CCNA四考试答案

请参见图示。

根据图中所示的输出可得出哪三点信息？（选择三项。

）出现了一个载波检测信号。

Keepalive 数据包接收成功。

此串行链路上采用了默认封装。

此接口上传输的数据包的大小不能超出 1 KB。

此链路的可靠性非常低。

LCP 协商阶段已完成。

窗体底端2窗体顶端广播流量过多一般表明哪一层出了问题？物理层数据链路层网络层传输层窗体底端3窗体顶端建议采用哪种故障排除方法来处理疑似由网络电缆故障引起的复杂问题？自下而上自上而下分治法从中切入窗体底端4窗体顶端逻辑网络图中一般含有哪两项信息？（选择两项。

）电缆类型连接器类型接口标识符虚电路的DLCI操作系统版本窗体底端5窗体顶端技术人员应要求排除现有交换网络的故障，但找不到VLAN 配置的文档。

技术人员可使用什么工具来发现和映射VLAN 和端口分配情况？电缆分析仪网络分析器协议分析器知识库窗体底端6窗体顶端下列IP 地址与通配符掩码的组合中，哪个组合可精确指定子网192.168.3.32 /28 最后8 个地址？192.168.3.32 0.0.0.7192.168.3.32 0.0.0.15192.168.3.40 0.0.0.7192.168.3.40 0.0.0.15窗体底端7窗体顶端下列关于逻辑网络模型的说法中哪两项正确？（选择两项。

）TCP/IP 将OSI 模型的最低层划分为两个相互独立的层。

TCP/IP 模型的顶层综合了OSI 模型的上面三层的功能。

使用TCP/IP 模型进行故障排除所需的技术与使用OSI 模型时不同。

网络接入层负责在TCP/IP 网络中的设备之间交换数据包。

Internet 层负责在处于不同主机上的应用（例如FTP、HTTP 和SMTP）之间提供通信。

TCP/IP 网络接入层对应于OSI 物理层和数据链路层。

窗体底端8窗体顶端收集症状以排查网络故障时，哪个步骤可能会牵涉到外部管理员？缩小范围收集可疑设备的症状分析现有症状确定所有权窗体底端9窗体顶端用户投诉访问网络资源时等待时间太长。

CCNA_4_Final11下列哪种类型的网络攻击是利用被入侵的系统中的漏洞在网络中自我传播？病毒蠕虫特洛伊木马中间人2请参见图示。

有一个 FTP 请求数据包需要发往IP 地址为172.16.1.5 的 FTP 服务器。

Router1 的 S0/0/0 接口收到该请求数据包后，会以何种方式处理？路由器认定传入数据包与 access-list 201 permit ip any any 命令创建的语句匹配，从而允许数据包进入路由器。

因为 access-list 101 permit ip any any 命令没有创建任何语句，所以路由器会达到ACL 101 的尾部而找不到匹配的条件，从而丢弃该数据包。

路由器认定传入数据包与 access-list 101 permit ip any 172.16.1.0 0.0.0.255 命令创建的语句匹配，从而忽略 ACL 101 的其余的语句，允许数据包进入路由器。

路由器会认定传入数据包与命令 access-list 201 deny icmp 172.16.1.0 0.0.0.255 any 创建的语句匹配，然后继续将该数据包与 ACL 201 中剩余的语句比对，以确保后续语句均未禁止 FTP，然后路由器将丢弃该数据包。

3 管理员正在使用 RIPng 和双协议栈技术为一路由器配置 IPv6 和 IPv4，他在输入IPv4 路由时收到一条错误消息。

可能是什么原因导致出现错误消息？IPv4 与 RIPng 不兼容RIPng 与双协议栈技术不兼容。

路由器接口的地址配置错误。

在同一接口同时配置 IPv4 和 IPv6 时，所有 IPv4 地址均被禁用，以支持新的技术。

4 帧中继网络中所用的本地管理接口 (LMI) 提供哪两项功能？（选择两项。

）流量控制错误通知拥塞通知映射 DLCI 至网络地址发送 keepalive 数据包以检验 PVC 的工作情况5如果不以纯文本格式发送身份验证信息，在 Cisco 和非 Cisco 路由器之间建立链路连接时，应使用以下哪种第 2 层协议和身份验证的组合？HDLC 与 PAPHDLC 与 CHAPPPP 与 PAPPPP 与 CHAP6 服务提供商自何处开始对客户的 WAN 连接负责？本地环路路由器上的 DTE 电缆分界点非军事区7请参见图示。

计算机四级网络工程师习题库（附参考答案）一、单选题（共82题，每题1分，共82分）1.关于城域网的描述中，错误的是( )。

A、接入网是用户接入城域网主要途径B、可支持语音、视频、数据等多种业务C、通常以卫星信道作为骨干传输线路D、用于城市范围内局域网之间的互联正确答案：C2.关于CSMA/CD的描述中，正确的是( )。

A、是一种介质访问控制方法B、经常被用于无线局域网中C、发送数据前无需侦听总线D、冲突帧的重发次数无限制正确答案：A3.进程间通信时，下列哪一种情形下，发送进程不能再申请互斥锁( )。

A、已满的邮件槽B、未加锁的邮件槽C、已空的邮件槽D、半满的邮件槽正确答案：A4.下列哪一种中断与当前运行的进程有关( )。

A、故障性中断B、程序性中断C、时钟中断D、I/O正确答案：B5.关于SNMP的描述中，正确的是( )。

A、可扩展为SGMP协议B、支持轮询工作模式C、工作于网络层D、只能工作于TCP/IP环境正确答案：C6.在FTP中，有一种数据连接的建立模式，这种模式由客户机打开一个随机选择的端口，并将该端口号通过控制连接传送给服务器。

然后，服务器请求与该端口建立数据连接。

这种模式叫做( )。

A、被动模式B、随机模式C、控制模式D、主动模式正确答案：D7.关于安全管理的描述中，错误的是( )。

A、避免所有安全问题B、进行风险分析C、采用多层防卫手段D、跟踪入侵者正确答案：A8.外部设备按数据传输的方式可分为多种类型，通常键盘是哪一种类型的设备？( )A、独占设备B、块设备C、虚拟设备D、字符设备正确答案：D9.在虚拟页式系统中进行页面置换时，检查进入内存时间最久页面的 R 位，如果是 0，则置换该页；如果是 1，就将 R 位清 0，并把该页面放到链表的尾端，修改其进入时间，然后继续搜索，这一策略称为( )。

A、最近最少使用页面置换算法B、第二次机会页面置换算法C、最近最不常用页面置换算法D、先进先出页面置换算法正确答案：B10.关于网管协议的描述中，错误的是( )。

答案：1、D 2、AE 3、BC 4、E 5、B 6、D 7、AEF 8、A 9、A 10、B 11、D 12、B 13、A 14、D 15、AD 16、A 17、ABF 18、BF 19、B 20、C1收集症状以排查网络故障时，哪个步骤可能会牵涉到外部管理员？缩小范围收集可疑设备的症状分析现有症状确定所有权2逻辑网络图中一般有哪两项要素？（选择两项。

）接口标识符连接器类型操作系统版本电缆类型虚电路3请参见图示。

在创建网络文档的过程中应该进行哪两个步骤？（选择两项。

）记录仅在园区网络中发现的设备的相关信息。

记录在整个网络中（包括远程站点）发现的设备的相关信息。

将网络配置表中与拓扑图所示组件相关的任何设备信息记录下来。

仅将网络配置表中与拓扑图所示组件相关的第2 层和第3 层设备信息记录下来。

将网络配置表中与拓扑图所示组件相关的在网络使用高峰期收集的的设备信息记录下来。

4请参见图示。

图中的图表来自HR-1，它是HR 部门使用的唯一一台应用程序服务器。

基线数据收集开始于8 月1 日。

从图表中可确定什么有用信息？HR-1 上的CPU 资源失衡。

需要调整处理周期。

有两个明显的周末处理周期，它们始于周六夜晚，止于周日早上。

基线图表显示HR-1 明显具有处理问题（尽管问题本质尚不清楚）。

HR-1 上的处理负载重复再现，因此可预测。

HR-1 上的CPU 负载因某种原因受到明显影响，但由于信息不足，无法确定是否存在问题。

5请参见图示。

服务器HR 上的一个应用程序不再响应任何客户端请求。

每件事务都取决于数据中心中的多台服务器。

数据中心内的服务器上运行的为全公司提供服务的应用程序均无问题。

员工没有解决此类故障的经验，且对各种应用程序的了解也有限。

哪些初始故障排除步骤体现了自上而下的故障排除方法？检查所有服务器的电缆连接。

检查每块网卡上的连接指示灯是否为绿色。

Ping 每台服务器的本地地址，然后Ping 相关服务器和典型客户端的地址。

公司与AA2SSH存在不正确的访问控制列表条目。

访问列表中的必须在会防止以明文传输登录信息如果身份验证失败，则会断开PPP 会话连接会发起双向握手容易遭受回送攻击4命令show frame-relay map的输出如下：Serial 0 (up): ip 192.168.151.4 dlci 122, dynamic, broadcast, status defined, active 下列哪三种说法正确描述了所示内容的意义？（选择三项。

）192.168.151.4代表远程路由器的IP 地址192.168.151.4代表本地串行接口的IP 地址DLCI 122代表远程串行接口DLCI 122代表用于连接远程地址的本地编号broadcast表示动态路由协议（例如RIP v1）可通过此PVC 发送数据包active表明ARP 进程正在工作5路由器的SDM 主页会显示哪三点信息？（选择三项。

）ARP 缓存闪存的总容量和可用容量路由表已配置的LAN 接口的数量是否配置了DHCP 服务器该LAN 中路由器的数量6从非军事区分界点本地环路网云确保在确认确保路由器上有通向下列哪三种说法正确描述了CSU/DSU调制解调器用于端接本地数字环路。

