NAT and Security Issues
Optimized Call Routing and PSTN Backup
There are two ways to save costs for PSTN calls in a multisite deployment:
• Toll bypass: Calls between sites within an organization that use the IP WAN
instead of the PSTN. The PSTN is used for intersite calls only if calls over the IP WAN are not possible—either because of a WAN failure or because the call is not admitted by Call Admission Control (CAC).
Bandwidth Challenges
Which of the following access list statements would deny traffic from a specific host?
B. Router(config)# access-list 1 deny 10.6.111.48 host
C. Router(config)# access-list 1 deny 172.16.4.13 0.0.0.0
D. Router(config)# access-list 1 deny 192.168.14.132 255.255.255.0
E. Router(config)# access-list 1 deny 192.168.166.127 255.255.255.255
Answer: C
Explanation:
Only choice C is the correct syntax for a specific host. The access list is denying all traffic from the host with IP address 172.16.4.13. It is important to note that in an access list, the subnet mask is the inverse. Normally, a host subnet mask is 255.255.255.255, but in an access list it is 0.0.0.0.
Incorrect Answers:
A. The syntax is incorrect here, as there is no subnet mask at all specified.
B. This would be an acceptable choice, if the "host" keyword were placed in front of the IP address, not after.
D. The subnet mask here includes the entire class C network here, not an individual host.
E. In an access list, the subnet mask is an inverse mask. The mask specified here would be equivalent to all 0's in a subnet mask, meaning that the don't care bits apply to the entire address.
Which one of the access control list statements below will deny all telnet connections to subnet 10.10.1.0/24?
B. access-list 115 deny udp any 10.10.1.0 eq telnet
C. access-list 15 deny tcp 10.10.1.0 255.255.255.0 eq telnet
D. access-list 115 deny tcp any 10.10.1.0 0.0.0.255 eq 23
E. access-list 15 deny udp any 10.10.1.0 255.255.255.0 eq 23
Answer: D
Explanation:
Telnet uses port TCP port 23. Since we are using source and destination IP address information, an extended access list is required. Extended access lists are access lists in the 100-199 range.
Incorrect Answers:
A, C, E. These access lists are numbered 15. Standard access lists are numbered 1-99, and in this case an extended access lists is required.
B. This access list specifies UDP port 23, and TCP port 23 is the port used by telnet.
Which of the following are benefits provided with access control lists (ACLs)?
B. Virus detection.
C. ACLs dentify interesting traffic for DDR.
D. ACLs provide IP route filtering.
E. ACLs provide high network availability.
F. ACLs classify and organize network traffic.
Explanation:
IP access control lists allow a router to discard some packets based on criteria defined by the network engineer. The goal of these filters is to prevent unwanted traffic in the network - whether to prevent hackers from penetrating the network or just to prevent employees from using systems they should not be using.
IP access lists can also be used to filter routing updates, to match packets for
prioritization, to match packets for prioritization, to match packets for VPN tunneling, and to match packets for implementing quality of service features. It is also used to specify the interesting traffic, which is used to trigger ISDN and Dial on Demand Routing (DDR) calls.
Reference:
CCNA Self-Study CCNA ICND exam certification Guide (Cisco Press, ISBN
1-58720-083-X) Page 427
Incorrect Answers:
A, F. ACLs do not provide for management and traffic analysis functions such as the monitoring and organization of network packets.
routinely provide for virus detection and removal.
E. ACLs alone do not provide for any additional level of network availability.
Which command will configure a default route on a router?
B. router(config)# ip default-route 10.1.1.0
C. router(config)# ip default-gateway 10.1.1.0
D. router(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.1
Answer: D
Explanation:
The command "IP route 0.0.0.0 0.0.0.0
configure a default route. In this case, a default route with a next hop IP address of
10.1.1.1 was configured.
Incorrect Answers:
A. This will be an invalid route, since the "10.1.1.0" value will specify the network mask, which in this case is invalid.
B, C. These commands are invalid. The command "ip default-network" could be used, bit not "ip default-route" or "ip default-gateway".
You work as a network engineer at IGCT Groups.You are required to allow establishment of a Telnet session with a router. Which set command.
TestKingC(config-line)# enable password testking
B. TestKingC(config)# line console 0
TestKingC(config-line)# enable secret testking
TestKingC(config-line)# login
C. TestKingC(config)# line console 0
TestKingC(config-line)# password testking
TestKingC(config-line)# login
D. TestKingC(config)# line vty 0
TestKingC(config-line)# enable password testking
E. TestKingC(config)# line vty 0
TestKingC(config-line)# enable secret testking
TestKingC(config-line)# login
F. TestKingC(config)# line vty 0
TestKingC(config-line)# password testking
TestKingC(config-line)# login
Answer: F
Explanation:
CLI Password Configuration:
Access From Password Type Configuration
Console Console password Line console 0
Login
Password faith
Auxiliary Auxiliary password Line aux 0
Login
Password hope
Telent Vty password Line vty 0 4
Login
Password love
You are implementing a new frame relay network to provide connectivity between you offices. To do this, you set up the frame relay network using point
you offices. To do this, you set up the frame relay network using point-to-point
sub interfaces.
Which of the following does NOT need to be configured?
A. The Frame Relay encapsulation on the physical interface.
B. The local DLCI on each subinterface.
C. An IP address on the physical interface.
D. The subinterface type as point-to-point.
Answer: C
Explanation:
When using point to point subinterfaces in a frame relay network, the subinterfaces will each have their own IP addresses and will each be contained within their own IP subnet.
The physical interface does not require an IP address. Incorrect Answers:
A. The physical interface will need to be configured with a layer two encapsulation type, so in this case it must be frame relay.
