最新CCNA第一学期第十章答案

CCNA1 ENetwork Final Exam - CCNA Exploration: 网络基础知识(版本4.0)这是我自己做的，其中一道题错误，不知道是哪个，被扣了2分。

日期：2011-10-10 1下列有关网络层编址的陈述中哪三项是正确的?（选择三项。

）网络层编址使用分层式结构。

使用长度为48 位的地址。

以太网交换机可以使用它来作出转发决定。

它不支持广播。

其使用的编址方法可以识别地址的网络部分。

网络层编址可以区分每台主机。

2请参见图示。

在PC 上发出所示的命令。

IP 地址192.168.33.2 代表什么？主机的IP 地址主机的默认网关主机的主页IP 地址主机的首选域名服务器网站resolver1.mooki.local 的IP 地址。

3哪三个地址属于公有IP 地址？（选择三项。

）127.0.0.1196.1.105.6132.11.9.9910.0.0.1172.16.9.1046.1.1.974数据链路层有哪两项功能？（选择两项）分割和记录数据。

在源主机和目的主机上运行的程序之间进行数据交换。

控制数据如何传递到介质中。

生成信号以表示每个帧中的比特。

使用帧头和帧尾封装每个数据包，以便在本地介质中进行传输。

5请参见图示。

主机A 要访问Internet。

哪项第2 层地址和第3 层地址的组合可以让主机A 实现此访问？目的MAC：0030.8596.DE83，默认网关：209.165.202.130目的MAC：0030.8596.DE82，默认网关：172.16.9.2目的MAC：0030.8517.44C4，默认网关：172.16.1.1目的MAC：0030.8517.44C4，默认网关：209.165.202.1306下列哪三项是CSMA/CD 的特征？（选择三项。

）设备会侦听介质，并且仅当无法检测到介质上存在其它信号时才会传输数据。

介质上的所有设备均可侦听所有通信。

设备根据配置的优先级来进行通信。

第一章：正确答案：2.4.5解析：由于不需要使用网络设备和专用服务器，对等网络易于创建，复杂性更低，且成本更少。

而且对等网络也没有集中管理。

这种网络安全性更低，不可扩展，而且那些同时充当客户端和服务器的设备可能性能更差正确答案：1解析：正确答案：解析：选择网络介质的条件包括：所选介质可以成功传送信号的距离、要安装所选介质的环境、必须传输的数据量和速度以及介质和安装的成本。

正确答案：3和4解析：终端设备上的应用程序可以生成数据，更改数据内容并且负责启动封装过程。

正确答案：1和4解析：终端设备会发出通过网络传输的数据。

中间设备会在链路发生故障时通过备用路径传输数据，并且会过滤数据传输以增强安全性。

网络介质提供网络消息的传输通道。

正确答案：4解析：外联网是公司外部的人或企业合作伙伴访问数据的网络区域。

内部网只描述通常仅供内部人员访问的网络区域。

当设备连接到有线网络时，有线 LAN 会受 BYOD（自带设备）影响。

使用大学无线 LAN 的设备多为平板电脑和智能手机。

大学生主要使用无线 WAN 来访问他们的手机运营商网络。

.正确答案：2解析：由于通过 Internet 可以联系在线供应商，所以家庭用户通过 Internet 进行网上购物。

内联网基本上是仅供内部使用的局域网。

外联网是外部合作伙伴访问组织内部特定资源的网络。

家庭用户并不一定使用 LAN 来访问 Internet。

例如，PC 可以通过调制解调器直接连接到 ISP。

正确答案：1解析：内部网这个术语用于表示一个组织的私有局域网和广域网连接。

内部网的设计旨在仅允许该组织的成员、员工或其他获得授权的人员进行访问。

正确答案：2和4解析：电缆和 DSL 均能实现高带宽、始终联网，并提供到主机计算机或 LAN 的以太网连接。

10正确答案：2和3解析：移动电话连接需要使用移动电话网络。

卫星连接通常用于家庭或企业外部不便使用物理布线的位置。

11正确答案：2解析：当对网络资源的请求超出了可用容量时，网络就会变得拥堵。

CCNA Exploration: 路由协议和概念10.1.3 链路状态路由过程考试试题：请参见图示。

当使用链路状态路由协议的路由器 D 添加到网络中后，在它了解网络拓扑结构其所做的第一件事是什么它向路由器 B 和 C 发送LSP 数据包。

它向网络中的所有路由器发送LSP 数据包。

它向网络中的所有路由器发送Hello 数据包。

它向路由器 A 和 E 发送有关其直连邻居的信息。

它向网络中的所有路由器发送有关其直连邻居的信息。

当其接口处于up 状态时，它便能获知自己的直连网络。

10.1.7 将链路状态数据包泛洪到邻居考试试题：哪两种事件将会导致链路状态路由器向所有邻居发送LSP（选择两项。

）30 秒计时器超时网络拓扑结构发生变化时运行贝尔曼-福特算法之后立即发送DUAL FSM 建立拓扑数据库之后立即发送路由器或路由协议初次启动时10.1.8 构建链路状态数据库考试试题：链路状态路由过程的最后一步是什么将后继路由加入路由表中SPF 计算到达每个目的网络的最佳路径向所有邻居发送LSP 以收敛网络运行DUAL 算法以找出到达目的网络的最佳路径10.1.7 将链路状态数据包泛洪到邻居考试试题：哪两项陈述正确描述了链路状态路由过程（选择两项。

）区域中的所有路由器都有链路状态数据库区域中的每个路由器都将向所有邻居发送LSPLSP 使用保留的组播地址来访问邻居通过运行扩散更新算法(DUAL) 来防止路由环路可靠传输协议(RTP) 是用于发送和接收LSP 的协议6 创建链路状态数据包考试试题：请参见图示。

在从路由器JAX 发送到路由器ATL 的LSP 中，可以看到哪种类型的信息跳数路由的正常运行时间链路的开销正在使用的所有路由协议的列表10.2.2 链路状态路由协议的要求考试试题：现代链路状态协议通过哪些功能来尽可能降低处理器和内存要求将路由拓扑结构分割成更小的区域为路由计算分配较低的处理优先级使用更新计时器限制路由更新严格执行水平分割规则以减少路由表条目10.1.3 链路状态路由过程考试试题：为使网络达到收敛，每台链路状态路由器会执行哪三个步骤（选择三项。

某公司正在考虑是使用客户端/服务器还是对等网络。

下列哪三项是对等网络的特征？（选择三项。

）哪种设备的功能是确定消息在网际网络中传输的路径？哪两个条件有助于您从各种网络介质当中选择一种网络介质？（请选择两项。

）下列哪两项描述了中间设备？（选择两项。

）网络上的终端设备有哪两项功能？（选择两项。

）由于许多学生带着自己的平板电脑和智能手机去学校访问学校资源，大学里的IT 人员最有可能需要重新设计的网络区域是什么？家庭用户必须要有哪种网络类型访问才能进行网上购物？一位分支机构办公室的员工正在为客户创建报价。

为此，该员工需要访问位于总部办公室的内部服务器上的机密定价信息。

该员工将要访问哪种类型的网络？下列哪两种连接选项可以为家庭办公室中的计算机提供始终在线的高带宽Internet 连接？（选择两项。

）下列哪两个Internet 连接选项不需要建筑物铺设物理电缆？（请选择两项。

）以下哪种术语描述了当对网络资源的请求超出可用容量时网络的状态？哪种类型的网络流量需要QoS？以下哪项表述准确定义了术语“带宽”？网络管理员正在实施一种要求复杂强密码的策略。

该策略支持哪种数据保护目标？下列哪种说法正确描述了云计算的特征？什么是Internet？下列哪种说法描述了电力线网络技术的用途？哪种安全侵犯会对家庭用户的生活造成最大损害？一位用户正在一个小型办公室网络上实施安全策略。

以下哪两种操作将为此网络提供求？（选择两项。

）A网络能够通过相同的通信通道传输语音、视频、文本和图形。

填空题。

缩写词是指允许员工在公司办公室中使用其个人设备访问网络和其他资源的策略。

正确答案：byod将每个描述与网络通信形式配对请将每个特征对应的internet连接类型进行匹配将每个定义与安全目标配对操作软件内核的作用是什么？网络管理员与交换机建立远程CLI 连接对其实施管理时，需要确保用户ID、密码和会话内容的保密性。

应当选择哪种访问方法？当在安全环境下执行初始配置时，下列哪个程序可用来访问Cisco 2960 交换机？哪个命令或组合键让用户返回命令层级中的上一级？某台路由器具有有效的操作系统，且NVRAM 中存储有配置文件。

