss which may occur in network.
Answer`
The following are causes for Packet loss:
o Network Congestion: Network Congestion occurs when there is high
network traffic, data packets can be delayed or dropped due to limited
bandwidth. /2 marks
o Faulty Network Hardware: Faulty hardware, such as damaged cables
or faulty network devices, can also cause packet loss. /2 marks

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 o Processing Power: Insufficient processing power is a frequent culprit of
packet loss in layer 3 network devices like routers or firewalls. /2 marks

o Physical Cabling: Packet loss can also result from the physical cabling
utilized in a network. Ethernet cables may sustain damage or
experience electromagnetic interference, both of which can compromise
signal quality and lead to packet loss. /2 marks
o Software Bugs: Bugs or glitches in network software can also cause
packet loss. This can include improperly configured network device
software or bugs in the software, firmware, or operating system code,
which can cause unexpected behavior, including dropped or delayed
packets. /2 marks

o Security Measures: Some security measures, such as firewalls or

intrusion detection systems, may block or filter certain types of data
packets, resulting in packet loss. /2 marks
o Latency: Latency, also called, long distances between network devices
or multiple network hops can increase the likelihood of packet loss. /2
marks

o Quality of Service (QoS) settings: QoS settings may prioritize certain

types of network traffic over others, leading to packet loss for less
important traffic. IT professionals can employ Quality of Service (QoS)
settings to assign priority to network traffic based on its importance,
guaranteeing that vital applications, like VoIP or video conferencing
(QoS for VoIP), are prioritized over less crucial traffic, such as email or
file transfers. /2 marks

o Routing Issues: Routing issues can also cause packet loss. When packets
are sent from one device to another, they may travel through several
intermediate devices, such as routers and switches, before reaching their
destination. If there is a problem with the routing table or if the
destination device is not reachable, the intermediate devices may drop the
packet. /2 marks

o Environmental Issues: In addition to technical factors, non- technical

factors such as environmental interference or electromagnetic interference
(EMI) can also cause packet loss. EMI can cause data corruption and
signal interference, leading to packet loss and other network issues.
Consider five causes

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 References (wireless network outdoor, LO.3. Maintain wireless network
outdoor, IC.3.1. Monitoring wireless network Outdoor, RQF Level:4)
Analyzing (3)

23. As an IT Technician, create your own ways that can guide you when (15marks)
troubleshooting access point if it is not sharing wireless network.

Answer:
 Check the hardware and software /1.5 marks
 Power operating & stable /1.5 marks
 Up-to-date software image and configuration file /1.5 marks
 Check Indicator LEDs /1.5 marks
 Check the radio /1.5 marks
 Is the country code set (if applicable)? /1.5 marks
 Is the AP radio enabled? /1.5 marks
 Is the SSID enabled /1.5 marks
 Is AP detection scanning turned off? /1.5 marks
 Check for mismatches in: /1.5 marks
o SSID (including case and spaces)
o WEP key or WPA pre-shared key
o Radio settings (frequency and speed)
o Is the IP configuration in the same subnet as the wired
switch connection?
References (wireless network outdoor, LO.3. Maintain wireless
network outdoor, IC.3.2. Troubleshooting wireless network Outdoor,
RQF Level:4), creating (1)

24. A network technician wants to secure the wireless network to avoid (15marks)
intruders entering in network. You are going to help him as a trainee in
NETWORKING, to change the default login credentials (default SSID
and Password), in order to secure his wireless network. Write steps of
changing default login on a wireless router. Use router of your choice.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Answer
By using d-link router
Step 1: Reset a router in order to access it
/3 marks
Step 2: Open your web browser and enter http://dlinkrouter or
http://dlinkrouter.local or http://192.168.0.1 into the address bar.
/3 marks

The default username is Admin and the password is blank (nothing).

Click Login.

Step 2: Click on the Setup tab on the top of the configuration page
and then click the Wireless Settings button on the left side. /3marks

Step 3: Click on Manual Wireless Network Setup /1 mark

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 Step 5: Click Save Settings to save your settings. /2 mark
References:(wireless network outdoor, LO.3. Maintain wireless
network outdoor, IC.3.4. Document wireless network Outdoor, RQF
Level:4)
Creating 2)

END OF ASSESSMENT

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Q #1) What is a Network?
Answer: Network is defined as a set of devices connected to each other using a physical transmission medium.
For Example, A computer network is a group of computers connected with each other to communicate and
share information and resources like hardware, data, and software. In a network, nodes are used to connect two
or more networks.
Q #2) What is a Node?
Answer: Two or more computers are connected directly by an optical fiber or any other cable. A node is a point
where a connection is established. It is a network component that is used to send, receive and forward the
electronic information.
A device connected to a network is also termed as Node. Let’s consider that in a network there are 2 computers,
2 printers, and a server are connected, then we can say that there are five nodes on the network.

Q #3) What is Network Topology?

Answer: Network topology is a physical layout of the computer network and it defines how the computers,
devices, cables, etc are connected to each other.
Q #4) What are Routers?
Answer: The router is a network device that connects two or more network segments. It is used to transfer
information from the source to the destination.
Routers send the information in terms of data packets and when these data packets are forwarded from one
router to another router then the router reads the network address in the packets and identifies the destination
network.

Q #5) What is the OSI reference model?

Answer: Open System Interconnection, the name itself suggests that it is a reference model that defines how
applications can communicate with each other over a networking system.
It also helps to understand the relationship between networks and defines the process of communication in a
network.

Q #6) What are the layers in OSI Reference Models? Describe each layer briefly.
Answer: Given below are the seven layers of OSI Reference Models:
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
a) Physical Layer (Layer 1): It converts data bits into electrical impulses or radio signals. Example: Ethernet.
b) Data Link Layer (Layer 2): At the Data Link layer, data packets are encoded and decoded into bits and it
provides a node to node data transfer. This layer also detects the errors that occurred at Layer 1.
c) Network Layer (Layer 3): This layer transfers variable length data sequence from one node to another node
in the same network. This variable-length data sequence is also known as “Datagrams”.
d) Transport Layer (Layer 4): It transfers data between nodes and also provides acknowledgment of
successful data transmission. It keeps track of transmission and sends the segments again if the transmission
fails.

e) Session Layer (Layer 5): This layer manages and controls the connections between computers. It
establishes, coordinates, exchange and terminates the connections between local and remote applications.
f) Presentation Layer (Layer 6): It is also called as “Syntax Layer”. Layer 6 transforms the data into the form
in which the application layer accepts.
g) Application Layer (Layer 7): This is the last layer of the OSI Reference Model and is the one that is close
to the end-user. Both end-user and application layer interacts with the software application. This layer provides
services for email, file transfer, etc.
Q #7) What is the difference between Hub, Switch, and Router?
Answer:
Hub Switch Router
Hub is least expensive, least intelligent Switches work similarly The router is smartest and most complicated
and least complicated of the three. like Hubs but in a more out of these three. It comes in all shapes and
It broadcast all data to every port which efficient manner. sizes. Routers are similar like little
may cause serious security and reliability It creates connections computers dedicated for routing network
concern dynamically and provides traffic
information only to the
requesting port
In a Network, Hub is a common Switch is a device in a Routers are located at gateway and forwards
connection point for devices connected network which forwards data packets
to the network. Hub contains multiple packets in a network
ports and is used to connect segments of
LAN
Q #8) Explain TCP/IP Model
Answer: The most widely used and available protocol is TCP/IP i.e. Transmission Control Protocol and
Internet Protocol. TCP/IP specifies how data should be packaged, transmitted and routed in their end to end data
communication.
There are four layers as shown in the below diagram:

Given below is a brief explanation of each layer:

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Application Layer: This is the top layer in the TCP/IP model. It includes processes that use the
Transport Layer Protocol to transmit the data to their destination. There are different Application Layer
Protocols such as HTTP, FTP, SMTP, SNMP protocols, etc.
 Transport Layer: It receives the data from the Application Layer which is above the Transport Layer. It
acts as a backbone between the host’s system connected with each other and it mainly concerns about
the transmission of data. TCP and UDP are mainly used as Transport Layer protocols.
 Network or Internet Layer: This layer sends the packets across the network. Packets mainly contain
source & destination IP addresses and actual data to be transmitted.
 Network Interface Layer: It is the lowest layer of the TCP/IP model. It transfers the packets between
different hosts. It includes encapsulation of IP packets into frames, mapping IP addresses to physical
hardware devices, etc.
Q #9) What is HTTP and what port does it use?
Answer: HTTP is HyperText Transfer Protocol and it is responsible for web content. Many web pages are
using HTTP to transmit the web content and allow the display and navigation of HyperText. It is the primary
protocol and port used here is TCP port 80.
Q #10) What is HTTPs and what port does it use?
Answer: HTTPs is a Secure HTTP. HTTPs is used for secure communication over a computer network. HTTPs
provides authentication of websites that prevents unwanted attacks.
In bi-directional communication, the HTTPs protocol encrypts the communication so that the tampering of the
data gets avoided. With the help of an SSL certificate, it verifies if the requested server connection is a valid
connection or not. HTTPs use TCP with port 443.

Q #11) What are TCP and UDP?

Answer: Common factors in TCP and UDP are:
 TCP and UDP are the most widely used protocols that are built on the top of the IP protocol.
 Both protocols TCP and UDP are used to send bits of data over the Internet, which is also known as
‘packets’.
 When packets are transferred using either TCP or UDP, it is sent to an IP address. These packets are
traversed through routers to the destination.
The difference between TCP and UDP are enlisted in the below table:
TCP UDP
TCP stands for Transmission Control Protocol UDP is stands for User Datagram Protocol or Universal
Datagram Protocol
Once the connection is setup, data can be sent bi- UDP is connectionless, simple protocol. Using UDP,
directional i.e. TCP is a connection oriented messages are sent as packets
protocol
The speed of TCP is slower than UDP UDP is faster compared to TCP
TCP is used for the application where time is not UDP is suitable for the applications which require fast
critical part of data transmission transmission of data and time is crucial in this case.
TCP transmission occurs in a sequential manner UDP transmission also occurs in a sequential manner but it
does not maintain the same sequence when it reaches the
destination
It is heavy weight connection It is lightweight transport layer
TCP tracks the data sent to ensure no data loss UDP does not ensure whether receiver receives packets are
during data transmission not. If packets are misses then they are just lost
Q #12) What is a Firewall?
Answer: Firewall is a network security system that is used to protect computer networks from unauthorized
access. It prevents malicious access from outside to the computer network. A firewall can also be built to grant
limited access to outside users.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

The firewall consists of a hardware device, software program or a combined configuration of both. All the
messages that route through the firewall are examined by specific security criteria and the messages which meet
the criteria are successfully traversed through the network or else those messages are blocked.

Firewalls can be installed just like any other computer software and later can be customized as per the need and
have some control over the access and security features. “

Windows Firewall” is an inbuilt Microsoft Windows application that comes along with the operating system.
This “Windows Firewall” also helps to prevent viruses, worms, etc.

Q #13) What is DNS?

Answer: Domain Name Server (DNS), in a non-professional language and we can call it an Internet’s phone
book. All the public IP addresses and their hostnames are stored in the DNS and later it translates into a
corresponding IP address.
For a human being, it is easy to remember and recognize the domain name, however, the computer is a machine
that does not understand the human language and they only understand the language of IP addresses for data
transfer.

There is a “Central Registry” where all the domain names are stored and it gets updated on a periodic basis. All
Internet service providers and different host companies usually interact with this central registry to get the
updated DNS details.

For Example, When you type a website www.softwaretestinghelp.com, then your Internet service provider
looks for the DNS associated with this domain name and translates this website command into a machine
language – IP address – 151.144.210.59 (note that, this is the imaginary IP address and not the actual IP for the
given website) so that you will get redirected to the appropriate destination.
This process is explained in the below diagram:

Q #14) What is the difference between a Domain and a Workgroup?

Answer: In a computer network, different computers are organized in different methods and these methods are
– Domains and Workgroups. Usually, computers which run on the home network belong to a Workgroup.
However, computers that are running on an office network or any workplace network belong to the Domain.

Their differences are as follows:

Workgroup Domain
All computers are peers and no computer has control Network admin uses one or more computer as a server and
over another computer provide all accesses, security permission to all other
computers in a network
In a Workgroup, each computer maintains their own The domain is a form of a computer network in which
database computers, printers, and user accounts are registered in a
central database.
Each computer has their own authentication rule for It has centralized authentication servers which set the rule
every user account of authentication
Each computer has set of user account. If user has If user has an account in a domain then user can login to
account on that computer then only user able to any computer in a domain
access the computer
Workgroup does not bind to any security permission Domain user has to provide security credentials whenever
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
Workgroup Domain
or does not require any password they are accessing the domain network
Computer settings need to change manually for each In a domain, changes made in one computer automatically
computer in a Workgroup made same changes to all other computers in a network
All computers must be on same local area network In a domain, computers can be on a different local network
In a Workgroup, there can be only 20 computers In a domain, thousands of computers can be connected
connected
Q #15) What is a Proxy Server and how do they protect the computer network?
Answer: For data transmission, IP addresses are required and even DNS uses IP addresses to route to the
correct website. It means without the knowledge of correct and actual IP addresses it is not possible to identify
the physical location of the network.
Proxy servers prevent external users who are unauthorized to access such IP addresses of the internal network.
It makes the computer network virtually invisible to external users.

Proxy Server also maintains the list of blacklisted websites so that the internal user is automatically prevented
from getting easily infected by viruses, worms, etc.

Q #16) What are IP classes and how can you identify the IP class of given an IP address?
Answer: An IP address has 4 sets (octets) of numbers each with a value up to 255.
For Example, the range of the home or commercial connection started primarily between 190 x or 10 x. IP
classes are differentiated based on the number of hosts it supports on a single network. If IP classes support
more networks then very few IP addresses are available for each network.
There are three types of IP classes and are based on the first octet of IP addresses which are classified as Class
A, B or C. If the first octet begins with 0 bit then it is of type Class A.

Class A type has a range up to 127.x.x.x (except 127.0.0.1). If it starts with bits 10 then it belongs to Class B.
Class B having a range from 128.x to 191.x. IP class belongs to Class C if the octet starts with bits 110. Class C
has a range from 192.x to 223.x.

Q #17) What is meant by 127.0.0.1 and localhost?

Answer: IP address 127.0.0.1, is reserved for loopback or localhost connections. These networks are usually
reserved for the biggest customers or some of the original members of the Internet. To identify any connection
issue, the initial step is to ping the server and check if it is responding.
If there is no response from the server then there are various causes like the network is down or the cable needs
to be replaced or the network card is not in good condition. 127.0.0.1 is a loopback connection on the Network
Interface Card (NIC) and if you are able to ping this server successfully, then it means that the hardware is in a
good shape and condition.

127.0.0.1 and localhost are the same things in most of the computer network functioning.

Q #18) What is NIC?

Answer: NIC stands for Network Interface Card. It is also known as Network Adapter or Ethernet Card. It is in
the form of an add-in card and is installed on a computer so that the computer can be connected to a network.
Each NIC has a MAC address which helps in identifying the computer on a network.

Q #19) What is Data Encapsulation?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Answer: In a computer network, to enable data transmission from one computer to another, the network devices
send messages in the form of packets. These packets are then added with the IP header by the OSI reference
model layer.
The Data Link Layer encapsulates each packet in a frame that contains the hardware address of the source and
the destination computer. If a destination computer is on the remote network then the frames are routed through
a gateway or router to the destination computer.

Q #20) What is the difference between the Internet, Intranet, and Extranet?
Answer: The terminologies Internet, Intranet, and Extranet are used to define how the applications in the
network can be accessed. They use similar TCP/IP technology but differ in terms of access levels for each user
inside the network and outside the network.
 Internet: Applications are accessed by anyone from any location using the web.
 Intranet: It allows limited access to users in the same organization.
 Extranet: External users are allowed or provided with access to use the network application of the
organization.
Q #21) What is a VPN?
Answer: VPN is the Virtual Private Network and is built on the Internet as a private wide area network.
Internet-based VPNs are less expensive and can be connected from anywhere in the world.
VPNs are used to connect offices remotely and are less expensive when compared to WAN connections. VPNs
are used for secure transactions and confidential data can be transferred between multiple offices. VPN keeps
company information secure against any potential intrusion.

Given below are the 3 types of VPN’s:

1. Access VPN: Access VPN’s provide connectivity to mobile users and telecommuters. It is an alternative
option for dial-up connections or ISDN connections. It provides low-cost solutions and a wide range of
connectivity.
2. Intranet VPN: They are useful for connecting remote offices using shared infrastructure with the same
policy as a private network.
3. Extranet VPN: Using shared infrastructure over an intranet, suppliers, customers, and partners are
connected using dedicated connections.
Q #22) What are Ipconfig and Ifconfig?
Answer: Ipconfig stands for Internet Protocol Configuration and this command is used on Microsoft Windows
to view and configure the network interface.
The command Ipconfig is useful for displaying all TCP/IP network summary information currently available on
a network. It also helps to modify the DHCP protocol and DNS setting.

Ifconfig (Interface Configuration) is a command that is used on Linux, Mac, and UNIX operating systems. It is
used to configure, control the TCP/IP network interface parameters from CLI i.e. Command Line Interface. It
allows you to see the IP addresses of these network interfaces.
Q #23) Explain DHCP briefly?
Answer: DHCP stands for Dynamic Host Configuration Protocol and it automatically assigns IP addresses to
the network devices. It completely removes the process of manual allocation of IP addresses and reduces the
errors caused due to this.
This entire process is centralized so that the TCP/IP configuration can also be completed from a central
location. DHCP has a “pool of IP addresses” from which it allocates the IP address to the network devices.
DHCP cannot recognize if any device is configured manually and assigned with the same IP address from the
DHCP pool.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

In this situation, it throws the “IP address conflict” error.

DHCP environment requires DHCP servers to set-up the TCP/IP configuration. These servers then assign,
release and renew the IP addresses as there might be a chance that network devices can leave the network and
some of them can join back to the network.

Q #24) What is SNMP?

Answer: SNMP stands for Simple Network Management Protocol. It is a network protocol used for collecting
organizing and exchanging information between network devices. SNMP is widely used in network
management for configuring network devices like switches, hubs, routers, printers, servers.
SNMP consists of the below components:
 SNMP Manager
 Managed device
 SNMP Agent
 Management Information Base (MIB)
The below diagram shows how these components are connected with each other in the SNMP
architecture:

SNMP is a part of the TCP/IP suite. There are 3 main versions of SNMP which include SNMPv1, SNMPv2,
and SNMPv3.

Q #25) What are the different types of a network? Explain each briefly.
Answer: There are 4 major types of networks.
Let’s take a look at each of them in detail.
1. Personal Area Network (PAN): It is the smallest and basic network type that is often used at home. It
is a connection between the computer and another device such as phone, printer, modem tablets, etc
2. Local Area Network (LAN): LAN is used in small offices and Internet cafes to connect a small group
of computers to each other. Usually, they are used to transfer a file or for playing the game in a network.
3. Metropolitan Area Network (MAN): It is a powerful network type than LAN. The area covered by
MAN is a small town, city, etc. A huge server is used to cover such a large span of area for connection.
4. Wide Area Network (WAN): It is more complex than LAN and covers a large span of the area
typically a large physical distance. The Internet is the largest WAN which is spread across the world.
WAN is not owned by any single organization but it has distributed ownership.
There are some other types of the network as well:
 Storage Area Network (SAN)
 System Area Network (SAN)
 Enterprise Private Network (EPN)
 Passive Optical Local Area Network (POLAN)

Part 2: Networking Questions Series

Q #26) Differentiate Communication and Transmission?
Answer: Through Transmission the data gets transferred from source to destination (only one way). It is treated
as the physical movement of data.
Communication means the process of sending and receiving data between two media (data is transferred
between source and destination in both ways).

Q #27) Describe the layers of the OSI model?

Answer: OSI model stands for Open System Interconnection It is a framework that guides the applications on

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

how they can communicate in a network.
OSI model has seven layers. They are listed below,
1. Physical Layer: Deals with transmission and reception of unstructured data through a physical medium.
2. Data Link Layer: Helps in transferring error-free data frames between nodes.
3. Network Layer: Decides the physical path that should be taken by the data as per the network
conditions.
4. Transport Layer: Ensures that the messages are delivered in sequence and without any loss or
duplication.
5. Session Layer: Helps in establishing a session between processes of different stations.
6. Presentation Layer: Formats the data as per the need and presents the same to the Application layer.
7. Application Layer: Serves as the mediator between Users and processes of applications.
Q #28) Explain various types of networks based on their sizes?
Answer: The size of the network is defined as the geographic area and the number of computers covered in
it. Based on the size of the network they are classified as below:
1. Local Area Network (LAN): A network with a minimum of two computers to a maximum of
thousands of computers within an office or a building is termed as LAN. Generally, it works for a single
site where people can share resources like printers, data storage, etc.
2. Metropolitan Area Network (MAN): It is larger than LAN and used to connect various LANs across
small regions, a city, campus of colleges or universities, etc which in turn forms a bigger network.
3. Wide Area Network (WAN): Multiple LANs and MAN’s connected together form a WAN. It covers a
wider area like a whole country or world.
Q #29) Define various types of Internet connections?
Answer: There are three types of Internet connections. They are listed below:
1. Broadband Connection: This type of connection gives continuous high-speed Internet. In this type, if
we log off from the Internet for any reason then there is no need to log in again. For Example, Modems
of cables, Fibres, wireless connection, satellite connection, etc.
2. Wi-Fi: It is a wireless Internet connection between the devices. It uses radio waves to connect to the
devices or gadgets.
3. WiMAX: It is the most advanced type of Internet connection which is more featured than Wi-Fi. It is
nothing but a high-speed and advanced type of broadband connection.
Q #30) A few important terminologies we come across networking concepts?
Answer: Below are a few important terms we need to know in networking:
 Network: A set of computers or devices connected together with a communication path to share data.
 Networking: The design and construction of a network are termed as networking.
 Link: The physical medium or the communication path through which the devices are connected in a
network is called a Link.
 Node: The devices or the computers connected to the links are named as nodes.
 Router/Gateway: A device/computer/node that is connected to different networks is termed as a
Gateway or Router. The basic difference between these two is that Gateway is used to control the traffic
of two contradictory networks whereas the router controls the traffic of similar networks.
 The router is a switch that processes the signal/traffic using routing protocols.
 Protocol: A set of instructions or rules or guidelines that are used in establishing communications
between computers of a network is called Protocol.
 Unicasting: When a piece of information or a packet is sent from a particular source to a specified
destination then it is called Unicasting.
 Anycasting: Sending the datagrams from a source to the nearest device among the group of servers that
provide the same service as the source is termed as Anycasting.
 Multicasting: Sending one copy of data from a single sender to multiple clients or receivers (selected
clients) of the networks which are in need of such data.
 Broadcasting: Sending a packet to each device of the network is termed as broadcasting.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Q #31) Explain the characteristics of networking?
Answer: The main characteristics of networking are mentioned below:
 Topology: This deals with how the computers or nodes are arranged in the network. The computers are
arranged physically or logically.
 Protocols: Deals with the process of how computers communicate with one another.
 Medium: This is nothing but the medium used by computers for communication.
Q #32) How many types of modes are used in data transferring through networks?
Answer: Data transferring modes in computer networks are of three types. They are listed below,
1. Simplex: Data transferring which takes place only in one direction is called Simplex. In Simplex mode,
the data gets transferred either from sender to receiver or from receiver to sender. For Example, Radio
signal, the print signal given from computer to printer, etc.
2. Half Duplex: Data transferring can happen in both directions but not at the same time. Alternatively, the
data is sent and received. For Example, Browsing through the internet, a user sends the request to the
server and later the server processes the request and sends back the web page.
3. Full Duplex: Data transferring happens in both directions that too simultaneously. For Example, Two-
lane roads where traffic flows in both directions, communication through telephone, etc.
Q #33) Name the different types of network topologies and brief their advantages?
Answer: Network Topology is nothing but the physical or logical way in which the devices (like nodes, links,
and computers) of a network are arranged. Physical Topology means the actual place where the elements of a
network are located.
Logical Topology deals with the flow of data over the networks. A link is used to connect more than two
devices of a network. And more than two links located nearby form a topology.

Network topologies are classified as below:

a) Bus Topology: In Bus Topology, all the devices of the network are connected to a common cable (also
called as the backbone). As the devices are connected to a single cable, it is also termed as Linear Bus
Topology.

The advantage of bus topology is that it can be installed easily. And the disadvantage is that if the backbone
cable breaks then the whole network will be down.

b) Star Topology: In Star Topology, there is a central controller or hub to which every node or device is
connected through a cable. In this topology, the devices are not linked to each other. If a device needs to
communicate with the other, then it has to send the signal or data to the central hub. And then the hub sends the
same data to the destination device.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

The advantage of the star topology is that if a link breaks then only that particular link is affected. The whole
network remains undisturbed. The main disadvantage of the star topology is that all the devices of the network
are dependent on a single point (hub). If the central hub gets failed, then the whole network gets down.

c) Ring Topology: In Ring Topology, each device of the network is connected to two other devices on either
side which in turn forms a loop. Data or Signal in ring topology flow only in a single direction from one device
to another and reaches the destination node.

The advantage of ring topology is that it can be installed easily. Adding or deleting devices to the network is
also easy. The main disadvantage of ring topology is the data flows only in one direction. And a break at a node
in the network can affect the whole network.

d) Mesh Topology: In a Mesh Topology, each device of the network is connected to all other devices of the
network. Mesh Topology uses Routing and Flooding techniques for data transmission.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

The advantage of mesh topology is if one link breaks then it does not affect the whole network. And the
disadvantage is, huge cabling is required and it is expensive.

Q #34) What is the full form of IDEA?

Answer: IDEA stands for International Data Encryption Algorithm.
Q #35) Define Piggybacking?
Answer: In data transmission, if the sender sends any data frame to the receiver then the receiver should send
the acknowledgment to the sender. The receiver will temporarily delay (waits for the network layer to send the
next data packet) the acknowledgment and hooks it to the next outgoing data frame, this process is
called Piggybacking.
Q #36) In how many ways the data is represented and what are they?
Answer: Data transmitted through the networks’ comes in different ways like text, audio, video, images,
numbers, etc.
 Audio: It is nothing but the continuous sound which is different from text and numbers.
 Video: Continuous visual images or a combination of images.
 Images: Every image is divided into pixels. And the pixels are represented using bits. Pixels may vary
in size based on image resolution.
 Numbers: These are converted into binary numbers and are represented using bits.
 Text: Text is also represented as bits.
Q #37) What is the full form of ASCII?
Answer: ASCII stands for American Standard Code for Information Interchange.
Q #38) How a Switch is different from a Hub?
Answer: Below are the differences between a Switch and a Hub,
Below given snapshot clearly explains the difference:

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Q #39) Define Round Trip Time?
Answer: The time taken for a signal to reach the destination and travel back to the sender with the
acknowledgment is termed as Round Trip Time (RTT). It is also called Round Trip Delay (RTD).
Q #40) Define Brouter?
Answer: Brouter or Bridge Router is a device that acts as both a bridge and a router. As a bridge, it forwards
data between the networks. And as a router, it routes the data to specified systems within a network.
Q #41) Define Static IP and Dynamic IP?
Answer: When a device or computer is assigned a specified IP address then it is named as Static IP. It is
assigned by the Internet Service Provider as a permanent address.
Dynamic IP is the temporary IP address assigned by the network to a computing device. Dynamic IP is
automatically assigned by the server to the network device.

Q #42) How VPN is used in the corporate world?

Answer: VPN stands for Virtual Private Network. With the help of a VPN, remote users can securely connect
to the organization’s network. Corporate companies, educational institutions, government offices, etc use this
VPN.
Q #43) What is the difference between Firewall and Antivirus?
Answer: Firewall and Antivirus are two different security applications used in networking. A firewall acts as a
gatekeeper which prevents unauthorized users to access the private networks as intranets. A firewall examines
each message and blocks the same which are unsecured.
Antivirus is a software program that protects a computer from any malicious software, any virus, spyware,
adware, etc.

Note: A Firewall cannot protect the system from viruses, spyware, adware, etc.
Q #44) Explain Beaconing?
Answer: If a network self-repair its problem then it is termed as Beaconing. Mainly, it is used in the token ring
and FDDI (Fiber Distributed Data Interface) networks. If a device in the network is facing any problem, then it

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

notifies the other devices that they are not receiving any signal. Likewise, the problem gets repaired within the
network.
Q #45) Why the standard of an OSI model is termed as 802.xx?
Answer: The OSI model was started in the month of February in 1980. So it is standardized as 802.XX. This
‘80’ stands for the year 1980 and ‘2’ represents the month of February.
Q #46) Expand DHCP and describe how it works?
Answer: DHCP stands for Dynamic Host Configuration Protocol.
DHCP is used to assign IP addresses automatically to the devices over the network. When a new device is
added to the network, it broadcasts a message stating that it is new to the network. Then the message is
transmitted to all the devices of the network.

Only the DHCP server will react to the message and assigns a new IP address to the newly added device of the
network. With the help of DHCP, IP management became very easy.

Q #47) How can a network be certified as an effective network? What are the factors affecting them?
Answer: A network can be certified as an effective network based on below-mentioned factors:
 Performance: A network’s performance is based on its transmitted time and response time. The factors
affecting the performance of a network are hardware, software, transmission medium types and the
number of users using the network.
 Reliability: Reliability is nothing but measuring the probability of failures occurred in a network and the
time taken by it to recover from it. The factors affecting the same are the frequency of failure and
recovery time from failure.
 Security: Protecting the data from viruses and unauthorized users. The factors affecting the security are
viruses and users who do not have permission to access the network.
Q #48) Explain DNS?
Answer: DNS stands for Domain Naming Server. DNS acts as a translator between domain names and IP
addresses. As humans remember names, the computer understands only numbers. Generally, we assign names
to websites and computers like Gmail.com, Hotmail, etc. When we type such names the DNS translates it into
numbers and executes our requests.
Translating the names into numbers or IP address is named as a Forward lookup.

Translating the IP address to names is named as a Reverse lookup.

Q #49) Define IEEE in the networking world?

Answer: IEEE stands for the Institute of Electrical and Electronic Engineer. This is used to design or develop
standards that are used for networking.
Q #50) What is the use of encryption and decryption?
Answer: Encryption is the process of converting the transmission data into another form that is not read by any
other device other than the intended receiver.
Decryption is the process of converting back the encrypted data to its normal form. An algorithm called cipher
is used in this conversion process.

Q #51) Brief Ethernet?

Answer: Ethernet is a technology that is used to connect computers all over the network to transmit the data
between each other.
For Example, if we connect a computer and laptop to a printer, then we can call it as an Ethernet
network. Ethernet acts as the carrier for the Internet within short distance networks like a network in a building.
The main difference between the Internet and Ethernet is security. Ethernet is safer than the Internet as Ethernet
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
is a closed-loop and has only limited access.

Q #52) Explain Data Encapsulation?

Answer: Encapsulation means adding one thing on top of the other thing. When a message or a packet is passed
through the communication network (OSI layers), every layer adds its header information to the actual packet.
This process is termed as Data Encapsulation.
Note: Decapsulation is exactly the opposite of encapsulation. The process of removing the headers added by the
OSI layers from the actual packet is termed as Decapsulation.

Q #53) How are networks classified based on their connections?

Answer: Networks are classified into two categories based on their connection types. They are mentioned
below:
 Peer-to-peer networks (P2P): When two or more computers are connected together to share resources
without the use of a central server is termed as a peer-to-peer network. Computers in this type of
network act as both server and client. It is generally used in small companies as they are not expensive.
 Server-based networks: In this type of network, a central server is located to store the data,
applications, etc of the clients. The server computer provides the security and network administration to
the network.
Q #54) Define Pipelining?
Answer: In Networking, when a task is in progress another task gets started before the previous task is finished.
This is termed as Pipelining.
Q #55) What is an Encoder?
Answer: Encoder is a circuit that uses an algorithm to convert any data or compress audio data or video data for
transmission purposes. An encoder converts the analog signal into the digital signal.
Q #56) What is a Decoder?
Answer: Decoder is a circuit that converts the encoded data to its actual format. It converts the digital signal
into an analog signal.
Q #57) How can you recover the data from a system which is infected with a Virus?
Answer: In another system (not infected with a virus) install an OS and antivirus with the latest updates. Then
connect the HDD of the infected system as a secondary drive. Now scan the secondary HDD and clean it. Then
copy the data into the system.
Q #58) Describe the key elements of the protocol?
Answer: Below are the 3 key elements of the protocol:
 Syntax: It is the format of the data. That means in which order the data is displayed.
 Semantics: Describes the meaning of the bits in each section.
 Timing: At what time the data is to be sent and how fast it is to be sent.
Q #59) Explain the difference between baseband and broadband transmission?
Answer:
 Baseband Transmission: A single signal consumes the whole bandwidth of the cable.
 Broadband Transmission: Multiple signals of multiple frequencies are sent simultaneously.
Q #60) Expand SLIP?
Answer: SLIP stands for Serial Line Interface Protocol. SLIP is a protocol used for transmitting IP datagrams
over a serial line.
………………………………………………………………………………………………………………………
…………………………
1. A network technician is extending the network from the main office building over several hundred
meters to a new security station. The security station needs a high speed connection to support video
surveillance of the main building. What type of cable is best suited to connect the security station to the
rest of the main office network?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  coax
 fiber optic
 shielded twisted pair
 unshielded twisted pair
Explanation: Fiber optic cable can deliver signals over distances of several miles. Because it uses light, fiber is
impervious to RFI and EMI and is superior to signals sent over copper or aluminum wiring.
2. What are two common media used in networks? (Choose two.)
 copper
 water
 nylon
 fiber
 wood
Explanation: Common media used in networks include copper, glass or plastic optical fiber, and wireless.
3. Which type of network cable is commonly used to connect office computers to the local network?
 coaxial cable
 twisted-pair cable
 glass fiber-optic cable
 plastic fiber-optic cable
Explanation: Twisted-pair is a type of copper cable used to interconnect devices on a local network.
4. Which three factors should be considered when choosing the appropriate network media? (Choose
three.)
 the speed of the CPU and amount of memory in servers
 the environment in which the media is installed
 the data security and fault tolerance requirement
 the amount of data and the data transfer rate desired
 the distance between hosts that the media will connect
 the operating systems used on network devices in the network
Explanation:
Several criteria should be considered when selecting network media:
 The cost of the media and installation
 The environment in which the media is installed
 The amount of data and the data transfer rate desired
 The distance between hosts that the media will connect

5. Refer to the graphic. What type of cabling is shown?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 6.2.3 Network Media Quiz Answers
 STP
 UTP
 coax
 fiber
Explanation:
Network cabling include different types of cables:
 UTP cable consists of four pairs of color-coded wires that have been twisted together and then encased in a
flexible plastic sheath.
 STP cable uses four pairs of wires, each wrapped in a foil shield, which are then wrapped in an overall
metallic braid or foil.
 Coaxial cable uses a copper conductor and a layer of flexible plastic insulation surrounds the copper
conductor.
 Fiber cable is a flexible, extremely thin, transparent strand of glass surrounded by plastic insulation.

6. What makes fiber preferable to copper cabling for interconnecting buildings? (Choose three.)
 greater distances per cable run
 lower installation cost
 limited susceptibility to EMI/RFI
 durable connections
 greater bandwidth potential
 easily terminated
Explanation: Optical fiber cable transmits data over longer distances and at higher bandwidths than any other
networking media. Unlike copper wires, fiber-optic cable can transmit signals with less attenuation and is
completely immune to EMI and RFI.
7. Which type of network media carries data encoded into electrical impulses?
 copper cable
 wireless media
 fiber-optic cable
 cellular communication media
Explanation:
Data is transmitted across a network on media. Modern networks primarily use three types of media to
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
interconnect devices:
 Metal wires within cables (copper cable) – Data is encoded into electrical impulses.
 Glass or plastic fibers within cables (fiber-optic cable) – Data is encoded into pulses of light.
 Wireless transmission – Data is encoded via modulation of specific frequencies of electromagnetic waves.

8. Which two types of network media carries data encoded into electrical impulses? (Choose two.)
 coaxial cable
 wireless media
 twisted-pair cable
 glass fiber-optic cable
 plastic fiber-optic cable
Explanation:
Data is transmitted across a network on media. Modern networks primarily use three types of media to
interconnect devices:
 Metal wires within cables (copper cable) – Data is encoded into electrical impulses. Twisted-pair Ethernet
cable and coaxial cable are two types of copper cable.
 Glass or plastic fibers within cables (fiber-optic cable) – Data is encoded into pulses of light.
 Wireless transmission – Data is encoded via modulation of specific frequencies of electromagnetic waves.

9. Which type of network media carries data encoded into impulses of light?
 coaxial cable
 wireless media
 fiber-optic cable
 twisted-pair cable
Explanation:
Data is transmitted across a network on media. Modern networks primarily use three types of media to
interconnect devices:
 Metal wires within cables (copper cable) – Data is encoded into electrical impulses. Twisted Ethernet cable
and coaxial cable are two types of copper cable.
 Glass or plastic fibers within cables (fiber-optic cable) – Data is encoded into pulses of light.
 Wireless transmission – Data is encoded via modulation of specific frequencies of electromagnetic waves.

10. A network administrator in a small office is upgrading the local network within the building. New
network cables are needed to connect office computers and networking devices. Which network media
should the administrator use?
 coaxial cable
 wireless solution
 fiber-optic cable
 twisted-pair cable
Explanation: Twisted-pair Ethernet cables are most often used to physically connect local devices in a small
office to the local network within a building.
11. What is the purpose of using twisted pairs of wires in an Ethernet cable?
 to reduce interference
 to provide higher bandwidth
 to identify paths of data flow
 to ensure that the transmission of electrical signals is extended over a longer distance
Explanation: Ethernet technology generally uses twisted-pair cables to interconnect devices. In a twisted-pair
cable, wires are grouped in pairs and twisted together to reduce interference.
……………………………………………………………………………………….
1. What will a Layer 2 switch do when the destination MAC address of a received frame is not in the
MAC table?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  It initiates an ARP request.
 It broadcasts the frame out of all ports on the switch.
 It notifies the sending host that the frame cannot be delivered.
 It forwards the frame out of all ports except for the port at which the frame was received.
Explanation: A Layer 2 switch determines how to handle incoming frames by using its MAC address table.
When an incoming frame contains a destination MAC address that is not in the table, the switch forwards the
frame out all ports, except for the port on which it was received.
2. Which network device has the primary function to send data to a specific destination based on the
information found in the MAC address table?
 hub
 router
 switch
 modem
Explanation: If a MAC address is found in the MAC address table, then data is sent to the associated switch
port. If the MAC address is not found in the MAC address table, the data is sent to all switch ports that have
devices attached to the same network.
3. What addressing information is recorded by a switch to build its MAC address table?
 the destination Layer 3 address of incoming packets
 the destination Layer 2 address of outgoing frames
 the source Layer 3 address of outgoing packets
 the source Layer 2 address of incoming frames
Explanation: A switch builds a MAC address table by inspecting incoming Layer 2 frames and recording the
source MAC address found in the frame header. The discovered and recorded MAC address is then associated
with the port used to receive the frame.
4. What is the purpose of the FCS field in a frame?
 to obtain the MAC address of the sending node
 to verify the logical address of the sending node
 to compute the CRC header for the data field
 to determine if errors occurred in the transmission and reception
Explanation: The FCS field in a frame is used to detect any errors in the transmission and receipt of a frame.
This is done by comparing the CRC value within the frame against a computed CRC value of the frame. If the
two values do not match, then the frame is discarded.
5. What is one function of a Layer 2 switch?
 forwards data based on logical addressing
 duplicates the electrical signal of each frame to every port
 learns the port assigned to a host by examining the destination MAC address
 determines which interface is used to forward a frame based on the destination MAC address
Explanation: A switch builds a MAC address table of MAC addresses and associated port numbers by
examining the source MAC address found in inbound frames. To forward a frame onward, the switch examines
the destination MAC address, looks in the MAC address for a port number associated with that destination
MAC address, and sends it to the specific port. If the destination MAC address is not in the table, the switch
forwards the frame out all ports except the inbound port that originated the frame.
6. Which information does a switch use to keep the MAC address table information current?
 the destination MAC address and the incoming port
 the destination MAC address and the outgoing port
 the source and destination MAC addresses and the incoming port
 the source and destination MAC addresses and the outgoing port
 the source MAC address and the incoming port
Explanation: To maintain the MAC address table, the switch uses the source MAC address of the incoming
packets and the port that the packets enter. The destination address is used to select the outgoing port.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
7. What process is used to place one message inside another message for transfer from the source to the
destination?
 access control
 decoding
 encapsulation
 flow control
 the source MAC address and the incoming port
Explanation: Encapsulation is the process of placing one message format into another message format. An
example is how a packet is placed in its entirety into the data field as it is encapsulated into a frame.
8. Refer to the exhibit. The exhibit shows a small switched network and the contents of the MAC address
table of the switch. PC1 has sent a frame addressed to PC3. What will the switch do with the frame?

7.3.3 The Access Layer Quiz Answers

 The switch will discard the frame.
 The switch will forward the frame only to port 2.
 The switch will forward the frame to all ports except port 4.
 The switch will forward the frame to all ports.
 The switch will forward the frame only to ports 1 and 3.
Explanation: The MAC address of PC3 is not present in the MAC table of the switch. Because the switch does
not know where to send the frame that is addressed to PC3, it will forward the frame to all the switch ports,
except for port 4, which is the incoming port.
9. Which three fields are found in an 802.3 Ethernet frame? (Choose three.)
 source physical address
 source logical address
 media type identifier
 frame check sequence
 destination physical address
 destination logical address
Explanation: The fields of an Ethernet frame are the preamble, destination and source address, length, data,
and FCS.
10. What will a host on an Ethernet network do if it receives a frame with a unicast destination MAC
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
address that does not match its own MAC address?
 It will discard the frame.
 It will forward the frame to the next host.
 It will remove the frame from the media.
 It will strip off the data-link frame to check the destination IP address.
Explanation: In an Ethernet network, each NIC in the network checks every arriving frame to see if the
destination MAC address in the frame matches its own MAC address. If there is no match, the device discards
the frame. If there is a match, the NIC passes the frame up to the next OSI layer.
11. Which statement is correct about Ethernet switch frame forwarding decisions?
 Frame forwarding decisions are based on MAC address and port mappings in the MAC Address
table.
 Frames addressed to unknown MAC addresses are dropped.
 Switches build up their MAC Address tables based on the destination MAC address of incoming frames.
 Unicast frames are always forwarded regardless of the destination MAC address.
Explanation: Switches build their MAC Address tables based on the source MAC addresses of incoming
frames. Broadcast frames and frames with a destination MAC address that is not in the MAC Address table are
flooded out all active ports except the one that received the frame. Unicast frames are not always forwarded.
Received frames with a destination MAC address that is associated with the switch port on which it is received
are not forwarded because the destination exists on the network segment connected to that port.
…………………………………………………………………………………………………….
1. What criterion must be followed in the design of an IPv4 addressing scheme for end devices?
 Each IP address must match the address that is assigned to the host by DNS.
 Each IP address must be unique within the local network.
 Each IP address needs to be compatible with the MAC address.
 Each local host should be assigned an IP address with a unique network component.
Explanation: The IP address is independent of a MAC address. IP addresses that are assigned to end devices
should be unique. They can be dynamically assigned by a DHCP server (not a DNS server) or manually
assigned by local network administrators. If an address is assigned manually, the network administrator must
make sure that it is unique.
2. How many octets exist in an IPv4 address?
 4
 8
 16
 32
Explanation: Each octet holds 8 bits and an IPv4 address contains 32 bits. Therefore, an IPv4 address contains
four octets.
3. Which two parts are components of an IPv4 address? (Choose two.)
 subnet portion
 network portion
 logical portion
 host portion
 physical portion
 broadcast portion
Explanation: An IPv4 address is divided into two parts: a network portion – to identify the specific network on
which a host resides, and a host portion – to identify specific hosts on a network. A subnet mask is used to
identify the length of each portion.
4. What is the purpose of the subnet mask in conjunction with an IP address?
 to uniquely identify a host on a network
 to identify whether the address is public or private
 to determine the subnet to which the host belongs

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  to mask the IP address to outsiders
Explanation: With the IPv4 address, a subnet mask is also necessary. A subnet mask is a special type of IPv4
address that coupled with the IP address determines the subnet of which the device is a member.
5. A technician is setting up equipment on a network. Which three devices will need IP addresses?
(Choose three.)
 a printer with an integrated NIC
 a web camera that is attached directly to a host
 a server with two NICs
 an IP phone
 a wireless mouse
 a PDA that is attached to a networked workstation
Explanation: A device needs an IP address in order to connect to a network. A device that is attached to a
networked device can use the established connection to access the network.
6. Which statement describes the relationship of a physical network and logical IPv4 addressed
networks?
 A local physical network supports one IPv4 logical network.
 A physical network can connect multiple devices of different IPv4 logical networks.
 All devices connected to a physical network need to belong to the same IPv4 logical network.
 End devices on different IPv4 logical networks can communicate with each other if they all connect to the
same switch.
Explanation: Multiple IPv4 logical networks can exist on one physical network. The hosts with the same
network number in their IPv4 addresses will be able to communicate with each other, but will not be able to
communicate with the other hosts with a different network number without the use of routing.
7. How large are IPv4 addresses?
 8 bits
 16 bits
 32 bits
 64 bits
 128 bits
Explanation: An IPv4 address is a 32-bit logical address.
8. What is the network number for an IPv4 address 172.16.34.10 with the subnet mask of 255.255.255.0?
 10
 34.10
 172.16.0.0
 172.16.34.0
Explanation: The subnet mask is used to determine which part of the IPv4 address is the network number.
Because the subnet mask is 255.255.255.0, the first three sets of numbers in an IPv4 address indicate the
network number.
9. What are two features of IPv4 addresses? (Choose two.)
 An IPv4 address contains 8 octets.
 IPv4 is a logical addressing scheme.
 An IPv4 addressing scheme is hierarchical.
 IPv4 addresses are only used for communications on the internet.
 An IPv4 address is bound to a network interface card to make it unique.
Explanation: IPv4 addresses are 32-bit (4 octets) long. IPv4 addresses are logical addresses and are assigned to
host network interfaces as needed. IPv4 addressing is hierarchical and each IPv4 address is made up of two
parts, the network number (or network address) and the host number. IPv4 addresses are used both on local
networks and on the internet.
10. Consider the group of five IPv4 addresses each with the subnet mask of 255.255.255.0. Which two
IPv4 addresses belong to the same local network? (Choose two.)
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  192.168.10.2
 193.168.10.16
 192.168.10.56
 192.167.10.74
 192.168.100.62
Explanation: The subnet mask determines which part of the IP address is the network number. Because the
subnet mask is 255.255.255.0, the first three sets of numbers in each IPv4 address indicate the network number.
IPv4 addresses with the same network number are considered in the same local network.
11. The IT group needs to design and deploy IPv4 network connectivity in a new high school computer
lab. The network design requires multiple logical networks be deployed on one physical network. Which
technology is required to enable computers on different logical networks to communicate with each
other?
 routing
 hosting
 mapping
 switching
Explanation: With IPv4 addressing, multiple logical networks can exist on one physical network if the network
portion of the logical network host addresses is different. The hosts with the same network number in their IPv4
addresses will be able to communicate with each other but will not be able to communicate with the other hosts
without the use of routing.
……………………………………………………………………………………………………………..
1. Which statement describes one purpose of the subnet mask setting for a host?
 It is used to describe the type of the subnet.
 It is used to identify the default gateway.
 It is used to determine to which network the host is connected.
 It is used to determine the maximum number of bits within one packet that can be placed on a particular
network.
Explanation: An IPv4 address contains two portions. The network portion defines the network (or a subnet)
where the host is located and the host portion identifies the host address on the network. The subnet mask is
used to define the network portion of the IPv4 addressing through the logical ANDing of the IP address and the
subnet mask.
2. What is one reason for subnetting an IP network?
 to reduce the scope of broadcast flooding
 to increase the number of available host addresses on the network
 to remove the need for network services that rely on broadcasts, such as DHCP
 to ensure that all devices can communicate with each other without requiring a router
Explanation: In flat networks where all hosts are on the same network, broadcast packets can quickly degrade
the quality of the network performance. With the creation of smaller subnets, the broadcast traffic is isolated
from other areas on the network. Devices on one subnet need to send traffic to a router to reach a host on a
different subnet, and routers do not typically forward broadcast traffic.
3. A message is sent to all hosts on a remote network. Which type of message is it?
 limited broadcast
 multicast
 directed broadcast
 unicast
Explanation: A directed broadcast is a message sent to all hosts on a specific network. It is useful for sending a
broadcast to all hosts on a nonlocal network. A multicast message is a message sent to a selected group of hosts
that are part of a subscribing multicast group. A limited broadcast is used for a communication that is limited to
the hosts on the local network. A unicast message is a message sent from one host to another.
4. A user is unable to access the company server from a computer. On issuing the ipconfig command, the
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
user finds that the IP address of the computer is displayed as 169.254.0.2. What type of address is this?
 private
 link-local
 loopback
 experimental
Explanation: IPv4 addresses in the address block 169.254.0.0 to 169.254.255.255 are link-local addresses. The
operating system of a host can automatically assign an address from this block to the host in case no IP
configuration is available. An example is when a host is configured to obtain a dynamic IP address but cannot
reach any DHCP server during the boot process. In such a case, the operating system can assign a link-local
address.
5. Which three IP addresses are private ? (Choose three.)
 10.1.1.1
 172.32.5.2
 192.167.10.10
 172.16.4.4
 192.168.5.5
 224.6.6.6
Explanation: The private IP addresses are within these three ranges:
 10.0.0.0 – 10.255.255.255
 172.16.0.0 – 172.31.255.255
 192.168.0.0 – 192.168.255.255

6. Match each description with an appropriate IP address.

Explanation: Place the options in the following order:

127.0.0.1 loopback address

240.2.6.255 an experimental address

198.133.219.2 a public address

169.254.1.5 a link-local address

7. Which network device can serve as a boundary to divide a Layer 2 broadcast domain?
 router
 Ethernet bridge
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  Ethernet hub
 access point
Explanation: Layer 1 and 2 devices (LAN switch and Ethernet hub) and access point devices do not filter
MAC broadcast frames. Only a Layer 3 device, such as a router, can divide a Layer 2 broadcast domain.
8. What is the role of IANA?
 maintaining standards related to electrical wiring and connectors
 documenting developments for new protocols and updating existing protocols
 managing the allocation of IP addresses and domain names
 promoting the development and evolution of the Internet around the world
Explanation: Four very important organizations that create and maintain open standards are:
 The Internet Assigned Numbers Authority (IANA) oversees and manages the allocation of IP addresses
and domain names to preserve their uniqueness.
 The Electronic Industries Alliance (EIA) maintains standards related to wiring and connectors to ensure
cabling interoperability between different devices.
 The Internet Engineering Task Force (IETF) maintains the technologies and protocols used on the internet,
such as TCP/IP.
 The Internet Society (ISOC) promotes the use of the internet around the world.

9. Which address prefix range is reserved for IPv4 multicast?

 240.0.0.0 – 254.255.255.255
 224.0.0.0 – 239.255.255.255
 169.254.0.0 – 169.254.255.255
 127.0.0.0 – 127.255.255.255
Explanation: Multicast IPv4 addresses use the reserved class D address range of 224.0.0.0 to 239.255.255.255.
10. A high school in New York (school A) is using videoconferencing technology to establish student
interactions with another high school (school B) in Russia. The videoconferencing is conducted between
two end devices through the internet. The network administrator of school A configures the end device
with the IP address 209.165.201.10. The administrator sends a request for the IP address for the end
device in school B and the response is 192.168.25.10. Neither school is using a VPN. The administrator
knows immediately that this IP will not work. Why?
 This is a loopback address.
 This is a link-local address.
 This is a private IP address.
 There is an IP address conflict.
Explanation: The IP address 192.168.25.10 is an IPv4 private address. This address will not be routed over the
internet, so school A will not be able to reach school B. Because the address is a private one, it can be used
freely on an internal network. As long as no two devices on the internal network are assigned the same private
IP, there is no IP conflict issue. Devices that are assigned a private IP will need to use NAT in order to
communicate over the internet.
11. A host is transmitting a broadcast. Which host or hosts will receive it?
 all hosts in the same network
 a specially defined group of hosts
 the closest neighbor on the same network
 all hosts on the internet
Explanation: A broadcast is delivered to every host that has an IP address within the same network.
………………………………………………………………………………………………………………………
……………….
1. What is an advantage of using IPv6 ?
 more addresses for networks and hosts
 faster connectivity

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  higher bandwidth
 more frequencies
Explanation: An IPv6 address is comprised of 128 bits as opposed to 32 bits in an IPv4 address. Thus it offers
far more addresses for networks and hosts than an IPv4 address does.
2. What was the reason for the creation and implementation of IPv6?
 to make reading a 32-bit address easier
 to relieve IPv4 address depletion
 to provide more address space in the Internet Names Registry
 to allow NAT support for private addressing
Explanation: IPv4 addressing space is exhausted by the rapid growth of the internet and the devices connected
to the internet. IPv6 expands the IP addressing space by increasing the address length from the 32 bits to 128
bits, which should provide sufficient addresses for future internet growth needs for many years to come.
3. Which letter represents the hexadecimal value of the decimal number 15?
 f
 g
 h
 b
Explanation: The hexadecimal numbers are 0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f. The hexadecimal number 0
represents 0 in decimal and is represented as 0000 in binary. The hexadecimal number f represents 15 in
decimal.
4. A PC is configured with both an IPv4 and IPv6 address on the same network adapter. What IPv4 and
IPv6 coexistence strategy is implemented on the PC?
 Dual stack
 NAT64
 Tunneling
 NAT
Explanation: When a device is configured with both IPv4 and IPv6 protocol stacks, the device is implementing
a dual stack strategy.
5. What are two methods that can be used to shorten the IPv6 address notation? (Choose two.)
 use of a double colon (::) to represent a string of all zero hextets
 omit all leading zeros from all hextets in the address
 remove all trailing zeros contained in the IPv6 address
 use double colons to represent a string of the same non-zero value
Explanation: To help reduce the notation of IPv6 addresses a double colon (::) can replace any single,
contiguous string of one or more 16-bit hextets consisting of all zeros. In addition, all leading zeros can be
omitted from any hextet in the notation.
6. Which network migration technique encapsulates IPv6 packets inside IPv4 packets to carry them over
IPv4 network infrastructures?
 encapsulation
 translation
 dual-stack
 tunneling
Explanation: The tunneling migration technique encapsulates an IPv6 packet inside an IPv4 packet.
Encapsulation assembles a message and adds information to each layer in order to transmit the data over the
network. Translation is a migration technique that allows IPv6-enabled devices to communicate with IPv4-
enabled devices using a translation technique similar to NAT for IPv4. The dual-stack migration technique
allows IPv4 and IPv6 protocol stacks to coexist on the same network simultaneously.
7. What does a double colon (::) represent in an IPv6 address notation?
 a continuous string of one or more hextets that contain only zeros
 at least eight occurrences of the same non-zero value

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  the boundary between the network portion and the host portion of the address
 the beginning of the MAC address assigned to the IPv6 device
Explanation: To help reduce the notation of IPv6 addresses a double colon (::) can replace any single,
contiguous string of one or more hextets consisting of all zeros. Only one instance of the double colon can be
used in any IPv6 notation.
8. IPv6 increases the IP address size from 32 bits to how many bits?
 64
 96
 128
 192
 256
Explanation: IPv6 increases the size of the address from 32 bits in IPv4 to 128 bits.
9. Which technology enables devices in an IPv6-only network to communicate with devices in an IPv4-
only network?
 NAT64
 tunneling
 DHCP
 link-local addressing
Explanation: NAT64 can be used on a router to translate an IPv6 address to an IPv4 address and to translate an
IPv4 address to an IPv6 address. This technology enables the devices to communicate, even though they use
different versions of IP.
10. Which IPv6 address notation is valid?
 2001:0DB8::ABCD::1234
 ABCD:160D::4GAB:FFAB
 2001:DB8:0:1111::200
 2001::ABCD::
Explanation: IPv6 addresses are represented by 32 hexadecimal digits (0-9, A-F). The size of the notation can
be reduced by eliminating leading zeroes in any hextet and by replacing a single, contiguous string of hextets
containing all zeroes with a double colon, which can only be used one time.
11. Which two statements are correct about IPv4 and IPv6 addresses? (Choose two.)
 IPv6 addresses are represented by hexadecimal numbers.
 IPv4 addresses are represented by hexadecimal numbers.
 IPv6 addresses are 32 bits in length.
 IPv4 addresses are 32 bits in length.
 IPv4 addresses are 128 bits in length.
 IPv6 addresses are 64 bits in length.
Explanation: IPv4 addresses are represented as dotted decimal numbers and are 32 bits in length. IPv6
addresses are represented by hexadecimal numbers and are 128 bits in length.
……………………………………………………………………………………………
1. Match each description with an appropriate IP address.

Explanation: Place the options in the following order:

a client initiating a message to find a DHCP server DHCPDISCOVER

a DHCP server responding to the initial request by a client DHCPOFFER

the client accepting the IP address provided by the DHCP server DHCPREQUEST

the DHCP server confirming that the address lease has been accepted DHCPACK
2. Which two reasons generally make DHCP the preferred method of assigning IP addresses to hosts on
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
large networks? (Choose two.)
 It eliminates most address configuration errors.
 It ensures that addresses are only applied to devices that require a permanent address.
 It guarantees that every device that needs an address will get one.
 It provides an address only to devices that are authorized to be connected to the network.
 It reduces the burden on network support staff.
Explanation: DHCP is generally the preferred method of assigning IP addresses to hosts on large networks
because it reduces the burden on network support staff and virtually eliminates entry errors. However, DHCP
itself does not discriminate between authorized and unauthorized devices and will assign configuration
parameters to all requesting devices. DHCP servers are usually configured to assign addresses from a subnet
range, so there is no guarantee that every device that needs an address will get one.
3. Which message does an IPv4 host use to reply when it receives a DHCPOFFER message from a DHCP
server?
 DHCPACK
 DHCPDISCOVER
 DHCPOFFER
 DHCPREQUEST
Explanation: When the client receives the DHCPOFFER from the server, it sends back a DHCPREQUEST
broadcast message. On receiving the DHCPREQUEST message, the server replies with a unicast DHCPACK
message.
4. Which destination IPv4 address does a DHCPv4 client use to send the initial DHCP Discover packet
when the client is looking for a DHCP server?
 127.0.0.1
 224.0.0.1
 255.255.255.255
 the IP address of the default gateway
Explanation: Broadcast communications on a network may be directed or limited. A directed broadcast is sent
to all hosts on a specific network. A limited broadcast is sent to 255.255.255.255. When a DHCP client needs to
send a DHCP Discover packet in order to seek DHCP servers, the client will use this IP address of
255.255.255.255 as the destination in the IP header because it has no knowledge of the IP addresses of DHCP
servers.
5. Which type of packet is sent by a DHCP server after receiving a DHCP Discover message?
 DHCP ACK
 DHCP Discover
 DHCP Offer
 DHCP Request
Explanation: When a DHCP server receives a DHCP Discover packet from a client, the server responds with a
DHCP Offer packet to let the client know that an IP address is available and reserved for the client.
6. What is one advantage of using DHCP to assign addresses to mobile devices?
 Address leases are temporary and are returned to the pool when the device is turned off.
 Addresses are permanently assigned to the mobile device and are valid on any network.
 Using DHCP creates many more registered IPv4 addresses.
 DHCP enables multiple internal IPv4 addresses to use a single registered global address.
Explanation: A benefit of DHCP is that an address is not permanently assigned to a host but is only leased for a
period of time. If the host is powered down or taken off the network, the address is returned to the pool for
reuse. This is especially helpful with mobile users that come and go on a network.
7. Refer to the exhibit. A home wireless router is configured to act as a DHCP server. The IP address
range is configured to be 192.168.0.100 – 149. What IP address will be assigned automatically to the first
device that connects to the wireless router?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  192.168.0.1
 192.168.0.50
 192.168.0.100
 192.168.0.149
Explanation: When the first device connects to the wireless router, it will receive the first address that is
configured in the pool. Subsequent devices will receive an address from the pool until all addresses are
assigned.
8. Refer to the exhibit. PC1 is configured to obtain a dynamic IP address from the DHCP server. PC1 has
been shut down for two weeks. When PC1 boots and tries to request an available IP address, which
destination IP address will PC1 place in the IP header?