CSU/DSU调制解调器用于端接本地模拟环路。

路由器通常被视为路由器通常被视为10在链路质量测试完毕后，路由器在协商第LCPNCP它会被丢弃。

它会被放到队列中，直到主机它会被转换，源端口号保持为它会被分配其端口范围内的第一个可用端口号。

交换虚电路的相关信息将DLCI 映射到网络地址提供流量控制提供错误通知提供拥塞通知发送keepalive 数据包以检验PVC 的工作情况14请参见图示。

下列说法中哪三项正确？（选择三项。

）启用了NAT 过载。

启用了动态NAT。

地址转换会失败。

接口配置不正确。

地址为192.168.1.255 的主机将被转换。

进入0/0/2 接口的流量先被转换，然后才流出串行接口0/0/0。

1 制作商务案例的目的是什么？AA.用于证明实施技术改进所需的资金投入的合理性B.用于为之前在RFP 中完成的工作提供例子。

C.用于定义网络的技术要求D.用于定义时间表和关键里程碑2 开发网络设计时，为什么必须排列业务目标的优先顺序？DA.为确保首先实现最廉价的技术B.为简化新安装网络的配置、管理和监控工作C.为预测变化和业务增长所带来的影响D.为抓住有助于业务成功的最佳机遇3 Cisco 生命周期服务的哪个阶段会执行网络基线？EA.准备阶段B.规划阶段C.设计阶段D.实施阶段E.运行阶段4 在网络管理体系结构中，哪一项是对管理代理的准确描述？DA.存储网络性能参数的标准数据库B.管理站与被管理设备之间采用的通信协议C.管理员用于监控和配置网络设备的、运行管理应用程序的主机D.在受管设备上运行的软件，用于收集网络信息并使管理站可管理该设备5 Cisco 生命周期服务的哪个阶段会采取主动管理以确认并解决问题，避免组织受到影响？FA.准备阶段B.规划阶段C.设计阶段D.实施阶段E.运行阶段F.优化阶段6 系统级验收测试的目的是什么？CA.为新设计的网络开发安装计划B.在新安装的网络上培训最终用户和支持人员C.检查新安装的网络是否符合业务目标和设计要求D.用于证明实施技术改进所需的资金投入的合理性7 在网络设计中使用自上而下的方法替代自下而上的方法有哪两项优点？（选择两项）A.DA.符合组织要求B.可快速对设计要求作出反应C.减少网络设计的前期准备时间D.从应用程序和网络解决方案的角度明确设计目标E.可根据以往经验选用设备和技术以实现设计8 下列哪项业务制约条件可能影响公司的W AN 设计？DA.公司政策中关于LAN 设备上特定操作系统的规定B.当前在用户设备上实施的监控协议C.实施过程中最终用户无法使用网络D.公司政策因合作关系而要求使用特定厂商的网络设备9 以下哪个组件安装在由SNMP 管理的网络设备上？AA.管理代理B.管理站C.网络管理协议D.管理信息库(MIB)10 SNMP 有何用途？AA.帮助在设备与NMS 之间交换信息B.监视和控制网络中的IP 地址分配C.向监控工作站报告用户登录情况D.检验网络中的流量并记录所有活动11 组织在发出征求建议书(RFP) 或征求报价书(RFQ) 前，通常完成了Cisco 生命周期服务策略的哪个阶段？AA.准备阶段B.规划阶段C.设计阶段D.实施阶段E.运行阶段F.优化阶段12 一家承包公司的网络工程师接到一个会议通知，内容是与潜在客户举行的投标前会谈。

1有关下列扩展ACL 的说法中哪两项正确？（选择两项。

）access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 20 access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 21 access-list 101 permit ip any any拒绝从网络172.16.3.0/24 始发的所有FTP 流量。

会隐含拒绝所有流量。

会拒绝发往网络172.16.3.0/24 的所有FTP 流量。

会拒绝从网络172.16.3.0/24 始发的所有Telnet 流量。

会允许从网络172.16.3.0 始发的 Web 流量。

2如果数据包未与ACL 中的任何语句匹配，则会如何处理该数据包？会将该数据包放置在缓冲区中，并在删除该ACL 后转发该数据包。

会将该数据包连同一则错误通知消息发回给源地址。

列表末尾的隐含permit any语句会允许该数据包通过。

列表末尾的隐含deny any语句会导致该数据包被丢弃。

3请参见图示。

ACL 101 中的"deny ip 64.100.0.0 0.0.7.255 any" 语句发现了 35 个匹配项，最可能的解释是什么？内部网络中的一名用户伪造了一台Internet 主机并正在向该主机发送流量，该主机也正在响应。

Internet 上的一名用户伪造了内部网络中的一个主机地址，并正在尝试向内部网络发送数据包。

一台Internet 主机正在反复要求内部网络发送流量。

内部网络中的一台主机正在反复要求Internet 发送流量。

4标准访问控制列表应该放置在哪里？靠近源地址靠近目的地址在以太网端口上在串行端口上5Cisco 标准ACL 是如何过滤流量的？通过目的UDP 端口通过协议类型通过源IP 地址通过源UDP 端口通过目的IP 地址6ACL 可使用哪三种参数来过滤流量？（选择三项。

