CCNA 4 Practice Final Exam Answers 2017 (v5.0.3 + v6.0)

CCNA 4 Practice Final Exam Answers 2017 (v5.0.3 + v6.0)

1. Which two components of a WAN would more likely be used by an ISP? (Choose two.)

  • demarcation point
  • toll network*
  • CO*
  • CPE
  • DTE

2. What are two advantages of packet switching over circuit switching? (Choose two.)

  • There are fewer delays in the data communications processes.
  • Multiple pairs of nodes can communicate over the same network channel.*
  • A dedicated secure circuit is established between each pair of communicating nodes.
  • A connection through the service provider network is established quickly before communications start.
  • The communication costs are lower.*

3. What are two common types of circuit-switched WAN technologies? (Choose two.)

  • ISDN*
  • MPLS
  • ATM
  • PSTN*
  • Frame Relay

4. Under which two categories of WAN connections does Frame Relay fit? (Choose two.)

  • packet-switched*
  • public infrastructure
  • dedicated
  • private infrastructure*
  • Internet

5. Which WAN technology is capable of transferring voice and video traffic by utilizing a fixed payload of 48 bytes for every frame?

  • Ethernet WAN
  • ISDN
  • ATM*
  • Frame Relay

6. Which type of long distance telecommunication technology provides point-to-point connections and cellular access?

  • mobile broadband
  • WiMax*
  • satellite
  • municipal Wi-Fi

7. A small law firm wants to connect to the Internet at relatively high speed but with low cost. In addition, the firm prefers that the connection be through a dedicated link to the service provider. Which connection type should be selected?

  • cable
  • ISDN
  • leased line
  • DSL*

8. Refer to the exhibit. What type of Layer 2 encapsulation will be used for connection D on the basis of this configuration on a newly installed router:
ccna-4-practice-final-exam-answer-8
RtrA(config)# interface serial0/0/0
RtrA(config-if)# ip address 128.107.0.2 255.255.255.252
RtrA(config-if)# no shutdown

  • Frame Relay
  • HDLC*
  • PPP
  • Ethernet

9. Which two protocols in combination should be used to establish a link with secure authentication between a Cisco and a non-Cisco router? (Choose two.)

  • CHAP*
  • PAP
  • HDLC
  • PPP*
  • SLIP

10. Which statement is true about NCP?

  • NCP tests the link to ensure that the link quality is sufficient.
  • Each network protocol has a corresponding NCP.*
  • Link termination is the responsibility of NCP.
  • NCP establishes the initial link between PPP devices.

11. Refer to the exhibit. Which three steps are required to configure Multilink PPP on the HQ router? (Choose three.)
ccna-4-practice-final-exam-answer-11

  • Assign the serial interfaces to the multilink bundle.*
  • Create and configure the multilink interface.*
  • Enable PPP encapsulation on the multilink interface.
  • Enable PPP encapsulation on the serial interfaces.*
  • Assign the Fast Ethernet interface to the multilink bundle.
  • Bind the multilink bundle to the Fast Ethernet interface.

12. A network engineer is troubleshooting the failure of CHAP authentication over a PPP WAN link between two routers. When CHAP authentication is not included as part of the interface configuration on both routers, communication across the link is successful. What could be causing CHAP to fail?

  • The username configured on each router matches the hostname of the other router.
  • The hostname configured on each router is different.
  • The clock rate has not been configured on the DCE serial interface.
  • The secret password configured on each router is different.*

13. Which statement describes the difference between CHAP and PAP in PPP authentication?

  • PAP uses a two-way handshake method and CHAP uses a three-way handshake method.*
  • PAP sends the password encrypted and CHAP does not send the password at all.
  • PAP and CHAP provide equivalent protection against replay attacks.
  • PAP sends the password once and CHAP sends the password repeatedly until acknowledgment of authentication is received.

14. A technician at a remote location is troubleshooting a router and has emailed partial debug command output to a network engineer at the central office. The message that is received by the engineer only contains a number of LCP messages that relate to a serial interface. Which WAN protocol is being used on the link?

  • PPP*
  • VPN
  • HDLC
  • Frame Relay

15. Which DSL technology provides higher downstream bandwidth to the user than upstream bandwidth?

  • CDMA
  • SDSL
  • TDMA
  • ADSL*

16. Which communication protocol allows the creation of a tunnel through the DSL connection between the customer router and the ISP router to send PPP frames?