CCNA认证基础-习题分析讲义第一部分第一章1. Convert the binary number 10111010 into its hexadecimal equivalent. Select thecorrect answer from the list below. （3）1) 852) 903) BA4) A15) B36) 1C2. Convert the Hexadecimal number A2 into its Base 10 equivalent. Select thecorrect answer from the list below. （4）1) 1562) 1583) 1604) 1625) 1646) 1663. Which binary number is a representation of the decimal number 248? （3）1) 111010002) 111101003) 111110004) 111110104. Which of the following will test the internal loopback of a node? （3）1) ping 10.10.10.12) ping 192.168.1.13) ping 127.0.0.14) ping 223.223.223.2235) ping 255.255.255.2555. What can be verified by successfully pinging the reserved loopback address ona host? （2）1) Connectivity exists between two hosts on the LAN.2) The TCP/IP stack of the local host is configured correctly.3) A connection exists between a host and the default gateway.4) The route a packet takes from the local host to a remote host is valid.6. Which of the following commands could be used on a Windows-basedcomputer to view the current IP configuration of the system? (Choose two.) （3，4）1) configip2) ifconfig3) ipconfig4) winipcfg5) Winipconfig7.Refer to the exhibit. What must be configured on Host B to allow it to communicate withthe Host C? (Choose three.) （2，4，6）1)the MAC address of RTA router interface connected to Switch 12) a unique host IP address3)the IP address of Switch 14)the default gateway address5)the MAC address of Host C6)the subnet mask for the LAN8. What are important characteristics to consider when purchasing a networkinterface card? (Choose two.) （2，3）1) security used on the network2) media used on the network3) system bus used on the computer4) software installed on the network5) diagnostic tools installed on the network第二章1. Select the necessary information that is required to compute the estimated timeit would take to transfer data from one location to another. (Choose two.) （1，5）1) file size2) data format3) network in use4) type of medium5) bandwidth of the link2. Using the data transfer calculation T=S/BW, how long would it take a 4MB file tobe sent over a 1.5Mbps connection? （2）1) 52.2 seconds2) 21.3 seconds3) 6.4 seconds4) 2 seconds5) 0.075 seconds6) 0.0375 seconds3. What are features of the TCP/IP Transport layer? (Choose two.) （3，5）1) path determination2) handles representation, encoding and dialog control3) uses TCP and UDP protocols4) packet switching5) reliability, flow control and error correction4. Which of the following is the Layer 4 PDU? （4）1) bit2) frame3) packet4) Segment5. What is important to remember about the data link layer of the OSI model whenconsidering Peer to Peer communication? (Choose three.) （3，4，5）1) It links data to the transport layer.2) It encapsulates frames into packets.3) It provides a service to the network layer.4) It encapsulates the network layer information into a frame.5) Its header contains a physical address which is required to complete the datalink functions.6) It encodes the data link frame into a pattern of 1s and 0s (bits) for transmissionon the medium.6. Which statement describes a star topology? （2）1) Each host in the network is connected to a backbone cable that is terminated atboth ends.2) Each host is connected to a hub or switch, either of which acts as a central pointfor all network connections.3) Each host is directly connected to two other hosts to form a long chain of hosts.4) Each host has a connection to all other hosts in the network.7. Which statements describe the logical token-passing topology? (Choose two.)（2）1) Network usage is on a first come, first serve basis.2) Computers are allowed to transmit data only when they possess a token.3) Data from a host is received by all other hosts. Electronic tokens are passedsequentially to each other.4) Token passing networks have problems with high collision rates.8. Which technologies are considered to be LAN technologies? (Choose two.) （2，5）1) DSL2) Token Ring3) Frame Relay4) ISDN5) Ethernet9.Refer to the exhibit. Host A wants to send a message to host B. Place the following stepsin the correct order so that the message can be sent. （4）A - add network layer addressesB - transmit bitsC - create application dataD - add data link layer addresses1) B, A, D, C2) D, A, C, B3) A, D, A, B4) C, A, D, B5) C, D, A, B6) C, B, A, D10.After an uns u ccessful ping to the local router, the technician decides to investigate therouter. The technician observes that the lights and fan on the router are not operational.In which layer of the OSI model is the problem most likely occurring? （4）1) transport2) network3) data link4) physical11. Refer t o the exhibit. What is the order of the TCP/IP Protocol Data Units as datais moved as indicated through the OSI model? （3）1) data, segments, frames, packets, bits2) data, packets, segments, frames, bits3) data, segments, packets, frames, bits4) data, packets, frames, segments, bits第三章1. Which combinations of charges will be repelled by electric force? (Choose two.)（4，6）1) neutral and neutral2) neutral and positive3) neutral and negative4) positive and positive5) positive and negative6) negative and negative2. Which of the following are considered the best media for use in data networkcommunications? (Choose three.) （2，3，6）1) glass2) fibers3) copper4) gold5) plastic6) silicon7) Silver3. Which of the following wireless standards increased transmission capabilitiesto 11 Mbps? （2）1) 802.11a2) 802.11b3) 802.11c4) 802.11d4. What is attenuation? （3）1) opposition to the flow of current2) measurement of electrical signals relative to time3) degradation of a signal as it travels along the medium4) amount or volume of traffic that is flowing on the medium5. Which cable specifications are indicated by 10BASE-T? （3）1) 10 Mbps transmission speed, baseband signal, 500 meter cable length, coaxialcable2) 10 Mbps transmission speed, broadband signal, 100 meter cable length, coaxialcable3) 10 Mbps transmission speed, baseband signal, 100 meter cable length,twisted-pair cable4) 10 Gbps transmission speed, broadband signal, 500 meter cable length,twisted-pair cable6. For which Ethernet installations would fiber optic rather than Cat5 UTP be abetter media choice? (Choose two.) （2，4）1) a 3 meter connection between two 10BASE-T hubs2) an environment with many potential sources of EMI and RFI3) a peer to peer connection between two NICs with RJ45 connectors4) an installation between two buildings that are located 500 meters apart5) a single building installation where installation costs are the major concern7. Refer to the exhibit. Which type of UTP cable should be used to connect Host Ato Switch1? （4）1) rollover2) console3) crossover4) straight-through8. Refer to the exhibit. Which type of Category 5 cable is used to make an Ethernetconnection between Host A and Host B? （3）1) coax cable2) rollover cable3) crossover cable4) straight-through cable第四章1. During cable testing, which of the following are used to calculate theinformation carrying capacity of a data cable? (Choose two.) （2，5）1) bit speed2) attenuation3) wire map4) saturation limit5) analog bandwidth2. What type of wiring problem is depicted in this sample of a cable tester? （3）1) a fault2) a short3) an open4) a split a good map3. In a new network installation, the network administrator has decided to use amedium that is not affected by electrical noise. Which cable type will best meet this standard? （5）1) coaxial2) screened twisted pair3) shielded twisted pair4) unshielded twisted pair5) fiber optic4. How does network cable length affect attenuation? （3）1) Category 5 cable that is run in metal conduit has the highest attenuation in theshortest distance.2) Shorter cable lengths have greater signal attenuation.3) Longer cable lengths have greater signal attenuation.4) The length of the cable has no effect on signal attenuation.第五章1. The highest capacity Ethernet technologies should be implemented in whichareas of a network? (Choose three.) （3，4，5）1) between workstation and backbone switch2) between individual workstations3) between backbone switches4) between enterprise server and switch5) on aggregate access links2. What device must be used between an AUI port of a networking device and themedia to which it is being connected? （3）1) a transducer2) a transmitter3) a transceiver4) a transponder5) a port replicator3. An ISDN Basic Rate Interface (BRI) is composed of how many signalingchannels? （1）1) 12) 23) 34) 44. Which layer of the OSI model covers physical media? （1）1) Layer 12) Layer 23) Layer 34) Layer 45) Layer 56) Layer 65. What type of network cable is used between a terminal and a console port? （3）1) cross-over2) straight-through3) rollover4) patch cable6. What is the recommended maximum number of workstations configured on apeer-to-peer network? （3）1) 252) 153) 104) 55) 27. Which of the following increases the potential for a collision to occur? （4）1) the use of an active hub instead of an intelligent hub2) the use of an intelligent hub instead of an active hub3) a reduction in the number of devices attached to the hub4) an increase in the number of devices attached to the hub8. What is the maximum length of a media segment used for 100BASE-TX? （1）1) 100 meters2) 185 meters3) 400 meters4) 500 meters9. Which cable diagram displays the end to end pinout for a crossover cable usedwith Cisco devices? （3）1) Cable A2) Cable B3) Cable C4) Cable D第六章1. What does the "10" in 10Base2 indicate about this version of Ethernet? （2）1) The version uses Base10 numbering within the frames.2) The version operates at a transmission rate of 10 Mbps.3) Frames can travel 10 meters unrepeated.4) The maximum frame length is 10 octets.2. How is a MAC address represented? （4）1) four groups of eight binary digits separated by a decimal point2) four Base10 digits separated by a decimal point3) six hexadecimal digits4) twelve hexadecimal digits5) twenty-four Base10 digits3. Which of the following statements are correct about CSMA/CD? (Choose three.)（1，3，6）1) It is a media access method used in LANs.2) It is a media access method used in FDDI WANs.3) When a device needs to transmit, it checks to see if the media is available.4) A device sends data without checking media availability because all deviceshave equal access.5) Multiple devices can successfully transmit simultaneously.6) Only one device can successfully transmit at a time.4. Which devices shown in the graphic must have a MAC address? （5）1) only PC2) only router3) PC and router4) PC, hub, and router5) PC, printer, and router第七章1. Which of the following items are common to all 100BASE technologies?(Choose three.) （1，4，5）1) frame format2) media3) connectors4) timing5) multi-part encoding2. Which of the following does 1000BASE-T use to accomplish gigabit speeds onCat 5e cable? （4）1) the use of four conductors in full-duplex mode2) the use of two multiplexed pairs of wires, simultaneously3) the use of three pairs of wires for data and the fourth for stabilization andforward error correction4) the use of all four pairs of wires in full-duplex mode, simultaneously3. For which of the following is Ethernet considered the standard? (Choose three.)（1，4，5）1) inter-building connection2) mid-length voice3) video conferencing4) vertical wiring5) horizontal wiring6) diagonal wiring4. To make sure timing limitations are not violated when implementing a 10 MbpsEthernet network involving hubs or repeaters, a technician should adhere to which rule? （4）1) the 4-5-3 rule2) the 6-4-2 rule3) the 3-4-5 rule4) the 5-4-3 rule5. What is the maximum distance that 10BASE-T will transmit data before signalattenuation affects the data delivery? （1）1) 100 meters2) 185 meters3) 300 meters4) 500 meters6. When using Category 5 UTP cable, which RJ-45 pin pairs are used to exchangedata between hosts on an Ethernet network? （2）1) 1 and 2; 4 and 52) 1 and 2; 3 and 63) 3 and 6; 7 and 84) 4 and 5; 7 and 8第八章1. John has been hired as the network administrator of a local company and hasdecided to add more hubs to the company's existing network. Which of the following has been caused by John's inexperience? （1）1) collision domain extended2) an increased number of collision domains3) increased network performance4) increased bandwidth5) extended bandwidth2. "CompA" is trying to locate a new computer named "CompB" on the network.Which of the following does "CompA" broadcast to find the MAC address of "CompB"? （2）1) MAC request2) ARP request3) ping4) Telnet5) proxy ARP3. Which of the following is a term associated with replacing hubs with switchesto increase the number of collision domains? （3）1) encapsulation2) latency3) segmentation4) layered model5) broadcast domain6) Extended4. The accumulation of traffic from which of the following can cause a networkcondition called broadcast radiation? (Choose three.) （3，5，6）1) anonymous FTP servers2) telnet sessions3) video over IP applications4) NAS services5) ARP requests6) RIP updates5. Which of the following describes the use of Spanning Tree Protocol (STP)? （4）1) resolve routing loops2) eliminate Split Horizon errors3) limit collisions4) resolve switching loops6. Which term describes the delay in time that occurs when a frame leaves itssource device and reaches its destination? （4）1) collision2) backoff3) attenuation4) latency5) broadcast7. Based on the graphic above, which of the following occurs as each host systemcomes on line in the topology? （2）1) The switch sends its MAC address to each host.2) The switch adds MAC address to the bridge table as each host sends a frame.3) Each host exchanges MAC addresses with each other.4) The switch listens for data traffic to block since the switch lacks an IP address. 8. Which devices segment collision domains? (Choose two.) （2，3）1) transceiver2) router3) switch4) hub5) media9. Which protocol is used to eliminate switching loops? （3）1) Transmission Control Protocol2) Routing Information Protocol3) Spanning Tree Protocol4) Interior Gateway Routing Protocol5) Internetworking Protocol10. Refer to the exhibit. A network associate needs to establish an Ethernetconnection between Host A and Host B. However, the distance between the two hosts is further than the cabling standards allow. Which two devices that operate at the physical layer of the OSI can be used to allow Host A and Host B to communicate? （2，5）1) switch2) hub3) bridge4) router5) repeater第九章1. Which term describes an ARP response by a router on behalf of a requestinghost? （3）1) ARP2) RARP3) Proxy ARP4) Proxy RARP2. Which protocol functions at the internet layer of the TCP/IP protocol suite? （4）1) File Transfer Protocol (FTP)2) Trivial File Transfer Protocol (TFTP)3) Transmission Control Protocol (TCP)4) Internet Protocol (IP)5) User Datagram Protocol (UDP)6) Simple Mail Transport Protocol (SMTP)3. Which of these workstation installation and setup tasks are concerned withnetwork access layer functions? (Choose two.) （2，4）1) configuring the e-mail client2) installing NIC drivers3) configuring IP network settings4) connecting the network cable5) using FTP to download application software updates4. Which part of an IP address identifies a specific device on a network? （4）1) first two octets2) third and fourth octets3) network portion4) host portion5) only the fourth octet5. Which of the following are features of the Internet Protocol (IP)? (Choose two.)（1，3）1) It is the most widely implemented global addressing scheme.2) It allows two hosts to share a single address on a local area network.3) It is a hierarchical addressing scheme allowing addresses to be grouped.4) It is only locally significant, used primarily on local area networks.6. Which of the following are useable Class A IP addresses with a default subnetmask? (Choose three.) （2，3，5）1) 127.0.39.12) 111.9.28.303) 123.1.2.1324) 128.50.38.25) 105.1.34.16) 0.23.92.37. Which application layer protocols use UDP at the transport layer? (Choose two.)（2，4）1) FTP2) SNMP3) Telnet4) DHCP5) SMTP第十章1. Which OSI layer encapsulates data into packets? （3）1) session2) transport3) network4) data link2. Which OSI layer defines the functions of a router? （3）1) physical2) data link3) network4) transport5) session3. Which of the following are Cisco proprietary routing protocols? (Choose two.)（2，6）1) RIPv22) IGRP3) OSPF4) BGP5) RIPv16) EIGRP4. A company with a Class B license needs to have a minimum of 1,000 subnetswith each subnet capable of accommodating 50 hosts. Which mask below is the appropriate one? （4）1) 255.255.0.02) 255.255.240.03) 255.255.255.04) 255.255.255.1925) 255.255.255.2245. A small company has a class C network license and needs to create five usablesubnets, each subnet capable of accommodating at least 20 hosts. Which of the following is the appropriate subnet mask? （3）1) 255.255.255.02) 255.255.255.1923) 255.255.255.2244) 255.255.255.2406. When a network administrator applies the subnet mask 255.255.255.248 to aClass A address, for any given subnet, how many IP addresses are available to be assigned to devices? （6）1) 10222) 5103) 2544) 1265) 306) 67. Host A is assigned the IP address 10.18.97.55 /21. How many more networkdevices can be assigned to this subnetwork if Host A is the only one that has an IP address assigned so far? （4）1) 2542) 5093) 10214) 20455) 40946) 81908.Refe r to the exhibit. The network administrator wants to create a subnet for thepoint-to-point connection between the two routers. Which subnetwork mask would provide enough addresses for the point-to-point link with the least number of wasted addresses?1) 255.255.255.1922) 255.255.255.2243) 255.255.255.2404) 255.255.255.2485) 255.255.255.2529. What is the correct number of usable subnetworks and hosts for the IP networkaddress 192.168.35.0 subnetted with a /28 mask?1) 6 networks / 64 hosts2) 14 networks / 32 hosts3) 14 networks / 14 hosts4) 30 networks / 64 hosts10. Which subnet masks would be valid for a subnetted Class B address? (Choosetwo.) （5，6）1) 255.0.0.02) 255.254.0.03) 255.224.0.04) 255.255.0.05) 255.255.252.06) 255.255.255.19211. Refer to the exhibit. How will the Fohi router dynamically learn routes to the192.168.16.16/28, 192.168.16.32/28, and 192.168.16.48/28 subnetworks? （3）1) with a static route2) with a routed protocol3) with a routing protocol4) with a directly connected route12. How many broadcast domains are shown in the diagram? （1）1) three2) four3) five4) six5) seven6) eight13. How many collision domains are shown in the diagram? （5）1) three2) four3) five4) six5) seven6) eight14. A router interface has been assigned an IP address of 172.16.192.166 with amask of 255.255.255.248. To which subnet does the IP address belong?1) 172.16.0.02) 172.16.192.03) 172.16.192.1284) 172.16.192.1605) 172.16.192.1686) 172.16.192.17615. Refer to the exhibit. Host A is sending data to Host B. Once R2 determines thatdata from Host A must be forwarded to R1 to reach Host B, which layer of the OSI model will R2 use to address and build the frames destined for R1?1) physical2) data link3) network4) transport5) session6) presentation16. Which type of address is 192.168.170.112/28?1) host address2) subnetwork address3) broadcast address4) multicast address17. Which type of address is 223.168.17.167/29?1) host address2) multicast address3) broadcast address4) subnetwork address18. Which combination of network id and subnet mask correctly identifies all IPaddresses from 172.16.128.0 through 172.16.159.255?1) 172.16.128.0 255.255.255.2242) 172.16.128.0 255.255.0.03) 172.16.128.0 255.255.192.04) 172.16.128.0 255.255.224.05) 172.16.128.0 255.255.255.19219. Refer to the exhibit. The internetwork in the exhibit has been assigned the IPaddress 172.20.0.0. What would be the appropriate subnet mask to maximize the number of networks available for future growth?1) 255.255.224.02) 255.255.240.03) 255.255.248.04) 255.255.252.05) 255.255.254.06) 255.255.255.0第十一章1. If a network administrator needed to download files from a remote server, whichprotocols could the administrator use to remotely access those files? (Choose two.) （3，5）1) NFS2) ASCII3) TFTP4) IMAP5) FTP6) UDP2. What is established during a connection-oriented file transfer betweencomputers? (Choose two.) （2，5）1) a temporary connection to establish authentication of hosts2) a connection used for ASCII or binary mode data transfer3) a connection used to provide the tunnel through which file headers aretransported4) a command connection which allows the transfer of multiple commands directlyto the remote server system5) a control connection between the client and server3. Which of the following protocols are used for e-mail transfer between clientsand servers? (Choose three.) （3，4，5）1) TFTP2) SNMP3) POP34) SMTP5) IMAP46) postoffice4. Which type of institution does the domain suffix .org represent? （4）1) government2) education3) network4) non-profit5. Which of the following services is used to translate a web address into an IPaddress? （1）1) DNS2) WINS3) DHCP4) Telnet6. Which part of the URL http://www.awsb.ca/teacher gives the name of thedomain? （4）1) www2) http://3) /teacher4) awsb.ca7. Which protocols are TCP/IP application layer protocols? (Choose two.) （2，4）1) UDP2) FTP3) IP4) SMTP5) TCP8. What are three characteristics of the TCP protocol? (Choose three.) （3，4，6）1) has less overhead than UDP2) is used for IP error messages3) forces the retransmission undelivered packets4) creates a virtual session between end-user applications5) carries the IP address of destination host in the TCP header6) is responsible for breaking messages into segments and reassembling9. Two peer hosts are exchanging data using TFTP. During the current session, adatagram fails to arrive at the destination. Which statement is true regarding the retransmission of the datagram? （2）1) Datagram retransmission requires user authentication.2) Datagram retransmission is controlled by the application.3) Datagram retransmission relies on the acknowledgements at transport layer.4) Datagram retransmission occurs when the retransmission timer expires in thesource host.案例学习1. 子网计算练习：Answer2. 子网号及广播地址计算练习Answer3. 子网规划练习：已知：给定一个C类地址201.16.5.0/24。