CCNA 4 - Final Exam (B)Posted by beotron at 9:23 PM1. Identify the factors that contribute to congestion on an Ethernet LAN. (Choose three.)• improper placement of enterprise level servers• addition of hosts to a physical segment• replacement of hubs with workgroup switches• increasing use of bandwidth intensive network applications• migration to full-duplex Ethernet within the LAN2. Which of the following are examples of TCP/IP application layer protocols? (Choose three.)• a terminal emulation protocol that supports remote console connections with various network devices • a protocol created by IBM that makes it easier for mainframes to connect t o remote offices• a protocol responsible for transporting electronic mail on TCP/IP networks and the Internet• a protocol that controls the rate at which data is sent to another computer• a protocol that exchanges network management information between a network device and a management console3. Which of the following eliminates switching loops?• hold-down timers• poison reverse• spanning tree protocol• time to live• split horizon protocol4. The show cdp neighbors command is a very useful network troubleshooting tool. Using the output in the graphic, select the statements that are true. (Choose two.)• CDP operates at the network layer of the OSI model.• The output of this command displays information about directly connected Cisco devices only.• The switch is attached to the SanJose1 FastEthernet0/21 interface.• SanJose1 is running CDP version 12.0.• SanJose1 has two fully operational, cdp-enabled Cisco switches directly connected to it.• SanJose2 is a 2600 series router running several routed protocols5. A network administrator can ping the Denver router, but gets a ‘Password Required but None Set’ message when trying to connect remotely via Telnet. Which command sequence must be applied to the Denver router to allow remote access?• Router(c onfig)# line console 0Router(config-line)# loginRouter(config-line)# password cisco• Router(config)# line vty 0 4Router(config-line)# loginRouter(config-line)# password cisco• Router(config)# line virtual terminalRouter(config-line)# enable loginRouter(config-line)# password cisco• Router(config)# line vty 0 4Router(config-line)# enable secretRouter(config-line)# password ciscoRouter(config)# enable secret ciscoRouter(config)# enable cisco6. Which of the following is associated with link-state routing protocols?• low processor overhead• poison reverse• routing loops• split horizon• shortest-path first calculations7. A router does not load its configuration after a power failure. After running the showstartup-configuration command, the adminstrator finds that the original configuration is intact. What is the cause of this problem?• The configuration register is set for 0×2100.• The configuration register is set for 0×2101.• The configuration register is set for 0×2102.• The configurati on register is set for 0×2142.• Boot system commands are not configured.• Flash memory is empty causing the router to bypass the configuration in NVRAM• Nederst på formularen8. Which commands are used to verify the content and placement of access control lists? (Choose three.) • show ip interface• show ip route• show processes• show running-config• show cdp neighbor• show access-lists9. Which of the following are required when creating a standard access control list? (Choose two.)• destination ad dress and wildcard mask• source address and wildcard mask• subnet mask and wildcard mask• access list number between 100 and 199 or 2000 and 2699• access list number between 1 and 99 or 1300 to 199910. Which of the following are keywords that can be used in an access control list to replace a dotted decimal wildcard mask? (Choose two.)• most• host• all• any• some• sum11. Refer to the diagram. All ports on Switch A are in the Sales VLAN and all ports on Switch B are in the Accounting VLAN. How many broadcast domains and how many collision domains are shown? (Choose two).• 3 collision domains• 3 broadcast domains• 5 broadcast domains• 9 collision domains• 10 collision domains• 13 collision domains12. Refer to the graphic. Using the most efficient IP addressing scheme and VLSM, which address can be configured on one of the serial interfaces?• 192.168.16.63/27• 192.168.16.158/27• 192.168.16.192/27• 192.168.16.113/30• 192.168.16.145/30• 192.168.16.193/3013. What is the purpose of the Spanning Tree Protocol (STP)?• prevents Layer 2 loops• prevents routing loops on a router• creates smaller collision domains• creates smaller broadcast domains• allows Cisco devices to exchange routing table updates14. What is the purpose of a loopback address when using the OSPF routing protocol?• activates the OSPF neighboring process• ensures a persistent router ID for the OSPF process• provides a backdoor for connectivity during the convergence process• streamlines and speeds up the convergence pr ocess15. Which statement is true regarding states of the IEEE 802.1d Spanning Tree Protocol?• Ports are manually configured to be in the forwarding state.• Ports listen and learn before going into the forwarding state.• Ports must be blocked before the y can be placed in the disabled state.• It takes 15 seconds for a port to go from blocking to forwarding16. Which sequence of commands is used to configure a loopback address on a router?• Router1(config)# interface loopback 1Router1(config-if)# ip address 192.168.1.1Router1(config)# interface serial 0/0• Router1(config-if)# loopback 1Router1(config-if)# ip address 192.168.1.1Router1(config)# interface serial 0/0• Router1(config-if)# loopback 1Router1(config-if)# ip address 192.168.1.1 255.255.255.0• Router1(config)# interface loopback 1Router1(config-if)# ip address 192.168.1.1 255.255.255.25517. Which routing protocols are classful and do not support VLSM? (Choose two.)• EIGRP• OSPF• RIP v1• RIP v2• IGRP18. Refer to the graphic. Two switches are connected together through a trunk port. SW2 displays the message shown. Which of the following will solve the duplex mismatch?• SW1(config)# interface fastethernet 0/1SW1(config-if)# duplex full• SW1(config)# interface fastethernet 0/1SW1(config-if)# full-duplex• SW2(config)# interface fastethernet 0/1SW2(config-if)# duplex full• SW2(config)# interface fastethernet 0/1SW2(config-if)# full-duplex19. Refer to the graphic. Two routers have been configured to use EIGRP. Packets are not being forwarded between the two routers. What could be the problem?• EIGRP does not support VLSM.• The routers were not configured to monitor neighbor adjacency changes.• The default bandwidth was used on the routers.• An incorrect IP address was configured on a router interface.20. According to the the provided router output, which of the following statements is true regarding PPP operation?• Only the link-establishment phase completed successfully.• Only the network-layer phase completed successfully.• Neither the link-establishment phase nor the the network-layer phase completed successfully.• Both the link-establishment and network-layer phase completed successfully21. Frame Relay is configured over a point-to-point connection between two routers. The output of the show frame-relay pvc command indicates that the status of this PVC is inactive. Which of the following devices could be the source of the problem? (Choose two.)• local router• local Frame Relay switch• remote router• remote Frame Relay switch• R3 has the following configuration:• R3# show running-config• –some output text omitted–• interface serial0/0• bandwidth 128• ip address 192.168.11.2 255.255.255.0• encapsulation frame-relay• frame-relay map ip 192.168.11.2 30 broadcast22. After the command R3# debug frame-relay packet is executed, a ping is issued from R3 to R1 but is unsuccessful. Based on the output of the debug command shown in the graphic and the router configuration, what might be problem?• No clock rate assigned.• There is an incorrect DLCI number in the map statement.• An incorrect IP address exists in the map statement.• The encapsulation command is missing the broadcast keywor d23. Which statements are true regarding the Frame Relay LMI? (Choose three.)• The LMI provides a virtual circuit (VC) status mechanism.• The LMI type must always be manually configured.• The available LMI types are NI1, DMS100 and 5ESS.• The LMI types supported by Cisco routers are CISCO and IETF.• The LMI type configured on the router must match the one used on the Frame Relay switch.• The LMI uses reserved DLCIs to exchange messages between the DTE and DCE24. Which statement describes the process that occurs in Network Address Translation (NAT) overloading?• Multiple private IP addresses are mapped to one public IP address.• The number of usable addresses assigned to a company is divided into smaller manageable groups.• A pool of IP addres ses are mapped to one or more MAC addresses.• The router acts as a DHCP server and assigns multiple public IP addresses for each private IP address configured25. Which two statements are true about the committed information rate on a Frame Relay link? (Choose two.)• The sum of the CIRs for all PVCs must be less than the port speed.• The sum of the CIRs for all PVCs must equal the port speed.• The sum of the CIRs for all PVCs can be greater than the port speed.• The DE bit will be set on frames that ar e transmitted in excess of the CIR.• Frames that are transmitted at greater than the CIR will be discarded at the source.• It is impossible to transmit frames at a rate in excess of the CIR26. Which of the following commands would be used to troubleshoot the processing of call control functions such as call setup, signaling, and termination?• show interface bri0/0• show isdn active• debug isdn q921• debug isdn q931• debug ppp negotiation• debug ppp authentication27. Which of the following statements are true regarding PPP? (Choose three.)• PPP can use synchronous and asynchronous physical media.• PPP can only be used between two Cisco devices.• PPP carries packets from several network layer protocols in LCPs.• PPP uses LCPs to establish, config ure, and test the data link connection.• PPP uses LCPs to agree on format options such as authentication, compression, and error detection28. A network administrator is evaluating authentication protocols for a PPP link. Which of the following reasons might lead to the selection of CHAP over PAP as the authentication protocol? (Choose three.) • establishes identities with a two-way handshake• uses a three-way authentication periodically during the session to reconfirm identities• control by the remote h ost of the frequency and timing of login events• transmits login information in encrypted format• uses an unpredictable variable challenge value to prevent playback attacks• makes authorized network administrator intervention a requirement to establish each session29. Why are static routes often used with ISDN DDR?• They are more stable than dynamic routing protocols.• They are more accurate than dynamic routing protocols because they are put in by a network administrator.• They are easier to modify when a faster technology is installed.• They prevent the unnecessary activation of the link30. Assuming that four bits have been borrowed to make subnets, identify the subnet network addresses. (Choose three.)• 192.168.14.8• 192.168.14.16• 192.168.14.24• 192.168.14.32• 192.168.14.148• 192.168.14.20831. A switch can be configured for three different forwarding modes based on how much of a frame is received before the forwarding process begins. Each of the numbered arrows in the accompanying graphic signifies the point in a frame where a particular forwarding mode will begin. Which one of the following groups reflects the sequence of forwarding modes signified by the numbered arrows?• 1) fast forward• 2) fragment free• 3) store-and-forward• 1) sto re-and-forward2) fragment free3) fast forward• 1) fragment free2) fast forward3) store-and-forward• 1) fast forward2) store-and-forward3) fragment free32. Which of the following commands will display a communication message on a router before the router prompt is shown?• banner motd * Property of TLC. UNAUTHORIZED USERS WILL BE PROSECUTED TO THE FULL EXTENT OF THE LAW. *• message Property of TLC. UNAUTHORIZED USERS WILL BE PROSECUTED TO THE FULL EXTENT OF THE LAW.• banner * Property of TLC. UNAU THORIZED USERS WILL BE PROSECUTED TO THE FULL EXTENT OF THE LAW. *• hostname (Property of TLC. UNAUTHORIZED USERS WILL BE PROSECUTED TO THE FULL EXTENT OF THE LAW.)• Øverst på formularen33. A router needs to be added to OSPF area 0. Which commands should be used to enable OSPF on the router? (Choose two.)• RouterA(config)# router ospf• RouterA(config)# router ospf 1• RouterA(config-router)# network 192.168.2.0 0.0.0.255 0• RouterA(config-router)# network 192.168.2.0 0.0.0.255 area 0• RouterA(config-router)# network 192.168.2.0 255.255.255.0 034. Refer to the graphic. Which of the following commands will configure router A for OSPF?• router ospf 1network 192.168.10.0• router ospf 1network 192.168.10.64 0.0.0.63 area 0network 192.168.10.192 0.0.0.3 area 0• router ospf 1network 192.168.10.64 255.255.255.192network 192.168.10.192 255.255.255.252• router ospf 1network 192.168.10.0 area 035. Which of the following protocols would exchange information between routers to share network addresses and their metrics?• TCP• RIP• CSMA/CD• Ethernet36. Which ISDN device can be directly connected to a two-wire local loop in a North American city?• a router with a serial interface• a router with an S/T interface• a router with a U interface• an ISDN terminal adapter37. The output of the show ip interfaces brief command indicates that Serial0 is up but the line protocol is down. Which of the following are possible causes for the line protocol being in the down state? (Choose two.)• The clock rate is not set on the DTE.• An incorrect default gateway is set on the router.• A network is missing from the routing protocol configuration.• The encapsulation on the Serial0 interface is incorrect.• Keepalives are not being sent by the remote device38. Which of the following is a characteristics of TCP? (Choose two.)• data transport reliability• best path determination• establishing, maintaining, and terminating virtual circuits• encapsulation of packets in a data frame with source and destination MAC addresses• best-effort datagram delivery39. Which statement is true regarding the command ip route 192.168.7.24 255.255.255.248 192.168.7.9? (Choose two.)• A packet destined for host 192.168.7.30 will be forwarded to address 192.168.7.9.• 192.168.7.9 i s the destination network for this route.• 192.168.7.24 is the next-hop router in this command.• This command is issued from the interface configuration mode.• This command is used to define a static route40. Which of the following application layer protocols use TCP? (Choose three.)• SMTP• FTP• SNMP• HTTP• TFTP• DHCP41. Which terms refer to Frame Relay congestion management mechanisms? (Choose three.)• BECN• DLCI• DE• FECN• LMI• Inverse ARP42. Which of the following router commands will verify that a path exists to a destination network?• Router# show ip interfaces brief• Router# show ip route• Router# show cdp neighbors• Router# show running-config• Router# show protocols43. When EIGRP is configured on a router, which table of DUAL information is used to calculate the best route to each destination router?• router table• topology table• DUAL table• CAM table• ARP table44. Refer to the graphic. Routers A and B have EIGRP configured and automatic summarization has been disabled on both routers. Which of the following commands is used on router A to summarize the attached routes, and to which interface is this command applied? (Choose two)• ip summary-address eigrp 1 192.168.10.64 255.255.255.192• ip area-range eigrp 1 192.168.10.80 255.255.255.224• summary-address 192.168.10.80 0.0.0.31• ip summary-address eigrp 1 192.168.10.64 0.0.0.63• serial interface on router A• serial interface on router B45. A router with two LAN interfaces, two WAN interfaces, and two loopback interfaces configured is operating with OSPF as its routing protocol. What is used by the OSPF process to assign the router ID? • the IP address of the interface configured with priority 0• the OSPF area ID configured on the interface with the highest IP addres s• the loopback with the highest IP address configured• the highest IP address on the LAN interfaces• the highest IP address configured on the WAN interfaces46. Given the IP address and subnet mask of 172.16.134.56 255.255.255.224, on which subnetwork does this address reside?• 172.0.0.0• 172.16.134.0• 172.16.134.32• 172.16.134.48• 172.16.134.47• 172.16.134.6347. Which commands show when the last IGRP routing update was received? (Choose two.)• Router# show ip protocols• Router# show version• Router# show interfaces• Router# show ip updates• Router# show ip route48. When using access control lists to filter traffic, which of the following is used to track multiple sessions occurring between hosts?• IP addresses• subnet masks• port numbers• routed protocols• routing protocols• interfaces49. Given the IP address and subnet mask of 172.16.134.64 255.255.255.224, which of the following would describe this address?• This is a useable host address.• This is a broadcast address.• This is a network address.• This is not a valid address50. The company network shown in the drawing has to be subnetted. The company has leased the ClassC IP address of 200.1.2.0. Which of the following network addresses and masks would be appropriate for one of the subnetworks?• 200.1.2.96 255.255.255.192• 200.1.2.160 255.255.255.224• 200.1.2.80 255.255.255.224• 200.1.2.32 255.255.255.240。