 192.168.1.1
 192.168.1.8
 192.168.1.255
 255.255.255.255
Explanation: When a host boots and has been configured for dynamic IP addressing, the device tries to obtain a
valid IP address. It sends a DHCPDISCOVER message. This is a broadcast message because the DHCP server
address is unknown (by design). The destination IP address in the IP header is 255.255.255.255 and the
destination MAC address is FF:FF:FF:FF:FF:FF.
9. Which type of server dynamically assigns an IP address to a host?
 ARP
 DHCP
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  DNS
 FTP
Explanation: DHCP servers can be computers or networking devices that are configured to assign IPv4
addresses to network connected devices.
10. Which three statements describe a DHCP Discover message? (Choose three.)
 The source MAC address is 48 ones (FF-FF-FF-FF-FF-FF).
 The destination IP address is 255.255.255.255.
 The message comes from a server offering an IP address.
 The message comes from a client seeking an IP address.
 All hosts receive the message, but only a DHCP server replies.
 Only the DHCP server receives the message.
Explanation: When a host configured to use DHCP powers up on a network it sends a DHCPDISCOVER
message. FF-FF-FF-FF-FF-FF is the L2 broadcast address. A DHCP server replies with a unicast DHCPOFFER
message back to the host.
11. A host PC is attempting to lease an address through DHCP. What message is sent by the server to let
the client know it is able to use the provided IP information?
 DHCPDISCOVER
 DHCPOFFER
 DHCPREQUEST
 DHCPACK
Explanation: When a host uses DHCP to automatically configure an IP address, the typically sends two
messages: the DHCPDISCOVER message and the DHCPREQUEST message. These two messages are usually
sent as broadcasts to ensure that all DHCP servers receive them. The servers respond to these messages using
DHCPOFFER, DHCPACK, and DHCPNACK messages, depending on the circumstance.
………………………………………………………………………………………………………………………
…
1. A computer has to send a packet to a destination host in the same LAN. How will the packet be sent?
 The packet will be sent to the default gateway first, and then, depending on the response from the gateway,
it may be sent to the destination host.
 The packet will be sent directly to the destination host.
 The packet will first be sent to the default gateway, and then from the default gateway it will be sent
directly to the destination host.
 The packet will be sent only to the default gateway.
Explanation: If the destination host is in the same LAN as the source host, there is no need for a default
gateway. A default gateway is needed if a packet needs to be sent outside the LAN.
2. Typically, which network device would be used to perform NAT for a corporate environment?
 DHCP server
 host device
 router
 server
 switch
Explanation: Typically, the translation from private IP addresses to public IP addresses is performed on routers
in corporate environments. In a home environment, this device might be an access point that has routing
capability or the DSL or cable router.
3. Which characteristic describes the default gateway of a host computer?
 the logical address of the router interface on the same network as the host computer
 the physical address of the switch interface connected to the host computer
 the physical address of the router interface on the same network as the host computer
 the logical address assigned to the switch interface connected to the router
Explanation: The default gateway is the IP address of an interface on the router on the same network as the
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
sending host.
4. What is the purpose of configuring a default gateway address on a host?
 to provide a permanent address to a computer
 to identify the network to which a computer is connected
 to identify the logical address of a networked computer and uniquely identify it to the rest of the network
 to identify the device that allows local network computers to communicate with devices on other
networks
Explanation: When a host or device needs to communicate with hosts or devices on other networks, the
configuration of a default gateway address is necessary so that the host or device can send data to remote
networks.
5. If the default gateway is configured incorrectly on a host, what is the impact on communications?
 The host is unable to communicate on the local network.
 The host is unable to communicate with hosts on remote networks.
 The host is unable to communicate with hosts on both the local and remote networks.
 The host cannot get an IP address from the DHCP server.
Explanation: In data communication, the default gateway device is involved only when a host needs to
communicate with other hosts on another network. The default gateway address identifies a network device that
a host device uses to communicate with devices on other networks. The default gateway device is not used
when a host communicates with other hosts on the same network.
6. Which three IPv4 network addresses are private IP addresses? (Choose three.)
 10.0.0.0
 172.32.0.0
 192.157.0.0
 172.16.0.0
 192.168.0.0
 224.6.0.0
Explanation: The reserved private IPv4 network addresses include 10.0.0.0 to 10.255.255.255, 172.16.0.0 to
172.31.255.255, and 192.168.0.0 to 192.168.255.255.
7. What is the purpose of NAT?
 allowing hosts configured with registered public IP addresses to access the internet
 translating private IP addresses to a public registered IP address
 routing private IP addresses over the public internet
 assigning a private IP address to a host for internet access
Explanation: NAT translates host internal private IP addresses to one or more registered public IP addresses in
order for the host to access sites through the internet.
8. What is the primary advantage of using NAT?
 allows a large group of users to share one or more public IP addresses
 allows a large group of users to share the same private IP address within a LAN
 allows static mapping of public inside addresses to private outside addresses
 allows dynamic mapping of registered inside addresses to private outside addresses
Explanation: Network Address Translation (NAT) can allow a large group of privately addressed hosts to share
one or more registered public IP addresses in order to route packets over the internet.
9. Which three settings must be configured on a PC in order for it to communicate with devices located
across the internet? (Choose three.)
 IP address
 subnet mask
 default gateway address
 DHCP server address
 hostname
Explanation: A PC must be configured with an IP address, subnet mask, and a default gateway address in order
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
to be able to communicate with devices located on a different IP network. This includes devices that are reached
through the internet.
10. The default configuration on a home wireless router provides which type of addresses to devices using
DHCP?
 private IP addresses
 public registered IPv4 addresses
 public registered IPv6 addresses
 vendor-specific MAC addresses
Explanation: By default, home wireless routers give out private IPv4 addresses to devices on the home
network. These addresses are usually in the 192.168.0.0 reserved range.
11. Which type of intermediary device acts as a boundary between a home wireless network and the
internet?
 Layer 2 switch
 access point
 DNS server
 wireless router
Explanation: A wireless router acts as a network boundary for the attached IP networks. Most home network
wireless routers connect a privately addressed local LAN to an external IP network connected to an ISP.
………………………………………………………………………………………..
1. What is one function of the ARP protocol?
 obtaining an IPv4 address automatically
 mapping a domain name to its IP address
 resolving an IPv4 address to a MAC address
 maintaining a table of domain names with their resolved IP addresses
Explanation: The two main functions of the ARP protocol are to resolve an IPv4 address to a MAC address
and to maintain an ARP table, which lists the resolved pairs of IPv4 address and MAC address. A device
automatically obtains an IP address through DHCP. The functions of DNS include resolving (or mapping) a
domain name with its IP address and maintaining a table for the domain name/IP pairs.
2. Which destination address is used in an ARP request frame?
 0.0.0.0
 255.255.255.255
 FFFF.FFFF.FFFF
 127.0.0.1
 01-00-5E-00-AA-23
Explanation: The purpose of an ARP request is to find the MAC address of the destination host on an Ethernet
LAN. The ARP process sends a Layer 2 broadcast to all devices on the Ethernet LAN. The frame contains the
IP address of the destination and the broadcast MAC address, FFFF.FFFF.FFFF.
3. Which statement describes the treatment of ARP requests on the local link?
 They must be forwarded by all routers on the local network.
 They are received and processed by every device on the local network.
 They are dropped by all switches on the local network.
 They are received and processed only by the target device.
Explanation: One of the negative issues with ARP requests is that they are sent as a broadcast. This means all
devices on the local link must receive and process the request.
4. What important information is examined in the Ethernet frame header by a Layer 2 device in order to
forward the data onward?
 source MAC address
 source IP address
 destination MAC address
 Ethernet type

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  destination IP address
Explanation: The Layer 2 device, such as a switch, uses the destination MAC address to determine which path
(interface or port) should be used to send the data onward to the destination device.
5. What are two functions of MAC addresses in a LAN? (Choose two.)
 to allow the transfer of frames from source to destination
 to determine which host has priority to transfer data
 to indicate the best path between separate networks
 to associate with a specific network IP address
 to uniquely identify a node on a network
Explanation: All Ethernet network devices have a unique Media Access Control (MAC) address that is burned
into the network interface card (NIC). The MAC address is used to direct data from a particular device to a
specific network destination.
6. Refer to the exhibit. PC1 issues an ARP request because it needs to send a packet to PC2. In this
scenario, what will happen next?

 PC2 will send an ARP reply with the PC2 MAC address.
 RT1 will send an ARP reply with the RT1 Fa0/0 MAC address.
 RT1 will send an ARP reply with the PC2 MAC address.
 SW1 will send an ARP reply with the PC2 MAC address.
 SW1 will send an ARP reply with the SW1 Fa0/1 MAC address.
Explanation: When a network device wants to communicate with another device on the same network, it sends
a broadcast ARP request. In this case, the request will contain the IP address of PC2. The destination device
(PC2) sends an ARP reply with the PC2 MAC address.
7. What addresses are mapped by ARP?
 IPv4 address to a destination MAC address
 destination IPv4 address to the source MAC address
 destination IPv4 address to the destination host name
 destination MAC address to the source IPv4 address
Explanation: ARP, or the Address Resolution Protocol, works by mapping the IPv4 address to a destination
MAC address. The host knows the destination IPv4 address and uses ARP to resolve the corresponding
destination MAC address.
8. Refer to the exhibit. Switches Sw1 and Sw2 have MAC address tables that are populated with all the
exhibited host MAC addresses. If host H1 sends a frame with destination address FFFF.FFFF.FFFF,
what will be the result?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Sw1 will discard the frame.
 Sw1 will flood the frame out all ports except the inbound port. The frame will be discarded by Sw2 but
processed by host H2.
 Sw1 will flood the frame out all ports except the inbound port. The frame will be flooded by Sw2 but
discarded by hosts H2, H3, and H4.
 Sw1 will flood the frame out all ports except the inbound port. The frame will be flooded by Sw2 and
processed by hosts H2, H3, and H4.
9. Refer to the exhibit. Host A needs to send data to the server, but does not know its MAC address.
When host A sends out an ARP request, what response will be in the ARP reply?

 00:0C:00:B4:00:10
 00:0C:00:B4:00:24
 00:0D:00:B4:12:F3
 00:0D:00:B4:99:AA
 02:C8:00:7D:12:33
Explanation: When a host communicates to a device that is not on the same local IP network, it must send the
packet to the default gateway. The default gateway for Host A is the Fa0/0 port on router RTA, which has the
MAC address of 00:0C:00:B4:12:F3.
10. Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
When PC0 pings the web server, which MAC address is the source MAC address in the frame from R2 to
the web server?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  0001.43EA.3E03
 0001.9756.6278
 0001.C972.4201
 0001.C972.4202
 0002.16D6.A601
Explanation: In the segment between R2 and the web server, when R2 encapsulates a frame to be sent to the
web server, R2 uses the MAC address of its interface that is directly connected to the segment, Fa0/1, as the
source MAC.
11. What statement describes a characteristic of MAC addresses?
 They are the physical address of the NIC or interface.
 They are only routable within the private network.
 They are added as part of a Layer 3 PDU.
 They have a 32-bit binary value.
Explanation: Any vendor selling Ethernet devices must register with the IEEE to ensure the vendor is assigned
a unique 24-bit code, which becomes the first 24 bits of the MAC address. The last 24 bits of the MAC address
are generated per hardware device. This helps to ensure globally unique addresses for each Ethernet device.
12. Which two characteristics describe MAC addresses? (Choose two.)
 physical address assigned to the NIC
 identifies source and destination in Layer 2 header
 logical address assigned by DHCP
 used by routers to select the best path to a destination
Explanation: The MAC address is referred to as a physical address because it is assigned by the manufacturer

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

to the NIC. MAC addresses are contained in the Layer 2 header. IP addresses are Layer 3 addresses and are
logical addresses that are assigned either dynamically through DHCP or manually configured. Routers use
destination IP addresses to choose the best path over which to forward the packets.
………………………………………………………………………………………………………………………
….
1. Which information is used by routers to forward a data packet toward its destination?
 source IP address
 destination IP address
 source data-link address
 destination data-link address
Explanation: The destination IP address is the IP address for the receiving device. This IP address is used by
routers to forward the packet to its destination.
2. If the default gateway is configured incorrectly on the host, what is the impact on communications?
 The host is unable to communicate on the local network.
 The host can communicate with other hosts on the local network, but is unable to communicate with
hosts on remote networks.
 The host can communicate with other hosts on remote networks, but is unable to communicate with hosts
on the local network.
 There is no impact on communications.
Explanation: A default gateway is only required to communicate with devices on another network. The
absence of a default gateway does not affect connectivity between devices on the same local network.
3. What role does a router play on a network?
 forwarding Layer 2 broadcasts
 forwarding frames based on a MAC address
 selecting the path to destination networks
 connecting smaller networks into a single broadcast domain
Explanation: When a computer sends a packet onto the network, the packet includes a source and destination
IP address. Routers use the destination IP address in a packet to forward the packet to the correct destination
network.
4. Which address should be configured as the default gateway address of a client device?
 the Layer 2 address of the switch management interface
 the Layer 2 address of the switch port that is connected to the workstation
 the IPv4 address of the router interface that is connected to the same LAN
 the IPv4 address of the router interface that is connected to the internet
Explanation: The default gateway is used when a host needs to send messages to destinations that are located
in remote networks. The default gateway address is configured on the host with the IPv4 address of the router
interface that is connected to the same local network as the host.
5. Which device is used to transfer data from one IP local network to a remote network?
 NIC card
 switch
 router
 server
Explanation: A router is a networking device that connects multiple IP networks. Routing is the process of
identifying the best path from one network to another remote network.
6. Refer to the exhibit. To allow IP communication between the two separate networks, what type of
device is required?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  server
 router
 switch
 access point
Explanation: Routers enable communications between two or more different IP networks. Servers, switches,
and access points are devices attached to a local IP network.
7. What is a benefit of adding a router within an IP network?
 increases the size of the local network
 keeps broadcasts contained within a local network
 reduces the number of hosts that can connect to the network
 controls host-to-host traffic within a single local network
Explanation: Routers can divide or segment a network. Because routers do not forward broadcasts they can
keep broadcasts isolated to the local network.
8. Refer to the exhibit. Host H7 sends a packet with the destination IP address of 255.255.255.255. What
does router R1 do when it receives the packet from host H7?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  examines the packet received on interface FastEthernet0/1 and does not forward the packet
 changes the Layer 2 header information and forwards the packet out all connected interfaces
 checks the routing table and forwards the packet out interface FastEthernet0/0
 changes the destination IP address and forwards the packet out interface FastEthernet0/0
Explanation: The IP address of 255.255.255.255 is a broadcast address. Routers do not forward broadcasts to
other networks. Router R1 examines the header of the packet to determine if the destination IP address is on
another network or is a broadcast.
9. What action will a router take when it receives a frame with a broadcast MAC address?
 It will not forward the frame to another network.
 It forwards the frame back to the sending host.
 It forwards the frame out of all connected interfaces.
 It forwards the frame back out the receiving interface.
Explanation: Routers do not forward broadcasts to other networks. Routers examine broadcasts to determine if
they need to act on the broadcast, such as an ARP request or a DHCP DISCOVER message. If the router does
not need to respond to the broadcast, it is dropped.
10. What are two reasons to install routers to segment a network? (Choose two.)
 to limit the number of devices that can connect to the network
 to expand the network to a different geographic location
 to create smaller broadcast domains within the network
 to reduce the number of switches needed to connect devices
Explanation: There are a number of reasons to use routers to divide a network into smaller segments.
Expanding the network into a different geographic location may require the use of routers at both locations.
Another reason is to limit broadcasts that must be processed by all devices on the network segment. Routers do
not forward broadcast traffic off the local network segment.
11. Which table does a router use to determine which interface to use to send packets to the destination
network?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  ARP table
 routing table
 network table
 forwarding table
Explanation: Routing tables contain the addresses of networks, and the best path to reach those networks.
Routers use the routing tables to determine which interface to use to forward a message to its intended
destination.
12. What action does the router take when it does not find a route to the destination network in its
routing table?
 It drops the packet.
 It sends the packet as a broadcast.
 It returns the packet to the sender.
 It sends the packet out all connected interfaces.
Explanation: When there is no route to the destination network contained in the routing table, the router drops
the packet.
………………………………………………………………………………………………………………………
………….
1. Which protocol operates at the application layer of the TCP/IP model?
 IP
 TCP
 HTTP
 ICMP
Explanation:
The protocols are associated with the following TCP/IP layers:
 HTTP > application layer
 TCP > transport layer
 IP and ICMP > internet layer.

2. What is a characteristic of UDP?

 It establishes sessions with a three-way handshake.
 It uses sequence numbers to reassemble segments.
 It adds 20 bytes of overhead to application layer data.
 It provides unreliable delivery of segments.
Explanation: UDP is a connectionless protocol that provides unreliable delivery of segments.
3. Which type of applications are best suited to use UDP as the transport layer protocol?
 applications that require flow control
 applications that require data to be reassembled in a specific order
 applications that require minimal transmission delay
 applications that require stateful sessions
Explanation: UDP is a light-weight connectionless protocol that is well-suited for applications that are
susceptible to delay or that do not need the features provided by TCP (guaranteed delivery, flow control, or
sequencing).
4. A student is sending files from a phone to a computer across a network. Which layer of the TCP/IP
model is responsible for reassembling these messages as they are received on the computer?
 application
 transport
 internet
 network access
Explanation: The transport layer of the TCP/IP model is responsible for the following:
 Providing reliability mechanisms to ensure all of the message is received

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Reassembling a message as it is received
 Identifying which network applications are sending and receiving data
5. At which layer of the TCP/IP model does TCP operate?
 transport
 application
 internetwork
 network access
Explanation: TCP is the Transmission Control Protocol and it operates at the transport layer of the TCP/IP
model. TCP ensures that IP packets are delivered reliably.
6. What protocol header information is used at the transport layer to identify a target application?
 port number
 IP address
 sequence number
 MAC address
Explanation: The TCP/IP transport layer uses port numbers to identify target applications. Each network
application (server or client) has a port number assigned to the application.
7. What type of port number is assigned by IANA to commonly used services and applications?
 well-known port
 registered port
 dynamic port
 private port
Explanation: Well-known ports (0 to 1023) are reserved for common applications and services. Registered
ports (1024 to 49151) are assigned to user processes and applications. Dynamic, private, or ephemeral ports
(49152 to 65535) are assigned to client applications when initiating a connection.
8. What is the purpose of using a source port number in a TCP communication?
 to notify the remote device that the conversation is over
 to assemble the segments that arrived out of order
 to keep track of multiple conversations between devices
 to inquire for a nonreceived segment
Explanation: The source port number in a segment header is used to keep track of multiple conversations
between devices. It is also used to keep an open entry for the response from the server. The incorrect options are
more related to flow control and guaranteed delivery.
9. What is an advantage of UDP over TCP?
 UDP communication requires less overhead.
 UDP communication is more reliable.
 UDP reorders segments that are received out of order.
 UDP acknowledges received data.
Explanation: TCP is a more reliable protocol and uses sequence numbers to realign packets that arrive out of
order at the destination. Both UDP and TCP use port numbers to identify applications. UDP has less overhead
than TCP because the UDP header has fewer bytes and UDP does not confirm the receipt of packets.
10. When is UDP preferred to TCP?
 when a client sends a segment to a server
 when all the data must be fully received before any part of it is considered useful
 when an application can tolerate some loss of data during transmission
 when segments must arrive in a very specific sequence to be processed successfully
Explanation: UDP can be used when an application can tolerate some data loss. UDP is the preferred protocol
for applications that provide voice or video that cannot tolerate delay.
11. Which statement correctly describes data transmission at the transport layer?
 Retransmission of lost packets is provided by both TCP and UDP.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Segmentation is provided by the window size field when the TCP protocol is used.
 A single datagram can include both a TCP and a UDP header.
 Both UDP and TCP use port numbers.
 Segmentation is provided by sequence numbers when UDP is used.
Explanation: Segmentation is handled at Layer 4 by TCP sequence numbers. UDP does not have sequence
numbers in the header, but instead, lets the application handle reordering if it is necessary. Only TCP provides
reliable deliver and retransmits data. Each segment has either a TCP header or a UDP header; it cannot contain
both.
………………………………………………………………………………………………………………………
…….
1. What two characteristics describe an FTP connection? (Choose two.)
 A large file requires more than two connections between the client and the server to successfully download
it.
 The server establishes the first connection with the client to control traffic that consists of server
commands and client replies.
 Files can be downloaded from or uploaded to the server.
 The client needs to run a daemon program to establish an FTP connection with a server.
 The first connection established is for traffic control and the second connection is created to transfer
a file.
Explanation: An FTP client is an application that runs on a computer used to push and pull files from a server
running an FTP daemon. To transfer files, FTP requires two connections between the client and the server: one
for commands and replies and another for the actual file transfer. The client establishes the first connection to
the server for control traffic and the second connection for the actual file transfer. This connection is created
every time there is a file to be transferred. The client can download a file from or upload a file to the server.
2. Which statement is correct about network protocols?
 Network protocols define the type of hardware that is used and how it is mounted in racks.
 They define how messages are exchanged between the source and the destination.
 They all function in the network access layer of TCP/IP.
 They are only required for exchange of messages between devices on remote networks.
Explanation: Network protocols are implemented in hardware, or software, or both. They interact with each
other within different layers of a protocol stack. Protocols have nothing to do with the installation of the
network equipment. Network protocols are required to exchange information between source and destination
devices in both local and remote networks.
3. Which protocol is used by web servers to serve up a web page?
 FTP
 HTTP
 IMAP
 POP
Explanation: Hypertext Transfer Protocol (HTTP) is a protocol that is used by web servers to serve up a web
page.
4. Match the protocol with the function. (Not all options are used.)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: Place the options in the following order:
automatically configures hostswith IP addresses DHCP

provides remote access to servers SSH

resolves Interent names to IP addresses DNS

5. Which two protocols are used in the process of sending and receiving emails? (Choose two.)
 HTTP
 POP
 SSH
 SMTP
 FTP
Explanation: POP and SMTP are protocols used for email. POP is Post Office Protocol and is used by clients
to retrieve email messages from a server. SMTP is Simple Mail Transfer Protocol and is used by clients to send
email messages to a server.
6. Which two applications provide virtual terminal access to remote servers? (Choose two.)
 SSH
 DNS
 DHCP
 SMTP
 Telnet
Explanation: Telnet and SSH are two services that provide virtual terminal services to servers. DNS maps a
domain name to its IP address. DHCP provides dynamic IP addressing information. SMTP provides email
service.
7. What is the advantage of using SSH over Telnet?
 SSH is easier to use.
 SSH operates faster than Telnet.
 SSH provides secure communications to access hosts.
 SSH supports authentication for a connection request.
Explanation: SSH provides a secure method for remote access to hosts by encrypting network traffic between
the SSH client and remote hosts. Although both Telnet and SSH request authentication before a connection is
established, Telnet does not support encryption of login credentials.
……………………………………………………………………………

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

8. Refer to the exhibit. Which protocol allows a user to type www.cisco.com instead of an IP address to
access the web server?

 DNS
 FTP
 HTML
 HTTP
 SNMP
Explanation: Web servers are assigned static IP addresses. They are also registered with domain names so
people can remember them easily. However, web servers are connected through their IP addresses. DNS
provides the service to map the domain name to its IP address.
9. Which protocol is used to transfer web pages from a server to a client device?
 HTML
 SMTP
 HTTP
 SSH
 POP
Explanation: The Hypertext Transfer Protocol (HTTP) provides services between a web browser requesting
web pages and a web server responding to the requests. HTML (Hypertext Markup Language) is a markup

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

language to instruct a web browser how to interpret and display a web page.
10. Which two application layer protocols manage the exchange of messages between a client with a web
browser and a remote web server? (Choose two.)
 DNS
 HTTP
 HTML
 DHCP
 HTTPS
Explanation: Hypertext Transfer Protocol (HTTP) and HTTP Secure (HTTPS) are two application layer
protocols that manage the content requests from clients and the responses from the web server. HTML
(Hypertext Mark-up Language) is the encoding language that describes the content and display features of a
web page. DNS is for domain name to IP address resolution. DHCP manages and provides dynamic IP
configurations to clients.
11. Match the port number to the email protocol.

Explanation: Place the options in the following order:

IMAP4 143

SMTP 25

POP3 110

What is a wireless network?

Answer: A wireless network is a type of computer network that allows devices to connect and communicate
without the need for physical cables or wires. It utilizes wireless communication technologies such as radio
waves, microwaves, or infrared signals.

2. What are the main advantages of wireless networks?

Answer: Wireless networks offer increased mobility, flexibility, and convenience. Users can connect to the
network from various locations without the constraint of physical connections. They also simplify network
setup and reduce the need for extensive cabling.

3. What are the key components of a wireless network?

Answer: The main components include:

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
 Wireless Access Points (WAPs): Devices that allow wireless devices to connect to a wired network.
 Wireless Routers: Devices that connect the wireless network to the Internet.
 Wireless Network Interface Cards (NICs): Components in devices that enable them to connect to wireless
networks.
 Wireless Antennas: Transmit and receive signals between devices.

4. What are the common wireless network standards?

Answer: Some common standards include:

 Wi-Fi (IEEE 802.11): The most widely used wireless standard for local area networking.
 Bluetooth (IEEE 802.15.1): Primarily used for short-range communication between devices.
 LTE (Long-Term Evolution): A standard for wireless broadband communication for mobile devices.

5. What is the difference between 2.4 GHz and 5 GHz frequency bands in Wi-Fi?

Answer: These are two frequency bands used by Wi-Fi. 2.4 GHz has better range and penetration through
walls, but it's more susceptible to interference. 5 GHz provides faster data rates and is less crowded, but has
shorter range.

6. Explain the concept of SSID in wireless networks.

Answer: SSID (Service Set Identifier) is a unique name that identifies a wireless network. When connecting a
device to a Wi-Fi network, the user selects the network by its SSID. It's essential for security, and network
administrators often change the default SSID to enhance protection.

7. What is WPA and WPA2 in the context of wireless security?

Answer: WPA (Wi-Fi Protected Access) and WPA2 are security protocols designed to secure wireless
networks. WPA2 is an improvement over WPA and provides stronger encryption to protect against
unauthorized access and data theft.

8. What role do firewalls play in wireless networks?

Answer: Firewalls in wireless networks monitor and control incoming and outgoing network traffic based on
predetermined security rules. They help prevent unauthorized access and protect against cyber threats.

9. Explain the significance of MIMO (Multiple Input, Multiple Output) in wireless communication.

Answer: MIMO technology uses multiple antennas to improve communication performance by transmitting
and receiving multiple data streams simultaneously. It enhances data throughput and signal reliability in
wireless networks.

10. What are the challenges associated with wireless networks?

Answer: Challenges include signal interference, limited range, security concerns, and potential data
bottlenecks, especially in densely populated areas with many devices competing for bandwidth.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 WIRELESS NETWORK ENGINEER QUESTIONS AND ANSWERS

1. Are you familiar with the IEEE 802.11 standards?

The IEEE 802.11 standards are a set of wireless networking protocols that help engineers create secure and fast
networks. The interviewer may ask this question to see if you have experience with the industry’s best practices.
In your answer, explain which IEEE 802.11 standards you’re familiar with and why they’re important.

Example: “Yes, I am very familiar with the IEEE 802.11 standards. I have been working as a Wireless Network
Engineer for over five years and during that time I have had extensive experience in designing and
implementing wireless networks based on the IEEE 802.11 standards. I have also kept up to date with all of the
latest advancements in this field, so I am confident that I can provide any necessary support or guidance when it
comes to these standards. Furthermore, I have worked closely with vendors such as Cisco and Aruba to ensure
that their products are compliant with the IEEE 802.11 standards. This has enabled me to gain an even deeper
understanding of how these standards work and how they should be applied in different scenarios.”

2. What are the differences between the 802.11a, 802.11b and 802.11g wireless networking standards?
This question tests your knowledge of wireless networking standards. It also helps the interviewer determine if
you have experience with these specific standards and how they differ from one another. Use examples from
your previous work to highlight your expertise in this area.

Example: “The 802.11a, 802.11b and 802.11g wireless networking standards are all part of the IEEE 802.11
family of standards for wireless local area networks (WLANs). The main differences between them are in terms
of speed, range, and frequency band.

802.11a is a 5GHz standard that supports up to 54 Mbps data rate with a maximum coverage range of about 150
feet. It has been designed primarily for indoor use due to its shorter range.

802.11b operates on the 2.4GHz frequency band and offers a maximum data rate of 11Mbps. Its range is much
greater than 802.11a, reaching up to 300 feet indoors and 900 feet outdoors.

Lastly, 802.11g is an upgrade of the 802.11b standard that operates on the same 2.4GHz frequency band but
provides higher speeds of up to 54Mbps. It also has a longer range than 802.11b, reaching up to 400 feet indoors
and 1,200 feet outdoors.”

3. How would you troubleshoot a wireless network that has intermittent connectivity issues?
This question can help the interviewer assess your troubleshooting skills and how you apply them to wireless
networks. Use examples from past experience in which you used specific tools or processes to identify problems
with connectivity, analyze data and implement solutions that resolved issues.

Example: “When troubleshooting a wireless network with intermittent connectivity issues, the first step is to
identify the root cause of the problem. To do this, I would start by gathering information from the users who are
experiencing the issue. This could include details such as what type of device they are using and where the
connection drops occur. Once I have gathered all the necessary information, I can then begin to analyze the data
and look for any patterns or commonalities that may be causing the issue.

Next, I would use diagnostic tools such as ping tests and traceroutes to further investigate the issue. These tools
allow me to see how the signal is being routed through the network and if there are any potential bottlenecks
that could be causing the issue. If needed, I can also perform more advanced tests such as packet captures to get
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
an even deeper understanding of the issue.

Once I’ve identified the source of the issue, I can then work on resolving it. Depending on the situation, this
could involve anything from reconfiguring the router settings to replacing faulty hardware. After implementing
the solution, I would then test the network again to make sure that the issue has been resolved.”

4. What is the purpose of a wireless access point?

This question is an opportunity to show your knowledge of wireless networking. You can answer this question
by defining what a wireless access point is and how it works.

Example: “A wireless access point (WAP) is a device that allows users to connect to a network wirelessly. It
acts as a bridge between the wired and wireless networks, allowing devices such as laptops, tablets, and
smartphones to communicate with each other without having to be physically connected to the network. The
WAP also provides security by encrypting data sent over the airwaves, ensuring that only authorized users can
access the network. As a Wireless Network Engineer, I understand the importance of properly configuring and
managing WAPs in order to ensure secure and reliable connections for all users. With my experience and
knowledge, I am confident I will be able to provide your company with the best possible solutions for their
wireless networking needs.”

5. Provide an example of a time when you had to troubleshoot a complex technical issue.
This question can help the interviewer gain insight into your problem-solving skills and ability to work through
challenging situations. Use examples from previous jobs that highlight your analytical, communication and
interpersonal skills.

Example: “Recently, I had to troubleshoot a complex technical issue involving wireless networks. The customer
was experiencing intermittent connectivity issues with their Wi-Fi network. After some initial investigation, I
identified the root cause of the problem as an outdated firmware version on the access points.

I worked closely with the customer’s IT team to ensure that all access points were updated to the latest version.
Once this was done, I conducted further testing and monitoring of the network to confirm that the issue had
been resolved. Finally, I provided detailed documentation outlining the steps taken to resolve the issue for
future reference.”

6. If hired, what would be your approach for designing a new wireless network from scratch?
This question is an opportunity to show your technical skills and knowledge. You can answer this question by
describing the steps you would take when designing a wireless network from scratch, including what factors
you would consider and how you would implement them into your design.

Example: “If I were hired as a Wireless Network Engineer, my approach for designing a new wireless network
from scratch would involve several steps. First, I would assess the needs of the organization and determine their
requirements in terms of coverage area, number of users, throughput, security, etc. Then, I would create a
detailed design document outlining the proposed solution based on these requirements. This document would
include a diagram of the physical layout of the network, an explanation of the technologies used, and any other
relevant information.

Once the design is approved by the client, I would begin to implement the network. This includes selecting
appropriate hardware and software components, configuring them according to the specifications outlined in the
design document, and testing the system to ensure it meets all requirements. Finally, I would provide training
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
and support to end-users so they can use the network effectively.”

7. What would you do if you noticed that a wireless network you designed was not performing as expected?
This question can help interviewers understand how you respond to challenges and solve problems. Use your
answer to highlight your problem-solving skills, ability to analyze data and willingness to take ownership of any
issues that arise.

Example: “If I noticed that a wireless network I designed was not performing as expected, the first thing I
would do is to review the design and implementation of the network. I would look at the configuration settings
to make sure they are correct and up-to-date with industry standards. I would also check for any potential
interference from other networks or devices in the area.

Once I have identified any potential issues, I would then work on resolving them. This could involve making
changes to the existing configuration, adding additional hardware or software components, or even replacing
outdated equipment. I would also take steps to ensure that similar problems don’t arise again in the future by
implementing preventative measures such as regular maintenance checks and monitoring of the network.
Finally, I would document all of my findings and actions taken so that others can benefit from my experience.”

8. How well do you understand the differences between the 2.4 GHz and 5 GHz frequency bands?
Wireless network engineers need to understand the differences between different frequency bands and how they
affect wireless networks. This question helps employers determine if you have a strong understanding of this
concept. In your answer, explain what each band is and why it’s important for wireless networking.

Example: “I have a thorough understanding of the differences between the 2.4 GHz and 5 GHz frequency
bands. The 2.4 GHz band is used for most Wi-Fi devices, as it has longer range than the 5 GHz band. However,
the 2.4 GHz band can be more prone to interference from other wireless devices such as microwaves or cordless
phones.

The 5 GHz band offers higher speeds and less interference since fewer wireless devices use this band. It also
has shorter range compared to the 2.4 GHz band, so it may not be suitable for larger areas. I am familiar with
how to configure both frequencies to ensure optimal performance in different environments. I understand the
importance of choosing the right frequency band depending on the size of the area and number of users.”

9. Do you have experience using antennae? If so, what types?

Wireless network engineers use antennae to transmit and receive wireless signals. Employers ask this question
to see if you have experience using these tools in your previous roles. They want to make sure that you are
comfortable with the technology, but they also want to know what types of antennae you’ve used before. In
your answer, try to list as many different types as you can remember.

Example: “Yes, I have experience using antennae. My most recent role as a Wireless Network Engineer
required me to use various types of antennae for different applications. Specifically, I had experience with
directional and omni-directional antennae. I was also familiar with Yagi, parabolic grid, patch, and sector
antennae.

I understand the importance of selecting the right type of antennae for each application, depending on the
environment and desired outcome. For example, when deploying a wireless network in an area with
obstructions, I would select a directional antenna that could focus the signal towards the intended receiver. On
the other hand, if I needed to cover a large area, such as a stadium or warehouse, I would use an omni-
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
directional antenna to ensure coverage throughout the entire space.”

10. When designing a wireless network, what is the importance of security?

Wireless network security is an important part of the job. Employers ask this question to make sure you
understand how to keep their company’s wireless networks safe from hackers and other threats. In your answer,
explain that a strong password is one of the most important aspects of wireless network security. You can also
mention that it’s important to use encryption when sending data over a wireless network.

Example: “Security is an essential component of any wireless network design. As the Wireless Network
Engineer, it is my responsibility to ensure that all data transmitted over the network is secure and protected from
unauthorized access. This includes protecting against malicious actors who may attempt to intercept or
manipulate data as it passes through the airwaves.

When designing a wireless network, I take into account various security measures such as encryption protocols,
authentication methods, firewalls, and other tools to protect the integrity of the network. I also consider physical
security measures such as limiting access to the equipment and controlling who can connect to the network.
Finally, I make sure to stay up-to-date with the latest security technologies and best practices in order to keep
the network safe and secure.”

11. We want to make it easy for employees to connect to our wireless network. What is the best way to do this?
This question is a great way to show your technical knowledge and how you can apply it to the company’s
needs. When answering this question, make sure to explain why you chose that method and what benefits it has
for employees.

Example: “The best way to ensure that employees can easily connect to the wireless network is by
implementing a secure and reliable authentication system. This should include using strong passwords, two-
factor authentication, and other measures such as encryption. It’s also important to make sure that the access
points are properly configured so they provide adequate coverage throughout the building. Finally, it’s essential
to have an easy-to-use interface for users to manage their connections.

I believe I’m the right person for this job because of my extensive experience in designing and deploying secure
wireless networks. I’ve worked with many different types of systems, from small office networks to large
enterprise ones. My expertise includes configuring access points, setting up authentication protocols, and
ensuring that all security measures are in place. I’m confident that I can help your organization create a secure
and reliable wireless network that will be easy for employees to use.”

12. Describe your experience with installing and troubleshooting wireless routers.
Wireless network engineers must have experience with installing and troubleshooting wireless routers. This
question allows the interviewer to assess your knowledge of this process and how you apply it in your daily
work. In your answer, describe a time when you installed or configured a wireless router and the challenges you
faced during that process.

Example: “I have extensive experience in installing and troubleshooting wireless routers. I have worked on a
variety of different router models, including Cisco, Linksys, Netgear, and D-Link. My experience includes
setting up both home and business networks, configuring security settings, and optimizing the performance of
the network.

When it comes to troubleshooting, I am able to quickly identify and resolve any issues that may arise with the
router. This includes diagnosing connection problems, resolving signal strength issues, and ensuring that all
devices are connected properly. I also have experience in troubleshooting common networking issues such as IP
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
conflicts, DHCP errors, and DNS resolution issues.”

13. What makes a good wireless network engineer?

This question is your opportunity to show the interviewer that you have the skills and abilities necessary for this
role. You can answer this question by describing what makes a wireless network engineer successful, including
specific technical skills or soft skills that are important in this position.

Example: “A good wireless network engineer is someone who has a combination of technical and interpersonal
skills. On the technical side, they must have an in-depth understanding of networking protocols, such as
802.11a/b/g/n/ac, Wi-Fi security standards, and how to configure access points for optimal performance. They
should also be familiar with troubleshooting techniques used to identify and resolve wireless issues.

On the interpersonal side, a good wireless network engineer needs to be able to effectively communicate with
clients and colleagues alike. This includes being able to explain complex concepts in simple terms, providing
clear instructions, and listening carefully to feedback. Finally, they need to be organized and detail-oriented so
that they can manage multiple tasks at once and keep track of changes made to the network.

I believe I possess all these qualities and more. With my experience working on enterprise-level networks, I am
confident that I can provide your organization with the expertise needed to design, implement, and maintain
reliable wireless networks.”

14. Which wireless networking technologies are you most familiar with?
This question can help the interviewer determine your level of experience with wireless networking. When
answering, it can be beneficial to list technologies you have direct experience with and those that you’ve only
read about or heard about from others.

Example: “I have extensive experience working with a variety of wireless networking technologies. I am most
familiar with 802.11a/b/g/n/ac Wi-Fi, Bluetooth, and Zigbee. I also have experience with cellular networks such
as GSM, CDMA, LTE, and 5G.

When it comes to Wi-Fi, I’m well versed in setting up access points, configuring security settings,
troubleshooting connection issues, and optimizing performance. I have a deep understanding of the different
radio frequencies used by each standard, and how they interact with other devices in the environment.

For Bluetooth, I’m experienced in creating secure connections between two or more devices, as well as
developing custom applications that use Bluetooth technology. I understand the various profiles available for
Bluetooth, and how to best utilize them for specific tasks.

Lastly, I have worked with Zigbee extensively. This includes setting up mesh networks, programming end
nodes, and managing communication protocols. I’m comfortable using both the 2.4GHz and 900MHz frequency
bands for Zigbee.”

15. What do you think the future holds for wireless networking?
This question can help the interviewer get an idea of your knowledge and expertise in wireless networking. Use
examples from your experience to show how you have used wireless networks in the past and what you think
they will be like in the future.

Example: “I believe the future of wireless networking is very bright. With the advancements in technology, we
are seeing more and more devices being connected to networks wirelessly. This means that there will be an
increased demand for experienced Wireless Network Engineers who can design, implement, maintain, and
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
troubleshoot these complex systems.

In addition, I think the development of 5G networks will revolutionize how we use wireless networks. 5G
networks have much higher speeds and lower latency than current 4G networks, which will open up a whole
new world of possibilities. We’ll see applications such as autonomous vehicles, virtual reality, and augmented
reality become commonplace, all of which rely heavily on reliable wireless connections.”

16. How often should wireless networks be checked and updated?

This question can help the interviewer determine how often you check and update wireless networks. Use your
answer to highlight your attention to detail, ability to multitask and commitment to quality work.

Example: “Wireless networks should be checked and updated on a regular basis to ensure optimal performance.
Depending on the size and complexity of the network, this could range from weekly to monthly. It is important
to check for any security vulnerabilities or outdated software that may need to be addressed. In addition, it is
also important to monitor signal strength and coverage in order to maintain reliable connections throughout the
network.

As a Wireless Network Engineer, I understand the importance of regularly checking and updating wireless
networks. I have experience with both manual and automated processes for monitoring and maintaining wireless
networks. I am familiar with industry best practices and standards when it comes to securing and optimizing
wireless networks. I am confident that I can help keep your wireless network running smoothly and securely.”

17. There is a problem with the wireless network you designed. How do you handle it?
This question can help the interviewer understand how you approach challenges and solve problems. Use your
answer to highlight your problem-solving skills, ability to think critically and your attention to detail.

Example: “When I encounter a problem with the wireless network I designed, my first step is to identify the
root cause of the issue. To do this, I use various diagnostic tools and techniques such as packet captures, signal
strength analysis, and troubleshooting logs. Once I have identified the source of the problem, I then work on
finding a solution. This may involve reconfiguring settings, updating firmware, or replacing hardware
components. Finally, I test the changes to ensure that the issue has been resolved.

I understand how important it is for networks to remain reliable and secure, so I take great care in ensuring that
any solutions I implement are effective and efficient. My experience in designing and managing wireless
networks has given me the skills necessary to quickly diagnose and resolve issues.”

18. What methods do you use to identify and resolve wireless signal interference?
Wireless network interference is a common problem that wireless network engineers must address. Your answer
should show the interviewer that you have experience with this issue and how you resolve it. You can describe
your process for identifying and resolving wireless signal interference in your previous role, or you can explain
what steps you would take to do so if you haven’t encountered this issue before.

Example: “When it comes to identifying and resolving wireless signal interference, I have a few methods that I
use. First, I always start by conducting a site survey of the area in order to identify any sources of interference.
This includes checking for other nearby Wi-Fi networks, Bluetooth devices, cordless phones, microwaves, and
other electronic equipment. Once I’ve identified potential sources of interference, I can then take steps to reduce
or eliminate them.

I also utilize software tools such as spectrum analyzers to detect and analyze signals from different frequencies.
This helps me pinpoint which frequency is causing the most interference and allows me to adjust my network
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
settings accordingly. Finally, I use specialized antennas and directional antenna arrays to focus and direct the
signal away from areas with high levels of interference.”

19. Describe the most recent wireless network project that you completed successfully.
This question allows you to highlight your skills and abilities as a wireless network engineer. You can describe
the project, including its goals and how you completed it successfully.

Example: “My most recent wireless network project was for a large university. The goal of the project was to
upgrade their existing wireless network infrastructure and expand its coverage across campus. I worked with a
team of engineers to design, implement, and test the new system. We began by assessing the current
environment and developing a plan that would meet the needs of the university. Then, we implemented the new
system, which included deploying access points in strategic locations throughout the campus. Finally, we tested
the system to ensure it met all performance requirements.”

20. How have you kept up with changes in wireless networking technology over time?
This question can help the interviewer understand your dedication to learning and growing as a wireless
networking engineer. Use examples from your past experience of how you’ve kept up with technological
advancements in the industry, including any certifications or training programs you’ve completed.

Example: “I have been a Wireless Network Engineer for the past 5 years, and I am always looking to stay ahead
of the curve when it comes to changes in wireless networking technology. To do this, I make sure to read up on
industry news and trends regularly, as well as attend conferences and seminars related to my field. I also take
advantage of online courses and certifications that help me stay current with the latest advancements in wireless
networks. Finally, I am an active member of several professional organizations dedicated to wireless
networking, which allows me to network with other professionals and gain valuable insights into new
technologies. By staying informed and engaged in the industry, I am able to ensure that I remain knowledgeable
about all aspects of wireless networking.”

21. What challenges have you faced when installing a wireless network in an environment with multiple users?
This question can help the interviewer understand how you approach challenges and solve problems. Use
examples from your experience to highlight your problem-solving skills, ability to collaborate with others and
attention to detail.

Example: “When installing a wireless network in an environment with multiple users, I have faced several
challenges. One of the most common issues is ensuring that all users can access the same signal strength and
quality. To address this issue, I use site surveys to identify any potential interference sources and adjust the
placement of the access points accordingly. Another challenge is configuring the network for optimal
performance while also maintaining security protocols. To ensure secure connections, I configure the network
with WPA2 encryption and other authentication methods. Finally, I must ensure that the network is able to
handle the load from multiple users without experiencing latency or packet loss. To do this, I carefully monitor
the bandwidth usage and make adjustments as needed.”

22. Are there any considerations we should take into account before rolling out a new wireless network?
This question is an opportunity to show your knowledge of wireless network design and implementation. You
can use this time to discuss the importance of planning, testing and budgeting for a new wireless network
rollout.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Example: “Absolutely. Before rolling out a new wireless network, there are several considerations that should
be taken into account.

The first is to assess the environment in which the wireless network will be deployed. This includes
understanding the physical layout of the space and any potential obstacles such as walls or other obstructions
that could interfere with signal strength. It’s also important to consider the types of devices that will be
connecting to the network, as this can help determine the best type of wireless technology to use.

Next, it’s essential to plan for scalability. As more users join the network, additional access points may need to
be added to ensure adequate coverage throughout the area. It’s also important to consider how the network will
be secured, both from an authentication standpoint and from a data encryption perspective. Finally, it’s critical
to have a plan in place for monitoring and managing the network over time to ensure optimal performance.”

23. Explain how you would go about optimizing a wireless network for maximum performance.
This question is an opportunity to show your technical knowledge and expertise. It’s a good idea to include
specific steps you would take when optimizing a wireless network for maximum performance.

Example: “When optimizing a wireless network for maximum performance, I take a multi-faceted approach.
First and foremost, I would assess the current environment to identify any potential issues that could be
impacting performance. This includes checking the signal strength of each access point, ensuring there is no
interference from other devices, and verifying that all equipment is properly configured.

Once I have identified any issues, I can begin making adjustments to optimize the network. This may include
changing the channel width or frequency, adjusting the transmit power levels, or implementing additional
access points in areas with poor coverage. I also ensure that the latest firmware updates are installed on all
devices and that security protocols are up to date. Finally, I use monitoring tools to measure the performance of
the network over time and make further adjustments as needed.”

24. We are looking to upgrade our existing wireless network. What steps would you suggest taking?
This question is an opportunity to show your knowledge of wireless networking and the steps you would take
when upgrading a network. You can answer this question by providing specific details about what you would do
in this situation, such as researching different vendors and comparing their products before making a decision.

Example: “Thank you for the opportunity to discuss this position. As a Wireless Network Engineer, I
understand the importance of having an efficient and secure wireless network.

When it comes to upgrading our existing wireless network, my first step would be to assess the current system.
This includes analyzing the current infrastructure, equipment, and security measures in place. Once I have a
good understanding of what is currently in place, I can then make recommendations on how to improve the
system.

I would suggest taking a phased approach when upgrading the network. First, we should focus on improving the
hardware and software components of the system. This could include replacing outdated routers, switches, and
access points with more modern models that are capable of providing higher speeds and better coverage. We
should also consider updating the firmware and operating systems of all devices to ensure they are running the
most up-to-date versions available.

The second phase should involve implementing new security protocols and policies. This could include setting
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
up encryption standards, authentication requirements, and other measures to protect the network from
unauthorized access. Finally, I would recommend conducting regular testing and monitoring to ensure the
network remains secure and reliable.”

25. Do you have experience with deploying mesh networks? If so, what type of mesh networks have you
deployed?
Wireless mesh networks are a common type of wireless network that is used to connect devices in an area. The
interviewer may ask you this question to learn more about your experience with deploying wireless mesh
networks and how you would approach the task if hired. In your answer, try to explain what mesh networking is
and provide examples of when you have deployed mesh networks in the past.

Example: “Yes, I have experience deploying mesh networks. In my current role as a Wireless Network
Engineer, I have deployed both indoor and outdoor mesh networks. For the indoor deployments, I have used
Wi-Fi mesh technology to provide wireless coverage for large buildings or campuses. This type of deployment
requires careful planning and configuration in order to ensure optimal performance.

For outdoor deployments, I have used cellular mesh networks that utilize multiple base stations to create a wide
area network. This type of deployment is often used to provide internet access in rural areas where traditional
wired infrastructure is not available. The challenge with this type of deployment is ensuring that each base
station is properly configured and connected to the rest of the network.”

1. Which frequency is your laptop using when you connect to your home WiFi Router?

2.4 GHz or 5 GHz

2.4 GHz or 3 GHz
2.4 MHz or 5 GHz
2.4 GHz or 4 THz

2. Number of cycles or waves per second is called as:

Speed
Velocity
Period
Frequency

3. Which of these standards is called as WiFi 6?

802.11n
802.11b
802.11ax
802.11g

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

4. What is SSID (Service Set Identifier) in a Wireless Network?

Wireless MAC Address of your Access Point

Number of the wireless network
Name of the wireless network
IP Address of your Access Point

5. Which type of Wireless LAN topology is this:

Point-to-Point wireless mode

Infrastructure mode
Ad Hoc mode
Direct mode

6. IBSS (Independent Basic Service Set) belongs to which mode:

Ad Hoc mode
Infrastructure mode

7. Which ones of below list are valid Wireless LAN standards?

802.11b, 802.11n, 802.11ad

802.11c, 802.11n, 802.11ad
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
802.11b, 802.11m, 802.11ad
802.11b, 802.11n, 802.11nw

8. Which one of below Wireless LAN standards is the oldest one:

802.1n
802.1ac
802.1ad
802.1b

9. ESS is a collection of multiple BSS:

TRUE
FALSE

10. Which type of Wireless LAN topology is this:

Ad Hoc mode
Infrastructure mode

1) Which of the following is/are the advantages of wireless LANs.

i. Installation speed and simplicity
ii. Installation flexibility
iii. Scalability
A. i and ii only
B. ii and iii only
C. i and iii only
D. All i, ii and iii

2) Which of the following is/are the disadvantages of wireless LANs.

i. Noise and interference
ii. Lower reliability
iii. Fluctuation
A. i and ii only

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

B. ii and iii only
C. i and iii only
D. All i, ii and iii
Ezoic

3) Which of the following is/are the types of LAN.

i. Super LAN
ii. Home RF
iii. Bluetooth
iv. MANET
A. i, ii and iii only
B. ii, iii and iv only
C. i, iii and iv only
D. All i, ii, iii and iv

4) State whether the following statements about the Ad hoc mode are True or False.
i. In Ad hoc mode, there is an access point or infrastructure.
ii. Ad hoc networks only require 802.11 client radios in the client devices that connect to the network.
A. i-True, ii-False
B. i-False, ii-True
C. i-True, ii-True
D. i-False, ii-False
Ezoic

5) State whether the following statements about the infrastructure mode are True or False.
i. In infrastructure mode, MS is connected to a base station or access point.
ii. Infrastructure network is similar to a star network where all the mobile stations are attached to the base
station.
A. i-True, ii-False
B. i-False, ii-True
C. i-True, ii-True
D. i-False, ii-False

6) Which of the following is/are the functions of the physical layer of the IEEE 802 reference model.
i. Encoding and decoding of the signals.
ii. Preamble generation.
iii. Bit transmission and reception
A. i and ii only
B. ii and iii only
C. i and iii only
D. All i, ii and iii

7) The … in a wireless LAN consists of some number of stations executing the same MAC protocol and
competing for access to the same shared wireless medium.
A. Basic Service Set(BSS)
B. Extended Service Set(ESS)
C. Distributed System(DS)
D. Access Point(AP)
Ezoic

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

8) State whether the following statements about the basic service set(BSS) are True or False.
i. A BSS may connect to a backbone distribution system(DS) through an access point(AP).
ii. In BSS, client stations communicate directly with one another.
A. i-True, ii-False
B. i-False, ii-True
C. i-True, ii-True
D. i-False, ii-False
9) An … consists of two or more basic service sets interconnected by a distribution system.
A. Basic Service Set(BSS)
B. Extended Service Set(ESS)
C. Distributed System(DS)
D. Access Point(AP)

10) IEEE 802.11 defines … services that need to be provided by the wireless LAN to provide functionality
equivalent to that which is inherent to wired LANs.
A. seven
B. eight
C. nine
D. ten

11) Which of the following is/are the services provided by the wireless LAN defined by IEEE 802.11?
i. Association
ii. Integration
iii. Distribution
iv. Privacy

A. i, ii and iii only

B. ii, iii and iv only
C. i, iii and iv only
D. All i, ii, iii and iv

12) … are the transaction types defined by IEEE 802.11 standard based on mobility.
i. No transition
ii. Full transaction
iii. BSS transition
iv. ESS transition
A. i, ii and iii only
B. ii, iii and iv only
C. i, iii and iv only
D. All i, ii, iii and iv

13) State whether the following statements about the services need to be provided by the wireless LAN is True
or False.
i. A station should give disassociation notification before leaving an ESS or shutting down.
ii. A station must establish an association with an AP within a particular BSS.
A. i-True, ii-False
B. i-False, ii-True
C. i-True, ii-True
D. i-False, ii-False

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Ezoic
14) The … service is used by the stations to establish their identity with stations they wish to communicate with
IEEE 802.11.
A. Authentication
B. Association
C. De-authentication
D. Privacy

15) … is invoked whenever an existing authentication is to be terminated.

