Q71. - (Topic 3) 

An administrator is working with the 192.168.4.0 network, which has been subnetted with a /26 mask. Which two addresses can be assigned to hosts within the same subnet? (Choose two.) 

A. 192.168.4.61 

B. 192.168.4.63 

C. 192.168.4.67 

D. 192.168.4.125 

E. 192.168.4.128 

F. 192.168.4.132 

Answer: C,D 

Explanation: 

Increment: 64 (/26 = 11111111.11111111.11111111.11000000) 

The IP 192.168.4.0 belongs to class C. The default subnet mask of class C is /24 and it has 

been subnetted with a /26 mask so we have 2(26-24).= 22.= 4 sub-networks: 

1st subnet: 192.168.4.0 (to 192.168.4.63) 

2nd subnet: 192.168.4.64 (to 192.168.4.127) 

3rd subnet: 192.168.4.128 (to 192.168.4.191) 

4th subnet: 192.168.4.192 (to 192.168.4.225) 

In all the answers above, only answer C and D are in the same subnet. 

Therefore only IPs in this range can be assigned to hosts. 


Q72. - (Topic 3) 

Which two commands will display the current IP address and basic Layer 1 and 2 status of an interface? (Choose two.) 

A. router#show version 

B. router#show ip interface 

C. router#show protocols 

D. router#show controllers 

E. router#show running-config 

Answer: B,C 

Explanation: 

The outputs of “show protocols” and “show ip interface” are shown below: 

Global values:Internet Protocol routing is enabledSerial0/0 is up, line protocol is downInternet address is 10.1.1.1/30Serial0/1 is up, line protocol is downInternet address is 209.65.200.225/30Serial0/2 is up, line protocol is downSerial0/3 is up, line protocol is downNVI0 is up, line protocol is upInterface is unnumbered. Using address of NVI0 (0.0.0.0)Loopback0 is up, line protocol is upInternet address is 10.1.10.1/32Loopback1 is up, line protocol is upInternet address is 10.1.2.1/27Loopback6 is up, line protocol is up 

Serial0/0 is up, line protocol is downInternet address is 10.1.1.1/30Broadcast address is 255.255.255.255Address determined by non-volatile memoryMTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledMulticast reserved groups joined: 224.0.0.5Outgoing access list is not setInbound access list is not setProxy ARP is enabledLocal Proxy ARP is disabledSecurity level is defaultSplit horizon is disabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is enabledIP Flow switching is disabledIP CEF switching is disabledIP Feature Fast switching turbo vectorIP multicast fast switching is enabledIP multicast distributed fast switching is disabledIP route-cache flags are FastRouter Discovery is disabledIP output packet accounting is disabledIP access violation accounting is disabledTCP/IP header compression is disabledRTP/IP header compression is disabledPolicy routing is disabledNetwork address translation is enabled, interface in domain insideBGP Policy Mapping is disabledWCCP Redirect outbound is disabledWCCP Redirect inbound is disabledWCCP Redirect exclude is disabled 


Q73. - (Topic 1) 

A workstation has just resolved a browser URL to the IP address of a server. What protocol will the workstation now use to determine the destination MAC address to be placed into frames directed toward the server? 

A. HTTP 

B. DNS 

C. DHCP 

D. RARP 

E. ARP 

Answer:

Explanation: 

The RARP protocol is used to translate hardware interface addresses to protocol addresses. The RARP message format is very similar to the ARP format. When the booting computer sends the broadcast ARP request, it places its own hardware address in both the sending and receiving fields in the encapsulated ARP data packet. The RARP server will fill in the correct sending and receiving IP addresses in its response to the message. This way the booting computer will know its IP address when it gets the message from the RARP server 


Q74. - (Topic 3) 

A network administrator is troubleshooting the OSPF configuration of routers R1 and R2. The routers cannot establish an adjacency relationship on their common Ethernet link. 

The graphic shows the output of the show ip ospf interface e0 command for routers R1 and R2. Based on the information in the graphic, what is the cause of this problem? 

A. The OSPF area is not configured properly. 

B. The priority on R1 should be set higher. 

C. The cost on R1 should be set higher. 

D. The hello and dead timers are not configured properly. 

E. A backup designated router needs to be added to the network. 

F. The OSPF process ID numbers must match. 

Answer:

Explanation: 

In OSPF, the hello and dead intervals must match and here we can see the hello interval is set to 5 on R1 and 10 on R2. The dead interval is also set to 20 on R1 but it is 40 on R2. 


Q75. - (Topic 1) 

Which of the following are types of flow control? (Choose three.) 

A. buffering 

B. cut-through 

C. windowing 

D. congestion avoidance 

E. load balancing 

Answer: A,C,D 

Explanation: 

During Transfer of data, a high speed computer is generating data traffic a lot faster than the network device can handle in transferring to destination, so single gateway or destination device cannot handle much amount of traffic that is called "Congestion". 

