CCNA第四学期官方章节考试题之第四学期《Final_Examination》(附答案)

第 1 章考试1一家拥有10 名员工的小型公司使用单个LAN 在计算机之间共享信息。

哪种类型连接适合此公司？由当地电话服务提供商提供的拨号连接能够使公司方便且安全地连接员工的虚拟专用网络通过当地服务提供商建立的私有专用线路通过当地服务提供商提供的宽带服务（如DSL）答案：4解析：对于这种小型办公室，比较适合通过被称为数字用户线路(DSL) 的常见宽带服务实现Internet 连接，这种服务由当地的电话服务提供商提供。

由于员工人数很少，带宽的问题并不突出。

如果公司较大，在远程站点有分支机构，则专用线路会更加适合。

如果公司员工需要通过Internet 与公司联系，则采用虚拟专用网。

2哪种网络情况需要使用WAN？员工工作站需要获取动态分配的IP 地址。

员工在出差时需要通过VPN 连接到公司电子邮件服务器。

分支机构的员工需要与同一园区网络上的另一座建筑物内的公司总部共享文件。

员工需要访问托管在其建筑物内DMZ 中的公司Web 服务器上的网页。

答案：2解析：当出差的员工需要通过WAN 连接到公司电子邮件服务器时，VPN 将通过WAN 连接在员工笔记本电脑与公司网络之间创建一个安全隧道。

通过DHCP 获取动态IP 地址是LAN 通信的功能。

在企业园区的不同建筑物之间共享文件可通过LAN 基础设施来实现。

DMZ 是企业LAN 基础设施内一个受保护的网络。

3以下哪项描述了WAN 的特征？WAN 和LAN 在同一地理范围内运行，但有串行链路。

WAN 网络归运营商所有。

所有串行链路均被视为WAN 连接。

WAN 可提供到园区主干网的终端用户网络连接。

答案：2解析：WAN 可用于将企业LAN 互连到远程分支机构站点LAN 和远程工作人员站点。

WAN 归运营商所有。

虽然WAN 连接一般通过串行接口实现，但并不是所有串行链路均连接至WAN。

LAN（而非WAN）可在组织中提供终端用户网络连接。

4电路交换WAN 技术的两个常见类型是什么？（请选择两项。

答案：1、D 2、AE 3、BC 4、E 5、B 6、D 7、AEF 8、A 9、A 10、B 11、D 12、B 13、A 14、D 15、AD 16、A 17、ABF 18、BF 19、B 20、C1收集症状以排查网络故障时，哪个步骤可能会牵涉到外部管理员？缩小范围收集可疑设备的症状分析现有症状确定所有权2逻辑网络图中一般有哪两项要素？（选择两项。

）接口标识符连接器类型操作系统版本电缆类型虚电路3请参见图示。

在创建网络文档的过程中应该进行哪两个步骤？（选择两项。

）记录仅在园区网络中发现的设备的相关信息。

记录在整个网络中（包括远程站点）发现的设备的相关信息。

将网络配置表中与拓扑图所示组件相关的任何设备信息记录下来。

仅将网络配置表中与拓扑图所示组件相关的第2 层和第3 层设备信息记录下来。

将网络配置表中与拓扑图所示组件相关的在网络使用高峰期收集的的设备信息记录下来。

4请参见图示。

图中的图表来自HR-1，它是HR 部门使用的唯一一台应用程序服务器。

基线数据收集开始于8 月1 日。

从图表中可确定什么有用信息？HR-1 上的CPU 资源失衡。

需要调整处理周期。

有两个明显的周末处理周期，它们始于周六夜晚，止于周日早上。

基线图表显示HR-1 明显具有处理问题（尽管问题本质尚不清楚）。

HR-1 上的处理负载重复再现，因此可预测。

HR-1 上的CPU 负载因某种原因受到明显影响，但由于信息不足，无法确定是否存在问题。

5请参见图示。

服务器HR 上的一个应用程序不再响应任何客户端请求。

每件事务都取决于数据中心中的多台服务器。

数据中心内的服务器上运行的为全公司提供服务的应用程序均无问题。

员工没有解决此类故障的经验，且对各种应用程序的了解也有限。

哪些初始故障排除步骤体现了自上而下的故障排除方法？检查所有服务器的电缆连接。

检查每块网卡上的连接指示灯是否为绿色。

Ping 每台服务器的本地地址，然后Ping 相关服务器和典型客户端的地址。

1请参见图示。

从显示的输出中可以确定以下哪两项信息？（选择两项）本地主机正在使用三个客户端会话。

本地主机正在使用到远程服务器的Web 会话。

本地主机正在侦听使用公有地址的TCP 连接。

本地主机使用公认端口号标识源端口。

本地主机正在执行与192.168.1.101:1037 的三次握手。

135380102417283根据图中所示的传输层报头回答，以下哪些陈述描述了建立的会话？（选择两项。

）这是UDP 报头。

包含Telnet 请求。

包含TFTP 数据传输。

从这台远程主机返回的数据包将包含确认号43693。

这是TCP 报头。

4请参见图示。

主机A 正在使用FTP 从服务器1 下载大型文件。

在下载期间，服务器1 没机 A 对若干字节传输数据的确认。

服务器1 将默认执行什么操作？创建第1 层堵塞信号到达超时时间后重新发送需要确认的数据向主机发送RESET 位更改第4 层报头中的窗口大小5TCP 报头信息和UDP 报头信息中都包含下列哪项信息？定序流量控制确认源端口和目的端口6下列哪三项功能使TCP 得以准确可靠地跟踪从源设备到目的设备的数据传输？（选择三项。

流量控制紧急指针尽力传输会话创建无连接服务编号和定序7OSI 模型哪一层负责规范信息从源设备到目的设备准确可靠地流动？应用层表示层会话层传输层网络层8将流量控制用于TCP 数据传输的原因是什么？同步设备速度以便发送数据同步并对序列号排序，从而以完整的数字顺序发送数据防止传入数据耗尽接收方资源在服务器上同步窗口大小简化向多台主机传输数据的过程9下列哪项由源主机在转发数据时动态选择？目的逻辑地址源物理地址默认网关地址源端口10下列哪两项是用户数据报协议(UDP) 的功能？（选择两项）流量控制系统开销低无连接面向连接序列和确认11请参见图示。

此Wireshark 捕获输出的第7 行中执行的是哪一项TCP 操作？会话创建数据段重传数据传输会话断开12以下哪个事件发生于传输层三次握手期间？两个应用程序交换数据。