A. Authentication
B. Association
C. De-authentication
D. Privacy

16) … is used to prevent the contents of messages from being read by other than the intended recipient.
A. Authentication
B. Association
C. De-authentication
D. Privacy
Ezoic

17) The IEEE 802.11 MAC layer covers which of the following functions areas.
i. reliable data delivery
ii. medium access control
iii. security
A. i and ii only
B. ii and iii only
C. i and iii only
D. All i, ii and iii

18) State whether the following statements about the IEEE 802.11 physical layer is True or False.
i. IEEE802.11a operates in the 5-GHz band at data rates up to 54 Mbps.
ii. IEEE 802.11b operates in the 5-GHz band at 5.5 and 11 Mbps.
A. i-True, ii-False
B. i-False, ii-True
C. i-True, ii-True
D. i-False, ii-False

19) The 802.11i architecture consists of which of the following ingredients.

i. Authentication
ii. Access control
iii. Privacy with message integrity
iv. Privacy without message integrity
A. i, ii and iii only
B. ii, iii and iv only
C. i, iii and iv only
D. All i, ii, iii and iv

20) IEEE 802.11 includes which of the following features.

i. Open system and shared authentication modes
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
ii. Service set identifiers – SSID
iii. Wired Equipment Privacy – WEP
A. i and ii only
B. ii and iii only
C. i and iii only
D. All i, ii and iii

Answers:

D. All i, ii and iii

D. All i, ii and iii
B. ii, iii and iv only
B. i-False, ii-True
C. i-True, ii-True
Ezoic
D. All i, ii and iii
A. Basic Service Set(BSS)
A. i-True, ii-False
B. Extended Service Set(ESS)
C. nine
D. All i, ii, iii and iv
C. i, iii and iv only
C. i-True, ii-True
A. Authentication
C. De-authentication
D. Privacy
D. All i, ii and iii
A. i-True, ii-False
A. i, ii and iii only
D. All i, ii and iii
………………………………………………………………………………………………………………………
………………………………………
1. In the context of mobile devices, what does the term tethering involve?
 connecting a mobile device to a USB port on a computer in order to charge the mobile device
 connecting a mobile device to another mobile device or computer to share a network connection
 connecting a mobile device to a 4G cellular network
 connecting a mobile device to a hands-free headset
Explanation: Tethering allows a laptop or PC to use the Internet connection of a mobile device such as a cell
phone, usually through a cellular data connection. This allows devices to connect to the Internet in locations
where there is no Wi-Fi or cabled connection, but where there is still a cellular data connection.
2. Which feature of 802.11n wireless access points allows them to transmit data at faster speeds than
previous versions of 802.11 Wi-Fi standards did?
 SPS
 WPS
 MITM
 MIMO
Explanation: Multiple-input multiple-output (MIMO) technology allows 802.11n devices to use multiple
antennas in order to increase the available bandwidth for the wireless network. Single Point Setup (SPS) is a
Cisco technology that makes AP deployment easier by supporting clustering from a single management
interface. Wi-Fi Protected Setup (WPS) is used to simplify connecting clients to secure wireless networks. Man-
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
in-the-middle (MITM) is a type of security attack where the attacker attempts to insert themselves into the
middle of a data stream.
3. Which method of wireless authentication is currently considered to be the strongest?
 open
 WPA
 WPA2
 WEP
 shared key
Explanation: WPA2 can use the AES encryption standard, which is currently the strongest method of
encrypting wireless data.
4. Which parameter is commonly used to identify a wireless network name when a home wireless AP is
being configured?
 SSID
 BESS
 ad hoc
 ESS
Explanation: The SSID is used to name a wireless network. This parameter is required in order for a wireless
client to attach to a wireless AP.
5. Which characteristic describes a wireless client operating in active mode?
 ability to dynamically change channels
 must be configured for security before attaching to an AP
 must know the SSID to connect to an AP
 broadcasts probes that request the SSID
Explanation: A wireless client operating in active mode must know the name of the SSID. Probe requests are
broadcast by a client across multiple channels and include the SSID name and supported standards. Active
mode is used if an AP is configured to not broadcast beacon frames.
6. Which IEEE standard operates at wireless frequencies in both the 5 GHz and 2.4 GHz ranges?
 802.11a
 802.11g
 802.11b
 802.11n
Explanation: The 802.11n standard is backwards compatible with both the 802.11a and 802.11b standards and
therefore operates at both 5 GHz and 2.4 GHz.
7. Which statement describes an autonomous access point?
 It is a standalone access point.
 It is managed by a WLAN controller.
 It is server-dependent.
 It is used for networks that require a large number of access points.
Explanation: An autonomous access point is used in environments that require a small number of access
points. As network demands increase, more access points can be added to the environment with each access
point acting independently of another. An autonomous access point can be configured using either a GUI or
CLI.
8. Which two roles are typically performed by a wireless router that is used in a home or small business?
(Choose two.)
 Ethernet switch
 RADIUS authentication server
 repeater
 WLAN controller
 access point
Explanation: In addition to its roles as router, a typical SOHO wireless router acts as both a wireless access
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
point and an Ethernet switch. RADIUS authentication is provided by an external server. A WLAN controller is
used in enterprise deployments to manage groups of lightweight access points. A repeater is a device that
enhances an incoming signal and retransmits it.
9. Which protocol and port numbers are used by both IPv4 and IPv6 CAPWAP tunnels? (Choose two.)
 TCP
 ICMP
 UDP
 17 and 163
 5246 and 5247
Explanation: CAPWAP can operate either over IPv4 or IPv6 and can use UDP ports 5246 and 5247.
10. If three 802.11b access points need to be deployed in close proximity, which three frequency channels
should be used? (Choose three.)
 8
 1
 3
 11
 6
 5
Explanation: In order to minimize interference, one of the three non-overlapping channels should be used in
2.4GHz Wi-Fi networks: 1, 6, or 11.
11. Which type of telecommunication technology is used to provide Internet access to vessels at sea?
 satellite
 cellular
 WiMax
 municipal WiFi
Explanation: Internet access by means of satellites is available across the world. Temporary installations,
airplanes in flight, and naval vessels benefit from the use of satellite internet. Municipal Wi-Fi, WiMax, and
cellular technology are not able to support the mobile requirements of naval vessels and airplanes in transit.
12. Which wireless network topology is being configured by a technician who is installing a keyboard, a
mouse, and headphones, each of which uses Bluetooth?
 hotspot
 ad hoc mode
 infrastructure mode
 mixed mode
Explanation: Tethering enables a wireless device such as a phone to provide wireless Internet connectivity to
other devices, thus creating a hotspot. Infrastructure mode is the type of wireless network that is created when
an access point is being used. Mixed mode allows older wireless NICs to attach to an access point that can use a
newer wireless standard.
13. Which type of wireless topology is created when two or more Basic Service Sets are interconnected by
Ethernet?
 BSS
 ESS
 ad hoc WLAN
 IBISS
 WiFi Direct
Explanation: Wireless devices operate in either ad hoc or infrastructure modes. An ad hoc WLAN, also
referred to as an independent basic service set (IBISS), operates on a peer-to-peer basis without a network.
Infrastructure modes can consist of a single Basic Service Set (BSS) with an AP interconnecting associated
stations, or an Extended Service Set (ESS), with two or more BSSes interconnected over a wire distribution
system such as Ethernet. WiFi Direct is a compatibility certification unrelated to WLAN topologies.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
14. What Wi-Fi management frame is regularly broadcast by APs to announce their presence?
 association
 beacon
 probe
 authentication
Explanation: Beacon frames are broadcast periodically by the AP to advertise its wireless networks to potential
clients. Probing, association, and authentication frames are only sent when a client is associating to the AP.
15. An AP regularly broadcasts which type of management frame?
 Authentication
 Beacon
 Probe request
 Probe response
Explanation: Beacons are the only management frame that may regularly be broadcast by an AP. Probing,
authentication, and association frames are used only during the association (or reassociation) process.
16. What type of wireless antenna is best suited for providing coverage in large open spaces, such as
hallways or large conference rooms?
 Directional
 Omnidirectional
 Parabolic dish
 Yagi
Explanation: Omnidirectional antennas send the radio signals in a 360 degree pattern around the antenna. This
provides coverage to devices situated anywhere around the access point. Dishes, directional, and Yagi antennas
focus the radio signals in a single direction, making them less suitable for covering large, open areas.
17. Which wireless security method requires clients to manually identify the SSID to connect to the
WLAN?
 MAC Address Filtering
 IP Address Filtering
 SSID cloaking
 SSID disclosing
Explanation: SSID cloaking is a weak security feature that is performed by APs and some wireless routers by
allowing the SSID beacon frame to be disabled. Although clients have to manually identify the SSID to be
connected to the network, the SSID can be easily discovered.
18. What are the two methods that a wireless client can use to discover an AP? (Choose two.)
 Delivering a broadcast frame
 Initiating a three-way handshake
 Receiving a broadcast beacon frame probe response
 Sending an ARP request
 Transmitting a probe request
Explanation: Two methods can be used by a wireless device to discover and register with an access point:
passive mode and active mode. In passive mode, the AP sends a broadcast beacon frame that contains the SSID
and other wireless settings. In active mode, the wireless device must be manually configured for the SSID, and
then the device broadcasts a probe request.
19. What type of wireless network topology would be used in a medium to large organization?
 Ad hoc
 Hotspot
 Infrastructure
 Mixed mode
 Tethering
Explanation: Ad hoc mode (also known as independent basic service set or IBSS) is used in a peer-to-peer
wireless network, such as when Bluetooth is used. A variation of the ad hoc topology exists when a smart phone
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
or tablet with cellular data access is enabled to create a personal wireless hotspot. Mixed mode allows older
wireless NICs to attach to an access point that can use a newer wireless standard.
20. What IEEE 802.11 wireless standards operate only in the 2.4 GHz range? (Choose two.)
 802.11a
 802.11b
 802.11g
 802.11n
 802.11ac
 802.11ad
Explanation: The 802.11a and 802.11ac standards operate only in the 5 GHZ range. The 802.11b and 802.11g
standards operate only in the 2.4 GHz range. The 802.11n standard operates in both the 2.4 and 5 GHz ranges.
The 802.11ad standard operates in the 2.4, 5, and 60 GHz ranges.
21. Which IEEE wireless standard is backward compatible with older wireless protocols and supports
data rates up to 1.3 Gb/s?
 802.11
 802.11a
 802.11ac
 802.11g
 802.11n
Explanation: 802.11ac provides data rates up to 1.3 Gbps and is still backward compatible with 802.11a/b/g/n
devices. 802.11g and 802.11n are older standards that cannot reach speeds over 1 Gbps.
22. In a 2.4 GHz wireless network, which three channels should be used to avoid interference from
nearby wireless devices? (Choose three.)
 0
 1
 3
 6
 9
 11
 14
Explanation: Interference occurs when one signal overlaps a channel reserved for another signal, causing
possible distortion. The best practice for 2.4 GHz WLANs that require multiple APs is to use the non-
overlapping channels 1, 6, and 11. These are selected because they are 5 channels apart and therefore minimize
the interference with adjacent channels.
23. Which authentication method is more secure but requires the services of a RADIUS server?
 WEP Enterprise
 WPA Personal
 WPA Enterprise
 WPA2 Personal
Explanation: WPA and WPA2 Personal are intended for home or small office networks where users
authenticate using a pre-shared key (PSK). WPA and WPA2 Enterprise is intended for enterprise networks but
requires a RADIUS authentication server which provides additional security. WEP Enterprise is not a valid
option.
24. Which option correctly describes when an AP openly advertises its service by periodically sending
broadcast beacon frames containing the SSID, supported standards, and security settings?
 Active mode
 Mixed mode
 Open authentication mode
 Passive mode
Explanation: When an access point is configured in passive mode, the SSID is broadcast so that the name of
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
wireless network will appear in the listing of available networks for clients. Active is a mode used to configure
an access point so that clients must know the SSID to connect to the access point. APs and wireless routers can
operate in a mixed mode, meaning that that multiple wireless standards are supported. Open is an authentication
mode for an access point that has no impact on the listing of available wireless networks for a client.
………………………………………………………………………………………………………………………
………………………….
1. A user is configuring a wireless access point and wants to prevent any neighbors from discovering the
network. What action does the user need to take?
 Configure DMZ settings.
 Configure a DNS server.
 Disable SSID broadcast.
 Enable WPA encryption.
Explanation: Disabling SSID broadcast prevents the access point from announcing the name of the network.
Enabling WPA encryption, configuring DMZ settings, and configuring a DNS server will accomplish different
tasks, but the name of the network will still be announced.
2. When a wireless network in a small office is being set up, which type of IP addressing is typically used
on the networked devices?
 network
 public
 wireless
 private
Explanation: In setting up the wireless network in a small office, it is a best practice to use private IP
addressing because of the flexibility and easy management it offers.
3. A user has just purchased a generic home router and would like to secure it. What should be done to
help secure the wireless home router?
 Change the default SSID.
 Set a private IPv4 network for the internal network.
 Allow only IPv6 traffic to enter the router.
 Change the default administrator password.
Explanation: The home router allows a designated administrator to manage the network. Anyone who knows
the account username and password can log into the router itself, which grants complete access to the features
of the device and information about any devices that are connected. Most router manufacturers configure their
new routers with the same default username and password and thus changing the default administrator password
is a step towards securing the home router.
4. Which protocol could be used by a company to monitor devices such as a wireless LAN controller
(WLC)?
 SSH
 NTP
 PAT
 SNMP
Explanation: The Simple Network Management Protocol (SNMP) is an application layer protocol used to
monitor and manage the network. Network devices must be configured with a community name and IP address
of the SNMP server.
5. When configuring a Cisco 3500 series wireless LAN controller (WLC) for a WPA2 Enterprise WLAN,
what has to be created on the WLC before creating the new WLAN?
 a security module
 a new SSID
 a VLAN for the wireless network
 a security policy
Explanation: On a Cisco 3500 series wireless controller, a new interface for each new wireless network
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
controlled by the WLC must be created. The interface and VLAN are created before configuring the wireless
network.
6. What is a DHCP scope as it relates to a WLAN configured on the WLC controller?
 a pool of IP addresses for WLAN clients
 a corporate plan for allocation of IP addresses for wireless clients
 security rules associated with DHCP for WLANs
 the distance allotted for wireless clients that can receive IP addressing information
Explanation: When configuring a WLC controller as a DHCP server, use the DHCP Scope menu option to
configure IP address-related settings such as the range of IP addresses to assign to WLAN devices, a DNS
server address, and lease time.
7. Why would a technician configure a passphrase for a WLAN on a wireless router?
 to protect someone from changing the configuration
 to protect the SSID from being changed
 to protect someone from cabling directly to the router and accessing the router
 to configure wireless client authentication
Explanation: When a WLAN on a wireless router is being configured, a passphrase is used in the wireless
security settings for a specific security mode. Clients must be configured for the same security mode and the
same passphrase in order to access the WLAN.
8. A customer installs a wireless access point at home in the closet next to the kitchen. The customer
mentions that the wireless communication performance seems degraded when the cordless phone or the
microwave oven is in use. What is the possible reason for this degradation?
 The surge of electricity when a microwave oven is in use disrupts the operation of the access point.
 The cordless phone joins the WLAN and shares the available bandwidth.
 The wireless signal is in the same radio frequency range as the household devices are in.
 The access point is on the same electrical circuit as the phone base unit and microwave oven are.
 The access point is close to walls.
Explanation: Because wireless networks use air as a medium, interference from other sources commonly cause
degradation issues. Sources can include cordless phones, fluorescent lighting, microwave ovens, and other
wireless devices that use the same frequencies.
9. What functionality is required on routers to provide remote workers with VoIP and videoconferencing
capabilities?
 IPsec
 PPPoE
 QoS
 VPN
Explanation: Quality of service (QoS) needs to be enabled on routers to provide support for VoIP and
videoconferencing. QoS refers to the capability of a network to provide better service to selected network
traffic, as required by voice and video applications.
10. A wireless router is displaying the IP address of 192.168.0.1. What could this mean?
 Dynamic IP address allocation has been configured on the router and is functioning correctly.
 The wireless router has been configured to use the frequencies on channel 1.
 The NAT function is not working on the wireless router.
 The wireless router still has the factory default IP address.
Explanation: Wireless routers usually come with factory default settings. The IP address is often set to
192.168.0.1. The default username and password are often admin. The IP address, username, and password
should all be modified to help secure the router.
11. A laptop cannot connect to a wireless access point. Which two troubleshooting steps should be taken
first? (Choose two.)
 Ensure that the wireless SSID is chosen.
 Ensure that the correct network media is selected.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Ensure that the NIC is configured for the proper frequency.
 Ensure that the laptop antenna is attached.
 Ensure that the wireless NIC is enabled.
Explanation: A wireless laptop normally does not have an antenna attached unless a repair has recently been
implemented. If the wireless NIC is enabled, the correct media, radio, will be used. When the NIC detects an
access point, the correct frequency is automatically used.
12. In setting up a small office network, the network administrator decides to assign private IP addresses
dynamically to workstations and mobile devices. Which feature must be enabled on the company router
in order for office devices to access the internet?
 UPnP
 NAT
 QoS
 MAC filtering
Explanation: Network Address Translation (NAT) is the process used to convert private addresses to internet-
routable addresses that allow office devices to access the internet.
13. What is a difference between autonomous APs that operate in a home environment and controller-
based APs that operate in a corporate environment?
 Controller-based APs can be automatically configured and managed by a WLAN controller.
 Controller-based APs are known as lightweight APs and require an initial configuration to operate.
 Autonomous APs do not support PoE.
 Autonomous APs incorporate the functions of a router, switch, and AP into one device.
Explanation: Autonomous APs are standalone devices that are configured via Cisco CLI or a GUI. Controller-
based APs are server-dependent devices that require no initial configuration to operate, because they are
automatically configured and managed by a WLAN controller. Most autonomous and controller-based APs
support PoE.
14. Which WLC tab would a network administrator typically use to see a summary view of the most
heavily used WLANs including the number of clients using a particular WLAN?
 Commands
 Monitor
 WLANs
 Controller
Explanation: Use the Monitor tab and then the Summary option to see information about the WLC, including
the IP address and system uptime as well as information associated with the top WLANs configured and active
within the organization.
15. Users on an IEEE 802.11n network are complaining of slow speeds. The network administrator
checks the AP and verifies it is operating properly. What can be done to improve the wireless
performance in the network?
 Switch to an 802.11g AP.
 Split the wireless traffic between the 802.11n 2.4 GHz band and the 5 GHz band.
 Set the AP to mixed mode.
 Change the authentication method on the AP.
Explanation: The easiest way to improve wireless performance is to split the 802.11n wireless traffic between
the 2.4 GHz band and the 5 GHz band. IEEE 802.11n networks can use the two bands as two separate wireless
networks to help manage the traffic.
16. What is the first security setting that should be applied when connecting a wireless router in a small
network?
 Change the default administrative username and password.
 Enable encryption on the wireless router.
 Disable the wireless network SSID broadcast beacon.
 Enable MAC address filtering on the wireless router.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: The first action that should be taken is to secure administrative access to the wireless router. The
next action would usually be to configure encryption. Then after the initial group of wireless hosts have
connected to the network, MAC address filtering would be enabled and SSID broadcast disabled. This will
prevent new unauthorized hosts from finding and connecting to the wireless network.
17. Which option is an easy way to improve wireless performance on an 802.11n wireless router?
 Connect a Wi-Fi range extender on the 2.4 GHz band to a wireless router on the 5 GHz band.
 Require all wireless devices to use the 802.11g standard.
 Use different SSID names for the 2.4 GHz and 5 GHz bands.
 Use the same SSID name for all wireless bands.
Explanation: By default, dual-band routers and APs use the same network name on both the 2.4 GHz band and
the 5 GHz band. The simplest way to segment traffic is to rename one of the wireless networks.
18. Which Cisco 3504 WLC dashboard menu option provides an overview of the number of configured
wireless networks, associated access points (APs), and active clients?
 Access Points
 Advanced
 Network Summary
 Rogues
Explanation: The Cisco 3504 WLC dashboard displays when a user logs in to the WLC. It provides some basic
settings and menus that users can quickly access to implement a variety of common configurations. The
Network Summary page is a dashboard that provides a quick overview of the number of configured wireless
networks, associated access points (APs), and active clients. You can also see the number of rogue access points
and clients. The Advanced button displays the advanced Summary page providing access to all the features of
the WLC.
19. Which protocol is used to monitor a network?
 LWAPP
 RADIUS
 SNMP
 WLC
Explanation: Simple Network Management Protocol (SNMP) is used to monitor the network.
20. Which service on a wireless router enables a host with an internal private IPv4 address to access an
outside network using a public IPv4 address?
 DHCP
 DNS
 LWAPP
 NAT
Explanation: Any private IPv4 address cannot be routed on the Internet. The wireless router will use a service
called Network Address Translation (NAT) to convert private IPv4 addresses to Internet-routable IPv4
addresses for wireless devices to gain access to the Internet.
21. Which service available on some wireless routers can be used to prioritize email over web data
traffic?
 DHCP
 DNS
 NAT
 QoS
Explanation: Many wireless routers have an option for configuring quality of service (QoS). By configuring
QoS, certain time-sensitive traffic types, such as voice and video, are prioritized over traffic that is not as time-
sensitive, such as email and web browsing.
22. What must be done before creating a new WLAN on a Cisco 3500 series WLC?
 Build or have a RADIUS server available.
 Build or have an SNMP server available.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Create a new SSID.
 Create a new VLAN interface.
Explanation: Each new WLAN configured on a Cisco 3500 series WLC needs its own VLAN interface.
Therefore, it is required that a new VLAN interface be created first before a new WLAN can be created.
23. Which frequency band SSID name should users with time-sensitive applications connect to?
 The 2.4 GHz band, because it is less crowded than the 5 GHz band.
 The 2.4 GHz band, because it has more channels than the 5 GHz band.
 The 2.4 GHz band, because the channel is likely interference-free.
 The 5 GHz band, because it has more channels than the 2.4 GHz band.
Explanation: The 2.4 GHz band may be suitable for basic Internet traffic that is not time-sensitive. The 5 GHz
band is much less crowded than the 2.4 GHz band; ideal for streaming multimedia. The 5 GHz band has more
channels; therefore, the channel chosen is likely interference-free.
24. A Cisco 3500 series WLC is configured to access a RADIUS server. The configuration requires a
shared secret password. What is the purpose for the shared secret password?
 It allows users to authenticate and access the WLAN.
 It is used by the RADIUS server to authenticate WLAN users.
 It is used to authenticate and encrypt user data on the WLAN.
 It is used to encrypt messages between the WLC and the server.
Explanation: The RADIUS protocol uses security features to protect communications between the RADIUS
server and clients. A shared secret is the password used between the WLC and the RADIUS server. It is not for
end users.
25. Which type of WLAN extends wireless coverage using a few APs controlled using a smartphone app?
 Lightweight access point (LWAP)
 Wi-Fi Extender
 Wireless LAN Controller (WLC)
 Wireless Mesh Network (WMN)
Explanation: Extending a WLAN in a small office or home has become increasingly easier. Manufacturers
have made creating a wireless mesh network (WMN) simple through smartphone apps. You buy the system,
disperse the access points, plug them in, download the app, and configure your WMN in a few steps.
………………………………………………………………………………………………………………………
……………………………………..
14.6.2 Module Quiz – Routing Concepts (Answers)
Mar 25, 2021 Last Updated: Jan 8, 2023 CCNA v7 Course #2, CCNA v7.0 No Comments
Share TweetSharePin it

14.6.2 Module Quiz – Routing Concepts Answers

Playvolume00:00/00:00Tech WorldTruvidfullScreen

1. Which feature on a Cisco router permits the forwarding of traffic for which there is no specific route?
 next-hop
 gateway of last resort
 outgoing interface
 route source
Explanation: A default static route is used as a gateway of last resort to forward unknown destination traffic to
a next hop/exit interface. The next-hop or exit interface is the destination to send traffic to on a network after the
traffic is matched in a router. The route source is the location a route was learned from.
2. Which three advantages are provided by static routing? (Choose three.)
 Static routing does no advertise over the network, thus providing better security.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  No intervention is required to maintain changing route information.
 Static routes scale well as the network grows.
 The path a static route uses to send data is known.
 Configuration of static routes is error-free.
 Static routing typically uses less network bandwidth and fewer CPU operations than dynamic
routing does.
Explanation: Static routes are prone to errors from incorrect configuration by the administrator. They do not
scale well, because the routes must be manually reconfigured to accommodate a growing network. Intervention
is required each time a route change is necessary. They do provide better security, use less bandwidth, and
provide a known path to the destination.
3. What are two functions of dynamic routing protocols? (Choose two.)
 to discover the network
 to avoid exposing network information
 to assure low router overhead
 to choose the path that is specified by the administrator
 to maintain routing tables
Explanation: Dynamic routing protocols exist to discover the network, maintain routing tables, and calculate
the best path. Having low levels of routing overhead, using the path specified by the administrator, and avoiding
the exposure of network information are functions of static routing.
4. What is an advantage of using dynamic routing protocols instead of static routing?
 fewer router resource overhead requirements
 easier to implement
 more secure in controlling routing updates
 ability to actively search for new routes if the current path becomes unavailable
Explanation: Dynamic routing has the ability to search and find a new best path if the current path is no longer
available. The other options are actually the advantages of static routing.
5. Which value represents the “trustworthiness” of a route and is used to determine which route to install
into the routing table when there are multiple routes toward the same destination?
 outgoing interface
 routing protocol
 metric
 administrative distance
Explanation: The administrative distance represents the trustworthiness of a particular route. The lower an
administrative distance, the more trustworthy the learned route is. When a router learns multiple routes toward
the same destination, the router uses the administrative distance value to determine which route to place into the
routing table. A metric is used by a routing protocol to compare routes received from the routing protocol. An
exit interface is the interface used to send a packet in the direction of the destination network. A routing
protocol is used to exchange routing updates between two or more adjacent routers.
6. Which packet-forwarding method does a router use to make switching decisions when it is using a
forwarding information base and an adjacency table?
 fast switching
 process switching
 Cisco Express Forwarding
 flow process
Explanation: Cisco Express Forwarding (CEF) is the fastest and preferred switching method. It uses a FIB and
an adjacency table to perform the task of packet switching. These data structures change with the topology.
7. Which type of route would typically be used on a border router so that devices inside the company
could access the Internet?
 static
 directly connected

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  summary
 default
Explanation: A default route is commonly used on the edge router of a company to connect to an ISP. A
default route is a specialized static route that uses the network number and mask of all 0s (0.0.0.0 0.0.0.0). For
this reason, it is sometimes known as a quad zero route.
8. What are two functions of a router? (Choose two.)
 It provides segmentation at Layer 2.
 A router connects multiple IP networks.
 It determines the best path to send packets.
 It builds a routing table based on ARP requests.
 It controls the flow of data via the use of Layer 2 addresses.
Explanation: Routers connect multiple networks, determine the best path to send packets, and forward packets
based on a destination IP address.
9. When a router learns that multiple paths are available to a destination network from the same routing
protocol, which factor is considered by a router to choose the best path to forward a packet?
 the reliability value of the neighboring routers
 the fastest bandwidth of exiting interfaces
 the lowest metric
 the order of paths on the routing table
Explanation: When a router learns that multiple paths are available to a destination network from the same
routing protocol, the route with the lowest metric is put into the routing table to forward packets toward that
network.
10. Which two route source codes are automatically created within a routing table whenever a router
interface is configured with an IP address and activated? (Choose two.)
 D
 S
 C
 L
 O
Explanation: Directly connected and local routes are automatically created whenever an interface is configured
with an IP address and activated.
11. The output of the show ip route command contains the following entry:

S 10.2.0.0 [1/0] via 172.16.2.2.

What value is indicated by the 1 in the [1/0] portion of the output?

 metric
 interface ID through which the network can be reached
 number of hops
 administrative distance
Explanation: In the routing table entry, S 10.2.0.0 [1/0] via 172.16.2.2, the numbers inside the bracket indicate
the administrative distance and metric respectively.
12. Which type of static route creates a gateway of last resort?
 summary static route
 standard static route
 floating static route
 default static route
Explanation: There are four basic types of static routes. Floating static routes are backup routes that are placed
into the routing table if a primary route is lost. A summary static route aggregates several routes into one,
reducing the size of the routing table. Standard static routes are entered manually into the routing table. Default

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

static routes create a gateway of last resort.
13. What are two common types of static routes in routing tables? (Choose two)
 a static route converted from a route that is learned through a dynamic routing protocol
 a static route to a specific network
 a default static route
 a static route shared between two neighboring routers
 a built-in static route by IOS
Explanation: There are two common types of static routes in a routing table, namely, a static route to a specific
network and a default static route. A static route configured on a router can be distributed by the router to other
neighboring routers. However, the distributed static route will be a little different in the routing table on
neighboring routers.
14. What are two reasons why an administrator might choose to use static routing rather than dynamic
routing? (Choose two.)
 Static routing uses less router processing and bandwidth.
 Static routing is easier to maintain in large networks.
 Static routing does not require complete knowledge of the whole network.
 Static routing is more secure.
 Static routing is more scalable.
Explanation: Because static routes must be created and changed manually, they require a larger investment of
administrative time and do not scale easily. Static routes do not require additional CPU cycles to calculate and
advertise routes, and they provide more security because they are not advertised over the network. Proper
implementation of static routes requires the administrator to have a complete understanding of the network
topology.
15. What address and prefix length is used when configuring an IPv6 default static route?
 ::1/128
 FF02::1/8
 ::/0
 0.0.0.0/0
Explanation: The IPv6 address and prefix for a default static route is ::/0. This represents all zeros in the
address and a prefix length of zero.
16. What are two advantages of static routing over dynamic routing? (Choose two.)
 Static routing is more secure because it does not advertise routes to other routers.
 Static routing is relatively easy to configure for large networks.
 Static routing requires very little knowledge of the network for correct implementation.
 Static routing scales well with expanding networks.
 Static routing uses fewer router resources than dynamic routing.
Explanation: Static routing requires a thorough understanding of the entire network for proper implementation.
It can be prone to errors and does not scale well for large networks. Static routing uses fewer router resources
because no computing is required for updating routes. Static routing can also be more secure because it does not
advertise over the network.
17. What type of route allows a router to forward packets even though its routing table contains no
specific route to the destination network?
 default route
 destination route
 dynamic route
 generic route
Explanation: A static default route is a catch-all route for all unmatched networks.
18. The network administrator configures the router with the ip route 172.16.1.0 255.255.255.0 172.16.2.2
command. How will this route appear in the routing table?
 C 172.16.1.0 [1/0] via 172.16.2.2

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  C 172.16.1.0 is directly connected, Serial0/0
 S 172.16.1.0 [1/0] via 172.16.2.2
 S 172.16.1.0 is directly connected, Serial0/0
Explanation: The route will appear in the routing with a code of S (Static).
19. R1 is configured with the ip route 10.1.0.0 255.255.0.0 g0/0/0 command. What happens if the G0/0/0
interface goes down?
 The manually configured route remains in the routing table.
 The router polls neighbors for a replacement route.
 The router redirects the static route to a backup interface.
 The static route is removed from the routing table.
Explanation: When the interface associated with a static route goes down, the router will remove the route
because it is no longer valid.
20. What static route identifies the gateway IP address to which the router sends all IP packets for which
it does not have a learned route?
 Default static route
 Floating static route
 Generic static route
 Summary static route
Explanation: A default static route is a route that matches all packets. It identifies the gateway IP address to
which the router sends all IP packets for which it does not have a learned or static route. A default static route is
simply a static route with 0.0.0.0/0 as the destination IPv4 address or ::/0 for IPv6. Configuring a default static
route creates a gateway of last resort.
21. On which type of network would a dynamic routing protocol be implemented in?
 On a home network router with wireless clients.
 On a network that commonly experiences topology changes.
 On a small two router network.
 On a stub network connecting to a provider.
Explanation: Dynamic routing protocols consume more router resources, are suitable for larger networks, and
are more useful on networks that are growing and changing.
22. Which value in a routing table is used to compare routes received from a routing protocol?
 administrative distance
 metric
 outgoing interface
 routing protocol
Explanation: A metric is used by a routing protocol to compare routes received from the routing protocol. An
exit interface is the interface used to send a packet in the direction of the destination network. A routing
protocol is used to exchange routing updates between two or more adjacent routers. The administrative distance
represents the trustworthiness of a particular route. The lower an administrative distance, the more trustworthy
the learned route is. When a router learns multiple routes toward the same destination, the router uses the
administrative distance value to determine which route to place into the routing table.
23. A network administrator configures the G0/0/0 interface with the ip address 10.1.1.0 255.255.255.0
command. However, when the administrator issues the show ip route command, the routing table does
not show the directly connected network. What is the possible cause of the problem?
 No packets with a destination network of 172.16.1.0 have been sent to R1.
 The configuration needs to be saved first.
 The G0/0/0 interface has not been activated.
 The subnet mask is incorrect for the IPv4 address.
Explanation: A directly connected network will be added to the routing table when these three conditions are
met: (1) the interface is configured with a valid IP address; (2) it is activated with the no shutdown command;
and (3) it receives a carrier signal from another device that is connected to the interface. An incorrect subnet
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
mask for an IPv4 address will not prevent its appearance in the routing table, although the error may prevent
successful communications.
………………………………………………………………………………………………………………………
…………….
1. A network administrator configures a router by the command ip route 0.0.0.0 0.0.0.0 209.165.200.226.
What is the purpose of this command?
 to forward all packets to the device with IP address 209.165.200.226
 to forward packets destined for the network 0.0.0.0 to the device with IP address 209.165.200.226
 to provide a route to forward packets for which there is no route in the routing table
 to add a dynamic route for the destination network 0.0.0.0 to the routing table
Explanation: The command ip route 0.0.0.0 0.0.0.0 <next hop> adds a default route to the routing table of a
router. When the router receives a packet and does not have a specific route toward the destination, it forwards
the packet to the next hop indicated in the default route. A route created with the ip route command is a static
route, not a dynamic route.
2. Which type of static route that is configured on a router uses only the exit interface?
 fully specified static route
 directly connected static route
 recursive static route
 default static route
Explanation: When only the exit interface is used, the route is a directly connected static route. When the next-
hop IP address is used, the route is a recursive static route. When both are used, it is a fully specified static
route.
3. A network administrator uses the command ip route 172.18.0.0 255.255.0.0 S0/0/1 to configure a
floating static route on a router. That route will function as a backup route to reach the EIGRP learned
network 172.18.0.0/16. After this configuration, the EIGRP route is removed from the routing table even
though EIGRP is still functioning properly. Why is the static route not functioning as intended?
 The network mask is incorrectly configured.
 The next hop neighbor IP address is not configured.
 The destination network is incorrectly configured.
 The administrative distance value is not high enough on the static route.
Explanation: A floating static route requires an administrative distance greater than that of the dynamic routing
protocol in order to be used as a backup route. In this problem an administrative distance greater than 90 would
have to be added to the static route: ip route 172.18.0.0 255.255.0.0 S0/0/1 100.
4. What type of static route is created when the next-hop IP address and exit interface are specified?
 recursive static route
 directly connected static route
 fully specified static route
 floating static route
Explanation: A fully specified static route has the next-hop IP address and exit interface specified. A recursive
static route has only the next-hop IP address specified. A directly attached static route has only the router exit
interface specified. A floating static route has a higher metric than the dynamic routes and serves as a backup
route.
5. What is the correct syntax of a floating static route?
 ip route 209.165.200.228 255.255.255.248 serial 0/0/0
 ip route 209.165.200.228 255.255.255.248 10.0.0.1 120
 ip route 172.16.0.0 255.248.0.0 10.0.0.1
 ip route 0.0.0.0 0.0.0.0 serial 0/0/0
Explanation: Floating static routes are used as backup routes, often to routes learned from dynamic routing
protocols. To be a floating static route, the configured route must have a higher administrative distance than the
primary route. For example, if the primary route is learned through OSPF, then a floating static route that serves
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
as a backup to the OSPF route must have an administrative distance greater than 110. The administrative
distance on a floating static route is put at the end of the static route: ip route 209.165.200.228 255.255.255.248
10.0.0.1 120.
6. Which static route statement shows a recursive IPv6 static route?
 ipv6 route 0::/0 S0/0/0 254
 ipv6 route 0::/0 S0/0/0
 ipv6 route 2001:db8:cafe:1::/56 S0/0/0 2001:db8:1000:10::1
 ipv6 route 2001:db8:cafe:1::/56 2001:db8:1000:10::1
 ipv6 route 2001:db8:cafe:1::/56 S0/0/0
Explanation: In a recursive static route, only the next-hop IPv6 address is specified. As a consequence, the
router must perform a recursive route table lookup to find an exit interface associated with the network of the
IPv6 address.
7. A network administrator is configuring a route to forward packets to a specific web server. What type
of route should be configured by the administrator?
 an OSPF route
 a static route with an administrative distance higher than 1
 a default route
 a host route
 an EIGRP route
Explanation: A host route is a route installed in the routing table where the destination address has a subnet
mask of /32 for IPv4 or /128 for IPv6, an address of a specific device. A host route can allow for a more
efficient processing of packets that are directed to the device, rather than for packet forwarding, such as by a
default route, an OSPF route, or an EIGRP route.
8. Which command would create a valid IPv6 default route?
 ipv6 route 2001:db8:acad:1:/64 ::1
 ipv6 route ::/128 2001:db8:acad:1::1
 ipv6 route ::/o 2001:db8:acad:2::a
 ipv6 route ::/0 fe80::1
Explanation: The correct prefix and prefix length for a default route is ::/0, which matches any address. ::/128
matches only the specific address of all zeros. When creating a static route that uses a link-local address as the
next hop, an exit interface must also be specified for the route to be valid.
9. What is a characteristic of a default static route?
 It backs up a route already discovered by a dynamic routing protocol.
 It is configured with a higher administrative distance than is the original dynamic routing protocol.
 It uses a single network address to send multiple static routes to one destination address.
 It identifies the gateway IP address to which the router sends all IP packets for which it does not
have a learned or static route.
Explanation: A default static route is a route that matches all packets. It identifies the gateway IP address to
which the router sends all IP packets for which the router does not have a learned or static route. A default static
route is simply a static route with 0.0.0.0/0 as the destination IPv4 address. Configuring a default static route
creates a gateway of last resort.
10. What is the purpose of a floating static route?
 It is commonly used when a dynamic routing protocol is not being used.
 It allows connectivity to remote destinations that are not contained in the routing table.
 It allows summarization of contiguous networks.
 It allows an alternate connection to be used when the preferred link fails.
Explanation: A floating static route is a backup route with an administrative distance that is higher than a
dynamically learned route or another static route. The purpose of a floating static route is to use a particular path
to a destination network that is not the best route, but is used only when the preferred route is down.
11. Which IPv6 static route would serve as a backup route to a dynamic route learned through OSPF?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  Router1(config)# ipv6 route 2001:db8:acad:1::/32 gigabitethernet0/0 2001:db8:acad:6::100 100
 Router1(config)# ipv6 route 2001:db8:acad:1::/32 2001:db8:acad:6::100
 Router1(config)# ipv6 route 2001:db8:acad:1::/32 2001:db8:acad:6::2 100
 Router1 (config)# ipv6 route 2001:db8:acad:1::/32 2001:db8:acad:6::2 200
Explanation: The command ipv6 route 2001:db8:acad:1::/32 2001:db8:acad:6::2 200, specifies a floating static
route to the 2001:db8:acad:1::/32 network with an administrative distance of 200. Since OSPF has an
administrative distance of 110, the static route would only be placed in the routing table if the OSPF learned
route was removed.
12. What command, or set of commands, would be used to determine if the following configuration on
router HQ works as designed?

ip route 0.0.0.0 0.0.0.0 serial 0/0/0 10

ip route 0.0.0.0 0.0.0.0 serial 0/1/0

 HQ# traceroute 128.107.0.99

 HQ# show ip route
 HQ(config)# interface serial 0/1/0
HQ(config-if)# shutdown
HQ(config-if)# end
HQ# show ip route
 HQ# ping 128.107.0.99
HQ# ping 64.100.0.5
 HQ# show ip interface brief
Explanation: To test a floating static route, take down the main route/link in order to see whether the backup
link appears in the routing table. The show ip route command simply shows the routing table. Only one of the
static routes would be shown at any one time.
13. Which type of static route typically uses the distance parameter in the ip route global configuration
command?
 floating static route
 summary static route
 standard static route
 default static route
Explanation: Because a floating static route is not designed to be used as a primary route, its configuration
requires a higher administrative distance than the usual default value of 1. When set higher than the
administrative distance for the current routing protocol, the distance parameter allows the route to be used only
when the primary route fails. All other forms of static routes have specific uses as primary routes.
14. Why would a floating static route be configured with an administrative distance that is higher than
the administrative distance of a dynamic routing protocol that is running on the same router?
 to be used as a backup route
 to load-balance the traffic
 to act as a gateway of last resort
 to be the priority route in the routing table
Explanation: By default, dynamic routing protocols have a higher administrative distance than static routes.
Configuring a static route with a higher administrative distance than that of the dynamic routing protocol will
result in the dynamic route being used instead of the static route. However, should the dynamically learned
route fail, then the static route will be used as a backup.
15. What network address and subnet mask combination would be used to create a default static route
that matches any IPv4 destination?
 0.0.0.0 0.0.0.0

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  255.255.255.255 0.0.0.0
 255.255.255.255 255.255.255.255
 0.0.0.0 255.255.255.255
Explanation: For a route to be considered a default static route it must use a network ID and subnetmask
combination that will match any destination IP address. The address and mask of 0.0.0.0 0.0.0.0 in a static route
will create a route table entry that matches any destination.
16. Assume the administrator has entered the ip route 192.168.10.0 255.255.255.0 10.10.10.2 5 command.
How would an administrator test this configuration?
 Delete the default gateway route on the router.
 Manually shut down the router interface used as a primary route.
 Ping any valid address on the 192.168.10.0/24 network.
 Ping from the 192.168.10.0 network to the 10.10.10.2 address.
Explanation: A floating static route is a backup route that only appears in the routing table when the interface
used with the primary route is down. To test a floating static route, the route must be in the routing table.
Therefore, shutting down the interface used as a primary route would allow the floating static route to appear in
the routing table.
17. What route has the highest administrative distance?
 A directly connected network
 A route received through the EIGRP routing protocol
 A route received through the OSPF routing protocol
 A static route
Explanation: The most believable route or the route with the lowest administrative distance is one that is
directly connected to a router. In order of trustworthiness is A (AD = 0), D (Static route AD = 1), B (EIGRP AD
= 90), and C (OSPF AD = 110). Therefore, the OSPF routes are considered to be the least trustworthy.
18. Which route would be used to forward a packet with a source IP address of 10.10.10.1 and a
destination IP address of 172.16.1.1?
 C 10.10.10.0/30 is directly connected, GigabitEthernet 0/1
 O 172.16.1.0/24 [110/65] via 10.10.200.2, 00:01:20, Serial 0/1/0
 S* 0.0.0.0/0 [1/0] via 172.16.1.1
 S 172.16.0.0/16 is directly connected, GigabitEthernet 0/0
Explanation: Even though OSPF has a higher administrative distance value (less trustworthy), the best match is
the route in the routing table that has the greatest number of far-left matching bits.
19. Which static route is a fully specified static route?
 ip route 10.1.1.0 255.255.0.0 G0/0/1 172.16.2.2
 ip route 10.1.1.0 255.255.0.0 172.16.2.2
 ip route 10.1.1.0 255.255.0.0 172.16.2.2 5
 ip route 10.1.1.0 255.255.0.0 G0/0/1
Explanation: A fully specified static route can be used to avoid recursive routing table lookups by the router. A
fully specified static route contains both the IP address of the next-hop router and the ID of the exit interface.
20. Which type of route could be configured to be a backup route for a dynamic routing protocol?
 Backup static route
 Floating static route
 Generic static route
 Summary static route
Explanation: By default, dynamic routing protocols have a higher administrative distance than static routes.
Configuring a static route with a higher administrative distance than that of the dynamic routing protocol will
result in the dynamic route being used instead of the static route. However, should the dynamically learned
route fail, the static route will be used as a backup.
21. On which router would a default static route be configured?
 A router providing DHCP services to clients.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  A router that is connected to multiple providers.
 A stub router connecting to a service provider.
 On all routers in the network.
Explanation: A stub router or an edge router connected to an ISP has only one other router as a connection. A
default static route works in those situations because all traffic will be sent to one destination. The destination
router is the gateway of last resort. The default route is not configured on the gateway, but on the router sending
traffic to the gateway.
22. What network prefix and prefix-length combination is used to create a default static route that will
match any IPv6 destination?
 ipv6 route ::/0 2001:db8:acad:2::2
 ipv6 route ::/128 2001:db8:acad:2::2
 ipv6 route ::1/64 2001:db8:acad:2::2
 ipv6 route FFFF::/128 2001:db8:acad:2::2
Explanation: A default static route configured for IPv6 is a network prefix of all zeros and a prefix mask of 0,
which is expressed as ::/0.
23. How would you test a floating static route?
 Delete the default gateway route on the router.
 Manually shut down the router interface used as a primary route.
 Ping any valid address on the 192.168.10.0/24 network.
 Ping from the 192.168.10.0 network to the 10.10.10.2 address.
Explanation: A floating static route is a backup route that only appears in the routing table when the interface
used with the primary route is down. To test a floating static route, the route must be in the routing table.
Therefore, shutting down the interface used as a primary route would allow the floating static route to appear in
the routing table.
………………………………………………………………………………………………………………………
…………………………..
1. Which sequence correctly identifies the order of the steps that a router will perform when it receives a
packet on an Ethernet interface?
 1. The router examines the destination MAC address.
2. The router identifies the Ethernet Type field.
3. The router de-encapsulates the Ethernet frame.
4. The router examines the destination IP address.
 1. The router de-encapsulates the Ethernet frame.
2. The router examines the destination MAC address.
3. The router identifies the Ethernet Type field.
4. The router examines the destination IP address.
 1. The router examines the destination IP address.
2. The router examines the destination MAC address.
3. The router identifies the Ethernet Type field.
4. The router de-encapsulates the Ethernet frame.
 1. The router examines the destination MAC address.
2. The router identifies the Ethernet Type field.
3. The router examines the destination IP address.
4. The router de-encapsulates the Ethernet frame.
 1. The router examines the destination IP address.
2. The router examines the destination MAC address.
3. The router de-encapsulates the Ethernet frame.
4. The router identifies the Ethernet Type field.
Explanation: When a router receives a packet the first thing that happens is the destination MAC address is
checked to verify that the rest of the packet should be processed. Assuming the destination MAC address
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
matches the address on the router interface, the Ethernet Type field is checked to determine what Layer 3
protocol is encapsulated in the frame. The frame is then de-encapsulated and the destination IP address is
examined to determine where the packet should be sent.
2. Which three IOS troubleshooting commands can help to isolate problems with a static route? (Choose
three.)
 show version
 show arp
 show ip interface brief
 show ip route
 tracert
 ping
Explanation: The ping, show ip route, and show ip interface brief commands provide information to help
troubleshoot static routes. Show version does not provide any routing information. The tracert command is
used at the Windows command prompt and is not an IOS command. The show arp command displays learned
IP address to MAC address mappings contained in the Address Resolution Protocol (ARP) table.
3. A network administrator has entered a static route to an Ethernet LAN that is connected to an
adjacent router. However, the route is not shown in the routing table. Which command would the
administrator use to verify that the exit interface is up?
 show ip interface brief
 tracert
 show ip protocols
 show ip route
Explanation: The network administrator should use the show ip interface brief command to verify that the
exit interface or the interface connected to the next hop address is up and up. The show ip route command has
already been issued by the administrator. The show ip protocols command is used when a routing protocol is
enabled. The tracert command is used from a Windows PC.
4. A static route has been configured on a router. However, the destination network no longer exists.
What should an administrator do to remove the static route from the routing table?
 Remove the route using the no ip route command.
 Change the routing metric for that route.
 Change the administrative distance for that route.
 Nothing. The static route will go away on its own.
Explanation: When the destination network specified in a static route does not exist anymore, the static route
stays in the routing table until it is manually removed by using the no ip route command.
5. Which statement describes the sequence of processes executed by a router when it receives a packet
from a host to be delivered to a host on another network?
 It de-encapsulates the packet and forwards it toward the destination host.
 It de-encapsulates the packet, selects the appropriate path, and encapsulates the packet to forward it
toward the destination host.
 It receives the packet and forwards it directly to the destination host.
 It selects the path and forwards it toward the destination host.
Explanation: The router receives the packet, de-encapsulates it to select the appropriate path, encapsulates the
packet, and then forwards it toward the destination host.
6. A network engineer issues the show cdp neighbor command on several network devices during the
process of network documentation. What is the purpose of performing this command?
 to verify the network addresses that are attached to the network devices
 to obtain information about directly connected Cisco devices
 to check the networks that are advertised by the neighboring routers
 to check the connectivity of PCs that are connected to the network devices
Explanation: The show cdp neighbor command is used to obtain detailed information about directly
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
connected Cisco devices. The information does not include which networks are attached to the neighboring
Cisco devices nor the connectivity of PCs that are attached to them. The show ip route command is used to
view the networks that are advertised from neighboring routers.
7. A network administrator notices that a correctly entered static route is not in the routing table. What
two router commands would an administrator use to determine if the exit interface was up and the next
hop address is available? (Choose two.)
 show ip interface brief
 ping
 show ip route
 show ip protocols
 tracert
Explanation: The network administrator could use the show ip interface brief command to verify that the exit
interface or the interface connected to the next hop address is up and up. The ping command can be used to see
if the next hop address is reachable. The show ip route command displays the routing table. The show ip
protocols command is used when a routing protocol is enabled. The tracert command is used from a Windows
PC.
8. A network administrator has entered the following command:

ip route 192.168.10.64 255.255.255.192 serial0/0/1

When the network administrator enters the command show ip route, the route is not in the routing table.
What should the administrator do next?
 Re-enter the command using the correct mask.
 Re-enter the command using a network number rather than a usable IP address.
 Verify that the serial 0/0/1 interface is active and available.
 Verify that the 192.168.10.64 network is active within the network infrastructure.
Explanation: The reason that a correctly typed static network would not go into the routing table is if the exit
interface is not available. The 192.168.10.64 is a valid network number and that route does not have to be “up
and up” in order for a static route to be configured on a remote router.
9. What will a router do if it does not have a default route configured and a packet needs to be forwarded
to a destination network that is not listed in the routing table?
 send it back to the source
 drop it
 forward it to another router
Explanation: A router will only forward packets if it has the destination network in its routing table. If it
receives a packet with a destination network that is not in the routing table, the router will drop it. A default
route can be installed on a router to make the router forward packets to another router that can route the packet
to its destination.
10. What does the letter C mean next to an entry in the output of the show ip route command?
 It identifies a network that is learned through EIGRP.
 It identifies a network that is directly connected to the router.
 It identifies a network that is learned through OSPF.
 It identifies a network that is a static route.
Explanation: In a routing table, the label C identifies a network that is directly connected to an interface on the
device. This entry is added to the routing table when an interface is configured with an IP address and activated.
11. What happens to a static route entry in a routing table when the outgoing interface associated with
that route goes into the down state?
 The router automatically redirects the static route to use another interface.
 The router polls neighbors for a replacement route.
 The static route is removed from the routing table.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  The static route remains in the table because it was defined as static.
Explanation: When the interface associated with a static route goes down, the router will remove the route
because it is no longer valid.
12. What action will a router take to forward a frame if it does not have an entry in the ARP table to
resolve a destination MAC address?
 Sends a DNS request
 Drops the frame
 Sends an ARP request
 Sends frame to the default gateway
Explanation: A router looks up the ARP table entry for the destination IP address to find the Layer 2 Media
Access Control (MAC) address of the host. If no entry exists, the router sends an Address Resolution Protocol
(ARP) request out of network interface, and the host responds with an ARP reply, which includes its MAC
address.
13. You cannot ping a directly connected host. Which IOS command can be used to validate Layer 1 and
Layer 2 connectivity?
 ping
 show cdp neighbors detail
 show ip interface brief
 show ip route
 traceroute
Explanation: The show cdp neighbors command provides a list of directly connected Cisco devices. This
command validates Layer 2 (and therefore Layer 1) connectivity. For example, if a neighbor device is listed in
the command output, but it cannot be pinged, Layer 3 addressing should be investigated.
………………………………………………………………………………………………………………………
……………….
1. What is a function of OSPF hello packets?
 to discover neighbors and build adjacencies between them
 to ensure database synchronization between routers
 to send specifically requested link-state records
 to request specific link-state records from neighbor routers
Explanation: The OSPF hello packet serves three primary functions: discover OSPF neighbors and establish
adjacencies, advertise parameters that OSPF neighbors must agree on, and elect the DR and BDR.
2. Which OPSF packet contains the different types of link-state advertisements?
 LSU
 LSR
 hello
 DBD
 LSAck
Explanation: Link-state update (LSU) packets contain different types of link-state advertisements (LSAs). The
LSUs are used to reply to link-state requests (LSRs) and to announce new information.
3. Which statements describe features of the OSPF topology table? (Choose three.)
 After convergence, the table only contains the lowest cost route entries for all known networks.
 The topology table contains feasible successor routes.
 The table can be viewed via the show ip ospf database command.
 Its contents are the result of running the SPF algorithm.
 It is a link-state database that represents the network topology.
 When converged, all routers in an area have identical topology tables.
Explanation: The topology table on an OSPF router is a link-state database (LSDB) that lists information about
all other routers in the network, and represents the network topology. All routers within an area have identical
link-state databases, and the table can be viewed using the show ip ospf database command. The EIGRP
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
 topology table contains feasible successor routes. This concept is not used by OSPF. The SPF algorithm uses
the LSDB to produce the unique routing table for each router which contains the lowest cost route entries for
known networks.
4. What does an OSPF area contain?
 routers that share the same process ID
 routers that share the same router ID
 routers that have the same link-state information in their LSDBs
 routers whose SPF trees are identical
Explanation: An OSPF area contains one set of link-state information, although each router within the area will
process that information individually to form its own SPF tree. OSPF process IDs are locally significant and are
created by the administrator. Router IDs uniquely identify each router.
5. A router is participating in an OSPFv2 domain. What will always happen if the dead interval expires
before the router receives a hello packet from an adjacent DROTHER OSPF router?
 A new dead interval timer of 4 times the hello interval will start.
 SPF will run and determine which neighbor router is “down”.
 OSPF will run a new DR/BDR election.
 OSPF will remove that neighbor from the router link-state database.
Explanation: On Cisco routers the default dead interval is 4 times the hello interval, and this timer has expired
in this case. SPF does not determine the state of neighbor routers; it determines which routes become routing
table entries. A DR/DBR election will not always automatically run; this depends on the type of network and on
whether or not the router no longer up was a DR or BDR.
6. What is the order of packet types used by an OSPF router to establish convergence?
 LSAck, Hello, DBD, LSU, LSR
 LSU, LSAck, Hello, DBD, LSR
 Hello, DBD, LSR, LSU, LSAck
 Hello, LSAck, LSU, LSR, DBD
Explanation: An OSPF router progresses in this order to convergence, using the following packets:
1. Hello packet, used for OSPF election and establishing neighbor adjacencies
2. DBD packet, used to synchronize databases with neighbors
3. LSR packet, used to request more information in synchronizing databases
4. LSU packet, used to send link-state updates to neighbors
5. LSAck packet, used to acknowledge receipt of an LSU
7. What is a feature of the OSPF routing protocol?
 OSPF authentication is configured in the same way on IPv4 and IPv6 networks.
 Routers can be grouped into autonomous systems to support a hierarchical system.
 It scales well in both small and large networks.
 The SPF algorithm chooses the best path based on 30-second updates.
Explanation: OSPF uses the SPF algorithm to choose the best path. Routing changes trigger routing updates
(no 30-second updates). In IPv4, OSPF uses MD5 authentication between two neighboring OSPF routers. In
IPv6, OSPFv3 does not include any authentication capabilities of its own. Instead it relies entirely on IPsec to
secure communications between neighbors. Routers can be grouped into areas to support a hierarchical system.
8. What is used to create the OSPF neighbor table?
 link-state database
 forwarding database
 routing table
 adjacency database
Explanation: The adjacency database is used to create the OSPF neighbor table. The link-state database is used
to create the topology table, and the forwarding database is used to create the routing table.
9. What is identical on all OSPF routers within a single area?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  neighbor table
 routing table
 link-state database
 static routes
Explanation: When the LSP flooding process completes, all OSPF routers will learn the same link-state
information in the routing area. This information is used to build a complete link-state database, which will be
the same on all OSPF routers within that specific area.
10. What function is performed by the OSPF designated router?
 summarizing routes between areas
 maintaining the link-state database
 redistribution of external routes into OSPF
 dissemination of LSAs
Explanation: OSPF designated routers are elected on multiaccess networks to disseminate LSAs to other OSPF
routers. By having a single router disseminate LSAs, the exchanging of LSAs is more efficient.
11. What are two reasons for creating an OSPF network with multiple areas? (Choose two.)
 to simplify configuration
 to ensure that an area is used to connect the network to the Internet
 to reduce use of memory and processor resources
 to reduce SPF calculations
 to provide areas in the network for routers that are not running OSPF
Explanation: If a router is not running OSPF, it is not configurable with an OSPF area. OSPF areas have no
direct relationship with the Internet. Routers that run OSPF can connect to the Internet, but multiple OSPF areas
are not required for this purpose. OSPF areas help to decrease the demand for router memory and processing
power by limiting OSPF protocol traffic, keeping link-state databases small, and requiring fewer SPF
recalculations. Multiarea OSPF requires additional steps to configure and therefore does not simplify the
configuration process.
12. At which OSPF state are neighbor routers converged and able to exchange routing updates?
 Exchange
 Two-Way
 ExStart
 Full
Explanation: OSPF neighbors that reach the Full state are converged and can exchange routing information.
13. The OSPF hello timer has been set to 15 seconds on a router in a point-to-point network. By default,
what is the dead interval on this router?
 30 seconds
 60 seconds
 45 seconds
 15 seconds
Explanation: By default, the dead interval is calculated as 4 times the hello interval.
14. What happens immediately after two OSPF routers have exchanged hello packets and have formed a
neighbor adjacency?
 They exchange abbreviated lists of their LSDBs.
 They negotiate the election process if they are on a multiaccess network.
 They exchange DBD packets in order to advertise parameters such as hello and dead intervals.
 They request more information about their databases.
Explanation: During the exchange of hello packets, OSPF routers negotiate the election process and set the
OSPF parameters. DBD packets are exchanged after that step has been completed. DBD packets contain
abbreviated lists of link-state information. After that information has been exchanged, OSPF routers exchange
Type 3 LSR packets to request further information.
15. Which statement is correct about multiarea OSPF?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  OSPF can consolidate a fragmented OSPF area into one large area.
 Arranging routers into areas partitions a large autonomous system in order to lighten the load on
routers.
 All routers are in one area called the backbone area (area 0).
 OSPF multiarea increases the frequency of SPF calculation.
Explanation: A company with one large autonomous system or AS can be divided into smaller areas. When
this occurs and the OSPF routing protocol is implemented, the design is called multi-area OSPF. Multi-area
OSPF decreases the frequency of the SPF calculation, thus lightening the load on the router. In a single area
OSPF design, all the routers are located in area 0 or the backbone area.
16. Which OSPF data structure is identical in all routers in an OSPF area after convergence?
 Adjacency database
 Link-state database
 Routing table
 SPF tree
Explanation: Each OSPF router views the network differently as the root of a unique SPF tree. Each router
builds adjacencies based on its own position in the topology. Each routing table in the area is developed
individually through the application of the SPF algorithm. The link-state database for an area, however, must
reflect the same information for all routers. Regardless of which OSPF area a router resides in, the adjacency
database, routing table, and forwarding database are unique for each router. The link-state database lists
information about all other routers within an area and is identical across all OSPF routers participating in that
area.
17. What are the purposes of an OSPF router ID? (Choose two.)
 To enable the SPF algorithm to determine the lowest-cost path to remote networks
 To facilitate router participation in the election of the designated router
 To facilitate the establishment of network convergence
 To facilitate the transition of the OSPF neighbor state to Full
 To uniquely identify the router within the OSPF domain
Explanation: The OSPF router ID does not contribute to SPF algorithm calculations, nor does it facilitate the
transition of the OSPF neighbor state to Full. Although the router ID is contained within OSPF messages when
router adjacencies are being established, it has no bearing on the convergence process.
18. Which statement describes a multiarea OSPF network?
 It consists of multiple network areas that are daisy-chained together.
 It has a core backbone area with other areas connected to the backbone area.
 It has multiple routers that run multiple routing protocols simultaneously, and each protocol consists of an
area.
 It requires a three-layer hierarchical network design approach.
Explanation: A multiarea OSPF network requires hierarchical network design (with two levels). The main area
is called the backbone area, and all other areas must connect to the main area.
19. What are the advantages of using multiarea OSPF? (Choose two.)
 A backbone area is not required.
 It allows OSPFv2 and OSPFv3 to run together.
 It enables multiple routing protocols to run in a large network.
 It improves routing efficiency by reducing the routing table and linkstate update overhead.
 It improves routing performance by dividing the neighbor table into separate smaller ones.
 Topology changes in one area do not cause SPF recalculations in other areas.
Explanation: A multiarea OSPF network improves routing performance and efficiency in a large network. As
the network is divided into smaller areas, each router maintains a smaller routing table because routes between
areas can be summarized. Also, fewer updated routes means fewer LSAs are exchanged, thus reducing the need
for CPU resources. Running multiple routing protocols simultaneously and implementing both IPv4 and IPv6
are not primary considerations for a multiarea OSPF network. With multiarea OSPF, only routers within an area
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
share the same linkstate database. Changes to the network topology in one area do not impact other areas, which
reduces the number of SPF algorithm calculations and the number of link-state databases.
20. Which command can be used to verify the contents of the LSDB in an OSPF area?
 show ip ospf database
 show ip ospf interface
 show ip ospf neighbor
 show ip route ospf
Explanation: The show ip ospf database command is used to verify the contents of the LSDB. The show ip
ospf interface command is used to verify the configuration information of OSPF-enabled interfaces. The show
ip ospf neighbor command is used to gather information regarding OSPF neighbor routers. The show ip route
ospf command displays OSPF-related information in the routing table.
21. Which of the following facilitates hierarchical routing in OSPF?
 1. Auto-summarization
 2. Frequent SPF calculations
 3. The election of designated routers
 4. The use of multiple areas
Explanation: OSPF supports the concept of areas to prevent larger routing tables, excessive SPF calculations,
and large LSDBs. Only routers within an area share link-state information. This allows OSPF to scale in a
hierarchical fashion with all areas that connect to a backbone area.
22. Which step does an OSPF-enabled router take immediately after the OSPF router builds the topology
table?
 Chooses the best path
 Establishes an adjacency with another router
 Exchanges link-state advertisements
 Executes the SPF algorithm
Explanation: The OSPF operation steps are establish neighbor adjacencies, exchange link-state advertisements,
build the topology table, execute the SPF algorithm, and choose the best route.
23. Which type of OSPFv2 packet contains an abbreviated list of the LSDB of a sending router and is
used by receiving routers to check against the local LSDB?
 Database Description
 Link-State Acknowledgment
 Link-State Request
 Link-State Update
Explanation: The Type 2 Database Description (DBD) packet contains an abbreviated list of the LSDB of the
sending router and is used by receiving routers to check against the local LSDB. The LSDB must be identical
on all link-state routers within an area to construct an accurate SPF tree.
24. Which OSPF states are performed prior to two routers forming a neighbor adjacency? (Choose
three.)
 Down
 Exchange
 ExStart
 Init
 Loading
 Two-Way
Explanation: OSPF operation progresses through seven states in establishing neighboring router adjacency,
exchanging routing information, calculating the best routes, and reaching convergence. The Down, Init, and
Two-Way states are involved in the phase of neighboring router adjacency establishment.
25. In an OSPF network, when are DR and BDR elections required?
 When all the routers in an OSPF area cannot form adjacencies
 When the routers are interconnected over a common Ethernet network

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  When the two adjacent neighbors are in two different networks
 When the two adjacent neighbors are interconnected over a point-topoint link
Explanation: When the routers are interconnected over a common Ethernet network, a designated router (DR)
and a backup DR (BDR) must be elected.
26. When an OSPF network is converged and no network topology change has been detected by a router,
how often are LSU packets sent to neighboring routers?
 Every 10 seconds
 Every 40 seconds
 Every 15 minutes
 Every 30 minutes
Explanation: After all LSRs have been satisfied for a given router, the adjacent routers are considered
synchronized and in a Full state. Updates (LSUs) are sent to neighbors only under the following conditions:
 When a network topology change is detected (incremental updates)
 Every 30 minutes

…………………………………………………………………………………………….
2.7.5 Module Quiz – Single-Area OSPFv2 Configuration (Answers)
Mar 26, 2021 Last Updated: Dec 20, 2022 CCNA v7 Course #3, CCNA v7.0 3 Comments
Share TweetSharePin it

