NAT and Security Issues

In single-site deployments, CUCM servers and IP Phones usually use private IP addresses because there is no need to communicate with the outside IP world. NAT is not configured for the phone subnets, and attacks from the outside are impossible. In multisite deployments, however, IP Security (IPsec) virtual private network (VPN) tunnels can be used between sites. The VPN tunnels allow only intersite communication; access to the protected internal networks is not possible from the outside—only from the other site through the tunnel. Therefore, attacks from the outside are blocked at the gateway. To configure IPsec VPNs, the VPN tunnel must be configured to terminate on the two gateways in the different sites. Sometimes this is not possible; for instance, the two sites may be under different administration, or perhaps security policies do not allow the configuration of IPsec VPNs. In such a case, or when connecting to a public service such as an ITSP, NAT has to be configured for CUCM servers and IP Phones. Cisco calls this Hosted NAT Traversal for Session Border Controllers. In Figure 1-7, Company A and Company B both use IP network 10.0.0.0/8 internally. To communicate over the Internet, the private addresses are translated into public IP addresses. Company A uses public IP network A, and Company B uses public IP network B. All CUCM servers and IP Phones can be reached from the Internet and communicate with each other. As soon as CUCM servers and IP Phones can be reached with public IP addresses, they are subject to attacks from the outside world, introducing potential security issues.

Optimized Call Routing and PSTN Backup

There are two ways to save costs for PSTN calls in a multisite deployment:


• Toll bypass: Calls between sites within an organization that use the IP WAN
instead of the PSTN. The PSTN is used for intersite calls only if calls over the IP WAN are not possible—either because of a WAN failure or because the call is not admitted by Call Admission Control (CAC).

• Tail-end hop-off (TEHO): Extends the concept of toll bypass by also using the IP WAN for calls to the remote destinations in the PSTN. With TEHO, the IP WAN is used as much as possible, and PSTN breakout occurs at the gateway that is located closest to the dialed PSTN destination. Local PSTN breakout is used as a backup in case of IP WAN or CAC.

Bandwidth Challenges

Each site in a multisite deployment usually is interconnected by an IP WAN, or occasionally by a metropolitan-area network (MAN) such as Metro Ethernet. Bandwidth on WAN links is limited and relatively expensive. The goal is to use the available bandwidth as efficiently as possible. Unnecessary traffic should be removed from the IP WAN links through content filtering, firewalls, and access control lists (ACL). IP WAN acceleration methods for bandwidth optimization should be considered as well. Any period of congestion could result in service degradation unless QoS is deployed throughout the network. Voice streams are constant and predictable for Cisco audio packets. Typically, the G.729 codec is used across the WAN to best use bandwidth. As a comparison, the G.711 audio codec requires 64 kbps, whereas packetizing the G.711 voice sample in an IP/UDP/RTP header every 20 ms requires 16 kbps plus the Layer 2 header overhead. Voice is sampled every 20 ms, resulting in 50 packets per second (pps). The IP header is 20 bytes, whereas the UDP header is 8 bytes, and the RTP header is 12 bytes. The 40 bytes of header information must be converted to bits to figure out the packet rate of the overhead. Because a byte has 8 bits, 40 bytes * 8 bits in a byte = 320 bits. The 320 bits are sent 50 times per second based on the 20-ms rate (1 millisecond is 1/1000 of a second, and 20/1000 = .02).

Which of the following access list statements would deny traffic from a specific host?

A. Router(config)# access-list 1 deny 172.31.212.74 any
B. Router(config)# access-list 1 deny 10.6.111.48 host
C. Router(config)# access-list 1 deny 172.16.4.13 0.0.0.0
D. Router(config)# access-list 1 deny 192.168.14.132 255.255.255.0
E. Router(config)# access-list 1 deny 192.168.166.127 255.255.255.255


Answer: C


Explanation:
Only choice C is the correct syntax for a specific host. The access list is denying all traffic from the host with IP address 172.16.4.13. It is important to note that in an access list, the subnet mask is the inverse. Normally, a host subnet mask is 255.255.255.255, but in an access list it is 0.0.0.0.