思科练习第四学期窗体底端1窗体顶端使用 Cisco AutoSecure 有哪两个好处？（选择两项。

）管理员可通过它来精确控制各种服务的启用和禁用情况。

它可提供立即禁用非关键系统进程和服务的功能。

它可自动将路由器配置为与 SDM 协同工作。

它可确保与您网络中的其它设备充分兼容。

它使管理员无需了解 Ci sco I OS 软件的所有功能即可配置安全策略。

窗体底端2窗体顶端用户无法访问公司服务器。

系统日志显示服务器运行缓慢，因为它正在收到具有高优先级的虚假服务请求。

这是什么类型的攻击？侦测访问DoS蠕虫病毒特洛伊木马窗体底端3窗体顶端下列哪两种说法定义了在网络中启用 DNS 服务所带来的安全风险？（选择两项。

）默认情况下，域名查询被发送到广播地址 255.255.255.255。

DNS 域名查询需要在所有路由器的以太网接口上启用ip directed-broadcast命令。

在一台路由器上使用全局配置命令ip nam e-server会在网络中的所有路由器上启用 DNS 服务。

基本 DNS 协议不提供身份验证或完整性保证。

路由器配置不提供用于设置主 DNS 服务器和备份 DNS 服务器的选项。

窗体底端4窗体顶端网络管理员在试图通过 TFTP 服务器升级 Ci sco I OS 映像前，必须检验哪两项？（选择两项。

）使用show h osts命令检验 TFTP 服务器的名称。

使用tftpdnld命令检验 TFTP 服务器是否正在运行。

使用show version命令检验映像的校验和是否有效。

使用ping命令检验路由器与 TFTP 服务器之间的连通性。

使用show fl ash命令检验闪存是否具有足够空间容纳新的 Cisco IOS 映像。

窗体底端5窗体顶端下列关于网络安全的说法中哪两项正确？（选择两项。

）保护网络免受内部威胁侵害具有较低的优先级，因为由公司员工带来的安全风险较低。

无论是能自己编写攻击代码的资深黑客，还是从 Internet 下载攻击程序的入门攻击者都可能对网络安全造成严重威胁。

1、如果将命令ip dhcp excluded-address 10.10.4.1 10.10.4.5添加到配置为DHCP 服务器的本地路由器配置中，结果是什么？该路由器将丢弃发往10.10.4.1 和10.10.4.5 的流量。

不会路由地址处于10.10.4.1 到10.10.4.5 之间的客户端所发出的流量。

DHCP 服务器不会分配10.10.4.1 到10.10.4.5 之间的地址。

该路由器将忽略来自地址处于10.10.4.1 到10.10.4.5 之间的DHCP 服务器的流量。

2、请参见图示。

连接到Fa0/0 的主机无法从此DHCP 服务器获取IP 地址。

debug ip dhcp server命令"DHCPD: there is no address pool for 192.168.1.1"。

问题出在哪里？DHCP 地址池中排除了地址192.168.1.1。

192Network 的地址池不正确。

网络地址池的默认路由器不正确。

地址192.168.1.1 已经用在接口Fa0/0 上。

3、请参见图示。

R1 针对内部网络10.1.1.0/24 执行NAT 过载。

主机A 向web 服务器发送了一个数据包。

务器返回的数据包的目的IP 地址是什么？10.1.1.2:1234172.30.20.1:1234172.30.20.1:3333192.168.1.2:804、请参见图示。

网络管理员对Router1 和Router2 上发出图示中的命令。

但其后在检查路由表时发现，两个路由器均不能获知相邻路由器的LAN 网络。

RIPng 配置最可能发生什么问题？串行接口处于不同的子网上。

接口上未启用RIPng 进程。

未配置RIPng 网络命令。

Router1 和Router2 的RIPng 进程不匹配。

5、请参见图示。

使用default-router和dns-server命令指定的TCP/IP 配置信息是如何获得的？TCP/IP 信息先转发至10.0.1.3，再提供给DHCP 客户端。

. 请参见图示。

当创建扩展ACL 以拒绝从网络192.168.30.0 发往Web 服务器209.165.201.30 的流量时，应用ACL 的最佳位置是哪里？ISP Fa0/0 出站R2 S0/0/1 入站R3 Fa0/0 入站R3 S0/0/1 出站2下列关于ACL 处理数据包的说法中哪三项正确？（选择三项。

）隐含的deny any会拒绝不符合任何ACL 语句的所有数据包。

数据包可能被拒绝，也可能被转发，这取决于与该数据包相匹配的语句。

被一条语句拒绝的数据包可能被后续的语句允许。

默认情况下会转发不符合任何ACL 语句的数据包。

会检查每条语句，直到检测到匹配的语句或到达ACL 语句列表末尾为止。

会将每个数据包与ACL 中每条语句的条件相比较，然后才决定是否转发。

3请参见图示。

按图中所示的配置，会产生怎样的效果？用户尝试访问网络192.168.30.0/24 的主机时会被要求telnet 至R3。

与网络191.68.30.0/24 上的资源连接的主机空闲超时为15 分钟。

任何人尝试telnet 至R3 时，绝对超时设置均为5 分钟。

仅在Serial 0/0/1 上允许Telnet 访问R3。

4请参见图示。

如果ACL 110 应用于R1 S0/0/0 入站方向，下列有关ACL 110 的说法哪一项正确？如果TCP 流量来自网络172.22.10.0/24，它会拒绝流量进入Internet。

它不会允许来自Internet 的TCP 流量进入172.22.10.0/24 网络。

它会允许任何来自Internet 的TCP 流量进入172.22.10.0/24 网络。

它将允许任何自172.22.10.0/24 网络发起的TCP 流量从S0/0/0 接口入站。

5接口s0/0/0 的入站方向上已经应用了一个IP ACL。

当管理员尝试再应用一个入站IP ACL 时会发生什么情况？第二个ACL 会取代第一个应用到该接口上。

计算机四级网络工程师考试题+参考答案一、单选题（共82题，每题1分，共82分）1.关于传统Ethernet帧的数据字段的描述中，正确的是( )。

A、为高层的待发送数据B、不在帧校验的范围内C、最小长度为64字节D、最大长度为512字节正确答案：A2.假设磁头当前位于第 155 道，正在向磁道序号减少的方向移动。

现有一个磁道访问请求序列为 35，45，12，68，110，180，170，195，采用SCAN 调度（电梯调度）算法得到的磁道访问序列是（）。

A、110，170，180，195，68，45，35，12B、110，68，45，35，12，170，180，195C、110，170，180，195，12，35，45，68D、12，35，45，68，110，170，180，195正确答案：B3.关于ElGamal算法的描述中，正确的是( )。

A、生成密文的长度与明文相同B、基于椭圆曲线机制C、由IETF设计D、属于对称加密正确答案：B4.关于HTTP协议的描述中，正确的是( )。

A、定义了FTP客户机与服务器之间的传输协议B、建立在传输层UDP协议的基础上C、定义了请求报文和响应报文的格式D、要求客户机和服务器使用相同的操作系统正确答案：C5.下列哪一种文件的物理结构检索速度慢，且不适于随机存取文件( )。

A、索引结构B、链接结构C、顺序结构D、I 节点结构正确答案：B6.系统调用扩充了机器指令，增强了系统功能，方便了用户使用。

下列哪一项不属于系统调用( )。

A、用户程序需要获得当前进程的属性B、将成绩填入学生成绩数据库C、读写硬盘上一个打开的文件D、请求使用光盘驱动器正确答案：B7.一个进程的内存分配页表如下，页的大小为 500B，其中，有效位为 1 表示已装入内存，W 表示可写，R 表示可读。

指令 WRITE[3,100]，R1 在执行时会产生什么结果（）。

页号有效位页框号存取控制0 0 5 W11 10 R2 1 30 W3 1 80 R4 0 50 RA、越界中断B、缺页中断C、写保护中断D、正常运行正确答案：C8.在一个采用三级索引结构的 UNIX 文件系统中，假设物理块大小为1KB，用 64 位表示一个物理块号。