2.7.5 Module Quiz – Single-Area OSPFv2 Configuration Answers

Playvolume00:00/01:03Tech around the worldTruvidfullScreen

1. Which criterion is preferred by the router to choose a router ID?

 the IP address of the highest configured loopback interface on the router
 the IP address of the highest active OSPF-enabled interface
 the router-id rid command
 the IP address of the highest active interface on the router
Explanation: The preferred order of criteria for Cisco routers to identify the router ID is: an explicitly
configured router using the router-id rid command; the IP address of any configured loopback interface; and
the IP address of any active interface on the router (it does not have to be an OSPF-enabled interface).
2. Which wildcard mask would be used to advertise the 192.168.5.96/27 network as part of an OSPF
configuration?
 0.0.0.32
 0.0.0.31
 255.255.255.224
 255.255.255.223
Explanation: The wildcard mask can be found by subtracting the subnet mask from 255.255.255.255.
3. The following three networks are directly connected to an OSPF router; 192.168.0.0/24, 192.168.1.0/24,
and 192.168.2.0/24. Which OSPF network command would advertise only the 192.168.1.0 network to
neighbors?
 router(config-router)# network 192.168.1.0 0.0.0.0 area 0
 router(config-router)# network 192.168.1.0 0.0.0.255 area 0
 router(config-router)# network 192.168.1.0 255.255.255.255 area 0
 router(config-router)# network 192.168.0.0 0.0.15.255 area 0
Explanation: To advertise only the 192.168.1.0/24 network the wildcard mask used in the network command
must match the first 24-bits exactly. To match bits exactly, a wildcard mask uses a binary zero. This means that
the first 24-bits of the wildcard mask must be zero. The low order 8-bits can all be set to 1.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
4. Which three parameters should match in order for a pair of routers to form an adjacency when
running OSPFv2? (Choose three.)
 OSPFv2 process number
 OSPFv2 type of network
 router ID
 interface priority
 hello timer
 subnet mask
Explanation: For a couple of routers that are running OSPFv2 to form an adjacency, the following parameters
must match: subnet mask, network type, hello and dead timers, a corresponding network command, and the
authentication information.
5. What are two features of the OSPF routing protocol? (Choose two.)
 used primarily as an EGP
 uses Dijkstra’s algorithm to build the SPF tree
 has an administrative distance of 100
 automatically summarizes networks at the classful boundaries
 calculates its metric using bandwidth
Explanation: Characteristics of OSPF include the following:
– Interior gateway protocol
– Link-state
– Classless
– Cost metric based on bandwidth
– Dijkstra algorithm
– Builds topological map
– Event-driven updates
– Hierarchical design
– Requires additional memory, CPU processing, and more initial bandwidth than other protocols
6. A router with two LAN interfaces, two WAN interfaces, and one configured loopback interface is
operating with OSPF as its routing protocol. What does the router OSPF process use to assign the router
ID?
 the loopback interface IP address
 the highest IP address on the LAN interfaces
 the OSPF area ID that is configured on the interface with the highest IP address
 the IP address of the interface that is configured with priority 0
 the highest IP address that is configured on the WAN interfaces
Explanation: OSPF requires a unique router ID on each router. The router ID can be configured manually with
the # router-id command. If this command is not issued, then the OSPF process will use the highest IPv4
address on an active interface as the router ID, with preference give to loopback interfaces.
7. Which verification command would identify the specific interfaces on a router that were configured
with the passive-interface command?
 show ip protocols
 show ip eigrp neighbors
 show ip interface brief
 show ip route eigrp
Explanation: The show ip protocols command will identify interfaces that are configured as passive.
8. Which command, if applied on an OSPF router, would give a Gigabit Ethernet interface a lower cost
than a Fast Ethernet interface?
 (config-if)# bandwidth 100
 (config-if)# ip ospf priority 1
 (config-router)# auto-cost reference-bandwidth 1000

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  (config-if)# ip ospf cost 100
Explanation: OSPF uses the formula; Cost = 100,000,000 / bandwidth. Because OSPF will only use integers as
cost, any bandwidth of 100 Mb/s or greater will all equal a cost of 1. To change this behavior, a new reference
bandwidth can be configured. The new reference bandwidth will need to be larger than 100,000,000. In this case
it needs to be 1,000,000,000. This is accomplished with the command auto-cost reference-bandwidth 1000,
which means multiply the unit Mb/s by 1000. The result is 1,000,000,000.
9. A network administrator has just changed the router ID on a router that is working in an OSPFv2
environment. What should the administrator do to reset the adjacencies and use the new router ID?
 Configure the network statements.
 Change the OSPFv2 process ID.
 Issue the clear ip ospf process privileged mode command.
 Change the interface priority.
Explanation: If the router ID has changed on a working router, the OSPFv2 process must be cleared for the
new router ID to take effect.
10. Which command can be used to view the OSPF hello and dead time intervals?
 show ip ospf route
 show ip protocols
 show ip ospf interface
 show ip ospf neighbor
Explanation: The OSPF hello and dead timers can be configured per interface. Hence, the correct command
used to view the timers is the show ip ospf interface command. Adding the interface name and number to the
command displays output for a specific interface.
11. What does the SPF algorithm consider to be the best path to a network?
 The path that includes the fastest cumulative bandwidth links.
 The path with the least number of hops.
 The path with the smallest delays.
 The path that includes the fastest single bandwidth link.
Explanation: Link-state protocols use accumulated cost to reach destination networks. The shortest path is not
always the path with the least number of hops but instead the overall fastest pathway.
12. What is one use of the router ID in OSPF routing?
 The router ID indicates the highest IPv4 address of all routers that are participating in OSPF routing.
 The router ID identifies the OSPF area.
 The router ID can be used to break a tie in the election process.
 The router ID indicates the router priority value.
Explanation: The OSPF router ID uniquely identifies each router within an OSPF area, and allows each router
to participate in the election process in that area. On multiaccess networks, if there is no router priority value
configured on the routers, and if there is a tie in the election, the router with the highest router ID is elected DR.
The router priority value is a value chosen by the administrator and manually configured on the router. The
administrator can manually configure the router ID, or the router can automatically assign itself its highest IPv4
loopback or physical address as the router ID. That interface has to be up but does not have to be participating
in the OSPF process.
13. What is the first criterion used by OSPF routers to elect a DR?
 highest priority
 highest router ID
 highest MAC address
 highest IP address
Explanation: When electing a DR, the router with the highest OSPF priority becomes the DR. If all routers
have the same priority, then the router with the highest router ID is elected.
14. Which command could be used on a router to ensure that an OSPF adjacency is formed with another
router?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  show ip protocols
 show ip ospf interface
 show ip route
 show ip ospf neighbor
 show ip interface brief
Explanation: The show ip ospf neighbor command is a common command to use when an expected route
does not appear in the routing table from the OSPFv2 routing protocol.
15. A router in an OSPF enterprise network has a default static route that has been configured via the
interface that connects to the ISP. Which command would the network administrator apply on this
router so that other routers in the OSPF network will use this default route?
 redistribute connected
 redistribute static
 redistribute static subnets
 default-information originate
Explanation: When an OSPF router is configured with a static route first and the default-information
originate router configuration command is applied, the router declares itself to be the source of the default route
information and propagates the default static route in OSPF updates to all other routers in the OSPF area.
16. A router is participating in an OSPFv2 domain. What will always happen if the Dead interval expires
before the router receives a Hello packet from an adjacent OSPF router?
 A new Dead interval timer of four times the Hello interval will start.
 OSPF will remove that neighbor from the router’s link-state database.
 OSPF will run a new DR/BDR election.
 SPF will run and determine which neighbor router is down.
Explanation: On Cisco routers, the default Dead interval is four times the Hello interval, and this timer has
expired in this case. SPF does not determine the state of neighbor routers; it determines which routes become
routing table entries. A DR/DBR election does not always automatically run; it depends on the type of network
and on whether or not the router that is no longer up was a DR or BDR.
17. Which command would be used to determine if an OSPF routing protocol- initiated relationship had
been made with an adjacent router?
 ping
 show ip interface brief
 show ip ospf neighbor
 show ip protocols
Explanation: While the show ip interface brief and ping commands can be used to determine if Layer 1, 2,
and 3 connectivity exists, neither command can be used to determine whether a particular OSPF or EIGRP-
initiated relationship has been made. The show ip protocols command is useful in determining the routing
parameters such as timers, router ID, and metric information associated with a specific routing protocol.
The show ip ospf neighbor command shows if two adjacent routers have exchanged OSPF messages in order
to form a neighbor relationship.
18. Which command is used to verify the OSPFv2 router ID, the interfaces explicitly configured to
advertise OSPF routes, the passive interfaces, the neighbors the router is receiving updates from, and the
default administrative distance, which is 110 for OSPF?
 show ip interface brief
 show ip ospf interface
 show ip protocols
 show ip route ospf
Explanation: The show ip ospf interface command verifies the active OSPF interfaces. The show ip interface
brief command is used to check that the interfaces are operational. The show ip route ospf command displays
the entries that are learned via OSPF in the routing table. The show ip protocols command checks that OSPF is
enabled and lists the networks that are advertised.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
19. Two OSPFv2 routers are interconnected using a point-to-point WAN link.Which command could be
used to verify the configured Hello and Dead timer intervals?
 show ip ospf neighbor
 show ip ospf interface fastethernet 0/1
 show ip ospf interface serial 0/0/0
 show ipv6 ospf interface serial 0/0/0
Explanation: The show ip ospf interface serial 0/0/0 command displays the configured Hello and Dead timer
intervals on a point-to-point serial WAN link between two OSPFv2 routers. The show ipv6 ospf interface
serial 0/0/0 command displays the configured Hello and Dead timer intervals on a point-to-point serial link
between two OSPFv3 routers. The show ip ospf interface fastethernet 0/1 command displays the configured
Hello and Dead timer intervals on a multiaccess link between two (or more) OSPFv2 routers. The show ip ospf
neighbor command displays the Dead interval elapsed time since the last Hello message was received, but it
does not show the configured value of the timer.
20. You are troubleshooting convergence and adjacency issues in an OSPFv2 network and have noticed
that network route entries are missing from the routing table. Which commands provide additional
information about the state of router adjacencies, timer intervals, and the area ID? (Choose two.)
 show ip ospf interface
 show ip ospf neighbor
 show ip protocols
 show ip route ospf
 show running-configuration
Explanation: The show ip ospf interface command displays routing table information that is already known.
The show ip ospf neighbors command displays adjacency information on neighboring OSPF routers. The show
runningconfiguration and show ip protocols commands display aspects of the OSPF configuration on the
router but do not display adjacency state details or timer interval details.
21. A network engineer has manually configured the Hello interval to 15 seconds on an interface of a
router that is running OSPFv2. By default, how will the Dead interval on the interface be affected?
 The Dead interval will not change from the default value.
 The Dead interval will now be 15 seconds.
 The Dead interval will now be 30 seconds.
 The Dead interval will now be 60 seconds.
Explanation: Cisco IOS automatically modifies the Dead interval to four times the Hello interval.
22. To establish a neighbor adjacency, two OSPF routers exchange Hello packets. Which values in the
Hello packets must match on the two routers? (Choose two.)
 1. Dead interval
 2. Hello interval
 3. List of neighbors
 4. Router ID
 5. Router priority
Explanation: The Hello and Dead interval timers contained in a Hello packet must be the same on neighboring
routers in order to form an adjacency.
23. What is the default router priority value for all Cisco OSPF routers?
 0
 1
 10
 255
Explanation: The router priority value is used in a DR/BDR election. The default priority for all OSPF routers
is 1, but it can be manually altered to any value from 0 to 255.
24. What indicates to a link-state router that a neighbor is unreachable?
 The router no longer receives Hello packets.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  The router no longer receives routing updates.
 The router receives an LSP with previously learned information.
 The router receives an update with a hop count of 16.
Explanation: OSPF routers send Hello packets to monitor the state of a neighbor. When a router stops
receiving Hello packets from a neighbor, that neighbor is considered unreachable, and the adjacency is broken.
25. Which of the following will OSPF use when it chooses its router ID?
 A loopback interface that is configured with the highest IP address on the router
 The highest active interface IP address that is configured on the router
 The lowest active interface IP address that is configured on the router
 The highest active interface that participates in the routing process because of a specifically configured
network statement
Explanation: A. The first preference for an OSPF router ID is an explicitly configured 32-bit address. This
address is not included in the routing table and is not defined by the network command. If a router ID that is
configured through the router-id command is not available, OSPF routers next use the highest IPv4 address
available on a loopback interface, as loopbacks used as router IDs are also not routable addresses. Lacking
either of these alternatives, an OSPF router will use the highest IPv4 address from its active physical interfaces.
26. An OSPF router has three directly connected networks; 10.1.0.0/16, 10.1.1.0/16, and 10.1.2.0/16.
Which OSPF network command would advertise only the 10.1.1.0 network to neighbors?
 router(config-router)# network 10.1.0.0 0.0.15.255 area 0
 router(config-router)# network 10.1.1.0 0.0.0.0 area 0
 router(config-router)# network 10.1.1.0 0.0.0.255 area 0
 router(config-router)# network 10.1.1.0 0.0.255.255 area 0
Explanation: To advertise only the 10.1.1.0 network, the wildcard mask used in the network command must
match the first 24 bits exactly. An alternative method of configuring this would also be to use the network
10.1.1.0 255.255.255.0 area 0 command.
27. By default, what is the OSPF cost for a link with Gigabit Ethernet interfaces?
 1
 100
 10000
 100000000
Explanation: OSPF uses the formula Cost = 100,000, 000 / bandwidth. Because OSPF will only use integers as
cost, any bandwidth of 100 Mbps or greater will equal a cost of 1.
28. An administrator is configuring single-area OSPF on a router. One of the networks that must be
advertised is 64.100.1.64 255.255.255.192. Which OSPF network statement should be configured?
 network 64.100.1.64 0.0.0.15 area 0
 network 64.100.1.64 0.0.0.31 area 0
 network 64.100.1.64 0.0.0.63 area 0
 network 64.100.1.64 0.0.0.127 area 0
Explanation: The correct network statement is network 64.100.1.64 0.0.0.63 area 0.
29. Which of these factors will prevent two routers from forming an OSPFv2 adjacency? (Choose two.)
 Mismatched Cisco IOS versions
 Mismatched Ethernet interfaces (for example, Fa0/0 to G0/0)
 Mismatched OSPF Hello or Dead timers
 Mismatched subnet masks on the link interfaces
 Use of private IP addresses on the link interfaces
Explanation: There may be several reasons two routers running OSPF will fail to form an OSPF adjacency,
including subnet masks not matching, OSPF Hello or Dead timers not matching, OSPF network types not
matching, and a missing or incorrect OSPF network command. Mismatched IOS versions, the use of private IP
addresses, and different types of interface ports used are not causes for an OSPF adjacency failing to form
between two routers.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
…………………………………………………………………………………………….
1. The IT department is reporting that a company web server is receiving an abnormally high number of
web page requests from different locations simultaneously. Which type of security attack is occurring?
 spyware
 phishing
 DDoS
 social engineering
 adware
Explanation: Phishing, spyware, and social engineering are security attacks that collect network and user
information. Adware consists, typically, of annoying popup windows. Unlike a DDoS attack, none of these
attacks generate large amounts of data traffic that can restrict access to network services.
2. What causes a buffer overflow?
 downloading and installing too many software updates at one time
 attempting to write more data to a memory location than that location can hold
 sending too much information to two or more interfaces of the same device, thereby causing dropped
packets
 sending repeated connections such as Telnet to a particular device, thus denying other data sources
 launching a security countermeasure to mitigate a Trojan horse
Explanation: By sending too much data to a specific area of memory, adjacent memory locations are
overwritten, which causes a security issue because the program in the overwritten memory location is affected.
3. Which objective of secure communications is achieved by encrypting data?
 authentication
 confidentiality
 integrity
 availability
Explanation: When data is encrypted, it is scrambled to keep the data private and confidential so that only
authorized recipients can read the message. A hash function is another way of providing confidentiality.
4. What type of malware has the primary objective of spreading across the network?
 virus
 botnet
 Trojan horse
 worm
Explanation: The main purpose of a worm is to self-replicate and propagate across the network. A virus is a
type of malicious software that needs a user to spread. A trojan horse is not self-replicating and disguises itself
as a legitimate application when it is not. A botnet is a series of zombie computers working together to wage a
network attack.
5. Which algorithm can ensure data confidentiality?
 MD5
 PKI
 AES
 RSA
Explanation: Data confidentiality is ensured through symmetric encryption algorithms, including DES, 3DES,
and AES.
6. What three items are components of the CIA triad? (Choose three.)
 scalability
 access
 intervention
 confidentiality
 integrity

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  availability
Explanation: The CIA triad contains three components: confidentiality, integrity, and availability. It is a
guideline for information security for an organization.
7. Which cyber attack involves a coordinated attack from a botnet of zombie computers?
 address spoofing
 ICMP redirect
 DDoS
 MITM
Explanation: DDoS is a distributed denial-of-services attack. A DDoS attack is launched from multiple
coordinated sources. The sources of the attack are zombie hosts that the cybercriminal has built into a botnet.
When ready, the cybercriminal instructs the botnet of zombies to attack the chosen target.
8. What specialized network device is responsible for enforcing access control policies between networks?
 firewall
 switch
 IDS
 bridge
Explanation: Firewalls are used to permit or block traffic between networks according to access control
policies.
9. To which category of security attacks does man-in-the-middle belong?
 DoS
 access
 reconnaissance
 social engineering
Explanation: With a man-in-the-middle attack, a threat actor is positioned in between two legitimate entities in
order to read, modify, or redirect the data that passes between the two parties.
10. What is the role of an IPS?
 to detect patterns of malicious traffic by the use of signature files
 to enforce access control policies based on packet content
 to filter traffic based on defined rules and connection context
 to filter traffic based on Layer 7 information
Explanation: For detecting malicious activity, an IPS uses a set of rules called signatures to detect patterns in
network traffic.
11. Which type of DNS attack involves the cybercriminal compromising a parent domain and creating
multiple subdomains to be used during the attacks?
 tunneling
 cache poisoning
 amplification and reflection
 shadowing
Explanation: Two threats to DNS are DNS shadowing and DNS tunneling attacks. DNS shadowing attacks
compromise a parent domain and then the cybercriminal creates subdomains to be used in attacks. DNS
tunneling attacks build botnets to bypass traditional security solutions. Three threats to DNS open resolvers are
cache poisoning, amplification and reflection, and resource utilization attacks.
12. Which two types of hackers are typically classified as grey hat hackers? (Choose two.)
 script kiddies
 cyber criminals
 vulnerability brokers
 state-sponsored hackers
 hacktivists
Explanation: Grey hat hackers may do unethical or illegal things, but not for personal gain or to cause damage.
Hacktivists use their hacking as a form of political or social protest, and vulnerability brokers hack to uncover
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
weaknesses and report them to vendors. Depending on the perspective one possesses, state-sponsored hackers
are either white hat or black hat operators. Script kiddies create hacking scripts to cause damage or disruption.
Cyber criminals use hacking to obtain financial gain by illegal means.
13. What is a significant characteristic of virus malware?
 Virus malware is only distributed over the Internet.
 Once installed on a host system, a virus will automatically propagate itself to other systems.
 A virus can execute independently of the host system.
 A virus is triggered by an event on the host system.
Explanation: A virus is malicious code that is attached to a legitimate program or executable file, and requires
specific activation, which may include user actions or a time-based event. When activated, a virus can infect the
files it has not yet infected, but does not automatically propagate itself to other systems. Self-propagation is a
feature of worms. In addition to being distributed over the Internet, viruses are also spread by USB memory
sticks, CDs, and DVDs.
14. A cleaner attempts to enter a computer lab but is denied entry by the receptionist because there is no
scheduled cleaning for that day. What type of attack was just prevented?
 phishing
 shoulder surfing
 war driving
 social engineering
 Trojan
Explanation: Social engineering is when a person attempts to manipulate another individual to gain access to
information or resources to which they are not entitled.
15. Which network security statement is true?
 All threats come from external networks.
 Internal threats are always accidental.
 Internal threats are always intentional.
 Internal threats can cause greater damage than external threats.
Explanation: Internal threats can be intentional or accidental and can cause greater damage than external
threats because an internal user has direct access to the internal corporate network and corporate data.
16. What commonly motivates cybercriminals to attack networks as compared to hacktivists or
statesponsored hackers?
 Fame seeking
 Financial gain
 Political reasons
 Status among peers
Explanation: Cybercriminals are commonly motivated by money. Hackers are known to hack for status.
Cyberterrorists are motivated to commit cybercrimes for religious or political reasons.
17. Which type of hacker is motivated by protesting political and social issues?
 Cybercriminal
 Hacktivist
 Script kiddie
 Vulnerability broker
Explanation: Hackers are categorized by motivating factors. Hacktivists are motivated by protesting political
and social issues.
18. What is Trojan horse malware?
 It is malware that can only be distributed over the internet.
 It is software that appears useful but includes malicious code.
 It is software that causes annoying computer problems.
 It is the most easily detected form of malware.
Explanation: Trojan horse malware appears as useful software but hides malicious code. Trojan horse malware
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
may cause annoying computer problems, but it can also cause fatal problems. Some Trojan horses may be
distributed over the internet, but they can also be distributed by USB memory sticks and other means.
Specifically targeted Trojan horse malware can be some of the most difficult malware to detect.
19. A user receives a call from someone in IT services, asking her to confirm her username and password
for auditing purposes. Which security threat does this represent?
 Anonymous keylogging
 DDoS
 Social engineering
 Spam
Explanation: Social engineering involves attempting to gain the confidence of an employee and convince that
person to divulge confidential and sensitive information, such as usernames and passwords. DDoS attacks,
spam, and keylogging are all examples of software-based security threats, not social engineering.
20. What is a ping sweep?
 A DNS query and response protocol
 A network scanning technique that involves identifying active IP addresses
 A type of packet capturing software
 A TCP and UDP port scanner to detect open services
Explanation: A ping sweep is a technique that is used during a reconnaissance attack to locate line IP
addresses. Other tools that might be used during this type of attack include a port scan or an internet information
query. A reconnaissance attack is used to gather information about a particular network, usually in preparation
for another type of network attack.
21. How are zombies used in security attacks?
 Zombies are infected machines that carry out a DDoS attack.
 Zombies are maliciously formed code segments used to replace legitimate applications.
 Zombies probe a group of machines for open ports to learn which services are running.
 Zombies target specific individuals to gain corporate or personal information.
Explanation: Zombies are infected computers that make up a botnet. They are used to deploy a distributed
denial-of-service (DDoS) attack.
22. What is used to decrypt data that has been encrypted using an asymmetric encryption algorithm
public key?
 A different public key
 A digital certificate
 A private key
 DH
Explanation: When an asymmetric algorithm is used, public and private keys are used for the encryption.
Either key can be used for encryption, but the complementary matched key must be used for the decryption. For
example, if the public key is used for encryption, the private key must be used for the decryption.
23. What are the SHA hash generating algorithms used for?
 Authentication
 Confidentiality
 Integrity
 Nonrepudiation
Explanation: Integrity is ensured by implementing SHA hash generating algorithms. Many modern networks
ensure authentication with protocols such as HMACs. Data confidentiality is ensured through symmetric
encryption algorithms, including 3DES and AES. Data confidentiality can also be ensured using asymmetric
algorithms.
24. Which of the following is true of an IPS?
 It can stop malicious packets.
 It has no impact on latency.
 It is deployed in offline mode.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  It is primarily focused on identifying possible incidents.
Explanation: An advantage of an intrusion prevention system (IPS) is that it can identify and stop malicious
packets. However, because an IPS is deployed inline, it can add latency to the network.
25. What is the term used to describe unethical criminals who compromise computer and network
security for personal gain or for malicious reasons?
 Black hat hackers
 Hacktivists
 Script kiddies
 Vulnerability broker
Explanation: Black hat hackers are unethical threat actors who use their skills to compromise computer and
network security vulnerabilities. The goal is usually financial gain or personal gain, or the hacker may have
malicious intent. A vulnerability broker is a gray hat hacker who attempts to discover exploits and report them
to vendors, sometimes for prizes or rewards. Hacktivists are gray hat hackers who publicly protest organizations
or governments by posting articles or videos, leaking sensitive information, and performing network attacks.
Script kiddies are inexperienced hackers (sometimes teenagers) running existing scripts, tools, and exploits to
cause harm—but typically not for profit.
26. What is the term used to describe a potential danger to a company’s assets, data, or network
functionality?
 Asymmetric encryption algorithm
 Exploit
 Threat
 Vulnerability
Explanation: A threat is a potential danger to a company’s assets, data, or network functionality. An exploit is
a mechanism that takes advantage of a vulnerability. A vulnerability is a weakness in a system, or its design,
that could be exploited by a threat.
27. What term is used to describe a guarantee that a message is not a forgery and does actually come
from the person who is supposed to have sent it?
 Data nonrepudiation
 Exploit
 Mitigation
 Origin authentication
Explanation: Origin authentication guarantees that a message is not a forgery and does actually come from the
person who is supposed to have sent it. Data nonrepudiation guarantees that the sender cannot repudiate, or
refute, the validity of a message sent. An exploit is a mechanism that takes advantage of a vulnerability.
Mitigation describes a countermeasure to eliminate or reduce the potential of a threat or risk.
28. What term is used to describe a mechanism that takes advantage of a vulnerability?
 Asymmetric encryption algorithm
 Exploit
 Threat
 Vulnerability
Explanation: An exploit is a mechanism that takes advantage of a vulnerability. A threat is a potential danger
to a company’s assets, data, or network functionality. A vulnerability is a weakness in a system, or its design,
that could be exploited by a threat.
29. Which of the following guarantees that the sender cannot repudiate, or refute, the validity of a
message sent?
 Data nonrepudiation
 Exploit
 Mitigation
 Origin authentication
Explanation: Data nonrepudiation guarantees that the sender cannot repudiate, or refute, the validity of a
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
message sent. An exploit is a mechanism that takes advantage of a vulnerability. Mitigation is a countermeasure
to eliminate or reduce the potential of a threat or risk. Origin authentication guarantees that a message is not a
forgery and does actually come from the person who is supposed to have sent it.
…………………………………………………………………………………………….
1. Which two conditions would cause a router to drop a packet? (Choose two.)
 The ACL that is affecting the packet does not contain at least one deny ACE.
 No routing table entry exists for the packet destination, but the packet matches a permitted address
in an outbound ACL.
 No outbound ACL exists on the interface where the packet exits the router.
 No inbound ACL exists on the interface where the packet enters the router.
 The packet source address does not match the source as permitted in a standard inbound ACE.
Explanation: Routers will drop any packets for which no routing table destination can be found. ACLs are not
required on interfaces, but if one exists and the IP address of the source in the packet does not match that
permitted in a standard ACL, the packet will be dropped. ACLs can contain multiple permit and deny ACEs, but
generally should contain at least one permit ACE, because ACLs contain an implicit deny ACE at the end.
2. A network administrator configures an ACL with the command R1(config)# access-list 1 permit
172.16.0.0 0.0.15.255. Which two IP addresses will match this ACL statement? (Choose two.)
 172.16.16.12
 172.16.31.24
 172,16.65.21
 172.16.0.255
 172.16.15.36
Explanation: The wildcard mask indicates that any IP address within the range of 172.16.0.0 to 172.16.15.255
matches.
3. Which two statements describe appropriate general guidelines for configuring and applying ACLs?
(Choose two.)
 Multiple ACLs per protocol and per direction can be applied to an interface.
 If a single ACL is to be applied to multiple interfaces, it must be configured with a unique number for each
interface.
 The most specific ACL statements should be entered first because of the top-down sequential nature
of ACLs.
 If an ACL contains no permit statements, all traffic is denied by default.
 Standard ACLs are placed closest to the source, whereas extended ACLs are placed closest to the
destination.
Explanation: An interface can only have one ACL per direction. Standard ACLs filter only on the source
address, so they are normally placed closest to the destination. Extended ACLs filter on source and destination
addresses and port numbers. They are commonly placed closest to the source to reduce traffic across the
network or networks. A single ACL can be applied to multiple interfaces.
4. What single access list statement matches all of the following networks?
192.168.16.0
192.168.17.0
192.168.18.0
192.168.19.0
 access-list 10 permit 192.168.16.0 0.0.3.255
 access-list 10 permit 192.168.0.0 0.0.15.255
 access-list 10 permit 192.168.16.0 0.0.0.255
 access-list 10 permit 192.168.16.0 0.0.15.255
Explanation: The ACL statement access-list 10 permit 192.168.16.0 0.0.3.255 will match all four network
prefixes. All four prefixes have the same 22 high order bits. These 22 high order bits are matched by the
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
network prefix and wildcard mask of 192.168.16.0 0.0.3.255.
5. Which three statements describe ACL processing of packets? (Choose three.)
 A packet can either be rejected or forwarded as directed by the ACE that is matched.
 A packet that does not match the conditions of any ACE will be forwarded by default.
 Each statement is checked only until a match is detected or until the end of the ACE list.
 Each packet is compared to the conditions of every ACE in the ACL before a forwarding decision is made.
 An implicit deny any rejects any packet that does not match any ACE.
 A packet that has been denied by one ACE can be permitted by a subsequent ACE.
Explanation: When a packet comes into a router that has an ACL configured on the interface, the router
compares the condition of each ACE to determine if the defined criteria has been met. If met, the router takes
the action defined in the ACE (allows the packet through or discards it). If the defined criteria has not been met,
the router proceeds to the next ACE. An implicit deny any statement is at the end of every standard ACL.
6. A network administrator is configuring an ACL to restrict access to certain servers in the data center.
The intent is to apply the ACL to the interface connected to the data center LAN. What happens if the
ACL is incorrectly applied to an interface in the inbound direction instead of the outbound direction?
 All traffic is denied.
 All traffic is permitted.
 The ACL does not perform as designed.
 The ACL will analyze traffic after it is routed to the outbound interface.
Explanation: Always test an ACL to ensure that it performs as it was designed. Applying an ACL that is
applied using the ip access-group in command instead of using the ip access-group out command is not going
to work as designed.
7. Which scenario would cause an ACL misconfiguration and deny all traffic?
 Apply a standard ACL using the ip access-group outcommand.
 Apply a named ACL to a VTY line.
 Apply an ACL that has all deny ACE statements.
 Apply a standard ACL in the inbound direction.
Explanation: Having all ACEs with deny statements denies all traffic because there is an implicit deny
any command at the end of every standard ACL.
8. In applying an ACL to a router interface, which traffic is designated as outbound?
 traffic that is leaving the router and going toward the destination host
 traffic that is coming from the source IP address into the router
 traffic for which the router can find no routing table entry
 traffic that is going from the destination IP address into the router
Explanation: Inbound and outbound are interpreted from the point of view of the router. Traffic that is
designated in an inbound ACL will be denied or permitted when coming into that router interface from a source.
Traffic that is designated in an outbound ACL will be denied or permitted when going out the interface to the
destination.
9. When creating an ACL, which keyword should be used to document and interpret the purpose of the
ACL statement on a Cisco device?
 remark
 description
 established
 eq
Explanation: In order to document the purpose of an ACL and identify its function more easily,
the remark keyword is used when building the ACL. The established keyword is used to allow connections
that were initially sourced from the current device. The eq operator is used to specify a port number for denying
or permitting traffic. The description keyword is used when configuring and documenting interfaces.
10. Which location is recommended for extended numbered or extended named ACLs?
 a location as close to the destination of traffic as possible

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  a location as close to the source of traffic as possible
 a location centered between traffic destinations and sources to filter as much traffic as possible
 if using the established keyword, a location close to the destination to ensure that return traffic is allowed
Explanation: Extended ACLs are normally placed as close to the source as possible. Standard ACLs are placed
as close to the destination as possible because a standard ACL only has the source IP address listed as part of
the ACE.
11. Which range represents all the IP addresses that are affected when network 10.120.160.0 with a
wildcard mask of 0.0.7.255 is used in an ACE?
 10.120.160.0 to 10.120.167.255
 10.120.160.0 to 10.127.255.255
 10.120.160.0 to 10.120.191.255
 10.120.160.0 to 10.120.168.0
Explanation: A wildcard mask of 0.0.7.255 means that the first 5 bits of the 3rd octet must remain the same but
the last 3 bits can have values from 000 to 111. The last octet has a value of 255, which means the last octet can
have values from all zeros to all 1s.
12. A college student is studying for the Cisco CCENT certification and is visualizing extended access
lists. Which three keywords could immediately follow the keywords permit or deny as part of an
extended access list? (Choose three.)
 telnet
 tcp
 udp
 www
 icmp
 ftp
Explanation: Four commonly used keywords that could follow the keywords permit or deny in an IPv4
extended access list are ip, tcp, udp, and icmp. If the keyword ip is used, then the entire TCP/IP suite is
affected (all TCP/IP protocols).
13. If the provided ACEs are in the same ACL, which ACE should be listed first in the ACL according to
best practice?
 permit tcp 172.16.0.0 0.0.3.255 any established
 deny tcp any any eq telnet
 deny udp any host 172.16.1.5 eq snmptrap
 permit udp any any range 10000 20000
 permit udp 172.16.0.0 0.0.255.255 host 172.16.1.5 eq snmptrap
 permit ip any any
Explanation: A best practice for configuring an extended ACL is to ensure that the most specific ACE is
placed higher in the ACL. Consider the two permit UDP statements. If both of these were in an ACL, the SNMP
ACE is more specific than the UDP statement that permits a range of 10,001 UDP port numbers. The SNMP
ACE would be entered before the other UDP ACE. The ACEs from most specific to least specific are as
follows:
– permit udp 172.16.0.0 0.0.255.255 host 172.16.1.5 eq snmptrap
– deny udp any host 172.16.1.5 eq snmptrap
– permit tcp 172.16.0.0 0.0.3.255 any established
– deny tcp any any eq telnet
– permit udp any any range 10000 20000
– permit ip any any
14. Which operator is used in an ACL statement to match packets of a specific application?
 established
 It
 eq

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  gt
Explanation: An example of an ACL that filters for FTP is as follows:
access-list 105 permit tcp any host 10.0.54.5 eq 20
access-list 105 permit tcp any host 10.0.54.5 eq 21
The operator (eq) toward the end of the ACL lines is used to match a specific port/service that is specified
immediately following the eq operator.
15. What two functions describe uses of access control lists? (Choose two.)
 ACLs assist a router in determining the best path to a destination.
 ACLs can control which areas a host can access on a network.
 ACLs provide a basic level of security for network access.
 Standard ACLs can filter traffic based on source and destination network addresses.
 Standard ACLs can restrict access to specific applications and ports.
Explanation: An ACL can be configured as a simple firewall that provides security using basic traffic filtering
capabilities. ACLs are used to filter host traffic by allowing or blocking matching packets to networks.
16. Which three statements describe how an ACL processes packets? (Choose three.)
 A packet is compared with all ACEs in the ACL before a forwarding decision is made.
 A packet that has been denied by one ACE can be permitted by a subsequent ACE.
 An implicit deny at the end of an ACL rejects any packet that does not match an ACE.
 Each ACE is checked only until a match is detected or until the end of the ACL.
 If an ACE is matched, the packet is either rejected or forwarded, as directed by the ACE.
 If an ACE is not matched, the packet is forwarded by default.
Explanation: If the information in a packet header and an ACL statement match, the rest of the statements in
the list are skipped, and the packet is permitted or denied as specified by the matched statement. If a packet
header does not match an ACL statement, the packet is tested against the next statement in the list. This
matching process continues until the end of the list is reached. At the end of every ACL is an implicit “deny
any” statement that is applied to all packets for which conditions did not test true and results in a “deny” action.
17. Which three statements are best practices related to placement of ACLs? (Choose three.)
 Filter unwanted traffic before it travels onto a low-bandwidth link.
 For every inbound ACL placed on an interface, ensure that there is a matching outbound ACL.
 Place extended ACLs close to the destination IP address of the traffic.
 Place extended ACLs close to the source IP address of the traffic.
 Place standard ACLs close to the destination IP address of the traffic.
 Place standard ACLs close to the source IP address of the traffic.
Explanation: Extended ACLs should be placed as close as possible to the source IP address so that traffic that
needs to be filtered does not cross the network and use network resources. Because standard ACLs do not
specify a destination address, they should be placed as close to the destination as possible. Placing a standard
ACL close to the source may have the effect of filtering all traffic and limiting services to other hosts. Filtering
unwanted traffic before it enters low-bandwidth links preserves bandwidth and supports network functionality.
Decisions on placing ACLs inbound or outbound are dependent on the requirements to be met.
18. Which two characteristics are shared by standard and extended ACLs? (Choose two.)
 Both filter packets for a specific destination host IP address.
 Both include an implicit deny as a final entry.
 Both permit or deny specific services by port number.
 They both filter based on protocol type.
 They can be created by using either descriptive names or numbers.
Explanation: Standard ACLs filter traffic based solely on a specified source IP address. Extended ACLs can
filter by source or destination, protocol, or port. Both standard and extended ACLs contain an implicit deny as a
final ACE. Standard and extended ACLs can be identified by either names or numbers.
19. Which two statement describes a difference between the operation of inbound and outbound ACLs?
(Choose two.)
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  Inbound ACLs are processed before the packets are routed.
 Inbound ACLs can be used in both routers and switches.
 Multiple inbound ACLs can be applied to an interface.
 Multiple outbound ACLs can be applied to an interface.
 Outbound ACLs are processed after the routing is completed.
 Outbound ACLs can be used only on routers.
 Unlike outbound ACLs, inbound ACLs can be used to filter packets with multiple criteria.
Explanation: With an inbound ACL, incoming packets are processed before they are routed. With an outbound
ACL, packets are first routed to the outbound interface, and then they are processed. Thus, processing inbound
is more efficient from the router’s perspective. The structure, filtering methods, and limitations (that is, only one
inbound and one outbound ACL can be configured on an interface) are the same for both types of ACLs.
20. In which configuration would an outbound ACL placement be preferred over an inbound ACL
placement?
 When a router has more than one ACL
 When an interface is filtered by an outbound ACL and the network attached to the interface is the source
network being filtered within the ACL
 When an outbound ACL is closer to the source of the traffic flow
 When the ACL is applied to an outbound interface to filter packets coming from multiple inbound
interfaces before the packets exit the interface
Explanation: An outbound ACL should be used when the same ACL filtering rules will be applied to packets
coming from more than one inbound interface before exiting a single outbound interface. The outbound ACL
will be applied on the single outbound interface.
21. What wildcard mask will match networks 10.16.0.0 through 10.19.0.0?
 0.252.255.255
 0.0.255.255
 0.0.3.255
 0.3.255.255
Explanation: The subnets 10.16.0.0 through 10.19.0.0 all share the same 14 high-level bits. A wildcard mask in
binary that matches 14 high-order bits is 00000000.00000011.11111111.11111111. In dotted decimal, this
wildcard mask is 0.3.255.255.
22. What type of ACL offers increased flexibility and control over network traffic?
 Extended
 Extensive
 Named standard
 Numbered standard
Explanation: The two types of ACLs are standard and extended. Both types can be named or numbered, but
extended ACLs offer greater flexibility. Extended ACLs provide the most options and therefore the most
filtering control.
23. Which statement describes a characteristic of standard IPv4 ACLs?
 They can be configured to filter traffic based on both source IP addresses and source ports.
 They can be created with a number but not with a name.
 They filter traffic based on destination IP addresses only.
 They filter traffic based on source IP addresses only.
Explanation: A standard IPv4 ACL can filter traffic based on source IP addresses only. Unlike an extended
ACL, it cannot filter traffic based on Layer 4 ports. However, both standard and extended ACLs can be
identified with either numbers or names, and both are configured in global configuration mode.
24. What wildcard mask will match network 10.10.100.64/26?
 0.0.0.15
 0.0.0.31
 0.0.0.63

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  0.0.0.127
Explanation: A /26 is 255.255.255.192. Therefore, 255.255.255.255 – 255.255.255.192 = 0.0.0.63.
…………………………………………………………………………………………….
1. The computers used by the network administrators for a school are on the 10.7.0.0/27 network. Which
two commands are needed at a minimum to apply an ACL that will ensure that only devices that are used
by the network administrators will be allowed Telnet access to the routers? (Choose two.)
 access-class 5 in
 access-list standard VTY
permit 10.7.0.0 0.0.0.127
 access-list 5 permit 10.7.0.0 0.0.0.31
 ip access-group 5 in
 ip access-group 5 out
 access-list 5 deny any
Explanation: Numbered and named access lists can be used on vty lines to control remote access. The first
ACL command, access-list 5 permit 10.7.0.0 0.0.0.31, allows traffic that originates from any device on the
10.7.0.0/27 network. The second ACL command, access-class 5 in, applies the access list to a vty line.
2. Consider the configured access list.

R1# show access-lists

extended IP access list 100

deny tcp host 10.1.1.2 host 10.1.1.1 eq telnet

deny tcp host 10.1.2.2 host 10.1.2.1 eq telnet

permit ip any any (15 matches)

What are two characteristics of this access list? (Choose two.)

 Only the 10.1.1.2 device can telnet to the router that has the 10.1.1.1 IP address assigned.
 The 10.1.2.1 device is not allowed to telnet to the 10.1.2.2 device.
 Any device can telnet to the 10.1.2.1 device.
 A network administrator would not be able to tell if the access list has been applied to an interface or not.
 Any device on the 10.1.1.0/24 network (except the 10.1.1.2 device) can telnet to the router that has
the IP address 10.1.1.1 assigned.
 The access list has been applied to an interface.
Explanation: The access list stops Telnet traffic from the 10.1.1.2 device to the 10.1.1.1 device. It also stops
Telnet traffic from 10.1.2.2 device to 10.1.2.1. All other TCP/IP-based transmissions are allowed. The access
list is working because there have been 15 matches on the last ACE.
3. Which command will verify the number of packets that are permitted or denied by an ACL that
restricts SSH access?
 show ip interface brief
 show ip ssh
 show running-config
 show access-lists
Explanation: The show-access lists command will display each line of an access list and the number of
matches to each statement. The show running-config command will show the statements as they were
configured, but provides no information on matches. The show ip ssh command gives general information
about the SSH configuration.
4. Which access list statement permits HTTP traffic that is sourced from host 10.1.129.100 port 4300 and
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
destined to host 192.168.30.10?
 access-list 101 permit tcp any eq 4300
 access-list 101 permit tcp 192.168.30.10 0.0.0.0 eq 80 10.1.0.0 0.0.255.255
 access-list 101 permit tcp 10.1.129.0 0.0.0.255 eq www 192.168.30.10 0.0.0.0 eq www
 access-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 4300 192.168.30.0 0.0.0.15 eq www
 access-list 101 permit tcp host 192.168.30.10 eq 80 10.1.0.0 0.0.255.255 eq 4300
Explanation: The HTTP protocol uses port 80 and is designated in an ACL using the eq 80 parameter or by
using eq www. The first IP address listed in an ACL is the source address along with the appropriate wildcard
mask. With a source IP address of 10.1.128.0 and a wildcard mask of 0.0.1.255, then IP addresses from
10.1.128.0 to 10.1.129.255 are permitted.
5. When configuring router security, which statement describes the most effective way to use ACLs to
control Telnet traffic that is destined to the router itself?
 The ACL must be applied to each vty line individually.
 The ACL is applied to the Telnet port with the ip access-group command.
 The ACL should be applied to all vty lines in the in direction to prevent an unwanted user from
connecting to an unsecured port.
 Apply the ACL to the vty Ilines without the in or out option required when applying ACLS to interfaces.
Explanation: Because someone from outside the router is trying to use a protocol such as Telnet or SSH to gain
access to the router, the ACL direction has to be inward into the router through the vty lines.
6. What packets would match the access control list statement that is shown below?

access-list 110 permit tcp 172.16.0.0 0.0.0.255 any eq 22

 any TCP traffic from the 172.16.0.0 network to any destination network
 SSH traffic from the 172.16.0.0 network to any destination network
 SSH traffic from any source network to the 172.16.0.0 network
 any TCP traffic from any host to the 172.16.0.0 network
Explanation: The statement, access-list 110 permit tcp 172.16.0.0 0.0.0.255 any eq 22, will match traffic on
port 22, which is SSH, that is sourced from network 172.16.0.0/24 with any destination.
7. Consider the access list command applied outbound on a router serial interface.

access-list 100 deny icmp 192.168.10.0 0.0.0.255 any echo reply

What is the effect of applying this access list command?

 Users on the 192.168.10.0/24 network are not allowed to transmit traffic to any other destination.
 The only traffic denied is ICMP-based traffic. All other traffic is allowed.
 The only traffic denied is echo-replies sourced from the 192.168.10.0/24 network. All other traffic is
allowed.
 No traffic will be allowed outbound on the serial interface.
Explanation: At the end of every extended access list is an implicit deny ip any any statement so that no traffic
will be allowed to be sent out the serial interface.
8. Consider the following output for an ACL that has been applied to a router via the access-class in
command. What can a network administrator determine from the output that is shown?

R1# <output omitted>

Standard IP access list 2

10 permit 192.168.10.0, wildcard bits 0.0.0.255 (2 matches)

20 deny any (1 match)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  Traffic from one device was not allowed to come into one router port and be routed outbound a different
router port.
 Two devices were able to use SSH or Telnet to gain access to the router.
 Two devices connected to the router have IP addresses of 192.168.10.x.
 Traffic from two devices was allowed to enter one router port and be routed outbound to a different router
port.
Explanation: The access-class command is used only on VTY ports. VTY ports support Telnet and/or SSH
traffic. The match permit ACE is how many attempts were allowed using the VTY ports. The match deny ACE
shows that a device from a network other than 192.168.10.0 was not allowed to access the router through the
VTY ports.
9. Which two commands will configure a standard ACL? (Choose two.)
 Router(config)# access-list 45 permit 192.168.200.4 host
 Router(config)# access-list 10 permit 10.20.5.0 0.255.255.255 any
 Router(config)# access-list 20 permit host 192.168.5.5 any any
 Router(config)# access-list 35 permit host 172.31.22.7
 Router(config)# access-list 90 permit 192.168.10.5 0.0.0.0
Explanation: Standard access lists have the syntax of access-list and a number between 1 and 99 followed by
the permit or deny keyword and the source IP address (that includes a wildcard mask).
10. To facilitate the troubleshooting process, which inbound ICMP message should be permitted on an
outside interface?
 time-stamp reply
 time-stamp request
 echo request
 echo reply
 router advertisement
Explanation: By allowing the ICMP echo reply message inbound to the organization, internal users are allowed
to ping external addresses (and the reply message allowed to return).
11. What two ACEs could be used to deny IP traffic from a single source host 10.1.1.1 to the
192.168.0.0/16 network? (Choose two.)
 access-list 100 deny ip 192.168.0.0 0.0.255.255 10.1.1.1 0.0.0.0
 access-list 100 deny ip 192.168.0.0 0.0.255.255 host 10.1.1.1
 access-list 100 deny ip host 10.1.1.1 192.168.0.0 0.0.255.255
 access-list 100 deny ip 192.168.0.0 0.0.255.255 10.1.1.1 255.255.255.255
 access-list 100 deny ip 10.1.1.1 255.255.255.255 192.168.0.0 0.0.255.255
 access-list 100 deny ip 10.1.1.1 0.0.0.0 192.168.0.0 0.0.255.255
Explanation: There are two ways to identify a single host in an access list entry. One, is to use the host
keyword with the host IP address, the other is to use a wildcard mask of 0.0.0.0 with the host IP address. The
source of the traffic to be inspected by the access list goes first in the syntax and the destination goes last.
12. An administrator has configured an access list on R1 to allow SSH administrative access from host
172.16.1.100. Which command correctly applies the ACL?
 R1(config-line)# access-class 1 in
 R1(config-line)# access-class 1 out
 R1(config-if)# ip access-group 1 out
 R1(config-if)# ip access-group 1 in
Explanation: Administrative access over SSH to the router is through the vty lines. Therefore, the ACL must
be applied to those lines in the inbound direction. This is accomplished by entering line configuration mode and
issuing the access-class command.
13. Which two keywords can be used in an access control list to replace a wildcard mask or address and
wildcard mask pair? (Choose two.)
 all

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  any
 gt
 host
 most
 some
Explanation: The host keyword is used when using a specific device IP address in an ACL. For example,
the deny host 192.168.5.5 command is the same as the deny 192.168.5.5 0.0.0.0 command. The any keyword
is used to allow any mask that meets the criteria. For example, the permit any command is the same as
the permit 0.0.0.0 255.255.255.255 command.
14. Which two packet filters could a network administrator use on an IPv4 extended ACL? (Choose two.)
 Computer type
 Destination MAC address
 Destination UDP port number
 ICMP message type
 Source TCP hello address
Explanation: Extended access lists commonly filter on source and destination IPv4 addresses and TCP or UDP
port numbers. Additional filtering can be provided for protocol types.
15. In the second ACE shown in the following example, port 400 was incorrectly specified instead of port
443. What is the best way to correct this error?

R1# show access-lists

Extended IP access list SURFING

10 permit tcp 192.168.10.0 0.0.0.255 any eq

www

20 permit tcp 192.168.10.0 0.0.0.255 any eq

400

R1#

 Copy the ACL into a text editor, correct the ACE, and recopy the ACE to the router.
 Create a new named ACL and apply it to the router interface.
 Enter permit tcp 192.168.10.0 0.0.0.255 any eq 443.
 Enter the no 20 keyword, and then enter permit tcp 192.168.10.0 0.0.0.255 any eq 443.
 Remove the entire ACL and then re-create it with the correct ACE.
Explanation: You can use the ip access-list command to edit an existing numbered or named ACL. The ACL
ACEs can be removed using the no command followed by the sequence number.
16. A network administrator needs to configure a standard ACL so that only the workstation of the
administrator with the IP address 10.1.1.10 can access the virtual terminal of the main router. Which two
configuration commands can achieve the task? (Choose two.)
 R1(config)# access-list 10 permit host 10.1.1.10
 R1(config)# access-list 10 permit 10.1.1.10 255.255.255.0
 R1(config)# access-list 10 permit 10.1.1.10 255.255.255.255
 R1(config)# access-list 10 permit 10.1.1.10 0.0.0.0
 R1(config)# access-list 10 permit 10.1.1.10 0.0.0.255
Explanation: To permit or deny one specific IPv4 address, either the wildcard mask 0.0.0.0 (used after the IP

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

address) or the wildcard mask keyword host (used before the IP address) can be used.
17. A network administrator is writing a standard ACL to deny any traffic from the 10.10.0.0/16 network
but permit all other traffic. Which two commands should be used? (Choose two.)
 R1(config)# access-list 55 deny any
 R1(config)# access-list 55 permit any
 R1(config)# access-list 55 host 10.10.0.0
 R1(config)# access-list 55 deny 10.10.0.0 0.0.255.255
 R1(config)# access-list 55 deny 10.10.0.0 255.255.0.0
 R1(config)# access-list 55 10.10.0.0 255.255.255.255
Explanation: To deny traffic from the 10.10.0.0/16 network, the access-list 55 deny 10.10.0.0
0.0.255.255 command is used. To permit all other traffic, the access-list 55 permit any statement is added.
18. In the following example, you forgot to enter an ACE to deny the user at IP address 192.168.10.10.
Which command would correctly enter the ACE to filter this address?