最新CCNA第一学期第十章答案1、OSI 模型的哪三层提供类似于TCP/IP 模型的应用层提供的网络服务？（请选择三项。

）OSI 模型的三个较高层，即会话层、表示层和应用层，提供类似于TCP/IP 模型的应用层提供的服务。

OSI 模型的较低层主要处理数据流。

表示层负责处理通用数据格式。

加密、格式化和压缩是该层的部分功能。

网络层负责寻址，会话层负责会话控制，应用层或会话层负责进行身份验证。

4、一家生产公司向ISP 定制特定的托管服务。

要求的服务包括托管万维网、文件传输和电子邮件。

下列哪些协议可满足这三项主要的应用服务？（选择三项。

）当用户在Web 浏览器的地址栏中键入网站域名时，工作站需要向DNS 服务器发送DNS 请求，请求执行名称解析流程。

该请求是客户端/服务器模型的应用。

电驴应用程序是P2P。

在工作站上共享打印机的网络属于点对点网络。

使用ARP 只是主机发送的广播消息。

IMAP 和POP 是用于检索电子邮件的协议。

使用IMAP 而不使用POP 的好处在于，当用户连接到使用IMAP 的服务器时，邮件副本会下载到客户端应用程序。

然后，IMAP 会将电子邮件存储在服务器上，直至用户手动删除这些邮件。

8、如果发送电子邮件时目的电子邮件服务器繁忙，SMTP 将执行哪两项操作？（请选择两项。

）当发出电子邮件时，目的电子邮件服务器可能处于脱机状态或忙碌状态。

无论哪种情况，SMTP 会将邮件转到后台处理，稍后再发送。

服务器会定期检查邮件队列，然后尝试再次发送。

经过预定义的到期时间后，如果仍然无法发送邮件，则会将其作为无法投递的邮件退回给发件人。

10、启用DHCP 的客户端PC 已经启动。

在下列哪两步中，客户端PC 会使用广播消息与DHCP 服务器通信？（请选择两项。

）启用DHCP 的客户端和DHCP 服务器之间的所有DHCP 消息均使用广播消息，直至收到DHCPACK 消息为止。

启用DHCP 的客户端只能发送DHCPDISCOVER 和DHCPREQUEST 消息。

学网络技术去鸿鹄网网络技术从零开始梦想之路鸿鹄开启鸿鹄论坛：鸿鹄团队致力于为每一位网络技术爱好者提供帮助有事您发帖，斑竹为您跑腿，给您答疑。

CCNA CCNP最新题库/最新战报发布区：/thread.php?fid-166.html 鸿鹄客服QQ:712023090请加QQ群：96564501103107466鸿鹄题库新纪元CCNA V102上卷（共上下两卷，加lab集）1What can a network administrator utilize by using PPP Layer2encapsulation?(Choose three.)A.VLAN supportpressionC.AuthenticationD.Sliding windowsE.Multilink supportF.Quality of serviceAnswer:B,C,E2Which two statements best describe the wireless security standard that is defined by WPA? (Choose two.)A.It specifies use of a static encryption key that must be changed frequently to enhance security.B.It requires use of an open authentication method.C.It specifies the use of dynamic encryption keys that change each time a client establishes a connection.D.It requires that all access points and wireless devices use the same encryption key.E.It includes authentication by PSK.Answer:C,E3While troubleshooting a connectivity problem,a network administrator notices that a port status LED on a Cisco Catalyst series switch is alternating green and amber.Which condition could this indicate?A.The port is experiencing errors.B.The port is administratively disabled.C.The port is blocked by spanning tree.D.The port has an active link with normal traffic activity.Answer:A4Refer to the exhibit.The network shown in the exhibit is running the RIPv2routing protocol.The network has converged, and the routers in this network are functioning properly.The FastEthernet0/0interface on R1goes down.In which two ways will the routers in this networkrespond to this change?(Choose two.)A.All routers will reference their topology database to determine if any backup routes to the192.168.1.0network are known.B.Routers R2and R3mark the route as inaccessible and will not accept any further routing updates from R1until their hold-down timers expire.C.Because of the split-horizon rule,router R2will be prevented from sending erroneous information to R1about connectivity to the192.168.1.0network.D.When router R2learns from R1that the link to the192.168.1.0network has been lost,R2will respond by sending a route back to R1with an infinite metric to the192.168.1.0network.E.R1will send LSAs to R2and R3informing them of this change,and then all routers will send periodic updates at an increased rate until the network again converges.Answer:C,D5Which three statements are correct about RIP version2?(Choose three.)A.It has the same maximum hop count as version1.B.It uses broadcasts for its routing updates.C.It is a classless routing protocol.D.It has a lower default administrative distance than RIP version1.E.It supports authentication.F.It does not send the subnet mask in updates.Answer:A,C,E6What should be part of a comprehensive network security plan?A.Allow users to develop their own approach to network security.B.Physically secure network equipment from potential access by unauthorized individuals.C.Encourage users to use personal information in their passwords to minimize the likelihood of passwords being forgotten.D.Delay deployment of software patches and updates until their effect on end-user equipment is well known and widely reported.E.Minimize network overhead by deactivating automatic antivirus client updates.Answer:B7How should a router that is being used in a Frame Relay network be configured to avoid split horizonissues from preventing routing updates?A.Configure a separate sub-interface for each PVC with a unique DLCI and subnet assigned to thesub-interface.B.Configure each Frame Relay circuit as a point-to-point line to support multicast and broadcast traffic.C.Configure many sub-interfaces on the same subnet.D.Configure a single sub-interface to establish multiple PVC connections to multiple remote router interfaces.Answer:A8Refer to the exhibit.Which statement describes DLCI17?A.DLCI17xn R2and R3.B.DLCI17describes a PVC on R2.It cannot be used on R3or R1.C.DLCI17is the Layer2address used by R2to describe a PVC to R3.D.DLCI17describes the dial-up circuit from R2and R3to the service provider. Answer:C9Which routing protocol by default uses bandwidth and delay as metrics?A.RIPB.BGPC.OSPFD.EIGRPAnswer:D10Refer to the exhibit.Switch-1needs to send data to a host with a MAC address of00b0.d056.efa4.What will Switch-1do with this data?A.Switch-1will drop the data because it does not have an entry for that MAC address.B.Switch-1will flood the data out all of its ports except the port from which the data originated.C.Switch-1will send an ARP request out all its ports except the port from which the data originated.D.Switch-1will forward the data to its default gateway.Answer:B11Refer to the exhibit.Why would the network administrator configure RA in this manner?A.To give students access to the InternetB.To prevent students from accessing the command prompt of RAC.To prevent administrators from accessing the console of RAD.To give administrators access to the InternetE.To prevent students from accessing the InternetF.To prevent students from accessing the Admin networkAnswer:B12While troubleshooting a network connectivity problem,a technician observes steady link lights on boththe workstation NIC and the switch port to which the workstation is connected.However,when the ping command is issued from the workstation,the output message"Request timed out."is displayed.At which layer of the OSI model does the problem most likely exist?A.The session layerB.The protocol layerC.The data link layerD.The access layerE.The network layerF.The application layerAnswer:E13A network administrator has configured two switches,named London and Madrid,to use VTP. However,the switches are not sharing VTP messages.Given the command output shown in the graphicWhy are these switches not sharing VTP messages?A.The VTP version is not correctly configured.B.The VTP operating mode is not correctly configured.C.The VTP domain name is not correctly configured.D.VTP pruning mode is disabled.E.VTP V2mode is disabled.F.VTP traps generation is disabled.Answer:C14On point-to-point networks,OSPF hello packets are addressed to which address?A.127.0.0.1B.172.16.0.1C.192.168.0.5D.223.0.0.1E.224.0.0.5F.254.255.255.255Answer:E15Refer to the exhibit.The switches on a campus network have been interconnected as shown.All of the switches are running Spanning Tree Protocol with its default settings.Unusual traffic patterns are observed and it is discovered that Switch9is the root bridge.Which change will ensure that Switch1will be selected as the root bridge instead of Switch9?A.Lower the bridge priority on Switch1.B.Raise the bridge priority on Switch1.C.Lower the bridge priority on Switch9.D.Raise the bridge priority on Switch9.E.Disable spanning tree on Switch9.F.Physically replace Switch9with Switch1in the topology.Answer:A16You just entered the following command:Company(config)#line console0A.Configure the terminal type.B.Enter protocol parameters for a serial line.C.Create a password on the console terminal line.D.Establish a terminal type4connection to a remote host.Answer:C17The part of Company network is shown below:According to the diagram,which of the following is true about the internetwork?pany2is the root bridge.B.Spanning Tree is not runn ing.C.No collisions can occur in traffic between CompanyB and CompanyC.panyD and Company Server1are in the same network.E.If Fa0/0is down on Company-R,PassGuideA cannot access Company Server1Answer:E18Which three of the following are reasons for assigning ports to VLANs on a switch?(Choose three.)A.to permit more devices to connect to the networkB.to iscC.to logically group hosts on the basis of functionD.to increase network securityAnswer:B,C,D19The Company network is shown below:Based on the information shown above,when the Company network administrator attempts to ping Host Company-PC2from Host Company-PC1and shown.What is a possible problem?A.The link between Company1and Company2is down.B.Interface Fa0/0on Company2is shutdown.C.The link between Company2and Company3is down.D.The default gateway on Company-PC1is incorrect.Answer:C20What is the objective of a default route?A.Offering routing to override the configured dynamic routing protocolB.Offering routing to a local web serverC.Offering routing from an ISP to a stub networkD.Offering routing to a destination that is not specified in the routing table and which is outside the local networkAnswer:D21Which three benefits are of VLANs?(Choose three.)A.To increase the size of collision domains.B.To allow logical grouping of users by function.C.To enhance network security.D.To increase the number of broadcast domains while decreasing the size of the broadcast domains. Answer:B,C,D22A default Frame Relay WAN is classified as what type of physical network?A.Point-to-pointB.Broadcast multi-accessC.Nonbroadcast multi-accessD.Nonbroadcast multipointE.Broadcast point-to-multipointAnswer:C23Refer to the exhibit.How many broadcast domains exist in the exhibited topology?A.OneB.TwoC.ThreeD.FourE.FiveF.SixAnswer:C24The command frame-relay map ip10.121.16.8102broadcast was entered on the router.Which of thefollowing statements is true concerning this command?A.This command should be executed from the global configuration mode.B.The IP address10.121.16.8is the local router port used to forward data.C.102is the remote DLCI that will receive the information.D.This command is required for all Frame Relay configurations.E.The broadcast option allows packets,such as RIP updates,to be forwarded across the PVC. Answer:E25Which type of attack is characterized by a flood of packets that are requesting a TCP connection to a server?A.Denial of serviceB.Brute forceC.ReconnaissanceD.Trojan horseAnswer:A26Which of the following are associated with the application layer of the OSI model?(Choose two.)A.PingB.TelnetC.FTPD.TCPE.IPAnswer:B,C27What are two recommended ways of protecting network device configuration files from outside network security threats?(Choose two.)A.Allow unrestricted access to the console or VTY ports.e a firewall to restrict access from the outside to the network devices.C.Always use Telnet to access the device command line because its data is automatically encrypted.e SSH or another encrypted and authenticated transport to access device configurations.E.Prevent the loss of passwords by disabling password encryption.Answer:B,D28Refer to the exhibit.Switch1has just been restarted and has passed the POST routine.Host A sends its initial frame to Host C.What is the first thing the switch will do as regards populating the switching table?A.Switch1will add192.168.23.4to the switching table.B.Switch1will add192.168.23.12to the switching table.C.Switch1will add000A.8A47.E612to the switching table.D.Switch1will add000B.DB95.2EE9to the switching table.Answer:C29Exhibit:The user of Host1wants to ping the DSL modem/router at192.168.1.254.Based on the Host1 ARP table that is shown in the exhibit,what will Host1do?A.Send a unicast ARP packet to the DSL modem/routerB.Send unicast ICMP packets to the DSL modem/routerC.Send Layer3broadcast packets to which the DSL modem/router respondsD.Send a Layer2broadcast that is received by Host2,the switch,and the DSL modem/router Answer:B30Which spread spectrum technology does the802.11b standard define for operation?A.IRB.DSSSC.FHSSD.DSSS and FHSSE.IR,FHSS,and DSSSAnswer:B31Refer to the exhibit.Assume that all router interfaces are operational and correctly configured.In addition,assume that OSPF has been correctly configured on router R2.How will the default route configured on R1affect the operation of R2?A.Any packet destined for a network that is not directly connected to router R1will be dropped.B.Any packet destined for a network that is not directly connected to router R2will be dropped immediately.C.Any packet destined for a network that is not directly connected to router R2will be dropped immediately because of the lack of a gateway on R1.D.The networks directly connected to router R2will not be able to communicate with the172.16.100.0, 172.16.100.128,and172.16.100.64subnetworks.E.Any packet destined for a network that is not referenced in the routing table of router R2will be directed to R1.R1will then send that packet back to R2and a routing loop will occur.Answer:E32A network interface port has collision detection and carrier sensing enabled on a shared twisted pair network.From this statement,what is known about the network interface port?A.This is a10Mb/s switch port.B.This is a100Mb/s switch port.C.This is an Ethernet port operating at half duplex.D.This is an Ethernet port operating at full duplex.E.This is a port on a network interface card in a PC.Answer:C33Refer to the topology and router configuration shown in the graphic.A host on the LAN is accessing an FTP server across the Internet.Which of the following addresses could appear as a source address for the packets forwarded by the router to the destination server?A.10.10.0.1B.10.10.0.2C.199.99.9.33D.199.99.9.57E.200.2.2.17F.200.2.2.18Answer:D34What is the purpose of the Cisco VLAN Trunking Protocol?A.To allow traffic to be carried from multiple VLANs over a single link between switchesB.To allow native VLAN information to be carried over a trunk linkC.To allow for managing the additions,deletions,and changes of VLANs between switchesD.To provide a mechanism to manually assign VLAN membership to switch portsE.To provide a mechanism to dynamically assign VLAN membership to switch portsAnswer:C35Which two statements describe the Cisco implementation of VLANs?