B. The subinterfaces will have the local DLCI assigned to each one, using the
"frame-relay interface-dlci" command for each of the subinterfaces.
D. Each subinterface should be configured as a point to point network type.
Which one of the following commands would you enter to terminate a VTY line session?
C. disconnect
D. suspend
E. exit
F. None of the above
Answer: E
Explanation:
A VTY line is a telnet session. To end a telnet session from a remote device, enter the exit or logout command.
Incorrect Answers:
A, B, C, D. These are all invalid commands.
RIP version 2 is being used as the routing protocol within the Office network. What does RIP version 2 use to prevent routing loops?
B. Split horizon
C. Authentication
D. Classless masking
E. Hold-down timers
F. Multicast routing updates
G. Path Vectoring
Answer: B, E
Explanation:
Distance Vector routing protocols employ the split horizon mechanism to reduce the possibility of routing loops. Split horizon blocks information about routes from being advertised by a router out of any interface from which that information originated.
RIP versions 1 and 2 also use the concept of hold timers. When a destination has become unreachable (or the metric has increased enough to cause poisoning), the destination goes into "holddown". During this state, no new path will be accepted for the same destination for this amount of time. The hold time indicates how long this state should last.
Incorrect Answers:
A, C, D, F. Although these are all features and functions of RIP version 2, they are not mechanisms used to prevent routing loops.
G. Path Vectoring is a concept used by BGP routers. RIP version 1 and 2 are considered to be distance vector routing protocols.
Which of the following routing protocols do NOT support VLSM (variable length subnet masking)?
B. IGRP
C. EIGRP
D. OSPF
E. IS-IS
F. RIPv2
Answer: A, B
Explanation:
RIP version 1 and IGRP are classful IP routing protocols. They do not support variable length subnet masks.
Incorrect Answers:
C, D, E, F. Static routing, OSPF, IS-IS, EIGRP, BGP, and RIP version 2 all support
VLSM.
You are a network administrator and you need to implement a routing protocol on your network that provides:
* VLSM support
* Minimal overhead
* Support for connecting networks using routers of multiple vendors
Which of the following routing protocol would best serve your needs?
Options :
A. VTP
B. RIP version 1
C. EIGRP
D. OSPF
E. IGRP
F. CDP
Answer: D
Explanation:
Since one of the requirements is that the routing protocol must support other vendors, our only choices are RIP and OSPF. Since RIP version 1 does not support VLSM, OSPF is the only choice.
Incorrect Answers:
A. VTP is the VLAN Trunking Protocol. This is not a routing protocol.
B. RIP version one does not support VLSM. Note that RIPv2 does support VLSM, and would be a valid choice.
C, E. EIGRP and IGRP are Cisco proprietary routing protocols, and are not supported by other vendors.
F. CDP is the Cisco Discovery Protocol, which is used to exchange information between Cisco devices. It can only be used between Cisco routers and switches, and it is not a routing protocol.
In network that support VLSM, which network mask should be used for point-to-point WAN links in order to reduce waste of IP addresses?
B. /30
C. /27
D. /26
E. /32
Answer: B
Explanation:
A 30-bit mask is used to create subnet's with two valid host addresses. This is the exact number needed for a point-to-point connection.
What is the maximum number of IP addresses that can be assigned to hosts on a local subnet that use the 255.255.255.224 subnet mask?
B. 15
C. 16
D. 30
E. 31
F. 32
Answer: D
Explanation:
The subnet mask 255.255.255.224 means that there are 27 network bits. The remaining 5 bits are the host bits. The maximum possible combinations with 5 bits are 25 = 32. As all zero's and all one's hosts are not allowed so, maximum number of valid hosts with the mask 255.255.255.224 are 25 -2 =32-2 = 30 Hosts
If an Ethernet port on router was assigned an IP address of 172.16.112.1/20, what is the maximum number of hosts allowed on this subnet?
B. 2046
C. 4094
D. 4096
E. 8190
Answer: C
Explanation:
Given IP address of 172.16.112.1 / 20,
subnet mask: 255.255.240.0
max. num of hosts =(( 2^12) -2 ) = 4096-2 = 4094
Which of the following IP addresses is a private IP address?
B. 168.172.19.39
C. 172.20.14.36
D. 172.33.194.30
E. 192.168.42.34
Answer: C, E
Explanation:
RFC 1918 Private Address Space:
Range of IP Addresses Class of Networks Number of Network
10.0.0.0 to
10.255.255.255.255
A 1
172.16.0.0 to
172.31.255.255
B 16
192.168.0.0 to
192.168.255.255
C 256
Which of the following are true regarding a network using a subnet mask of 255.255.248.0?
B. It corresponds to a Class B address with 4 bits borrowed.
C. The network address of the last subnet will have 248 in the 3rd octet.
D. The first 21 bits make the host portion of the address.
E. This subnet mask allows for 16 total subnets to be created.
F. The subnetwork numbers will be in multiples of 8.
Answer: A, C, F
Explanation:
This subnet mask includes the first 5 bits within the third octet, so for a class A address 13 bits will be used for the mask (8 bits in the second octet plus 5 in the third).
Since the first 5 bits are used in this octet, that means that remaining 3 bits in this octet will be available for hosts, so each network will be a factor of 8, making the last available subnet with a .248 in the third octet.
Regarding DHCP (dynamic host configuration protocol), which two of the following choices below are true?
address.
B. The DHCP Discover message uses UDP as the transport layer protocol.
C. The DHCP Discover message uses a special Layer 2 multicast address as the
destination address.