R1# show access-lists

Extended IP access list PERMIT-NET

10 permit ip 192.168.10.0 0.0.0.255 any

20 permit ip 192.168.11.0 0.0.0.255 any

R1#

 deny ip host 192.168.10.10

 5 deny ip host 192.168.10.10
 15 deny ip host 192.168.10.10
 25 deny ip host 192.168.10.10
Explanation: The host must be filtered first, so adding sequence 5 at the beginning of the ACE would insert it
before the 192.168.10.0/24 network is permitted.
19. You create a standard ACL called PERMIT-VTY to permit only an administrative host vty access to
the router. Which line configuration command would correctly apply this ACL to the vty lines?
 access-class PERMIT-VTY in
 access-class PERMIT-VTY out
 ip access-group PERMIT-VTY in
 ip access-group PERMIT-VTY out
Explanation: The access-group acl-name in line configuration mode command correctly applies a standard
ACL to the vty interfaces.
20. What effect does the permit tcp 10.10.100 0.0.0.255 any eq www extended named ACE have when
implemented inbound on a G0/0 interface?
 All TCP traffic is permitted, and all other traffic is denied.
 All traffic from 10.10.100/24 is permitted anywhere on any port.
 The command is rejected by the router because it is incomplete.
 Traffic originating from 10.10.100/24 is permitted to all TCP port 80 destinations.
Explanation: Traffic originating from 10.10.100/24 is permitted to all destinations listening to TCP port 80
(that is, www).
21. What does the CLI prompt change to after you enter the command ip access-list extended
AAAFILTER in global configuration mode?
 R1(config-ext-nacl)#
 R1(config-if)#

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  R1(config-line)#
 R1(config-router)#
 R1(config-std-nacl)#
Explanation: After you enter the command, you go into named extended ACL configuration mode R1(config-
ext-nacl).
…………………………………………………………………………………………..
1. Which two statements accurately describe an advantage or a disadvantage when deploying NAT for
IPv4 in a network? (Choose two.)
 NAT adds authentication capability to IPv4.
 NAT introduces problems for some applications that require end-to-end connectivity.
 NAT provides a solution to slow down the IPv4 address depletion.
 NAT causes routing tables to include more information.
 NAT improves packet handling.
 NAT will impact negatively on switch performance.
Explanation: Network Address Translation (NAT) is a technology that is implemented within IPv4 networks.
One application of NAT is to use private IP addresses inside a network and use NAT to share a few public IP
addresses for many internal hosts. In this way it provides a solution to slow down the IPv4 address depletion.
However, since NAT hides the actual IP addresses that are used by end devices, it may cause problems for some
applications that require end-to-end connectivity.
2. A network administrator wants to examine the active NAT translations on a border router. Which
command would perform the task?
 Router# clear ip nat translations
 Router# show ip nat translations
 Router# debug ip nat translations
 Router# show ip nat statistics
Explanation: The clear ip nat translations command clears all dynamic address translation entries from the
NAT translation table. The debug ip nat command is used to verify the operation of NAT. The show ip nat
statistics command displays information about the total number of active translations, NAT configuration
parameters, the number of addresses in the pool, and the number that have been allocated. The show ip nat
translations command displays the active NAT translations.
3. What are two tasks to perform when configuring static NAT? (Choose two.)
 Configure a NAT pool.
 Identify the participating interfaces as inside or outside interfaces.
 Define the outside global address.
 Define the inside global address on the server
 Create a mapping between the inside local and inside global addresses.
Explanation: There is no server involved when using NAT. The outside global address will change for each
destination the inside host will try to reach. A NAT pool is only configured for dynamic NAT implementations.
4. What is a disadvantage of NAT?
 The router does not need to alter the checksum of the IPv4 packets.
 There is no end-to-end addressing.
 The costs of readdressing hosts can be significant for a publicly addressed network.
 The internal hosts have to use a single public IPv4 address for external communication.
Explanation: Many Internet protocols and applications depend on end-to-end addressing from the source to the
destination. Because parts of the header of the IP packets are modified, the router needs to alter the checksum of
the IPv4 packets. Using a single public IP address allows for the conservation of legally registered IP addressing
schemes. If an addressing scheme needs to be modified, it is cheaper to use private IP addresses.
5. What is one advantage of using NAT at the edge of the network?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Changing ISPs is simpler because the devices on the inside network do not have to be configured
with new addresses when the outside address changes.
 Dynamic NAT allows devices from outside the local network to easily initiate TCP connections to inside
hosts.
 NAT enables end-to-end IPv4 traceability, making troubleshooting easier.
 Performance is significantly increased because the router does not have to perform as many route lookups.
Explanation: When NAT is used, the inside network can be addressed with RFC 1918 private addresses and
the outside address is provided by the ISP. When changing to a new ISP, the hosts on the inside network do not
have to have their addresses changed. NAT prevents end-to-end IPv4 traceability, making troubleshooting more
difficult. Performance can be adversely affected with NAT, as the router needs to change the IP, and possibly
TCP/UDP headers on each packet. Dynamic NAT does not allow outside devices to easily initiate connections
to inside devices unless an outbound connection has already been made.
6. What benefit does NAT64 provide?
 It allows sites to use private IPv6 addresses and translates them to global IPv6 addresses.
 It allows sites to use private IPv4 addresses, and thus hides the internal addressing structure from hosts on
public IPv4 networks.
 It allows sites to connect multiple IPv4 hosts to the Internet via the use of a single public IPv4 address.
 It allows sites to connect IPv6 hosts to an IPv4 network by translating the IPv6 addresses to IPv4
addresses.
Explanation: NAT64 is a temporary IPv6 transition strategy that allows sites to use IPv6 addresses and still be
able to connect to IPv4 networks. This is accomplished by translating the IPv6 addresses into IPv4 addresses
before sending the packets onto the IPv4 network.
7. What address translation is performed by static NAT?
 An inside local address is translated to a specified outside local address.
 An inside local address is translated to a specified inside global address.
 An inside local address is translated to a specified outside global address.
 An outside local address is translated to a specified outside global address.
Explanation: There are four terms to describe NAT addresses; inside local, inside global, outside local, and
outside global. Static NAT will perform a one-to-one translation of an inside local address to an inside global
address.
8. Using NAT terminology, what is the address of the source host on a private network as seen from
inside the network?
 inside local
 outside global
 outside local
 inside global
Explanation: There are four types of NAT addresses. In NAT terminology these are applied from the
perspective of the host that has the address being translated.
– Inside local address – the address of the source host as seen from inside the network
– Inside global address – the address of the source host as seen from the Internet
– Outside local address – the address of Internet hosts as seen from inside the network
– Outside global address – the address of Internet hosts as seen from outside the network
9. Which statement accurately describes dynamic NAT?
 It always maps a private IP address to a public IP address.
 It provides an automated mapping of inside local to inside global IP addresses.
 It dynamically provides IP addressing to internal hosts.
 It provides a mapping of internal host names to IP addresses.
Explanation: Dynamic NAT provides a dynamic mapping of inside local to inside global IP addresses. NAT is
merely the one-to-one mapping of one address to another address without taking into account whether the
address is public or private. DHCP is automatic assignment of IP addresses to hosts. DNS is mapping host
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
names to IP addresses.
10. Why is NAT not needed in IPv6?
 The end-to-end connectivity problems that are caused by NAT are solved because the number of routes
increases with the number of nodes that are connected to the Internet.
 Because IPv6 has integrated security, there is no need to hide the IPv6 addresses of internal networks.
 The problems that are induced by NAT applications are solved because the IPv6 header improves packet
handling by intermediate routers.
 Any host or user can get a public IPv6 network address because the number of available IPv6
addresses is extremely large.
Explanation: The large number of public IPv6 addresses eliminates the need for NAT. Sites from the largest
enterprises to single households can get public IPv6 network addresses. This avoids some of the NAT-induced
application problems that are experienced by applications that require end-to-end connectivity.
11. A company designs its network so that the PCs in the internal network are assigned IP addresses
from DHCP servers, and the packets that are sent to the Internet are translated through a NAT-enabled
router. What type of NAT enables the router to populate the translation table from a pool of unique
public addresses, as the PCs send packets through the router to the Internet?
 ARP
 dynamic NAT
 static NAT
 PAT
Explanation: ARP is the address resolution protocol and is used to obtain the MAC address of the destination
device. Static NAT is a one-to-one mapping between the local and global addresses of a device. PAT, otherwise
known as NAT overload, maps multiple private IP addresses to a singular public address or group of addresses.
Dynamic NAT uses a pool of public IP addresses and assigns them to requesting devices on a first-come, first-
served basis. In the case of dynamic NAT, each device would have a unique public IP address from the pool of
public IP addresses as the source IP address in the packets that they send.
12. What is a security feature of using NAT on a network?
 denies all internal hosts from communicating outside their own network
 allows internal IP addresses to be concealed from external users
 denies all packets that originate from private IP addresses
 allows external IP addresses to be concealed from internal users
Explanation: Network Address Translation (NAT) translates private addresses into public addresses for use on
public networks. This feature prevents outside devices from seeing the actual IP addresses that are used by the
internal hosts.
13. When dynamic NAT without overloading is being used, what happens if seven users attempt to access
a public server on the Internet when only six addresses are available in the NAT pool?
 The first user gets disconnected when the seventh user makes the request.
 All users can access the server.
 The request to the server for the seventh user fails.
 No users can access the server.
Explanation: If all the addresses in the NAT pool have been used, a device must wait for an available address
before it can access the outside network.
14. A company has been assigned the 203.0.113.0/27 block of IP addresses by the ISP. The company has
over 6000 internal devices. What type of NAT would be most appropriate for the employee workstations
of the company?
 static NAT
 port forwarding
 dynamic NAT
 PAT off the external router interface
 dynamic NAT overload using the pool of addresses

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: Static NAT is used by companies that have end devices such as servers that need an external
public IP address. Dynamic NAT is used by companies that own a block of public IP addresses. Port forwarding
is not a type of NAT. Instead, port forwarding is a technique that is used to reach a private IP address from an
external network. PAT is commonly used by home networks and small businesses. PAT or overloading can also
be done by using a pool of addresses.
15. Which version of NAT allows many hosts inside a private network to simultaneously use a single
inside global address for connecting to the Internet?
 port forwarding
 PAT
 dynamic NAT
 static NAT
Explanation: PAT allows many hosts on a private network to share one single public address by mapping
sessions to TCP/UDP port numbers.
16. Typically, which network device would be used to perform NAT for a corporate environment?
 DHCP server
 Host device
 Router
 Server
 Switch
Explanation: Typically, the translation from private IPv4 addresses to public IPv4 addresses is performed on
routers in corporate environments. In a home environment, this device might be an access point that has routing
capability or a DSL or cable router.
17. When NAT is used in a small office, which address type or types are typically used for hosts on the
local LAN?
 Both private and public IPv4 addresses
 Global public IPv4 addresses
 Internet-routable addresses
 Private IPv4 addresses
Explanation: It is common practice to configure addresses from the 10.0.0.0/8, 172.16.0.0/12, and
192.168.0.0/16 ranges.
18. Which type of NAT maps a single inside local address to a single inside global address?
 Dynamic NAT
 NAT overloading
 Port Address Translation
 Static NAT
Explanation: A one-to-one mapping of an inside local address to an inside global address is accomplished
through static NAT.
19. A network administrator configures the border router with the ip nat inside source list 4 pool NAT-
POOL global configuration command. What is required to be configured in order for this particular
command to be functional?
 A NAT pool named NAT-POOL that defines the starting and ending public IPv4 addresses
 A VLAN named NAT-POOL that is enabled and active and routed by R1
 An access list named NAT-POOL that defines the private addresses that are affected by NAT
 An access list numbered 4 that defines the starting and ending public IPv4 addresses
 ip nat outside enabled on the interface that connects to the LAN affected by NAT
Explanation: In order for the ip nat inside source list 4 pool NAT-POOL command to work, the following
procedure needs to occur:
 1. Create an access list that defines the private IPv4 addresses affected by NAT.
 2. Establish a NAT pool of starting and ending public IPv4 addresses by using the ip nat pool command.
 3. Use the ip nat inside source list command to associate the access list with the NAT pool.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  4. Apply NAT to internal and external interfaces by using the ip nat inside and ip nat outside commands.
20. Which configuration would be appropriate for a small business that has the public IPv4 address
209.165.200.225/30 assigned to the external interface on the router that connects to the internet?
 access-list 1 permit 10.0.0.0 0.255.255.255
ip nat pool NAT-POOL 192.168.2.1 192.168.2.8 netmask 255.255.255.240
ip nat inside source list 1 pool NAT-POOL
 access-list 1 permit 10.0.0.0 0.255.255.255
ip nat pool NAT-POOL 192.168.2.1 192.168.2.8 netmask 255.255.255.240
ip nat inside source list 1 pool NAT-POOL overload
 access-list 1 permit 10.0.0.0 0.255.255.255
ip nat inside source list 1 interface serial 0/0/0 overload
 access-list 1 permit 10.0.0.0 0.255.255.255
ip nat pool NAT-POOL 192.168.2.1 192.168.2.8 netmask 255.255.255.240
ip nat inside source list 1 pool NAT-POOL overload
ip nat inside source static 10.0.0.5 209.165.200.225
Explanation: With the ip nat inside source list 1 interface serial 0/0/0 overload command, the router is
configured to translate internal private IPv4 addresses in the range 10.0.0.0/8 to a single public IPv4 address,
209.165.200.225/30.
The other options will not work because the IPv4 addresses defined in the pool, 192.168.2.0/28, are not routable
on the internet.
21. What are two of the required steps to configure PAT? (Choose two.)
 Create a standard access list to define applications that should be translated.
 Define a pool of global addresses to be used for overload translation.
 Define the Hello and Interval timers to match the adjacent neighbor router.
 Define the range of source ports to be used.
 Identify the inside interface.
Explanation: The steps that are required to configure PAT are to define a pool of global addresses to be used
for overload translation, to configure source translation by using the keywords interface and overload, and to
identify the interfaces that are involved in the PAT.
22. What is the name for the public IPv4 addresses used on a NAT-enabled router?
 Inside global addresses
 Inside local addresses
 Outside global addresses
 Outside local addresses
Explanation: An inside local address is the address of the source, as seen from the inside of the network. An
outside global address is the address of the destination, as seen from the outside network.
………………………………………………………………………………………………
1. A company is expanding its business to other countries. All branch offices must remain connected to
corporate headquarters at all times. Which network technology is required to support this scenario?
 LAN
 WLAN
 MAN
 WAN
Explanation: A WAN connects multiple LANs that are in geographically separated locations. A MAN
connects multiple LANs in a large campus or in a city. WLAN is a wireless LAN that covers a rather small
geographic area.
2. What is the recommended technology to use over a public WAN infrastructure when a branch office is
connected to the corporate site?
 VPN
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  ATM
 municipal Wi-Fi
 ISDN
Explanation: ISDN and ATM are Layer 1 and 2 technologies that are typically used on private WANs.
Municipal WiFi is a wireless public WAN technology. Corporate communications over public WANs should
use VPNs for security.
3. Which medium do service providers use to transmit data over WAN connections with SONET, SDH,
and DWDM?
 satellite
 copper
 fiber optic
 Wi-Fi
Explanation: Technologies such as SONET, SDH, and DWDM are designed to run over fiber optic cables.
4. Which statement describes a characteristic of a WAN?
 WAN networks are owned by service providers.
 All serial links are considered WAN connections.
 A WAN operates within the same geographic scope of a LAN, but has serial links.
 A WAN provides end-user network connectivity to the campus backbone.
Explanation: WANs are used to interconnect the enterprise LAN to remote branch site LANs and
telecommuter sites. A WAN is owned by a service provider. Although WAN connections are typically made
through serial interfaces, not all serial links are connected to a WAN. LANs, not WANs, provide end-user
network connectivity in an organization.
5. Which type of network would be used by a company to connect locations across the country?
 LAN
 WAN
 WLAN
 SAN
Explanation: A wide-area network (WAN) provides network connectivity over a wide geographical area
compared to a local-area network (LAN) that is usually limited to connecting devices in a room or building. A
storage-area network (SAN) contains storage media such as hard drive disk arrays that provide storage for
applications and servers. A wireless LAN (WLAN) provides connectivity for wireless devices in a limited
space.
6. A small company with 10 employees uses a single LAN to share information between computers.
Which type of connection to the Internet would be appropriate for this company?
 a broadband service, such as DSL, through their local service provider
 Virtual Private Networks that would enable the company to connect easily and securely with employees
 private dedicated lines through their local service provider
 a dialup connection that is supplied by their local telephone service provider
Explanation: For this small office, an appropriate connection to the Internet would be through a common
broadband service called Digital Subscriber Line (DSL), available from their local telephone service provider.
With so few employees, bandwidth is not a significant problem. If the company were bigger, with branch
offices in remote sites, private lines would be more appropriate. Virtual Private Networks would be used if the
company had employees who needed to connect to the company via Internet.
7. To which two layers of the OSI model do WAN technologies provide services? (Choose two.)
 presentation layer
 data link layer
 network layer
 physical layer
 transport layer
 session layer

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: WAN operations focus primarily on the physical layer and the data link layer of the OSI model.
8. A customer needs a metropolitan area WAN connection that provides high-speed, dedicated
bandwidth between two sites. Which type of WAN connection would best fulfill this need?
 circuit-switched network
 MPLS
 packet-switched network
 Ethernet WAN
Explanation: MPLS can use a variety of underlying technologies such as T- and E-Carriers, Carrier Ethernet,
ATM, Frame Relay, and DSL, all of which support lower speeds than an Ethernet WAN. Neither a circuit-
switched network, such as the public switched telephone network (PSTN) or Integrated Service Digital Network
(ISDN), nor a packet-switched network, is considered high speed.
9. An intercity bus company wants to offer constant Internet connectivity to the users traveling on the
buses. Which two types of WAN infrastructure would meet the requirements? (Choose two.)
 cellular
 dedicated
 private infrastructure
 circuit-switched
 public infrastructure
Explanation: Public cellular networks provide a highly mobile Internet connection at high data rates.
10. An enterprise has four branches. The headquarters needs full connectivity to all branches. The
branches do not need to be connected directly to each other. Which WAN topology is most suitable?
 full mesh
 bus
 mesh
 point-to-point
 hub and spoke
Explanation: A point-to-point topology only connects two nodes. A bus is a legacy topology for LANs. Mesh
and full mesh topologies have more connectivity than needed (all or most of the branches will be connected to
each other). A hub and spoke design will connect the headquarters to all its branches, as desired.
11. What is a characteristic of a WAN?
 WAN service providers include carriers such as a telephone network or satellite service.
 A WAN is typically owned by an enterprise which wants to interconnect its LANs.
 A WAN operates inside the geographic scope of a LAN.
 WANs always use physical cables to connect LANs.
Explanation: A WAN operates beyond the geographic scope of a LAN and it is owned by a service provider.
WANs are used to interconnect the enterprise LAN to remote LANs in branch sites and telecommuter sites.
WAN service providers include carriers such as a telephone network, cable company, or satellite service. It is
not feasible to connect LANs across a country, or around the world, with physical cables.
12. What are two common types of circuit-switched WAN technologies? (Choose two.)
 DSL
 Frame Relay
 ISDN
 ATM
 PSTN
Explanation: The two most common types of circuit-switched WAN technologies are the public switched
telephone network (PSTN) and the integrated services digital network (ISDN). Frame Relay and ATM are
packet-switched WAN technologies. DSL is a WAN technology that offers broadband Internet access.
13. A new corporation needs a data network that must meet certain requirements. The network must
provide a low cost connection to sales people dispersed over a large geographical area. Which two types
of WAN infrastructure would meet the requirements? (Choose two.)
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  public infrastructure
 dedicated
 satellite
 private infrastructure
 Internet
Explanation: VPNs over the Internet provide low cost, secure connections to remote users. VPNs are deployed
over the Internet public infrastructure.
14. Which type of internet connection would be suitable for a small 10-employee company with one local
LAN?
 A broadband DSL or cable connection to a service provider
 A dialup connection to the local telephone service provider
 A private dedicated line to the local service provider
 A VSAT connection to a service provider
Explanation: For this small office, an appropriate connection to the internet would be through a common
broadband service such as digital subscriber line (DSL), available from the company’s local telephone service
provider, or a cable connection from the cable company. Because the company has so few employees,
bandwidth is not a significant issue. If the company were bigger, with branch offices in remote sites, private
lines would be more appropriate. VSATs are used to provide connectivity to remote locations and are typically
used only when no other connectivity options are available.
15. Which network scenario requires the use of a WAN?
 Employee workstations need to obtain dynamically assigned IP addresses.
 Employees in the branch office need to share files with the headquarters office that is located in a separate
building on the same campus network.
 Employees need to access web pages that are hosted on the corporate web servers in the DMZ within their
building.
 Traveling employees must connect to the corporate email server using a VPN.
Explanation: When traveling employees need to connect to a corporate email server through a WAN
connection, the VPN creates a secure tunnel between an employee laptop and the corporate network over the
WAN connection. Obtaining dynamic IP addresses through DHCP is a function of LAN communication.
Sharing files among separate buildings on a corporate campus is accomplished through the LAN infrastructure.
A DMZ is a protected network inside the corporate LAN infrastructure.
16. Which device is needed when a digital leased line is used to provide a connection between a customer
and a service provider?
 Access server
 CSU/DSU
 Dialup modem
 Layer 2 switch
Explanation: Digital leased lines require a channel service unit (CSU) and a data service unit (DSU). An access
server concentrates dialup modem dial-in and dial-out user communications. Dialup modems are used to
temporarily enable the use of analog telephone lines for digital data communications. A Layer 2 switch is used
to connect a LAN.
17. What is a requirement of a connectionless packetswitched network?
 A virtual circuit is created for the duration of the packet delivery.
 Each packet has to carry only an identifier.
 Full addressing information must be carried in each data packet.
 The network predetermines the route for a packet.
Explanation: A connection-oriented system predetermines the network path, creates a virtual circuit for the
duration of the packet delivery, and requires that each packet carry an identifier. A connectionless packet-
switched network, such as the internet, requires each data packet to carry addressing information.
18. What is an advantage of packet-switching technology over circuit-switching technology?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  Packet-switched networks are less susceptible to jitter than circuitswitched networks.
 Packet-switched networks can efficiently use multiple routes inside a service provider network.
 Packet-switched networks require an expensive permanent connection to each endpoint.
 Packet-switched networks usually experience lower latency than circuit-switched networks experience.
Explanation: Unlike circuit-switched networks, which typically require expensive permanent connections,
packet-switched networks can take alternate paths, if available, to reach the destination.
19. What is a long-distance fiber-optic media technology that supports both SONET and SDH and assigns
incoming optical signals to specific wavelengths of light?
 ATM
 DWDM
 ISDN
 MPLS
Explanation: Dense wavelength-division multiplexing (DWDM) is a newer technology that increases the data-
carrying capacity of SDH and SONET by simultaneously multiplexing data using different wavelengths of light.
ISDN (Integrated Services Digital Network), ATM (Asynchronous Transfer Mode), and MPLS (Multiprotocol
Label Switching) are not fiber-optic technologies.
20. What are two common high-bandwidth fiber-optic media standards? (Choose two.)
 ANSI
 ATM
 ITU
 SDH
 SONET
Explanation: SDH and SONET are high-bandwidth fiber-optic standards that define how to transfer data,
voice, and video communications using lasers or light-emitting diodes (LEDs). ATM (Asynchronous Transfer
Mode) is a Layer 2 technology. ANSI (American National Standards Institute) and ITU (International
Telecommunication Union) are standards organizations.
21. Which WAN technology establishes a dedicated constant point-to-point connection between two sites?
 ATM
 Frame Relay
 ISDN
 Leased lines
Explanation: A leased line establishes a dedicated constant point-to-point connection between two sites. ATM
is cell switched. ISDN is circuit switched. Frame Relay is packet switched.
22. A hospital is looking for a solution to connect multiple newly established remote branch medical
offices. Which of the following is most important when selecting a private WAN connection rather than a
public WAN connection?
 Data security and confidentiality during transmission
 Higher data transmission rate
 Lower cost
 Website and file exchange service support
Explanation: A private WAN solution that involves dedicated links between sites offers the best security and
confidentiality. Private and public WAN solutions offer comparable connection bandwidth, depending on the
technology chosen. Connecting multiple sites with private WAN connections could be very expensive. The
website and file exchange service support is not relevant.
23. Which wireless technology provides internet access through cellular networks?
 Bluetooth
 LTE
 Municipal Wi-Fi
 Satellite
Explanation: LTE, or Long-Term Evolution, is a fourthgeneration cellular access technology that supports
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
internet access.
24. Which equipment is needed for an ISP to provide internet connections through cable service?
 Access server
 CMTS
 CSU/DSU
 DSLAM
Explanation: The equipment located at a cable service provider office, the cable modem termination system
(CMTS), sends and receives digital cable modem signals on a cable network to provide internet services to
cable subscribers. A DSLAM performs a similar function for DSL service providers. A CSU/DSU is used in
leased-line connections. Access servers are needed to process multiple simultaneous dialup connections to a
central office (CO).
………………………………………………………………………………………….
8.4.2 Module Quiz – VPN and IPsec Concepts (Answers)
Apr 1, 2021 Last Updated: Dec 19, 2022 CCNA v7.0, CCNA v7 Course #3 No Comments
Share TweetSharePin it

8.4.2 Module Quiz – VPN and IPsec Concepts Answers

Playvolume00:00/01:03Tech around the worldTruvidfullScreen

1. Which two statements describe a remote access VPN? (Choose two.)

 It connects entire networks to each other.
 It requires hosts to send TCP/IP traffic through a VPN gateway.
 It is used to connect individual hosts securely to a company network over the Internet.
 It may require VPN client software on hosts.
 It requires static configuration of the VPN tunnel.
Explanation: Remote access VPNs can be used to support the needs of telecommuters and mobile users by
allowing them to connect securely to company networks over the Internet. To connect hosts to the VPN server
on the corporate network, the remote access VPN tunnel is dynamically built by client software that runs on the
hosts.
2. The use of 3DES within the IPsec framework is an example of which of the five IPsec building blocks?
 Diffie-Hellman
 integrity
 authentication
 nonrepudiation
 confidentiality
Explanation: The IPsec framework consists of five building blocks. Each building block performs a specific
securty function via specific protocols. The function of providing confidentiality is provided by protocols such
as DES, 3DES, and AES.
3. Which type of VPN may require the Cisco VPN Client software?
 MPLS VPN
 site-to-site VPN
 remote access VPN
 SSL VPN
Explanation: With a remote-access VPN, the client peer may need special VPN client software installed.
4. Which technique is necessary to ensure a private transfer of data using a VPN?
 scalability
 authorization
 virtualization

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  encryption
Explanation: Confidential and secure transfers of data with VPNs require data encryption.
5. What are the two fundamental Dynamic Multipoint VPN tunnel types? (Choose two.)
 client-to-site
 server-to-client
 site-to-site
 hub-to-spoke
 spoke-to-spoke
Explanation: The two fundamental DMVPN designs include:
 Spoke-to-spoke
 Hub-to-spoke
6. What are two reasons a company would use a VPN? (Choose two.)
 to test network connections to remote users
 to increase bandwidth to the network
 to eliminate the need of having a gateway
 to connect remote users to the network
 to allow suppliers to access the network
Explanation: Organizations use VPNs to have a reliable secure method to connect remote users, branch offices,
and suppliers to the company network. To implement VPNs, a VPN gateway is necessary.
7. True or False? All VPNs securely transmit clear text across the Internet.
 true
 false
Explanation: A VPN is secure (private) when encrypted traffic is sent over a public network, such as the
Internet.
8. Which solution allows workers to telecommute effectively and securely?
 dial-up connection
 site-to-site VPN
 DSL connection
 remote-access VPN
Explanation: Telecommuters using remote-access VPNs can securely connect to their corporate networks from
anywhere by creating an encrypted tunnel, allowing them to effectively complete their work. They may connect
using a variety of access technologies, including dial-up and DSL connections. These connections, however, are
not secure without the use of VPN technology.
9. Which VPN type is a service provider managed VPN?
 GRE over IPsec VPN
 site-to-site VPN
 remote access VPN
 Layer 3 MPLS VPN
Explanation: VPNs can be managed and deployed as:
 Enterprise VPNs – Enterprise managed VPNs are a common solution for securing enterprise traffic across
the internet. Site-to-site and remote access VPNs are examples of enterprise managed VPNs.
 Service Provider VPNs – Service provider managed VPNs are created and managed over the provider
network. Layer 2 and Layer 3 MPLS are examples of service provider managed VPNs. Other legacy WAN
solutions include Frame Relay and ATM VPNs.
10. Which IPsec framework protocol provides data integrity and data authentication, but does not
provide data confidentiality?
 DH
 ESP
 AH
 IP protocol 50

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: Authentication Header (AH) is IP protocol 51 and does not provide data confidentiality. The data
payload is not encrypted. Encapsulating Security Payload (ESP) is IP protocol 50 and provides data
confidentiality, integrity, and authentication. The DH algorithm is used in IPsec to negotiate a shared secret key
for the peers.
11. What algorithm is used to provide data integrity of a message through the use of a calculated hash
value?
 AES
 RSA
 DH
 HMAC
Explanation: The IPsec framework uses various protocols and algorithms to provide data confidentiality, data
integrity, authentication, and secure key exchange. To ensure that data is not intercepted and modified (data
integrity), Hashed Message Authentication Code (HMAC) is used. AES is an encryption protocol and provides
data confidentiality. DH (Diffie-Hellman) is an algorithm that is used for key exchange. RSA is an algorithm
that is used for authentication.
12. Which statement describes the effect of key length in deterring an attacker from hacking through an
encryption key?
 The shorter the key, the harder it is to break.
 The length of a key will not vary between encryption algorithms.
 The length of a key does not affect the degree of security.
 The longer the key, the more key possibilities exist.
Explanation: While preventing brute-force attacks and other forced decryption concerns, the longer the key
length, the harder it is to break. A 64-bit key can take one year to break with a sophisticated computer, while a
128-bit key may take 1019 years to decrypt. Different encryption algorithms will provide varying key lengths for
implementation.
13. What is a type of VPN that is generally transparent to the end user?
 public
 remote access
 private
 site-to-site
Explanation: With site-to-site VPNs, internal hosts have no knowledge that a VPN exists. Remote access
VPNs support a client/server architecture, where the VPN client (remote host) gains secure access to the
enterprise network via a VPN server device at the network edge. Public and private are not VPN types.
14. A network design engineer is planning the implementation of a cost-effective method to interconnect
multiple networks securely over the internet. Which type of technology is required?
 a dedicated ISP
 a GRE IP tunnel
 a leased line
 a VPN gateway
Explanation: A GRE IP tunnel does not provide authentication or security. A leased line is not cost-effective
compared to using high-speed broadband technology with VPNs. A dedicated ISP is not required when utilizing
VPNs between multiple sites.
15. Which statement is true of site-to-site VPNs?
 Individual hosts can enable and disable the VPN connection.
 Internal hosts send normal, unencapsulated packets.
 The VPN connection is not statically defined.
 VPN client software is installed on each host.
Explanation: Site-to-site VPNs are statically defined VPN connections between two sites that use VPN
gateways. The internal hosts do not require VPN client software and send normal, unencapsulated packets onto
the network, where they are encapsulated by the VPN gateway.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
16. How is the hash message authentication code (HMAC) algorithm used in an IPsec VPN?
 to authenticate the IPsec peers
 to create a secure channel for key negotiation
 to guarantee message integrity
 to protect IPsec keys during session negotiation
Explanation: The IPsec framework uses various protocols and algorithms to provide data confidentiality, data
integrity, authentication, and secure key exchange. The hash message authentication code (HMAC) is a data
integrity algorithm that uses a hash value to guarantee the integrity of a message.
17. What IPsec algorithm is used to provide data confidentiality?
 AES
 Diffie-Hellman
 MD5
 RSA
 SHA
Explanation: The IPsec framework uses various protocols and algorithms to provide data confidentiality, data
integrity, authentication, and secure key exchange. Two popular algorithms that are used to ensure that data is
not intercepted and modified (data integrity) are MD5 and SHA. AES is an encryption protocol and provides
data confidentiality. DH (Diffie-Hellman) is an algorithm that is used for key exchange. RSA is an algorithm
that is used for authentication.
18. What are two hashing algorithms used with IPsec to guarantee authenticity? (Choose two.)
 AES
 DH
 MD5
 RSA
 SHA
Explanation: The IPsec framework uses various protocols and algorithms to provide data confidentiality, data
integrity, authentication, and secure key exchange. Two popular algorithms used to ensure that data is not
intercepted and modified (data integrity and authentication) are MD5 and SHA.
19. What two IPsec algorithms provide encryption and hashing to protect interesting traffic? (Choose
two.)
 AES
 DH
 IKE
 PSK
 SHA
Explanation: The IPsec framework uses various protocols and algorithms to provide data confidentiality, data
integrity, authentication, and secure key exchange. Two algorithms that can be used within an IPsec policy to
protect interesting traffic are AES, which is an encryption protocol, and SHA, which is a hashing algorithm.
20. Which protocol creates a virtual unencrypted pointto-point VPN tunnel between Cisco routers?
 GRE
 IKE
 IPsec
 OSPF
Explanation: Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco that
encapsulates multiprotocol traffic between remote Cisco routers. GRE does not encrypt data. OSPF is an open-
source routing protocol. IPsec is a suite of protocols that allow for the exchange of information that can be
encrypted and verified. Internet Key Exchange (IKE) is a key management standard used with IPsec.
21. Which VPN solution allows the use of a web browser to establish a secure, remote-access VPN tunnel
to a VPN gateway?
 client-based SSL

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  clientless SSL
 site-to-site using a pre-shared key
 site-to-site using an ACL
Explanation: When a web browser is used to securely access the corporate network, the browser must use a
secure version of HTTP to provide SSL encryption. A VPN client is not required to be installed on the remote
host, so a clientless SSL connection is used.
22. Which IPsec security function utilizes encryption to protect data transfers with a key?
 authentication
 confidentiality
 integrity
 secure key exchange
Explanation: Confidentiality is a function of IPsec and utilizes encryption to protect data transfers with a key.
Integrity is a function of IPsec and ensures that data arrives unchanged at the destination through the use of a
hashing algorithm. Authentication is a function of IPsec and provides specific access to users and devices with
valid authentication factors. Secure key exchange is a function of IPsec and allows two peers to maintain their
private key confidentiality while sharing their public key.
23. Which of the following are service provider managed VPN solutions? (Choose two.)
 client-based IPsec VPN
 clientless SSL VPN
 Frame Relay
 Layer 3 MPLS VPN
 remote-access VPN
 site-to-site VPN
Explanation: VPNs can be managed and deployed as either enterprise VPNs (which is a common solution for
securing enterprise traffic across the internet and includes site-to-site and remote-access VPNs) or service
provider VPNs (that is, VPNs created and managed over the provider network, such as Layer 2 and Layer 3
MPLS VPNS, or legacy Frame Relay and ATM VPNs).
24. Which of the following are enterprise-managed remote-access VPNs? (Choose two.)
 client-based IPsec VPN
 clientless SSL VPN
 Frame Relay
 Layer 3 MPLS VPN
 remote-access VPN
 site-to-site VPN
Explanation: Enterprise managed remote-access VPNs are created dynamically when required. Remoteaccess
VPNs include client-based IPsec VPNs and clientless SSL VPNs.
25. Which is a requirement of a site-to-site VPN?
 Hosts connected using a web browser and an SSL connection
 Hosts connected using client-based VPN software
 A client/server architecture
 VPN gateways at each end of the tunnel
 VPN server at the edge of the company network
Explanation: Site-to-site VPNs are static and are used to connect entire networks. Hosts have no knowledge of
the VPN and send TCP/IP traffic to VPN gateways. The VPN gateway is responsible for encapsulating the
traffic and forwarding it through the VPN tunnel to a peer gateway at the other end that decapsulates the traffic.
26. How is the Diffie-Hellman algorithm used in the IPsec framework?
 allows peers to exchange shared keys
 guarantees message integrity
 provides authentication
 provides strong data encryption

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: The IPsec framework uses various protocols and algorithms to provide data confidentiality, data
integrity, authentication, and secure key exchange. DH (Diffie-Hellman) is an algorithm used for key exchange.
DH is a public key exchange method that allows two IPsec peers to establish a shared secret key over an
insecure channel.
27. Which type of VPN involves passenger, carrier, and transport protocols?
 DMVPN
 GRE over IPsec
 IPsec virtual tunnel interface
 MPLS VPN
Explanation: In a GRE over IPsec tunnel, the term passenger protocol refers to the original packet that is to be
encapsulated by GRE. The carrier protocol is the protocol that encapsulates the original passenger packet. The
transport protocol is the protocol that will be used to forward the packet.
28. Which type of VPN supports multiple sites by applying configurations to virtual interfaces instead of
physical interfaces?
 IPsec virtual tunnel interface
 DMVPN
 MPLS VPN
 GRE over IPsec
Explanation: An IPsec VTI is a newer IPsec VPN technology that simplifies the configuration required to
support multiple sites and remote access. IPsec VTI configurations use virtual interfaces to send and receive IP
unicast and multicast encrypted traffic. Therefore, routing protocols are automatically supported without
requiring configuration of GRE tunnels.
29. Which type of VPN connects using the Transport Layer Security (TLS) feature?
 SSL VPN
 GRE over IPsec
 DMVPN
 IPsec virtual tunnel interface
 MPLS VPN
Explanation: When a client negotiates an SSL VPN connection with the VPN gateway, it connects using
Transport Layer Security (TLS). TLS is the newer version of SSL and is sometimes expressed as SSL/TLS. The
two terms are often used interchangeably.
30. Which description correctly identifies an MPLS VPN?
 allows multicast and broadcast traffic over a secure site-to-site VPN
 has both Layer 2 and Layer 3 implementations
 involves a nonsecure tunneling protocol being encapsulated by IPsec
 routes packets through virtual tunnel interfaces for encryption and forwarding.
 uses the public key infrastructure and digital certificates.
Explanation: An MPLS VPN has both Layer 2 and Layer 3 implementations. A GRE over IPsec VPN involves
a nonsecure tunneling protocol encapsulated by IPsec. An IPsec VTI VPN routes packets through virtual tunnel
interfaces for encryption and forwarding. An IPsec VTI VPN and GRE over IPsec VPN allows multicast and
broadcast traffic over a secure site-to-site VPN. An SSL VPN uses the public key infrastructure and digital
certificates.
31. Which description correctly identifies an SSL VPN?
 allows multicast and broadcast traffic over a secure site-to-site VPN
 has both Layer 2 and Layer 3 implementations
 involves a nonsecure tunneling protocol being encapsulated by IPsec
 routes packets through virtual tunnel interfaces for encryption and forwarding
 uses the public key infrastructure and digital certificates
Explanation: An SSL VPN uses the public key infrastructure and digital certificates. An MPLS VPN has both
Layer 2 and Layer 3 implementations. A GRE over IPsec VPN involves a nonsecure tunneling protocol
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
encapsulated by IPsec. An IPsec VTI VPN routes packets through virtual tunnel interfaces for encryption and
forwarding. An IPsec VTI VPN and a GRE over IPsec VPN allow multicast and broadcast traffic over a secure
site-to-site VPN.
32. Which two descriptions correctly identify an IPsec VTI VPN? (Choose two.)
 allows multicast and broadcast traffic over a secure site-to-site VPN
 has both Layer 2 and Layer 3 implementations
 involves a nonsecure tunneling protocol being encapsulated by IPsec
 routes packets through virtual tunnel interfaces for encryption and forwarding
 uses the public key infrastructure and digital certificates
Explanation: An IPsec VTI VPN routes packets through virtual tunnel interfaces for encryption and
forwarding. An IPsec VTI VPN and a GRE over IPsec VPN allow multicast and broadcast traffic over a secure
site-to-site VPN. An MPLS VPN has both Layer 2 and Layer 3 implementations. A GRE over IPsec VPN
involves a nonsecure tunneling protocol being encapsulated by IPsec. An SSL VPN uses the public key
infrastructure and digital certificates.
33. Which two descriptions correctly identify a GRE over IPsec VPN? (Choose two.)
 allows multicast and broadcast traffic over a secure site-to-site VPN
 has both Layer 2 and Layer 3 implementations
 involves a nonsecure tunneling protocol being encapsulated by IPsec
 routes packets through virtual tunnel interfaces for encryption and forwarding
 uses the public key infrastructure and digital certificates
Explanation: A GRE over IPsec VPN involves a nonsecure tunneling protocol being encapsulated by IPsec. An
IPsec VTI VPN and a GRE over IPsec VPN allow multicast and broadcast traffic over a secure site-to-site VPN.
An MPLS VPN has both Layer 2 and Layer 3 implementations. An IPsec VTI VPN routes packets through
virtual tunnel interfaces for encryption and forwarding. An SSL VPN uses the public key infrastructure and
digital certificates.
…………………………………………………………………………………………..
1. What is the term used to indicate a variation of delay?
 speed mismatch
 serialization delay
 jitter
 latency
Explanation: Jitter is a phenomenon caused by a variation in delay. Delay (or latency) is the time it takes for
the packet to arrive at its destination. Jitter describes how the voice packets arrive at the destination at varying
intervals (not in a steady, consistent stream).
2. A network engineer performs a ping test and receives a value that shows the time it takes for a packet
to travel from a source to a destination device and return. Which term describes the value?
 jitter
 bandwidth
 priority
 latency
Explanation: Latency refers to the time it takes for a packet to travel from a source device to a destination
device. Jitter is the variation in the latency values of received packets. Bandwidth is the measurement of how
much traffic is transmitted in a single second. Priority is the preferential treatment of specific classes of traffic.
3. What role do network devices play in the IntServ QoS model?
 Network devices provide a best-effort approach to forwarding traffic.
 Network devices ensure that resources are available before traffic is allowed to be sent by a host
through the network.
 Network devices use QoS on a hop-by-hop basis to provide excellent scalability.
 Network devices are configured to service multiple classes of traffic and handle traffic as it may arrive.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: The IntServ QoS model uses resource reservation to guarantee bandwidth and packet-loss rates
from end to end. IntServ uses a connection-oriented approach to ensure that available resources are sufficient in
the network for the traffic to have a specific level of QoS.
4. Which device would be classified as a trusted endpoint?
 firewall
 switch
 IP phone
 router
Explanation: Trusted endpoints are devices that have the capability to mark application traffic at Layer 2 or
Layer 3. Trusted endpoints include the following:
– IP phones
– Wireless access points
– Videoconferencing gateways and systems
– IP conferencing stations and more
5. Under which condition does congestion occur on a converged network with voice, video, and data
traffic?
 if video traffic requests more bandwidth than voice traffic requests
 if the request for bandwidth exceeds the amount of bandwidth available
 if voice traffic latency begins to decrease across the network
 if a user downloads a file that exceeds the file limitation that is set on the server
Explanation: Network congestion is caused by devices requesting more bandwidth than is available on a
network. Congestion causes traffic to be temporarily queued or ultimately dropped.
6. Which type of traffic does Cisco recommend be placed in the strict priority queue (PQ) when low
latency queuing (LLQ) is being used?
 management
 video
 data
 voice
Explanation: Cisco recommends that only voice traffic be placed in the priority queue (PQ) when using the low
latency queuing (LLQ) method. All other traffic types are to be placed in other traffic queues and will be
forwarded after voice traffic.
7. Which model is the only QoS model with no mechanism to classify packets?
 hard QoS
 DiffServ
 best-effort
 IntServ
Explanation: The best-effort model has no mechanism to classify packets and treats all networks packets
equally. A voice packet would be treated in the same manner as an email packet.
8. What happens when the memory queue of a device fills up and new network traffic is received?
 The network device will drop the arriving packets.
 The network device sends the received traffic immediately.
 The network device drops all traffic in the queue.
 The network device queues the received traffic while sending previously received traffic.
Explanation: Packets received by a network device experiencing congestion cannot be transmitted until
previous packets have been processed. If the queue is full, the network device will begin to drop packets as new
traffic arrives.
9. What are two characteristics of voice traffic? (Choose two.)
 It is bursty.
 It consumes few network resources.
 It is insensitive to packet loss.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  It can tolerate latency up to 400 ms.
 It is delay sensitive.
Explanation: Voice traffic does not consume much in the way of network resources, such as bandwidth.
However, it is very sensitive to delay and dropped packets. For good voice quality, the amount of latency should
be less than 150 milliseconds and packet loss less than 1%.
1o. Which QoS model is very resource intensive and provides the highest guarantee of QoS?
 IntServ
 DiffServ
 soft QoS
 best-effort
Explanation: The IntServ QoS model uses resource reservation and admission control mechanisms to schedule
network resources.
11. What happens when an edge router using IntServ QoS determines that the data pathway cannot
support the level of QoS requested?
 Data is not forwarded along the pathway.
 Data is forwarded along the pathway using a best-effort approach.
 Data is forwarded along the pathway using DiffServ.
 Data is forwarded along the pathway using IntServ but not provided preferential treatment.
Explanation: When the IntServ QoS model is being used, if network devices along a data path can reserve the
required bandwidth, the originating application can begin transmitting. If the requested resource reservation
cannot be allocated along the path, the originating application does not send any data.
12. In QoS models, which type of traffic is commonly provided the most preferential treatment over all
other application traffic?
 voice traffic
 web traffic
 email
 file transfers
Explanation: Voice traffic from IP phones is commonly provided preferential treatment over all other
application traffic such as email, web traffic, and file transfers.
13. Which queuing mechanism supports user-defined traffic classes?
 WFQ
 CBWFQ
 FCFS
 FIFO
Explanation: Class-based weighted fair queuing (CBWFQ) goes beyond weighted fair queuing (WFC) by
providing support for user-defined traffic classes. With CBWFQ, an administrator can use access control lists to
define different traffic classes. Once traffic is classified, it receives is own queue for the egress interface.
14. What mechanism compensates for jitter in an audio stream by buffering packets and then replaying
them outbound in a steady stream?
 WFQ
 voice codec
 digital signal processor
 playout delay buffer
Explanation: Jitter on the network can cause audio problems that can be heard and which are distracting in
voice conversations. To compensate for the effects of jitter, a mechanism called a playout delay buffer is used.
The playout delay buffer receives and buffers voice packets and then retransmits them in a steady stream with
the jitter removed.
15. What functionality is required on routers to provide remote workers with VoIP and video-
conferencing capabilities?
 IPsec

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  PPPoE
 QoS
 VPN
Explanation: Quality of service (QoS) needs to be enabled on routers to provide support for VoIP and video
conferencing. QoS refers to the capability of a network to provide better service to selected network traffic, such
as voice and video traffic.
16. What happens when a router interface ingress queue is full and new network traffic is received?
 The router sends the received traffic immediately.
 The router drops the arriving packets.
 The router drops all traffic in the queue.
 The router queues the received traffic and sends previously received traffic.
Explanation: When the volume of traffic is greater than what can be transported across the network, devices
queue, or hold, the packets in memory until resources become available to transmit them. If the number of
packets to be queued continues to increase, the memory in the device fills up, and packets are dropped.
17. Which queuing method provides user-defined traffic classes where each traffic class has a FIFO
queue?
 CBWFQ
 RSVP
 WFQ
 WRED
Explanation: CBWFQ extends the standard WFQ functionality to provide support for user-defined traffic
classes. A FIFO queue is reserved for each class, and traffic belonging to a class is directed to the queue for that
class.
18. Which type of traffic does Cisco recommend be placed in the strict priority queue when Low Latency
Queuing (LLQ) is being used?
 Data
 Management
 Video
 Voice
Explanation: With LLQ, delay-sensitive data is sent first, before packets in other queues are treated. Although
it is possible to enqueue various types of real-time traffic to the strict priority queue, Cisco recommends that
only voice traffic be directed to the priority queue.
19. What is the default queuing method used on the LAN interfaces of Cisco devices?
 CBWFQ
 FIFO
 LLQ
 WFQ
Explanation: When no other queuing strategies are configured, all interfaces except serial interfaces at E1
(2.048 Mbps) and below use FIFO by default. Serial interfaces at E1 and below use WFQ by default.
20. What is the default queuing method used on the slower WAN interfaces of Cisco devices?
 CBWFQ
 FIFO
 LLQ
 WFQ
Explanation: When no other queuing strategies are configured, all interfaces except serial interfaces at E1
(2.048 Mbps) and below use FIFO by default. Serial interfaces at E1 and below use WFQ by default.
21. Which statement describes the QoS classification and marking tools?
 Classification is performed after traffic is marked.
 Classification should be done as close to the destination service as possible.
 Marking involves adding a value to a packet header.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Marking involves identification of the QoS policy that should be applied to specific packets.
Explanation: Marking means adding a value to the packet header. Devices receiving the packet look at this
field to see whether it matches a defined policy. Marking should be done as close to the source device as
possible to establish the trust boundary.
22. Which device would be classified as a trusted endpoint?
 Firewall
 IP conferencing station
 Router
 Switch
Explanation: Trusted endpoints have the capabilities and intelligence to mark application traffic to the
appropriate Layer 2 CoS and/or Layer 3 DSCP values. Examples of trusted endpoints include IP phones,
wireless access points, video-conferencing gateways and systems, and IP conferencing stations.
23. How many bits are used to identify the Class of Service (CoS) marking in a frame?
 3
 8
 24
 64
Explanation: The 802.1p standard uses the first 3 bits in the Tag Control Information (TCI) field. Known as the
Priority (PRI) field, this 3-bit field identifies the Class of Service (CoS) markings. Three bits means that a Layer
2 Ethernet frame can be marked with one of eight levels of priority (values 0–7).
24. How many levels of priority are possible when using Class of Service (CoS) marking on frames?
 3
 8
 24
 64
Explanation: RFC 2474 redefines the ToS field with a new 6- bit Differentiated Services Code Point (DSCP)
QoS field. Six bits offers a maximum of 64 possible classes of service.
………………………………………………………………………………………
1. What are two reasons for an administrator to issue the copy running-config tftp command on a switch
or router? (Choose two.)
 to force an automatic reload of the device
 to have a backup of the running configuration file in the router
 to overwrite the current configuration
 to transfer the current configuration file to a server
 to save the running configuration file to a remote location
Explanation: The copy running-config tftp command is used to copy the current configuration file to a TFTP
server.
2. What information can be gathered about a neighbor device from the show cdp neighbors detail
command that cannot be found with the show cdp neighbors command?
 the platform that is used by the neighbor
 the IP address of the neighbor
 the capabilities of the neighbor
 the hostname of the neighbor
Explanation: The show cdp neighbors detail command will display the IP address of the neighbor. The show
cdp neighbors command displays the platform, capabilities, and name of neighbors, but does not specify IP
addresses.
3. When SNMPv1 or SNMPv2 is being used, which feature provides secure access to MIB objects?
 message integrity
 community strings

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  packet encryption
 source validation
Explanation: SNMPv1 and SNMPv2 use community strings to control access to the MIB. SNMPv3 uses
encryption, message integrity, and source validation.
4. What command must be issued on a Cisco router that will serve as an authoritative NTP server?
 ntp master 1
 ntp broadcast client
 clock set 11:00:00 DEC 20 2010
 ntp server 172.16.0.1
Explanation: Routers that will serve as NTP masters must be configured with the ntp mastercommand. A
client is configured with the ntp servercommand so that the client can locate the NTP master.
The ntp broadcast client command allows NTP to use to broadcast messages. The clock setcommand is used
to set the time on a router.
5. Which protocol or service can be configured to send unsolicited messages to alert the network
administrator about a network event such as an extremely high CPU utilization on a router?
 NetFlow
 NTP
 SNMP
 syslog
Explanation: SNMP can be used to collect and store information such as device CPU utilization. Syslog is used
to access and store system messages. Cisco developed NetFlow for the purpose of gathering statistics on packets
that are flowing through Cisco routers and multilayer switches. NTP is used to allow network devices to
synchronize time settings.
6. Which statement describes a syslog message severity level?
 A syslog alarm with a severity level of 7 indicates an emergency situation that can render the system
unusable.
 A syslog alarm at the severity level 4 and higher is sent to an external syslog server by default.
 A severity level 7 message is only accessible through the terminal line.
 Severity level 0 is the most critical severity level.
Explanation: The syslog severity levels increase in severity as the level number gets smaller. Level 0 is the
highest severity level and indicates an emergency situation that can render a system unusable. Syslog severity
level 7 is used for debugging messages.
7. What is an SNMP management agent?
 a database that a device keeps about network performance
 software that is installed on devices managed by SNMP
 a communication protocol that is used by SNMP
 a computer loaded with management software and used by an administrator to monitor a network
Explanation: A management station is used by an administrator for monitoring. An MIB is a database of
monitoring information. The Simple Network Management Protocol is the communications protocol that is used
between the management station and the management agents. Management agents run the software that enables
administrators to gather network performance data.
8. What are two characteristics of SNMP community strings? (Choose two.)
 SNMP read-only community strings can be used to get information from an SNMP-enabled device.
 If the manager sends one of the correct read-only community strings, it can get information and set
information in an agent.
 Commonly known community strings should be used when configuring secure SNMP.
 A vulnerability of SNMPv1, SNMPv2, and SNMPv3 is that they send the community strings in plaintext.
 SNMP read-write community strings can be used to set information on an SNMP-enabled device.
Explanation: There are two types of SNMP community strings, read-only and read-write. The read-only
community string allows the manager to get information from the agent and the read-write allows the manager
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
to get or set information in the agent.
9. A network administrator issues the copy tftp running-config command on a router. What is the
administrator trying to achieve?
 copy the configuration file from the RAM of the router to the TFTP server
 copy the configuration file from the NVRAM of the router to the TFTP server
 copy the configuration file from the TFTP server to the NVRAM of the router
 copy the configuration file from the TFTP server to the RAM of the router
Explanation: The running configuration file is located in RAM. The position of the keyword tftp within the
command indicates that the source of the file will be the tftp server, and the keyword running-configindicates
that the file will be placed in the RAM of the router.
10. What is a characteristic of the MIB?
 Information is organized in a flat manner so that SNMP can access it quickly.
 Information in the MIB cannot be changed.
 The OIDS are organized in a hierarchical structure.
 A separate MIB tree exists for any given device in the network.
Explanation: SNMP set, get, and trap messages are used to access and manipulate the information contained in
the MIB. This information is organized hierarchically so that SNMP can access it quickly. Each piece of
information within the MIB is given an object ID (OID), that is organized based on RFC standards into a
hierarchy of OIDs. The MIB tree for any given device includes branches with variables common to many
networking devices and branches with variables specific to that device or vendor.
11. What data would be saved and where would the data be placed if a network administrator issued the
following command? (Choose two.)

R1# copy startup-config tftp

 The data will be saved to a TFTP server.

 The data to be saved is the configuration that is stored in NVRAM.
 The data to be saved is the configuration that is stored on a TFTP server.
 The data to be saved is the configuration that is being modified in RAM.
 The data will be saved in RAM. The data will be saved in NVRAM.
Explanation: The syntax for the command is copy source destination. The source of startup-config is the
configuration saved in NVRAM. The destination of tftp is a TFTP server.
12. Which command would a network engineer use to restore the IOS image c1900-universalk9-
mz.SPA.152-4.M3.bin to a router?
 copy tftp: flash0:
 copy c1900-universalk9-mz.SPA.152-4.M3.bin tftp:
 copy flash0: c1900-universalk9-mz.SPA.152-4.M3.bin
 copy flash0: tftp:
Explanation: The command syntax to restore an IOS image is copy source destination, where, in this
case,source is a TFTP server and destination is the router flash memory. The image name (source filename) is
entered at a new prompt after the initial copy command is issued, not as a parameter of the copy command.
13. Why would a network administrator issue the show cdp neigbors command on a router?
 to display device ID and other information about directly connected Cisco devices
 to display line status and other information about directly connected Cisco devices
 to display routing table and other information about directly connected Cisco devices
 to display router ID and other information about OSPF neighbors
Explanation: The show cdp neighbors command provides information on directly connected Cisco devices
including Device ID, local interface, capability, platform, and port ID of the remote device.
14. What are SNMP trap messages?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  unsolicited messages that are sent by the SNMP agent and alert the NMS to a condition on the
network
 messages that are sent periodically by the NMS to the SNMP agents that reside on managed devices to
query the device for data
 messages that are used by the NMS to query the device for data
 messages that are used by the NMS to change configuration variables in the agent device
Explanation: A GET request is a message that is used by the NMS to query the device for data. A SET request
is a message that is used by the NMS to change configuration variables in the agent device. An NMS
periodically polls the SNMP agents residing on managed devices, by querying the device for data by using the
GET request.
15. Which of the following is one difference between CDP and LLDP?
 CDP can gather information from routers, switches, and wireless APs, whereas LLDP can only gather
information from routers and switches.
 CDP can obtain both Layer 2 and Layer 3 information, whereas LLDP
can only obtain Layer 2 information.
 CDP is a proprietary protocol, whereas LLDP is a vendor-neutral
protocol.
 CDP is enabled on an interface using two commands, while LLDP
requires only one command.
Explanation: LLDP requires two commands to configure an interface: lldp transmit and lldp receive.
16. A network administrator wants to configure a router so that only a specific interface will send and
receive CDP information. Which two configuration steps accomplish this? (Choose two.)
 R1(config)# no cdp enable
 R1(config)# no cdp run
 R1(config-if)# cdp enable
 R1(config-if)# cdp receive
 R1(config-if)# cdp transmit
Explanation: The no cdp enable command interface configuration command cannot be executed from a global
configuration prompt. Options D and E are invalid commands.
17. What is the configuration command to globally enable LLDP on a Cisco Catalyst switch?
 enable lldp
 feature lldp
 lldp enable
 lldp run
Explanation: Options A through C are invalid commands. The options to enable LLDP on interfaces are lldp
transmit and lldp receive.
18. Which option correctly enables LLDP on an interface?
 R1(config-if)# lldp enable
 R1(config-if)# lldp enable
R1(config-if)# lldp receive
 R1(config-if)# lldp receive
R1(config-if)# lldp transmit
 R1(config-if)# lldp enable
R1(config-if)# lldp receive
R1(config-if)# lldp transmit
Explanation: To enable LLDP on interfaces, use lldp transmit and lldp receive. The lldp run global
configuration command enables LLDP globally. Interface LLDP configuration commands override the global
command.
19. What are the most common syslog messages?
 Error messages about hardware or software malfunctions

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Link up and link down messages
 Output messages that are generated from debug output
 Messages that occur when a packet matches a parameter condition in an access control list
Explanation: These are all syslog messages, but the most common ones are link up and link down messages.
20. Which syslog logging severity level indicates that a device is unusable?
 Level 0-Emergency
 Level 1-Alert
 Level 2-Critical
 Level 3-Error
Explanation: The smaller the level numbers, the more critical the alarms. Emergency-Level 0 messages
indicate that the system is unusable. This would be an event that has halted the system. Alert-Level 1 messages
indicate that immediate action is needed, as in the case of a failed connection to the ISP. Critical-Level 2
messages indicate a critical condition, such as the failure of a backup connection to the ISP. Error-Level 3
messages indicate error conditions, such as an interface being down.
21. Which protocol or service allows network administrators to receive system messages that are
provided by network devices?
 NTP
 NetFlow
 SNMP
 Syslog
Explanation: Cisco developed NetFlow for the purpose of gathering statistics on packets flowing through
Cisco routers and multilayer switches. SNMP can be used to collect and store information about a device.
Syslog is used to access and store system messages. NTP is used to allow network devices to synchronize time
settings.
22. Which syslog message type is accessible only to an administrator via the Cisco CLI?
 Alerts
 Debugging
 Emergency
 Errors
Explanation: Syslog messages can be sent to the logging buffer, the console line, the terminal line, or a syslog
server. However, debug-level messages are only forwarded to the internal buffer and are accessible only
through the Cisco CLI.
23. Which default destination do Cisco routers and switches use to send Syslog messages?
 Console
 Nearest syslog server
 NVRAM
 RAM
Explanation: The console receives all syslog messages by default. Syslog messages for Cisco routers and
switches can be sent to memory, the console, a tty line, or a syslog server.
24. What is the result of configuring the logging trap 4 global configuration command?
 The syslog client sends to the syslog server any event message that has a severity level of 4 or lower.
 The syslog client sends to the syslog server event messages with an identification trap level of only 4.
 The syslog client sends to the syslog server any event message that has a severity level of 4 or higher.
 After four events, the syslog client sends an event message to the syslog server.
Explanation: The logging trap level allows a network administrator to limit event messages that are being sent
to a syslog server based on severity.
25. The ntp server 10.1.1.1 global configuration command is issued on router R1. What impact does this
command have?
 Identifies the NTP server that R1 will send system log messages to
 Identifies the NTP server that R1 will use to store backup configurations

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Identifies R1 as the NTP server using IP address 10.1.1.1
 Synchronizes the clock of R1 with the time server at IP address 10.1.1.1
Explanation: Option A is for syslog, B for TFTP, and the explanation for C is incorrect.
26. Which two statements are true about NTP servers in an enterprise network? (Choose two.)
 All NTP servers synchronize directly to a stratum 1 time source.
 NTP servers at stratum 1 are directly connected to an authoritative time source.
 NTP servers control the mean time between failures (MTBF) for key network devices.
 NTP servers ensure an accurate timestamp on logging and debugging information.
 There can be only one NTP server on an enterprise network.
Explanation: A is incorrect. NTP has nothing to do with MTBF, and multiple NTP servers can be identified for
redundancy.
27. What can a network administrator do to access a router if the password has been lost?
 Access the router remotely through Telnet and use the show running-config command.
 Boot the router into ROMMON mode and reinstall IOS from a TFTP server.
 From ROMMON mode, configure the router to ignore the startup configuration when the router
initializes.
 Reboot the router and use the break key sequence to bypass the password during IOS bootup.
Explanation: ROMMON mode must be accessed to perform password recovery on a router.
28. What is the result of configuring the confreg 0x2142 command at the rommon 1> prompt?
 Contents in NVRAM are erased.
 Contents in NVRAM are ignored.
 Contents in RAM are erased.
 Contents in RAM are ignored.
Explanation: With the configuration register at 0x2142, the device ignores the startup configuration file during
startup, and the startup configuration file is where the forgotten passwords are stored.
29. A network technician is attempting a password recovery on a router. From ROMMON mode, which
command must be entered to bypass the startup configuration file?
 rommon> config-register 0x2102
 rommon> confreg 0x2102
 rommon> config-register 0x2142
 rommon> confreg 0x2142
Explanation: Options A and C are global configuration commands, and Option B is the default setting and
looks for the startup configuration file.
30. What must an administrator have in order to reset a lost password on a router?
 A crossover cable
 A TFTP server
 Access to another router
 Physical access to the router
Explanation: An administrator must have physical access to the device along with a console connection to
perform password recovery.
31. A network engineer is upgrading the Cisco IOS image on a 2900 Series ISR. What command could
the engineer use to verify the total amount of flash memory as well as how much flash memory is
currently available?
 show boot memory
 show flash0:
 show interfaces
 show startup-config
 show version
Explanation: The show flash0: command displays the amount of flash available (free) and the amount of flash
used. The command also displays the files stored in flash, including their size and when they were copied.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
32. Which two conditions should a network administrator verify before attempting to upgrade a Cisco
IOS image using a TFTP server? (Choose two.)
 Verify connectivity between the router and TFTP server by using the ping command.
 Verify that the checksum for the image is valid by using the show version command.
 Verify that the TFTP server is running by using the tftpdnld command.
 Verify the name of the TFTP server by using the show hosts command.
 Verify that there is enough flash memory for the new Cisco IOS image by using the show flash
command.
Explanation: To upgrade Cisco IOS, you need the device IOS image file located on a reachable TFTP server.
Image files are copied to flash memory. Therefore, it is important to verify the amount of flash memory
available on the device.
33. Which statement describes SNMP operation?
 The SNMP agent uses a get request to query the device for data.
 The NMS uses a set request to change configuration variables in the agent device.
 An NMS periodically polls the SNMP agents that are residing on managed devices by using traps to query
the devices for data.
 An SNMP agent that resides on a managed device collects information about the device and stores that
information remotely in the MIB that is located on the NMS.
Explanation: An SNMP agent that resides on a managed device collects and stores information about the
device and its operation. This information is stored by the agent locally in the MIB. An NMS periodically polls
the SNMP agents that are residing on managed devices by using the get request to query the devices for data.
The NMS uses a set request to change the configuration in the agent device or to initiate actions within a device.
34. Which SNMP feature provides a solution to the main disadvantage of SNMP polling?
 SNMP community strings
 SNMP get messages
 SNMP set messages
 SNMP trap messages
Explanation: To solve the issue of the delay that exists between when an event occurs and the time when it is
noticed via polling by the NMS, you can use SNMP trap messages. SNMP trap messages are generated from
SNMP agents and are sent to the NMS immediately to inform it of certain events without requiring a` wait for
the device to be polled by the NMS.
35. Which SNMP version uses weak community stringbased access control and supports bulk retrieval?
 SNMPv1
 SNMPv2c
 SNMPv3
 SNMPv2Classic
Explanation: Both SNMPv1 and SNMPv2c use a communitybased form of security consisting of community
strings. However, these are plaintext passwords and are not considered a strong security mechanism. Version 1
is a legacy solution and not often encountered in networks today.
…………………………………………………………………………..
1. What are two reasons for an administrator to issue the copy running-config tftp command on a switch
or router? (Choose two.)
 to force an automatic reload of the device
 to have a backup of the running configuration file in the router
 to overwrite the current configuration
 to transfer the current configuration file to a server
 to save the running configuration file to a remote location
Explanation: The copy running-config tftp command is used to copy the current configuration file to a TFTP
server.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

2. What information can be gathered about a neighbor device from the show cdp neighbors detail
command that cannot be found with the show cdp neighbors command?
 the platform that is used by the neighbor
 the IP address of the neighbor
 the capabilities of the neighbor
 the hostname of the neighbor
Explanation: The show cdp neighbors detail command will display the IP address of the neighbor. The show
cdp neighbors command displays the platform, capabilities, and name of neighbors, but does not specify IP
addresses.
3. When SNMPv1 or SNMPv2 is being used, which feature provides secure access to MIB objects?
 message integrity
 community strings
 packet encryption
 source validation
Explanation: SNMPv1 and SNMPv2 use community strings to control access to the MIB. SNMPv3 uses
encryption, message integrity, and source validation.
4. What command must be issued on a Cisco router that will serve as an authoritative NTP server?
 ntp master 1
 ntp broadcast client
 clock set 11:00:00 DEC 20 2010
 ntp server 172.16.0.1
Explanation: Routers that will serve as NTP masters must be configured with the ntp mastercommand. A
client is configured with the ntp servercommand so that the client can locate the NTP master.
The ntp broadcast client command allows NTP to use to broadcast messages. The clock setcommand is used
to set the time on a router.
5. Which protocol or service can be configured to send unsolicited messages to alert the network
administrator about a network event such as an extremely high CPU utilization on a router?
 NetFlow
 NTP
 SNMP
 syslog
Explanation: SNMP can be used to collect and store information such as device CPU utilization. Syslog is used
to access and store system messages. Cisco developed NetFlow for the purpose of gathering statistics on packets
that are flowing through Cisco routers and multilayer switches. NTP is used to allow network devices to
synchronize time settings.
6. Which statement describes a syslog message severity level?
 A syslog alarm with a severity level of 7 indicates an emergency situation that can render the system
unusable.
 A syslog alarm at the severity level 4 and higher is sent to an external syslog server by default.
 A severity level 7 message is only accessible through the terminal line.
 Severity level 0 is the most critical severity level.
Explanation: The syslog severity levels increase in severity as the level number gets smaller. Level 0 is the
highest severity level and indicates an emergency situation that can render a system unusable. Syslog severity
level 7 is used for debugging messages.
7. What is an SNMP management agent?
 a database that a device keeps about network performance
 software that is installed on devices managed by SNMP
 a communication protocol that is used by SNMP
 a computer loaded with management software and used by an administrator to monitor a network
Explanation: A management station is used by an administrator for monitoring. An MIB is a database of
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
monitoring information. The Simple Network Management Protocol is the communications protocol that is used
between the management station and the management agents. Management agents run the software that enables
administrators to gather network performance data.
8. What are two characteristics of SNMP community strings? (Choose two.)
 SNMP read-only community strings can be used to get information from an SNMP-enabled device.
 If the manager sends one of the correct read-only community strings, it can get information and set
information in an agent.
 Commonly known community strings should be used when configuring secure SNMP.
 A vulnerability of SNMPv1, SNMPv2, and SNMPv3 is that they send the community strings in plaintext.
 SNMP read-write community strings can be used to set information on an SNMP-enabled device.
Explanation: There are two types of SNMP community strings, read-only and read-write. The read-only
community string allows the manager to get information from the agent and the read-write allows the manager
to get or set information in the agent.
9. A network administrator issues the copy tftp running-config command on a router. What is the
administrator trying to achieve?
 copy the configuration file from the RAM of the router to the TFTP server
 copy the configuration file from the NVRAM of the router to the TFTP server
 copy the configuration file from the TFTP server to the NVRAM of the router
 copy the configuration file from the TFTP server to the RAM of the router
Explanation: The running configuration file is located in RAM. The position of the keyword tftp within the
command indicates that the source of the file will be the tftp server, and the keyword running-configindicates
that the file will be placed in the RAM of the router.
10. What is a characteristic of the MIB?
 Information is organized in a flat manner so that SNMP can access it quickly.
 Information in the MIB cannot be changed.
 The OIDS are organized in a hierarchical structure.
 A separate MIB tree exists for any given device in the network.
Explanation: SNMP set, get, and trap messages are used to access and manipulate the information contained in
the MIB. This information is organized hierarchically so that SNMP can access it quickly. Each piece of
information within the MIB is given an object ID (OID), that is organized based on RFC standards into a
hierarchy of OIDs. The MIB tree for any given device includes branches with variables common to many
networking devices and branches with variables specific to that device or vendor.
11. What data would be saved and where would the data be placed if a network administrator issued the
following command? (Choose two.)