(Choose two.)A.VLAN1is the default Ethernet VLAN.B.CDP advertisements are only sent on VLAN1002.C.By default,the switch IP address is in VLAN1005.D.VLANs1002through1005are automatically created and cannot be deleted.Answer:A,D36Refer to the exhibit.What two results would occur if the hub were to be replaced with a switch that is configured with one Ethernet VLAN?(Choose two.)A.The number of collision domains would remain the same.B.The number of collision domains would decrease.C.The number of collision domains would increase.D.The number of broadcast domains would remain the same.E.The number of broadcast domains would decrease.F.The number of broadcast domains would increase.Answer:C,D37Three access points have been installed and configured to cover a small office.What term defines thewireless topology?A.BSSB.IBSSC.ESSD.SSIDAnswer:C38A TCP/IP transfer is diagrammed in the exhibit.A window size of three has been negotiated for this transfer.Which message will be returned from the receiver to the sender as part of this TCP/IP transfer?A.Send ACK1-3B.Send ACK3C.Send ACK4D.Send ACK4-6E.Send ACK6F.Send ACK7Answer:C39Which two statements are true based the output of the show frame-relay lmi command issued on the Branch router?(Choose two.)A.LMI messages are being sent on DLCI0.B.LMI messages are being sent on DLCI1023.C.Interface Serial0/0is not configured to encapsulate Frame Relay.D.The Frame Relay switch is not responding to LMI requests from the router.E.The LMI exchange between the router and Frame Relay switch is functioning properly.F.The router is providing a clock signal on Serial0/0on the circuit to the Frame Relay switch. Answer:A,D40.Refer to the graphic.A static route to the10.5.6.0/24network is to be configured on the HFD router. Which commands will accomplish this?(Choose two.)A.HFD(config)#ip route10.5.6.00.0.0.255fa0/0B.HFD(config)#ip route10.5.6.00.0.0.25510.5.4.6C.HFD(config)#ip route10.5.6.0255.255.255.0fa0/0D.HFD(config)#ip route10.5.6.0255.255.255.010.5.4.6E.HFD(config)#ip route10.5.4.60.0.0.25510.5.6.0F.HFD(config)#ip route10.5.4.6255.255.255.010.5.6.0Answer:CD41.What should be done prior to backing up an IOS image to a TFTP server?(Choose three.)A.Make sure that the server can be reached across the network.B.Check that authentication for TFTP access to the server is set.C.Assure that the network server has adequate space for the IOS image.D.Verify file naming and path requirements.E.Make sure that the server can store binary files.F.Adjust the TCP window size to speed up the transfer.Answer:ACD42.What are the possible trunking modes for a switch port?(Choose three.)A.transparentB.autoC.onD.desirableE.clientF.forwardingAnswer:BCD43.The network172.25.0.0has been divided into eight equal subnets.Which of the following IP addresses can be assigned to hosts in the third subnet if the ip subnet-zero command is configured on the router?(Choose three.)A.172.25.78.243B.172.25.98.16C.172.25.72.0D.172.25.94.255E.172.25.96.17F.172.25.100.16Answer:ACD44.Refer to the graphic.Host1cannot receive packets from Host2.Assuming that RIP v1is the routing protocol in use,what is wrong with the IP configuration information shown?(Choose two.)A.The fa0/1interface of router R2has been assigned a broadcast address.B.The fa0/1network on router R2overlaps with the LAN attached to R1.C.Host2has been assigned the incorrect subnet mask.D.Host1has been configured with the255.255.248.0subnet mask.E.Host2on router R2is on a different subnet than its gateway.Answer:BC45.What are three valid reasons to assign ports to VLANs on a switch?(Choose three.)A.to make VTP easier to implementB.to isolate broadcast trafficC.to increase the size of the collision domainD.to allow more devices to connect to the networkE.to logically group hosts according to functionF.to increase network securityAnswer:BEF46.Refer to the topology shown in the exhibit.Which ports will be STP designated ports if all the links areoperating at the same bandwidth?(Choose three.)A.Switch A-Fa0/0B.Switch A-Fa0/1C.Switch B-Fa0/0D.Switch B-Fa0/1E.Switch C-Fa0/0F.Switch C-Fa0/1Answer:BCD47.Which statements describe two of the benefits of VLAN Trunking Protocol?(Choosetwo.)A.VTP allows routing between VLANs.B.VTP allows a single switch port to carry information to more than one VLAN.C.VTP allows physically redundant links while preventing switching loops.D.VTP simplifies switch administration by allowing switches to automatically share VLAN configuration information.E.VTP helps to limit configuration errors by keeping VLAN naming consistent across the VTP domain.F.VTP enhances security by preventing unauthorized hosts from connecting to the VTP domain. Answer:DE48What are two results of entering the Switch(config)#vtp mode client command on a Catalyst switch?(Choose two.)A.The switch will ignore VTP summary advertisements.B.The switch will forward VTP summary advertisements.C.The switch will process VTP summary advertisementsD.The switch will originate VTP summary advertisements.E.The switch will create,modify and delete VLANs for the entire VTP domain.Answer:BC49.A network administrator issues the ping192.168.2.5command and successfully tests connectivity to a host that has been newly connected to the network.Which protocols were used during the test? (Choose two.)A.ARPB.CDPC.DHCPD.DNSE.ICMPAnswer:AE50.Refer to the exhibit.Host A is to send data to Host B.How will Router1handle the data frame received from Host A?(Choose three.)A.Router1will strip off the source MAC address and replace it with the MAC address on the forwardingFastEthernet interface.B.Router1will strip off the source IP address and replace it with the IP address on the forwarding FastEthernetinterface.C.Router1will strip off the destination MAC address and replace it with the MAC address of Host B.D.Router1will strip off the destination IP address and replace it with the IP address of Host B.E.Router1will forward the data frame out interface FastEthernet0/1.F.Router1will forward the data frame out interface FastEthernet0/2.Answer:ACF51.Refer to the exhibit.What will Router1do when it receives the data frame shown?(Choose three.)A.Router1will strip off the source MAC address and replace it with the MAC address0000.0c36.6965.B.Router1will strip off the source IP address and replace it with the IP address192.168.40.1.C.Router1will strip off the destination MAC address and replace it with the MAC address0000.0c07.4320.D.Router1will strip off the destination IP address and replace it with the IP address of192.168.40.1.E.Router1will forward the data packet out interface FastEthernet0/1.F.Router1will forward the data packet out interface FastEthernet0/2.Answer:ACF52.Refer to the exhibit.Host A pings Host B.What source MAC address and source IP address are contained in the frame as the frame leaves R2destined for host B?A.abcd.abcd.a001B.abcd.abcd.b002C.abcd.abcd.c003D.10.2.0.15E.10.0.64.1F.10.0.128.15Answer:BD53.Refer to the exhibit.A network associate has configured OSPF with the command:City(config-router)#network192.168.12.640.0.0.63area0After completing the configuration,the associate discovers that not all the interfaces are participating in OSPF.Which three of the interfaces shown in the exhibit will participate in OSPF according to this configuration statement?(Choose three.)A.FastEthernet0/0B.FastEthernet0/1C.Serial0/0D.Serial0/1.102E.Serial0/1.103F.Serial0/1.104Answer:BCD54.A Catalyst2950needs to be reconfigured.What steps will ensure that the old configuration is erased?(Choose three.)A.Erase flash.B.Restart the switch.C.Delete the VLAN database.D.Erase the runnin configuration.E.Erase the startup configuration.F.Modify the configurationregister.Answer:BCE55.Refer to the exhibit.The FMJ manufacturing company is concerned about unauthorized access to the Payroll Server.The Accounting1,CEO,Mgr1,and Mgr2workstations should be the only computers with access to the Payroll Server.What two technologies should be implemented to help prevent unauthorized access to the server?(Choose two.)A.access listsB.encrypted router passwordsC.STPD.VLANsE.VTPF.wireless LANsAnswer:AD56.Refer to the exhibit.What commands must be configured on the2950switch and the router to allow communication between host1and host2?(Choose two.)A.Router(config)#interface fastethernet0/0Router(config-if)#ip address192.168.1.1255.255.255.0Router(config-if)#no shut downB.Router(config)#interface fastethernet0/0Router(config-if)#no shut downRouter(config)#interface fastethernet0/0.1Router(config-subif)#encapsulation dot1q10Router(config-subif)#ip address192.168.10.1255.255.255.0Router(config)#interface fastethernet0/0.2Router(config-subif)#encapsulation dot1q20Router(config-subif)#ip address192.168.20.1255.255.255.0C.Router(config)#router eigrp100Router(config-router)#network192.168.10.0Router(config-router)#network192.168.20.0D.Switch1(config)#vlan databaseSwitch1(config-vlan)#vtp domain XYZSwitch1(config-vlan)#vtp serverE.Switch1(config)#interface fastethernet0/1Switch1(config-if)#switchport mode trunkF.Switch1(config)#interface vlan1Switch1(config-if)#ip default-gateway192.168.1.1Answer:BE57.Which three Layer2encapsulation types would be used on a WAN rather than a LAN?(Choose three.)A.HDLCB.EthernetC.Token RingD.PPPE.FDDIF.Frame RelayAnswer:ADF58.Refer to the exhibit.The two connected ports on the switch are not turning orange or green.What would be the most effective steps to troubleshoot this physical layer problem?(Choose three.)A.Ensure that the Ethernet encapsulations match on the interconnected router and switch ports.B.Ensure that cables A and B are straight-through cables.C.Ensure cable A plugged into a trunk port.D.Ensure the switch has power.E.Reboot all of the devices.F.Reseat all cables.Answer:BDF59.What can be determined from the line of show ip route output shown in the exhibit?(Choose two.)A.The next routing update can be expected in35seconds.B.The IP address10.10.10.6is configured on S0/1.C.The IP address10.10.10.8is configured on S0/1.D.This route is using the default administrative distance.E.The10.10.10.8network is two hops away from this router.Answer:DE60.Refer to the exhibit.All of the routers in the network are configured with the ip subnet-zero command.Which network addresses should be used for Link A and Network A?(Choose two.)work A-172.16.3.48/26work A-172.16.3.128/25work A-172.16.3.192/26D.Link A-172.16.3.0/30E.Link A-172.16.3.40/30F.Link A-172.16.3.112/30Answer:BD61.Which two subnetworks would be included in the summarized address of172.31.80.0/20? (Choose two.)A.172.31.17.4/30B.172.31.51.16/30C.172.31.64.0/18D.172.31.80.0/22E.172.31.92.0/22F.172.31.192.0/18Answer:DE62.The network administrator has discovered that the power supply has failed on a switch in the company LAN and that the switch has stopped functioning.It has been replaced with a Cisco Catalyst 2950series switch.What must be done to ensure that this new switch becomes the root bridge on the network?A.Lower the bridge prioritynumber.B.Change the MAC address of the switch.C.Increase the VTP revision number for the domain.D.Lower the root path cost on the switch ports.E.Assign the switch an IP address with the lowestvalue.Answer:A63.Refer to the exhibit.Assume that all of the router interfaces are operational and configured correctly.How will router R2be affected by the configuration of R1that is shown in the exhibit?A.Router R2will not form a neighbor relationship with R1.B.Router R2will obtain a full routing table,including a default route,from R1.C.R2will obtain OSPF updates from R1,but will not obtain a default route from R1.D.R2will not have a route for the directly connected serial network,but all other directly connected networks will be present,as well as the two Ethernet networks connected to R1.Answer:D64.Which three IP addresses can be assigned to hosts if the subnet mask is/27and subnet zero is usable? (Choose three.)A.10.15.32.17B.17.15.66.128C.66.55.128.1D.135.1.64.34E.129.33.192.192F.192.168.5.63Answer:ACD65.Refer to the exhibit.A packet with a source IP address of192.168.2.4and a destination IP address of 10.1.1.4arrives at the HokesB router.What action does the router take?A.forwards the received packet out the Serial0/0interfaceB.forwards a packet containing an EIGRP advertisement out the Serial0/1interfaceC.forwards a packet containing an ICMP message out the FastEthernet0/0interfaceD.forwards a packet containing an ARP request out the FastEthernet0/1interfaceAnswer:C66.Refer to the exhibit.From RouterA,a network administrator is able to ping the serial interface of RouterB but unable to ping any of the subnets attached to RouterB.Based on the partial outputs in the exhibit,what could be the problem?。