  • POTS
  • CHAP
  • ADSL
  • PPPoE*

17. Which group of APIs are used by an SDN controller to communicate with various applications?

  • northbound APIs*
  • westbound APIs
  • southbound APIs
  • eastbound APIs

18. Which two technologies are core components of Cisco ACI architecture? (Choose two.)

  • OpenFlow enabled switches
  • Application Policy Infrastructure Controller*
  • Transparent Interconnection of Lots of Links
  • Application Network Profile*
  • Interface to the Routing System

19. Two corporations have just completed a merger. The network engineer has been asked to connect the two corporate networks without the expense of leased lines. Which solution would be the most cost effective method of providing a proper and secure connection between the two corporate networks?

  • site-to-site VPN*
  • Cisco Secure Mobility Clientless SSL VPN
  • Cisco AnyConnect Secure Mobility Client with SSL
  • remote access VPN using IPsec
  • Frame Relay

20. When GRE is configured on a router, what do the tunnel source and tunnel destination addresses on the tunnel interface refer to?

  • the IP addresses of tunnel interfaces on intermediate routers between the connected routers
  • the IP addresses of the two LANs that are being connected together by the VPN
  • the IP addresses at each end of the WAN link between the routers*
  • the IP address of host on the LAN that is being extended virtually

21. Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
What problem is preventing the hosts from communicating across the VPN tunnel?

  • The tunnel IP addresses are incorrect.*
  • The EIGRP configuration is incorrect.
  • The tunnel destinations addresses are incorrect.
  • The tunnel source interfaces are incorrect.

22. Which routing protocol is used to exchange routing information between autonomous systems on the Internet?

  • OSPF
  • EIGRP
  • IS-IS
  • BGP*

23. The graphic shows four autonomous systems (AS). AS 65002 is connected to AS 65003 and to AS 65004. AS 65003 is connected only to AS 65002. AS 65004 is connected to AS 65002 and AS 65005. AS 65005 is connected to AS 65003 and to the Internet.Refer to the exhibit. For which autonomous system would running BGP not be appropriate?
ccna-4-practice-final-exam-answer-23

  • 65004
  • 65005
  • 65002
  • 65003*

24. What two functions describe uses of an access control list? (Choose two.)

  • ACLs can permit or deny traffic based upon the MAC address originating on the router.
  • ACLs provide a basic level of security for network access.*
  • ACLs can control which areas a host can access on a network.*
  • ACLs assist the router in determining the best path to a destination.
  • Standard ACLs can restrict access to specific applications and ports.

25. A network administrator is explaining to a junior colleague the use of the lt and gt keywords when filtering packets using an extended ACL. Where would the lt or gt keywords be used?

  • in an IPv6 extended ACL that stops packets going to one specific destination VLAN
  • in an IPv6 named ACL that permits FTP traffic from one particular LAN getting to another LAN
  • in an IPv4 extended ACL that allows packets from a range of TCP ports destined for a specific network device*
  • in an IPv4 named standard ACL that has specific UDP protocols that are allowed to be used on a specific server

26. Refer to the exhibit. A router has an existing ACL that permits all traffic from the 172.16.0.0 network. The administrator attempts to add a new ACE to the ACL that denies packets from host 172.16.0.1 and receives the error message that is shown in the exhibit. What action can the administrator take to block packets from host 172.16.0.1 while still permitting all other traffic from the 172.16.0.0 network?
ccna-4-practice-final-exam-answer-26

  • Add a deny any any ACE to access-list 1.
  • Manually add the new deny ACE with a sequence number of 15.
  • Create a second access list denying the host and apply it to the same interface.
  • Manually add the new deny ACE with a sequence number of 5.*

27. Which three implicit access control entries are automatically added to the end of an IPv6 ACL? (Choose three.)

  • deny icmp any any
  • permit ipv6 any any
  • deny ipv6 any any*
  • permit icmp any any nd-na*
  • permit icmp any any nd-ns*
  • deny ip any any

28. Which statement describes a difference between the operation of inbound and outbound ACLs?

  • Inbound ACLs are processed before the packets are routed while outbound ACLs are processed after the routing is completed.*
  • On a network interface, more than one inbound ACL can be configured but only one outbound ACL can be configured.
  • In contrast to outbound ALCs, inbound ACLs can be used to filter packets with multiple criteria.
  • Inbound ACLs can be used in both routers and switches but outbound ACLs can be used only on routers.

29. What is the result of a DHCP starvation attack?

  • Clients receive IP address assignments from a rogue DHCP server.
  • The attacker provides incorrect DNS and default gateway information to clients.
  • The IP addresses assigned to legitimate clients are hijacked.
  • Legitimate clients are unable to lease IP addresses.*

30. What is a recommended best practice when dealing with the native VLAN?

  • Turn off DTP.
  • Use port security.
  • Assign it to an unused VLAN.*
  • Assign the same VLAN number as the management VLAN.