R1# copy startup-config tftp

 The data will be saved to a TFTP server.

 The data to be saved is the configuration that is stored in NVRAM.
 The data to be saved is the configuration that is stored on a TFTP server.
 The data to be saved is the configuration that is being modified in RAM.
 The data will be saved in RAM. The data will be saved in NVRAM.
Explanation: The syntax for the command is copy source destination. The source of startup-config is the
configuration saved in NVRAM. The destination of tftp is a TFTP server.
12. Which command would a network engineer use to restore the IOS image c1900-universalk9-
mz.SPA.152-4.M3.bin to a router?
 copy tftp: flash0:
 copy c1900-universalk9-mz.SPA.152-4.M3.bin tftp:
 copy flash0: c1900-universalk9-mz.SPA.152-4.M3.bin
 copy flash0: tftp:

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: The command syntax to restore an IOS image is copy source destination, where, in this
case,source is a TFTP server and destination is the router flash memory. The image name (source filename) is
entered at a new prompt after the initial copy command is issued, not as a parameter of the copy command.
13. Why would a network administrator issue the show cdp neigbors command on a router?
 to display device ID and other information about directly connected Cisco devices
 to display line status and other information about directly connected Cisco devices
 to display routing table and other information about directly connected Cisco devices
 to display router ID and other information about OSPF neighbors
Explanation: The show cdp neighbors command provides information on directly connected Cisco devices
including Device ID, local interface, capability, platform, and port ID of the remote device.
14. What are SNMP trap messages?
 unsolicited messages that are sent by the SNMP agent and alert the NMS to a condition on the
network
 messages that are sent periodically by the NMS to the SNMP agents that reside on managed devices to
query the device for data
 messages that are used by the NMS to query the device for data
 messages that are used by the NMS to change configuration variables in the agent device
Explanation: A GET request is a message that is used by the NMS to query the device for data. A SET request
is a message that is used by the NMS to change configuration variables in the agent device. An NMS
periodically polls the SNMP agents residing on managed devices, by querying the device for data by using the
GET request.
15. Which of the following is one difference between CDP and LLDP?
 CDP can gather information from routers, switches, and wireless APs, whereas LLDP can only gather
information from routers and switches.
 CDP can obtain both Layer 2 and Layer 3 information, whereas LLDP
can only obtain Layer 2 information.
 CDP is a proprietary protocol, whereas LLDP is a vendor-neutral
protocol.
 CDP is enabled on an interface using two commands, while LLDP
requires only one command.
Explanation: LLDP requires two commands to configure an interface: lldp transmit and lldp receive.
16. A network administrator wants to configure a router so that only a specific interface will send and
receive CDP information. Which two configuration steps accomplish this? (Choose two.)
 R1(config)# no cdp enable
 R1(config)# no cdp run
 R1(config-if)# cdp enable
 R1(config-if)# cdp receive
 R1(config-if)# cdp transmit
Explanation: The no cdp enable command interface configuration command cannot be executed from a global
configuration prompt. Options D and E are invalid commands.
17. What is the configuration command to globally enable LLDP on a Cisco Catalyst switch?
 enable lldp
 feature lldp
 lldp enable
 lldp run
Explanation: Options A through C are invalid commands. The options to enable LLDP on interfaces are lldp
transmit and lldp receive.
18. Which option correctly enables LLDP on an interface?
 R1(config-if)# lldp enable

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  R1(config-if)# lldp enable
R1(config-if)# lldp receive
 R1(config-if)# lldp receive
R1(config-if)# lldp transmit
 R1(config-if)# lldp enable
R1(config-if)# lldp receive
R1(config-if)# lldp transmit
Explanation: To enable LLDP on interfaces, use lldp transmit and lldp receive. The lldp run global
configuration command enables LLDP globally. Interface LLDP configuration commands override the global
command.
19. What are the most common syslog messages?
 Error messages about hardware or software malfunctions
 Link up and link down messages
 Output messages that are generated from debug output
 Messages that occur when a packet matches a parameter condition in an access control list
Explanation: These are all syslog messages, but the most common ones are link up and link down messages.
20. Which syslog logging severity level indicates that a device is unusable?
 Level 0-Emergency
 Level 1-Alert
 Level 2-Critical
 Level 3-Error
Explanation: The smaller the level numbers, the more critical the alarms. Emergency-Level 0 messages
indicate that the system is unusable. This would be an event that has halted the system. Alert-Level 1 messages
indicate that immediate action is needed, as in the case of a failed connection to the ISP. Critical-Level 2
messages indicate a critical condition, such as the failure of a backup connection to the ISP. Error-Level 3
messages indicate error conditions, such as an interface being down.
21. Which protocol or service allows network administrators to receive system messages that are
provided by network devices?
 NTP
 NetFlow
 SNMP
 Syslog
Explanation: Cisco developed NetFlow for the purpose of gathering statistics on packets flowing through
Cisco routers and multilayer switches. SNMP can be used to collect and store information about a device.
Syslog is used to access and store system messages. NTP is used to allow network devices to synchronize time
settings.
22. Which syslog message type is accessible only to an administrator via the Cisco CLI?
 Alerts
 Debugging
 Emergency
 Errors
Explanation: Syslog messages can be sent to the logging buffer, the console line, the terminal line, or a syslog
server. However, debug-level messages are only forwarded to the internal buffer and are accessible only
through the Cisco CLI.
23. Which default destination do Cisco routers and switches use to send Syslog messages?
 Console
 Nearest syslog server
 NVRAM
 RAM
Explanation: The console receives all syslog messages by default. Syslog messages for Cisco routers and
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
switches can be sent to memory, the console, a tty line, or a syslog server.
24. What is the result of configuring the logging trap 4 global configuration command?
 The syslog client sends to the syslog server any event message that has a severity level of 4 or lower.
 The syslog client sends to the syslog server event messages with an identification trap level of only 4.
 The syslog client sends to the syslog server any event message that has a severity level of 4 or higher.
 After four events, the syslog client sends an event message to the syslog server.
Explanation: The logging trap level allows a network administrator to limit event messages that are being sent
to a syslog server based on severity.
25. The ntp server 10.1.1.1 global configuration command is issued on router R1. What impact does this
command have?
 Identifies the NTP server that R1 will send system log messages to
 Identifies the NTP server that R1 will use to store backup configurations
 Identifies R1 as the NTP server using IP address 10.1.1.1
 Synchronizes the clock of R1 with the time server at IP address 10.1.1.1
Explanation: Option A is for syslog, B for TFTP, and the explanation for C is incorrect.
26. Which two statements are true about NTP servers in an enterprise network? (Choose two.)
 All NTP servers synchronize directly to a stratum 1 time source.
 NTP servers at stratum 1 are directly connected to an authoritative time source.
 NTP servers control the mean time between failures (MTBF) for key network devices.
 NTP servers ensure an accurate timestamp on logging and debugging information.
 There can be only one NTP server on an enterprise network.
Explanation: A is incorrect. NTP has nothing to do with MTBF, and multiple NTP servers can be identified for
redundancy.
27. What can a network administrator do to access a router if the password has been lost?
 Access the router remotely through Telnet and use the show running-config command.
 Boot the router into ROMMON mode and reinstall IOS from a TFTP server.
 From ROMMON mode, configure the router to ignore the startup configuration when the router
initializes.
 Reboot the router and use the break key sequence to bypass the password during IOS bootup.
Explanation: ROMMON mode must be accessed to perform password recovery on a router.
28. What is the result of configuring the confreg 0x2142 command at the rommon 1> prompt?
 Contents in NVRAM are erased.
 Contents in NVRAM are ignored.
 Contents in RAM are erased.
 Contents in RAM are ignored.
Explanation: With the configuration register at 0x2142, the device ignores the startup configuration file during
startup, and the startup configuration file is where the forgotten passwords are stored.
29. A network technician is attempting a password recovery on a router. From ROMMON mode, which
command must be entered to bypass the startup configuration file?
 rommon> config-register 0x2102
 rommon> confreg 0x2102
 rommon> config-register 0x2142
 rommon> confreg 0x2142
Explanation: Options A and C are global configuration commands, and Option B is the default setting and
looks for the startup configuration file.
30. What must an administrator have in order to reset a lost password on a router?
 A crossover cable
 A TFTP server
 Access to another router
 Physical access to the router

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: An administrator must have physical access to the device along with a console connection to
perform password recovery.
31. A network engineer is upgrading the Cisco IOS image on a 2900 Series ISR. What command could
the engineer use to verify the total amount of flash memory as well as how much flash memory is
currently available?
 show boot memory
 show flash0:
 show interfaces
 show startup-config
 show version
Explanation: The show flash0: command displays the amount of flash available (free) and the amount of flash
used. The command also displays the files stored in flash, including their size and when they were copied.
32. Which two conditions should a network administrator verify before attempting to upgrade a Cisco
IOS image using a TFTP server? (Choose two.)
 Verify connectivity between the router and TFTP server by using the ping command.
 Verify that the checksum for the image is valid by using the show version command.
 Verify that the TFTP server is running by using the tftpdnld command.
 Verify the name of the TFTP server by using the show hosts command.
 Verify that there is enough flash memory for the new Cisco IOS image by using the show flash
command.
Explanation: To upgrade Cisco IOS, you need the device IOS image file located on a reachable TFTP server.
Image files are copied to flash memory. Therefore, it is important to verify the amount of flash memory
available on the device.
33. Which statement describes SNMP operation?
 The SNMP agent uses a get request to query the device for data.
 The NMS uses a set request to change configuration variables in the agent device.
 An NMS periodically polls the SNMP agents that are residing on managed devices by using traps to query
the devices for data.
 An SNMP agent that resides on a managed device collects information about the device and stores that
information remotely in the MIB that is located on the NMS.
Explanation: An SNMP agent that resides on a managed device collects and stores information about the
device and its operation. This information is stored by the agent locally in the MIB. An NMS periodically polls
the SNMP agents that are residing on managed devices by using the get request to query the devices for data.
The NMS uses a set request to change the configuration in the agent device or to initiate actions within a device.
34. Which SNMP feature provides a solution to the main disadvantage of SNMP polling?
 SNMP community strings
 SNMP get messages
 SNMP set messages
 SNMP trap messages
Explanation: To solve the issue of the delay that exists between when an event occurs and the time when it is
noticed via polling by the NMS, you can use SNMP trap messages. SNMP trap messages are generated from
SNMP agents and are sent to the NMS immediately to inform it of certain events without requiring a` wait for
the device to be polled by the NMS.
35. Which SNMP version uses weak community stringbased access control and supports bulk retrieval?
 SNMPv1
 SNMPv2c
 SNMPv3
 SNMPv2Classic
Explanation: Both SNMPv1 and SNMPv2c use a communitybased form of security consisting of community
strings. However, these are plaintext passwords and are not considered a strong security mechanism. Version 1
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
is a legacy solution and not often encountered in networks today.
……………………………………………………………………………
1. Which cost-effective physical network topology design is recommended when building a three-tier
campus network that connects three buildings?
 mesh
 dual ring
 extended star
 bus
Explanation: For efficiency, scalability, and cost-effectiveness, building an extended star topology from a
centralized site to all other campus sites is recommended. A mesh topology is much more expensive, and bus
and dual ring topologies are more difficult to troubleshoot and maintain.
2. How much traffic is a 48-port gigabit switch capable of switching when operating at full wire speed?
 48 Gb/s, by providing full bandwidth to each port
 1 Gb/s, because data can only be forwarded from one port at a time
 44 Gb/s, due to overhead requirements
 24 Gb/s, because this is the maximum forwarding rate on Cisco switches
Explanation: A switch operating at full wire speed is capable of switching the cumulative amount of each port
on the switch. A 48-port gigabit switch could forward (48 x 1 Gb/s = 48 Gb/s) of data. Forwarding rates are
determined based on the capabilities of each switch.
3. What is the term that is used for the area of a network that is affected when a device or network
service experiences problems?
 collision domain
 user domain
 failure domain
 broadcast domain
Explanation: A failure domain is a portion of the network that is affected when a device or service fails or
experiences problems.
4. Which type of router would an enterprise use to allow customers to access content anytime and
anyplace, regardless of whether they are at home or work?
 branch routers
 network edge routers
 modular routers
 service provider routers
Explanation: Network edge routers provide customer interactivity, personalization, and mobility. Wherever
customers can access an Internet connection, they can access their content. Branch routers provide simple
network configuration and management while maintaining highly available networks. Modular routers are used
to provide greater flexibility in which interfaces are used during network design and installation. Service
provider routers provide end-to-end scalable solutions. Customers do not remotely access or connect directly to
a service provider router.
5. Which design feature will limit the size of a failure domain in an enterprise network?
 the purchase of enterprise equipment that is designed for large traffic volume
 the installation of redundant power supplies
 the use of a collapsed core design
 the use of the building switch block approach
Explanation: In order to best limit the of a failure domain, routers or multilayer switches can be deployed in
pairs. The failure of a single device should not cause the network to go down. Installing redundant power
supplies may protect a single device from a power failure, but if that device suffers from another type of
problem, a redundant device would have been a better solution. Purchasing enterprise equipment that handles
large flows of traffic will not provide extra reliability in times of an outage. If a collapsed core design is used,

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

the core and distribution are collapsed into a single device, increasing the chance of a devastating outage.
6. What is a function of the distribution layer?
 fault isolation
 network access to the user
 high-speed backbone connectivity
 interconnection of large-scale networks in wiring closets
Explanation: The distribution layer interacts between the access layer and the core by aggregating access layer
connections in wiring closets, providing intelligent routing and switching, and applying access policies to access
the rest of the network. Fault isolation and high-speed backbone connectivity are the primary functions of the
core layer. The main function of the access layer is to provide network access to the user.
7. What is the function of PoE pass-through?
 allows switches, phones, and wireless access points to receive power over existing Ethernet cables
from an upstream switch
 allows a multilayer switch to forward IP packets at a rate close to that of Layer 2 switching by bypassing
the CPU
 allows multiple physical switch ports to be aggregated together and act as a single logical to increase
bandwidth on trunk links
 allows a switch to disable redundant Layer 2 paths in the topology to prevent Layer 2 loops
Explanation: PoE or Power over Ethernet allows devices such as wireless access-points and IP phones to
receive power from PoE enabled switch ports. PoE pass-through allows a switch to receive power from an
upstream switch and pass it through to PoE devices.
8. Which function is supplied by the access layer in a three-layer network design?
 application of policies
 network access
 routing
 high-speed connectivity
 backbone connectivity
Explanation: The main purpose of devices in the access layer is to supply network access to end users.
Distribution layer devices provide services such as routing and policy functions. The core layer provides high-
speed backbone connectivity.
9. Which action should be taken when planning for redundancy on a hierarchical network design?
 Add alternate physical paths for data to traverse the network.
 Purchase backup equipment for every network device at the distribution layer.
 Immediately replace a nonfunctioning module, service ,or device on a network.
 Implement STP PortFast between the switches on the network.
Explanation: One method of implementing redundancy is path redundancy, which means installing alternate
physical paths for data to traverse the network. Redundant links in a switched network support high availability
and can be used for load balancing, thus reducing congestion on the network.
10. What is a collapsed core in a network design?
 a combination of the functionality of the access, distribution, and core layers
 a combination of the functionality of the access and distribution layers
 a combination of the functionality of the distribution and core layers
 a combination of the functionality of the access and core layers
Explanation: A collapsed core design is appropriate for a small, single building business. This type of design
uses two layers (the collapsed core and distribution layers consolidated into one layer and the access layer).
Larger businesses use the traditional three-tier switch design model.
11. What is the name of the layer in the Cisco borderless switched network design that is considered to be
the backbone used for high-speed connectivity and fault isolation?
 network
 core

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  data link
 access
 network access
Explanation: The three layers of the Cisco borderless switch network design are access, distribution, and core.
The access layer switches are the ones used to connect end devices to the network. The distribution layer
switches accept connections from access layer switches and provides switching, routing, and access policy
functions. The core layer is called the backbone and core switches commonly have high-speed redundant
connections.
12. Which technology is required when switched networks are designed to include redundant links?
 Spanning Tree Protocol
 virtual LANs
 virtual private networks
 link aggregation
Explanation: Spanning Tree Protocol (STP) is required when switched networks include redundant Layer 2
links. VLANs, VPNs, and link aggregation are not related to link redundancy in network design.
13. Which feature could be used in a network design to increase the bandwidth by combining multiple
physical links into a single logical link?
 trunk ports
 VLANs
 subinterfaces
 EtherChannel
Explanation: VLANs create several groups of users which use a single physical link. Trunk ports are single
physical links. Subinterfaces allow one physical link to be used to create several logical links. EtherChannel
provides the ability to combine multiple physical links into a single logical link.
14. Which statement describes a characteristic of Cisco Catalyst 2960 switches?
 New Cisco Catalyst 2960-C switches support PoE pass-through.
 They are best used as distribution layer switches.
 They do not support an active switched virtual interface (SVI) with IOS versions prior to 15.x.
 They are modular switches.
Explanation: Cisco Catalyst 2960 switches support one active switched virtual interface (SVI) with IOS
versions prior to 15.x. They are commonly used as access layer switches and they are fixed configuration
switches.
15. Which network design solution will best extend access layer connectivity to host devices?
 implementing wireless connectivity
 implementing redundancy
 implementing EtherChannel
 implementing routing protocols
Explanation: EtherChannel allows more data to be moved at the access layer, but does not provide network
expansion. Redundancy is used to provide failover solutions but does not focus on network expansion. Routing
protocols are not used to provide network expansion at the access layer. Wireless connectivity provides network
access to a large number of users at the access layer.
16. What is a basic function of the Cisco Borderless Networks architecture distribution layer?
 Acting as a backbone
 Aggregating all the campus blocks
 Aggregating Layer 2 and Layer 3 routing boundaries
 Providing access to end-user devices
Explanation: One of the basic functions of the distribution layer of the Cisco Borderless Networks architecture
is to perform routing between different VLANs. Acting as a backbone and aggregating campus blocks are
functions of the core layer. Providing access to end-user devices is a function of the access layer.
17. Which two previously independent technologies should a network administrator attempt to combine
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
after choosing to upgrade to a converged network infrastructure? (Choose two.)
 Electrical system
 Mobile cell phone traffic
 Scanners and printers
 User data traffic
 VoIP phone traffic
Explanation: A converged network provides a single infrastructure that combines voice, video, and data.
Analog phones, user data, and point-to-point video traffic are all contained within the single network
infrastructure of a converged network.
18. How is a two-tier LAN network design implemented?
 The access, distribution, and core layers are collapsed into one tier to separate the backbone layer.
 The access and core layers are collapsed into one tier, and the distribution layer is on a separate tier.
 The access and distribution layers are collapsed into one tier, and the core layer is on a separate tier.
 The distribution and core layers are collapsed into one tier, and the access layer is on a separate tier.
Explanation: Maintaining three separate network tiers is not always required or cost-efficient. All network
designs require an access layer, but a two-tier design can collapse the distribution and core layers into one layer
to serve the needs of a small location with few users.
19. A local law firm is redesigning the company network so that all 20 employees can be connected to a
LAN and to the internet. The law firm would prefer a low-cost and easy solution for the project. What
type of switch should be selected?
 fixed configuration
 modular configuration
 stackable configuration
 data center switch
 service provider switch
Explanation: A fixed-configuration switch would meet all the requirements of the law firm in this example.
20. What is one function of a Layer 2 switch?
 determining which interface is used to forward a frame, based on the destination MAC address
 duplicating the electrical signal of each frame to every port
 forwarding data based on logical addressing
 learning the port assigned to a host by examining the destination MAC address
Explanation: A switch builds a table of MAC addresses and associated port numbers by examining the source
MAC addresses found in inbound frames. To forward a frame onward, the switch examines the destination
MAC address, looks in the MAC address for a port number associated with that destination MAC address, and
sends it to the specific port. If the destination MAC address is not in the table, the switch forwards the frame out
all ports except the inbound port that originated the frame.
21. Which network device can be used to eliminate collisions on an Ethernet network?
 Hub
 NIC
 Switch
 Wireless access point
Explanation: A switch provides microsegmentation so that no other devices compete for the same Ethernet
network bandwidth.
22. Which type of address does a switch use to build the MAC address table?
 Destination IP address
 Destination MAC address
 Source IP address
 Source MAC address
Explanation: When a switch receives a frame with a source MAC address that is not in the MAC address table,
the switch adds that MAC address to the table and maps that address to a specific port. Switches do not use IP
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
addressing in the MAC address table.
23. What are two reasons a network administrator would segment a network with a Layer 2 switch?
(Choose two.)
 To create fewer collision domains
 To create more broadcast domains
 To eliminate virtual circuits
 To enhance user bandwidth
 To isolate ARP request messages from the rest of the network
 To isolate traffic between segments
Explanation: A switch has the ability to create temporary point-to-point connections between the directly
attached transmitting and receiving network devices. The two devices have full-bandwidth, full-duplex
connectivity during the transmission. Segmentation adds collision domains to reduce collisions.
24. Which statement describes the microsegmentation feature of a LAN switch?
 All ports inside the switch form one collision domain.
 Each port forms a collision domain.
 Frame collisions are forwarded.
 The switch does not forward broadcast frames.
Explanation: When a LAN switch with the microsegmentation feature is used, each port represents a segment,
which in turns forms a collision domain. If each port is connected with an end-user device, there will be no
collisions. However, if multiple end devices are connected to a hub and the hub is connected to a port on the
switch, some collisions will occur in that particular segment-but not beyond it.
25. A ____________________ network is one that uses the same infrastructure to carry voice, data, and
video signals.
 converged
26. In the Cisco enterprise architecture, which two functional parts of the network are combined to form
a collapsed core design? (Choose two.)
 Access layer
 Core layer
 Distribution layer
 Enterprise edge
 Provider edge
Explanation: The Cisco enterprise architecture consists of a hierarchical design. The network is divided into
three functional layers: core, distribution, and access. In smaller networks, this three-layer division of functional
layers is collapsed into two layers, with the core and distribution layers combined to form a collapsed core.
27. What are two benefits of extending access layer connectivity to users through a wireless medium?
(Choose two.)
 Decreased number of critical points of failure
 Increased bandwidth availability
 Increased flexibility
 Increased network management options
 Reduced costs
Explanation: Providing wireless connectivity offers many advantages, such as increased flexibility, reduced
costs, and the ability to grow and adapt to changing network and business requirements.
28. As the network administrator, you have been asked to implement EtherChannel on the corporate
network. What does this configuration involve?
 Grouping multiple physical ports to increase bandwidth between two switches
 Grouping two devices to share a virtual IP address
 Providing redundant devices to allow traffic to flow in the event of device failure
 Providing redundant links that dynamically block or forward traffic
Explanation: Link aggregation allows an administrator to increase the amount of bandwidth between devices
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
by creating one logical link by grouping several physical links together. EtherChannel is a form of link
aggregation used in switched networks.
29. Which statement describes Cisco Meraki switches?
 They are campus LAN switches that perform the same functions as Cisco 2960 switches.
 They are cloud-managed access switches that enable virtual stacking of switches.
 They are service provider switches that aggregate traffic at the edge of the network.
 They promote infrastructure scalability, operational continuity, and transport flexibility.
Explanation: Cisco Meraki cloud-managed access switches enable virtual stacking of switches. They monitor
and configure thousands of switch ports over the web, without the intervention of onsite IT staff.
30. What term is used to describe the thickness or height of a switch?
 Domain size
 Module size
 Port density
 Rack unit
Explanation: The thickness of a switch determines how much space on the rack it will take up and is measured
in rack units.
31. What are two functions of a router? (Choose two.)
 It connects multiple IP networks.
 It controls the flow of data via the use of Layer 2 addresses.
 It determines the best path for sending packets.
 It increases the size of the broadcast domain.
 It manages the VLAN database.
Explanation: Routers play a critical role in networking by determining the best path for sending packets. They
connect multiple IP networks by connecting homes and businesses to the internet. They are also used to
interconnect multiple sites within an enterprise network, providing redundant paths to destinations. Routers can
also act as translators between different media types and protocols.
………………………………………………………………………………….
1. Which cost-effective physical network topology design is recommended when building a three-tier
campus network that connects three buildings?
 mesh
 dual ring
 extended star
 bus
Explanation: For efficiency, scalability, and cost-effectiveness, building an extended star topology from a
centralized site to all other campus sites is recommended. A mesh topology is much more expensive, and bus
and dual ring topologies are more difficult to troubleshoot and maintain.
2. How much traffic is a 48-port gigabit switch capable of switching when operating at full wire speed?
 48 Gb/s, by providing full bandwidth to each port
 1 Gb/s, because data can only be forwarded from one port at a time
 44 Gb/s, due to overhead requirements
 24 Gb/s, because this is the maximum forwarding rate on Cisco switches
Explanation: A switch operating at full wire speed is capable of switching the cumulative amount of each port
on the switch. A 48-port gigabit switch could forward (48 x 1 Gb/s = 48 Gb/s) of data. Forwarding rates are
determined based on the capabilities of each switch.
3. What is the term that is used for the area of a network that is affected when a device or network
service experiences problems?
 collision domain
 user domain
 failure domain

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  broadcast domain
Explanation: A failure domain is a portion of the network that is affected when a device or service fails or
experiences problems.
4. Which type of router would an enterprise use to allow customers to access content anytime and
anyplace, regardless of whether they are at home or work?
 branch routers
 network edge routers
 modular routers
 service provider routers
Explanation: Network edge routers provide customer interactivity, personalization, and mobility. Wherever
customers can access an Internet connection, they can access their content. Branch routers provide simple
network configuration and management while maintaining highly available networks. Modular routers are used
to provide greater flexibility in which interfaces are used during network design and installation. Service
provider routers provide end-to-end scalable solutions. Customers do not remotely access or connect directly to
a service provider router.
5. Which design feature will limit the size of a failure domain in an enterprise network?
 the purchase of enterprise equipment that is designed for large traffic volume
 the installation of redundant power supplies
 the use of a collapsed core design
 the use of the building switch block approach
Explanation: In order to best limit the of a failure domain, routers or multilayer switches can be deployed in
pairs. The failure of a single device should not cause the network to go down. Installing redundant power
supplies may protect a single device from a power failure, but if that device suffers from another type of
problem, a redundant device would have been a better solution. Purchasing enterprise equipment that handles
large flows of traffic will not provide extra reliability in times of an outage. If a collapsed core design is used,
the core and distribution are collapsed into a single device, increasing the chance of a devastating outage.
6. What is a function of the distribution layer?
 fault isolation
 network access to the user
 high-speed backbone connectivity
 interconnection of large-scale networks in wiring closets
Explanation: The distribution layer interacts between the access layer and the core by aggregating access layer
connections in wiring closets, providing intelligent routing and switching, and applying access policies to access
the rest of the network. Fault isolation and high-speed backbone connectivity are the primary functions of the
core layer. The main function of the access layer is to provide network access to the user.
7. What is the function of PoE pass-through?
 allows switches, phones, and wireless access points to receive power over existing Ethernet cables
from an upstream switch
 allows a multilayer switch to forward IP packets at a rate close to that of Layer 2 switching by bypassing
the CPU
 allows multiple physical switch ports to be aggregated together and act as a single logical to increase
bandwidth on trunk links
 allows a switch to disable redundant Layer 2 paths in the topology to prevent Layer 2 loops
Explanation: PoE or Power over Ethernet allows devices such as wireless access-points and IP phones to
receive power from PoE enabled switch ports. PoE pass-through allows a switch to receive power from an
upstream switch and pass it through to PoE devices.
8. Which function is supplied by the access layer in a three-layer network design?
 application of policies
 network access
 routing

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  high-speed connectivity
 backbone connectivity
Explanation: The main purpose of devices in the access layer is to supply network access to end users.
Distribution layer devices provide services such as routing and policy functions. The core layer provides high-
speed backbone connectivity.
9. Which action should be taken when planning for redundancy on a hierarchical network design?
 Add alternate physical paths for data to traverse the network.
 Purchase backup equipment for every network device at the distribution layer.
 Immediately replace a nonfunctioning module, service ,or device on a network.
 Implement STP PortFast between the switches on the network.
Explanation: One method of implementing redundancy is path redundancy, which means installing alternate
physical paths for data to traverse the network. Redundant links in a switched network support high availability
and can be used for load balancing, thus reducing congestion on the network.
10. What is a collapsed core in a network design?
 a combination of the functionality of the access, distribution, and core layers
 a combination of the functionality of the access and distribution layers
 a combination of the functionality of the distribution and core layers
 a combination of the functionality of the access and core layers
Explanation: A collapsed core design is appropriate for a small, single building business. This type of design
uses two layers (the collapsed core and distribution layers consolidated into one layer and the access layer).
Larger businesses use the traditional three-tier switch design model.
11. What is the name of the layer in the Cisco borderless switched network design that is considered to be
the backbone used for high-speed connectivity and fault isolation?
 network
 core
 data link
 access
 network access
Explanation: The three layers of the Cisco borderless switch network design are access, distribution, and core.
The access layer switches are the ones used to connect end devices to the network. The distribution layer
switches accept connections from access layer switches and provides switching, routing, and access policy
functions. The core layer is called the backbone and core switches commonly have high-speed redundant
connections.
12. Which technology is required when switched networks are designed to include redundant links?
 Spanning Tree Protocol
 virtual LANs
 virtual private networks
 link aggregation
Explanation: Spanning Tree Protocol (STP) is required when switched networks include redundant Layer 2
links. VLANs, VPNs, and link aggregation are not related to link redundancy in network design.
13. Which feature could be used in a network design to increase the bandwidth by combining multiple
physical links into a single logical link?
 trunk ports
 VLANs
 subinterfaces
 EtherChannel
Explanation: VLANs create several groups of users which use a single physical link. Trunk ports are single
physical links. Subinterfaces allow one physical link to be used to create several logical links. EtherChannel
provides the ability to combine multiple physical links into a single logical link.
14. Which statement describes a characteristic of Cisco Catalyst 2960 switches?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  New Cisco Catalyst 2960-C switches support PoE pass-through.
 They are best used as distribution layer switches.
 They do not support an active switched virtual interface (SVI) with IOS versions prior to 15.x.
 They are modular switches.
Explanation: Cisco Catalyst 2960 switches support one active switched virtual interface (SVI) with IOS
versions prior to 15.x. They are commonly used as access layer switches and they are fixed configuration
switches.
15. Which network design solution will best extend access layer connectivity to host devices?
 implementing wireless connectivity
 implementing redundancy
 implementing EtherChannel
 implementing routing protocols
Explanation: EtherChannel allows more data to be moved at the access layer, but does not provide network
expansion. Redundancy is used to provide failover solutions but does not focus on network expansion. Routing
protocols are not used to provide network expansion at the access layer. Wireless connectivity provides network
access to a large number of users at the access layer.
16. What is a basic function of the Cisco Borderless Networks architecture distribution layer?
 Acting as a backbone
 Aggregating all the campus blocks
 Aggregating Layer 2 and Layer 3 routing boundaries
 Providing access to end-user devices
Explanation: One of the basic functions of the distribution layer of the Cisco Borderless Networks architecture
is to perform routing between different VLANs. Acting as a backbone and aggregating campus blocks are
functions of the core layer. Providing access to end-user devices is a function of the access layer.
17. Which two previously independent technologies should a network administrator attempt to combine
after choosing to upgrade to a converged network infrastructure? (Choose two.)
 Electrical system
 Mobile cell phone traffic
 Scanners and printers
 User data traffic
 VoIP phone traffic
Explanation: A converged network provides a single infrastructure that combines voice, video, and data.
Analog phones, user data, and point-to-point video traffic are all contained within the single network
infrastructure of a converged network.
18. How is a two-tier LAN network design implemented?
 The access, distribution, and core layers are collapsed into one tier to separate the backbone layer.
 The access and core layers are collapsed into one tier, and the distribution layer is on a separate tier.
 The access and distribution layers are collapsed into one tier, and the core layer is on a separate tier.
 The distribution and core layers are collapsed into one tier, and the access layer is on a separate tier.
Explanation: Maintaining three separate network tiers is not always required or cost-efficient. All network
designs require an access layer, but a two-tier design can collapse the distribution and core layers into one layer
to serve the needs of a small location with few users.
19. A local law firm is redesigning the company network so that all 20 employees can be connected to a
LAN and to the internet. The law firm would prefer a low-cost and easy solution for the project. What
type of switch should be selected?
 fixed configuration
 modular configuration
 stackable configuration
 data center switch
 service provider switch

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: A fixed-configuration switch would meet all the requirements of the law firm in this example.
20. What is one function of a Layer 2 switch?
 determining which interface is used to forward a frame, based on the destination MAC address
 duplicating the electrical signal of each frame to every port
 forwarding data based on logical addressing
 learning the port assigned to a host by examining the destination MAC address
Explanation: A switch builds a table of MAC addresses and associated port numbers by examining the source
MAC addresses found in inbound frames. To forward a frame onward, the switch examines the destination
MAC address, looks in the MAC address for a port number associated with that destination MAC address, and
sends it to the specific port. If the destination MAC address is not in the table, the switch forwards the frame out
all ports except the inbound port that originated the frame.
21. Which network device can be used to eliminate collisions on an Ethernet network?
 Hub
 NIC
 Switch
 Wireless access point
Explanation: A switch provides microsegmentation so that no other devices compete for the same Ethernet
network bandwidth.
22. Which type of address does a switch use to build the MAC address table?
 Destination IP address
 Destination MAC address
 Source IP address
 Source MAC address
Explanation: When a switch receives a frame with a source MAC address that is not in the MAC address table,
the switch adds that MAC address to the table and maps that address to a specific port. Switches do not use IP
addressing in the MAC address table.
23. What are two reasons a network administrator would segment a network with a Layer 2 switch?
(Choose two.)
 To create fewer collision domains
 To create more broadcast domains
 To eliminate virtual circuits
 To enhance user bandwidth
 To isolate ARP request messages from the rest of the network
 To isolate traffic between segments
Explanation: A switch has the ability to create temporary point-to-point connections between the directly
attached transmitting and receiving network devices. The two devices have full-bandwidth, full-duplex
connectivity during the transmission. Segmentation adds collision domains to reduce collisions.
24. Which statement describes the microsegmentation feature of a LAN switch?
 All ports inside the switch form one collision domain.
 Each port forms a collision domain.
 Frame collisions are forwarded.
 The switch does not forward broadcast frames.
Explanation: When a LAN switch with the microsegmentation feature is used, each port represents a segment,
which in turns forms a collision domain. If each port is connected with an end-user device, there will be no
collisions. However, if multiple end devices are connected to a hub and the hub is connected to a port on the
switch, some collisions will occur in that particular segment-but not beyond it.
25. A ____________________ network is one that uses the same infrastructure to carry voice, data, and
video signals.
 converged
26. In the Cisco enterprise architecture, which two functional parts of the network are combined to form
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
a collapsed core design? (Choose two.)
 Access layer
 Core layer
 Distribution layer
 Enterprise edge
 Provider edge
Explanation: The Cisco enterprise architecture consists of a hierarchical design. The network is divided into
three functional layers: core, distribution, and access. In smaller networks, this three-layer division of functional
layers is collapsed into two layers, with the core and distribution layers combined to form a collapsed core.
27. What are two benefits of extending access layer connectivity to users through a wireless medium?
(Choose two.)
 Decreased number of critical points of failure
 Increased bandwidth availability
 Increased flexibility
 Increased network management options
 Reduced costs
Explanation: Providing wireless connectivity offers many advantages, such as increased flexibility, reduced
costs, and the ability to grow and adapt to changing network and business requirements.
28. As the network administrator, you have been asked to implement EtherChannel on the corporate
network. What does this configuration involve?
 Grouping multiple physical ports to increase bandwidth between two switches
 Grouping two devices to share a virtual IP address
 Providing redundant devices to allow traffic to flow in the event of device failure
 Providing redundant links that dynamically block or forward traffic
Explanation: Link aggregation allows an administrator to increase the amount of bandwidth between devices
by creating one logical link by grouping several physical links together. EtherChannel is a form of link
aggregation used in switched networks.
29. Which statement describes Cisco Meraki switches?
 They are campus LAN switches that perform the same functions as Cisco 2960 switches.
 They are cloud-managed access switches that enable virtual stacking of switches.
 They are service provider switches that aggregate traffic at the edge of the network.
 They promote infrastructure scalability, operational continuity, and transport flexibility.
Explanation: Cisco Meraki cloud-managed access switches enable virtual stacking of switches. They monitor
and configure thousands of switch ports over the web, without the intervention of onsite IT staff.
30. What term is used to describe the thickness or height of a switch?
 Domain size
 Module size
 Port density
 Rack unit
Explanation: The thickness of a switch determines how much space on the rack it will take up and is measured
in rack units.
31. What are two functions of a router? (Choose two.)
 It connects multiple IP networks.
 It controls the flow of data via the use of Layer 2 addresses.
 It determines the best path for sending packets.
 It increases the size of the broadcast domain.
 It manages the VLAN database.
Explanation: Routers play a critical role in networking by determining the best path for sending packets. They
connect multiple IP networks by connecting homes and businesses to the internet. They are also used to
interconnect multiple sites within an enterprise network, providing redundant paths to destinations. Routers can
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
also act as translators between different media types and protocols.
………………………………………………………………………………………………
1. A company uses a cloud-based payroll system. Which cloud computing technology is this company
using?
 infrastructure as a service (IaaS)
 wireless as a service (WaaS)
 software as a service (SaaS)
 browser as a service (BaaS)
Explanation: Curriculum Reference: Module 7.2
This item is based on information contained in the presentation.
There is no such thing as BaaS. Infrastructure as a service (IaaS) is when key network devices such as routers
and firewalls are leased from a provider. Wireless as a service (WaaS) is when a provider provides wireless
connectivity at a fixed monthly cost.
2. For a data center, what is the difference in the server virtualization data traffic compared with the
traditional client-server model?
 There is more data traffic flowing from virtual servers to clients.
 Data traffic from clients will be routed to multiple virtual servers.
 There are significant data exchanges between virtual servers.
 More network control traffic is generated between virtual servers and clients.
Explanation: With server virtualization, traffic in a data center contains a considerable amount of data
exchanges between virtual servers (referred to as East-West traffic). For the client-server model, the traffic
pattern between virtual servers and clients will not change. From a routing perspective, client requests to a
virtual server will still be routed to that server.
3. Which component in a traditional infrastructure device provides Layer 2 and Layer 3 functions to
create data paths within a network?
 forwarding information base
 control plane
 adjacency table
 data plane
Explanation: An infrastructure device contains the control plane and data plane. The control plane contains
Layer 2 and Layer 3 route forwarding mechanisms that construct loop-free paths within a network. The data
plane of each device is used to forward traffic flows.
4. Which network traffic management technology is a basic element in SDN implementations?
 OpenStack
 OpenFlow
 Interface to the Routing System
 IEEE 802.1aq
Explanation: OpenFlow was developed at Stanford University to manage traffic between routers, switches, and
wireless access points and a controller. It is the original and widely implemented southbound API for SDN.
OpenStack is a virtualization and orchestration platform available to build scalable cloud environments and
provide an infrastructure as a service (IaaS) solution. It is often used with Cisco ACI. IEEE 802.1aq is a
replacement to the Spanning Tree Protocol (STP) that allows all paths to be active with multiple equal cost
paths. Interface to the Routing System uses a fast path protocol to populate the network device routing table.
5. Which two technologies are core components of Cisco ACI architecture? (Choose two.)
 Application Network Profile
 Application Policy Infrastructure Controller
 OpenFlow enabled switches
 Interface to the Routing System
 Transparent Interconnection of Lots of Links

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: The Cisco ACI architecture contains three core components:
– Application Network Profile (ANP) – An ANP is a collection of end-point groups (EPG), their connections,
and the policies that define those connections.
– Application Policy Infrastructure Controller (APIC) – APIC is a centralized software controller that
manages and operates a scalable ACI clustered fabric.
– Cisco Nexus 9000 Series switches – Provides an application-aware switching fabric and works with an APIC
to manage the virtual and physical network infrastructure.
OpenFlow enabled switches are required in SDN implementation. Both Interface to the Routing System (I2RS)
and Transparent Interconnection of Lots of Links (TRILL) are different approaches developed for network
virtualization.
6. Which Cloud computing service would be best for a new organization that cannot afford physical
servers and networking equipment and must purchase network services on-demand?
 ITaaS
 PaaS
 Iaas
 SaaS
Explanation: Infrastructure as a service (IaaS) provides an environment where users have an on-demand
infrastructure that they can install any platform as needed.
7. Which services are provided by a private cloud?
 encrypted data storage in cloud computing
 secure communications between sensors and actuators
 online services to trusted vendors
 multiple internal IT services in an enterprise
Explanation: Large enterprises typically have their own data center to manage data storage and data processing
needs. The data center can be used to serve internal IT needs. In other words, the data center becomes a private
cloud, a cloud computing infrastructure just for internal services.
8. What are two reasons an organization might use cloud computing? (Choose two.)
 enables global access to corporate data
 provides power and physical plants capable of meeting increased requirements
 enables connectivity between disparate networks
 reduces the time needed for maintenance windows
 increases corporate use of technology resources
Explanation: A cloud solution is used for many reasons, but some of the common services and reasons to use a
cloud-based solution are as follows:
– access to corporate data through the Internet
– outsourced services
– housing for IT equipment, maintenance, and management
– reduced costs for equipment, electricity, disaster prevention, physical plant (room, cabling, air conditioning,
water cooling, etc.), and personnel
9. What is a characteristic of data flow processing in SDN?
 The SDN controller attaches an entry to each packet to identify the flow.
 The SDN controller routes a data flow first and the data plane will use policies to permit or deny the flow.
 Each data flow through the network must be approved by the SDN controller first.
 OpenStack is used to construct the entry in switches to facilitate data forwarding.
Explanation: In SDN architecture, each data flow through the network must first get permission from the SDN
controller. If the controller allows a flow, it computes a route for the flow to take and adds an entry for that flow
in each of the switches along the path. Communication between the controller and the switches typically uses an
open standard protocol and an API, such as OpenFlow.
10. What are three abstraction layers of a computer system? (Choose three.)
 firmware

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  network
 hardware
 services
 security
 data
Explanation: Abstraction layers help describe network protocols within the architecture of a computer system.
Each layer uses programming code to interface with the layers above and below. The following abstraction
layers make up a computer system:
– Hardware
– Firmware
– Assembler
– Kernel
– OS
– Services
11. In software defined network architecture, what function is removed from network devices and
performed by an SDN controller?
 control plane
 security
 data plane
 application policies
Explanation: In network virtualization, the control plane function of each network device is removed and is
performed by a centralized controller. The controller then can communicate control plane functions to each of
the network devices. This allows the network devices to focus all resources on forwarding plane functions.
12. Which term describes the data exchanges between virtual servers in a data center?
 backbone traffic
 north-south traffic
 vertical traffic
 east-west traffic
Explanation: With server virtualization, the data exchanges between virtual servers in a data center is referred
to as East-West traffic.
13. How is the control plane modified to operate with network virtualization?
 The control plane on each device is interconnected to a dedicated high- speed network.
 A hypervisor is installed in each device to allow multiple instances of the control plane.
 The control plane function is consolidated into a centralized controller.
 Control plane redundancy is added to each network device.
Explanation: In network virtualization design, the control plane function is removed from each network device
and is performed by a centralized controller. The centralized controller communicates control plane functions to
each network device and each device focuses on forwarding data.
14. Which Cloud computing service would be best for an organization that needs to collaboratively create
applications and deliver them over the web?
 SaaS
 IaaS
 ITaaS
 PaaS
Explanation: Platform as a service (PaaS) provides a collaborative environment where multiple developers can
create software and host an application through a Cloud provider.
15. Which of the following is the term for the extension of the internet structure to billions of connected
devices?
 BYOD
 Digitization

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  IoT
 M2M
Explanation: The Internet of Things (IoT) is a phrase that denotes the billions of electronic devices that are
now able to connect to data networks and the internet.
16. Which cloud computing service would provide the use of network hardware such as routers and
switches for a particular company?
 Browser as a service (BaaS)
 Infrastructure as a service (IaaS)
 Software as a service (SaaS)
 Wireless as a service (WaaS)
Explanation: With IaaS, the cloud provider is responsible for access to the network equipment, virtualized
network services, and supporting network infrastructure.
17. What technology allows users to access data anywhere and at any time?
 cloud computing
 data analytics
 micromarketing
 virtualization
Explanation: Cloud computing enables access to organizational data anywhere and at any time; streamlines the
organization’s IT operations by subscribing only the needed services; eliminates or reduces the need for onsite
IT equipment, maintenance, and management; reduces costs for equipment, energy, physical plant requirements,
and personnel training needs; and enables rapid responses to increasing data volume requirements.
18. Which cloud model provides services for a specific organization or entity?
 community cloud
 hybrid cloud
 private cloud
 public cloud
Explanation: A private cloud’s applications and services are intended for a specific organization or entity, such
as the government.
19. What is a benefit of virtualization?
 guarantee of power
 improvement of business practices
 supply of consistent air flow
 support of live migration
Explanation: A benefit of virtualization is increased server uptime with advanced redundant fault-tolerance
features such as live migration, storage migration, high availability, and distributed resource scheduling.
20. What is a difference between the functions of cloud computing and virtualization?
 Cloud computing provides services on web-based access, whereas virtualization provides services on data
access through virtualized internet connections.
 Cloud computing requires hypervisor technology, whereas virtualization is a fault-tolerance technology.
 Cloud computing separates the application from the hardware, whereas virtualization separates the
OS from the underlying hardware.
 Cloud computing utilizes data center technology, whereas virtualization is not used in data centers.
Explanation: The terms cloud computing and virtualization are often used interchangeably; however, they
mean different things. Virtualization is the foundation of cloud computing. Without it, cloud computing, as it is
most widely implemented, would not be possible. Cloud computing separates the application from the
hardware. Virtualization separates the OS from the hardware.
21. Which of the following applies to a Type 2 hypervisor?
 best suited for enterprise environments
 does not require management console software
 has direct access to server hardware resources

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  installs directly on hardware
Explanation: A Type 2 hypervisor, also called a hosted hypervisor, is software that creates and runs VM
instances. A big advantage of Type 2 hypervisors is that management console software is not required.
22. Which is a characteristic of a Type 1 hypervisor?
 best suited for consumers and not for an enterprise environment
 does not require management console software
 installed directly on a server
 installed on an existing operating system
Explanation: A Type 1 hypervisor is installed directly on the server or networking hardware. Instances of an
OS are installed on the hypervisor. Type 1 hypervisors have direct access to the hardware resources; therefore,
they are more efficient than hosted architectures. Type 1 hypervisors improve scalability, performance, and
robustness.
23. Which technology virtualizes the control plane and moves it to a centralized controller?
 cloud computing
 fog computing
 IaaS
 SDN
Explanation: Software-defined networking (SDN) is a network architecture that has been developed to
virtualize the network. For example, SDN can virtualize the control plane. It is also known as controller-based
SDN. SDN moves the control plane from each network device to a central network intelligence and policy-
making entity called the SDN controller.
24. Which two layers of the OSI model are associated with SDN network control plane functions that
make forwarding decisions? (Choose two.)
 Layer 1
 Layer 2
 Layer 3
 Layer 4
 Layer 5
Explanation: The control plane contains Layer 2 and Layer 3 route forwarding mechanisms, such as routing
protocol neighbor tables and topology tables, IPv4 and IPv6 routing tables, STP, and the ARP table.
Information sent to the control plane is processed by the CPU.
25. Which type of hypervisor would most likely be used in a data center?
 Nexus 9000 switch
 Oracle VM VirtualBox
 Type 1
 Type 2
Explanation: Using Type 1 hypervisors is also called the “bare metal” approach because the hypervisor is
installed directly on the hardware. Type 1 hypervisors are usually used on enterprise servers and data center
networking devices.
26. Which type of hypervisor would most likely be used by a consumer?
 Nexus 9000 switch
 Oracle VM VirtualBox
 Type 1
 Type 2
Explanation: Type 2 hypervisors are very popular with consumers and with organizations experimenting with
virtualization. Common Type 2 hypervisors include Virtual PC, VMware Workstation, Oracle VM VirtualBox,
VMware Fusion, and Mac OS X Parallels.
27. What component is considered the brains of the ACI architecture and translates application policies?
 Application Network Profile endpoints
 Application Policy Infrastructure Controller

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  hypervisor
 Nexus 9000 switch
Explanation: The APIC is considered to be the brains of the ACI architecture. An APIC is a centralized
software controller that manages and operates a scalable ACI clustered fabric. It is designed for
programmability and centralized management. It translates application policies into network programming.
…………………………………………………………………………………..
14.7.2 Module Quiz – Network Automation (Answers)
Apr 2, 2021 Last Updated: Dec 20, 2022 CCNA v7.0, CCNA v7 Course #3 No Comments
Share TweetSharePin it

14.7.2 Module Quiz – Network Automation Answers

Playvolume00:00/01:03TruvidfullScreen

1. What is JSON?
 It is a data format for storing and transporting data.
 It is a scripting language.
 It is a database.
 It is a compiled programming language.
Explanation: JavaScript Object Notation (JSON) is a data format used by applications to store and transport
data.
2. What is an architectural constraint to which a true RESTful API web service must adhere?
 It must support the XML data format.
 It operates as a cloud service.
 It runs as client/server model.
 It uses HTTPS to transport data.
Explanation: Conforming to the constraints of the REST architecture is generally referred to as being
“RESTful”. An API can be considered “RESTful” if it has the following features:

 Client/server – The client handles the front end and the server handles the back end.
 Stateless – No client data is stored on the server between requests. The session state is stored on the
client.
 Cacheable – Clients can cache responses locally to improve performance.
3. In the RESTful API request example, http://www.mapquestapi.com/directions/v2/route?
outFormat=json&key=KEY&from=San+Jose,Ca&to=Monterey,Ca, which term describes the
component directions/v2/route?
 parameters
 resources
 API server
 query
Explanation: In this sample API request, the different components are as follows:
– API Server – the MapQuest API server, http://www.mapquestapi.com
– Resources – the MapQuest directions API, directions/v2/route
– Query – the data format and information the client is requesting from the API service, include these:
 Format – format JSON is requested
 Key – authentication key, here it is KEY
 Parameters – information pertaining to the request, in this example, \”from=San+Jose,Ca\”
and \”to=Monterey,Ca\”
4. Which statement describes an API?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  It is a set of functions and procedures that allows a client application to access the data of the service
application.
 It is a programming language for creating a web-based application.
 It is a set of functions and subroutines to be used in a comprehensive application.
 It is a set of rules that filter network traffic for web-based applications.
Explanation: An application programming interface (API) is a set of functions and procedures to allow
communication among applications. Typically, a service application provides the API to allow client
applications to access the data of the service application.
5. Which term describes the process of managing configuration changes of network devices in an orderly
fashion?
 orchestration
 version control
 provisioning
 automation
Explanation: Configuration management tools typically include automation and orchestration. Automation is
automatically performing a task on a system. Arranging the automated tasks into a coordinated process or
workflow is called orchestration.
6. Which web service API can use multiple data formats including JSON, XML, and YAML?
 JSON-RPC
 REST
 SOAP
 XML-RPC
Explanation: REST API can use multiple data formats including JSON, XML, YAML, and others. Both SOAP
and XML-RPC use XML format. JSON-RPC uses JSON format.
7. What are two reasons that most RESTful APIs require a key in the request? (Choose two.)
 to authenticate the requesting source
 to gather information on the people using the API
 to encrypt the query message in the API request
 to make sure that the query matches the service offered by the web application
 to specify the data format expected from the response
Explanation: Many RESTful APIs, including public APIs, require a key. The reasons an API provider may
require a key include the following:
 to authenticate the source to make sure it is authorized to use the API
 to limit the number of people using the API
 to better capture and track the data being requested by users
 to gather information on the people using the API
8. What is a difference between the XML and HTML data formats?
 XML uses a self-descriptive data structure but HTML uses a standard document structure.
 XML formats data in hexadecimal whereas HTML formats data in binary.
 XML requires indentation for each key/value pair whereas HTML does not require indentation.
 XML encloses data within a pair of tags whereas HTML uses a pair of quotation marks to enclose data.
Explanation: XML is a human readable data structure used to store, transfer, and read data by applications.
Like HTML, XML uses a related set of tags to enclose data. However, unlike HTML, XML does not use
predefined tags or a standard document structure, but rather it uses self-descriptive tags and structure.
9. A programmer is using Ansible as the configuration management tool. Which term is used to describe
a set of instructions for execution?
 Pillar
 Manifest
 Cookbook
 Playbook

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: Ansible uses the name Playbook to describe the set of instructions to be executed.
10. Which term is used to describe a set of instructions for execution by the configuration management
tool Chef?
 Playbook
 Pillar
 Cookbook
 Manifest
Explanation: The configuration management tool Chef uses the name Cookbook to describe the set of
instructions to be executed.
11. Which two configuration management tools are developed using Python? (Choose two.)
 Chef
 Ansible
 SaltStack
 Puppet
 NETCONF
Explanation: Ansible and SaltStack are configuration management tools developed using Python. Chef and
Puppet are configuration management tools developed using Ruby. Ruby is typically considered a more difficult
language to learn than Python. NETCONF is a network management protocol.
12. Which function of the Cisco intent-based networking system (IBNS) enables network operators to
express the expected networking behavior that will best support the business intent?
 translation
 ACL analysis
 activation
 assurance
Explanation: The translation feature of Cisco IBNS enables network operators to express the expected network
behavior that will best support the business intent.
13. Which types of APIs are suitable for the data communication between a travel website and a hotel
chain inquiring about room availability data?
 public APIs
 partner APIs
 open APIs
 internal APIs
Explanation: Application APIs are categorized as follows:
 Open APIs or Public APIs – publicly available and can be used with no restrictions
 Internal or Private APIs – used by an organization or company to access data and services for internal
use only
 Partner APIs – used between a company and its business partners or contractors to facilitate business
between them
14. Which characters are used to enclose a JSON key?
 commas
 square brackets
 colons
 quotation marks
Explanation: JSON keys are on the left side of the colon. They need to be wrapped in double quotation marks,
as in “key”, and can be any valid string.
15. Which character is used to separate JSON key/value pairs?
 (semi colon) ;
 (dash) –
 (comma) ,
 (forward slash) /

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: Each key/value pair in a series of key/value pairs is separated by a comma, so the middle of a
JSON looks like this “key”: “value”, “key”: “value”.
16. In the following example, which data format is used?

message: success

timestamp: 1560789260

iss_position:

latitude: '25.9990'

longitude: '-132.6992'

HTML
JSON
XML
YAML
Explanation: YAML Ain’t Markup Language (YAML) separates the key/value pairs using a colon without
quotation marks. YAML also uses indentation to define the structure, without using brackets or commas.
JavaScript Object Notation (JSON) encloses key/value pairs in braces, { }. Keys must be strings within double
quotation marks, “ ”. A key is separated from a value by a colon. Extensible Markup Language (XML) data is
enclosed within a related set of tags: <tag>data</tag>.
17. In the following example, which data format is used?

"message": "success",

"timestamp": 1560789260,

"iss_position": {

"latitude": "25.9990",

"longitude": "-132.6992"

HTML
JSON
XML
YAML
Explanation: JavaScript Object Notation (JSON) encloses key/value pairs in braces, { }. Keys must be strings
within double quotation marks, “ ”. A key is separated from a value by a colon. YAML Ain’t Markup Language
(YAML) separates the key/value pairs using a colon without quotation marks. YAML also uses indentation to
define the structure, without using brackets or commas. Extensible Markup Language (XML) data is enclosed
within a related set of tags: <tag>data</tag>.
18. A RESTful API (for example, a public API) mat require a key. What is the function of the key?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  It is the top-level object of the API query.
 It is used in the encryption of the message by an API request.
 It is used to authenticate the requesting source.
 It represents the main query components in the API request.
Explanation: A RESTful API, including a public API, may require a key. The key is used to identify the source
of the request through authentication.
19. Which configuration management tool combines a set of instructions in a manifest?
 Ansible
 Chef
 Puppet
 RESTCONF
 SaltStack
Explanation: Puppet is an agent-based configuration management tool built on Ruby that allows you to create a
set of instructions called a manifest. Ansible is an agentless configuration management tool built on Python that
allows you to create a set of instructions called a playbook. Chef is an agent-based configuration management
tool built on Ruby that allows you to create a set of instructions called a cookbook. SaltStack is an agentless
configuration management tool built on Python that allows you to create a set of instructions called a pillar.
20. Which RESTful operation corresponds to the HTTP POST method?
 create
 delete
 read
 update
Explanation: The HTTP operation POST corresponds to the RESTful operation create, GET to read,
PUT/PATCH to update, and DELETE to delete.
21. How does the YAML data format structure differ from JSON?
 YAML uses brackets and commas.
 YAML uses end tags.
 YAML uses hierarchical levels of nesting.
 YAML uses indentations.
Explanation: YAML Ain’t Markup Language (YAML) separates the key/value pairs using a colon without
quotation marks. YAML also uses indentation to define its structure, without using brackets or commas.
Extensible Markup Language (XML) data is enclosed within a related set of tags: <tag>data</tag>. JavaScript
Object Notation (JSON) encloses key/value pairs in braces, { }. Keys must be strings within double quotation
marks, “ ”. A key is separated from a value by a colon.
22. Which configuration management tool combines a set of instructions in a playbook?
 Ansible
 Chef
 Puppet
 RESTCONF
 SaltStack
Explanation: Ansible is an agentless configuration management tool built on Python that allows you to create a
set of instructions called a playbook. Chef is an agent-based configuration management tool built on Ruby that
allows you to create a set of instructions called a cookbook. Puppet is an agent-based configuration management
tool built on Ruby that allows you to create a set of instructions called a manifest. SaltStack is an agentless
configuration management tool built on Python that allows you to create a set of instructions called a pillar.
23. In the following example, which data format is used?