下列关于网络安全的说法中哪两项正确？（选择两项。

）保护网络免受内部威胁侵害具有较低的优先级，因为由公司员工带来的安全风险较低。

无论是能自己编写攻击代码的资深黑客，还是从 Internet 下载攻击程序的入门攻击者都可能对网络安全造成严重威胁。

假设一家公司将其 web 服务器部署在防火墙之外，并充分备份 web 服务器，则无需采取其它安全措施来保护 web 服务器，因为即使它被攻击了也不会造成损失。

公众认可的网络操作系统（例如 UNIX）和网络协议（例如 TCP/IP）可采用默认设置工作，因为它们没有内在的安全缺陷。

保护网络设备免受水电等外在因素造成的物理破坏是安全策略的必要组成部分。

下列关于网络攻击的陈述，哪两项是正确的？（选择两项。

）强网络口令可防范大多数DoS 攻击。

蠕虫需要人的参与才能扩散，而病毒不需要。

侦测攻击本质上始终是电子攻击，例如ping 扫描或端口扫描。

暴力攻击会尝试使用字符集组合来搜索每个可能的口令。

内部设备不应该完全信任DMZ 中的设备，应该对DMZ 和内部设备之间的通信进行身份验证以防范端口重定向等攻击。

用户无法访问公司服务器。

系统日志显示服务器运行缓慢，因为它正在收到具有高优先级的虚假服务请求。

这是什么类型的攻击？侦测访问DoS蠕虫病毒特洛伊木马IT 主管发起了一项活动，旨在提醒用户避免打开来源可疑的电子邮件。

该IT 主管意在保护用户免受哪种DoSDDoS病毒访问侦测下列关于预防网络攻击的说法中哪两项正确？（选择两项。

）现代服务器和PC 操作系统具有可以信赖的默认安全设置。

入侵防御系统可以记录可疑的网络活动，但在没有用户干预的情况下无法对抗正在进行的攻击。

物理安全威胁的防范包括控制对设备控制台端口的访问、标识关键电缆、安装UPS 系统以及提供温湿控制。

防止网络钓鱼攻击的最好方法是采用防火墙设备。

更改默认的用户名和口令并禁用或取消不必要的服务有助于加强设备安全性。

入侵检测发生在“安全轮”的哪个阶段？保护监控测试改进侦测安全策略必须实现哪两个目标？（选择两项。

管理员无法接收电子邮件。

在排查故障时，管理员能够从远程网络成功ping 通本地邮件服务器IP 地址，且可使用nsloo 件服务器名称成功解析为IP 地址。

问题最可能发生在OSI 的哪一层？物理层数据链路层网络层应用层2在哪种情况下，应在帧中继PVC 配置中使用关键字multipoint？当使用全局DLCI 时当使用物理接口时当需要支持组播时当参与连接的路由器处于在同一子网中时3请参见图示。