31. Which management protocol can be used securely with Cisco devices to retrieve or write to variables in a MIB?

  • SNMP version 1
  • SNMP version 2
  • SNMP version 2c
  • SNMP version 3*
  • SNMP version 3 is considered the secure version of SNMP.

32. What are two benefits of using SNMP traps? (Choose two.)

  • They limit access for management systems only.
  • They eliminate the need for some periodic polling requests.*
  • They can provide statistics on TCP/IP packets that flow through Cisco devices.
  • They can passively listen for exported NetFlow datagrams.
  • They reduce the load on network and agent resources.*

33. What is an advantage of SNMPv3 over SNMPv1 or SNMPv2?

  • mobility
  • support of other network monitoring protocols
  • faster response times
  • security*

34. What network monitoring tool copies traffic moving through one switch port, and sends the copied traffic to another switch port for analysis?

  • SPAN*
  • SNMP
  • syslog
  • 802.1X

35. RSPAN depends on which type of VLAN?

  • RSPAN VLAN*
  • default VLAN
  • native VLAN
  • black hole VLAN
  • management VLAN
  • private VLAN

36. Why is QoS an important issue in a converged network that combines voice, video, and data communications?

  • Voice and video communications are more sensitive to latency.*
  • Legacy equipment is unable to transmit voice and video without QoS.
  • Data communications must be given the first priority.
  • Data communications are sensitive to jitter.

37. What are two characteristics of voice traffic? (Choose two.)

  • It is insensitive to packet loss.
  • It consumes few network resources.*
  • It can tolerate latency up to 400 ms.
  • It is delay sensitive.*
  • It is bursty.

38. True or False.
DiffServ is a QoS strategy that enforces end-to-end guarantees.

  • true
  • false*

39. What QoS step must occur before packets can be marked?

  • policing
  • shaping
  • queuing
  • classifying*

40. Refer to the exhibit. A network administrator has deployed QoS and has configured the network to mark traffic on the VoIP phones as well as the Layer 2 and Layer 3 switches. Where should initial marking occur to establish the trust boundary?
ccna-4-practice-final-exam-answer-40

  • Trust Boundary 4
  • Trust Boundary 3
  • Trust Boundary 1*
  • Trust Boundary 2

41. Which IoT pillar provides the infrastructure for application mobility?

  • the management and automation pillar
  • the application enablement platform​ pillar*
  • the Fog computing pillar
  • the network connectivity pillar

42. What are three abstraction layers of a computer system? (Choose three.)

  • firmware*
  • network
  • hardware*
  • data
  • services*
  • security

43. Users are reporting longer delays in authentication and in accessing network resources during certain time periods of the week. What kind of information should network engineers check to find out if this situation is part of a normal network behavior?

  • network configuration files
  • debug output and packet captures
  • syslog records and messages
  • the network performance baseline*

44. A user is unable to connect to the Internet. The network administrator decides to use the top-down troubleshooting approach. Which action should the administrator perform first?

  • Run the tracert command to identify the faulty device.
  • Check the patch cable connection from the PC to the wall.
  • Run the ipconfig command to verify the IP address, subnet mask, and gateway on the PC.
  • Enter an IP address in the address bar of the web browser to determine if DNS has failed.*

45. How do network administrators use IP SLAs to monitor a network and to detect a network failure early?

  • by simulating network data and IP services to collect network performance data in real time*
  • by using network protocol analyzers to evaluate errors
  • by taking a snap shot of network performance and comparing with an established baseline
  • by measuring the CPU and memory usage on routers and switches

46. What are two examples of network problems that are found at the data link layer? (Choose two.)

  • encapsulation errors*
  • incorrect interface clock rates
  • late collisions and jabber
  • framing errors*
  • electromagnetic interference

47. The output of the show ip interface brief command indicates that Serial0/0/0 is up but the line protocol is down. What are two possible causes for the line protocol being in the down state? (Choose two.)

  • The encapsulation on the Serial0/0/0 interface is incorrect.*
  • The clock rate is not set on the DTE.
  • A network is missing from the routing protocol configuration.
  • Keepalives are not being sent by the remote device.*
  • An incorrect default gateway is set on the router.

48. Refer to the exhibit. A small office uses an ISR to provide connectivity for both wired and wireless computers. One day, a sales person who is using a laptop cannot connect to Server1 through the wireless network. A network technician attempts to determine if the problem is on the wireless or the wired network. The technician pings successfully from the wireless laptop to the default gateway IP address on the ISR. What should be the next troubleshooting step?
ccna-4-practice-final-exam-answer-48

  • Ping from Server1 to its gateway IP address.*
  • Ping from Server1 to PC1.
  • Ping from the laptop to PC1.
  • Ping from the laptop to the Ethernet port on the cable modem.