<root>

<message>success</message>
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
 <timestamp>1560789260</timestamp>

<iss_position>

<latitude>25.9990</latitude>

<longitude>-132.6992</longitude>

</iss_position>

</root>

 HTML
 JSON
 XML
 YAML
Explanation: Extensible Markup Language (XML) data is enclosed within a related set of tags:
<tag>data</tag>. JavaScript Object Notation (JSON) encloses key/value pairs in braces, { }. Keys must be
strings within double quotation marks, “ ”. A key is from a value by a colon. YAML Ain’t Markup Language
(YAML) separates the key/value pairs using a colon without quotation marks. YAML also uses indentation to
define its structure without using brackets or commas.
24. What is a difference between the HTML and XML data formats?
 HTML formats data in plaintext, whereas XML formats data in binary.
 HTML uses predefined tags, and XML does not.
 HTML requires indentation for each key/value pair, but XML does not.
 HTML uses a pair of quotation marks to enclose data, whereas XML encloses data within a pair of tags.
Explanation: Like XML, HTML uses a related set of tags to enclose data. However, HTML uses predefined
tags, whereas XML does not. XML is a human-readable data structure that applications use to store, transfer,
and read data.
25. What is REST?
 It is a human-readable data structure that applications use for storing, transforming, and reading data.
 It is a protocol that allows administrators to manage nodes on an IP network.
 It is a way to store and interchange data in a structured format.
 It is an architecture style for designing web service applications.
Explanation: REST is not a protocol or service but rather a style of software architecture for designing web
service applications. A REST API is an API that works on top of HTTP. It defines a set of functions developers
can use to perform requests and receive responses via HTTP, such as GET and POST.
26. Which RESTful operation corresponds to the HTTP PUT method?
 create
 delete
 read
 update
Explanation: The HTTP operation PUT corresponds to the RESTful operation update, POST to create, GET to
read, and DELETE to delete.
27. What is JSON?
 It is a compiled programming language.
 It is a data format that is simpler than XML.
 It is a scripting language.
 It is a superset of YAML.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: JSON is a lightweight data format for storing and transporting data. It is simpler and more
readable than XML and is supported by web browsers. Like JSON, YAML Ain’t Markup Language (YAML) is
a data format that applications use to store and transport data. YAML is considered a superset of JSON.
28. Which scenario describes the use of a public API?
 It can be used with no restrictions.
 It is used only within an organization.
 It requires a license.
 It is used between a company and its business partners.
Explanation: Public, or open, APIs have no restrictions and are available to the public. Some API providers do
require a user to obtain a free key or token prior to using the API in order to control the volume of API requests
received and processed.
……………………………………………………………………………………

Introduction to Networks (Version 7.0) – ITNv7 Practice Final Exam Answers

1. A client packet is received by a server. The packet has a destination port number of 22. What service is
the client requesting?
 SSH
 TFTP
 DHCP
 DNS
2. Refer to the exhibit. What does the value of the window size specify?

 the amount of data that can be sent at one time

 the amount of data that can be sent before an acknowledgment is required
 the total number of bits received during this TCP session
 a random number that is used in establishing a connection with the 3-way handshake
Explanation: The window size determines the number of bytes that can be sent before expecting an
acknowledgment. The acknowledgment number is the number of the next expected byte.
3. To which TCP port group does the port 414 belong?
 well-known
 private or dynamic
 public
 registered
Explanation: Well Known Ports: 0 through 1023.
Registered Ports: 1024 through 49151.
Dynamic/Private : 49152 through 65535.
4. Refer to the exhibit. An administrator is trying to configure the switch but receives the error message
that is displayed in the exhibit. What is the problem?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  The entire command, configure terminal, must be used.
 The administrator is already in global configuration mode.
 The administrator must first enter privileged EXEC mode before issuing the command.
 The administrator must connect via the console port to access global configuration mode.
Explanation: In order to enter global configuration mode, the command configure terminal, or a shortened
version such as config t, must be entered from privileged EXEC mode. In this scenario the administrator is in
user EXEC mode, as indicated by the > symbol after the hostname. The administrator would need to use the
enable command to move into privileged EXEC mode before entering the configure terminal command.
5. What is a user trying to determine when issuing a ping 10.1.1.1 command on a PC?
 if the TCP/IP stack is functioning on the PC without putting traffic on the wire
 if there is connectivity with the destination device
 the path that traffic will take to reach the destination
 what type of device is at the destination
Explanation: The ping destination command can be used to test connectivity.
6. What is a characteristic of a switch virtual interface (SVI)?
 An SVI is created in software and requires a configured IP address and a subnet mask in order to
provide remote access to the switch.
 Although it is a virtual interface, it needs to have physical hardware on the device associated with it.
 SVIs do not require the no shutdown command to become enabled.
 SVIs come preconfigured on Cisco switches.
Explanation: Cisco IOS Layer 2 switches have physical ports for devices to connect. These ports do not
support Layer 3 IP addresses. Therefore, switches have one or more switch virtual interfaces (SVIs). These are
virtual interfaces because there is no physical hardware on the device associated with it. An SVI is created in
software.
The virtual interface lets you remotely manage a switch over a network using IPv4 and IPv6. Each switch
comes with one SVI appearing in the default configuration “out-of-the-box.” The default SVI is interface
VLAN1.
7. Match the descriptions to the terms. (Not all options are used.)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: A GUI, or graphical user interface, allows the user to interact with the operating system by
pointing and clicking at elements on the screen. A CLI, or command-line interface, requires users to type
commands at a prompt in order to interact with the OS. The shell is the part of the operating system that is
closest to the user. The kernel is the part of the operating system that interfaces with the hardware.
8. What happens when a switch receives a frame and the calculated CRC value is different than the value
that is in the FCS field?
 The switch notifies the source of the bad frame.
 The switch places the new CRC value in the FCS field and forwards the frame.
 The switch drops the frame.
 The switch floods the frame to all ports except the port through which the frame arrived to notify the hosts
of the error.
Explanation: The purpose of the CRC value in the FCS field is to determine if the frame has errors. If the
frame does have errors, then the frame is dropped by the switch.
9. Two network engineers are discussing the methods used to forward frames through a switch. What is
an important concept related to the cut-through method of switching?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  The fragment-free switching offers the lowest level of latency.
 Fast-forward switching can be viewed as a compromise between store-and-forward switching and
fragment-free switching.
 Fragment-free switching is the typical cut-through method of switching.
 Packets can be relayed with errors when fast-forward switching is used.
Explanation: Fast-forward switching offers the lowest level of latency and it is the typical cut-through method
of switching. Fragment-free switching can be viewed as a compromise between store-and-forward switching
and fast-forward switching. Because fast-forward switching starts forwarding before the entire packet has been
received, there may be times when packets are relayed with errors.
10. Which two issues can cause both runts and giants in Ethernet networks? (Choose two.)
 using the incorrect cable type
 half-duplex operations
 a malfunctioning NIC
 electrical interference on serial interfaces
 CRC errors
Explanation: Because collisions are a normal aspect of half-duplex communications, runt and giant frames are
common by-products of those operations. A malfunctioning NIC can also place frames on the network that are
either too short or longer than the maximum allowed length. CRC errors can result from using the wrong type of
cable or from electrical interference. Using a cable that is too long can result in late collisions rather than runts
and giants.

11. Which two functions are performed at the LLC sublayer of the OSI Data Link Layer to facilitate
Ethernet communication? (Choose two.)
 implements CSMA/CD over legacy shared half-duplex media
 enables IPv4 and IPv6 to utilize the same physical medium
 integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper
 implements a process to delimit fields within an Ethernet 2 frame
 places information in the Ethernet frame that identifies which network layer protocol is being
encapsulated by the frame
Other case
 responsible for internal structure of Ethernet frame
 applies source and destination MAC addresses to Ethernet frame
 integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper
 enables IPv4 and IPv6 to utilize the same physical medium
 handles communication between upper layer networking software and Ethernet NIC hardware
Other case
 adds Ethernet control information to network protocol data
 responsible for internal structure of Ethernet frame
 implements trailer with frame check sequence for error detection
 enables IPv4 and IPv6 to utilize the same physical medium
 applies source and destination MAC addresses to Ethernet frame
Other case
 implements CSMA/CD over legacy shared half-duplex media
 adds Ethernet control information to network protocol data
 places information in the Ethernet frame that identifies which network layer protocol is being
encapsulated by the frame
 applies source and destination MAC addresses to Ethernet frame
 integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper
Explanation: The data link layer is actually divided into two sublayers:
+ Logical Link Control (LLC): This upper sublayer defines the software processes that provide services to the
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
network layer protocols. It places information in the frame that identifies which network layer protocol is being
used for the frame. This information allows multiple Layer 3 protocols, such as IPv4 and IPv6, to utilize the
same network interface and media.
+ Media Access Control (MAC): This lower sublayer defines the media access processes performed by the
hardware. It provides data link layer addressing and delimiting of data according to the physical signaling
requirements of the medium and the type of data link layer protocol in use.
12. Which two commands could be used to check if DNS name resolution is working properly on a
Windows PC? (Choose two.)
 nslookup cisco.com
 ping cisco.com
 ipconfig /flushdns
 net cisco.com
 nbtstat cisco.com
Explanation: The ping command tests the connection between two hosts. When ping uses a host domain name
to test the connection, the resolver on the PC will first perform the name resolution to query the DNS server for
the IP address of the host. If the ping command is unable to resolve the domain name to an IP address, an error
will result.
Nslookup is a tool for testing and troubleshooting DNS servers.
13. A small advertising company has a web server that provides critical business service. The company
connects to the Internet through a leased line service to an ISP. Which approach best provides cost
effective redundancy for the Internet connection?
 Add a second NIC to the web server.
 Add a connection to the Internet via a DSL line to another ISP.
 Add another web server to prepare failover support.
 Add multiple connections between the switches and the edge router.
Explanation: With a separate DSL connection to another ISP, the company will have a redundancy solution
for the Internet connection, in case the leased line connection fails. The other options provide other aspects of
redundancy, but not the Internet connection. The options of adding a second NIC and adding multiple
connections between the switches and the edge router will provide redundancy in case one NIC fails or one
connection between the switches and the edge router fails. The option of adding another web server provides
redundancy if the main web server fails.
14. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The
analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to
accomplish the task?
 copy running-config startup-config
 show interfaces
 show ip nat translations
 show running-config
15. Refer to the exhibit. A network administrator is connecting a new host to the Registrar LAN. The
host needs to communicate with remote networks. What IP address would be configured as the default
gateway on the new host?

Floor(config)# interface gi0/1

Floor(config-if)# description Connects to the Registrar LAN

Floor(config-if)# ip address 192.168.235.234 255.255.255.0

Floor(config-if)# no shutdown

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Floor(config-if)# interface gi0/0

Floor(config-if)# description Connects to the Manager LAN

Floor(config-if)# ip address 192.168.234.114 255.255.255.0

Floor(config-if)# no shutdown

Floor(config-if)# interface s0/0/0

Floor(config-if)# description Connects to the ISP

Floor(config-if)# ip address 10.234.235.254 255.255.255.0

Floor(config-if)# no shutdown

Floor(config-if)# interface s0/0/1

Floor(config-if)# description Connects to the Head Office WAN

Floor(config-if)# ip address 203.0.113.3 255.255.255.0

Floor(config-if)# no shutdown

Floor(config-if)# end

 192.168.235.234
 203.0.113.3
 192.168.235.1
 10.234.235.254
 192.168.234.114
16. Match the command with the device mode at which the command is entered. (Not all options are
used.)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
Explanation: The enable command is entered in R1> mode. The login command is entered in R1(config-line)#
mode. The copy running-config startup-config command is entered in R1# mode. The ip address 192.168.4.4
255.255.255.0 command is entered in R1(config-if)# mode. The service password-encryption command is
entered in global configuration mode.
17. A router boots and enters setup mode. What is the reason for this?
 The IOS image is corrupt.
 Cisco IOS is missing from flash memory.
 The configuration file is missing from NVRAM.
 The POST process has detected hardware failure.
Explanation: The startup configuration file is stored in NVRAM and contains the commands needed to initially
configure a router. It also creates the running configuration file that is stored in in RAM.

18. What service is provided by POP3?

 Retrieves email from the server by downloading the email to the local mail application of the client.
 An application that allows real-time chatting among remote users.
 Allows remote access to network devices and servers.
 Uses encryption to provide secure remote access to network devices and servers.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
19. Two students are working on a network design project. One student is doing the drawing, while the
other student is writing the proposal. The drawing is finished and the student wants to share the folder
that contains the drawing so that the other student can access the file and copy it to a USB drive. Which
networking model is being used?
 peer-to-peer
 client-based
 master-slave
 point-to-point
Explanation: In a peer-to-peer (P2P) networking model, data is exchanged between two network devices
without the use of a dedicated server.

20. Which command is used to manually query a DNS server to resolve a specific host name?
 tracert
 ipconfig /displaydns
 nslookup
 net
Explanation: The nslookup command was created to allow a user to manually query a DNS server to resolve a
given host name. The ipconfig /displaydns command only displays previously resolved DNS entries. The tracert
command was created to examine the path that packets take as they cross a network and can resolve a hostname
by automatically querying a DNS server. The net command is used to manage network computers, servers,
printers, and network drives.
21. Which PDU is processed when a host computer is de-encapsulating a message at the transport layer of
the TCP/IP model?
 bits
 frame
 packet
 segment
Explanation: At the transport layer, a host computer will de-encapsulate a segment to reassemble data to an
acceptable format by the application layer protocol of the TCP/IP model.

22. Which two OSI model layers have the same functionality as two layers of the TCP/IP model? (Choose
two.)
 data link
 network
 physical
 session
 transport
Explanation: The OSI transport layer is functionally equivalent to the TCP/IP transport layer, and the OSI
network layer is equivalent to the TCP/IP internet layer. The OSI data link and physical layers together are
equivalent to the TCP/IP network access layer. The OSI session layer (with the presentation layer) is included
within the TCP/IP application layer.

23. Which three layers of the OSI model are comparable in function to the application layer of the
TCP/IP model? (Choose three.)
 presentation
 physical
 network
 data link
 transport
 application

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  session
Explanation:
The TCP/IP model consists of four layers: application, transport, internet, and network access. The OSI model
consists of seven layers: application, presentation, session, transport, network, data link, and physical. The top
three layers of the OSI model: application, presentation, and session map to the application layer of the TCP/IP
model.
24. Network information:
* local router LAN interface: 172.19.29.254 / fe80:65ab:dcc1::10
* local router WAN interface: 198.133.219.33 / 2001:db8:FACE:39::10
* remote server: 192.135.250.103
What task might a user be trying to accomplish by using the ping 2001:db8:FACE:39::10 command?
 verifying that there is connectivity within the local network
 creating a network performance benchmark to a server on the company intranet
 determining the path to reach the remote server
 verifying that there is connectivity to the internet
25. Which two ICMP messages are used by both IPv4 and IPv6 protocols? (Choose two.)
 neighbor solicitation
 router advertisement
 router solicitation
 protocol unreachable
 route redirection
Explanation: The ICMP messages common to both ICMPv4 and ICMPv6 include: host confirmation,
destination (net, host, protocol, port) or service unreachable, time exceeded, and route redirection. Router
solicitation, neighbor solicitation, and router advertisement are new protocols implemented in ICMPv6.
26. A network technician types the command ping 127.0.0.1 at the command prompt on a computer.
What is the technician trying to accomplish?
 pinging a host computer that has the IP address 127.0.0.1 on the network
 tracing the path to a host computer on the network and the network has the IP address 127.0.0.1
 checking the IP address on the network card
 testing the integrity of the TCP/IP stack on the local machine
Explanation: 127.0.0.1 is an address reserved by TCP/IP to test the NIC, drivers and TCP/IP implementation
of the device.
27. Although CSMA/CD is still a feature of Ethernet, why is it no longer necessary?
 the virtually unlimited availability of IPv6 addresses
 the use of CSMA/CA
 the use of full-duplex capable Layer 2 switches
 the development of half-duplex switch operation
 the use of Gigabit Ethernet speeds
Explanation: The use of Layer 2 switches operating in full-duplex mode eliminates collisions, thereby
eliminating the need for CSMA/CD.

28. What does a router do when it receives a Layer 2 frame over the network medium?
 re-encapsulates the packet into a new frame
 forwards the new frame appropriate to the medium of that segment of the physical network
 determines the best path
 de-encapsulates the frame
Explanation: Routers are responsible for encapsulating a frame with the proper format for the physical network
media they connect. At each hop along the path, a router does the following:Accepts a frame from a medium
De-encapsulates the frame
Determines the best path to forward the packet
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
Re-encapsulates the packet into a new frame
Forwards the new frame appropriate to the medium of that segment of the physical network
29. Which two acronyms represent the data link sublayers that Ethernet relies upon to operate? (Choose
two.)
 SFD
 LLC
 CSMA
 MAC
 FCS
Explanation: For Layer 2 functions, Ethernet relies on logical link control (LLC) and MAC sublayers to
operate at the data link layer. FCS (Frame Check Sequence) and SFD (Start Frame Delimiter) are fields of the
Ethernet frame. CSMA (Carrier Sense Multiple Access) is the technology Ethernet uses to manage shared
media access.
30. A network team is comparing topologies for connecting on a shared media. Which physical topology
is an example of a hybrid topology for a LAN?
 bus
 extended star
 ring
 partial mesh
Explanation: An extended star topology is an example of a hybrid topology as additional switches are
interconnected with other star topologies. A partial mesh topology is a common hybrid WAN topology. The bus
and ring are not hybrid topology types.

31. Given network 172.18.109.0, which subnet mask would be used if 6 host bits were available?
 255.255.192.0
 255.255.224.0
 255.255.255.192
 255.255.255.248
 255.255.255.252
Explanation:
With an IPv4 network, the subnet mask is determined by the hosts bits that are required:
11 host bits required – 255.255.248.0
10 host bits required – 255.255.252.0
9 host bits required – 255.255.254.0
8 host bits required – 255.255.255.0
7 host bits required – 255.255.255.128
6 host bits required – 255.255.255.192
5 host bits required – 255.255.255.224
4 host bits required – 255.255.255.240
3 host bits required – 255.255.255.248
2 host bits required – 255.255.255.252
32. Three devices are on three different subnets. Match the network address and the broadcast address
with each subnet where these devices are located. (Not all options are used.)
Device 1: IP address 192.168.10.77/28 on subnet 1
Device 2: IP address192.168.10.17/30 on subnet 2
Device 3: IP address 192.168.10.35/29 on subnet 3

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
Explanation: To calculate any of these addresses, write the device IP address in binary. Draw a line showing
where the subnet mask 1s end. For example, with Device 1, the final octet (77) is 01001101. The line would be
drawn between the 0100 and the 1101 because the subnet mask is /28. Change all the bits to the right of the line
to 0s to determine the network number (01000000 or 64). Change all the bits to the right of the line to 1s to
determine the broadcast address (01001111 or 79).

33. What type of address is 198.133.219.162?

 link-local
 public
 loopback
 multicast
34. What does the IP address 192.168.1.15/29 represent?
 subnetwork address
 unicast address
 multicast address
 broadcast address
Explanation: A broadcast address is the last address of any given network. This address cannot be assigned to a
host, and it is used to communicate with all hosts on that network.

35. Why is NAT not needed in IPv6?

 Because IPv6 has integrated security, there is no need to hide the IPv6 addresses of internal networks.
 The problems that are induced by NAT applications are solved because the IPv6 header improves packet
handling by intermediate routers.
 The end-to-end connectivity problems that are caused by NAT are solved because the number of routes
increases with the number of nodes that are connected to the Internet.
 Any host or user can get a public IPv6 network address because the number of available IPv6
addresses is extremely large.
Explanation: The large number of public IPv6 addresses eliminates the need for NAT. Sites from the largest
enterprises to single households can get public IPv6 network addresses. This avoids some of the NAT-induced
application problems that are experienced by applications that require end-to-end connectivity.
36. What routing table entry has a next hop address associated with a destination network?
 directly-connected routes
 local routes
 remote routes
 C and L source routes
Explanation: Routing table entries for remote routes will have a next hop IP address. The next hop IP address
is the address of the router interface of the next device to be used to reach the destination network. Directly-
connected and local routes have no next hop, because they do not require going through another router to be
reached.

37. Which term describes a field in the IPv4 packet header that contains a unicast, multicast, or
broadcast address?
 destination IPv4 address
 protocol
 TTL
 header checksum
38. If the default gateway is configured incorrectly on the host, what is the impact on communications?
 There is no impact on communications.
 The host is unable to communicate on the local network.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  The host can communicate with other hosts on the local network, but is unable to communicate with
hosts on remote networks.
 The host can communicate with other hosts on remote networks, but is unable to communicate with hosts
on the local network.
Explanation: A default gateway is only required to communicate with devices on another network. The
absence of a default gateway does not affect connectivity between devices on the same local network.
39. Which is the compressed format of the IPv6 address fe80:0000:0000:0000:0220:0b3f:f0e0:0029?
 fe80:9ea:0:2200::fe0:290
 fe80:9ea0::2020::bf:e0:9290
 fe80::220:b3f:f0e0:29
 fe80:9ea0::2020:0:bf:e0:9290
40. Refer to the exhibit. A user issues the command netstat –r on a workstation. Which IPv6 address is
one of the link-local addresses of the workstation?

 ::1/128
 fe80::30d0:115:3f57:fe4c/128
 fe80::/64
 2001:0:9d38:6ab8:30d0:115:3f57:fe4c/128
Explanation: In the IPv6 address scheme, the network of fe80::/10 is reserved for link-local addresses. The
address fe80::/64 is a network address that indicates, in this workstation, fe80::/64 is actually used for link-local
addresses. Thus the address fe80::30d0:115:3f57:fe4c/128 is a valid IPv6 link-local address.

41. What type of IPv6 address is represented by ::1/128?

 EUI-64 generated link-local
 global unicast
 unspecified
 loopback
42. Which statement describes network security?
 It supports growth over time in accordance with approved network design procedures.
 It synchronizes traffic flows using timestamps.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  It ensures sensitive corporate data is available for authorized users.
 It prioritizes data flows in order to give priority to delay-sensitive traffic.
43. Which two devices would be described as intermediary devices? (Choose two.)
 wireless LAN controller
 server
 assembly line robots
 IPS
 gaming console
 retail scanner
44. What characteristic describes spyware?
 software that is installed on a user device and collects information about the user
 the use of stolen credentials to access private data
 an attack that slows or crashes a device or network service
 a network device that filters access and traffic coming into a network
45. Refer to the exhibit. The exhibit shows a small switched network and the contents of the MAC
address table of the switch. PC1 has sent a frame addressed to PC3. What will the switch do with the
frame?

 The switch will discard the frame.

 The switch will forward the frame to all ports.
 The switch will forward the frame only to port 2.
 The switch will forward the frame only to ports 1 and 3.
 The switch will forward the frame to all ports except port 4.
Explanation: The MAC address of PC3 is not present in the MAC table of the switch. Because the switch does
not know where to send the frame that is addressed to PC3, it will forward the frame to all the switch ports,
except for port 4, which is the incoming port.

46. Which destination address is used in an ARP request frame?

 0.0.0.0
 255.255.255.255
 the physical address of the destination host

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  FFFF.FFFF.FFFF
 AAAA.AAAA.AAAA
Explanation:
The purpose of an ARP request is to find the MAC address of the destination host on an Ethernet LAN. The
ARP process sends a Layer 2 broadcast to all devices on the Ethernet LAN. The frame contains the IP address
of the destination and the broadcast MAC address, FFFF.FFFF.FFFF. The host with the IP address that matches
the IP address in the ARP request will reply with a unicast frame that includes the MAC address of the host.
Thus the original sending host will obtain the destination IP and MAC address pair to continue the
encapsulation process for data transmission.
47. Refer to the exhibit. PC1 issues an ARP request because it needs to send a packet to PC3. In this
scenario, what will happen next?

 SW1 will send an ARP reply with its Fa0/1 MAC address.
 RT1 will send an ARP reply with its own Fa0/0 MAC address.
 RT1 will forward the ARP request to PC3.
 RT1 will send an ARP reply with the PC3 MAC address.
 RT1 will send an ARP reply with its own Fa0/1 MAC address.
Explanation: When a network device has to communicate with a device on another network, it broadcasts an
ARP request asking for the default gateway MAC address. The default gateway (RT1) unicasts an ARP reply
with the Fa0/0 MAC address.
48. A network administrator is issuing the login block-for 180 attempts 2 within 30 command on a router.
Which threat is the network administrator trying to prevent?
 a user who is trying to guess a password to access the router
 a worm that is attempting to access another part of the network
 an unidentified individual who is trying to access the network equipment room
 a device that is trying to inspect the traffic on a link
Explanation: The login block-for 180 attempts 2 within 30 command will cause the device to block
authentication after 2 unsuccessful attempts within 30 seconds for a duration of 180 seconds. A device
inspecting the traffic on a link has nothing to do with the router. The router configuration cannot prevent
unauthorized access to the equipment room. A worm would not attempt to access the router to propagate to
another part of the network.

49. Which statement describes the characteristics of packet-filtering and stateful firewalls as they relate
to the OSI model?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  A packet-filtering firewall uses session layer information to track the state of a connection, whereas a
stateful firewall uses application layer information to track the state of a connection.
 Both stateful and packet-filtering firewalls can filter at the application layer.
 A packet-filtering firewall typically can filter up to the transport layer, whereas a stateful firewall
can filter up to the session layer.
 A stateful firewall can filter application layer information, whereas a packet-filtering firewall cannot filter
beyond the network layer.
Explanation: Packet filtering firewalls can always filter Layer 3 content and sometimes TCP and UDP-based
content. Stateful firewalls monitor connections and thus have to be able to support up to the session layer of the
OSI model.
50. What are two ways to protect a computer from malware? (Choose two.)
 Empty the browser cache.
 Use antivirus software.
 Delete unused software.
 Keep software up to date.
 Defragment the hard disk.
Explanation: At a minimum, a computer should use antivirus software and have all software up to date to
defend against malware.

51. The employees and residents of Ciscoville cannot access the Internet or any remote web-based
services. IT workers quickly determine that the city firewall is being flooded with so much traffic that a
breakdown of connectivity to the Internet is occurring. Which type of attack is being launched at
Ciscoville?
 access
 Trojan horse
 reconnaissance
 DoS
Explanation: A DoS (denial of service) attack prevents authorized users from using one or more computing
resources.
52. Which two statements describe the characteristics of fiber-optic cabling? (Choose two.)
 Fiber-optic cabling does not conduct electricity.
 Multimode fiber-optic cabling carries signals from multiple sending devices.
 Fiber-optic cabling is primarily used as backbone cabling.
 Fiber-optic cabling uses LEDs for single-mode cables and laser technology for multimode cables.
 Fiber-optic cabling has high signal loss.
Explanation: Fiber-optic cabling is primarily used for high-traffic backbone cabling and does not conduct
electricity. Multimode fiber uses LEDs for signaling and single-mode fiber uses laser technology. FIber-optic
cabling carries signals from only one device to another.
53. What OSI physical layer term describes the measure of the transfer of bits across a medium over a
given period of time?
 latency
 goodput
 throughput
 bandwidth
54. Refer to the exhibit. What is the maximum possible throughput between the PC and the server?

 10 Mb/s
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  1000 Mb/s
 128 kb/s
 100 Mb/s
Explanation: The maximum throughput between any two nodes on a network is determined by the slowest link
between those nodes.

55. Match the description with the media. (Not all options are used.)

Explanation: UTP cables are used in wired office environments. Coaxial cables are used to connect cable
modems and televisions. Fiber optics are used for high transmission speeds and to transfer data over long
distances. STP cables are used in environments where there is a lot of interference.
………………………………………………………………….

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Part 1: Build the Network
a. Build the network according to the logical topology by placing the required equipment in the wiring closet
equipment rack.
b. Cable the network devices in the closet as shown in the topology diagram.
c. Connect the hosts as shown in the topology diagram.
Part 2: Develop an IP Addressing Scheme
In this part of the assessment you will develop an IP addressing scheme. You will subnet an IPv4 network to
create two subnets with the required number of hosts. You will also subnet an IPv6 network. You will then
assign the addresses according to the requirements below.
Work with the following information:
 IPv4 Network: 192.168.10.0/24
 Required number of hosts in IPv4 LAN 1: 100
 Required number of hosts in IPv4 LAN 2: 50
a. Record your subnet assignments according to the following requirements.
1) Assign the first IPv4 address of each subnet to a router interface
 LAN 1 is hosted on R1 G0/0/1
 LAN 2 is hosted on R1 G0/0/0
2) Assign the last IPv4 address of each subnet to the PC NIC.
3) Assign the second IPv4 address of LAN 1 to S1 SVI.
Part 3: Configure Basic Device Settings
Network devices must be configured over a direct console connection.
Step 1: Configure Basic Settings
a. Disable DNS lookup on R1 and S1
b. Configure router hostname using the name R1.
c. Configure switch hostname using the name S1.
d. Configure an appropriate banner on R1 and S1.
e. Allow console logins with the password C@nsPassw!
Step 2: Configure Interfaces
a. Configure R1 G0/0/0 and G0/0/1 interfaces using the addressing from the previous part of this assessment:
 Interface description
 IPv4 address / subnet mask
b. Configure the S1 VLAN 1 SVI interface using the addressing from the previous part of this assessment:
 Interface description
 IPv4 address / subnet mask
 The switch should be reachable from devices on other networks.

Part 4: Configure Security Settings on R1 and S1

Step 1: Configure enhanced password security
a. Configure NoOneShouldKnow as the encrypted privileged EXEC password
b. Encrypt all plaintext passwords
c. Set minimum password length to 10 on R1.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Step 2: Configure SSH on R1 and S1
a. Configure netsec.com as the domain name
b. Configure a local user netadmin with the encrypted password Ci$co12345
c. Set login on vty lines to use local database.
d. Configure the vty lines to accept SSH access only.
e. Generate an RSA crypto key using 1024 bits modulus.
Step 3: Secure switch ports on S1
a. Shut down all unused ports on S1.
b. Enter descriptions for all unused switch ports to indicate that they are intentionally shutdown.
Part 5: Configure the Hosts and Verify Connectivity
Configure both hosts with the IPv4 addresses that were assigned in Part 2 of this assessment.
ID: 002

Answers Key - 100% Score

Part 1: Build the Network

Placing Switch S1 and Router R1 to wiring closet equipment rack.

Using Copper Straight-Through cable to connect PC-A (FastEthernet0 port) and S1 (FastEthernet0/6 port)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Same as above, using Copper Straight-Through cable to connect all devices as shown in the topology
diagram.

ITN Final PT Skills Assessment (PTSA)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
Turn-on PCs and Router R1

Part 2: Develop an IP Addressing Scheme

Item Requirements IPv4 Address

Network Address 192.168.10.0/24

LAN 1 subnet host 192.168.10.0/25

requirements 100 SM: 255.255.255.128

LAN 2 subnet host 192.168.10.128/26

requirements 50 SM: 255.255.255.192

First host address in LAN 1

R1 G0/0/1 subnet 192.168.10.1

First host address in LAN 2

R1 G0/0/0 subnet 192.168.10.129

Second host address in LAN 1

S1 SVI subnet 192.168.10.2

Last host address in LAN 1

PC-A subnet 192.168.10.126

Last host address in LAN 2

PC-B subnet 192.168.10.190
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
Configuration for router R1
Using line console to connect PC-A and Router R1

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Click to PC-A --> Terminal app --> click OK

Router R1 configuration script

enable

configure terminal

no ip domain-lookup

hostname R1
banner motd #Unauthorized access to this device is prohibited!#

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

interface g0/0/0
description Connect to Subnet B
ip address 192.168.10.129 255.255.255.192
no shutdown
exit

interface g0/0/1
description Connect to Subnet A
ip address 192.168.10.1 255.255.255.128
no shutdown
exit

enable secret NoOneShouldKnow

service password-encryption
security passwords min-length 10

ip domain-name netsec.com
username netadmin secret Ci$co12345

line console 0
password C@nsPassw!
login
exit

line vty 0 15
transport input ssh
login local
exit

crypto key generate rsa

1024
exit
copy running-config startup-config

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Configuration for Switch S1
Then, using Console cable to connect User-B and Switch
To show Console port on Switch, Right click Switch --> Inspect Rear --> Console port

Switch S1 configuration script

enable

configure terminal

no ip domain-lookup

hostname S1
banner motd #Unauthorized access to this device is prohibited!#

interface vlan 1
description Switch Subnet A
ip address 192.168.10.2 255.255.255.128
no shutdown
exit

ip default-gateway 192.168.10.1

enable secret NoOneShouldKnow

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

service password-encryption

ip domain-name netsec.com
username netadmin secret Ci$co12345

line console 0
password C@nsPassw!
login
exit

line vty 0 15
transport input ssh
login local
exit

crypto key generate rsa

1024

int range f0/1 - 4, f0/7 - 24, g0/1 - 2

description Unused switch ports
shutdown

end
copy running-config startup-config
Part 5: Configure the Hosts and Verify Connectivity
On PCs, go to Desktop tab --> IP Configuration menu
PC-A Network Configuration

IPv4 Address 192.168.10.126

Subnet Mask 255.255.255.128

IPv4 Default Gateway 192.168.10.1

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 PC-B Network Configuration

IPv4 Address 192.168.10.190

Subnet Mask 255.255.255.192

IPv4 Default Gateway 192.168.10.129

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

……………………………………………………………………………………………

CCNA 1 – Introduction to Networks (Version 7.00) – ITNv7 Final Exam Answers Full

Number of questions: 60; Passed score: 80-100%

1. Which two traffic types use the Real-Time Transport Protocol (RTP)? (Choose two.)
 video
 web
 file transfer
 voice
 peer to peer

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

2. Which wireless technology has low-power and data rate requirements making it popular in home
automation applications?
 ZigBee
 LoRaWAN
 5G
 Wi-Fi
Explanation: ZigBee is an IEEE 802.15.4 wireless standard designed for creating personal-area networks. Low
energy, power, and data rate requirements make Zigbee a popular protocol for connecting home automation
devices.
3. Which layer of the TCP/IP model provides a route to forward messages through an internetwork?
 application
 network access
 internet
 transport
Explain:
The OSI model network layer corresponds directly to the internet layer of the TCP/IP model and is used to
describe protocols that address and route messages through an internetwork.
4. Which type of server relies on record types such as A, NS, AAAA, and MX in order to provide
services?
 DNS
 email
 file
 web
Explain:
A DNS server stores records that are used to resolve IP addresses to host names. Some DNS record types
include the following:
A – an end device IPv4 address
NS – an authoritative name server
AAAA – an end device IPv6 address
MX – a mail exchange record
5. What are proprietary protocols?
 protocols developed by private organizations to operate on any vendor hardware
 protocols that can be freely used by any organization or vendor
 protocols developed by organizations who have control over their definition and operation
 a collection of protocols known as the TCP/IP protocol suite
Explain:
Proprietary protocols have their definition and operation controlled by one company or vendor. Some of them
can be used by different organizations with permission from the owner. The TCP/IP protocol suite is an open
standard, not a proprietary protocol.
6. What service is provided by DNS?
 Resolves domain names, such as cisco.com, into IP addresses.
 A basic set of rules for exchanging text, graphic images, sound, video, and other multimedia files on the
web.
 Allows for data transfers between a client and a file server.
 Uses encryption to secure the exchange of text, graphic images, sound, and video on the web.
7. A client packet is received by a server. The packet has a destination port number of 110. What service
is the client requesting?
 DNS
 DHCP
 SMTP

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  POP3
8. What command can be used on a Windows PC to see the IP configuration of that computer?
 show ip interface brief
 ping
 show interfaces
 ipconfig
9. A wired laser printer is attached to a home computer. That printer has been shared so that other
computers on the home network can also use the printer. What networking model is in use?
 client-based
 master-slave
 point-to-point
 peer-to-peer (P2P)
Explanation: Peer-to-peer (P2P) networks have two or more network devices that can share resources such as
printers or files without having a dedicated server.
10. What characteristic describes a virus?
 a network device that filters access and traffic coming into a network
 the use of stolen credentials to access private data
 an attack that slows or crashes a device or network service
 malicious software or code running on an end device
11. Three bank employees are using the corporate network. The first employee uses a web browser to
view a company web page in order to read some announcements. The second employee accesses the
corporate database to perform some financial transactions. The third employee participates in an
important live audio conference with other corporate managers in branch offices. If QoS is implemented
on this network, what will be the priorities from highest to lowest of the different data types?
 financial transactions, web page, audio conference
 audio conference, financial transactions, web page
 financial transactions, audio conference, web page
 audio conference, web page, financial transactions
Explanation: QoS mechanisms enable the establishment of queue management strategies that enforce priorities
for different categories of application data. Thus, this queuing enables voice data to have priority over
transaction data, which has priority over web data.
12. Match the description to the IPv6 addressing component. (Not all options are used.)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

13. Refer to the exhibit. If Host1 were to transfer a file to the server, what layers of the TCP/IP model
would be used?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  only application and Internet layers
 only Internet and network access layers
 only application, Internet, and network access layers
 application, transport, Internet, and network access layers
 only application, transport, network, data link, and physical layers
 application, session, transport, network, data link, and physical layers
Explanation: The TCP/IP model contains the application, transport, internet, and network access layers. A file
transfer uses the FTP application layer protocol. The data would move from the application layer through all of
the layers of the model and across the network to the file server.
14. Match the characteristic to the forwarding method. (Not all options are used.)

Explanation: A store-and-forward switch always stores the entire frame before forwarding, and checks its CRC
and frame length. A cut-through switch can forward frames before receiving the destination address field, thus
presenting less latency than a store-and-forward switch. Because the frame can begin to be forwarded before it
is completely received, the switch may transmit a corrupt or runt frame. All forwarding methods require a Layer
2 switch to forward broadcast frames.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
15. Refer to the exhibit. The IP address of which device interface should be used as the default gateway
setting of host H1?

 R1: S0/0/0
 R2: S0/0/1
 R1: G0/0
 R2: S0/0/0
Explanation: The default gateway for host H1 is the router interface that is attached to the LAN that H1 is a
member of. In this case, that is the G0/0 interface of R1. H1 should be configured with the IP address of that
interface in its addressing settings. R1 will provide routing services to packets from H1 that need to be
forwarded to remote networks.
16. What service is provided by Internet Messenger?
 An application that allows real-time chatting among remote users.
 Allows remote access to network devices and servers.
 Resolves domain names, such as cisco.com, into IP addresses.
 Uses encryption to provide secure remote access to network devices and servers.
17. Refer to the exhibit. Match the network with the correct IP address and prefix that will satisfy the
usable host addressing requirements for each network.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
Explanation: Network A needs to use 192.168.0.128 /25, which yields 128 host addresses.
Network B needs to use 192.168.0.0 /26, which yields 64 host addresses.
Network C needs to use 192.168.0.96 /27, which yields 32 host addresses.
Network D needs to use 192.168.0.80/30, which yields 4 host addresses.
18. Refer to the exhibit. Which protocol was responsible for building the table that is shown?

 DHCP
 ARP
 DNS
 ICMP
Explanation: The table that is shown corresponds to the output of the arp -a command, a command that is used
on a Windows PC to display the ARP table.
19. A network administrator notices that some newly installed Ethernet cabling is carrying corrupt and
distorted data signals. The new cabling was installed in the ceiling close to fluorescent lights and electrical
equipment. Which two factors may interfere with the copper cabling and result in signal distortion and
data corruption? (Choose two.)
 crosstalk
 extended length of cabling
 RFI
 EMI
 signal attenuation
20. A host is trying to send a packet to a device on a remote LAN segment, but there are currently no
mappings in its ARP cache. How will the device obtain a destination MAC address?
(A host is trying to send a packet to a device on a remote LAN segment, but there are currently no mappings in
the ARP cache. How will the device obtain a destination MAC address?)
 It will send the frame and use its own MAC address as the destination.
 It will send an ARP request for the MAC address of the destination device.
 It will send the frame with a broadcast MAC address.
 It will send a request to the DNS server for the destination MAC address.
 It will send an ARP request for the MAC address of the default gateway.
22. A client packet is received by a server. The packet has a destination port number of 53. What service
is the client requesting?
 DNS
 NetBIOS (NetBT)
 POP3
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  IMAP
23. A network administrator is adding a new LAN to a branch office. The new LAN must support 25
connected devices. What is the smallest network mask that the network administrator can use for the
new network?
 255.255.255.128
 255.255.255.192
 255.255.255.224
 255.255.255.240
24. What characteristic describes a Trojan horse?
 malicious software or code running on an end device
 an attack that slows or crashes a device or network service
 the use of stolen credentials to access private data
 a network device that filters access and traffic coming into a network
25. What service is provided by HTTPS?
 Uses encryption to provide secure remote access to network devices and servers.
 Resolves domain names, such as cisco.com, into IP addresses.
 Uses encryption to secure the exchange of text, graphic images, sound, and video on the web.
 Allows remote access to network devices and servers.
26. A technician with a PC is using multiple applications while connected to the Internet. How is the PC
able to keep track of the data flow between multiple application sessions and have each application
receive the correct packet flows?
 The data flow is being tracked based on the destination MAC address of the technician PC.
 The data flow is being tracked based on the source port number that is used by each application.
 The data flow is being tracked based on the source IP address that is used by the PC of the technician.
 The data flow is being tracked based on the destination IP address that is used by the PC of the technician.
Explanation:
The source port number of an application is randomly generated and used to individually keep track of each
session connecting out to the Internet. Each application will use a unique source port number to provide
simultaneous communication from multiple applications through the Internet.
27. A network administrator is adding a new LAN to a branch office. The new LAN must support 61
connected devices. What is the smallest network mask that the network administrator can use for the
new network?
 255.255.255.240
 255.255.255.224
 255.255.255.192
 255.255.255.128

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

28. Refer to the exhibit. Match the network with the correct IP address and prefix that will satisfy the
usable host addressing requirements for each network. (Not all options are used.)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 ITN (Version 7.00) – ITNv7 Final Exam
Explanation:
Network A needs to use 192.168.0.0 /25 which yields 128 host addresses.
Network B needs to use 192.168.0.128 /26 which yields 64 host addresses.
Network C needs to use 192.168.0.192 /27 which yields 32 host addresses.
Network D needs to use 192.168.0.224 /30 which yields 4 host addresses.
29. What characteristic describes a DoS attack?
 the use of stolen credentials to access private data
 a network device that filters access and traffic coming into a network
 software that is installed on a user device and collects information about the user
 an attack that slows or crashes a device or network service

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

30. Match the application protocols to the correct transport protocols

31. What service is provided by SMTP?

 Allows clients to send email to a mail server and the servers to send email to other servers.
 Allows remote access to network devices and servers.
 Uses encryption to provide secure remote access to network devices and servers.
 An application that allows real-time chatting among remote users.
32. Which scenario describes a function provided by the transport layer?
 A student is using a classroom VoIP phone to call home. The unique identifier burned into the phone is a
transport layer address used to contact another network device on the same network.
 A student is playing a short web-based movie with sound. The movie and sound are encoded within the
transport layer header.
 A student has two web browser windows open in order to access two web sites. The transport layer
ensures the correct web page is delivered to the correct browser window.
 A corporate worker is accessing a web server located on a corporate network. The transport layer formats
the screen so the web page appears properly no matter what device is being used to view the web site.
Explain:
The source and destination port numbers are used to identify the correct application and window within that
application.
33.Refer to the exhibit. Host B on subnet Teachers transmits a packet to host D on subnet Students.
Which Layer 2 and Layer 3 addresses are contained in the PDUs that are transmitted from host B to the
router?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Layer 2 destination address = 00-00-0c-94-36-ab
Layer 2 source address = 00-00-0c-94-36-bb
Layer 3 destination address = 172.16.20.200
Layer 3 source address = 172.16.10.200
Layer 2 destination address = 00-00-0c-94-36-dd
Layer 2 source address = 00-00-0c-94-36-bb
Layer 3 destination address = 172.16.20.200
Layer 3 source address = 172.16.10.200
Layer 2 destination address = 00-00-0c-94-36-cd
Layer 2 source address = 00-00-0c-94-36-bb
Layer 3 destination address = 172.16.20.99
Layer 3 source address = 172.16.10.200
Layer 2 destination address = 00-00-0c-94-36-ab
Layer 2 source address = 00-00-0c-94-36-bb
Layer 3 destination address = 172.16.20.200
Layer 3 source address = 172.16.100.200
34. What does the term “attenuation” mean in data communication?
 strengthening of a signal by a networking device
 leakage of signals from one cable pair to another
 time for a signal to reach its destination
 loss of signal strength as distance increases
Explanation: Data is transmitted on copper cables as electrical pulses. A detector in the network interface of a
destination device must receive a signal that can be successfully decoded to match the signal sent. However, the
farther the signal travels, the more it deteriorates. This is referred to as signal attenuation.
35. Refer to the exhibit. An administrator is trying to configure the switch but receives the error message
that is displayed in the exhibit. What is the problem?

 The entire command, configure terminal, must be used.

 The administrator is already in global configuration mode.
 The administrator must first enter privileged EXEC mode before issuing the command.
 The administrator must connect via the console port to access global configuration mode.
36. Which two protocols operate at the top layer of the TCP/IP protocol suite? (Choose two.)
 TCP
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  IP
 UDP
 POP
 DNS
 Ethernet
37. A company has a file server that shares a folder named Public. The network security policy specifies
that the Public folder is assigned Read-Only rights to anyone who can log into the server while the Edit
rights are assigned only to the network admin group. Which component is addressed in the AAA network
service framework?
 automation
 accounting
 authentication
 authorization
After a user is successfully authenticated (logged into the server), the authorization is the process of determining
what network resources the user can access and what operations (such as read or edit) the user can perform.
38. What three requirements are defined by the protocols used in network communcations to allow
message transmission across a network? (Choose three.)
 message size
 message encoding
 connector specifications
 media selection
 delivery options
 end-device installation
39. What are two characteristics of IP? (Choose two.)
 does not require a dedicated end-to-end connection
 operates independently of the network media
 retransmits packets if errors occur
 re-assembles out of order packets into the correct order at the receiver end
 guarantees delivery of packets
Explain:
The Internet Protocol (IP) is a connectionless, best effort protocol. This means that IP requires no end-to-end
connection nor does it guarantee delivery of packets. IP is also media independent, which means it operates
independently of the network media carrying the packets.
40. An employee of a large corporation remotely logs into the company using the appropriate username
and password. The employee is attending an important video conference with a customer concerning a
large sale. It is important for the video quality to be excellent during the meeting. The employee is
unaware that after a successful login, the connection to the company ISP failed. The secondary
connection, however, activated within seconds. The disruption was not noticed by the employee or other
employees.
What three network characteristics are described in this scenario? (Choose three.)
 security
 quality of service
 scalability
 powerline networking
 integrity
 fault tolerance
41. What are two common causes of signal degradation when using UTP cabling? (Choose two.)
 improper termination
 low-quality shielding in cable
 installing cables in conduit

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  low-quality cable or connectors
 loss of light over long distances
Explanation: When terminated improperly, each cable is a potential source of physical layer performance
degradation.
42. Which subnet would include the address 192.168.1.96 as a usable host address?
 192.168.1.64/26
 192.168.1.32/27
 192.168.1.32/28
 192.168.1.64/29
Explanation: For the subnet of 192.168.1.64/26, there are 6 bits for host addresses, yielding 64 possible
addresses. However, the first and last subnets are the network and broadcast addresses for this subnet.
Therefore, the range of host addresses for this subnet is 192.168.1.65 to 192.168.1.126. The other subnets do not
contain the address 192.168.1.96 as a valid host address.
43. Refer to the exhibit. On the basis of the output, which two statements about network connectivity are
correct? (Choose two.)

 This host does not have a default gateway configured.

 There are 4 hops between this device and the device at 192.168.100.1.
 There is connectivity between this device and the device at 192.168.100.1.
 The connectivity between these two hosts allows for videoconferencing calls.
 The average transmission time between the two hosts is 2 milliseconds.
Explain:
The output displays a successful Layer 3 connection between a host computer and a host at 19.168.100.1. It can
be determined that 4 hops exist between them and the average transmission time is 1 milliseconds. Layer 3
connectivity does not necessarily mean that an application can run between the hosts.
44. Which two statements describe how to assess traffic flow patterns and network traffic types using a
protocol analyzer? (Choose two.)
 Capture traffic on the weekends when most employees are off work.
 Capture traffic during peak utilization times to get a good representation of the different traffic
types.
 Only capture traffic in the areas of the network that receive most of the traffic such as the data center.
 Perform the capture on different network segments.
 Only capture WAN traffic because traffic to the web is responsible for the largest amount of traffic on a
network.
Explanation: Traffic flow patterns should be gathered during peak utilization times to get a good representation
of the different traffic types. The capture should also be performed on different network segments because some
traffic will be local to a particular segment.
45. What is the consequence of configuring a router with the ipv6 unicast-routing global configuration
command?
 All router interfaces will be automatically activated.
 The IPv6 enabled router interfaces begin sending ICMPv6 Router Advertisement messages.
 Each router interface will generate an IPv6 link-local address.
 It statically creates a global unicast address on this router.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

46. Which three layers of the OSI model map to the application layer of the TCP/IP model? (Choose
three.)
 application
 network
 data link
 session
 presentation
 transport
Explanation: The TCP/IP model consists of four layers: application, transport, internet, and network access.
The OSI model consists of seven layers: application, presentation, session, transport, network, data link, and
physical. The top three layers of the OSI model: application, presentation, and session map to the application
layer of the TCP/IP model.
47. Refer to the exhibit. If PC1 is sending a packet to PC2 and routing has been configured between the
two routers, what will R1 do with the Ethernet frame header attached by PC1?

 nothing, because the router has a route to the destination network

 open the header and use it to determine whether the data is to be sent out S0/0/0
 open the header and replace the destination MAC address with a new one
 remove the Ethernet header and configure a new Layer 2 header before sending it out S0/0/0
Explanation: When PC1 forms the various headers attached to the data one of those headers is the Layer 2
header. Because PC1 connects to an Ethernet network, an Ethernet header is used. The source MAC address
will be the MAC address of PC1 and the destination MAC address will be that of G0/0 on R1. When R1 gets
that information, the router removes the Layer 2 header and creates a new one for the type of network the data
will be placed onto (the serial link).
48. What will happen if the default gateway address is incorrectly configured on a host?
 The host cannot communicate with other hosts in the local network.
 The host cannot communicate with hosts in other networks.
 A ping from the host to 127.0.0.1 would not be successful.
 The host will have to use ARP to determine the correct address of the default gateway.
 The switch will not forward packets initiated by the host.
49. What are two features of ARP? (Choose two.)
 When a host is encapsulating a packet into a frame, it refers to the MAC address table to determine the
mapping of IP addresses to MAC addresses.
 An ARP request is sent to all devices on the Ethernet LAN and contains the IP address of the destination
host and its multicast MAC address.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  If a host is ready to send a packet to a local destination device and it has the IP address but not the
MAC address of the destination, it generates an ARP broadcast.
 If no device responds to the ARP request, then the originating node will broadcast the data packet to all
devices on the network segment.
 If a device receiving an ARP request has the destination IPv4 address, it responds with an ARP
reply.
50. A network administrator is adding a new LAN to a branch office. The new LAN must support 90
connected devices. What is the smallest network mask that the network administrator can use for the
new network?
 255.255.255.128
 255.255.255.240
 255.255.255.248
 255.255.255.224
51. What are two ICMPv6 messages that are not present in ICMP for IPv4? (Choose two.)
 Neighbor Solicitation
 Destination Unreachable
 Host Confirmation
 Time Exceeded
 Router Advertisement
 Route Redirection
52. A client packet is received by a server. The packet has a destination port number of 80. What service
is the client requesting?
 DHCP
 SMTP
 DNS
 HTTP
53. What is an advantage for small organizations of adopting IMAP instead of POP?
 POP only allows the client to store messages in a centralized way, while IMAP allows distributed storage.
 Messages are kept in the mail servers until they are manually deleted from the email client.
 When the user connects to a POP server, copies of the messages are kept in the mail server for a short time,
but IMAP keeps them for a long time.
 IMAP sends and retrieves email, but POP only retrieves email.
Explanation: IMAP and POP are protocols that are used to retrieve email messages. The advantage of using
IMAP instead of POP is that when the user connects to an IMAP-capable server, copies of the messages are
downloaded to the client application. IMAP then stores the email messages on the server until the user manually
deletes those messages.
54. A technician can ping the IP address of the web server of a remote company but cannot successfully
ping the URL address of the same web server. Which software utility can the technician use to diagnose
the problem?
 tracert
 ipconfig
 netstat
 nslookup
Explain:
Traceroute (tracert) is a utility that generates a list of hops that were successfully reached along the path from
source to destination.This list can provide important verification and troubleshooting information. The ipconfig
utility is used to display the IP configuration settings on a Windows PC. The Netstat utility is used to identify
which active TCP connections are open and running on a networked host. Nslookup is a utility that allows the
user to manually query the name servers to resolve a given host name. This utility can also be used to
troubleshoot name resolution issues and to verify the current status of the name servers.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
55. Which two functions are performed at the LLC sublayer of the OSI Data Link Layer to facilitate
Ethernet communication? (Choose two.)
 implements CSMA/CD over legacy shared half-duplex media
 enables IPv4 and IPv6 to utilize the same physical medium
 integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper
 implements a process to delimit fields within an Ethernet 2 frame
 places information in the Ethernet frame that identifies which network layer protocol is being
encapsulated by the frame
Other case:
 responsible for internal structure of Ethernet frame
 applies source and destination MAC addresses to Ethernet frame
 handles communication between upper layer networking software and Ethernet NIC hardware
 adds Ethernet control information to network protocol data
 implements trailer with frame check sequence for error detection
Other case:
 integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper
 places information in the Ethernet frame that identifies which network layer protocol is being
encapsulated by the frame
 implements CSMA/CD over legacy shared half-duplex media
 adds Ethernet control information to network protocol data
 applies source and destination MAC addresses to Ethernet frame
Other case:
 enables IPv4 and IPv6 to utilize the same physical medium
 adds Ethernet control information to network protocol data
 applies source and destination MAC addresses to Ethernet frame
 responsible for the internal structure of Ethernet frame
 implements trailer with frame check sequence for error detection
Other case:
 enables IPv4 and IPv6 to utilize the same physical medium
 applies source and destination MAC addresses to Ethernet frame
 integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper
 handles communication between upper layer networking software and Ethernet NIC hardware
 responsible for internal structure of Ethernet frame
Explanation: The data link layer is actually divided into two sublayers:
+ Logical Link Control (LLC): This upper sublayer defines the software processes that provide services to the
network layer protocols. It places information in the frame that identifies which network layer protocol is being
used for the frame. This information allows multiple Layer 3 protocols, such as IPv4 and IPv6, to utilize the
same network interface and media.
+ Media Access Control (MAC): This lower sublayer defines the media access processes performed by the
hardware. It provides data link layer addressing and delimiting of data according to the physical signaling
requirements of the medium and the type of data link layer protocol in use.
56. The global configuration command ip default-gateway 172.16.100.1 is applied to a switch. What is the
effect of this command?
 The switch can communicate with other hosts on the 172.16.100.0 network.
 The switch can be remotely managed from a host on another network.
 The switch is limited to sending and receiving frames to and from the gateway 172.16.100.1.
 The switch will have a management interface with the address 172.16.100.1.
Explanation: A default gateway address is typically configured on all devices to allow them to communicate
beyond just their local network.In a switch this is achieved using the command ip default-gateway <ip address>.
57. What happens when the transport input ssh command is entered on the switch vty lines?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  The SSH client on the switch is enabled.
 The switch requires a username/password combination for remote access.
 Communication between the switch and remote users is encrypted.
 The switch requires remote connections via a proprietary client software.
Explanation: The transport input ssh command when entered on the switch vty (virtual terminal lines) will
encrypt all inbound controlled telnet connections.
58. Match the type of threat with the cause. (Not all options are used.)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 ITN (Versión 7.00) – ITNv7 Final Exam
59. A disgruntled employee is using some free wireless networking tools to determine information about
the enterprise wireless networks. This person is planning on using this information to hack the wireless
network. What type of attack is this?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  DoS
 access
 reconnaissance
 Trojan horse
Explanation: A reconnaissance attack is the unauthorized discovery and documentation of various computing
networks, network systems, resources, applications, services, or vulnerabilities.
60. What service is provided by HTTP?
 Uses encryption to secure the exchange of text, graphic images, sound, and video on the web.
 Allows for data transfers between a client and a file server.
 An application that allows real-time chatting among remote users.
 A basic set of rules for exchanging text, graphic images, sound, video, and other multimedia files on
the web.
61. A client packet is received by a server. The packet has a destination port number of 67. What service
is the client requesting?
 FTP
 DHCP
 Telnet
 SSH
62. What are two problems that can be caused by a large number of ARP request and reply messages?
(Choose two.)
 Switches become overloaded because they concentrate all the traffic from the attached subnets.
 The ARP request is sent as a broadcast, and will flood the entire subnet.
 The network may become overloaded because ARP reply messages have a very large payload due to the
48-bit MAC address and 32-bit IP address that they contain.
 A large number of ARP request and reply messages may slow down the switching process, leading the
switch to make many changes in its MAC table.
 All ARP request messages must be processed by all nodes on the local network.
Explanation: ARP requests are sent as broadcasts:
(1) All nodes will receive them, and they will be processed by software, interrupting the CPU.
(2) The switch forwards (floods) Layer 2 broadcasts to all ports.
A switch does not change its MAC table based on ARP request or reply messages. The switch populates the
MAC table using the source MAC address of all frames. The ARP payload is very small and does not overload
the switch.
63. A group of Windows PCs in a new subnet has been added to an Ethernet network. When testing the
connectivity, a technician finds that these PCs can access local network resources but not the Internet
resources. To troubleshoot the problem, the technician wants to initially confirm the IP address and DNS
configurations on the PCs, and also verify connectivity to the local router. Which three Windows CLI
commands and utilities will provide the necessary information? (Choose three.)
 netsh interface ipv6 show neighbor
 arp -a
 tracert
 ping
 ipconfig
 nslookup
 telnet
64. During the process of forwarding traffic, what will the router do immediately after matching the
destination IP address to a network on a directly connected routing table entry?
 analyze the destination IP address
 switch the packet to the directly connected interface
 look up the next-hop address for the packet

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  discard the traffic after consulting the route table
Explanation: A router receives a packet on an interface and looks at the destination IP address. It consults its
routing table and matches the destination IP address to a routing table entry. The router then discovers that it has
to send the packet to the next-hop address or out to a directly connected interface. When the destination address
is on a directly connected interface, the packet is switched over to that interface.
65. What characteristic describes antispyware?
 applications that protect end devices from becoming infected with malicious software
 a network device that filters access and traffic coming into a network
 software on a router that filters traffic based on IP addresses or applications
 a tunneling protocol that provides remote users with secure access into the network of an organization
66. A network administrator needs to keep the user ID, password, and session contents private when
establishing remote CLI connectivity with a switch to manage it. Which access method should be chosen?
 Telnet
 AUX
 SSH
 Console
67. What are the two most effective ways to defend against malware? (Choose two.)
 Implement a VPN.
 Implement network firewalls.
 Implement RAID.
 Implement strong passwords.
 Update the operating system and other application software.
 Install and update antivirus software.
Explanation: A cybersecurity specialist must be aware of the technologies and measures that are used as
countermeasures to protect the organization from threats and vulnerabilities.
68. Which type of security threat would be responsible if a spreadsheet add-on disables the local software
firewall?
 brute-force attack
 Trojan horse
 DoS
 buffer overflow
Explanation: A Trojan horse is software that does something harmful, but is hidden in legitimate software
code. A denial of service (DoS) attack results in interruption of network services to users, network devices, or
applications. A brute-force attack commonly involves trying to access a network device. A buffer overflow
occurs when a program attempts to store more data in a memory location than it can hold.
69. Which frame field is created by a source node and used by a destination node to ensure that a
transmitted data signal has not been altered by interference, distortion, or signal loss?
 User Datagram Protocol field
 transport layer error check field
 flow control field
 frame check sequence field
 error correction process field
70. A network administrator is adding a new LAN to a branch office. The new LAN must support 4
connected devices. What is the smallest network mask that the network administrator can use for the
new network?
 255.255.255.248
 255.255.255.0
 255.255.255.128
 255.255.255.192
71. What service is provided by POP3?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  Retrieves email from the server by downloading the email to the local mail application of the client.
 An application that allows real-time chatting among remote users.
 Allows remote access to network devices and servers.
 Uses encryption to provide secure remote access to network devices and servers.
72. What two security solutions are most likely to be used only in a corporate environment? (Choose
two.)
 antispyware
 virtual private networks
 intrusion prevention systems
 strong passwords
 antivirus software
73. What characteristic describes antivirus software?
 applications that protect end devices from becoming infected with malicious software
 a network device that filters access and traffic coming into a network
 a tunneling protocol that provides remote users with secure access into the network of an organization
 software on a router that filters traffic based on IP addresses or applications
74. What mechanism is used by a router to prevent a received IPv4 packet from traveling endlessly on a
network?
 It checks the value of the TTL field and if it is 0, it discards the packet and sends a Destination
Unreachable message to the source host.
 It checks the value of the TTL field and if it is 100, it discards the packet and sends a Destination
Unreachable message to the source host.
 It decrements the value of the TTL field by 1 and if the result is 0, it discards the packet and sends a
Time Exceeded message to the source host.
 It increments the value of the TTL field by 1 and if the result is 100, it discards the packet and sends a
Parameter Problem message to the source host.
75. A client packet is received by a server. The packet has a destination port number of 69. What service
is the client requesting?
 DNS
 DHCP
 SMTP
 TFTP
76. An administrator defined a local user account with a secret password on router R1 for use with SSH.
Which three additional steps are required to configure R1 to accept only encrypted SSH connections?
(Choose three.)
 Configure DNS on the router.
 Generate two-way pre-shared keys.
 Configure the IP domain name on the router.
 Generate the SSH keys.
 Enable inbound vty SSH sessions.
 Enable inbound vty Telnet sessions.
77. Which two functions are performed at the MAC sublayer of the OSI Data Link Layer to facilitate
Ethernet communication? (Choose two.)
 handles communication between upper layer networking software and Ethernet NIC hardware
 implements trailer with frame check sequence for error detection
 places information in the Ethernet frame that identifies which network layer protocol is being encapsulated
by the frame
 implements a process to delimit fields within an Ethernet 2 frame
 adds Ethernet control information to network protocol data
Case 2:
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  places information in the Ethernet frame that identifies which network layer protocol is being encapsulated
by the frame
 adds Ethernet control information to network protocol data
 responsible for internal structure of Ethernet frame
 enables IPv4 and IPv6 to utilize the same physical medium
 implements trailer with frame check sequence for error detection
Case 3:
 integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper
 enables IPv4 and IPv6 to utilize the same physical medium
 handles communication between upper layer networking software and Ethernet NIC hardware
 adds Ethernet control information to network protocol data
 implements CSMA/CD over legacy shared half-duplex media
Case 4:
 applies delimiting of Ethernet frame fields to synchronize communication between nodes
 places information in the Ethernet frame that identifies which network layer protocol is being encapsulated
by the frame
 adds Ethernet control information to network protocol data
 implements trailer with frame check sequence for error detection
 handles communication between upper layer networking software and Ethernet NIC hardware
78. An IPv6 enabled device sends a data packet with the destination address of FF02::2. What is the
target of this packet?
 all IPv6 enabled devices on the local link
 all IPv6 DHCP servers
 all IPv6 enabled devices across the network
 all IPv6 configured routers on the local link
79. What are the three parts of an IPv6 global unicast address? (Choose three.)
 subnet ID
 subnet mask
 broadcast address
 global routing prefix
 interface ID
Explanation: The general format for IPv6 global unicast addresses includes a global routing prefix, a subnet
ID, and an interface ID. The global routing prefix is the network portion of the address. A typical global routing
prefix is /48 assigned by the Internet provider. The subnet ID portion can be used by an organization to create
multiple subnetwork numbers. The interface ID is similar to the host portion of an IPv4 address.
80. A network administrator is designing the layout of a new wireless network. Which three areas of
concern should be accounted for when building a wireless network? (Choose three.)
 extensive cabling
 mobility options
 packet collision
 interference
 security
 coverage area
Explanation: The three areas of concern for wireless networks focus on the size of the coverage area, any
nearby interference, and providing network security. Extensive cabling is not a concern for wireless networks,
as a wireless network will require minimal cabling for providing wireless access to hosts. Mobility options are
not a component of the areas of concern for wireless networks.
81. A new network administrator has been asked to enter a banner message on a Cisco device. What is
the fastest way a network administrator could test whether the banner is properly configured?
 Enter CTRL-Z at the privileged mode prompt.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Exit global configuration mode.
 Power cycle the device.
 Reboot the device.
 Exit privileged EXEC mode and press Enter .
82. What method is used to manage contention-based access on a wireless network?
 token passing
 CSMA/CA
 priority ordering
 CSMA/CD
83. What is a function of the data link layer?
 provides the formatting of data
 provides end-to-end delivery of data between hosts
 provides delivery of data between two applications
 provides for the exchange of frames over a common local media
84. What is the purpose of the TCP sliding window?
 to ensure that segments arrive in order at the destination
 to end communication when data transmission is complete
 to inform a source to retransmit data from a specific point forward
 to request that a source decrease the rate at which it transmits data
Explanation: The TCP sliding window allows a destination device to inform a source to slow down the rate of
transmission. To do this, the destination device reduces the value contained in the window field of the segment.
It is acknowledgment numbers that are used to specify retransmission from a specific point forward. It is
sequence numbers that are used to ensure segments arrive in order. Finally, it is a FIN control bit that is used to
end a communication session.
85. What characteristic describes spyware?
 a network device that filters access and traffic coming into a network
 software that is installed on a user device and collects information about the user
 an attack that slows or crashes a device or network service
 the use of stolen credentials to access private data
86. Which switching method drops frames that fail the FCS check?
 store-and-forward switching
 borderless switching
 ingress port buffering
 cut-through switching
87. Which range of link-local addresses can be assigned to an IPv6-enabled interface?
 FEC0::/10
 FDEE::/7
 FE80::/10
 FF00::/8
Explain:
Link-local addresses are in the range of FE80::/10 to FEBF::/10. The original IPv6 specification defined site-
local addresses and used the prefix range FEC0::/10, but these addresses were deprecated by the IETF in favor
of unique local addresses. FDEE::/7 is a unique local address because it is in the range of FC00::/7 to FDFF::/7.
IPv6 multicast addresses have the prefix FF00::/8.
88. What service is provided by FTP?
 A basic set of rules for exchanging text, graphic images, sound, video, and other multimedia files on the
web.
 An application that allows real-time chatting among remote users.
 Allows for data transfers between a client and a file server.
 Uses encryption to secure the exchange of text, graphic images, sound, and video on the web.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

89. A user is attempting to access http://www.cisco.com/ without success. Which two configuration values
must be set on the host to allow this access? (Choose two.)
 DNS server
 source port number
 HTTP server
 source MAC address
 default gateway
90. Which two statements accurately describe an advantage or a disadvantage when deploying NAT for
IPv4 in a network? (Choose two.)
 NAT adds authentication capability to IPv4.
 NAT introduces problems for some applications that require end-to-end connectivity.
 NAT will impact negatively on switch performance.
 NAT provides a solution to slow down the IPv4 address depletion.
 NAT improves packet handling.
 NAT causes routing tables to include more information.
Explanation: Network Address Translation (NAT) is a technology that is implemented within IPv4 networks.
One application of NAT is to use private IP addresses inside a network and use NAT to share a few public IP
addresses for many internal hosts. In this way it provides a solution to slow down the IPv4 address depletion.
However, since NAT hides the actual IP addresses that are used by end devices, it may cause problems for some
applications that require end-to-end connectivity.
91. What would be the interface ID of an IPv6 enabled interface with a MAC address of 1C-6F-65-C2-
BD-F8 when the interface ID is generated by using the EUI-64 process?
 0C6F:65FF:FEC2:BDF8
 1E6F:65FF:FEC2:BDF8
 C16F:65FF:FEC2:BDF8
 106F:65FF:FEC2:BDF8
Explanation: To derive the EUI-64 interface ID by using the MAC address 1C-6F-65-C2-BD-F8, three steps
are taken.
 Change the seventh bit of the MAC address from a binary 0 to a binary 1 which changes the hex C, into a
hex E.
 Insert hex digits FFFE into the middle of the address.
 Rewrite the address in IPv6 format.
The three steps, when complete, give the interface ID of 1E6F:65FF:FEC2:BDF8.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

92. Refer to the exhibit. PC1 issues an ARP request because it needs to send a packet to PC2. In this
scenario, what will happen next?