D. The DHCP Discover message uses TCP as the transport layer protocol.
E. The DHCP Discover message does not use a Layer 2 destination address.
F. The DHCP Discover message does not require a transport layer protocol.
Answer: A, B
Explanation:
DHCP uses UDP as its transport protocol. DHCP messages from a client to a server are sent to the DHCP server port (UDP port 67), and DHCP messages from a server to a client are sent to the DHCP client port (UDP port 68).The client broadcasts a DHCPDISCOVER message on its local physical subnet. The DHCPDISCOVER message may include options that suggest values for the network address and lease duration.
BOOTP relay agents may pass the message on to DHCP servers not on the same physical subnet.
Each server may respond with a DHCPOFFER message that includes an available
network address in the "ipaddr" field (and other configuration parameters in DHCP
options). Servers need not reserve the offered network address, although the protocol will work more efficiently if the server avoids allocating the offered network address to another client. The server unicasts the DHCPOFFER message to the client (using the DHCP/BOOTP relay agent if necessary) if possible, or may broadcast the message to a broadcast address (preferably 255.255.255.255) on the client's subnet.Incorrect Answers:
C. DHCP messages are broadcast to the "all hosts" address. IP multicast addresses are not used.
D. UDP is used, not TCP.
E. Since DHCP is used so that a client can obtain an IP address, a layer two destination address must be used, as the layer 3 IP address does not yet exist on the client for the return traffic.
F. DHCP, along with nearly every other type of traffic, requires the use of a transport layer protocol.
Which protocol below uses TCP port 443?
B. HTTPS
C. TFTP
D. Telnet
E. SMTP
HTTPS is the secured version of the HTTP application, which normally uses 128 bit SSL encryption to secure the information sent and received on a web page. An example is a banking web site, or a trustworthy shopping web site that takes credit card information. It is an application layer protocol which uses TCP port 443.
Incorrect Answers:
A. HTML is not a protocol.
C. TFTP uses UDP port 69.
D. Telnet uses TCP port 23.
E. SMTP uses TCP port 25.
Which protocol automates all of the following functions for hosts on a network: IP configuration, IP addresses, subnet masks, default gateways,and DNS
A. CDP
B. SNMP
C. DHCP
D. ARP
E. DNS
F. None of the above
Answer: C
Explanation:
DHCP uses the concept of the client making a request and the server supplying the IP address to the client, plus other information such as the default gateway, subnet mask, DNS IP address, and other information.
Incorrect Answers:
A. CDP is the Cisco Discovery Protocol. It is used by Cisco devices at the data link layer to obtain information about their directly connected neighbors.
B. SNMP is the Simple Network Management Protocol. This is used for the maintenance, management, and monitoring of network devices.
D. ARP is the Address Resolution Protocol, which is used to resolve layer 2 MAC
addresses to layer 3 IP addresses.
E. DNS is the Domain Name Service. It is used to resolve domain names to IP addresses. The IP address location of primary and secondary DNS resolver servers can be obtained for hosts using DHCP.
Which three address ranges are used for internal private address blocks as defined by RFC 1918?
B. 10.0.0.0 to 10.255.255.255
C. 172.16.0.0 to 172.16.255.255
D. 172.16.0.0 to 172.31.255.255
E. 127.0.0.0. to 127.255.255.255
F. 192.168.0.0 to 192.168.255.255
G. 224.0.0.0 to 239.255.255.255
Answer: B, D, F
Explanation:
RFC 1918 defines three different IP address ranges as private, meaning that they can be used by any private network for internal use, and these ranges are not to be used in the Internet. The class A private range is 10.0.0.0 to 10.255.255.255. The class B address
range is 172.16.0.0 to 172.31.255.255. The class C private IP address range is 192.168.0.0 to 192.168.255.255.
Incorrect Answers:
A. The 0.0.0.0 network address is invalid and can not be used.
C. The correct address range is 172.16.X.X through 172.31.X.X
What statements are true regarding ICMP packets?
B. They guarantee datagram delivery.
C. They can provide hosts with information about network problems.
D. They are encapsulated within IP datagrams.
E. They are encapsulated within UDP datagrams.
Answer: C, D
Explanation:
ping may be used to find out whether the local machines are connected to the network or whether a remote site is reachable. This tool is a common network tool for determining the network connectivity which uses ICMP protocol instead of TCP/IP and UDP/IP. This protocol is usually associated with the network management tools which provide network information to network administrators, such as ping and traceroute (the later also uses the UDP/IP protocol).
ICMP is quite different from the TCP/IP and UDP/IP protocols. No source and
destination ports are included in its packets. Therefore, usual packet-filtering rules for TCP/IP and UDP/IP are not applicable. Fortunately, a special "signature" known as the packet's Message type is included for denoting the purposes of the ICMP packet. Most commonly used message types are namely, 0, 3, 4, 5, 8, 11, and 12 which represent echo reply, destination unreachable, source quench, redirect, echo request, time exceeded, and parameter problem respectively.
In the ping service, after receiving the ICMP "echo request" packet from the source location, the destination
Incorrect Answers
ICMP is an IP protocol so A and E are incorrect.
ICMP doesn't guarantee datagram delivery so B is wrong as well.
exhibit displays the partial contents of encapsulation header.
B. This is an OSI layer 4 header.
C. This is traffic from an FTP server.
D. This is traffic from an Telnet client.
E. The last PDU received in this session had a sequence number of 292735.
Answer: B, C, E
Explanation:
As the header contains the sequence number and ACK number fields, it represents a TCP header. Choice B is correct as TCP works on Layer 4 i.e. Transport Layer.
Source Port mentioned in the header is 21 which indicate it is FTP Traffic because FTP uses port 20 and 21 for data and control. So choice C is correct.
The acknowledgment number refers to the sequence number of the last PDU received, which is 292735, making choice E also correct.