分支 A 配有一台使用IETF 封装的非Cisco 路由器，分支 B 配有一台Cisco 路由器。

输入图中所示的命令后无法建立PVC。

R2 LMI 的类型是Cisco，R1 LMI 的类型是ANSI。

两处都成功建立了LMI。

为什么无法建立PVC？PVC 与R1 之间的链路必须是点对点链路。

PVC 两端的LMI 类型必须匹配。

Cisco 路由器和非Cisco 路由器之间无法建立帧中继PVC。

命令frame-relay map ip 10.10.10.1 201中缺少参数IETF。

4请参见图示。

EIGRP 已配置为网络路由协议。

网络192.168.1.0/24 中的用户应有对与192.168.3.0/24 连接的web 服务器权限，但不允许telnet 至路由器R3。

在检验配置时，网络管理员发现网络192.168.1.0/24 中的用户可成功telnet 至路由修复此问题？将ACL 101 中语句10 和20 交换顺序。

将ACL 101 应用于R3 VTY 线路0 4 的入站方向。

将ACL 101 应用于R3 VTY 线路0 4 的出站方向。

将ACL 101 应用于R3 接口Serial0/0/1 的出站方向。

将ACL 101 语句10 更改为：permit ip 192.168.1.0 0.0.0.255 any5请参见图示。

所有设备的配置如图所示。

PC1 无法ping 通默认网关。

此问题的原因是什么？默认网关位于错误的子网中。

1At what physical location does the responsibilty for a WAN connection change from the user to the service provider?demilitarized zone (DMZ)demarcation pointlocal loopcloud2Refer to the exhibit. Computers on the internal network need access to all servers in the external network. The only traffic tha from the external network must be responses to requests that are initiated on the internal network. Which security measure w this requirement?a numbered extended ACLa named standard ACLa reflexive ACLa dynamic ACL3Which Frame Relay flow control mechanism is used to signal routers that they should reduce the flow rate of frames?DEBECIRFECNCBIR4Refer to the exhibit. A network administrator is trying to backup the IOS software on R1 to the TFTP server. He receives the message that is shown in the exhibit, and cannot ping the TFTP server from R1. What is an action that can help to isolate thUse correct source file name in the command.Verify that the TFTP server software is running.Make sure that there is enough room on the TFTP server for the backup.Check that R1 has a route to the network where the TFTP server resides.5Which IP address and wildcard mask would be used in an ACL to block traffic from all hosts on the same subnet as host 192.168.16.43/28?access-list 10 deny 192.168.16.0 0.0.0.31access-list 10 deny 192.168.16.16 0.0.0.31access-list 10 deny 192.168.16.32 0.0.0.16access-list 10 deny 192.168.16.32 0.0.0.15access-list 10 deny 192.168.16.43 0.0.0.166An administrator is unable to receive e-mail. While troubleshooting the problem, the administrator is able to ping the local ma address successfully from a remote network and can successfully resolve the mail server name to an IP address via the use nslookup command. At what OSI layer is the problem most likely to be found?physical layerdata link layernetwork layerapplication layer7Refer to the exhibit. A network administrator has issued the commands that are shown on Router1 and Router2. A later revie routing tables reveals that neither router is learning the LAN network of the neighbor router. What is most likely the problem RIPng configuration?The serial interfaces are in different subnets.The RIPng process is not enabled on interfaces.The RIPng network command is not configured.The RIPng processes do not match between Router1 and Router2.8Refer to the exhibit. A network administrator is attempting to configure a Frame Relay network. The administrator enters the as shown in the exhibit on R2, but the Frame Relay PVCs are inactive. What is the problem?The incorrect DLCI numbers are being configured on R2.The S0/0/0 interface on R2 needs to be point-to-point.The frame-relay map commands are missing the cisco keyword at the end.A single router interface cannot connect to more than one Frame Relay peer at a time.9Refer to the exhibit. Based on the output as shown, which two statements correctly define how the router will treat Telnet tra comes into interface FastEthernet 0/1? (Choose two).Telnet to 172.16.10.0/24 is denied.Telnet to 172.16.20.0/24 is denied.Telnet to 172.16.0.0/24 is permitted.Telnet to 172.16.10.0/24 is permitted.Telnet to 172.16.20.0/24 is permitted.10Refer to the exhibit. A network administrator is tasked with completing the Frame Relay topology that interconnects two remo should the point-to-point subinterfaces be configured on HQ to complete the topology?frame-relay interface-dlci 103 on Serial 0/0/0.1frame-relay interface-dlci 203 on Serial 0/0/0.2frame-relay interface-dlci 301 on Serial 0/0/0.1frame-relay interface-dlci 302 on Serial 0/0/0.2frame-relay map ip 192.168.1.1 103 broadcast on Serial 0/0/0.1frame-relay map ip 192.168.2.2 203 broadcast on Serial 0/0/0.2frame-relay map ip 192.168.1.1 301 broadcast on Serial 0/0/0.1frame-relay map ip 192.168.2.2 302 broadcast on Serial 0/0/0.211Which option correctly defines the capacity through the local loop guaranteed to a customer by the service provider?BEDECIRCBIR12Refer to the exhibit. A network administrator notices that three VLANs created on SW1 do not show in SW3. Based on out show vtp status and show running-config commands, what is the cause of the problem in the SW3 configuration?VTP version 2 is disabled.The VTP mode is misconfigured.The configure revision number for VTP does not match.13Refer to the exhibit. In the partial router configuration that is shown, what is the purpose of access list BLOCK_XYZ?to prevent source IP address spoofing by hosts on the Fa0/0 LANto block access by Fa0/0 LAN hosts to all network services beyond the routerto prevent users on the Fa0/0 LAN from opening Telnet sessions on the routerto secure Fa0/0 hosts by allowing only locally sourced traffic into the Fa0/0 LAN14 A network technician wants to implement SSH as the means by which a router may be managed remotely. What are two prothe technician should use to successfully complete this task? (Choose two.)Configure the login banner.Configure authentication.Define the asymmetrical keys.Configure the console password.Enter the service password-encryption command.15 A company is looking for a WAN solution to connect its headquarters site to four remote sites. What are two advantages thatleased lines provide compared to a shared Frame Relay solution? (Choose two.)reduced jitterreduced costsreduced latencythe ability to burst above guaranteed bandwidththe ability to borrow unused bandwidth from the leased lines of other customers16Which statement is true about PAP in the authentication of a PPP session?PAP uses a two-way handshake.The password is unique and random.PAP conducts periodic password challenges.PAP uses MD5 hashing to keep the password secure.17An administrator is configuring a dual stack router with IPv6 and IPv4 using RIPng. The administrator receives an error mess trying to enter the IPv4 routes into RIPng. What is the cause of the problem?When IPv4 and IPv6 are configured on the same interface, all IPv4 addresses are over-written in favor of the newer tecIncorrect IPv4 addresses are entered on the router interfaces.RIPng is incompatible with dual-stack technology.IPv4 is incompatible with RIPng.18Refer to the exhibit. Which configuration command would result in the output in the exhibit?ip nat inside source static 10.1.200.254 172.16.76.3ip nat inside source static 10.1.200.254 192.168.0.10ip nat inside source static 172.16.76.3 10.1.200.254ip nat inside source static 172.16.76.3 192.168.0.10ip nat inside source static 192.168.0.10 172.16.76.3ip nat inside source static 192.168.0.10 10.1.200.25419Which option represents a best practice for applying ACLs?Named ACLs are less efficient than numbered ACLs.Standard ACLs should be applied inside the core layer.ACLs applied to outbound interfaces use fewer router resources.Extended ACLs should be applied closest to the source that is specified by the ACL. 20Refer to the exhibit. What statement is true about the core router devices?They use multiport internetworking devices to switch traffic such as Frame Relay, ATM, or X.25 over the WAN.They provide internetworking and WAN access interface ports that are used to connect to the service provider network.They provide termination for the digital signal and ensure connection integrity through error correction and line monitorinThey support multiple telecommunications interfaces of the highest speed and are able to forward IP packets at full spe those interfaces.21Which important piece of troubleshooting information can be discovered about a serial interface using the show controllersqueuing strategyserial cable typeinterface IP addressencapsulation method22Which data link layer encapsulation protocol is used by default for serial connections between two Cisco routers?ATMFrame RelayHDLCPPPSDLC23When would the multipoint keyword be used in Frame Relay PVCs configuration?when global DLCIs are in usewhen using physical interfaceswhen multicasts must be supportedwhen participating routers are in the same subnet24 A company has its headquarters office in Dallas and five branch offices located in New York, Chicago, Los Angeles, Seattle,WAN links are used for communications among offices in six sites. In planning the WAN links, the network designer is given requirements: (1) minimize cost and (2) provide a certain level of WAN link reliability with redundant links. Which topology sh network designer recommend?starfull meshhierarchicalpartial mesh25While troubleshooting a PPP link that uses PAP authentication, a network administrator notices an incorrectly configured pas running configuration. The administrator corrects the error by entering the command ppp pap sent-username ROUTER_NA password NEW_PASSWORD, but the link still does not come up.Assuming that the rest of the configuration is correct and that the link has no physical layer problems, what should the adminSave the configuration to NVRAM.Shut down the interface then re-enable it.Generate traffic by pinging the remote router.Use CHAP to ensure compatibility with the remote router.26An administrator issues the command confreg 0x2142 at the rommon 1> prompt. What is the effect when this router is rebooContents in RAM will be erased.Contents in RAM will be ignored.Contents in NVRAM will be