 SW1 will send an ARP reply with the SW1 Fa0/1 MAC address.
 SW1 will send an ARP reply with the PC2 MAC address.
 PC2 will send an ARP reply with the PC2 MAC address.
 RT1 will send an ARP reply with the RT1 Fa0/0 MAC address.
 RT1 will send an ARP reply with the PC2 MAC address.
Explain: When a network device wants to communicate with another device on the same network, it sends a
broadcast ARP request. In this case, the request will contain the IP address of PC2. The destination device
(PC2) sends an ARP reply with its MAC address.
93. What service is provided by BOOTP?
 Uses encryption to secure the exchange of text, graphic images, sound, and video on the web.
 Allows for data transfers between a client and a file server.
 Legacy application that enables a diskless workstation to discover its own IP address and find a
BOOTP server on the network.
 A basic set of rules for exchanging text, graphic images, sound, video, and other multimedia files on the
web.
94. What characteristic describes adware?
 a network device that filters access and traffic coming into a network
 software that is installed on a user device and collects information about the user
 the use of stolen credentials to access private data
 an attack that slows or crashes a device or network service
95. When a switch configuration includes a user-defined error threshold on a per-port basis, to which
switching method will the switch revert when the error threshold is reached?
 cut-through
 store-and-forward
 fast-forward
 fragment-free
96. Match a statement to the related network model. (Not all options are used.)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 ITN (Version 7.00) – ITNv7 Final Exam
Place the options in the following order:peer-to-peer network
[+] no dedicated server is required
[+] client and server roles are set on a per request basis
peer-to-peer aplication
[#] requires a specific user interface
[#] a background service is required
Explain:
Peer-to-peer networks do not require the use of a dedicated server, and devices can assume both client and
server roles simultaneously on a per request basis. Because they do not require formalized accounts or
permissions, they are best used in limited situations. Peer-to-peer applications require a user interface and
background service to be running, and can be used in more diverse situations.
97. What are two primary responsibilities of the Ethernet MAC sublayer? (Choose two.)
 error detection
 frame delimiting
 accessing the media
 data encapsulation
 logical addressing

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

98. Refer to the exhibit. What three facts can be determined from the viewable output of the show ip
interface brief command? (Choose three.)

 Two physical interfaces have been configured.

 The switch can be remotely managed.
 One device is attached to a physical interface.
 Passwords have been configured on the switch.
 Two devices are attached to the switch.
 The default SVI has been configured.
Explain:
Vlan1 is the default SVI. Because an SVI has been configured, the switch can be configured and managed
remotely. FastEthernet0/0 is showing up and up, so a device is connected.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

99. Match each type of frame field to its function. (Not all options are used.)

100. What is the subnet ID associated with the IPv6 address 2001:DA48:FC5:A4:3D1B::1/64?
 2001:DA48::/64
 2001:DA48:FC5::A4:/64
 2001:DA48:FC5:A4::/64
 2001::/64

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

101. Match the firewall function to the type of threat protection it provides to the network. (Not all
options are used.)

 packet filtering – prevents access based on IP or MAC address

 URL filtering – prevents access to websites
 network address translator – (none)
 stateful packet inspection – prevents unsolicited incoming sessions
 application filtering – prevents access by port number
Explain:Firewall products come packaged in various forms. These products use different techniques for
determining what will be permitted or denied access to a network. They include the following:
+ Packet filtering – Prevents or allows access based on IP or MAC addresses
+ Application filtering – Prevents or allows access by specific application types based on port numbers
+ URL filtering – Prevents or allows access to websites based on specific URLs or keywords
+ Stateful packet inspection (SPI) – Incoming packets must be legitimate responses to requests from internal
hosts. Unsolicited packets are blocked unless permitted specifically. SPI can also include the capability to
recognize and filter out specific types of attacks, such as denial of service (DoS)
102. Users are reporting longer delays in authentication and in accessing network resources during
certain time periods of the week. What kind of information should network engineers check to find out if
this situation is part of a normal network behavior?
 syslog records and messages
 the network performance baseline
 debug output and packet captures
 network configuration files

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

103. How does the service password-encryption command enhance password security on Cisco routers
and switches?
 It requires encrypted passwords to be used when connecting remotely to a router or switch with Telnet.
 It encrypts passwords that are stored in router or switch configuration files.
 It requires that a user type encrypted passwords to gain console access to a router or switch.
 It encrypts passwords as they are sent across the network.
Explain: The service password-encryption command encrypts plaintext passwords in the configuration file so
that they cannot be viewed by unauthorized users.
104. Which two statements are correct in a comparison of IPv4 and IPv6 packet headers? (Choose two.)
 The Source Address field name from IPv4 is kept in IPv6.
 The Version field from IPv4 is not kept in IPv6.
 The Destination Address field is new in IPv6.
 The Header Checksum field name from IPv4 is kept in IPv6.
 The Time-to-Live field from IPv4 has been replaced by the Hop Limit field in IPv6.
Explanation: The IPv6 packet header fields are as follows: Version, Traffic Class, Flow Label, Payload
Length, Next Header, Hop Limit, Source Address, and Destination Address. The IPv4 packet header fields
include the following: Version, Differentiated Services, Time-to-Live, Protocol, Source IP Address, and
Destination IP Address. Both versions have a 4-bit Version field. Both versions have a Source (IP) Address
field. IPv4 addresses are 32 bits; IPv6 addresses are 128 bits. The Time-to-Live or TTL field in IPv4 is now
called Hop Limit in IPv6, but this field serves the same purpose in both versions. The value in this 8-bit field
decrements each time a packet passes through any router. When this value is 0, the packet is discarded and is
not forwarded to any other router.
105. A network administrator wants to have the same network mask for all networks at a particular
small site. The site has the following networks and number of devices:
IP phones – 22 addresses
PCs – 20 addresses needed
Printers – 2 addresses needed
Scanners – 2 addresses needed
The network administrator has deemed that 192.168.10.0/24 is to be the network used at this site. Which single
subnet mask would make the most efficient use of the available addresses to use for the four subnetworks?
 255.255.255.192
 255.255.255.252
 255.255.255.240
 255.255.255.248
 255.255.255.0
 255.255.255.224
106. What characteristic describes identity theft?
 the use of stolen credentials to access private data
 software on a router that filters traffic based on IP addresses or applications
 software that identifies fast-spreading threats
 a tunneling protocol that provides remote users with secure access into the network of an organization
107. A network administrator is adding a new LAN to a branch office. The new LAN must support 200
connected devices. What is the smallest network mask that the network administrator can use for the
new network?
 255.255.255.240
 255.255.255.0
 255.255.255.248
 255.255.255.224

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

108. What are three commonly followed standards for constructing and installing cabling? (Choose
three.)
 cost per meter (foot)
 cable lengths
 connector color
 pinouts
 connector types
 tensile strength of plastic insulator
109. Refer to the exhibit. What is wrong with the displayed termination?

 The woven copper braid should not have been removed.

 The wrong type of connector is being used.
 The untwisted length of each wire is too long.
 The wires are too thick for the connector that is used.
Explanation: When a cable to an RJ-45 connector is terminated, it is important to ensure that the untwisted
wires are not too long and that the flexible plastic sheath surrounding the wires is crimped down and not the
bare wires. None of the colored wires should be visible from the bottom of the jack.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

110. Match the characteristic to the category. (Not all options are used.)

111. A client packet is received by a server. The packet has a destination port number of 143. What
service is the client requesting?
 IMAP
 FTP
 SSH
 Telnet
112. What are two characteristics shared by TCP and UDP? (Choose two.)
 default window size
 connectionless communication
 port numbering
 3-way handshake
 ability to to carry digitized voice
 use of checksum
Explain:
Both TCP and UDP use source and destination port numbers to distinguish different data streams and to forward
the right data segments to the right applications. Error checking the header and data is done by both protocols
by using a checksum calculation to determine the integrity of the data that is received. TCP is connection-
oriented and uses a 3-way handshake to establish an initial connection. TCP also uses window to regulate the
amount of traffic sent before receiving an acknowledgment. UDP is connectionless and is the best protocol for
carry digitized VoIP signals.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

113. Refer to the exhibit. Which two network addresses can be assigned to the network containing 10
hosts? Your answers should waste the fewest addresses, not reuse addresses that are already assigned,
and stay within the 10.18.10.0/24 range of addresses. (Choose two.)

 10.18.10.200/28
 10.18.10.208/28
 10.18.10.240/27
 10.18.10.200/27
 10.18.10.224/27
 10.18.10.224/28
Explanation: Addresses 10.18.10.0 through 10.18.10.63 are taken for the leftmost network. Addresses 192
through 199 are used by the center network. Because 4 host bits are needed to accommodate 10 hosts, a /28
mask is needed. 10.18.10.200/28 is not a valid network number. Two subnets that can be used are
10.18.10.208/28 and 10.18.10.224/28.
114. A client packet is received by a server. The packet has a destination port number of 21. What service
is the client requesting?
 FTP
 LDAP
 SLP
 SNMP
115. What attribute of a NIC would place it at the data link layer of the OSI model?
 attached Ethernet cable
 IP address
 MAC address
 RJ-45 port
 TCP/IP protocol stack
116. A network administrator is adding a new LAN to a branch office. The new LAN must support 10
connected devices. What is the smallest network mask that the network administrator can use for the
new network?
 255.255.255.192
 255.255.255.248
 255.255.255.224
 255.255.255.240
117. What technique is used with UTP cable to help protect against signal interference from crosstalk?
 wrapping a foil shield around the wire pairs
 twisting the wires together into pairs

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  terminating the cable with special grounded connectors
 encasing the cables within a flexible plastic sheath
Explanation: To help prevent the effects of crosstalk, UTP cable wires are twisted together into pairs. Twisting
the wires together causes the magnetic fields of each wire to cancel each other out.
118. Refer to the exhibit. The network administrator has assigned the LAN of LBMISS an address range
of 192.168.10.0. This address range has been subnetted using a /29 prefix. In order to accommodate a new
building, the technician has decided to use the fifth subnet for configuring the new network (subnet zero
is the first subnet). By company policies, the router interface is always assigned the first usable host
address and the workgroup server is given the last usable host address. Which configuration should be
entered into the properties of the workgroup server to allow connectivity to the Internet?

 IP address: 192.168.10.65 subnet mask: 255.255.255.240, default gateway: 192.168.10.76

 IP address: 192.168.10.38 subnet mask: 255.255.255.240, default gateway: 192.168.10.33
 IP address: 192.168.10.38 subnet mask: 255.255.255.248, default gateway: 192.168.10.33
 IP address: 192.168.10.41 subnet mask: 255.255.255.248, default gateway: 192.168.10.46
 IP address: 192.168.10.254 subnet mask: 255.255.255.0, default gateway: 192.168.10.1
Explain:
Using a /29 prefix to subnet 192.168.10.0 results in subnets that increment by 8:
192.168.10.0 (1)
192.168.10.8 (2)
192.168.10.16 (3)
192.168.10.24 (4)
192.168.10.32 (5)
119. Refer to the exhibit. The switches are in their default configuration. Host A needs to communicate
with host D, but host A does not have the MAC address for its default gateway. Which network hosts will

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

receive the ARP request sent by host A?

 only host D
 only router R1
 only hosts A, B, and C
 only hosts A, B, C, and D
 only hosts B and C
 only hosts B, C, and router R1
Explain:
Since host A does not have the MAC address of the default gateway in its ARP table, host A sends an ARP
broadcast. The ARP broadcast would be sent to every device on the local network. Hosts B, C, and router R1
would receive the broadcast. Router R1 would not forward the message.
120. Match a statement to the related network model. (Not all options are used.)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 ITN (Version 7.00) – ITNv7 Final Exam
Place the options in the following order:peer-to-peer network
[+] no dedicated server is required
[+] client and server roles are set on a per request basis
peer-to-peer aplication
[#] requires a specific user interface
[#] a background service is required
Explain:
Peer-to-peer networks do not require the use of a dedicated server, and devices can assume both client and
server roles simultaneously on a per request basis. Because they do not require formalized accounts or
permissions, they are best used in limited situations. Peer-to-peer applications require a user interface and
background service to be running, and can be used in more diverse situations.
121. Refer to the exhibit. A network engineer has been given the network address of 192.168.99.0 and a
subnet mask of 255.255.255.192 to subnet across the four networks shown. How many total host

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

addresses are unused across all four subnets?

 88
 200
 72
 224
 158
122. Which connector is used with twisted-pair cabling in an Ethernet LAN?

LC conector

SC conector

BNC

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

 RJ 11
True Answer:

RJ 45 (true answer)
123. A client packet is received by a server. The packet has a destination port number of 22. What service
is the client requesting?
 SSH
 SMB/CIFS
 HTTPS
 SLP
124. What characteristic describes an IPS?
 a tunneling protocol that provides remote users with secure access into the network of an organization
 a network device that filters access and traffic coming into a network
 software that identifies fast-spreading threats
 software on a router that filters traffic based on IP addresses or applications
Explanation: IPS – An intrusion prevention system (IPS) monitors incoming and outgoing traffic looking for
malware, network attack signatures, and more. If it recognizes a threat, it can immediately stop it.
125. What service is provided by DHCP?
 An application that allows real-time chatting among remote users.
 Allows remote access to network devices and servers.
 Dynamically assigns IP addresses to end and intermediary devices.
 Uses encryption to provide secure remote access to network devices and servers.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

126. Match the header field with the appropriate layer of the OSI model. (Not all options are used.)

127. Refer to the exhibit. The switches have a default configuration. Host A needs to communicate with
host D, but host A does not have the MAC address for the default gateway. Which network devices will
receive the ARP request sent by host A?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
 i360201v3n1_275353.png
 only host D
 only hosts A, B, C, and D
 only hosts B and C
 only hosts B, C, and router R1
 only hosts A, B, and C
 only router R1
Explanation: Because host A does not have the MAC address of the default gateway in the ARP table, host A
sends an ARP broadcast. The ARP broadcast would be sent to every device on the local network. Hosts B, C,
and router R1 would receive the broadcast. Router R1 would not forward the message.
128. Which wireless technology has low-power and low-data rate requirements making it popular in IoT
environments?
 Bluetooth
 Zigbee
 WiMAX
 Wi-Fi
Explanation: Zigbee is a specification used for low-data rate, low-power communications. It is intended for
applications that require short-range, low data-rates and long battery life. Zigbee is typically used for industrial
and Internet of Things (IoT) environments such as wireless light switches and medical device data collection.
129. What two ICMPv6 message types must be permitted through IPv6 access control lists to allow
resolution of Layer 3 addresses to Layer 2 MAC addresses? (Choose two.)
 neighbor solicitations
 echo requests
 neighbor advertisements
 echo replies
 router solicitations
 router advertisements
130. A client is using SLAAC to obtain an IPv6 address for its interface. After an address has been
generated and applied to the interface, what must the client do before it can begin to use this IPv6
address?
 It must send a DHCPv6 INFORMATION-REQUEST message to request the address of the DNS server.
 It must send a DHCPv6 REQUEST message to the DHCPv6 server to request permission to use this
address.
 It must send an ICMPv6 Router Solicitation message to determine what default gateway it should use.
 It must send an ICMPv6 Neighbor Solicitation message to ensure that the address is not already in
use on the network.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
131. Two pings were issued from a host on a local network. The first ping was issued to the IP address of
the default gateway of the host and it failed. The second ping was issued to the IP address of a host
outside the local network and it was successful. What is a possible cause for the failed ping?
 The default gateway is not operational.
 The default gateway device is configured with the wrong IP address.
 Security rules are applied to the default gateway device, preventing it from processing ping requests.
 The TCP/IP stack on the default gateway is not working properly.
132. An organization is assigned an IPv6 address block of 2001:db8:0:ca00::/56. How many subnets can
be created without using bits in the interface ID space?
 256
 512
 1024
 4096
133. What subnet mask is needed if an IPv4 network has 40 devices that need IP addresses and address
space is not to be wasted?
 255.255.255.0
 255.255.255.240
 255.255.255.128
 255.255.255.192
 255.255.255.224
Explanation: In order to accommodate 40 devices, 6 host bits are needed. With 6 bits, 64 addresses are
possible, but one address is for the subnet number and one address is for a broadcast. This leaves 62 addresses
that can be assigned to network devices. The mask associated with leaving 6 host bits for addressing is
255.255.255.192.
134. Refer to the exhibit. If host A sends an IP packet to host B, what will the destination address be in
the frame when it leaves host A?

 DD:DD:DD:DD:DD:DD
 172.168.10.99
 CC:CC:CC:CC:CC:CC
 172.168.10.65
 BB:BB:BB:BB:BB:BB
 AA:AA:AA:AA:AA:AA

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explain:
When a host sends information to a distant network, the Layer 2 frame header will contain a source and
destination MAC address. The source address will be the originating host device. The destination address will
be the router interface that connects to the same network. In the case of host A sending information to host B,
the source address is AA:AA:AA:AA:AA:AA and the destination address is the MAC address assigned to the
R2 Ethernet interface, BB:BB:BB:BB:BB:BB.
135. What is a benefit of using cloud computing in networking?
 Technology is integrated into every-day appliances allowing them to interconnect with other devices,
making them more ‘smart’ or automated.
 Network capabilities are extended without requiring investment in new infrastructure, personnel, or
software.
 End users have the freedom to use personal tools to access information and communicate across a business
network.
 Home networking uses existing electrical wiring to connect devices to the network wherever there is an
electrical outlet, saving the cost of installing data cables.
Explanation: Cloud computing extends IT’s capabilities without requiring investment in new infrastructure,
training new personnel, or licensing new software. These services are available on-demand and delivered
economically to any device anywhere in the world without compromising security or function. BYOD is about
end users having the freedom to use personal tools to access information and communicate across a business or
campus network. Smart home technology is integrated into every-day appliances allowing them to interconnect
with other devices, making them more ‘smart’ or automated. Powerline networking is a trend for home
networking that uses existing electrical wiring to connect devices to the network wherever there is an electrical
outlet, saving the cost of installing data cables.
136. Which two statements are correct about MAC and IP addresses during data transmission if NAT is
not involved? (Choose two.)
 Destination IP addresses in a packet header remain constant along the entire path to a target host.
 Destination MAC addresses will never change in a frame that goes across seven routers.
 Every time a frame is encapsulated with a new destination MAC address, a new destination IP address is
needed.
 Destination and source MAC addresses have local significance and change every time a frame goes
from one LAN to another.
 A packet that has crossed four routers has changed the destination IP address four times.
137. What is one main characteristic of the data link layer?
 It generates the electrical or optical signals that represent the 1 and 0 on the media.
 It converts a stream of data bits into a predefined code.
 It shields the upper layer protocol from being aware of the physical medium to be used in the
communication.
 It accepts Layer 3 packets and decides the path by which to forward the packet to a remote network.
138. What are three characteristics of the CSMA/CD process? (Choose three.)
 The device with the electronic token is the only one that can transmit after a collision.
 A device listens and waits until the media is not busy before transmitting.
 After detecting a collision, hosts can attempt to resume transmission after a random time delay has
expired.
 All of the devices on a segment see data that passes on the network medium.
 A jam signal indicates that the collision has cleared and the media is not busy.
 Devices can be configured with a higher transmission priority.
Explanation: The Carrier Sense Multiple Access/Collision Detection (CSMA/CD) process is a contention-
based media access control mechanism used on shared media access networks, such as Ethernet. When a device
needs to transmit data, it listens and waits until the media is available (quiet), then it will send data. If two
devices transmit at the same time, a collision will occur. Both devices will detect the collision on the network.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
When a device detects a collision, it will stop the data transmission process, wait for a random amount of time,
then try again.
139. Which information does the show startup-config command display?
 the IOS image copied into RAM
 the bootstrap program in the ROM
 the contents of the current running configuration file in the RAM
 the contents of the saved configuration file in the NVRAM
Explain:
The show startup-config command displays the saved configuration located in NVRAM. The show running-
config command displays the contents of the currently running configuration file located in RAM.
140. Which two commands can be used on a Windows host to display the routing table? (Choose two.)
 netstat -s
 route print
 show ip route
 netstat -r
 tracert
Explain:
On a Windows host, the route print or netstat -r commands can be used to display the host routing table. Both
commands generate the same output. On a router, the show ip route command is used to display the routing
table. The netstat –s command is used to display per-protocol statistics. The tracert command is used to display
the path that a packet travels to its destination.
141. What are two functions that are provided by the network layer? (Choose two.)
 directing data packets to destination hosts on other networks
 placing data on the network medium
 carrying data between processes that are running on source and destination hosts
 providing dedicated end-to-end connections
 providing end devices with a unique network identifier
Explanation: The network layer is primarily concerned with passing data from a source to a destination on
another network. IP addresses supply unique identifiers for the source and destination. The network layer
provides connectionless, best-effort delivery. Devices rely on higher layers to supply services to processes.
142. Which two statements describe features of an IPv4 routing table on a router? (Choose two.)
 Directly connected interfaces will have two route source codes in the routing table: C and S .
 If there are two or more possible routes to the same destination, the route associated with the higher metric
value is included in the routing table.
 The netstat -r command can be used to display the routing table of a router.
 The routing table lists the MAC addresses of each active interface.
 It stores information about routes derived from the active router interfaces.
 If a default static route is configured in the router, an entry will be included in the routing table with
source code S .
Explanation: The show ip route command is used to display the routing table of the router. In IPv4, directly
connected interfaces will have one source code:C. The routing table stores information about directly connected
routes and remote routes. An entry in the routing table with a source code of S is included if a default static
route is configured on the router.
143. What characteristic describes a VPN?
 software on a router that filters traffic based on IP addresses or applications
 software that identifies fast-spreading threats
 a tunneling protocol that provides remote users with secure access into the network of an
organization
 a network device that filters access and traffic coming into a network
144. Why would a Layer 2 switch need an IP address?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  to enable the switch to send broadcast frames to attached PCs
 to enable the switch to function as a default gateway
 to enable the switch to be managed remotely
 to enable the switch to receive frames from attached PCs
Explanation: A switch, as a Layer 2 device, does not need an IP address to transmit frames to attached devices.
However, when a switch is accessed remotely through the network, it must have a Layer 3 address. The IP
address must be applied to a virtual interface rather than to a physical interface. Routers, not switches, function
as default gateways.
145. Match each description to its corresponding term. (Not all options are used.)

146. A user sends an HTTP request to a web server on a remote network. During encapsulation for this
request, what information is added to the address field of a frame to indicate the destination?
 the network domain of the destination host
 the IP address of the default gateway
 the MAC address of the destination host
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  the MAC address of the default gateway
Explanation: A frame is encapsulated with source and destination MAC addresses. The source device will not
know the MAC address of the remote host. An ARP request will be sent by the source and will be responded to
by the router. The router will respond with the MAC address of its interface, the one which is connected to the
same network as the source.
147. What is an advantage to using a protocol that is defined by an open standard?
 A company can monopolize the market.
 The protocol can only be run on equipment from a specific vendor.
 An open standard protocol is not controlled or regulated by standards organizations.
 It encourages competition and promotes choices.
Explain:
A monopoly by one company is not a good idea from a user point of view. If a protocol can only be run on one
brand, it makes it difficult to have mixed equipment in a network. A proprietary protocol is not free to use. An
open standard protocol will in general be implemented by a wide range of vendors.
148. Data is being sent from a source PC to a destination server. Which three statements correctly
describe the function of TCP or UDP in this situation? (Choose three.)
 The source port field identifies the running application or service that will handle data returning to
the PC.
 The TCP process running on the PC randomly selects the destination port when establishing a session with
the server.
 UDP segments are encapsulated within IP packets for transport across the network.
 The UDP destination port number identifies the application or service on the server which will
handle the data.
 TCP is the preferred protocol when a function requires lower network overhead.
 The TCP source port number identifies the sending host on the network.
Explanation: Layer 4 port numbers identify the application or service which will handle the data. The source
port number is added by the sending device and will be the destination port number when the requested
information is returned. Layer 4 segments are encapsulated within IP packets. UDP, not TCP, is used when low
overhead is needed. A source IP address, not a TCP source port number, identifies the sending host on the
network. Destination port numbers are specific ports that a server application or service monitors for requests.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

149. Match each description with the corresponding TCP mechanism. (Not all options are used.)

150. Refer to the exhibit. A company uses the address block of 128.107.0.0/16 for its network. What
subnet mask would provide the maximum number of equal size subnets while providing enough host
addresses for each subnet in the exhibit?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  255.255.255.192
 255.255.255.0
 255.255.255.128
 255.255.255.240
 255.255.255.224
Explanation: The largest subnet in the topology has 100 hosts in it so the subnet mask must have at least 7 host
bits in it (27-2=126). 255.255.255.0 has 8 hosts bits, but this does not meet the requirement of providing the
maximum number of subnets.
151. A network administrator wants to have the same subnet mask for three subnetworks at a small site.
The site has the following networks and numbers of devices:

Subnetwork A: IP phones – 10 addresses

Subnetwork B: PCs – 8 addresses

Subnetwork C: Printers – 2 addresses

What single subnet mask would be appropriate to use for the three subnetworks?
 255.255.255.0
 255.255.255.240
 255.255.255.248
 255.255.255.252
Explain:
If the same mask is to be used, then the network with the most hosts must be examined for number of hosts.
Because this is 10 hosts, 4 host bits are needed. The /28 or 255.255.255.240 subnet mask would be appropriate
to use for these networks.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

152. Match each item to the type of topology diagram on which it is typically identified. (Not all options
are used.)

153. What two pieces of information are displayed in the output of the show ip interface brief command?
(Choose two.)
 IP addresses
 interface descriptions
 MAC addresses
 next-hop addresses
 Layer 1 statuses
 speed and duplex settings
Explanation: The command show ip interface brief shows the IP address of each interface, as well as the
operational status of the interfaces at both Layer 1 and Layer 2. In order to see interface descriptions and speed
and duplex settings, use the command show running-config interface. Next-hop addresses are displayed in the
routing table with the command show ip route, and the MAC address of an interface can be seen with the
command show interfaces.
154. A user is complaining that an external web page is taking longer than normal to load.The web page
does eventually load on the user machine. Which tool should the technician use with administrator
privileges in order to locate where the issue is in the network?
 ping
 nslookup
 tracert
 ipconfig /displaydns
Explanation: The Command Prompt command tracert will map the path from the PC to the web server and
measure transit delays of packets across the network.
155. Which value, that is contained in an IPv4 header field, is decremented by each router that receives a
packet?
 Header Length
 Differentiated Services
 Time-to-Live
 Fragment Offset
Explanation: When a router receives a packet, the router will decrement the Time-to-Live (TTL) field by one.
When the field reaches zero, the receiving router will discard the packet and will send an ICMP Time Exceeded
message to the sender.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

156. A network technician is researching the use of fiber optic cabling in a new technology center. Which
two issues should be considered before implementing fiber optic media? (Choose two.)
 Fiber optic cabling requires different termination and splicing expertise from what copper cabling
requires.
 Fiber optic cabling requires specific grounding to be immune to EMI.
 Fiber optic cabling is susceptible to loss of signal due to RFI.
 Fiber optic cable is able to withstand rough handling.
 Fiber optic provides higher data capacity but is more expensive than copper cabling.
157. Match each description with an appropriate IP address. (Not all options are used.)

ITN (Version 7.00) – ITNv7 Final Exam

158. A user is executing a tracert to a remote device. At what point would a router, which is in the path to
the destination device, stop forwarding the packet?
 when the router receives an ICMP Time Exceeded message
 when the RTT value reaches zero
 when the host responds with an ICMP Echo Reply message
 when the value in the TTL field reaches zero
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  when the values of both the Echo Request and Echo Reply messages reach zero
Explain:
When a router receives a traceroute packet, the value in the TTL field is decremented by 1. When the value in
the field reaches zero, the receiving router will not forward the packet, and will send an ICMP Time Exceeded
message back to the source.
159. Users report that the network access is slow. After questioning the employees, the network
administrator learned that one employee downloaded a third-party scanning program for the printer.
What type of malware might be introduced that causes slow performance of the network?
 virus
 worm
 phishing
 spam
Explanation: A cybersecurity specialist needs to be familiar with the characteristics of the different types of
malware and attacks that threaten an organization.
………………………………………………………………………………………………………………………
…………………..
1. Which of the following is the name for all computers connected to a network that participate directly
in network communication?
 servers
 intermediary devices
 hosts
 media
Explanation: Hosts are all computers connected to a network that participate directly in network
communication.
2. When data is encoded as pulses of light, which media is being used to transmit the data?
 wireless
 Fiber-optic cable
 copper cable
Explanation: Fiber-optic cable is the media is being used to transmit the data when data is encoded as pulses of
light.
3. Which two devices are intermediary devices? (Choose two)
 hosts
 routers
 servers
 switches
Explanation: Routers and switches are intermediary devices.
………………………………………………………………………………………………………………………
……………
1. Which connection physically connects the end device to the network?
 Port
 NIC
 Interface
Explanation: A NIC is a specialized port on a networking device that connects to individual networks.
2. Which connections are specialized ports on a networking device that connect to individual networks?
 Port
 NIC
 Interface
Explanation: An interface physically connects the end device to the network.
3. Which type of network topology lets you see which end devices are connected to which intermediary
devices and what media is being used?
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  Physical topology
 Logical topology
Explanation: The logical topology lets you see which end devices are connected to which intermediary devices
and what media is being used.
4. Which type of network topology lets you see the actual location of intermediary devices and cable
installation?
 Physical topology
 Logical topology
Explanation: The physical topology lets you see the actual location of intermediary devices and cable
installation.
………………………………………………………………………………………………………………………
…..
1. Which network infrastructure provides access to users and end devices in a small geographical area,
which is typically a network in a department in an enterprise, a home, or small business?
 Extranet
 Intranet
 LAN
 WAN
Explanation: A LAN provides access to users and end devices in a small geographical area.
2. Which network infrastructure might an organization use to provide secure and safe access to
individuals who work for a different organization but require access to the organization’s data?
 Extranet
 Intranet
 LAN
 WAN
Explanation: An extranet provides secure and safe access to individuals who work for a different organization
but require access to the organization’s data.
3. Which network infrastructure provides access to other networks over a large geographical area, which
is often owned and managed by a telecommunications service provider?
 Extranet
 Intranet
 LAN
 WAN
Explanation: A WAN provides access to other networks over a large geographical area.
…………………………………………………………………………………………………………………….
1.6.6 Check Your Understanding – Reliable Networks Answers
Jan 24, 2022 Last Updated: Jan 24, 2022 CCNA v7 Course #1 No Comments
Share TweetSharePin it

1.6.6 Check Your Understanding – Reliable Networks

Playvolume00:00/01:03TruvidfullScreen

1. When designers follow accepted standards and protocols, which of the four basic characteristics of
network architecture is achieved?
 fault tolerance
 Scalability
 QoS
 Security
Explanation: Scalability happens when designers follow accepted standards and protocols.
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
2. Confidentiality, integrity, and availability are requirements of which of the four basic characteristics of
network architecture?
 fault tolerance
 Scalability
 QoS
 Security
Explanation: Confidentiality, integrity, and availability are requirements of security.
3. With which type of policy, a router can manage the flow of data and voice traffic, giving priority to
voice communications if the network experiences congestion?
 fault tolerance
 Scalability
 QoS
 Security
Explanation: QoS means that a router will manage the flow of data and voice traffic, giving priority to voice
communications.
4. Having multiple paths to a destination is known as redundancy. This is an example of which
characteristic of network architecture?
 fault tolerance
 Scalability
 QoS
 Security
Explanation: Redundancy is an example a fault-tolerant network architecture.
……………………………………………………………………………………………………………………
1. Which attack slows down or crashes equipment and programs?
 Firewall
 Virus, worm, or Trojan horse
 Zero-day or Zero-hour
 Virtual Private Network (VPN)
 Denial of Service (DoS)
Explanation: A DoS attack slows down or crashes equipment and programs.
2. Which option creates a secure connection for remote workers?
 Firewall
 Virus, worm, or Trojan horse
 Zero-day or Zero-hour
 Virtual Private Network (VPN)
 Denial of Service (DoS)
Explanation: A VPN creates a secure connection for remote workers.
3. Which option blocks unauthorized access to your network?
 Firewall
 Virus, worm, or Trojan horse
 Zero-day or Zero-hour
 Virtual Private Network (VPN)
 Denial of Service (DoS)
Explanation: A firewall blocks unauthorized access to your network.
4. Which option describes a network attack that occurs on the first day that a vulnerability becomes
known?
 Firewall
 Virus, worm, or Trojan horse
 Zero-day or Zero-hour
 Virtual Private Network (VPN)

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  Denial of Service (DoS)
Explanation: A zero-day or zero-hour attack occurs on the first day that a vulnerability becomes known.
5. Which option describes malicious code running on user devices?
 Firewall
 Virus, worm, or Trojan horse
 Zero-day or Zero-hour
 Virtual Private Network (VPN)
 Denial of Service (DoS)
Explanation: A virus, worm, or Trojan horse is malicious code running on user devices.
………………………………………………………………………………………………………………..
1. Which access method would be most appropriate if you were in the equipment room with a new switch
that needs to be configured?
Playvolume00:00/01:00Tech WorldTruvidfullScreen

 Console
 Telnet/SSH
 Aux
Explanation: Because a new switch would not have any initial configurations, it could only be configured
through the console port.
2. Which access method would be most appropriate if your manager gave you a special cable and told
you to use it to configure the switch?
 Console
 Telnet/SSH
 Aux
Explanation: Connecting a computer to a Cisco device through the console port requires a special console
cable.
3. Which access method would be the most appropriate in-band access to the IOS over a network
connection?
 Console
 Telnet/SSH
 Aux
Explanation: Both Telnet and SSH are in-band access methods that require an active network connection to the
device.
4. Which access method would be the most appropriate if you call your manager to tell him you cannot
access your router in another city over the internet and he provides you with the information to access
the router through a telephone connection?
 Console
 Telnet/SSH
 Aux
Explanation: The AUX port on a Cisco device provided out-of-band connections over a telephone line.
………………………………………………………………………………………………………………………
………………
1. Which IOS mode allows access to all commands and features?
Playvolume00:00/01:03Tech around the worldTruvidfullScreen

 global configuration mode

 interface subconfiguration mode
 line console subconfiguration mode
 privileged EXEC mode
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
  user EXEC mode
Explanation: The privileged EXEC mode allows access to all commands. Higher level commands like global
configuration mode and subconfiguration modes can only be reached from the privileged EXEC mode.
2. Which IOS mode are you in if the Switch(config)# prompt is displayed?
 global configuration mode
 interface subconfiguration mode
 line console subconfiguration mode
 privileged EXEC mode
 user EXEC mode
Explanation: Global configuration mode is identified by the (config)# prompt.
3. Which IOS mode are you in if the Switch> prompt is displayed?
 global configuration mode
 interface subconfiguration mode
 line console subconfiguration mode
 privileged EXEC mode
 user EXEC mode
Explanation: The > prompt after the device name identifies user EXEC mode.
4. Which two commands would return you to the privileged EXEC prompt regardless of the
configuration mode you are in? (Choose two.)
 CTRL+Z
 disable
 enable
 end
 exit
Explanation: To return from any prompt, all the way down to privileged EXEC mode, type the end command
or by pressing the CTRL+Z keys simultaneously on the keyboard.
………………………………………………………………………………………………………………………
…………………………..
1. What is the command to assign the name “Sw-Floor-2” to a switch?
Playvolume00:00/01:03TruvidfullScreen

 hostname Sw-Floor-2
 host name Sw-Floor-2
 name Sw-Floor-2
Explanation: The global configuration command to set the host name on a Cisco device is hostname. So, in this
example the full command is Switch(config)# hostname Sw-Floor-2.
2. How is the privileged EXEC mode access secured on a switch?
 enable class
 secret class
 enable secret class
 service password-encryption
Explanation: Securing access to the EXEC mode on a Cisco switch is accomplished with the enable secret
command followed by the password. In this example the command is Switch(config)# enable secret class.
3. Which command enables password authentication for user EXEC mode access on a switch?
 enable secret
 login
 secret
 service password-encryption
Explanation: User EXEC mode access through the console port is enabled with the login command entered in

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

line mode. For example: Switch(config-line)# login.
4. Which command encrypts all plaintext passwords access on a switch?
 enable secret
 login
 secret
 service password-encryption
Explanation: The service password-encryption command entered in global configuration mode will encrypt all
plaintext passwords.
5. Which is the command to configure a banner to be displayed when connecting to a switch?
 banner $ Keep out $
 banner motd $ Keep out $
 display $ Keep out $
 login banner $ Keep out $
Explanation: The command to set a banner stating “Keep out” that will be displayed when connection to a
Cisco switch is Switch(config)# banner motd $ Keep out $
………………………………………………………………………………………………………………………
…………………….
1. What is the structure of an IPv4 address called?
Playvolume00:00/00:00World TechTruvidfullScreen

 dotted-binary format
 dotted-decimal format
 dotted-hexadecimal format
Explanation: IPv4 addresses are written in dotted-decimal format. For example: 192.168.1.1.
2. How is an IPv4 address represented?
 four binary numbers between 0 and 1 separated by colons.
 four decimal numbers between 0 and 255 separated by periods.
 thirty-two hexadecimal numbers separated by colons.
 thirty-two hexadecimal numbers separated by periods.
Explanation: IPv4 addresses are written as four groups of decimal numbers separated by periods. For example:
192.168.1.1.
3. What type of interface has no physical port associated with it?
 console
 Ethernet
 serial
 switch virtual interface (SVI)
Explanation: Switch virtual interfaces (SVIs) are virtual and have no physical port. Layer 2 switches use SVIs
for remote management.
………………………………………………………………………………………………………………………
……………………….
1. What is the structure of an IPv4 address called?
Playvolume00:00/00:00World TechTruvidfullScreen

 dotted-binary format
 dotted-decimal format
 dotted-hexadecimal format
Explanation: IPv4 addresses are written in dotted-decimal format. For example: 192.168.1.1.
2. How is an IPv4 address represented?
 four binary numbers between 0 and 1 separated by colons.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  four decimal numbers between 0 and 255 separated by periods.
 thirty-two hexadecimal numbers separated by colons.
 thirty-two hexadecimal numbers separated by periods.
Explanation: IPv4 addresses are written as four groups of decimal numbers separated by periods. For example:
192.168.1.1.
3. What type of interface has no physical port associated with it?
 console
 Ethernet
 serial
 switch virtual interface (SVI)
Explanation: Switch virtual interfaces (SVIs) are virtual and have no physical port. Layer 2 switches use SVIs
for remote management.
………………………………………………………………………………………………………………………
…………….
1. What is the process of converting information into the proper form for transmission?

 Formatting
 Encoding
 Encapsulation
Explanation: One of the first steps to sending a message is encoding. During the encoding process, information
is converted from its original form into an acceptable form for transmission.
2. Which step of the communication process is concerned with properly identifying the address of the
sender and receiver?
 Formatting
 Encoding
 Encapsulation
Explanation: Messages sent over a computer network must be in the correct format for them to be delivered
and processed. Part of the formatting process is properly identifying the source of the message and its
destination.
3. Which three are components of message timing? (Choose three.)
 Flow control
 Sequence numbers
 Access method
 Retransmit time
 Response timeout
Explanation: Flow control is the managing of the rate of transmission. Response timeout is how long to wait
for responses. Access methods determine when someone can send a message. These are the three components
of message timing.
4. Which delivery method is used to transmit information to one or more end devices, but not all devices
on the network?
 Unicast
 Multicast
 Broadcast
Explanation: Multicast messages are addressed for transmission to one or more end devices on a network.
Broadcast messages are addressed for transmission to all devices on the network. Unicast messages are
addressed for transmission to one device on the network.
………………………………………………………………………………………………………………………
…………………………………
1. BGP and OSPF are examples of which type of protocol?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Playvolume00:22/01:03World TechTruvidfullScreen

 network communication
 network security
 routing
 service discovery
Explanation: BGP and OSPF are routing protocols. They enable routers to exchange route information to reach
remote networks.
2. Which two protocols are service discovery protocols? (Choose two.)
 DNS
 TCP
 SSH
 DHCP
Explanation: Service discovery protocols, such as DNS and DHCP enable automatic detection of service.
DHCP is used to discover services for automatic IP address allocation and DNS for name-to-IP address
resolution services.
3. What is the purpose of the sequencing function in network communication?
 to uniquely label transmitted segments of data for proper reassembly by the receiver
 to determine if data is corrupted during transmission
 to ensure data flows at an efficient rate between sender and receiver
 to guarantee delivery of data
Explanation: Sequencing uniquely identifies or labels each transmitted segment with a sequence number that is
used by the receiver to reassemble the segments in the proper order.
4. This protocol is responsible for guaranteeing the reliable delivery of information.
 TCP
 IP
 HTTP
 Ethernet
Explanation: Transmission Control Protocol (TCP) manages the conversation between end devices and
guarantees the reliable delivery of information.
………………………………………………………………………………………………………………………
………………………
1. UDP and TCP belong to which layer of the TCP/IP protocol?

 application
 transport
 internet
 network access
Explanation: TCP and UDP are both transport layer protocols.
2. Which two protocols belong in the TCP/IP model application layer?
 EIGRP
 DNS
 OSPF
 ICMP
 DHCP
Explanation: DHCP and DNS are both application layer protocols.
3. Which protocol operates at the network access layer of the TCP/IP model?
 HTTP
 IP

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  DNS
 Ethernet
Explanation: Ethernet is a network access layer protocol.
4. Which of the following are protocols that provide feedback from the destination host to the source host
regarding errors in packet delivery? (Choose two.)
 IPv4
 TCP
 ICMPv4
 IPv6
 UDP
 ICMPv6
Explanation: ICMPv4 and ICMPv6 provide feedback when errors occur.
5. A device receives a data link frame with data and processes and removes the Ethernet information.
What information would be the next to be processed by the receiving device?
 HTTP at the application layer
 HTML at the application layer
 IP at the internet layer
 UDP at the internet layer
 TCP at the transport layer
Explanation: Data is de-encapsulated so the next layer to receive the data would be the internet layer.
6. Which services are provided by the internet layer of the TCP/IP protocol suite? (Choose three.)
 File Transfer
 Address Resolution
 Routing Protocols
 Messaging
 Ethernet
 Internet Protocol
Explanation: IP (Internet Protocol), ICMP (Messaging), and Routing Protocols are services provided at the
Internet Layer.
………………………………………………………………………………………………………………………
……………………………….
1. What is the process of dividing a large data stream into smaller pieces prior to transmission?
Playvolume00:00/00:00Tech around the worldTruvidfullScreen

 sequencing
 duplexing
 multiplexing
 segmentation
Explanation: Segmentation is the process of dividing a large data stream into smaller pieces which are then
transmitted to the receiver.
2. What is the PDU associated with the transport layer?
 segment
 packet
 bits
 frame
Explanation: The transport layer PDU is known as a segment.
3. Which protocol stack layer encapsulates data into frames?
 data link
 transport

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

  network
 application
Explanation: The data link layer encapsulates data into a frame.
4. What is the name of the process of adding protocol information to data as it moves down the protocol
stack?
 de-encapsulation
 sequencing
 segmentation
 encapsulation
Explanation: As data moves down the protocol stack, protocol data is added to the original data. This process
is known as encapsulation.
………………………………………………………………………………………………………………………
………………………………..
1. What is the process of dividing a large data stream into smaller pieces prior to transmission?
Playvolume00:00/00:00Tech around the worldTruvidfullScreen

 sequencing
 duplexing
 multiplexing
 segmentation
Explanation: Segmentation is the process of dividing a large data stream into smaller pieces which are then
transmitted to the receiver.
2. What is the PDU associated with the transport layer?
 segment
 packet
 bits
 frame
Explanation: The transport layer PDU is known as a segment.
3. Which protocol stack layer encapsulates data into frames?
 data link
 transport
 network
 application
Explanation: The data link layer encapsulates data into a frame.
4. What is the name of the process of adding protocol information to data as it moves down the protocol
stack?
 de-encapsulation
 sequencing
 segmentation
 encapsulation
Explanation: As data moves down the protocol stack, protocol data is added to the original data. This process
is known as encapsulation.
………………………………………………………………………………………………………………………
……..
1. True or false. Standards organizations are usually vendor-neutral.
Playvolume00:00/00:00Tech WorldTruvidfullScreen

 True
 False
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
Explanation: The correct answer is True. Most standards organizations are vendor-neutral, non-profit
organizations that develop and promote open standards.
2. This standards organization is concerned with the Request for Comments (RFC) documents that
specify new protocols and update existing ones.
 Internet Society (ISOC)
 Internet Engineering Task Force (IETF)
 Internet Architecture Board (IAB)
 Internet Research Task Force (IRTF)
Explanation: The IETF develops and maintains the specifications for new protocols and updates to existing
protocols through published documents called Request for Comments (RFCs).
3. This standards organization is responsible for IP address allocation and domain name management.
 Internet Society (ISOC)
 Internet Engineering Task Force (IETF)
 Internet Architecture Board (IAB)
 Internet Assigned Numbers Authority (IANA)
Explanation: IANA is responsible for overseeing and managing IP address allocation, domain name
management, and protocol identifiers for ICANN.
4. What types of standards are developed by the Electronics Industries Alliance (EIA)?
 electric wiring and connectors
 radio equipment and cell towers
 video compression and broadband communications
 Voice over IP (VoIP) and satellite communications
Explanation: The Electronics Industries Alliance (EIA) develops standards related to electrical wiring,
connectors, and network equipment racks
………………………………………………………………………………………………………………………
……………….
1. True or false? Frames exchanged between devices in different IP networks must be forwarded to a
default gateway.
Playvolume00:00/01:03Tech around the worldTruvidfullScreen

 True
 False
Explanation: The correct answer is True. When two devices are on different IP networks, frames cannot be
sent directly to the receiver since it is on a different logical network. The frames must first be forwarded to a
default gateway (router).
2. True or false? The right-most part of an IP address is used to identify the network that a device
belongs to.
 True
 False
Explanation: The correct answer is False. It is the left-most portion of an IP address that identifies the network.
The right-most portion is used to identify the specific device or interface.
3. What is used to determine the network portion of an IPv4 address?
 subnet mask
 MAC address
 right-most part of the IP address
 left-most part of the MAC address
Explanation: It is the subnet mask used in IPv4 that is used to determine the network portion of an IPv4
address.
4. Which of the following statements are true regarding network layer and data link layer addresses?

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

(Choose three.)
 Data link layer addresses are logical and network layer addresses are physical.
 Network layer addresses are expressed as 12 hexadecimal digits and data link layer addresses are decimal.
 Network layer addresses are logical and data link addresses are expressed as 12 hexadecimal digits.
 Data link layer addresses are physical and network layer addresses are logical.
 Network layer addresses are either 32 or 128 bits in length.
 Data link layer addresses are 32 bits in length.
Explanation: MAC addresses are physical addresses and 48 bits or 12 hex digits in length. IPv4 addresses and
IPv6 addresses are logical. IPv4 addresses are 32 bits and IPv6 addresses are 128 bits.
5. What is the order of the two addresses in the data link frame?
 source MAC, destination MAC
 destination MAC, source IP
 destination IP, source IP
 destination MAC, source MAC
 source IP, destination IP
Explanation: The data link frame addressing consists of a destination and source MAC address in that order.
6. True or False? Data Link addresses are physical so they never change in the data link frame from
source to destination.
 True
 False
Explanation: The correct answer is False. Data link addresses change within the data link frame when the
receiving device is not on the same network.
………………………………………………………………………………………………………………………
………………..
1. True or false? The physical layer is only concerned with wired network connections.
Playvolume00:02/01:03World TechTruvidfullScreen

 true
 false
Explanation: The correct answer is False. The physical layer provides the means to transport bits over the
network whether the network is wired or wireless.
2. True or false? When a frame is encoded by the physical layer, all bits are sent over the media at the
same time.
 true
 false
Explanation: The correct answer is False. When encoded, the bits making up a frame are transmitted over the
media one at a time.
3. The physical layer of the receiving device passes bits up to which higher level layer?
 application
 presentation
 network
 data link
Explanation: The physical layer receives frames from the data-link layer and converts it to bits for
transmission. On the sending device the physical layer passes the transmitted bits up to the data link layer as a
complete frame.
4. What PDU is received by the physical layer for encoding and transmission?
 frame
 segment
 packet

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

Explanation: The physical layer receives frames from the data link layer for encoding and transmission.
………………………………………………………………………………………………………………………
…………………….
1. Which of the following attaches antennas to wireless devices? It can also be bundled with fiber-optic
cabling for two-way data transmission.
Playvolume00:00/00:00TruvidfullScreen

 UTP
 STP
 coaxial
Explanation: Coaxial cable, which is used for cable TV and internet service, is also used to attach antennas to
wireless devices.
2. Which of the following counters EMI and RFI by using shielding techniques and special connectors?
 UTP
 STP
 coaxial
Explanation: Shielded twisted pair cable (STP) incorporates shielding and special connectors to prevent signal
interference from other wires, EMI, and RFI.
3. Which of the following is the most common network media?
 UTP
 STP
 coaxial
Explanation: Unshielded twisted pair cable (UTP) is the most common type of wired network media.
4. Which of the following terminates with BNC, N type and F type connectors?
 UTP
 STP
 coaxial
Explanation: Coaxial cable, which is used for cable TV and internet service and to attach antennas to wireless
devices, uses several types of connectors to include BNC, N type, and F type connectors.
………………………………………………………………………………………………………………………
…………
1. Which of the following fiber-optic cable types can help data travel approximately 500 meters?
Playvolume00:00/00:00Tech WorldTruvidfullScreen

 multimode
 single-mode
Explanation: Multimode fiber has a shorter distance limitation than single-mode fiber. Commonly used on
LANs with a distance of a few hundred meters but can be up to 2 km.
2. Which of the following fiber-optic cable types use light emitting diodes (LEDs) as a data light source
transmitter?
 multimode
 single-mode
Explanation: Multimode fiber used LEDs as the light source.
3. Which of the following fiber-optic cable types use lasers in a single stream as a data light source
transmitter?
 multimode
 single-mode
Explanation: Single-mode fiber uses laser technology as the light source.
4. Which of the following fiber-optic cable types is used to connect long-distance telephony and cable TV
PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY
applications?
 multimode
 single-mode
Explanation: Single-mode fiber is commonly used for long haul TV and telephony applications.
5. Which of the following fiber-optic cable types can travel approximately 100 km?
 multimode
 single-mode
Explanation: Single-mode fiber is used for long haul applications up to 100 km.
6. Which of the following fiber-optic cable types is used within a campus network?
 multimode
 single-mode
Explanation: Multimode fiber has a shorter distance limitation than single mode fiber. Commonly used on
LANs within a campus network.
………………………………………………………………………………………………………………………
………………..
1. True or false. Wireless is not well suited for enterprise networks.
Playvolume00:00/00:00Tech WorldTruvidfullScreen

 true
 false
Explanation: The correct answer is False. Wireless provides the greatest mobility of all media and is gaining
popularity in enterprise networks.
2. True or false. Wireless LANs operate in full-duplex allowing all devices to send or receive data at the
same time so the number of users does not impact performance.
 true
 false
Explanation: The correct answer is False. WLANs operate in half-duplex, which means only one device can
send or receive at a time. This can impact network performance if there are many users accessing the WLAN at
the same time.
3. Which of the following wireless standards is best suited for industrial and IoT environments?
 Zigbee
 WiMAX
 Wi-Fi
 Bluetooth
Explanation: Zigbee is intended for applications that require short-range, low data-rates, and long battery life,
making it well suited for industrial and IoT applications.
4. Which of the following wireless standards is used for Personal Area Networks (PANs) and allows
devices to communicate over distances of 1 to 100 meters?
 Zigbee
 WiMAX
 Wi-Fi
 Bluetooth
Explanation: This wireless standard is used for Personal Area Networks (PANs) and allows devices to
communicate over distances of 1 to 100 meters.

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY

PREPARED BY: UWIMANNZI KALIMA_JOHNSON DUCY