Catalyst switches utilize a special technology to identify and prevent topology loops and ensure that data flows properly through single network path
A. VTP
B. ISL
C. 802.1Q
D. STP
E. None of the above
Answer: D
Explanation:
Catalyst switches use the STP (spanning tree protocol) to prevent loops and to ensure data flows through a single network path. A separate instance of the STP mechanism is applied to every individual VLAN that is configured on the Catalyst switch.
Incorrect Answers:
A. VTP is the VLAN Trunking Protocol, which is used by Catalyst switches to pass VLAN information between switches. By itself, it does not provide any mechanism for detecting and preventing loops.
B, C. Inter-Switch Link (ISL) and 802.1Q are encapsulation types used for the creation of trunks. ISL is Cisco proprietary and 802.1Q is the industry standard method, but neither of these two options provide for any way to prevent a layer 2 loop in the network.
What are two characteristics of "store and forward" switching? (Select two answer choices)
A. Latency fluctuates regardless of frame size.
B. The switch receives the complete frame before beginning to forward it.
C. Latency through the switch varies with frame length.
D. The switch checks the destination address upon receipt of headers.
Answer: B, C
Explanation:
With store-and-forward, the entire frame is received by the switch before the first bit of the frame is forwarded.
As soon as the incoming switch port receives enough of the frame to see the destination MAC address, the forwarding decision is made and the frame is transmitted out the appropriate outgoing port to the destination device. So, each frame might experience slightly less latency. Store and forward switching may add latency when compared to
other switching methods such as cut through, but it can reduce the amount of errors that become forwarded through a network.
Reference:
CCNA Self-Study CCNA INTRO exam certification Guide (Cisco Press, ISBN 1-58720-094-5) Page 243
Incorrect Answers:
A. The amount of latency that is introduced with this method of switching is dependent on the size of the frame, as the switch must wait to receive the entire frame before sending it.
D. The switch must wait for the entire frame before forwarding it on, and not just the headers.
Leading the way in IT testing and certification tools, You want your Catalyst switch to implement a switching method that holds a packet in its memory
A. Fast Forward
B. Store and forward
C. Frag-free
D. None of the above
Answer: C
Explanation:
Fragment Free switching filters out the majority of packet errors before forwarding begins. In a properly functioning network, most packet "errors" are due to collisions which are resolved within the first 64 bytes of the packet. These collisions cause packet fragments. After a packet has successfully passed this fragment threshold, it will continue to be received without error with near-certainty. (The next biggest cause of failure arises from "late" collisions which can occur when the network is physically interrupted.) This is how the Fragment Free option works. Fragment Free switching waits until the received packet passes the 64-byte fragment threshold and then forwards the packet.
Incorrect Answers:
A. Fast Forward switching is optimized for performance. It offers the lowest level of latency by immediately forwarding a packet upon receipt of only the destination address (after the first 6 bytes are received). Because Fast Forward does not wait until the entire packet is received before forwarding, this form of switching may sometimes relay a packet that has an error. Although this will be an infrequent occurrence and the destination network adapter will discard the faulty packet upon receipt, this superfluous traffic may be deemed unacceptable in certain environments. Such cut-through overhead can be reduced by using the Fragment Free option.
B. Another switching mode supported by Catalystswitches is the traditional
Store-and-Forward bridging mode. Complete packets are stored and checked for errors prior to transmission. Latency varies by packet size since the entire packet needs to be received prior to transmission.
What are some characteristics of the typical VLAN arrangement?
B. Trunk links can carry traffic for multiple VLANs.
C. VLAN implementation significantly increases traffic due to added trunking
information.
D. A VLAN can span multiple switches.
E. VLANs extend the collision domain to include multiple switches.
F. VLANs typically decrease the number of multiple switches.
Answer: A, B, D
Explanation:
VLANs give you the power of making virtual LAN networks to subdivide collision
domains into smaller units of functionality. Without being limited by physical location.
A is correct because that is the exact function of a VLAN. B is correct because trunk links
are used to carry traffic for multiple VLANs. D is correct because a VLAN can and often
does span across multiple switches, through the use of VTP
Incorrect Answers:
C. This choice is incorrect because although trunking information uses bandwidth, the
amount isn't at all significant.
E. This is incorrect because VLANs do the exact opposite, and are used to segment
collision domains.
F. This is incorrect because VLANs themselves have no power in decreasing the numbers
of multiple switches.
You are a network administrator and you need to implement a routing protocol on your network that provides:
* VLSM support
* Minimal overhead
* Support for connecting networks using routers of multiple vendors
Which of the following routing protocol would best serve your needs?
A. VTP
B. RIP version 1
C. EIGRP
D. OSPF
E. IGRP
F. CDP
Answer: D
Explanation:
Since one of the requirements is that the routing protocol must support other vendors, our
only choices are RIP and OSPF. Since RIP version 1 does not support VLSM, OSPF is
the only choice.
Incorrect Answers:
A. VTP is the VLAN Trunking Protocol. This is not a routing protocol.
B. RIP version one does not support VLSM. Note that RIPv2 does support VLSM, and
would be a valid choice.
C, E. EIGRP and IGRP are Cisco proprietary routing protocols, and are not supported by
other vendors.
F. CDP is the Cisco Discovery Protocol, which is used to exchange information between
Cisco devices. It can only be used between Cisco routers and switches, and it is not a
routing protocol.
When designing OSPF networks; what is the purpose of using a hierarchical design? (Select all choices that apply)
A. To reduce the complexity of router configuration
B. To speed up convergence
C. To confine network instability to single areas of the network
D. To reduce routing overhead
E. To lower costs by replacing routers
F. To decrease latency
Answer: B, C, D
Explanation:
An OSPF network designed in a hierarchical fashion with different areas is used because
a small change in the topology of a single area won't force every router to run the SPF
algorithm. Changes in one area are limited to that area only, not to every router within the
entire network. Confining the topology changes to one area reduces the overhead and
speeds the convergence of the network.