49. Refer to the exhibit. A ping from R1 to 10.1.1.2 is successful, but a ping from R1 to any address in the 192.168.2.0 network fails. What is the cause of this problem?
ccna-4-practice-final-exam-answer-49

  • A default route is not configured on R1.
  • The static route for 192.168.2.0 is incorrectly configured.*
  • The serial interface between the two routers is down.
  • There is no gateway of last resort at R1.

50. Which feature is unique to IPv6 ACLs when compared to those of IPv4 ACLs?

  • the use of named ACL statements
  • an implicit permit of neighbor discovery packets*
  • the use of wildcard masks
  • an implicit deny any any statement

51. Question as presented:
ccna-4-practice-final-exam-answer-51
ccna-4-practice-final-exam-answer-51-1
52. Question as presented:
ccna-4-practice-final-exam-answer-52
ccna-4-practice-final-exam-answer-52-1
53. Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
A user reports that PC0 cannot visit the web server www.server.com. Troubleshoot the network configuration to identify the problem.
What are three configuration issues that are causing the problem? (Choose three.)

  • SW1 has a port configuration issue.*
  • There is an encapsulation issue for the link between Branch and SW1.
  • One of the interfaces on Branch is not activated.*
  • Routing on HQ is not configured correctly.*
  • The subinterface g0/0.1 on Branch is configured incorrectly for VLAN 10.
  • VLAN 20 is not created correctly on SW1.

Older Version

54. Which three items are normally included when a log message is generated by a syslog client and forwarded to a syslog server? (Choose three.)

  • date and time of message*
  • ID of sending device*
  • length of message
  • message ID*
  • checksum field
  • community ID

55. Which WAN technology uses a fixed payload of 48 bytes and is transported across both switched and permanent virtual circuits?

  • ATM*
  • ISDN
  • Frame Relay
  • metro Ethernet

56. What can cause a reduction in available bandwidth on a cable broadband connection?

  • smaller cells
  • number of subscribers*
  • committed information rate
  • distance from the central office of the provider

57. A technician has been asked to configure a broadband connection for a teleworker. The technician has been instructed that all uploads and downloads for the connection must use existing phone lines. Which broadband technology should be used?

  • cable
  • DSL*
  • ISDN
  • POTS

58. Which three algorithms can be used to encrypt user data in an IPSec VPN framework? (Choose three.)

  • 3DES *
  • AES*
  • Diffie-Hellman
  • DES*
  • ESP
  • SHA

59. Which two Layer 1 requirements are outlined in the Data-over-Cable Service Interface Specification (DOCSIS)? (Choose two.)

  • channel widths*
  • access method
  • maximum data rate
  • modulation techniques*
  • compression techniques

60. What makes the Cisco EasyVPN application a useful tool for VPN implementation?

  • It provides encryption algorithms unavailable in other systems.
  • It ensures that remote workers actually use the VPN for connectivity.
  • It simplifies the configuration tasks for the device that is used as the VPN server.*
  • It allows a greater variety of network devices to be used for VPN connections.

61. How many addresses will be available for dynamic NAT translation when a router is configured with the following commands?
Router(config)#ip nat pool TAME 209.165.201.23 209.165.201.30 netmask 255.255.255.224 
Router(config)#ip nat inside source list 9 pool TAME

  • 7
  • 8*
  • 9
  • 10
  • 24
  • 31

62. Which three statements are true regarding the Frame Relay LMI? (Choose three.)

  • The LMI provides a virtual circuit (VC) status mechanism.*
  • The LMI type must always be manually configured.
  • The available LMI types are CHAP and PAP.
  • The LMI types supported by Cisco routers are CISCO and IETF. *
  • The LMI type configured on the router must match the one used on the Frame Relay switch.*
  • The LMI uses reserved DLCIs to exchange messages between the DTE and DCE.

63. The output of the show ip interface brief command indicates that Serial0 is up but the line protocol is down. What are two possible causes for the line protocol being in the down state? (Choose two.)

  • The clock rate is not set on the DTE.
  • An incorrect default gateway is set on the router.
  • A network is missing from the routing protocol configuration.
  • The encapsulation on the Serial0 interface is incorrect. *
  • Keepalives are not being sent by the remote device.*

64. How does an SNMP trap aid network monitoring and management?

  • It reports to the management station by responding to polls.
  • It collects information for the management station by using polling devices.
  • It sends an alert message to the management station when a threshold is reached.*
  • It flags attempts to begin a DoS attack on the network.