1Refer to the exhibit. The ACL statement is the only one explicitly configured on the router. Based on this information, which twcan be drawn regarding remote access network connections? (Choose two.)SSH connections from the 192.168.1.0/24 network to the 192.168.2.0/24 network are allowed.Telnet connections from the 192.168.1.0/24 network to the 192.168.2.0/24 network are allowed.SSH connections from the 192.168.2.0/24 network to the 192.168.1.0/24 network are allowed.Telnet connections from the 192.168.1.0/24 network to the 192.168.2.0/24 network are blocked.SSH connections from the 192.168.1.0/24 network to the 192.168.2.0/24 network are blocked.Telnet connections from the 192.168.2.0/24 network to the 192.168.1.0/24 network are allowed.ObservableDescriptionMaxValueEarnedValue1correctness of responseOption 1 and Option 4 are correct.1 point for each correct option. 0 points if more options are selected than required.2***The learner response cannot be shown, as there was no answer submitted.2Which two are characteristics of ACLs? (Choose two.)Extended ACLs can filter on destination TCP and UDP ports.Standard ACLs can filter on source TCP and UDP ports.Extended ACLs can filter on source and destination IP addresses.Standard ACLs can filter on source and destination IP addresses.Standard ACLs can filter on source and destination TCP and UDP ports.Observable Description MaxValue1correctness of responseOption 1 and Option 3 are correct.1 point for each correct option.0 points if more options are selected than required.23Which zone-based policy firewall zone is system-defined and applies to traffic destined for the router or originating from the roself zonesystem zonelocal zoneinside zoneoutside zoneObservable DescriptionMax Value1 correctness of response2 points for Option 1 0 points for any other option24Refer to the exhibit. If a hacker on the outside network sends an IP packet with source address 172.30.1.50, destination addrsource port 23, and destination port 2447, what does the Cisco IOS firewall do with the packet?The packet is forwarded, and an alert is generated.The packet is forwarded, and no alert is generated.The initial packet is dropped, but subsequent packets are forwarded. The packet is dropped.ObservableDescriptionMax Value1 correctness of response2 points for Option 40 points for any other option25Which two parameters are tracked by CBAC for TCP traffic but not for UDP traffic? (Choose two.) source portprotocol IDsequence numberdestination portSYN and ACK flagsObservableDescriptionMaxValue1correctness ofresponseOption 3 and Option 5 are correct.1 point for each correct option.0 points if more options are selected thanrequired.26What is the first step in configuring a Cisco IOS zone-based policy firewall using the CLI?Create zones.Define traffic classes.Define firewall policies.Assign policy maps to zone pairs.Assign router interfaces to zones.ObservableDescriptionMaxValue1correctnessof response2 points forOption 10 points forany otheroption27Class maps identify traffic and traffic parameters for policy application based on which three criteria? (Choose three.) access groupaccess classpolicy mapprotocolinterface pairssubordinate class mapObservable DescriptionMaxValue1correctness ofresponseOption 1, Option 4, and Option 6 are correct.1 point for each correct option.0 points if more options are selected thanrequired.38Which statement describes the characteristics of packet-filtering and stateful firewalls as they relate to the OSI model?Both stateful and packet-filtering firewalls can filter at the application layer.A stateful firewall can filter application layer information, while a packet-filtering firewall cannot filter beyond the networkA packet-filtering firewall typically can filter up to the transport layer, while a stateful firewall can filter up to the session laA packet-filtering firewall uses session layer information to track the state of a connection, while a stateful firewall uses apinformation to track the state of a connection.Observable Description Max Value1 correctness of response2 points for Option 30 points for any other option29For a stateful firewall, which information is stored in the stateful session flow table?TCP control header and trailer information associated with a particular sessionTCP SYN packets and the associated return ACK packetsinside private IP address and the translated inside global IP addressoutbound and inbound access rules (ACL entries)source and destination IP addresses, and port numbers and sequencing information associated with a particular session Observable Description Max Value1 correctness of response2 points for Option 50 points for any other option210What is a limitation of using object groups within an access control entry?It is not possible to append additional objects to a preexisting object group.It is not possible to delete an object group or make an object group empty if the object group is already applied to an ACTo append additional objects to a preexisting object group that is applied to an ACE, the original object group must be re the no object group command, and then recreated and reapplied to the ACE.To append additional objects to a preexisting object group that is applied to an ACE, the access control list must be rem the no access-list command, and then reapplied.Observable Description Max Value1 correctness of response2 points for Option 20 points for any other option211When using CCP to apply an ACL, the administrator received an informational message indicating that a rule was already ass the designated interface in the designated direction. The administrator continued with the association by selecting the merge statement describes the effect of the option that was selected?Two separate access rules were applied to the interface.A new combined access rule was created using the new access rule number. Duplicate ACEs were removed.A new combined access rule was created using the new access rule number. Duplicate ACEs and overriding ACEs were allow the administrator to make adjustmentsThe existing rule was placed in a preview pane to allow the administrator to select specific ACEs to move to the new acc Observable Description Max Value1 correctness of response2 points for Option 20 points for any other option212Which statement correctly describes how an ACL can be used with the access-class command to filter vty access to a routeIt is only possible to apply a standard ACL to the vty lines.An extended ACL can be used to restrict vty access based on specific source addresses, destination addresses, and pro An extended ACL can be used to restrict vty access based on specific source and destination addresses but not on protAn extended ACL can be used to restrict vty access based on specific source addresses and protocol but the destination specify the keyword any.Observable Description Max Value1 correctness of response2 points for Option 40 points for any other option213To facilitate the troubleshooting process, which inbound ICMP message should be permitted on an outside interface?echo requestecho replytime-stamp requesttime-stamp replyrouter advertisementObservable Description Max Value1 correctness of response2 points for Option 20 points for any other option214Which command is used to activate an IPv6 ACL named ENG_ACL on an interface so that the router filters traffic prior to acc routing table?access-group ipv6_ENG_ACL inaccess-group ipv6_ENG_ACL outipv6 access-class ENG_ACL inipv6 access-class ENG_ACL outipv6 traffic-filter ENG_ACL inipv6 traffic-filter ENG_ACL outObservable Description Max Value1 correctness of response2 points for Option 50 points for any other option215Which statement describes a typical security policy for a DMZ firewall configuration?Traffic that originates from the outside interface is permitted to traverse the firewall to the inside interface with little or no Traffic that originates from the DMZ interface is permitted to traverse the firewall to the outside interface with little or no r Traffic that originates from the inside interface is generally blocked entirely or very selectively permitted to the outside inReturn traffic from the outside that is associated with traffic originating from the inside is permitted to traverse from the ou to the DMZ interface.Return traffic from the inside that is associated with traffic originating from the outside is permitted to traverse from the in to the outside interface.Observable Description Max Value1 correctness of response2 points for Option 2 20 points for any other option16When configuring a Cisco IOS zone-based policy firewall, which two actions can be applied to a traffic class? (Choose two.)logholddropinspect copyforwardObservableDescriptionMax Value1correctness of responseOption 3 and Option 4 are correct.1 point for each correct option.0 points if more options are selected than required.217Refer to the exhibit. Which statement describes the function of the ACEs?These ACEs allow for IPv6 neighbor discovery traffic.These ACEs must be manually added to the end of every IPv6 ACL to allow IPv6 routing to occur.These ACEs automatically appear at the end of every IPv6 ACL to allow IPv6 routing to occur. These are optional ACEs that can be added to the end of an IPv6 ACL to allow ICMP messages that are defined in obje named nd-na and nd-ns .Observable Description Max Value1 correctness of response2 points for Option 10 points for any other option218When implementing an inbound Internet traffic ACL, what should be included to prevent the spoofing of internal networks?ACEs to prevent HTTP trafficACEs to prevent ICMP trafficACEs to prevent SNMP trafficACEs to prevent broadcast address trafficACEs to prevent traffic from private address spacesObservable Description Max Value1 correctness of response2 points for Option 50 points for any other option219Which statement describes one of the rules governing interface behavior in the context of implementing a zone-based policy configuration?An administrator can assign an interface to multiple security zones.An administrator can assign interfaces to zones, regardless of whether the zone has been configured.By default, traffic is allowed to flow among interfaces that are members of the same zone.By default, traffic is allowed to flow between a zone member interface and any interface that is not a zone member.Observable Description Max Value1 correctness of response2 points for Option 30 points for any other option220Refer to the exhibit. Which statement is true about the effect of this Cisco IOS zone-based policy firewall configuration?The firewall will automatically drop all HTTP, HTTPS, and FTP traffic.The firewall will automatically allow HTTP, HTTPS, and FTP traffic from s0/0 to fa0/0 and will track the connections. Trac connection allows only return traffic to be permitted through the firewall in the opposite direction.The firewall will automatically allow HTTP, HTTPS, and FTP traffic from fa0/0 to s0/0 and will track the connections. Trac connection allows only return traffic to be permitted through the firewall in the opposite direction.The firewall will automatically allow HTTP, HTTPS, and FTP traffic from fa0/0 to s0/0, but will not track the state of conne corresponding policy must be applied to allow return traffic to be permitted through the firewall in the opposite direction.The firewall will automatically allow HTTP, HTTPS, and FTP traffic from s0/0 to fa0/0, but will not track the state of conne corresponding policy must be applied to allow return traffic to be permitted through the firewall in the opposite direction.Observable Description Max Value1 correctness of response2 points for Option 30 points for any other option2。