Incorrect Answers:

A. The syntax is incorrect here, as there is no subnet mask at all specified.

B. This would be an acceptable choice, if the "host" keyword were placed in front of the IP address, not after.
D. The subnet mask here includes the entire class C network here, not an individual host.
E. In an access list, the subnet mask is an inverse mask. The mask specified here would be equivalent to all 0's in a subnet mask, meaning that the don't care bits apply to the entire address.

Which one of the access control list statements below will deny all telnet connections to subnet 10.10.1.0/24?

A. access-list 15 deny telnet any 10.10.1.0 0.0.0.255 eq 23
B. access-list 115 deny udp any 10.10.1.0 eq telnet
C. access-list 15 deny tcp 10.10.1.0 255.255.255.0 eq telnet
D. access-list 115 deny tcp any 10.10.1.0 0.0.0.255 eq 23
E. access-list 15 deny udp any 10.10.1.0 255.255.255.0 eq 23

Answer: D

Explanation:
Telnet uses port TCP port 23. Since we are using source and destination IP address information, an extended access list is required. Extended access lists are access lists in the 100-199 range.

Incorrect Answers:

A, C, E. These access lists are numbered 15. Standard access lists are numbered 1-99, and in this case an extended access lists is required.
B. This access list specifies UDP port 23, and TCP port 23 is the port used by telnet.

Which of the following are benefits provided with access control lists (ACLs)?

A. ACLs monitor the number of bytes and packets.
B. Virus detection.
C. ACLs dentify interesting traffic for DDR.
D. ACLs provide IP route filtering.
E. ACLs provide high network availability.
F. ACLs classify and organize network traffic.

Explanation:
IP access control lists allow a router to discard some packets based on criteria defined by the network engineer. The goal of these filters is to prevent unwanted traffic in the network - whether to prevent hackers from penetrating the network or just to prevent employees from using systems they should not be using.
IP access lists can also be used to filter routing updates, to match packets for
prioritization, to match packets for prioritization, to match packets for VPN tunneling, and to match packets for implementing quality of service features. It is also used to specify the interesting traffic, which is used to trigger ISDN and Dial on Demand Routing (DDR) calls.

Reference:
CCNA Self-Study CCNA ICND exam certification Guide (Cisco Press, ISBN
1-58720-083-X) Page 427

Incorrect Answers:

A, F. ACLs do not provide for management and traffic analysis functions such as the monitoring and organization of network packets.
routinely provide for virus detection and removal.
E. ACLs alone do not provide for any additional level of network availability.

Which command will configure a default route on a router?

A. router(config)# ip route 0.0.0.0 10.1.1.0 10.1.1.1
B. router(config)# ip default-route 10.1.1.0
C. router(config)# ip default-gateway 10.1.1.0
D. router(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.1

Answer: D

Explanation:
The command "IP route 0.0.0.0 0.0.0.0 " command is used to
configure a default route. In this case, a default route with a next hop IP address of
10.1.1.1 was configured.

Incorrect Answers:
A. This will be an invalid route, since the "10.1.1.0" value will specify the network mask, which in this case is invalid.
B, C. These commands are invalid. The command "ip default-network" could be used, bit not "ip default-route" or "ip default-gateway".

You work as a network engineer at IGCT Groups.You are required to allow establishment of a Telnet session with a router. Which set command.

A. TestKingC(config)# line console 0
TestKingC(config-line)# enable password testking
B. TestKingC(config)# line console 0
TestKingC(config-line)# enable secret testking
TestKingC(config-line)# login
C. TestKingC(config)# line console 0
TestKingC(config-line)# password testking
TestKingC(config-line)# login
D. TestKingC(config)# line vty 0
TestKingC(config-line)# enable password testking
E. TestKingC(config)# line vty 0
TestKingC(config-line)# enable secret testking
TestKingC(config-line)# login
F. TestKingC(config)# line vty 0
TestKingC(config-line)# password testking
TestKingC(config-line)# login

Answer: F

Explanation:

CLI Password Configuration:
Access From Password Type Configuration
Console Console password Line console 0
Login
Password faith
Auxiliary Auxiliary password Line aux 0
Login
Password hope
Telent Vty password Line vty 0 4
Login
Password love

You are implementing a new frame relay network to provide connectivity between you offices. To do this, you set up the frame relay network using point

You are implementing a new frame relay network to provide connectivity between
you offices. To do this, you set up the frame relay network using point-to-point
sub interfaces.