65. What are two characteristics of DSL technology? (Choose two.)

  • Uploads typically offer larger transfer rates than downloads.
  • Service providers deploy DSL in the local loop of the telephone network.*
  • DSL download rates are reduced by large volumes of POTS voice traffic.
  • Filters and splitters allow POTS and DSL traffic to share the same medium.*
  • DSL is a shared medium that allows many users to share bandwidth available from the DSLAM.

66. A network administrator has moved the company intranet web server from a switch port to a dedicated router interface. How can the administrator determine how this change has affected performance and availability on the company intranet?

  • Conduct a performance test and compare with the baseline that was established previously.*
  • Determine performance on the intranet by monitoring load times of company web pages from remote sites.
  • Interview departmental administrative assistants and determine if they think load time for web pages has improved.
  • Compare the hit counts on the company web server for the current week to the values that were recorded in previous weeks.

67. Which two statements about NetFlow are true? (Choose two.)

  • NetFlow can be used to create baseline documentation.*
  • NetFlow can be used to collect performance indicators such as interface errors, CPU usage, and memory usage.
  • NetFlow can be used to monitor traffic statistics, including packet payload content.
  • NetFlow is a Cisco-specific feature that enables the collection of detailed traffic profiles.*
  • NetFlow is a network monitoring and event reporting tool.
  • NetFlow traffic collectors use a “pull” based model to acquire traffic statistics from ports of interest.

68. What are three parameters that are used by NetFlow to classify traffic? (Choose three.)

  • ingress interface *
  • TOS field*
  • egress interface
  • number of packets
  • number of bytes
  • port number*

69. What is the purpose of the Cisco Enterprise Architecture?

  • It replaces the three-layer hierarchical model with a flat network approach.
  • It provides an enterprise-wide system network architecture that helps protect, optimize, and grow the network infrastructure that supports the business processes of a company.*
  • It provides services and functionality to the core layer by grouping various components into a single component that is located in the access layer.
  • It reduces overall network traffic by grouping server farms, the management server, corporate intranet, and e-commerce routers in the same layer.

70. Refer to the exhibit. While planning an upgrade, a network administrator uses the Cisco NetFlow utility to analyze data flow in the current network. What generated the most packets?
ccna-4-practice-final-exam-answer-70

  • ICMP
  • TCP-Telnet
  • TCP-other*
  • UDP-DNS
  • UDP-other

71. Which is a clientless VPN solution for mobile workers?

  • GRE
  • IPsec
  • SSH
  • SSL*

72. What is IPsec?

  • a specification for the way in which a group of protocols and algorithms combine to create VPNs*
  • a protocol that is used to create a VPN at Layer 2 of the OSI model
  • a 56-bit authentication and encryption method that must be used to create VPN tunnels
  • a means by which routers and VPN gateways read and forward packets with encrypted packet headers

73. What are two significant benefits that are provided by IPsec? (Choose two.)

  • authentication
  • encryption*
  • automatic creation of a public network
  • automatic creation of a private network
  • encapsulation*

74. How does STDM allocate bandwidth on a serial connection?

  • It statically assigns bandwidth based upon pre-assigned time slots.
  • It ensures each of the time slices are assigned to individual conversations.
  • It keeps track of conversations that require extra bandwidth. It then dynamically reassigns unused time slices on an as-needed basis.*
  • It ensures that bandwidth is allocated to each channel or time slot regardless of whether the station using the channel has data to

75. Which statement is true about the operation of a site-to-site VPN connection?

  • The data is encrypted and decrypted by the sending and target hosts.
  • The data is encrypted and decrypted by VPN gateways at both the sending and receiving sides.*
  • The data is encrypted by the sending host and decrypted by the VPN gateway at the receiving side.
  • The data is encrypted by the VPN gateway at the sending side and decrypted by the target host.

76. Which two products are part of the Cisco Collaboration Architecture? (Choose two.)

  • Cisco Borderless End Point
  • Cisco TelePresence *
  • Cisco Unified Communications*
  • Cisco Unified Computing
  • Cisco Virtual Private Network

77. A company has been assigned the 203.0.113.0/27 block of IP addresses by the ISP. The company has over 6000 internal devices. What type of NAT would be most appropriate for the employee workstations of the company?

  • static NAT
  • dynamic NAT
  • port forwarding
  • PAT off the external router interface
  • dynamic NAT overload using the pool of addresses*

78. An administrator needs to configure a router so that internal network servers are accessible from the Internet. Each server is configured with a private IPv4 address. What type of NAT should the administrator configure?