In network that support VLSM, which network mask should be used for point-to-point WAN links in order to reduce waste of IP addresses?
point-to-point WAN links in order to reduce waste of IP addresses?
A. /24
B. /30
C. /27
D. /26
E. /32
Answer: B
Explanation:
A 30-bit mask is used to create subnets with two valid host addresses. This is the exact number needed for a point-to-point connection.
If an Ethernet port on router was assigned an IP address of 172.16.112.1/20, what is the maximum number of hosts allowed on this subnet?
A. 1024
B. 2046
C. 4094
D. 4096
E. 8190
Answer: C
Explanation:
Given IP address of 172.16.112.1 / 20,
subnet mask: 255.255.240.0
max. num of hosts =(( 2^12) -2 ) = 4096-2 = 4094
Which of the following IP addresses fall into the CIDR block of 115.54.4.0/22? Select three
B. 115.54.7.64
C. 115.54.6.255
D. 115.54.3.32
E. 115.54.5.128
F. 115.54.12.128
Answer: B, C, E
Explanation:
Given CIDR block of 115.54.4.0 /22:
subnet mask : 255.255.252.0
theIP address range would be 115.54.4.1 to 115.54.7.254.
Therefore, 115.54.5.128 (E),115.54.6.255 (C) and 115.54.7.64 (B) are correct.
What is the network address for a host with the IP address 201.100.5.68/28?What is the network address for a host with the IP address 201.100.5.68/28?
B. 201.100.5.32
C. 201.100.5.64
D. 201.100.5.65
E. 201.100.5.31
F. 201.100.5.1
Answer: C
Explanation:
This is a C ip with a subnet mask of 255.255.255.240
the host 201.100.5.68/28 belong to the second subnet which is 201.100.5.64
this is determined by doing the following:
subnets?2^4-2=14
hosts?2^4-2=14
valid subnet range?256-240=16
16+16=32,16+32=48,16+48=64,64+16=80 and so as you can see the ip
201.100.5.68 belongs to the second subnet which is.64
Which of the following IP addresses is a private IP address? Select all that apply.
B. 168.172.19.39
C. 172.20.14.36
D. 172.33.194.30
E. 192.168.42.34
Answer: C, E
Explanation:
RFC 1918 Private Address Space:
Range of IP Addresses Class of Networks Number of Network
10.0.0.0 to
10.255.255.255.255
A 1
172.16.0.0 to
172.31.255.255
B 16
192.168.0.0 to
192.168.255.255
C 256
Which of the following are true regarding a network using a subnet mask of 255.255.248.0?
B. It corresponds to a Class B address with 4 bits borrowed.
C. The network address of the last subnet will have 248 in the 3rd octet.
D. The first 21 bits make the host portion of the address.
E. This subnet mask allows for 16 total subnets to be created.
F. The subnetwork numbers will be in multiples of 8.
Answer: A, C, F
Explanation:
This subnet mask includes the first 5 bits within the third octet, so for a class A address
13 bits will be used for the mask (8 bits in the second octet plus 5 in the third).
Since the first 5 bits are used in this octet, that means that remaining 3 bits in this octet
will be available for hosts, so each network will be a factor of 8, making the last available
subnet with a .248 in the third octet.
The Data Link Layer
It’s important for you to understand that routers, which work at the Network layer, don’t care at all about where a particular host is located. They’re only concerned about where networks are located, and the best way to reach them—including remote ones. Routers are totally obsessive when it comes to networks. And for once, this is a good thing! It’s the Data Link layer that’s responsible for the actual unique identification of each device that resides on a local network. For a host to send packets to individual hosts on a local network as well as transmitting packets between routers, the Data Link layer uses hardware addressing. Each time a packet is sent between routers, it’s framed with control information at the Data Link layer, but that information is stripped off at the receiving router and only the original packet is left completely intact. This framing of the packet continues for each hop until the packet is finally delivered to the correct receiving host. It’s really important to understand that the packet itself is never altered along the route; it’s only encapsulated with the type of control information required for it to be properly passed on to the different media types.
The IEEE Ethernet Data Link layer has two sublayers:
Media Access Control (MAC) 802.3 Defines how packets are placed on the media. Contention media access is “first come/first served” access where everyone shares the same bandwidth—hence the name. Physical addressing is defined here, as well as logical topologies. What’s a logical topology? It’s the signal path through a physical topology. Line discipline, error notification (not correction), ordered delivery of frames, and optional flow control can also be used at this sublayer.
Logical Link Control (LLC) 802.2 Responsible for identifying Network layer protocols and then encapsulating them. An LLC header tells the Data Link layer what to do with a packet once a frame is received. It works like this: A host will receive a frame and look in the LLC header to find out where the packet is destined for—say, the IP protocol at the Network layer. The LLC can also provide flow control and sequencing of control bits.
The switches and bridges I talked about near the beginning of the chapter both work at the Data Link layer and filter the network using hardware (MAC) addresses. We will look at these in the following section.
The Network Layer
It happens like this: First, when a packet is received on a router interface, the destination IP address is checked. If the packet isn’t destined for that particular router, it will look up the destination network address in the routing table. Once the router chooses an exit interface, the packet will be sent to that interface to be framed and sent out on the local network. If the router can’t find an entry for the packet’s destination network in the routing table, the router drops the packet. Two types of packets are used at the Network layer: data and route updates. Data packets Used to transport user data through the internetwork. Protocols used to support data traffic are called routed protocols; examples of routed protocols are IP and IPX.
Route update packets Used to update neighboring routers about the networks connected to all routers within the internetwork. Protocols that send route update packets are called routing protocols; examples of some common ones are RIP, EIGRP, and OSPF. Route update packets are used to help build and maintain routing tables on each router.