ccna考试题库最新版CCNA（Cisco Certified Network Associate）认证是全球范围内最受欢迎的网络工程师认证之一，具备CCNA认证可以证明一个人在建立、规划、运行、安装和配置中等规模的局域网和广域网方面的专业知识。

为了帮助广大考生顺利通过CCNA考试，不断更新的CCNA考试题库至关重要。

以下是最新版本的CCNA考试题库，希望对考生们有所帮助。

第一部分：网络基础知识1. 什么是OSI七层模型？简要介绍每一层的功能。

2. TCP和UDP之间有哪些区别？请分别举例说明。

3. 什么是IP地址？IP地址的类型有哪些？请列举并简要介绍各自的特点。

4. 什么是子网掩码？为什么在网络中使用子网掩码？5. 简述常见的网络设备有哪些，以及各自的功能与作用。

第二部分：路由和交换技术1. 路由器和交换机之间有何区别？请进行比较并指出各自的优势和劣势。

2. 什么是VLAN？VLAN的作用及在网络中的应用场景是什么？3. OSPF和EIGRP是两种常见的路由协议，请比较它们的特点并举例说明。

4. 请解释静态路由和动态路由的概念以及在网络中的应用。

5. 交换机在网络中扮演什么角色？交换机的MAC地址表是如何工作的？第三部分：网络安全和管理1. 网络安全的重要性是什么？请列举几种常见的网络安全威胁并介绍应对策略。