  • PAT
  • dynamic NAT
  • static NAT*
  • NAT overloading

79. Refer to the exhibit. Based on the configuration of R1, which device is the inside host and what is the inside local address of this host?
ccna-4-practice-final-exam-answer-79

  • PC-A with address 64.100.0.100
  • PC-A with address 209.165.200.225
  • PC-B with address 64.100.0.100
  • PC-B with address 209.165.200.225*

80. Refer to the exhibit. A PC at address 10.1.1.45 is unable to access the Internet. What is the most likely cause of the problem?
ccna-4-practice-final-exam-answer-80

  • The NAT pool has been exhausted.*
  • The wrong netmask was used on the NAT pool.
  • Access-list 1 has not been configured properly.
  • The inside and outside interfaces have been configured backwards.

81. Which three parts of a Frame Relay Layer 2 PDU are used for congestion control? (Choose three.)

  • the 10-bit DLCI
  • the Extended Address field
  • the C/R bit
  • the FECN bit *
  • the BECN bit *
  • the DE bit*

82. Refer to the exhibit. A network administrator has configured router Edge_Router as shown in the output. Connectivity is failing between Edge_Router and a non-Cisco router running Frame Relay. What should be done to repair this Layer 2 connectivity?
ccna-4-practice-final-exam-answer-82

  • Issue the ietf keyword when enabling Frame Relay on interface serial 0/1/0.
  • Issue the broadcast keyword when performing static mapping on interface serial 0/1/0.
  • Correct the IP address used in the frame-relay map command.
  • Issue the frame-relay lmi-type ansi command on interface serial 0/1/0.
  • Modify the OSPF process-id from 10 to 1.

83. What is the relationship between the DE and the CIR in Frame Relay?

  • When the CIR is exceeded, an Inverse ARP DE message notifies the source to reduce frame transmission speed.
  • The DE bit will indicate when the CIR committed burst size should be applied.
  • When the CIR on a given DLCI is exceeded, the DE bit of frames above the CIR is set.*
  • The XON/XOFF flow control mechanism sets the DE bit when the CIR is exceeded.

84. Which IEEE standard defines the WiMax technology?

  • 802.3
  • 802.5
  • 802.11
  • 802.16*

85. For a VPN, which technology provides secure remote access over broadband?

  • QoS
  • ADSL
  • LTE
  • IPsec*

86. Which two technologies are implemented by organizations to support teleworker remote connections? (Choose two.)

  • CMTS
  • CDMA
  • DOCSIS
  • VPN *
  • IPsec*

87. Which basic network module of the Enterprise Architecture is the fundamental component of a campus design?

  • data center
  • services module
  • access-distribution*
  • enterprise edge

88. Refer to the exhibit. Which three events will occur as a result of the configuration shown on R1? (Choose three.)
ccna-4-practice-final-exam-answer-88

  • Messages that are sent to the syslog server will be limited to levels 3 or lower.*
  • Messages that are sent to the syslog server will be limited to levels 3 and higher.
  • Only traffic that originates from the GigabitEthernet 0/1 interface will be monitored.
  • Messages that are sent to the syslog server will use 192.168.1.5 as the destination IP address. *
  • The syslog messages will contain the IP address the GigabitEthernet 0/1 interface.*
  • For multiple occurrences of the same error, only the first three messages will be sent to the server.

89. What is a disadvantage of a packet-switched network compared to a circuit-switched network?

  • higher cost
  • fixed capacity
  • less flexibility
  • higher latency*

90. What is a type of VPN that is generally transparent to the end user?

  • site-to-site*
  • remote access
  • public
  • private

91. Which statement best describes a WAN?

  • A WAN interconnects LANs over long distances.*
  • A WAN is a public utility that enables access to the Internet.
  • WAN is another name for the Internet.
  • A WAN is a LAN that is extended to provide secure remote network access.

92. How many 64 kb/s voice channels are combined to produce a T1 line?

  • 8
  • 16
  • 24*
  • 32

93. In the Cisco Enterprise Architectures network design approach what is the purpose of the enterprise edge module?

  • to provide access to IP telephony services, wireless controller services, and unified services
  • to provide high-speed connectivity and protection for servers
  • to forward traffic from one local network to another
  • to provide Internet, VPN, and WAN connections*

94. Refer to the exhibit. A network administrator is troubleshooting the OSPF network. The 10.10.0.0/16 network is not showing up in the routing table of Router1. What is the probable cause of this problem?
ccna-4-practice-final-exam-answer-94

  • The serial interface on Router2 is down.
  • The OSPF process is not running on Router2.
  • The OSPF process is configured incorrectly on Router1.
  • There is an incorrect wildcard mask statement for network 10.10.0.0/16 on Router2.*

95. Refer to the exhibit. R3 has the following configuration:
R3# show running-configuration
interface serial0
bandwidth 128
ip address 192.168.11.2 255.255.255.0
encapsulation frame-relay
frame-relay map ip 192.168.11.2 30 broadcast

After the command R3# debug frame-relay packet is executed, a ping is issued from R3 to R1 but is unsuccessful. Based on the output of the debug command shown in the graphic and the router configuration, what is the problem?
ccna-4-practice-final-exam-answer-95

  • No clock rate has been configured on interface s0.
  • There is an incorrect DLCI number in the map statement.
  • An incorrect IP address exists in the map statement.*
  • The encapsulation frame-relay command is missing the broadcast keyword.