Buffering The Technie is used to control the data transfer when we have congestion, when a network device receive a data it stores in memory section and then transfer to next destination this process called "Buffering". Windowing Whereas Windowing is used for flow control by the Transport layer. Say the sender device is sending segments and the receiver device can accommodate only a fixed number of segments before it can accept more, the two devices negotiate the window size during the connection setup. This is done so that the sending device doesn't overflow the receiving device's buffer. Also the receiving device can send a single acknowledgement for the segments it has received instead of sending an acknowledgement after every segment received. Also, this window size is dynamic meaning, the devices can negotiate and change the window size in the middle of a session. So if initially the window size is three and the receiving device thinks that it can accept more number of segments in its buffer it can negotiate with the sending device and it increases it to say 5 for example. Windowing is used only by TCP since UDP doesn't use or allow flow control. 

Reference: http://www.info-it.net/cisco/ccna/exam-tips/flow-control.php 


Q76. - (Topic 5) 

Refer to the exhibit. 

A TFTP server has recently been installed in the Atlanta office. The network administrator is located in the NY office and has made a console connection to the NY router. After establishing the connection they are unable to backup the configuration file and IOS of the NY router to the TFTP server. What is the cause of this problem? 

A. The NY router has an incorrect subnet mask. 

B. The TFTP server has an incorrect IP address. 

C. The TFTP server has an incorrect subnet mask. 

D. The network administrator computer has an incorrect IP address. 

Answer:

Explanation: 

The TFTP server is using a mask of 255.255.255.240 (/28) while the router is configured with a /29. Because of this, the Atlanta router does not see the TFTP server as being in the same subnet. 


Q77. - (Topic 3) 

Which parameter or parameters are used to calculate OSPF cost in Cisco routers? 

A. Bandwidth 

B. Bandwidth and Delay 

C. Bandwidth, Delay, and MTU 

D. Bandwidth, MTU, Reliability, Delay, and Load 

Answer:

Explanation: 

The well-known formula to calculate OSPF cost is Cost = 108/ Bandwidth 


Q78. - (Topic 7) 

Which option is the default switch port port-security violation mode? 

A. shutdown 

B. protect 

C. shutdown vlan 

D. restrict 

Answer:

Explanation: Shutdown—This mode is the default violation mode; when in this mode, the switch will automatically force the switchport into an error disabled (err-disable) state when a violation occurs. While in this state, the switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the errdisable recovery cause CLI command or by disabling and reenabling the switchport. 

Shutdown VLAN—This mode mimics the behavior of the shutdown mode but limits the error disabled state the specific violating VLAN. 


Q79. - (Topic 5) 

From which of the following attacks can Message Authentication Code (MAC) shield your network? 

A. DoS 

B. DDoS 

C. spoofing 

D. SYN floods 

Answer:

Explanation: 

Message Authentication Code (MAC) can shield your network from spoofing attacks. Spoofing, also known as masquerading, is a popular trick in which an attacker intercepts a network packet, replaces the source address of the packets header with the address of the authorized host, and reinserts fake information which is sent to the receiver. This type of attack involves modifying packet contents. MAC can prevent this type of attack and ensure data integrity by ensuring that no data has changed. MAC also protects against frequency analysis, sequence manipulation, and ciphertext-only attacks. MAC is a secure message digest that requires a secret key shared by the sender and receiver, making it impossible for sniffers to change both the data and the MAC as the receiver can detect the changes. A denial-of-service (DoS) attack floods the target system with unwanted requests, causing the loss of service to users. One form of this attack generates a flood of packets requesting a TCP connection with the target, tying up all resources and making the target unable to service other requests. MAC does not prevent DoS attacks. Stateful packet filtering is the most common defense against a DoS attack. A Distributed Denial of Service attack (DDoS) occurs when multiple systems are used to flood the network and tax the resources of the target system. Various intrusion detection systems, utilizing stateful packet filtering, can protect against DDoS attacks. In a SYN flood attack, the attacker floods the target with spoofed IP packets and causes it to either freeze or crash. A SYN flood attack is a type of denial of service attack that exploits the buffers of a device that accept incoming connections and therefore cannot be prevented by MAC. Common defenses against a SYN flood attack include filtering, reducing the SYN-RECEIVED timer, and implementing SYN cache or SYN cookies. 


Q80. - (Topic 3) 

The command ip route 192.168.100.160 255.255.255.224 192.168.10.2 was issued on a router. No routing protocols or other static routes are configured on the router. Which statement is true about this command? 

A. The interface with IP address 192.168.10.2 is on this router. 

B. The command sets a gateway of last resort for the router. 

C. Packets that are destined for host 192.168.100.160 will be sent to 192.168.10.2. 

D. The command creates a static route for all IP traffic with the source address 

192.168.100.160. 

Answer:

Explanation: 

With 160 it's actually network address of /27 so any address within the range of .160-.191 network will be sent to 192.168.10.2