2. 什么是ACL（访问控制列表）？ACL的作用是什么？请给出一个ACL的配置示例。

3. VPN是什么？VPN的工作原理及在企业网络中的应用。

4. SNMP是网络管理中常用的协议，它的作用是什么？请解释SNMP中的几个重要概念。

5. 如何保护无线网络的安全？请列举几种方法。

第四部分：WAN技术1. 什么是WAN？WAN的主要特点是什么？2. PPP协议和HDLC协议分别是什么？请比较它们的异同。

3. 什么是Frame Relay？Frame Relay的工作原理及在WAN中的应用。

4. 请解释T1和E1的概念，以及它们在传输速率和应用方面的差异。

第一章：正确答案：2.4.5•解析：由于不需要使用网络设备和专用服务器，对等网络易于创建，复杂性更低，且成本更少。

而且对等网络也没有集中管理。

这种网络安全性更低，不可扩展，而且那些同时充当客户端和服务器的设备可能性能更差正确答案：1解析：正确答案： 3.5解析：选择网络介质的条件包括：所选介质可以成功传送信号的距离、要安装所选介质的环境、必须传输的数据量和速度以及介质和安装的成本。

正确答案：3和4解析：终端设备上的应用程序可以生成数据，更改数据内容并且负责启动封装过程。

正确答案：1和4解析：终端设备会发出通过网络传输的数据。

中间设备会在链路发生故障时通过备用路径传输数据，并且会过滤数据传输以增强安全性。

网络介质提供网络消息的传输通道。

正确答案：4解析：外联网是公司外部的人或企业合作伙伴访问数据的网络区域。

内部网只描述通常仅供内部人员访问的网络区域。

当设备连接到有线网络时，有线LAN 会受BYOD（自带设备）影响。

使用大学无线LAN 的设备多为平板电脑和智能手机。

大学生主要使用无线WAN 来访问他们的手机运营商网络。

.正确答案：2解析：由于通过Internet 可以联系在线供应商，所以家庭用户通过Internet 进行网上购物。

内联网基本上是仅供内部使用的局域网。

外联网是外部合作伙伴访问组织内部特定资源的网络。

家庭用户并不一定使用LAN 来访问Internet。

例如，PC 可以通过调制解调器直接连接到ISP。

正确答案：1解析：内部网这个术语用于表示一个组织的私有局域网和广域网连接。

内部网的设计旨在仅允许该组织的成员、员工或其他获得授权的人员进行访问。

正确答案：2和4解析：电缆和DSL 均能实现高带宽、始终联网，并提供到主机计算机或LAN 的以太网连接。

10正确答案：2和3解析：移动电话连接需要使用移动电话网络。

卫星连接通常用于家庭或企业外部不便使用物理布线的位置。

11正确答案：2解析：当对网络资源的请求超出了可用容量时，网络就会变得拥堵。

诶了我累了目录第二章网络通信P2-8第三章应用层功能及协议P9-14第四章OSI传输层P15-20第五章OSI网络层P21-27第六章网络编址-IPv4 P28-34第七章数据链路层P35-40第八章OSI物理层P41-45第九章以太网P46-51第十章网络规划和布线P52-61第十一章配置和测试网络P62-70第一学期末考试P71-91文档末尾返回目录第二章网络通信001 TCP/IP 网络接入层有何作用路径确定和数据包交换数据表示、编码和控制可靠性、流量控制和错误检测详细规定构成物理链路的组件及其接入方法将数据段划分为数据包002下列哪些陈述正确指出了中间设备在网络中的作用（选择三项）确定数据传输路径发起数据通信重新定时和重新传输数据信号发送数据流管理数据流数据流最后的终止点003下列哪三项陈述是对局域网(LAN) 最准确的描述（选择三项）LAN 通常位于一个地域内。

此类网络由由一个组织管理。

LAN 中的不同网段之间一般通过租用连接的方式连接。

此类网络的安全和访问控制由服务提供商控制。

LAN 为同一个组织内的用户提供网络服务和应用程序访问。

此类网络的每个终端通常都连接到电信服务提供商(TSP)。

004 什么是PDU传输期间的帧损坏在目的设备上重组的数据因通信丢失而重新传输的数据包特定层的封装005 OSI 模型哪两层的功能与TCP/IP 模型的网络接入层相同（选择两项）网络层传输层物理层数据链路层会话层006请参见图示。

所示网络属于哪一类型WANMANLANWLAN007 以下哪种特征正确代表了网络中的终端设备管理数据流发送数据流重新定时和重新传输数据信号确定数据传输路径008 第4 层端口指定的主要作用是什么标识本地介质中的设备标识源设备和目的设备之间的跳数向中间设备标识通过该网络的最佳路径标识正在通信的源终端设备和目的终端设备标识终端设备内正在通信的进程或服务009 请参见图示。

下列哪组设备仅包含终端设备A、C、DB、E、G、HC、D、G、H、I、JD、E、F、H、I、JE、F、H、I、J010 选择关于网络协议的正确陈述。

CCNA思科考试答案（全）第 1 章考试1一家拥有10 名员工的小型公司使用单个LAN 在计算机之间共享信息。

哪种类型连接适合此公司？由当地电话服务提供商提供的拨号连接能够使公司方便且安全地连接员工的虚拟专用网络通过当地服务提供商建立的私有专用线路通过当地服务提供商提供的宽带服务（如DSL）答案：4解析：对于这种小型办公室，比较适合通过被称为数字用户线路(DSL) 的常见宽带服务实现Internet 连接，这种服务由当地的电话服务提供商提供。

由于员工人数很少，带宽的问题并不突出。

如果公司较大，在远程站点有分支机构，则专用线路会更加适合。

如果公司员工需要通过Internet 与公司联系，则采用虚拟专用网。

2哪种网络情况需要使用WAN？员工工作站需要获取动态分配的IP 地址。

员工在出差时需要通过VPN 连接到公司电子邮件服务器。

分支机构的员工需要与同一园区网络上的另一座建筑物内的公司总部共享文件。

员工需要访问托管在其建筑物内DMZ 中的公司Web 服务器上的网页。

答案：2解析：当出差的员工需要通过WAN 连接到公司电子邮件服务器时，VPN 将通过WAN 连接在员工笔记本电脑与公司网络之间创建一个安全隧道。

通过DHCP 获取动态IP 地址是LAN 通信的功能。

在企业园区的不同建筑物之间共享文件可通过LAN 基础设施来实现。

DMZ 是企业LAN 基础设施内一个受保护的网络。

3以下哪项描述了WAN 的特征？WAN 和LAN 在同一地理范围内运行，但有串行链路。

WAN 网络归运营商所有。

所有串行链路均被视为WAN 连接。

WAN 可提供到园区主干网的终端用户网络连接。

答案：2解析：WAN 可用于将企业LAN 互连到远程分支机构站点LAN 和远程工作人员站点。

WAN 归运营商所有。

虽然WAN 连接一般通过串行接口实现，但并不是所有串行链路均连接至WAN。

LAN（而非WAN）可在组织中提供终端用户网络连接。

4电路交换WAN 技术的两个常见类型是什么？（请选择两项。

第十章网络规划和布线001请参见图示。

在实验室中操作的学生选择了接线如图所示的电缆。

使用此电缆可以成功实现哪些连接类型？（选择两项）A 连接PC 与路由器的控制台端口B 通过快速以太网端口连接两台路由器C 以千兆位的速度连接两台交换机D 以千兆以太网速度连接PC 与交换机E 以快速以太网速度连接接口类型相同的两台设备002下列哪些因素使光缆比铜缆更适用于连接不同建筑物？（选择三项）A 每根电缆覆盖的距离更远B 安装成本更低C EMI/RFI 的影响有限D 耐用的连接E 潜在带宽更高F 易于端接003请参见图示。

根据显示的IP 配置回答，主机A 和主机B 尝试在网段外通信的结果是什么？A 主机A 和主机B 都会成功 B 主机A 会成功，主机B 会失败C 主机B 会成功，主机A 会失败D 主机A 和主机B 都会失败004请参见图示。

假设所有设备均使用默认设置。

支持显示的拓扑需要多少个子网？A 1B 3C 4D 5E 7005请参见图示。

网络技术人员已经将私有IP 地址范围192.168.1.0/24 分配给图中显示的网络使用。

满足此网际网络中网段 A 的主机要求应使用哪个子网掩码？A 255.255.255.128B 255.255.255.192C 255.255.255.224D 255.255.255.240E 255.255.255.248006网络管理员必须在网络中使用电缆长度无需中继器即可达100 米的介质。

所选介质必须价格适中并易于安装，而且需要在布线空间受到限制的现成建筑物内实施安装。

哪种类型的介质最适合这些要求？A STPB UTPC 同轴D 单模光纤E 多模光纤007请参见图示。

PC1 会将哪个目的IP 地址放入发往PC2 的数据包报头中？A 192.168.1.1B 192.168.2.1C 192.168.2.2D 192.168.3.1 E192.168.3.54008请参见图示。

第一章：正确答案：2.4.5•解析：由于不需要使用网络设备和专用服务器，对等网络易于创建，复杂性更低，且成本更少。

而且对等网络也没有集中管理。

这种网络安全性更低，不可扩展，而且那些同时充当客户端和服务器的设备可能性能更差正确答案：1解析：正确答案： 3.5解析：选择网络介质的条件包括：所选介质可以成功传送信号的距离、要安装所选介质的环境、必须传输的数据量和速度以及介质和安装的成本。

正确答案：3和4解析：终端设备上的应用程序可以生成数据，更改数据内容并且负责启动封装过程。

正确答案：1和4解析：终端设备会发出通过网络传输的数据。

中间设备会在链路发生故障时通过备用路径传输数据，并且会过滤数据传输以增强安全性。

网络介质提供网络消息的传输通道。

正确答案：4解析：外联网是公司外部的人或企业合作伙伴访问数据的网络区域。

内部网只描述通常仅供内部人员访问的网络区域。

当设备连接到有线网络时，有线LAN 会受BYOD（自带设备）影响。

使用大学无线LAN 的设备多为平板电脑和智能手机。

大学生主要使用无线WAN 来访问他们的手机运营商网络。

.正确答案：2解析：由于通过Internet 可以联系在线供应商，所以家庭用户通过Internet 进行网上购物。

内联网基本上是仅供内部使用的局域网。

外联网是外部合作伙伴访问组织内部特定资源的网络。

家庭用户并不一定使用LAN 来访问Internet。

例如，PC 可以通过调制解调器直接连接到ISP。

正确答案：1解析：内部网这个术语用于表示一个组织的私有局域网和广域网连接。

内部网的设计旨在仅允许该组织的成员、员工或其他获得授权的人员进行访问。

正确答案：2和4解析：电缆和DSL 均能实现高带宽、始终联网，并提供到主机计算机或LAN 的以太网连接。

10正确答案：2和3解析：移动电话连接需要使用移动电话网络。

卫星连接通常用于家庭或企业外部不便使用物理布线的位置。

11正确答案：2解析：当对网络资源的请求超出了可用容量时，网络就会变得拥堵。

第一章：正确答案：2.4.5•解析：由于不需要使用网络设备和专用服务器，对等网络易于创建，复杂性更低，且成本更少。

而且对等网络也没有集中管理。

这种网络安全性更低，不可扩展，而且那些同时充当客户端和服务器的设备可能性能更差正确答案：1解析：正确答案： 3.5解析：选择网络介质的条件包括：所选介质可以成功传送信号的距离、要安装所选介质的环境、必须传输的数据量和速度以及介质和安装的成本。