96. The security policy in a company specifies that the staff in the sales department must use a VPN to connect to the corporate network to access the sales data when they travel to meet customers. What component is needed by the sales staff to establish a remote VPN connection?

  • VPN gateway
  • VPN appliance
  • VPN concentrator
  • VPN client software*

97. Which PPP protocol allows a device to specify an IP address for routing over the PPP link?

  • PAP
  • CHAP
  • LCP
  • IPCP*

98. Refer to the exhibit. A network administrator has configured routers RTA and RTB, but cannot ping from serial interface to serial interface. Which layer of the OSI model is the most likely cause of the problem?
ccna-4-practice-final-exam-answer-98

  • application
  • transport
  • network
  • data link*
  • physical

99. What is the default location for Cisco routers and switches to send critical logging events?

  • auxiliary port
  • console port*
  • syslog server
  • virtual terminal

100. Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
Which message is displayed on the web browser?

  • Well done!
  • PPP is working!*
  • PPP configured!
  • Configured correctly!

101. Open the PT activity. Perform the tasks in the activity instructions and then answer the question.
What is the IP address or range of IP addresses that are used as the inside global address for packets that originate from PC1 and are going to the server?

  • 209.165.200.231
  • 209.165.200.225 – 200.165.200.229*
  • 209.165.200.231 – 209.165.200.239
  • 192.168.10.21
  • 192.168.10.1 – 192.168.10.254

102. A technician is talking to a colleague at a rival company and comparing DSL transfer rates between the two companies. Both companies are in the same city, use the same service provider, and have the same rate/service plan. What is the explanation for why Company A reports higher download speeds than Company B?

  • Company B shares the conection to the DSLAM with more clients than Company A.
  • Company A only uses microfilters on branch locations.
  • Company A is closer to the service provider.*
  • Company B has a higher volume of POTS voice traffic than Company A.

103. What is an advantage of packet-switched technology over circuit-switched technology?

  • Packet-switched networks do not require an expensive permanent connection to each endpoint.
  • Packet-switched networks can efficiently use multiple routes inside a service provider network.*
  • Packet-switched networks usually experience lower latency than circuit-switched networks experience.
  • Packet-switched networks are less susceptible to jitter than circuit-switched networks are.

104. Which statement describes cable?

  • The cable subscriber must purchase a cable modem termination system (CMTS)
  • Delivering services over a cable network requires downstream frequencies in the 50 to 860 MHz range, and upstream frequencies in the 5 to 42 MHz range.*
  • Each cable subscriber has dedicated upstream and downstream bandwidth.
  • Cable subscribers may expect up to 27 Mbps of bandwidth on the upload path.

105. Which syslog entry has a severity code that indicates the most serious situation?

  • Mar 17 06:42:22: 10.1.1.1 %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to down*
  • Mar 17 06:43:02: 10.1.1.1 %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up
  • Mar 17 06:42:21: 10.1.1.1 %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/3 (not half duplex), with NA-1.30.foo.com FastEthernet0/24 (half duplex).
  • Mar 17 06:03:21: 10.1.1.1 %SYS-6-BOOTTIME: Time taken to reboot after reload = 551932 seconds
  • Mar 17 06:42:20: 10.1.1.1 %SYS-5-CONFIG_I: Configured from console by mwmwm on vty0 (192.168.254.5)
  • Mar 17 06:42:22: 10.1.1.1 %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down

106. What are two WAN connection enhancements that are achieved by implementing PPPoE? (Choose two.)

  • Encapsulating Ethernet frames within PPP frames is an efficient use of bandwidth.
  • DSL CHAP features are included in PPPoE.
  • PPP enables the ISP to assign an IP address to the customer WAN interface.*
  • An Ethernet link supports a number of data link protocols.
  • CHAP enables customer authentication and accounting.*

107. Refer to the exhibit. An administrator is trying to configure PAT on R1, but PC-A is unable to access the Internet. The administrator tries to ping a server on the Internet from PC-A and collects the debugs that are shown in the exhibit. Based on this output, what is most likely the cause of the problem?
ccna-4-practice-final-exam-answer-107