1. What functionality do access control lists provide in the implementation of dynamic NAT on a Cisco router?define which addresses can be translateddefine which addresses are assigned to a NAT pooldefine which addresses are allowed out the routerdefine which addresses can be accessed from the inside network2. Which three guidelines would help contribute to creating a strong password policy? (Choose three.)Once a good password is created, do not change it.Deliberately misspell words when creating passwords.Create passwords that are at least 8 characters in length.Use combinations of upper case, lower case, and special characters.3.Refer to the exhibit. Every time the administrator reboots this router, the boot process ends in setup mode. What is a possible problem?There is insufficient RAM for the IOS to load on this router.A password recovery process should be done on this router.The bootstrap version and the version of the IOS are different.The IOS image is damaged and must be reloaded using tftpdnld.The configuration register is set to ignore the startup configuration.4. Which option correctly defines the capacity through the local loop guaranteed to a customer by the service provider?BEDECIRCBIR5.Refer to the exhibit. A host connected to Fa0/0 is unable to acquire an IP address from the DHCP server. The output of the debug ip dhcp server command shows "DHCPD: there is no address pool for 10.1.1.1". What is the problem?The 10.1.1.1 address is already configured on Fa0/0.The default router for the 10Network pool is incorrect.The ip helper-address must be added to Fa0/0 interface.The pool of addresses for the 10Network pool is incorrect.6. Which data link layer encapsulation protocol is used by default for serial connections between two Cisco routers?ATMFrame RelayHDLCPPPSDLCRefer to the exhibit. Which statement correctly describes how Router1 processes an FTP request that enters interface s0/0/0 and is destined for an FTP server at IP address 192.168.1.5?The router matches the incoming packet to the statement that was created by the access-list 201 deny icmp 192.168.1.0 0.0.0.255 any command, continues comparing the packet to the remaining statements in ACL 201 to ensure that no subsequent statements allow FTP, and then the router drops the packet.The router reaches the end of ACL 101 without matching a condition and drops the packet because there is no statement that was created by the access-list 101 permit ip any any command.The router matches the incoming packet to the statement that was created by the access-list 101 permit ip any 192.168.1.0 0.0.0.255 command and allows the packet into the router.It matches the incoming packet to the statement that was created by the access-list 201 permit ip any any command and allows the packet into the router.8. Compared with IDS systems, what can IPS systems do to provide further protection of computer systems?detect potential attacksstop the detected attack from executingupdate OS patches for computer systemsscan computer systems for viruses and spyware9. Which IEEE 802.16 broadband wireless technology allows users to connect to the ISP at speeds comparable to DSL and cable?Wi-FisatelliteWiMAXMetro Ethernet10. A network administrator has changed the VLAN configurations on his network switches over the past weekend. How can the administrator determine if the additions and changes improved performance and availability on the company intranet?Conduct a performance test and compare with the baseline that was established previously.Interview departmental secretaries and determine if they think load time for web pages has improved.Determine performance on the intranet by monitoring load times of company web pages from remote sites.Compare the hit counts on the company web server for the current week to the values that were recorded in previous weeks.11.Refer to the exhibit. What is the meaning of the term dynamic in the output of the command?The bandwidth capability of the interface increases and decreases automatically based on BECNs.The Serial0/0/1 interface acquired 172.16.3.1 from a DHCP server.The mapping between DLCI 100 and 172.16.3.1 was learned through Inverse ARP.DLCI 100 will automatically adapt to changes in the Frame Relay cloud.12. Which type of ACL will permit traffic inbound into a private network only if an outbound session has already been established between the source and destination?extendedreflexivestandardtime-based13. Which two statements are true about IPv6 link local addresses? (Choose two.)They begin with the 2000::/3 prefix.They begin with the FE80::/10 prefix.They are assigned by IANA to an organization.They must be manually configured by the administrator.They are assigned to a host by a stateless autoconfiguration process.14. A company is looking for a WAN solution to connect its headquarters site to four remote sites. What are two advantages that dedicated leased lines provide compared to a shared Frame Relay solution? (Choose two.)reduced jitterreduced costsreduced latencythe ability to burst above guaranteed bandwidththe ability to borrow unused bandwidth from the leased lines of other customers15.Refer to the exhibit. A network administrator is trying to connect R1 remotely to make configuration changes. Based on the exhibited command output, what will be the result when attempting to connect to R1?failure to connect due to Telnet not being enabledfailure to connect due to incomplete configuration for Telneta successful connection and ability to make configuration changesa successful connection but inability to make configuration changes because of the absence of an enable secret password16. What are two effective measures for securing routers? (Choose two.)Protect all active router interfaces by configuring them as passive interfaces.Configure remote administration through VTY lines for Telnet access. Use quotes or phrases to create pass phrases.Disable the HTTP server service.Enable SNMP traps.17. An issue of response time has recently arisen on an application server. The new release of a software package has also been installed on the server. The configuration of the network has changed recently. To identify the problem, individuals from both teams responsible for the recent changes begin to investigate the source of the problem. Which statement applies to this situation?Scheduling will be easy if the network and software teams work independently.It will be difficult to isolate the problem if two teams are implementing changes independently.Results from changes will be easier to reconcile and document if each team works in isolation.Only results from the software package should be tested as the network is designed to accommodate the proposed software platform.Refer to the exhibit. From the output of the show interfaces and ping commands, at which layer of the OSI model is a fault indicated?applicationtransportnetworkdata linkphysical19. Which technology is used to dynamically map next hop, network layer addresses to virtual circuits in a Frame Relay network?Inverse ARPLMIDLCI20. An administrator learns of an e-mail that has been received by a number of users in the company. This e-mail appears to come from the office of the administrator. The e-mail asks the users to confirm their account and password information. Which type of security threat does this e-mail represent?crackingphishingphreakingspamming21.Refer to the exhibit. Which data transmission technology is being represented?TDMPPPHDLCSLIP22.Refer to the exhibit. Results of the show vlan and show vtp status commands for switches S1 and S2 are displayed in the exhibit. VLAN 11 was created on S1. Why is VLAN 11 missing from S2?There is a Layer 2 loop.The VTP domain names do not match.Only one switch can be in server mode.S2 has a higher spanning-tree priority for VLAN 11 than S1 does.23. What is the result of adding the global command servicepassword-encryption to the configuration of a router?Line passwords are encrypted with type 7 encryption.Enable passwords are encrypted with type 5 encryption.All services must provide an encrypted password to function.Only encrypted messages are allowed for router communication.24. While troubleshooting a problem with an e-mail server, an administrator observes that the switch port used by the server shows "up, line protocol up". The administrator cannot ping the server. At which layer of the OSI model is the problem most likely to be found?application layernetwork layerdata link layerphysical layer25. Where does a service provider assume responsibility from a customer for a WAN connection?local loopDTE cable on routerdemarcation pointdemilitarized zone26. What will be the result of adding the command ip dhcp excluded-address 192.168.24.1 192.168.24.5to the configuration of a local router that has been configured as a DHCP server?Traffic that is destined for 192.168.24.1 and 192.168.24.5 will be dropped by the router.Traffic will not be routed from clients with addresses between192.168.24.1 and 192.168.24.5.The DHCP server will not issue the addresses ranging from 192.168.24.1 to 192.168.24.5.The router will ignore all traffic that comes from the DHCP servers with addresses 192.168.24.1 and 192.168.24.5.27.Refer to the exhibit. Partial results of the show access-lists and show ip interface FastEthernet 0/1 commands for router Router1 are shown. There are no other ACLs in effect. Host A is unable to telnet to host B. Which action will correct the problem but still restrict other traffic between the two networks?Apply the ACL in the inbound direction.Apply the ACL on the FastEthernet 0/0 interface.Reverse the order of the TCP protocol statements in the ACL.Modify the second entry in the list to permit tcp host 172.16.10.10 any eq telnet .28.Refer to the exhibit. The corporate network that is shown has been assigned network 172.16.128.0/19 for use at branch office LANs. If VLSM is used, what mask should be used for addressing hosts at Branch4 with minimal waste from unused addresses?/19/20/21/22/23/2429.Refer to the exhibit. RIPv2 has been configured on all routers in the network. Routers R1 and R3 have not received any RIP routing updates. What will fix the issue?Enable RIP authentication on R2.Issue the ip directed-broadcast command on R2.Change the subnet masks to 10.11.12.0/8 and 172.16.40.0/16 on R2.Enable CDP on R2 so that the other routers will receive routing updates.30.Refer to the exhibit. This serial interface is not functioning correctly. Based on the output shown, what is the most likely cause?improper LMI typeinterface resetPPP negotiation failureunplugged cable31. Which statement is true about PAP in the authentication of a PPP session?PAP uses a two-way handshake.The password is unique and random.PAP conducts periodic password challenges.PAP uses MD5 hashing to keep the password secure.32. An administrator is configuring a dual stack router with IPv6 and IPv4 using RIPng. The administrator receives an error message when trying to enter the IPv4 routes into RIPng. What is the cause of the problem?When IPv4 and IPv6 are configured on the same interface, all IPv4 addresses are over-written in favor of the newer technology.Incorrect IPv4 addresses are entered on the router interfaces.RIPng is incompatible with dual-stack technology.IPv4 is incompatible with RIPng.33. What is tunneling?using digital certificates to ensure that data endpoints are authentic creating a hash to ensure the integrity of data as it traverses a networkusing alternate paths to avoid access control lists and bypass security measuresencapsulating an entire packet within another packet for transmission over a network34. Which statement is true about NCP?Link termination is the responsibility of NCP.Each network protocol has a corresponding NCP.NCP establishes the initial link between PPP devices.NCP tests the link to ensure that the link quality is sufficient. 35.Refer to the exhibit. A network administrator is creating a prototype to verify the new WAN design. However, the communication between the two routers cannot be established. Based on the output of the commands, what can be done to solve the problem?Replace the serial cable .Replace the WIC on RA.Configure RA with a clock rate command.Issue a no shutdown interface command on RB.36.Refer to the exhibit. Based on the output as shown, which two statements correctly define how the router will treat Telnet traffic that comes into interface FastEthernet 0/1? (Choose two).Telnet to 172.16.10.0/24 is denied.Telnet to 172.16.20.0/24 is denied.Telnet to 172.16.0.0/24 is permitted.Telnet to 172.16.10.0/24 is permitted.Telnet to 172.16.20.0/24 is permitted.37. Which Frame Relay flow control mechanism is used to signal routers that they should reduce the flow rate of frames?DEBECIRFECNCBIR38.Refer to the exhibit. A network administrator configures a standard access control list on Router1 to prohibit traffic from the 192.168.0.0/24 network from reaching the Internet. The access control list also permits traffic from the 192.168.0.0/24 network to reach the 192.168.1.0/24 network. On which interface and in which direction should the access control list be applied?interface Fa0/0, inboundinterface Fa0/0, outboundinterface S0/0/0, inboundinterface S0/0/0, outbound39. Which configuration on the vty lines provides the best security measure for network administrators to remotely access the core routers at headquarters?Answer: 3nd option 40.Refer to the exhibit. What can be concluded from the exhibited output of the debug ip nat command?The 10.1.1.225 host is exchanging packets with the 192.168.0.10 host.The native 10.1.200.254 address is being translated to 192.168.0.10.The 192.168.0.0/24 network is the inside network.Port address translation is in effect.41. A network administrator is instructing a technician on best practices for applying ACLs. Which suggestion should the administrator provide?Named ACLs are less efficient than numbered ACLs.Standard ACLs should be applied closest to the core layer.ACLs applied to outbound interfaces are the most efficient.Extended ACLs should be applied closest to the source that is specified by the ACL.42.Refer to the exhibit. Headquarters is connected through the Internet to branch office A and branch office B. Which WAN technology would be best suited to provide secure connectivity between headquarters and both branch offices?ATMVPNISDNFrame Relaybroadband DSL43. Which three physical network problems should be checked when a bottom-up troubleshooting approach has been chosen to troubleshoot network performance? (Choose three.)cable connectivityhigh collision countsSTP failures and loopsaddress mapping errorshigh CPU utilization ratesexcess packets that are filtered by the firewall44.Refer to the exhibit. A network administrator is attempting to configure a Frame Relay network. The administrator enters the commands as shown in the exhibit on R2, but the Frame Relay PVCs are inactive. What is the problem?The incorrect DLCI numbers are being configured on R2.The S0/0/0 interface on R2 needs to be point-to-point.The frame-relay map commands are missing the cisco keyword at the end.A single router interface cannot connect to more than one Frame Relay peer at a time.45. Which IP address and wildcard mask would be used in an ACL to block traffic from all hosts on the same subnet as host 192.168.16.43/28?access-list 10 deny 192.168.16.0 0.0.0.31access-list 10 deny 192.168.16.16 0.0.0.31access-list 10 deny 192.168.16.32 0.0.0.16access-list 10 deny 192.168.16.32 0.0.0.15access-list 10 deny 192.168.16.43 0.0.0.1646. Which combination of Layer 2 protocol and authentication should be used to establish a link without sending authentication information in plain text between a Cisco and a non-Cisco router?PPP with PAPPPP with CHAPHDLC with PAPHDLC with CHAP47. When would the multipoint keyword be used in Frame Relay PVCs configuration?when global DLCIs are in usewhen using physical interfaceswhen multicasts must be supportedwhen participating routers are in the same subnet48. A network technician analyzes the network and notices late collisions. The collisions occur accompanied by jabber that originates from the server. What is the likely cause of the problem?faulty switch portweb server CPU overloadfaulty NIC in the web servermisconfiguration of web server services49.Refer to the exhibit. R1 is performing NAT overload for the 10.1.1.0/24 inside network. Host A has sent a packet to the web server. What is the destination IP address of the return packet from the web server?10.1.1.2:1234172.30.20.1:1234172.30.20.1:3333192.168.1.2:8050.Refer to the exhibit. All devices are configured as shown in the exhibit. PC1 is unable to ping the default gateway. What is the cause of the problem?The default gateway is in the wrong subnet.STP has blocked the port that PC1 is connected to.Port Fa0/2 on S2 is assigned to the wrong VLAN.S2 has the wrong IP address assigned to the VLAN30 interface.51. When Frame Relay encapsulation is used, what feature provides flow control and exchanges information about the status of virtual circuits?LCPLMIDLCIInverse ARP52. A network administrator is tasked with maintaining two remote locations in the same city. Both locations use the same service provider and have the same service plan for DSL service. When comparing download rates, it is noticed that the location on the East side of town has a faster download rate than the location on the West side of town. How can this be explained?The West side has a high volume of POTS traffic.The West side of town is downloading larger packets.The service provider is closer to the location on the East side.More clients share a connection to the DSLAM on the West side.。