erased.Contents in NVRAM will be ignored.27Refer to the exhibit. Results of the show vlan and show vtp status commands for switches S1 and S2 are displayed in the e11 was created on S1. Why is VLAN 11 missing from S2?There is a Layer 2 loop.The VTP domain names do not match.Only one switch can be in server mode.S2 has a higher spanning-tree priority for VLAN 11 than S1 does.28 A network administrator determines that falsified routing information is propagating through the network. What action can beaddress this threat?Update the IOS images.Change console passwords.Employ end-user authentication.Configure routing protocol authentication.29 A recently patched application server is experiencing response time problems. The network on which the application server isbeen experiencing occasional outages that the network team believes may be related to recent routing changes. Network an teams have been notified to work on their respective issues. Which statement applies to this situation?Only results from the software package should be tested as the network is designed to accommodate the proposed sof platform.Scheduling will be easy if the network and software teams work independently.It will be difficult to isolate the problem if two teams are implementing changes independently.Results from changes will be easier to reconcile and document if each team works in isolation.30Refer to the exhibit. How is the TCP/IP configuration information specified by the default-router and dns-server commands available?The TCP/IP information is forwarded to a 10.0.1.3 to be supplied to DHCP clients.The TCP/IP information is used by DNS clients to forward all data to the default gateway on R1 of 10.0.1.3.The TCP/IP information is supplied to any DHCP client on the network connected to the FastEthernet 0/0interface of R1.The TCP/IP information is applied to each packet that enters R1 through the FastEthernet 0/0 interface that are hosts on /24 network except packets from addresses 10.0.1.2, 10.0.1.16, and 10.0.1.254.31Refer to the exhibit. All devices are configured as shown in the exhibit. PC1 is unable to ping the default gateway. What is the problem?The default gateway is in the wrong subnet.STP has blocked the port that PC1 is connected to.Port Fa0/2 on S2 is assigned to the wrong VLAN.S2 has the wrong IP address assigned to the VLAN30 interface.32Refer to the exhibit. Which statement is true about the Frame Relay connection?The Frame Relay connection is in the process of negotiation.A congestion control mechanism is enabled on the Frame Relay connection.The “ACTIVE” status of the Frame Relay connection indicates that the network is expe riencing congestion.Only control FECN and BECN bits are sent over the Frame Relay connection. No data traffic traverses the link.33Which configuration on the vty lines provides the best security measure for network administrators to remotely access the co headquarters?34 A DHCP server is configured with a block of excluded addresses. What two devices would be assigned static addresses fromexcluded address range? (Choose two.)a protocol analyzerDNS server for the networknetwork printer that is used by many different usersa laptop that will get a different address each time it boots up35Which two functions are provided by the NCP during a PPP connection? (Choose two.)the identification of fault conditions for the PPP linkproviding multilink capabilities over the PPP linkbringing the network layer protocol or protocols up and downthe enhancement of security by providing callback over PPPthe negotiation of options for the IP protocolauthentication between the peer routers of the PPP link36Which address provides an example of an IPv6 link-local address?FE80::1324:ABCD2001:2345:AB12:1935::FEFF2001:1234:0000:9CA::0876/641234:ABCD:5678:EF00:9234:AA22:5527:FC3537Which combination of Layer 2 protocol and authentication should be used to establish a link without sending authentication in plain text between a Cisco and a non-Cisco router?PPP with PAPPPP with CHAPHDLC with PAPHDLC with CHAP38What will be the result of adding the command ip dhcp excluded-address 192.168.24.1 192.168.24.5 to the configuration o router that has been configured as a DHCP server?Traffic that is destined for 192.168.24.1 and 192.168.24.5 will be dropped by the router.Traffic will not be routed from clients with addresses between 192.168.24.1 and 192.168.24.5.The DHCP server will not issue the addresses ranging from 192.168.24.1 to 192.168.24.5.The router will ignore all traffic that comes from the DHCP servers with addresses 192.168.24.1 and 192.168.24.5.39Refer to the exhibit. The corporate network that is shown has been assigned network 172.16.128.0/19 for use at branch offic VLSM is used, what mask should be used for addressing hosts at Branch4 with minimal waste from unused addresses?/19/20/21/22/23/2440What are two main components of data confidentiality? (Choose two.)checksumdigital certificatesencapsulationencryptionhashing41What major benefit does Cisco HDLC provide that ISO standard HDLC lacks?flow controlerror controlmultiprotocol supportcyclic redundancy checks42When NAT is in use, what is used to determine the addresses that can be translated on a Cisco router?access control listrouting protocolinbound interfaceARP cache43 A light manufacturing company wishes to replace its DSL service with a non-line-of-sight broadband wireless solution that ofcomparable speeds. Which solution should the customer choose?Wi-FisatelliteWiMAXMetro Ethernet44Which characteristic of VPN technology prevents the contents of data communications from being read by unauthorized partQoSlatencyreliabilityconfidentiality45Refer to the exhibit. A network administrator has been asked to configure PPP with CHAP authentication over the serial link routers R1 and R2. What additional configuration should be included on both routers to complete the task?46What is the result when the command permit tcp 10.25.132.0 0.0.0.255 any eq smtp is added to a named access control lis on the inbound interface of a router?TCP traffic with a destination to the 10.25.132.0/24 is permitted.Only Telnet traffic is permitted to the 10.24.132.0/24 networkTtraffic from 10.25.132.0/24 is permitted to anywhere on using any port.Traffic using port 25 from the 10.25.132.0/24 is permitted to all destinations.47What is tunneling?using digital certificates to ensure that data endpoints are authenticcreating a hash to ensure the integrity of data as it traverses a networkusing alternate paths to avoid access control lists and bypass security measuresencapsulating an entire packet within another packet for transmission over a network48Which statement is true about wildcard masks?Inverting the subnet mask will always create the wildcard mask.The wildcard mask performs the same function as a subnet mask.A network or subnet bit is identified by a "1" in the wildcard mask.IP address bits that must be checked are identified by a "0" in the wildcard mask.49Refer to the exhibit. Partial results of the show access-lists and show ip interface FastEthernet 0/1 commands for router R shown. There are no other ACLs in effect. Host A is unable to telnet to host B. Which action will correct the problem but still re traffic between the two networks?Apply the ACL in the inbound direction.Apply the ACL on the FastEthernet 0/0 interface.Reverse the order of the TCP protocol statements in the ACL.Modify the second entry in the list to permit tcp host 172.16.10.10 any eq telnet .50 A network administrator has moved the company intranet web server from a switch port to a dedicated router interface. Howadministrator determine how this change has affected performance and availability on the company intranet?Conduct a performance test and compare with the baseline that was established previously.Determine performance on the intranet by monitoring load times of company web pages from remote sites.Interview departmental administrative assistants and determine if they think load time for web pages has improved.Compare the hit counts on the company web server for the current week to the values that were recorded in previous w 51Which type of network attack exploits vulnerabilities in the compromised system with the intent of propagating itself across aviruswormTrojan horseman-in-the-middle52What are the symptoms when the s0/0/0 interface on a router is attached to an operational CSU/DSU that is generating a cloc the far end router on the point-to-point link has not been activated?show controllers indicates cable type DCE V.35. show interfaces s0/0/0 indicates serial down, line protocol down.show controllers indicates cable type DCE V.35. show interfaces s0/0/0 indicates serial up, line protocol down.show controllers indicates cable type DTE V.35. show interfaces s0/0/0 indicates serial up, line protocol down.show controllers indicates cable type DTE V.35. show interfaces s0/0/0 indicates serial down, line protocol down.An employee of XYZ corporation will begin working from home. The employee has a choice ofDSL or cable technology for WAN connectivity. Which connectivity characteristic is accuratelydescribed?Cable transfer rates are dependent on the length of the local loop.DSL provides a high-speed connection over existing copper phone wires.DSL download speeds are affected by high usage in the area.DSL service shares the same frequency range as voice calls.Cable connectivity usually requires new fiber installed for the local loop.Refer to the exhibit. WestSW is supposed to send VLAN information to EastSW, but that did not occur. What will force WestSW to send a VLAN update to EastSW?Change EastSW to be a VTP server.Reload both WestSW and EastSW at the same time.Erase the VLAN database on EastSW and reload the switch.Reset the configuration revision number on EastSW to zero.Reload EastSW。