Network addresses Protocol-specific network addresses. A router must maintain a routing table for individual routing protocols because each routing protocol keeps track of a network with a different addressing scheme. Think of it as a street sign in each of the different languages spoken by the residents that live on a particular street. So, if there were American, Spanish, and French folks on a street named “Cat,” the sign would read: Cat/Gato/Chat.
Interface The exit interface a packet will take when destined for a specific network. Metric The distance to the remote network. Different routing protocols use different ways of computing this distance.
The Presentation Layer
The Presentation layer gets its name from its purpose: It presents data to the Application layer and is responsible for data translation and code formatting. This layer is essentially a translator and provides coding and conversion functions. A successful data-transfer technique is to adapt the data into a standard format before transmission. Computers are configured to receive this generically formatted data and then convert the data back into its native format for actual reading (for example, EBCDIC to ASCII). By providing translation services, the Presentation layer ensures that data transferred from the Application layer of one system can be read by the Application layer of another one.
The OSI has protocol standards that define how standard data should be formatted. Tasks like data compression, decompression, encryption, and decryption are associated with this layer. Some Presentation layer standards are involved in multimedia operations too. The following serve to direct graphic and visual image presentation:
PICT A picture format used by Macintosh programs for transferring QuickDraw graphics. TIFF Tagged Image File Format; a standard graphics format for high-resolution, bitmapped images.
JPEG Photo standards brought to us by the Joint Photographic Experts Group.
Other standards guide movies and sound: MIDI Musical Instrument Digital Interface (sometimes called Musical Instrument Device Interface), used for digitized music.
MPEG Increasingly popular Moving Picture Experts Group standard for the compression and coding of motion video for CDs. It provides digital storage and bit rates up to 1.5Mbps.
QuickTime For use with Macintosh programs; manages audio and video applications. RTF Rich Text Format, a file format that lets you exchange text files between different word processors, even in different operating systems.
The Application Layer
The Application layer is also responsible for identifying and establishing the availability of the intended communication partner, and determining whether sufficient resources for the intended communication exist. These tasks are important because computer applications sometimes require more than only desktop resources. Often, they’ll unite communicating components from more than one network application. Prime examples are file transfers and e-mail, as well as enabling remote access, network management activities, client/server processes, and information location. Many network applications provide services for communication over enterprise networks, but for present and future internetworking, the need is fast developing to reach beyond the limits of current physical networking. Today, transactions and information exchanges between organizations are broadening to require internetworking applications such as the following:
World Wide Web (WWW) Connects countless servers (the number seems to grow with each passing day) presenting diverse formats. Most are multimedia and can include graphics, text, video, and sound. (And as pressure to keep up the pace mounts, websites are only getting slicker and snappier. Keep in mind, the snazzier the site, the more resources it requires. You’ll see why I mention this later.) Netscape Navigator and IE simplify both accessing and viewing websites. E-mail gateways Versatile; can use Simple Mail Transfer Protocol (SMTP) or the X.400 standard to deliver messages between different e-mail applications.
Electronic data interchange (EDI) A composite of specialized standards and processes that facilitates the flow of tasks such as accounting, shipping/receiving, and order and inventory tracking between businesses.
Special interest bulletin boardsInclude the many Internet chat rooms where people can “meet” (connect) and communicate with each other either by posting messages or by typing a live conversation. They can also share public-domain software.
Internet navigation utilities Include applications such as Gopher and WAIS, as well as search engines such as Google and Yahoo!, which help users locate the resources and information they need on the Internet.
Financial transaction services Target the financial community. They gather and sell information pertaining to investments, market trading, commodities, currency exchange rates, and credit data to their subscribers.
Internetworking Models
When networks first came into being, computers could typically communicate only with computers from the same manufacturer. For example, companies ran either a complete DECnet solution or an IBM solution—not both together. In the late 1970s, the Open Systems Interconnection (OSI) reference model was created by the International Organization for Standardization (ISO) to break this barrier.
The OSI model was meant to help vendors create interoperable network devices and software in the form of protocols so that different vendor networks could work with each other. Like world peace, it’ll probably never happen completely, but it’s still a great goal. The OSI model is the primary architectural model for networks. It describes how data and network information are communicated from an application on one computer, through the network media, to an application on another computer. The OSI reference model breaks this approach into layers.
In the following section, I am going to explain the layered approach and how we can use this approach in helping us troubleshoot our internetworks.
The Layered Approach
A reference model is a conceptual blueprint of how communications should take place. It addresses all the processes required for effective communication and divides these processes into logical groupings called layers . When a communication system is designed in this manner, it’s known as layered architecture . Think of it like this: You and some friends want to start a company. One of the first things you’ll do is sit down and think through what tasks must be done, who will do them, what order they will be done in, and how they relate to each other. Ultimately, you might group these tasks into departments. Let’s say you decide to have an order-taking department, an inventory department, and a shipping department. Each of your departments has its own unique tasks, keeping its staff members busy and requiring them to focus on only their own duties. In this scenario, I’m using departments as a metaphor for the layers in a communication system. For things to run smoothly, the staff of each department will have to trust and rely heavily upon the others to do their jobs and competently handle their unique responsibilities. In your planning sessions, you would probably take notes, recording the entire process to facilitate later discussions about standards of operation that will serve as your business blueprint, or reference model. Once your business is launched, your department heads, armed with the part of the blueprint relating to their department, will need to develop practical methods to implement their assigned tasks. These practical methods, or protocols, will need to be compiled into a standard operating procedures manual and followed closely. Each of the various procedures in your manual will have been included for different reasons and have varying degrees of importance and implementation. If you form a partnership or acquire another company, it will be imperative that its business protocols— its business blueprint—match yours (or at least be compatible with it). Similarly, software developers can use a reference model to understand computer communication processes and see what types of functions need to be accomplished on any one layer. If they are developing a protocol for a certain layer, all they need to concern themselves with is thespecific layer’s functions, not those of any other layer. Another layer and protocol will handle the other functions. The technical term for this idea is binding.