  • The inside and outside NAT interfaces have been configured backwards.
  • The NAT source access list matches the wrong address range.
  • The address on Fa0/0 should be 64.100.0.1.
  • The inside global address is not on the same subnet as the ISP.*

108. What type of installation is needed to view syslog messages?

  • A syslog client must be installed on a workstation.
  • Because any network equipment can interpret syslog messages, nothing special is needed to view them.
  • A syslog server must be installed on a router.
  • A syslog server must be installed on a workstation.*

109. What are three Frame Relay congestion management mechanisms? (Choose three.)

  • BECN*
  • FECN*
  • DE*
  • DLCI
  • Inverse ARP
  • LMI

110. Launch PT Hide and Save PT
ccna-4-practice-final-exam-answer-110
Open the PT activity. Perform the tasks in the activity instructions and then answer the question.
What is the IP address or range of IP addresses that are used as the inside global address for packets that originate from PC1 and are going to the server?​

  • 209.165.200.231 – 209.165.200.239
  • 192.168.10.21
  • 209.165.200.225 – 200.165.200.229*
  • 192.168.10.1 – 192.168.10.254
  • 209.165.200.231

111. Fill in the blank.
IPsec operates at the __Network__ layer of the OSI model.

112. When is a dial-up connection used to connect to an ISP?

  • when a satellite dish is used
  • when a regular telephone line is used*
  • when a cellular telephone provides the service
  • when a high-speed connection is provided over a cable TV network

113. Which two conditions would cause a router to drop a packet? (Choose two.)

  • The ACL that is affecting the packet does not contain at least one deny ACE.
  • No inbound ACL exists on the interface where the packet enters the router.
  • The packet source address does not match the source as permitted in a standard inbound ACE.*
  • No outbound ACL exists on the interface where the packet exits the router.
  • No routing table entry exists for the packet destination, but the packet matches a permitted address in an outbound ACL.*

114. Which range of link-local addresses can be assigned to an IPv6-enabled interface?

  • FF00::/8?*
  • FEBF::/10
  • FEC0::/10?
  • FDEE::/7?

115. Why would a network administrator use the tracert utility?

  • to check information about a DNS name in the DNS server
  • to identify where a packet was lost or delayed on a network*
  • to display the IP address, default gateway, and DNS server address for a PC
  • to determine the active TCP connections on a PC

116. A high school in New York (school A) is using videoconferencing technology to establish student interactions with another high school (school B) in Russia. The videoconferencing is conducted between two end devices through the Internet. The network administrator of school A configures the end device with the IP address 192.168.25.10. The administrator sends a request for the IP address for the end device in school B and the response is 192.168.25.10. The administrator knows immediately that this IP will not work. Why?

  • This is a private IP address.*
  • There is an IP address conflict.
  • This is a loopback address.
  • This is a link-local address.

117. Which definition describes a supernet route?

  • a network address with a mask less than the classful mask
  • a static route with the address 0.0.0.0/0
  • a route that has a subnet mask equal to that of the classful mask*
  • a default route with a local exit interface

118. What is the protocol that provides ISPs the ability to send PPP frames over DSL networks?

  • CHAP
  • PPPoE*
  • PSK
  • LTE
  • PAP

119. An administrator wants to replace the configuration file on a Cisco router by loading a new configuration file from a TFTP server. What two things does the administrator need to know before performing this task? (Choose two.)

  • TFTP server IP address*
  • name of the configuration file that is currently stored on the router
  • router IP address*
  • name of the configuration file that is stored on the TFTP server
  • configuration register value

120. After a license has been purchased and installed, what is the next step that is required before it is activated?

  • Copy the running configuration to flash.
  • Copy the running configuration to NVRAM.
  • Issue the license boot module technology-package command.*
  • Reboot the router.

121. A network administrator is troubleshooting router RA in an EIGRP autonomous system. The administrator needs to obtain the IP addresses of the other routers with which router RA has established adjacencies. It is also important to obtain information of the queue counts on the neighbor routers. What command will do this?

  • show cdp neighbor details
  • show ip eigrp interfaces
  • show ip eigrp topology all-links
  • show ip eigrp neighbors*

122. Which statement correctly describes IPsec?

  • IPsec works at Layer 3, but can protect traffic from Layer 4 through Layer 7.*
  • IPsec uses algorithms that were developed specifically for that protocol.
  • IPsec implements its own method of authentication.
  • IPsec is a Cisco proprietary standard.

More Resources

About the author

Scott

Leave a Comment