思科练习第四学期窗体底端1窗体顶端使用 Cisco AutoSecure 有哪两个好处？（选择两项。

）管理员可通过它来精确控制各种服务的启用和禁用情况。

它可提供立即禁用非关键系统进程和服务的功能。

它可自动将路由器配置为与 SDM 协同工作。

它可确保与您网络中的其它设备充分兼容。

它使管理员无需了解 Ci sco I OS 软件的所有功能即可配置安全策略。

窗体底端2窗体顶端用户无法访问公司服务器。

系统日志显示服务器运行缓慢，因为它正在收到具有高优先级的虚假服务请求。

这是什么类型的攻击？侦测访问DoS蠕虫病毒特洛伊木马窗体底端3窗体顶端下列哪两种说法定义了在网络中启用 DNS 服务所带来的安全风险？（选择两项。

）默认情况下，域名查询被发送到广播地址 255.255.255.255。

DNS 域名查询需要在所有路由器的以太网接口上启用ip directed-broadcast命令。

在一台路由器上使用全局配置命令ip nam e-server会在网络中的所有路由器上启用 DNS 服务。

基本 DNS 协议不提供身份验证或完整性保证。

路由器配置不提供用于设置主 DNS 服务器和备份 DNS 服务器的选项。

窗体底端4窗体顶端网络管理员在试图通过 TFTP 服务器升级 Ci sco I OS 映像前，必须检验哪两项？（选择两项。

）使用show h osts命令检验 TFTP 服务器的名称。

使用tftpdnld命令检验 TFTP 服务器是否正在运行。

使用show version命令检验映像的校验和是否有效。

使用ping命令检验路由器与 TFTP 服务器之间的连通性。

使用show fl ash命令检验闪存是否具有足够空间容纳新的 Cisco IOS 映像。

窗体底端5窗体顶端下列关于网络安全的说法中哪两项正确？（选择两项。

）保护网络免受内部威胁侵害具有较低的优先级，因为由公司员工带来的安全风险较低。

无论是能自己编写攻击代码的资深黑客，还是从 Internet 下载攻击程序的入门攻击者都可能对网络安全造成严重威胁。

请参见图示。

R1 针对内部网络10.1.1.0/24 执行NAT 过载。

主机 A 向web 服务器发送了一个数据包。

R1 收到的从web 服务器返回的数据包中，目的I10.1.1.2:8010.1.1.2:1234172.30.20.1:1234172.30.20.1:3333 DDDDDDDD2如果不以纯文本格式发送身份验证信息，在Cisco 和非Cisco 路由器之间建立链路连接时，应使用以下哪种身份验证和第 2 层协议的组合？BBB CHAP 和HDLCCHAP 和PPPPAP 和HDLCPAP 和PPP3请参见图示。

网络管理员创建一个标准访问控制列表，以禁止从网络192.168.1.0/24 访问网络192.168.2.0/24 并允许所有网络访问Internet。

应该在哪个路由应用该列表？Fa0/0 接口，入站Fa0/0 接口，出站Fa0/1 接口，入站Fa0/1 接口，出站4请参见图示。

要允许从网络172.16.10.0/24 中的主机发出的任何类型的网络流量进入Internet，并阻止从网络172.16.10.0/24 中的主机发出的所有FTP 流量在R2 的S0/0/0 接口入站方向应用哪一ACL？BBBB5管理员在提示符rommon 1> 后输入命令confreg 0x2142。