The communication processes that are related to each other are bound, or grouped together, at a particular layer.
Which encapsulation types are configurable on a Cisco switch for a trunk? (Select two answer choices)
B. ISL
C. CDP
D. 802.1Q
E. 802.1p
F. LLC
G. IETF
Answer: B, D
Explanation:
Trunks are used to carry traffic belonging to multiple VLANs between devices over the same link. A device can determine which VLAN the traffic belongs to by its VLAN identifier. The VLAN identifier is a tag that is encapsulated with the data. ISL and 802.1q are two types of encapsulations used to carry data from multiple VLANs over trunk links.
ISL is a Cisco proprietary protocol for interconnecting multiple switches and maintaining VLAN information as traffic goes between switches. ISL provides VLAN trunking capabilities while maintaining full wire speed performance on Ethernet links in full-duplex or half-duplex mode. ISL operates in a point-to-point environment and will support up to 1000 VLANs. In ISL, the original frame is encapsulated and an additional header is added before the frame is carried over a trunk link. At the receiving end, the header is removed and the frame is forwarded to the assigned VLAN. .ISL uses Per VLAN Spanning Tree (PVST) which runs one instance of Spanning Tree Protocol (STP) per VLAN. PVST allows for optimal root switch placement for each VLAN and supports load balancing of VLANs over multiple trunk links.
802.1Q is the IEEE standard for tagging frames on a trunk and supports up to 4096 VLANs. In 802.1Q, the trunking device inserts a four-byte tag into the original frame and re-computes the Frame Check Sequence (FCS) before sending the frame over the trunk link. At the receiving end, the tag is removed and the frame is forwarded to the assigned VLAN. 802.1Q does not tag frames on the native VLAN. It tags all other frames transmitted and received on the trunk. While configuring a 802.1 trunk, you must make sure that the same native VLAN is configured on both sides of the trunk. IEEE 802.1Q defines a single instance of spanning tree running on the native VLAN for all the VLANs in the network which is called Mono Spanning Tree (MST). This lacks the flexibility and load balancing capability of PVST available with ISL. However, PVST+ offers the capability to retain multiple Spanning Tree topologies with 802.1Q trunking.
Which one of the following protocols allows the information about the configuration of a new VLAN to be distributed across entire switched network?
B. VTP
C. EIGRP
D. SNMP
E. CDP
F. None of the above
Answer: B
Explanation:
"The basic goals of VLAN Trunking Protocol (VTP) are to manage all configured
VLANs across a switched internetwork and to maintain consistency throughout that network. VTP allows an administrator to add, delete, and rename VLANs-information that is then propagated to all other switches in the VTP domain."
Incorrect Answers:
A. STP is the Spanning Tree Protocol, used to prevent bridging loops in a LAN.
C. EIGRP is a routing protocol used to exchange routing information, not VLAN
information.
D. SNMP is the Simple Network Management Protocol, used to provide information to remote network management stations.
E. CDP is the Cisco Discovery Protocol, which is used to exchange information between Cisco devices. It can only be used between Cisco routers and switches.
What are some of the characteristics of a typical VLAN arrangement? (Select all that apply)
B. Trunk links can carry traffic for multiple VLANs.
C. VLAN implementation significantly increases traffic due to added trunking
information.
D. A VLAN can span multiple switches.
E. VLANs typically increase the number of switches needed
F. VLANs typically decrease the number of switches needed
Answer: A, B, D
Explanation:
VLANs give you the power of making virtual LAN networks to subdivide collision
domains into smaller units of functionality, without being limited by physical location.
A is correct because that is the exact function of a VLAN. B is correct because trunk links are used to carry traffic for multiple VLANs. D is correct because a VLAN can and often does span across multiple switches. VTP makes this possible.
Incorrect Answers:
C. Although trunking information does indeed add some level of overhead, the overall
traffic overhead is greatly reduced though the use of VLANs.
E, F. The number of total switches needed in a network is the result of the number of devices on the entire LAN that need to be connected. Whether VLANs are used or not will have little, if any, impact on the total number of switches needed in a LAN.
A new VLAN needs to be created for an existing network. Which of the following are the minimum tasks that must be accomplished in order to create?
B. The VLAN must be named
C. An IP address and subnet mask must be configured for the new VLAN
D. The desired ports must be added to the new VLAN
E. The VLAN must be added to the existing VTP Domain
Answer: A, B, D
Explanation:
The best answers are A, B, D. In order to create a simple VLAN, you must create the VLAN, name it, and then assign ports to it. These are the minimum requirements for a functioning VLAN.
Incorrect Answers:
C. Although an IP address is often configured, it is not required in order to create a functioning VLAN.
E. By default, the VLAN will already be added to the VTP domain. Even if the new
VLAN was not part of the VTP domain, it would still work as a new VLAN on the
switch.
What is a characteristic of ISL and 802.1q frame tagging in a switched LAN environment?
B. They allow the exchange of filtering tables.
C. They specify different implementations of the Spanning-Tree Protocol.
D. They allow the exchange of routing tables
E. They provide inter-switch VLAN communication.
Answer: E
Explanation: A trunk link is the other type of Layer 2 port supported on Cisco
switches. When a trunk port is configured, it begins marking frames as they
exit the port to indicate which VLAN each frame is associated with. The trunk port can also read the markings, called tags, as they enter the trunk port. This enables the switch to send a frame only to the ports for the given VLAN associated with the incoming frame.