正确答案：3和4解析：终端设备上的应用程序可以生成数据，更改数据内容并且负责启动封装过程。

正确答案：1和4解析：终端设备会发出通过网络传输的数据。

中间设备会在链路发生故障时通过备用路径传输数据，并且会过滤数据传输以增强安全性。

网络介质提供网络消息的传输通道。

正确答案：4解析：外联网是公司外部的人或企业合作伙伴访问数据的网络区域。

内部网只描述通常仅供内部人员访问的网络区域。

当设备连接到有线网络时，有线LAN 会受BYOD（自带设备）影响。

使用大学无线LAN 的设备多为平板电脑和智能手机。

大学生主要使用无线WAN 来访问他们的手机运营商网络。

.正确答案：2解析：由于通过Internet 可以联系在线供应商，所以家庭用户通过Internet 进行网上购物。

内联网基本上是仅供内部使用的局域网。

外联网是外部合作伙伴访问组织内部特定资源的网络。

家庭用户并不一定使用LAN 来访问Internet。

例如，PC 可以通过调制解调器直接连接到ISP。

正确答案：1解析：内部网这个术语用于表示一个组织的私有局域网和广域网连接。

内部网的设计旨在仅允许该组织的成员、员工或其他获得授权的人员进行访问。

正确答案：2和4解析：电缆和DSL 均能实现高带宽、始终联网，并提供到主机计算机或LAN 的以太网连接。

10正确答案：2和3解析：移动电话连接需要使用移动电话网络。

卫星连接通常用于家庭或企业外部不便使用物理布线的位置。

11正确答案：2解析：当对网络资源的请求超出了可用容量时，网络就会变得拥堵。

思科第一学期期末考试最新答案CCNA1要将数据包发送到远程网络，应使用哪种设备？访问交换机DHCP 服务器集线器路由器OSI 哪一层使用面向连接的协议来确保数据的可靠传输？应用层表示层会话层传输层请参见图示。

根据显示的IP 配置回答，主机 A 和主机 B 无法在本地网络外通信的原因是什么？对主机 A 分配了网络地址。

对主机 B 分配了组播地址。

主机 A 和主机 B 属于不同的网络。

对网关地址分配了广播地址。

请参见图示。

包含路由器 B 的网络遇到问题。

助理网络工程师已确定此网络的问题出在路由行什么操作可以纠正该网络问题？在接口Serial 0/0/0 上发出clock rate 命令在接口Serial 0/0/1 上发出description 命令在接口FastEthernet 0/0 上发出ip address 命令在接口FastEthernet 0/1 上发出no shutdown 命令VTY请参见图示。

主机 A 上需要安装什么才能支持网络技术人员创建Router1 的初始配置？FTP 客户端Telnet 客户端终端仿真程序Web 浏览器请参见图示。

哪种逻辑拓扑是对图示网络的准确描述？星型环型点对点多路访问请参见图示。

哪种逻辑拓扑是对图示网络的准确描述？星型环型点对点多路访问第 3 层头部包含的哪一项信息可帮助数据传输？端口号设备物理地址目的主机逻辑地址虚拟连接标识符管理员对设备做出了更改，但更改没有达到预期效果。

管理员可以采取什么措施来恢复NVRAM 中保存的配置？发出erase flash 命令。

发出reload 命令并对随后的提示回答no。

发出erase start-up config 命令。

发出copy running-config start-up config 命令。

哪些类型的介质不受EMI 和RFI 影响？（选择两项）10 Base-T10 Base-210 Base-5100 Base-FX100 Base TX1000 Base LX请参见图示。

诶了我累了目录第二章网络通信P2-8第三章应用层功能及协议P9-14 第四章OSI传输层P15-20第五章OSI网络层P21-27第六章网络编址-IPv4 P28-34第七章数据链路层P35-40第八章OSI物理层P41-45第九章以太网P46-51第十章网络规划和布线P52-61 第十一章配置和测试网络P62-70 第一学期末考试P71-91文档末尾返回目录第二章网络通信001 TCP/IP 网络接入层有何作用？路径确定和数据包交换数据表示、编码和控制可靠性、流量控制和错误检测详细规定构成物理链路的组件及其接入方法将数据段划分为数据包002下列哪些陈述正确指出了中间设备在网络中的作用？（选择三项）确定数据传输路径发起数据通信重新定时和重新传输数据信号发送数据流管理数据流数据流最后的终止点003下列哪三项陈述是对局域网(LAN) 最准确的描述？（选择三项）LAN 通常位于一个地域内。

此类网络由由一个组织管理。

LAN 中的不同网段之间一般通过租用连接的方式连接。

此类网络的安全和访问控制由服务提供商控制。

LAN 为同一个组织内的用户提供网络服务和应用程序访问。

此类网络的每个终端通常都连接到电信服务提供商(TSP)。

004 什么是PDU？传输期间的帧损坏在目的设备上重组的数据因通信丢失而重新传输的数据包特定层的封装005 OSI 模型哪两层的功能与TCP/IP 模型的网络接入层相同？（选择两项）网络层传输层物理层数据链路层会话层006请参见图示。

所示网络属于哪一类型？WANMANLANWLAN007 以下哪种特征正确代表了网络中的终端设备？管理数据流发送数据流重新定时和重新传输数据信号确定数据传输路径008 第4 层端口指定的主要作用是什么？标识本地介质中的设备标识源设备和目的设备之间的跳数向中间设备标识通过该网络的最佳路径标识正在通信的源终端设备和目的终端设备标识终端设备内正在通信的进程或服务009 请参见图示。