重新启动路由器时会产生什么效果？DDDRAM 中的内容将被清除。

RAM 中的内容将被忽略。

NVRAM 中的内容将被清除。

NVR AM 中的内容将被忽略。

6网络管理员正与应用程序团队合作，尝试解决服务器上某一应用程序的响应时间问题。

管理员已检查数据通路的网络部分，并确认了可能发生问题的多个区域。

组也确认了可能与当前软件版本有关的问题。

在应用程序团队为软件打补丁的同时，网络管理员开始着手解决网络问题。

下列哪种说法对此情况是正确的？对网络的更改将会揭示因新补丁导致的问题。

如果网络和软件团队独立工作，时间安排会更加困难。

1下列关于网络安全的说法中哪两项正确？（选择两项。

）保护网络免受内部威胁侵害具有较低的优先级，因为由公司员工带来的安全风险较低。

无论是能自己编写攻击代码的资深黑客，还是从Internet下载攻击程序的入门攻击者都可能对网络安全造成严重威胁。

假设一家公司将其web服务器部署在防火墙之外，并充分备份web服务器，则无需采取其它安全措施来保护web服务器，因为即使它被攻击了也不会造成损失。

公众认可的网络操作系统（例如UNIX）和网络协议（例如TCP/IP）可采用默认设置工作，因为它们没有内在的安全缺陷。

保护网络设备免受水电等外在因素造成的物理破坏是安全策略的必要组成部分。

Option 2 and Option 5 are correct.2下列关于网络攻击的陈述，哪两项是正确的？（选择两项。

）强网络口令可防范大多数DoS攻击。

蠕虫需要人的参与才能扩散，而病毒不需要。

侦测攻击本质上始终是电子攻击，例如ping扫描或端口扫描。

暴力攻击会尝试使用字符集组合来搜索每个可能的口令。

内部设备不应该完全信任DMZ中的设备，应该对DMZ和内部设备之间的通信进行身份验证以防范端口重定向等攻击。

Option 4 and Option 5 are correct.3用户无法访问公司服务器。

系统日志显示服务器运行缓慢，因为它正在收到具有高优先级的虚假服务请求。

这是什么类型的攻击？侦测访问DoS蠕虫病毒特洛伊木马2 points for Option 34IT主管发起了一项活动，旨在提醒用户避免打开来源可疑的电子邮件。

该IT主管意在保护用户免受哪种攻击？DoSDDoS病毒访问侦测2 points for Option 35下列关于预防网络攻击的说法中哪两项正确？（选择两项。

）现代服务器和PC操作系统具有可以信赖的默认安全设置。

入侵防御系统可以记录可疑的网络活动，但在没有用户干预的情况下无法对抗正在进行的攻击。

物理安全威胁的防范包括控制对设备控制台端口的访问、标识关键电缆、安装UPS系统以及提供温湿控制。

As network administrator, what is the subnet mask that allows 510 hosts given the IP address 17255.255.0.0255.255.248.0255.255.252.0255.255.254.0255.255.255.0255.255.255.1282Refer to the exhibit. What is the correct destination socket number for a web page request fro to the web server?00-08-a3-b6-ce-46198.133.219.25:80h ttp://C 198.133.219.0/24 is directly connected, FastEthernet0/0Refer to the exhibit. Which two statements describe the information that is represented in the he (Choose two.)T his is a server response.The UDP protocol is being used.T he destination port indicates a Telnet session.The return segment will contain a source port of 23.The next session originated from the client of this session will use the source port number 134In a Cisco IOS device, where is the startup-configuration file stored?FlashNVRAMR AMROM5Refer to the exhibit. The network containing router B is experiencing problems. A network ashas isolated the issue in this network to router B. What action can be preformed to correct th issue?issue the clock rate command on interface Serial 0/0/0issue the description command on interface Serial 0/0/1issue the ip address command on interface FastEthernet 0/0i ssue the no shutdown command on interface FastEthernet 0/1Refer to the exhibit. Which set of devices contains only intermediary devices?A, B, D, GA, B, E, FC, D, G, IG, H, I, J7Refer to the exhibit. The command that is shown was issued on a PC. What does the IP add 192.168.33.2 represent?I P address of the hostdefault gateway of the hostI P address of the homepage for the hostprimary domain name server for the hostIP address of the website resolver1.mooki.local8Which OSI layers offers reliable, connection-oriented data communication services?applicationpresentations essiontransportn etwork9Which OSI layer manages data segments?application layerp resentation layersession layert ransport layer10Which three statements are true about network layer addressing? (Choose three.) It uniquely identifies each host.I t assists in forwarding packets across internetworks.It uses a logical 32-bit IPv4 address.I t is not a configurable address.It is a physical address.It identifies the host from the first part of the address.Which device should be used for routing a packet to a remote network?a ccess switchDHCP serverh ubrouter12Which information is used by the router to determine the path between the source and destination hosts?t he host portion of the IP addresst he network portion of the IP addressh ost default gateway addresst he MAC address13Refer to the exhibit. Each media link is labeled. What type of cable should be used to connect the different devices?Connection 1 - rollover cable Connection 2 - straight-through cableConnection 3 - crossover cableConnection 1 - straight-through cable Connection 2 - crossovercable Connection 3 - rollover cableConnection 1 - crossover cable Connection 2 - rollover cableConnection 3 - straight-through cableConnection 1 - crossover cable Connection 2 - straight-throughcable Connection 3 - rollover cableConnection 1 - straight-through cable Connection 2 -straight-through cable Connection 3 - straight-through cable14Refer to the exhibit. A user wants to view the current configuration. The output ofthe ipconfig/all command is displayed in the exhibit. What three facts can be determined from output? (Choose three.)The IP address is obtained from the DHCP server.This PC cannot communicate with other networks.The network can have 14 hosts.The prefix of the computer address is /25.The IP address is routable on the Internet.The assigned address is a private address.15Refer to the exhibit. The network administrator wants to remotely access the CLI of the router using modem 1. Which port of the router should be connected to modem 2 to enable this accconsoleE thernetauxiliaryserialRefer to the exhibit. Which logical topology describes the exhibited network?starringp oint-to-pointmulti-access17Refer to the exhibit. The PC, the routing table of which is displayed, is configured correctly. T network device or interface does the IP address 192.168.1.254 belong?P Cswitchr outer interface fa0/0router interface fa0/118Refer to the exhibit. To create the initial configuration, a network technician connected host A router using the connection that is shown. Which statement is true about this connection?It terminates at the Ethernet port of the router.It provides out-of-band console access.It terminates at the serial interface of the router.I t requires a Telnet client on host A to access the router.19Refer to the exhibit. Which two facts can be determined about the topology? (Choose two.)F our collision domains are present.One logical network is represented.T wo broadcast domains are present.Three networks are needed.Three logical address ranges are required.20Refer to the exhibit. The NAT functionality of the router is enabled to provide Internet access However, the PC is still unable to access the Internet. Which IP address should be changed 209.165.201.1 to enable the PC to access the Internet?192.168.1.191192.168.1.101192.168.1.1192.168.1.254Refer to the exhibit. A network technician wants to connect host A to the console of a Cisco swit initialize the configuration. What type of cable is required for this connection?straight-through cablec rossover cablerollover cables erial cable22Which three addresses belong to the category of private IP addresses? (Choose three.)10.0.0.1127.0.0.1150.0.0.1172.16.0.1192.168.0.1200.100.50.123An organization has decided to use IP addresses in the range 172.20.128.0 to 172.20.143.255. Which combination of network ID and subnet mask identifies all IPaddresses in this range?Network ID: 172.20.128.0 Subnet mask: 255.255.255.0N etwork ID: 172.20.128.0 Subnet mask: 255.255.0.0Network ID: 172.20.128.0 Subnet mask: 255.255.224.0Network ID: 172.20.128.0 Subnet mask: 255.255.240.0N etwork ID: 172.20.128.0 Subnet mask: 255.255.255.24024A network administrator wants to restrict access to the router privileged EXEC mode.Which password should the administrator use?e nableauxc onsoleV TY25While configuring a router, a network technician wants to name the router. Which prompt sho technician see when entering the hostname command?Router>Router#R outer(config)#Router(config-line)#Which three IPv4 addresses represent subnet broadcast addresses? (Choose three.)192.168.4.63 /26192.168.4.129 /26192.168.4.191 /26192.168.4.51 /27192.168.4.95 /27192.168.4.221 /2727During the encapsulation process, what identifiers are added at the transport layer?source and destination IP addressess ource and destination MAC addressessource and destination port numberss ource and destination channel identifiers28Refer to the exhibit. Which service is needed in order for the hosts to access the Internet?NATR IPFTPDHCP29Refer to the exhibit. A student has wired each end of a CAT 5e cable as shown. What is the (Choose two.)T he cable is unusable and must be rewired.The cable is suitable for use as a rollover cable.T he cable is suitable for use as a Fast Ethernet crossover.The cable is suitable for use as a Gigabit Ethernet straight-through.The cable is suitable for use between two 100 Mbps Auto-MDIX capable switches.30Refer to the exhibit. A web browser running on host PC1 sends a request for a web page to server with an IP address 192.168.1.254/24. What sequence of steps will follow in order to e the session before data can be exchanged?The session will be initiated using UDP. No additional acknowledgment will be required to the session.The session will be initiated using TCP. No additional acknowledgment will be required to the session.The session will be initiated using UDP. The returned web page will serve as an acknow for session establishment.The session will be initiated using TCP. A three-way handshake must be successfully co before the session is established.The tracert 10.1.3.2 command was issued on computer A. Computer A can ping other addresse local subnet. Computer A sent the first ICMP packet toward computer B with a TTL value of 1. A analyzer that was running on computer B showed that the packet never reached its destination. the packet not reach the destination?T here is a TCP/IP problem on computer A.There is a routing loop between R1 and R2.R1 does not have a route for the destination network.T he TTL for the packet was decreased to zero by R1.32Refer to the exhibit. Host A sends a frame to host C with a destination MAC address CC. Th address for host C is not in the MAC table of switch SW1. How will SW1 handle the frame?S witch SW1 will drop the frame.Switch SW1 will forward the frame to host C.Switch SW1 will flood the frame out all ports.S witch SW1 will flood the frame out all ports except port Fa0/1.33What information is used at each hop to determine where the packet will be forwarded next?the IP packet headert he incoming interfacethe transport layer PDUt he source MAC address34A user sees the command prompt: Router(config-if)# . What task can be performed at this mReload the device.P erform basic tests.Configure individual interfaces.C onfigure individual terminal lines.35Which exhibit shows the interface that is configured by the command, router(config)# interfa 0/0/1?Which combination of connectors will be used to make a straight-through cable when building a T568A standard?对37Which topology divides the collision domain and provides full media bandwidth to the hosts i network?对38Refer to the exhibit. A technician has been asked to test connectivity from PC1 to a remote n Which action will indicate if there is remote connectivity?对39A network administrator is configuring several switches for a network. The switches have sim configurations and only minor differences. The administrator wants to save all commands tha issued on the first switch to a text file for editing. Which transfer option should be selected in HyperTerminal?对40Refer to the exhibit. Which option shows the correct topology given the configuration of Rout 对If an administrator wished to return a router to the default state, what additional step must be tak issuing the command erase start-up config?R eload the device.Issue the command copy running-config start-up config.Perform a show running-config to verify that the file was removed.E nter the interface commands to allow the device to connect to the network.42Which statement is true about router hostnames?A hostname should be unique on each router.A router hostname cannot contain capital letters.A router hostname is configured in privileged executive mode.A router hostname must be created before any other configurations can be added to the43What purpose does a hostname serve on a router?uniquely identifies a router on the internetu sed by routing protocols to identify peer routersprovides device identification to users logging on remotelydetermines the hosts that are allowed to connect to the device44Refer to the exhibit. Which diagram depicts the path through the network that is represented output of the tracert command?对45Which fiber connector supports full-duplex Ethernet?对Refer to the exhibit. Host1 is in the process of setting up a TCP session with Host2. Host1 has s message to begin session establishment. What happens next?Host1 sends a segment with the ACK flag = 0, SYN flag = 0 to Host2.H ost1 sends a segment with the ACK flag = 1, SYN flag = 0 to Host2.Host1 sends a segment with the ACK flag = 1, SYN flag = 1 to Host2.Host2 sends a segment with the ACK flag = 0, SYN flag = 1 to Host1.H ost2 sends a segment with the ACK flag = 1, SYN flag = 0 to Host1.Host2 sends a segment with the ACK flag = 1, SYN flag = 1 to Host1.47Refer to the exhibit. Which logical topology best describes the exhibited network?s tarringpoint-to-pointb usmesh48Which command can be issued on a PC to determine which TCP/IP ports are in use?tracertnetstatnslookupipconfig /all49Refer to the exhibit. A network technician creates equal-sized subnets of network 192.168.2.the subnet mask 255.255.255.224. If the technician wishes to calculate the number of host a in each subnet by using the formula that is shown in the exhibit, what value will be used for n1234550A user types the enable command. What task can be performed at the privileged EXEC mode?C onfigure the device.Configure individual interfaces.Configure individual terminal lines.Issue show and debug commands.。