The main purpose of trunking is to carry traffic between switches and maintain the VLAN information. Unlike an access link, the trunk link does not belong to a single VLAN but instead can carry traffic from several VLANs over a point-to-point link between two devices that understand the protocol.
Two forms of trunking are used for Cisco switches on Ethernet networks: An IEEE industry standard called IEEE 802.1Q. This is a frame-tagging mechanism that adds a VLAN identifier to the frame by inserting a tag at Layer 2. Another form of trunking on Cisco switches is called Inter-Switch Link (ISL), which is a Cisco proprietary trunking mechanism. ISL uses a frame encapsulation method that adds a header to identify the VLAN.
Incorrect Answers:
A, D. These are the functions of routers, not switches.
B. Filtering tables can be used on certain Catalyst switches via the use of VLAN access control lists, but this information is never shared between switches.
C. A separate STP instance is created for each VLAN, but the STP implementation
remains the same.
Which of the following a true statements regarding the use of VLANs to segment a network? (Select three.)
B. They allow logical grouping of users by function.
C. They can enhance network security.
D. They increase the size of the broadcast domain while decreasing the number of collision domains.
E. They increase the number of broadcast domains while decreasing the size of the broadcast domains.
F. They simplify switch administration.
Answer: B, C, E
Explanation:
VLANs are used to segment a LAN into multiple, smaller LANs. This can be used to enhance security as local traffic from one VLAN will not be passed to users in other VLANS.
Incorrect Answers:
A. VLANs are used to decrease the size of a collision domain, not increase it.
D. The opposite is true.
F. The default operation of a switch is to allow all traffic and to enable all ports in VLAN
1. The use of VLANs will increase the complexity of the switch environment, making for more difficult administration.
A new switch is installed into an existing LAN and a new VTP trunk is set up with an existing switch. Which VLANs will be allowed on this new trunk?
B. Each VLAN, or VLAN range, that is specified with the switchport mode command.
C. Each VLAN, or VLAN range, that is specified with the vtp domain command.
D. Each VLAN, or VLAN range, that is specified with the vlan database command.
Answer: C
Explanation:
By default, all VLANs that are configured to be in the same VTP domain will be allowed
by the VTP trunk.
A. Only the VLANs contained in the same VTP domain will traverse the trunk.
B, D. These commands do not have any influence on the VLANs that will be allowed
over a trunk.
You are bringing up a new Cisco Catalyst switch, and wish to connect it via a trunk to another switch from a different vendor, which uses the IEEE?
B. Switch(config)# switchport trunk encapsulation ietf
C. Switch(config-if)# switchport trunk encapsulation isl
D. Switch(config-if)# switchport trunk encapsulation ietf
E. Switch(config-if)# switchport trunk encapsulation dot1q
Answer: E
Explanation: The only real choices for setting up switching trunks are ISL and
802.1Q. ISL is Cisco proprietary, while 802.1Q uses the IEEE defined standard for
trunking between switches. To configure the 802.1Q standard, the keyword "dot1q" is used in Cisco switches.
Incorrect Answers:
A, B, D. These are not valid options in a Cisco switch.
C. ISL is a Cisco proprietary method for setting up trunks, and will only work between Cisco switches.
Which of the following steps are necessary in order to add a new VLAN to a switched network?
B. Name the VLAN.
C. Configure an IP address for the VLAN.
D. Add the desired ports to the new VLAN.
E. Add the VLAN to the VTP domain.
Answer: A B D
Explanation: The following are the basic requirements for creating VLANs:
* Creating the VLAN numbers and names
* Configuring each port's assigned VLAN.
Incorrect Answers:
C. This is an optional feature, but not a necessary step for creating a VLAN.
E. Adding any VLAN to a Virtual Trunking Protocol (VTP) domain may be desired in a complex multi-switch and multi-VLAN network. However, it is not a necessary step for creating stand-alone VLANs on a single switch.
Refer to the topology and partial configuration output shown in the graphic. The ip subnet-zero configuration command is also in effect?
B. 10.10.0.17
C. 200.2.2.17
D. 200.2.2.18
E. 199.99.9.33
F. 199.99.9.57
Answer: F
Explanation:
Regarding NAT operation, Cisco defines these terms as follows:
1. Inside local address - The IP address assigned to a host on the inside network. This is the address configured as a parameter of the computer's OS or received via dynamic address allocation protocols such as DHCP. The address is likely not a legitimate IP address assigned by the Network Information Center (NIC) or service provider.
Inside global address - A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP addresses to the outside world. In this case, the NAT pool is used to distribute the Inside Global IP addresses.
3. Outside local address - The IP address of an outside host as it appears to the inside network. Not necessarily a legitimate address, it is allocated from an address space routable on the inside.
4. Outside global address - The IP address assigned to a host on the outside network by the host's owner. The address is allocated from a globally routable address or network space.
Which router console commands are used to manage telnet sessions to other routers?
B. TestKingD# exit session 2
C. TestKingD# kill connection 1
D. TestKingD# show sessions
E. TestKingD# show connection all
F. TestKingD# resume 4
Answer: A, D, F
Explanation:
Function Command Options
Telnet to another device Use telnet exec command.
Just type the host or IP address from
exec mode.
Suspend a Telnet session Press the key sequence Ctrl-Shift-6,
then x
Discover currently suspended Telnet
session
Use the where exec command
Use the show sessions exec command
Resume a suspended Telnet session Use the resume command, with no
parameter, to reconnect to the most
recently suspended Telent.
Use the resume x command, where x
is the number of the suspended
Telent session based on the output of
show sessions.
Just press Enter in exec mode to
resume to the most recently
suspended Telent session.
Terminate a suspended telnet Resume connection, and log out
using the quit command.
Use the disconnect command on the
router you Telnnetted from.