PT Activity: Configure a Network for Secure Operation Addressing TableLearning Objectives•Secure the routers with strong passwords, password encryption and a login banner.•Secure the console and VTY lines with passwords.•Configure local AAA authentication.•Configure SSH server.•Configure router for syslog.•Configure router for NTP.•Secure the router against login attacks.•Configure CBAC and ZPF firewalls.•Secure network switches.Introductionbinatio.o.securit.measure.tha.wer.introduc e.i.th.course.Thes.measure.ar.liste.i.th.objectives.work. ar.interconnecte.vi.th.R.route.whic.represent.th.ISP.Yo.wil.configur.variou.securit.feature.o.tpan.B.No.al.securit.feature.wil.b.configure.o.R.an.R3.The following preconfigurations have been made:•Hostnames on all devices•IP addresses on all devices•R2 console password: ciscoconpa55•R2 password on VTY lines: ciscovtypa55•R2 enable password: ciscoenpa55•Static routing•Syslog services on PC-B•DNS lookup has been disabled•IP default gateways for all switchesTask 1: Test Connectivity and Verify ConfigurationsSte.1.Verif.I.addresses.Verify 核实, 查证Ste.2.Verif.routin.tables.Ste.3.Tes.connectivity.（连通性）From PC-A, ping PC-C at IP address 192.168.3.5.Task 2: Secure the RoutersSte.1.Se.minimum（最小值..passwor.lengt.o.1.character.o.route.R.an.R3.Ste.2.Configure（安装.a.enabl.secre.passwor.o.route.R.an.R3.Use an enable secret password of ciscoenpa55.Ste.3.Encryp.plaintex.passwords.（将明文译成密码）此命令将配置文件中的当前和将来的所有明文密码加密为密文Ste.4.Configur.th.consol.line.o.R.an.R3.Configur..consol.passwor.of ciscoconpa55 an.enabl.login（进入系统，登陆）.Se.the exec-timeout t.log（记录.ou.after 5 minute.o.inactivity（静止）man.entry.（进入）Ste.5.Configur.vt.line.o.R1.Configur..vt.lin.passwor.of ciscovtypa55 an.enabl.login.Se.the exec-timeout t.lo.ou.after 5 minute.o.inactivity.Se.th.logi.authentication（认证.th.default（系统默认值ter.Note（注意）: The vty lines on R3 will be configured（配置） for SSH in a later task.（工作）Ste.6.Configur.logi.banner（登陆提示banner, 旗帜, 标语.o.R.an.R3.Configure a warning（警告） to unauthorized（非法的） users with a message-of-the-day (MOTD) banner that says: “No Unauthorized Access!”.Task 3: Configure Local Authentication on R1 and R3e.database.（数据库）Create a local user account（账户） of Admin01 with a secret password of Admin01pa55.Privilege（特权）用此用户名登陆的用户访问特权级别为15（详见书29页）Ste.2.Enabl.AA.services.Ste.3.Implement（实施, 执行in.th.loca.database.（本地数据库）Create the default login authentication method list using local authentication with no backup （备份）method.（详见p47）Task 4: Configure NTPSte.1.Enabl.NT.authenticatio.o.PC-A.O.PC-A.choos.the Config tab.an.the.the NTP button（按钮）.Select On fo.NT.service. Enable authenticatio.an.enter（进入..Ke.of 1 an..passwor.of ciscontppa55.Ste.2.Configur.R.a.a.NT.Client.（客户）Configur.NT.authenticatio.Key 1 wit..passwor.of ciscontppa55.Configur.R.t.synchronize（同步in.Key 1.Ste.3.Configur.router.t.updat.hardware（硬件.clock.Configure routers to periodically（定期地） update the hardware clock with the time learned from NTP.Task 5: Configure R1 as Syslog ClientSte.1.Configur.R.t.timestamp（时间戳.lo.messages.Configure timestamp service for logging on the routers.Ste.2.Configur.R.t.lo.message.t.th.syslo.server.Configure the routers to identify (识别)the remote（远程） host（主机） (syslog server) that will receive（接受） logging messages.You should see a console message similar（相似的） to the following:SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 192.168.1.6 port 514 started - CLI initiatedSte.3.Check（检查.fo.syslo.message.o.PC-B.O.R1.exi.confi.mode（模式.t.generate（使形成..syslo.message.Ope.th.syslo.serve.o.PC-.t.vie.th.messag.sen.fro.R1.Yo.shoul.se..messag.simila.t.th.followin.o.th.syslo.server:%SYS-5-CONFIG_I: Configured from console by consoleTask 6: Secure Router Against9（反对） Login Attacks（攻击）Ste.1.Lo.unsuccessfu.logi.attempts（攻击.t.R1.Ste.2.Telnet(远程登陆)t.R.fro.PC-A.Telne.fro.PC-.t.R.an.provide(提供ername Admin01 an.password Admin01pa55.Th.Telne.shoul.b.successful.Ste.3.Telne.t.R.fro.PC-.an.chec.syslo.message.o.th.syslo.server.ernam.of baduser an.an.password .Chec.th.syslo.serve.o.PC-B.Yo.shoul.se.a.erro.messag.simila.t.th.followin.tha.i.generate.b.th.faile.logi.attempt.SEC_LOGIN-4-LOGIN_FAILED:Login failed [user:baduser] [Source:192.168.1.5] [localport:23] [Reason:Invalid login] at 15:01:23 UTC Wed June 17 2009Task 7: Configure SSH on R3Ste.1.Configur..domain（域名.name.Configure a domain name of on R3.Ste.2.Configur.th.incoming（引入的.vt.line.o.R3.Use the local user accounts for mandatory（强制的） login and validation（生效） and accept only SSH connections（连接）.Ste.3.Configur.RS.encryption（加密.ke.pair（秘钥对.fo.R3.An.existing（当前的.RS.ke.pair.shoul.b.erased（清除.o.th.router.I.ther.ar.n.key.currently （当前.configure..messag.wil.b.displayed（显示的.indicating（表明，指示.this.Configur.th.RS.key.wit..modulus（系数.o.1024.Ste.4.Configur.SS.timeouts(超时设定.an.authenticatio.parameters.（参数）Set the SSH timeout to 90 seconds, the number of authentication retries（重试次数） to 2, and the version（版本） to 2.Task 8: Configure CBAC on R1.I.ACL.Create an IP ACL named OUT-IN to block （阻止）all traffic originating（起源） from the outside network.Apply （应用）the access list to incoming traffic on interface Serial 0/0/0.Ste.2.Confir.tha.traffi.entering（进入.interfac.Seria.0/0/.i.dropped.man.prompt, ping PC-C.Th.ICM.echo（重复.replies（回答.ar.blocked（禁止.b.th.ACL.Ste.3.Creat.a.inspection（检查.rul.t.inspect（检查.ICMP.Telne.an.HTT.traffic.Create an inspection rule named IN-OUT-IN to inspect ICMP, Telnet and HTTP traffic.Ste.4.Appl.th.inspec.rul.t.th.outsid.interface.Apply the IN-OUT-IN inspection rule to the interface where traffic exits（出口） to outside networks.Ste.5.Tes.operation（操作.o.th.inspectio.rule.man.prompt, ping PC-C.Th.ICM.ech.replie.shoul.b.inspecte.an.allowe.through. Task 9: Configure ZPF on R3Ste.1.Tes.connectivity.（连通性）Verify that the internal（内部的） host can access external resources.（使用外部资源）From PC-C, test connectivity with ping and Telnet to R2; all should be successful.Fro.R2 ping t.PC-C.Th.ping.shoul.b.allowed.Ste.2.Creat.th.firewal.zones.Create an internal zone named IN-ZONE.Create an external zone named OUT-ZONE.Ste.3.Creat.a.AC.tha.defines（规定.interna.traffic.Create an extended（扩展的）, numbered ACL that permits all IP protocols（协议） from the 192.168.3.0/24 source network to any destination.（目的地） Use 101 for the ACL number.Ste.4.Creat..clas.ma.referencing(引用.th.interna.traffi.ACL.Create a class map named IN-NET-CLASS-MAP to match（匹配） ACL 101.（详见p92）Ste.5.Specif.firewal.policies.（指定防火墙策略）Create a policy（策略） map named IN-2-OUT-PMAP to determine（决定） what to do with matched traffic.Specify a class type of inspect and reference class map IN-NET-CLASS-MAP.Specify the action of inspect for this policy mapYou should see the following console message:%N.specifi.protoco.configure.i.clas.IN-NET-CLASS-MA.fo.inspection.Al.protocol.wil.b.inspected.”Exit to the global config prompt.（全局配置模式）Ste.6.Appl.firewal.policies.d IN-2-OUT-ZPAIR.Specif.th.sourc.an.destinatio.zone.tha.wer.create.earlier.Attach（附加） a policy map and actions to the zone pair referencing the policy map previously created, IN-2-OUT-PMAP.Exit to the global config prompt and assign（分配） the internal and external interfaces to the security zones.Ste.7.Tes.firewal.functionality.（功能）Verify that the internal host can still access external resources.From PC-C, test connectivity with ping and Telnet to R2; all should be successful.Fro.R2 ping t.PC-C.Th.ping.shoul.no.b.blocked.Task 10: Secure the SwitchesSte.1.Configur.a.enabl.secre.passwor.o.al.switches.Use an enable secret password of ciscoenpa55.Ste.2.Encryp.plaintex.passwords.（将明文译成密码）Ste.3.Configur.th.consol.line.o.al.switches.Configur..consol.passwor.of ciscoconpa55 an.enabl.login.Se.the exec-timeout t.lo.ou.after 5 man.ent ry.Ste.4.Configur.vt.line.o.al.switches.Configur..vt.lin.passwor.of ciscovtypa55 an.enabl.login.Se.the exec-timeout t.lo.ou.after 5 minute.o.inactivity.Se.th.basi.logi.parameter.Ste.5.Secur.trun.ports（端口.o.S.an.S2.Configure port Fa0/1 on S1 as a trunk port.Configure port Fa0/1 on S2 as a trunk port.Verify that S1 port Fa0/1 is in trunking mode.Set the native VLAN（本征VLAN） on S1 and S2 trunk ports to an unused（不用的）VLAN 99.Set the trunk ports on S1 and S2 so that they do not negotiate（转让） by turning off the generation of DTP frames.（防止DTP数据帧产生）Enable storm（风暴） control for broadcasts on the S1 and S2 trunk ports with a 50 percent rising suppression level.Ste.6.Secur.acces.ports.Disable trunking on S1, S2 and S3 access ports.Enable PortFast on S1, S2, and S3 access ports.（详见P127）Enable BPDU guard（监视） on the switch ports previously（先前） configured as access only..th.sticky（粘连.option.Re-enabl.eac.acces.por.t.whic.por.securit.wa.applied.Disable any ports not being used on each switch.（关闭未使用的端口）Task 11: VerificationSte.1.Tes.SS.configuration.Attempt to connect to R3 via Telnet from PC-C.From PC-C, enter the command to connect to R3 via Telnet at IP address 192.168.3.1. This connection should fail, since R3 has been configured to accept only SSH connections on the virtual terminal lines.From PC-C, enter the ssh –l Admin01 192.168.3.1 command to connect to R3 via SSH. When prompted for the password, enter the password Admin01pa55 configured for the local administrator.Use the show ip ssh command to see the configured settings.Ste.2.Verif.timestamps.NT.statu.fo.R.an.PC-A.Ste.3.Tes.CBA.firewal.o.R1.Ping from PC-A to R2 at 10.2.2.2 (should succeed)Telnet from PC-A to R2 10.2.2.2 (should succeed)Ping from R2 to PC-A at 192.168.1.3 (should fail)Ste.4.Tes.ZP.firewal.o.R3.Ping from PC-C to R2 at 10.2.2.2 (should succeed)Telnet from PC-C to R2 at 10.2.2.2 (should succeed)Ping from R2 to PC-C at 192.168.3.5 (should fail)Telnet from R2 to R3 at 10.2.2.1 (should fail – only SSH is allowed)Ste.5.Verif.por.security..the sho.run comman.t.confir.tha.S.ha.adde..stick.MA.addres.fo.Fa0/18.Thi.shoul.b. e.Selec.PC-B.G.t.the Config tab.Selec.FastEtherne.unde.the Interface section.Edi.th.MA.addres.field. This should cause a port security violation and S2 should shut down port Fa0/18.Us.the sho.interfac.Fa0/18 comman.t.vie.th.statu.o.th.port.Th.por.shoul.b.i.th.err-disable.state.O.PC-B.g.t.the Config tab.Selec.FastEtherne.unde.the Interface section.Chang.th.MA.addres.t.an othe.address.From interface configuration mode on switch S2 for Fa0/18, use the no switchport port-security mac-address sticky address command to remove the original PC-B learned address.Shutdown and then re-enable the Fa0/18 interface.On S2, use the show run command to confirm that the port comes up and that the new MAC address has been learned.Note.I.i.i.desire.t.reconnec.th.P.wit.th.origina.MA.address.yo.ca.simpl.chang.th.MA.addr mand.o.por.Fa0/18.I.t h.P.o..NI.i.bein.replace.an.wil.hav..ne.MA.address.yo.mus.firs.remov.th.ol.learne.addres s.Ste.6.Chec.results.Your completion percentage should be 100%. Click Check Results to see feedback and verification of which required components have been completed.Al.content.ar.Copyrigh..1992–rmatio n.。

最新CCNA认证试题及答案「中文版」1、对于这样一个地址,192.168.19.255/20,下列说法正确的是: ( )(A) 这是一个广播地址(B) 这是一个网络地址(C) 这是一个私有地址(D) 地址在192.168.19.0网段上(E) 地址在192.168.16.0网段上(F) 这是一个公有地址答案：CE注：IP地址中关键是看她的主机位，将子网掩码划为二进制，1对应上面的地址是网络位，0对应的地址是主机位192.168.19.255/20划为二进制为：11000000.10101000.00010011.1111111111111111.11111111.11110000.00000000主机位变成全0表示这个IP的网络地址主机槐涑扇?表示这个IP的广播地址RFC1918文件规定了保留作为局域网使用的私有地址：10.0.0.0 - 10.255.255.255 (10/8 prefix)172.16.0.0 - 172.31.255.255 (172.16/12 prefix)192.168.0.0 - 192.168.255.255 (192.168/16 prefix)2、目前，我国应用最为广泛的LAN标准是基于()的以太网标准.(A) IEEE 802.1(B) IEEE 802.2(C) IEEE 802.3(D) IEEE 802.5答案：C参考知识点：现有标准：IEEE 802.1 局域网协议高层IEEE 802.2 逻辑链路控制IEEE 802.3 以太网IEEE 802.4 令牌总线IEEE 802.5 令牌环IEEE 802.8 FDDIIEEE 802.11 无线局域网记住IEEE802.1-------IEEE802.5的定义以太网是一种计算机局域网组网技术。

IEEE制定的IEEE 802.3标准给出了以太网的技术标准。

它规定了包括物理层的连线、电信号和介质访问层协议的内容。

第一章：正确答案：2.4.5解析：由于不需要使用网络设备和专用服务器，对等网络易于创建，复杂性更低，且成本更少。

而且对等网络也没有集中管理。

这种网络安全性更低，不可扩展，而且那些同时充当客户端和服务器的设备可能性能更差正确答案：1解析：正确答案： 3.5解析：选择网络介质的条件包括：所选介质可以成功传送信号的距离、要安装所选介质的环境、必须传输的数据量和速度以及介质和安装的成本。

正确答案：3和4解析：终端设备上的应用程序可以生成数据，更改数据内容并且负责启动封装过程。

正确答案：1和4解析：终端设备会发出通过网络传输的数据。

中间设备会在链路发生故障时通过备用路径传输数据，并且会过滤数据传输以增强安全性。

网络介质提供网络消息的传输通道。

正确答案：4解析：外联网是公司外部的人或企业合作伙伴访问数据的网络区域。

内部网只描述通常仅供内部人员访问的网络区域。

当设备连接到有线网络时，有线 LAN 会受 BYOD（自带设备）影响。

使用大学无线 LAN 的设备多为平板电脑和智能手机。

大学生主要使用无线 WAN 来访问他们的手机运营商网络。

.正确答案：2解析：由于通过 Internet 可以联系在线供应商，所以家庭用户通过 Internet 进行网上购物。

内联网基本上是仅供内部使用的局域网。

外联网是外部合作伙伴访问组织内部特定资源的网络。

家庭用户并不一定使用 LAN 来访问 Internet。

例如，PC 可以通过调制解调器直接连接到 ISP。

正确答案：1解析：内部网这个术语用于表示一个组织的私有局域网和广域网连接。

内部网的设计旨在仅允许该组织的成员、员工或其他获得授权的人员进行访问。

正确答案：2和4解析：电缆和 DSL 均能实现高带宽、始终联网，并提供到主机计算机或 LAN 的以太网连接。

10正确答案：2和3解析：移动电话连接需要使用移动电话网络。

卫星连接通常用于家庭或企业外部不便使用物理布线的位置。

11正确答案：2解析：当对网络资源的请求超出了可用容量时，网络就会变得拥堵。