F列关于时分复用(TDM)的说法中哪两项正确？(选择两项。

)TDM依靠第3层协议工作。

可多个信道可通过单个链接传输。

口I原始数据流必须在目的地重建。

TDM方法取决于所用的第2层协议。

它可为多个信道的信息分配多条线路上的带宽。

分界点在数据通信物理电路中体现为什么？连接到In ternet的设备上的DTE/DCE接口防火墙或路由器所在的位置公共网络和私有客户网络分界的物理位置分配给存在交叉连接的物理网段的标记哪种串行通信DTE/DCE接口标准用于在LAN之间提供高达52 Mbps的高速连接且常用于许多高端Cisco路由器上？EIA/TIA 232 (RS-232)EIA/TIA 422 (RS-422)EIA/TIA 423 (RS-423)+ EIA/TIA-612/613 (HSSI)ITU V.35为什么串行连接比并行连接更适用于长距离传输？并行连接不支持差错校验。

并行连接可能发生过度衰减。

* 并行连接可能发生电线之间的串扰以及时滞。

并行连接仅可通过两条电线传输，因此传输数据的速度要慢很多。

下列关于HDLC封装的说法中哪三项正确？(选择三项。

)HDLC不支持CDP。

HDLC 和PPP相互兼容。

HDLC 支持PAP和CHAP身份验证。

Cisco路由器上实现的HDLC 是Cisco的专有技术。

"HDLC是Cisco路由器上的默认串行接口封装方法。

‘ HDLC使用帧定界符来标记每个帧的开头和结尾下列关于LCP的说法，哪三项是正确的？（选择三项。

）“ 它负责协商建立链路。

-I它会协商在PPP上运行的第3层协议的选项。

它在协商链路建立参数时使用MD5加密。

丁I它会在用户要求时或闲置计时器到期时切断链路。

丁|它能测试链路，确定链路质量是否足以开启该链路。

它会监控链路拥塞情况，并动态调整可接受的窗口大小。

LCP可协商哪两个选项？（选择两项。

）‘链路质量“身份验证动态流量控制压缩以及IP的网络层地址使用面向连接的通信方法还是无连接通信方法下列哪个PPP配置选项可用于在路由器的接口上建立负载均衡?回叫"多链路压缩. 错误检测网络控制协议可为PPP连接提供什么功能？' 进行错误检测建立和终止数据链路为PPP提供身份验证功能管理网络拥塞以及测试链路质量+允许多种第 3 层协议在同一物理链路上工作Router^ shaw internee seiialfl/OSciialO^) is up, lute protocol is upHardware is HD64570Entemet adiress is 10.140.1^24MTU 1SOO bytes,BW 1544 Khit,DLY 20000 usee^rtly255/255, had i/255Encapsulation PPP, loopback not set, keepalive set (IQ sec)LCP OpenOpen： IPCP.CDPCP38097packjets o ulput,2135597 bytes, 0 underruns0 output errors T0 collisioiis, 6045 interact resets0 output builer failure齢0 4utpvt buf^s^vapped out482 canier truisitionsDCD=up DSR=np DTR^np RTS=itp CTAup请参见图示。

下列哪项最准确地描述了采用帧中继与采用租用线路或 ISDN 服务相比的优势？客户可以更精确地定义其虚电路需求，且带宽需求之间的差别可低至 64 kbps。

客户只需支付包含本地环路和网络链路的端对端连接的费用。

客户只需支付本地环路以及网络提供商所提供的带宽的费用。

连接新站点时，所需的新电路安装成本要低于 ISDN 拨号的成本或因租用服务而添加额外硬件的成本。

帧中继技术使用哪两种方法处理包含错误的帧？（选择两项。

）帧中继服务依靠上层协议来处理错误恢复工作。

它要求接收设备请求发送方重新传输错误帧。

设置帧中的 FECN、BECN 和 DE 位以尽量减少错误。

接收设备会丢弃所有包含错误的帧而不会通知发送方。

帧中继交换机会通知发送方检测到了错误。

哪种说法是对数据链路连接标识符 (DLCI) 的最佳描述？用于标识通过帧中继网络连接的目的路由器的本地地址用于标识虚电路的具有本地意义的地址用于标识路由器和帧中继交换机之间的接口的逻辑地址用于标识 DCE 的逻辑地址在帧中继网络两个 DTE 之间创建的是什么？ISDN 电路有限访问电路交换并行电路虚电路在帧中继网络中，下列哪两项使路由器可将数据链路层地址映射到网络层地址？（选择两项。