第1章考试1一家拥有10 名员工的小型公司使用单个LAN 在计算机之间共享信息。

哪种类型的I 连接适合此公司？由当地电话服务提供商提供的拨号连接能够使公司方便且安全地连接员工的虚拟专用网络通过当地服务提供商建立的私有专用线路通过当地服务提供商提供的宽带服务（如DSL）答案：4解析：对于这种小型办公室，比较适合通过被称为数字用户线路(DSL) 的常见宽带服务实现Internet 连接，这种服务由当地的电话服务提供商提供。

由于员工人数很少，带宽的问题并不突出。

如果公司较大，在远程站点有分支机构，则专用线路会更加适合。

如果公司员工需要通过Internet 与公司联系，则采用虚拟专用网。

2哪种网络情况需要使用WAN？员工工作站需要获取动态分配的IP 地址。

员工在出差时需要通过VPN 连接到公司电子邮件服务器。

分支机构的员工需要与同一园区网络上的另一座建筑物内的公司总部共享文件。

员工需要访问托管在其建筑物内DMZ 中的公司Web 服务器上的网页。

答案：2解析：当出差的员工需要通过WAN 连接到公司电子邮件服务器时，VPN 将通过WAN 连接在员工笔记本电脑与公司网络之间创建一个安全隧道。

通过DHCP 获取动态IP 地址是LAN 通信的功能。

在企业园区的不同建筑物之间共享文件可通过LAN 基础设施来实现。

DMZ 是企业LAN 基础设施内一个受保护的网络。

3以下哪项描述了WAN 的特征？WAN 和LAN 在同一地理范围内运行，但有串行链路。

WAN 网络归运营商所有。

所有串行链路均被视为WAN 连接。

WAN 可提供到园区主干网的终端用户网络连接。

答案：2解析：WAN 可用于将企业LAN 互连到远程分支机构站点LAN 和远程工作人员站点。

WAN 归运营商所有。

虽然WAN 连接一般通过串行接口实现，但并不是所有串行链路均连接至WAN。

LAN（而非WAN）可在组织中提供终端用户网络连接。

4电路交换WAN 技术的两个常见类型是什么？（请选择两项。

F列关于时分复用(TDM)的说法中哪两项正确？(选择两项。

)TDM依靠第3层协议工作。

可多个信道可通过单个链接传输。

口I原始数据流必须在目的地重建。

TDM方法取决于所用的第2层协议。

它可为多个信道的信息分配多条线路上的带宽。

分界点在数据通信物理电路中体现为什么？连接到In ternet的设备上的DTE/DCE接口防火墙或路由器所在的位置公共网络和私有客户网络分界的物理位置分配给存在交叉连接的物理网段的标记哪种串行通信DTE/DCE接口标准用于在LAN之间提供高达52 Mbps的高速连接且常用于许多高端Cisco路由器上？EIA/TIA 232 (RS-232)EIA/TIA 422 (RS-422)EIA/TIA 423 (RS-423)+ EIA/TIA-612/613 (HSSI)ITU V.35为什么串行连接比并行连接更适用于长距离传输？并行连接不支持差错校验。

并行连接可能发生过度衰减。

* 并行连接可能发生电线之间的串扰以及时滞。

并行连接仅可通过两条电线传输，因此传输数据的速度要慢很多。

下列关于HDLC封装的说法中哪三项正确？(选择三项。

)HDLC不支持CDP。

HDLC 和PPP相互兼容。

HDLC 支持PAP和CHAP身份验证。

Cisco路由器上实现的HDLC 是Cisco的专有技术。

"HDLC是Cisco路由器上的默认串行接口封装方法。

‘ HDLC使用帧定界符来标记每个帧的开头和结尾下列关于LCP的说法，哪三项是正确的？（选择三项。

）“ 它负责协商建立链路。

-I它会协商在PPP上运行的第3层协议的选项。

它在协商链路建立参数时使用MD5加密。

丁I它会在用户要求时或闲置计时器到期时切断链路。

丁|它能测试链路，确定链路质量是否足以开启该链路。

它会监控链路拥塞情况，并动态调整可接受的窗口大小。

LCP可协商哪两个选项？（选择两项。

）‘链路质量“身份验证动态流量控制压缩以及IP的网络层地址使用面向连接的通信方法还是无连接通信方法下列哪个PPP配置选项可用于在路由器的接口上建立负载均衡?回叫"多链路压缩. 错误检测网络控制协议可为PPP连接提供什么功能？' 进行错误检测建立和终止数据链路为PPP提供身份验证功能管理网络拥塞以及测试链路质量+允许多种第 3 层协议在同一物理链路上工作Router^ shaw internee seiialfl/OSciialO^) is up, lute protocol is upHardware is HD64570Entemet adiress is 10.140.1^24MTU 1SOO bytes,BW 1544 Khit,DLY 20000 usee^rtly255/255, had i/255Encapsulation PPP, loopback not set, keepalive set (IQ sec)LCP OpenOpen： IPCP.CDPCP38097packjets o ulput,2135597 bytes, 0 underruns0 output errors T0 collisioiis, 6045 interact resets0 output builer failure齢0 4utpvt buf^s^vapped out482 canier truisitionsDCD=up DSR=np DTR^np RTS=itp CTAup请参见图示。

下列哪项最准确地描述了采用帧中继与采用租用线路或 ISDN 服务相比的优势？客户可以更精确地定义其虚电路需求，且带宽需求之间的差别可低至 64 kbps。

客户只需支付包含本地环路和网络链路的端对端连接的费用。

客户只需支付本地环路以及网络提供商所提供的带宽的费用。

连接新站点时，所需的新电路安装成本要低于 ISDN 拨号的成本或因租用服务而添加额外硬件的成本。

帧中继技术使用哪两种方法处理包含错误的帧？（选择两项。

）帧中继服务依靠上层协议来处理错误恢复工作。

它要求接收设备请求发送方重新传输错误帧。

设置帧中的 FECN、BECN 和 DE 位以尽量减少错误。

接收设备会丢弃所有包含错误的帧而不会通知发送方。

帧中继交换机会通知发送方检测到了错误。

哪种说法是对数据链路连接标识符 (DLCI) 的最佳描述？用于标识通过帧中继网络连接的目的路由器的本地地址用于标识虚电路的具有本地意义的地址用于标识路由器和帧中继交换机之间的接口的逻辑地址用于标识 DCE 的逻辑地址在帧中继网络两个 DTE 之间创建的是什么？ISDN 电路有限访问电路交换并行电路虚电路在帧中继网络中，下列哪两项使路由器可将数据链路层地址映射到网络层地址？（选择两项。

）ARP在线代理|网页代理|代理网页|RARP代理ARP逆向ARPLMI 状态消息ICMP请参见图示。

从路由器 Peanut 向地址 192.168.50.10 发出了一次 ping 命令。

发送该 ping 命令时将使用什么 DLCI？110115220225请参见图示。

子接口 S0/0.110 上的点对点配置对路由器的运作有什么影响？它有助于节约 IP 地址。

在线代理|网页代理|代理网页|它与多个物理接口建立多个 PVC 连接。

它既消除了水平分割问题，又不增大出现路由环路的可能性。

它需要在子接口上配置encapsulation命令。

当帧中继交换机检测到队列中含有过多待处理帧时，会进行哪三项操作？（选择三项。

CCNA第四章答案第4章1 网络接入层1OSI 模型的哪一层负责指定特定介质类型使用的封装方法��应用层传输层数据链路层物理层封装是数据链路层的一种功能。

不同介质类型需要采用不同的数据链路层封装。

答案说明最高分值correctness of response2 points for Option 30 points for any other option222 下列哪种说法正确描述了物理层的信令?��异步发送信号意味着无需时钟信号即可传输信号。

在信令中��1 始终代表电压��0 始终代表没有电压。

无线编码包括发送一系列点击来划定帧。

信令是一种将数据流转换成预定义代码的方法。

除了表示是否存在电压外�揭部墒褂眯矶喾椒ㄔ谕�缆上表示 0 或 1 信号。

无线网络技术的运行频率远远超出人类可听的范围�讲⑶也皇褂玫慊鳌１嗦牖蛳呗繁嗦胧且恢纸�数据位流转换为预定义代码的方法。

答案说明最高分值correctness of response2 points for Option 10 points for any other option233 下列哪两项是物理层协议使用帧编码技术的原因�开磺胙≡窳较睢＊�降低介质上的冲突数量甄别数据位和控制位提供更好的介质错误校正识别帧的开始和结束位置提高介质吞吐量编码技术可将数据位流转换为发送方和接收方都能识别的预定义代码。

使用预定义模式有助于区别控制位和数据位�讲⑻峁┝己玫慕橹蚀砦蠹觳狻�答案说明最高分值correctness of responseOption 2 and Option 4 arecorrect.1 point for each correct option.20 points if more options are selected than required.44 快速以太网的吞吐量为 80 Mb/s。

同一时期用于建立会话、确认和封装的流量开销是 15 Mb/s。

•考试结果•试题反馈报告Connecting Networks (版本6.00) - CN 第4 章考试以下是针对您未获得满分的试题给出的反馈。

某些交互式试题可能不显示您的答案。

分项分数：1 哪个范围代表在ACE 中使用拥有通配符掩码0.0.7.255 的网络10.120.160.0 时受影响的所有IP 地址？1哪个范围代表在ACE 中使用拥有通配符掩码0.0.7.255 的网络10.120.160.0 时受影响的所有IP 地址？•正确响应您的响应•o10.120.160.0 到10.127.255.255o10.120.160.0 到10.120.167.255o10.120.160.0 到10.120.168.0o10.120.160.0 到10.120.191.255通配符掩码 0.0.7.255 意味着第 3 组二进制八位数的前 5 位都必须保持不变，但最后 3 位可以是从 000 到 111 的值。

最后一组二进制八位数的值为 255，表示最后一组二进制八位数可以是全 0 和全 1 的值。

此试题参考以下领域的内容：Connecting Networks•4.1.1 ACL 操作概述2 哪两项功能描述了访问控制列表的用途？（选择两项。

）2哪两项功能描述了访问控制列表的用途？（选择两项。

）•正确响应您的响应•o ACL 可以控制主机能够访问网络中的哪些区域。

o标准ACL 可限制对特定应用程序和端口的访问。

o ACL 提供基本的网络安全性。

o ACL 可以根据路由器上的始发MAC 地址来允许或拒绝流量。

o ACL 可以帮助路由器确定到目的地的最佳路径。

此试题参考以下领域的内容：Connecting Networks•4.1.1 ACL 操作概述3 下列关于访问控制列表通配符掩码的效果的陈述中哪两项正确？（选择两项。

）3下列关于访问控制列表通配符掩码的效果的陈述中哪两项正确？（选择两项。

）•正确响应您的响应•o将匹配所提供的IP 地址的前32 位。