）ARP在线代理|网页代理|代理网页|RARP代理ARP逆向ARPLMI 状态消息ICMP请参见图示。

从路由器 Peanut 向地址 192.168.50.10 发出了一次 ping 命令。

发送该 ping 命令时将使用什么 DLCI？110115220225请参见图示。

子接口 S0/0.110 上的点对点配置对路由器的运作有什么影响？它有助于节约 IP 地址。

在线代理|网页代理|代理网页|它与多个物理接口建立多个 PVC 连接。

它既消除了水平分割问题，又不增大出现路由环路的可能性。

它需要在子接口上配置encapsulation命令。

当帧中继交换机检测到队列中含有过多待处理帧时，会进行哪三项操作？（选择三项。

CCNA 4 - Final Exam (C)Posted by beotron at 9:23 PM1. Which of the following describes the roles of devices in a WAN? (Choose three.)• A CSU/DSU terminates a digital local loop.• A modem terminates a digital local loop.• A CSU/DSU terminates an analog local loop.• A modem terminates an analog local loop.• A router is commonly considered a DTE device.• A router is commonly considered a DCE device.2. What value in the address field of a Frame Relay header identifies the destination of the frame? • CIR• DE• DLCI• ISDN• FRAD• PVC3. The serial PPP link between the Left and Right routers is configured as shown in the diagram. Which configuration issue explains why the link is unable to establish a PPP session?• The IP addresses must be on different subnets.• The usernames are misconfigured.• The passwords must be different for the CHAP authentication.• The clock rate must be 56000.• The clock rate is configured on the wrong end of the link.• Interface serial 0/0 on Left must connect to interface serial 0/1 on Right.4. The output of the show interfaces serial 0/0 command for a frame-relay connection indicates that the serial line is up but the line protocol is down. What are possible causes for this? (Choose two.)• There is an LMI-type mismatch between the Frame Relay switch and the router.• There is no clock present on the serial interface.• The interface is shut down.• RARP is not functioning on the router.• The cable is disconnected.5. Which statements are correct about the point in the network where the responsibility of the service provider ends? (Choose three.)• The International point is on the customer side of the network terminating unit(NTU).• The United States point is at the interface of the customer-provided equipment and the local loop.• The responsibility for this point is controlled by IANA.• The point is called the demarcation point.• The point is typically located at the service provider’s central office.• The point is located between the customer’s local area networks.6. While prototyping an internetwork in the corporate lab, a network administrator is testing a serial link between serial 0/0 interfaces on two routers. The labels on the serial cable ends have been damaged and are unreadable. What command can be issued to determine which router is connected to the DCE cable end?• show interfaces serial 0/0• show version• show controllers serial 0/0• show protocols serial 0/0• show status serial 0/07. A network technician determines DHCP clients are not working properly. The clients are receiving IP configuration information from a DHCP server configured on the router but cannot access the Internet. From the output in the graphic, what is the most likely problem?• The DHCP server service is not enabled.• The inside interface for DCHP is not defined.• The DHCP pool is not bound to the interface.• The pool does not have a default router defined for the clients.• All the host addresses have been excluded from the DHCP pool.8. A technician enters the interface serial 0/0.1 multipoint command when configuring a router. What effect will the multipoint keyword have in this configuration? (Choose two.)• Split-horizon issues will need to be resolved for this network if RIP is the routing protocol.• A subinterface will be defined for each PVC.• All the participating interfaces of remote routers will be configured in the same subnet.• A single DLCI will be used to define all the PVCs to the remote routers.• An IP address will need to be configured on the main interface.9. When configuring a Frame Relay connection, when should a static Frame Relay map be used? (Choose two.)• when the remote router is a non-Cisco router• whe n the remote router does not support Inverse ARP• when the local router is using IOS Release 11.1 or earlier• when broadcast traffic and multicast traffic over the PVC must be controlled• when globally significant rather than locally significant DLCIs a re being used10. Which router command would be used to associate a Layer 2 address with the corresponding Layer 3 address in the internetwork in the diagram?• RouterA(config-if)#frame-relay pvc 100 192.168.15.2• RouterA(config-if)#dialer-map ip 192.168.15.1 100 broadcast• RouterA(config-if)#frame-relay map ip 192.168.15.2 100 broadcast• RouterA (config-if)#dialer-map 192.168.15.1 101 serial 0 broadcast• RouterA (config-if)#frame-relay dlci 101 192.168.15.1 broadcast• RouterA (config-if)#dialer-map 192.168.15.1 inverse-arp broadcast11. Which of the following ISDN protocols is responsible for call setup and call teardown?• ITU-T Q.921• ITU-T Q.931• ITU-T I.430• ITU-T I.43112. What are two ways to resolve split-horizon issues in a Frame Relay network? (Choose two.)• create a full-mesh topology• disable Inverse ARP• use point-to-point subinterfaces• use multipoint subinterfaces• remove the broadcast keyword from the frame-relay map command13. What is the purpose of the command marked with an arrow shown in the partial configuration output of a Cisco 806 broadband router?• defines which addresses are allowed out of the router• defines which addresses are allowed into the router• defines which addresses can be translated• defines which address es are assigned to a NAT pool14. A system administrator is unable to ping the Serial0/0 interface of RouterB from RouterA. During the troubleshooting process, the following facts are established:- IP addressing and subnet masks are correct.- RouterA is a Cisco router and RouterB is a router from another vendor.- RouterA is configured with the default encapsulation.- The serial interfaces on both routers are up.- The protocol is down on the serial interfaces of both routers.What should the administrator do to solve the problem?• Add a clock rate on RouterA.• Enable the serial interface on RouterB.• Change the encapsulation on both routers to PPP.• Connect the serial cable to the correct interface on RouterB.• Use the correct serial cable to attach the CSU/DSU to RouterB.15. An ISDN circuit from a branch office is remaining connected to the regional office. A network administrator determines a user has initiated a continuous ping from a desktop computer to the regional office. Which configuration change would allow the ISDN circuit to disconnect during any attempts to ping, while otherwise functioning properly?• change DDR from legacy to dialer profiles• remove the dialer list statement from the configuration• change the dialer list to exclude IC MP as interesting• disable inverse ARP16. Below is a list of DDR steps. Which of the following identifies the proper order of DDR?1 - dial number is looked up2 - interesting traffic triggers DDR3 - route to destination is determined4 - call is made• 1,2,3,4• 1,3,2,4• 2,3,1,4• 2,1,3,4• 3,2,1,4• 3,1,2,417. Which protocol should be chosen to support WAN connectivity in a multi-vendor system and provide strong security through authentication?• NAT with DHCP• Frame Relay• HDLC with encryption• H DLC with CHAP• PPP with PAP• PPP with CHAP18. Which of the following are valid steps for a basic ISDN BRI configuration? (Choose two.)• create subinterfaces• define the LMI type• set the SPIDs if required by the ISDN switch• set the interface DLCI• set the switch type• specify the encapsulation as either Cisco or IETF19. A branch office reports excessive connect time charges for an ISDN circuit used to connect to the regional office. Upon investigation of this issue, it is discovered that when an ISDN connection is initiated to the regional office it remains connected for an excessive amount of time. Which of the following configuration changes could be made to DDR on the router to reduce these connect time charges?• use PPP multilink• lower idle timer setting• use CHAP authentication• change DDR from legacy to dialer profiles20. A network administrator is having difficulty in establishing a serial link between a Cisco router and a router from another vendor. Both routers are configured for HDLC encapsulation. Which statements are true regarding this configuration? (Choose two.)• The Cisco HDLC frame uses a proprietary “Type” field that may not be compatible with equipment of other vendors.• HDLC requires a clock rate to be configured on the r outers at both ends of the serial link.• PPP encapsulation is recommended for serial links between equipment from multiple vendors.• Usernames must be configured at both ends of the HDLC serial link.• The HDLC vendor type must be enabled on the Cisco ro uter.• There is a mismatch in the HDLC authentication password configurations.21. Given the partial router configuration in the graphic, why does the workstation with the IP address 192.168.1.153/28 fail to access the Internet? (Choose two.)• The NAT in side interfaces are not configured properly.• The NAT outside interface is not configured properly.• The router is not properly configured to use the access control list for NAT.• The NAT pool is not properly configured to use routable outside addresses.• The access control list does not include the IP address 192.168.1.153/28 to access the Internet.22. The serial PPP link between the Left and Right routers is configured as shown in the diagram. Which configuration issue will prevent IP traffic from crossing this link?• The passwords must be different for the CHAP authentication.• The usernames are misconfigured.• The clock rate must be 56000.• The clock rate is configured on the wrong end of the link.• The IP addresses must be on the same subnet.• Interface serial 0/0 on Left must connect to interface serial 0/1 on Right.23. What causes a DDR call to be placed?• dial string• DLCI• idle time out• interesting traffic• PVC24. Which two layers of the OSI model are described by WAN standards?• Application Layer, Physical Layer• Data Link Layer, Physical Layer• Data Link Layer, Transport Layer• Physical Layer, Network Layer25. A technician is testing RouterA in the graphic. What is the condition of the circuit?• The routers are configured fo r different encapsulations.• The clock rate is not properly configured on the routers.• The circuit from WAN provider has failed.• Authentication is not properly configured on the routers.• The circuit is functioning properly.26. A network administrator must provide WAN connectivity between a central office and three remote sites: Orlando, Atlanta, and Phoenix. The Orlando and Atlanta remote offices receive sales orders and transmit shipping confirmations to the Central office consistently throughout the day. The Phoenix remote office consists of one salesperson traveling through the southwest territory. The salesperson occasionally needs to connect to the Central office for e-mail access. How should the networkadministrator connect the remote sites to the Central office? (Choose two.)• Connect to the Atlanta and Orlando remote offices with Frame Relay connections.• Connect to the Atlanta and Orlando remote offices with ISDN connections.• Connect to the Atlanta and Orlando re mote offices with POTS dial-up connections.• Connect to the Phoenix remote office with a Frame Relay connection.• Connect to the Phoenix remote office with a POTS dial-up connection.27. When a Frame Relay switch detects an excessive buildup of frames in its queue, which of the following may occur? (Choose two.)• Frames with the DE bit set are dropped from the switch queue.• Frames with the FECN and BECN bits set are dropped from the switch queue.• Frames in excess of the CIR are not accepted by the sw itch.• The switch sets the FECN bit on all frames it places on the congested link and sets the BECN bit on all frames it receives on the congested link.• The switch sets the FECN bit on all frames it receives on the congested link and sets the BECN bit o n all frames it places on the congested link.28. A system administrator is troubleshooting a connectivity issue between two routers in a new installation. The administrator enters the debug ppp authentication command on the WHSE router. The graphic shows a part of the output received. From this output, what is the most likely cause of this connectivity issue?• There is not a route to the remote router.• The ISDN circuit on the remote router has failed.• The username/password was not properly configured on the WHSE router.• The remote router has a different authentication protocol configured.29. What does the output of the show frame-relay map command shown below represent? (Choose two.) • Serial 0 (up): ip 172.30.151.4 dlci 122, dynamic, broadcast, sta tus defined, active• 172.30.151.4 represents the IP address of the remote router.• 172.30.151.4 represents the IP address of the local serial interface.• DLCI 122 represents the interface of the remote router.• broadcast indicates that a dynamic routin g protocol such as RIP v1 can send packets across this PVC. • dynamic indicates that a dynamic routing protocol is enabled for this connection.• active indicates that the ARP process is working.30. What does the status inactive indicate in the output of the show frame-relay pvc command?• The DLCI is programmed in the switch but is not usable.• The DLCI was formerly programmed in the switch but is no longer there.• The DLCI is usable but has little activity.• The DLCI has been renamed for that PVC.31. Which of the following IP addresses are defined by RFC 1918 as private addresses? (Choose three.) • 192.168.146.0/22• 172.10.25.0/16• 172.31.0.0/16• 20.0.0.0/8• 10.172.92.8/2932. After configuring a dialup ISDN circuit, a network associate begins testing the dialup connection. When attempting to ping a host on the remote network, the local router does not attempt to dial the remote access server. Which of the following are possible errors in this configuration? (Choose three.) • PPP authentication is not properly configured.• No dialer map is configured.• The ISDN circuit connected to the remote access server is busy.• No interesting traffic is defined.• No route is determined to the remote network.• A wrong number is configured in the dial string.33. Two routers are connected through a Frame Relay, point-to-point PVC. The remote router is from a vendor other than Cisco. Which interface command is required to configure the link between the Cisco router and the other router?• frame-relay pvc multipoint• frame-relay pvc point-to-point• encapsulation frame-relay cisco• encapsulation frame-relay ietf• frame-relay lmi-type ansi34. Which circuit-switched WAN technology is often used to provide a backup for a leased line and additional capacity during peak usage times?• X.25• DSL• ISDN• cable modem35. After the ISDN BRI interface is configured, which command can be used to verify that the router is communicating correctly with the ISDN switch?• show dialer• show isdn status• show interfaces b ri0/0:1• show interfaces serial0/0.136. A system administrator needs to configure the regional office with ISDN for DDR connections to three remote sites. Each remote site requires different IP subnets, different encapsulations, and different authentication methods. The sites will not be connected at the same time. The company would like to accomplish this in the most cost effective manner. What method can the system administrator use to accomplish this task using the fewest B channels?• Install and conf igure a PRI.• Install and configure a BRI interface with separate SPIDs for each remote site.• Install and configure a BRI with multiple switch types in global configuration.• Install and configure a BRI using dialer profiles.• Install and configure a separate BRI for each remote site.37. A system administrator must provide Internet connectivity for ten hosts in a small remote office. The ISP has assigned two public IP addresses to this remote office. How can the system administrator configure the router to provide Internet access to all ten users at the same time?• Configure static NAT for all ten users.• Configure dynamic NAT for ten users.• Configure dynamic NAT with PAT.• Configure DHCP and static NAT.• What the administrator wants to do cannot be done.38. Which of the following are characteristics of Frame Relay? (Choose two.)• circuit-switched• connection oriented• OSI Layer 3• packet-switched• reliable39. Which of the following is the order for the three phases of establishing a PPP serial link with authentication?• authentication, link-establishment, network layer protocols• authentication, network layer protocols, link-establishment• network layer protocols, link-establishment, authentication• network layer protocols, authenticati on, link-establishment• link-establishment, authentication, network layer protocols• link-establishment, network layer protocols, authentication。