Which of the following does NOT need to be configured?
A. The Frame Relay encapsulation on the physical interface.
B. The local DLCI on each subinterface.
C. An IP address on the physical interface.
D. The subinterface type as point-to-point.


Answer: C

Explanation:
When using point to point subinterfaces in a frame relay network, the subinterfaces will each have their own IP addresses and will each be contained within their own IP subnet.
The physical interface does not require an IP address. Incorrect Answers:
A. The physical interface will need to be configured with a layer two encapsulation type, so in this case it must be frame relay.
B. The subinterfaces will have the local DLCI assigned to each one, using the
"frame-relay interface-dlci" command for each of the subinterfaces.
D. Each subinterface should be configured as a point to point network type.

Which one of the following commands would you enter to terminate a VTY line session?

B. disable
C. disconnect
D. suspend
E. exit
F. None of the above

Answer: E

Explanation:
A VTY line is a telnet session. To end a telnet session from a remote device, enter the exit or logout command.

Incorrect Answers:
A, B, C, D. These are all invalid commands.

RIP version 2 is being used as the routing protocol within the Office network. What does RIP version 2 use to prevent routing loops?

A. CIDR
B. Split horizon
C. Authentication
D. Classless masking
E. Hold-down timers
F. Multicast routing updates
G. Path Vectoring


Answer: B, E


Explanation:
Distance Vector routing protocols employ the split horizon mechanism to reduce the possibility of routing loops. Split horizon blocks information about routes from being advertised by a router out of any interface from which that information originated.
RIP versions 1 and 2 also use the concept of hold timers. When a destination has become unreachable (or the metric has increased enough to cause poisoning), the destination goes into "holddown". During this state, no new path will be accepted for the same destination for this amount of time. The hold time indicates how long this state should last.


Incorrect Answers:
A, C, D, F. Although these are all features and functions of RIP version 2, they are not mechanisms used to prevent routing loops.
G. Path Vectoring is a concept used by BGP routers. RIP version 1 and 2 are considered to be distance vector routing protocols.

Which of the following routing protocols do NOT support VLSM (variable length subnet masking)?

A. RIPv1
B. IGRP
C. EIGRP
D. OSPF
E. IS-IS
F. RIPv2

Answer: A, B


Explanation:
RIP version 1 and IGRP are classful IP routing protocols. They do not support variable length subnet masks.


Incorrect Answers:

C, D, E, F. Static routing, OSPF, IS-IS, EIGRP, BGP, and RIP version 2 all support
VLSM.

You are a network administrator and you need to implement a routing protocol on your network that provides:

* Scalability
* VLSM support
* Minimal overhead
* Support for connecting networks using routers of multiple vendors

Which of the following routing protocol would best serve your needs?

Options :

A. VTP
B. RIP version 1
C. EIGRP
D. OSPF
E. IGRP
F. CDP




Answer: D


Explanation:

Since one of the requirements is that the routing protocol must support other vendors, our only choices are RIP and OSPF. Since RIP version 1 does not support VLSM, OSPF is the only choice.


Incorrect Answers:


A. VTP is the VLAN Trunking Protocol. This is not a routing protocol.
B. RIP version one does not support VLSM. Note that RIPv2 does support VLSM, and would be a valid choice.
C, E. EIGRP and IGRP are Cisco proprietary routing protocols, and are not supported by other vendors.
F. CDP is the Cisco Discovery Protocol, which is used to exchange information between Cisco devices. It can only be used between Cisco routers and switches, and it is not a routing protocol.

In network that support VLSM, which network mask should be used for point-to-point WAN links in order to reduce waste of IP addresses?

A. /24
B. /30
C. /27
D. /26
E. /32


Answer: B


Explanation:

A 30-bit mask is used to create subnet's with two valid host addresses. This is the exact number needed for a point-to-point connection.

What is the maximum number of IP addresses that can be assigned to hosts on a local subnet that use the 255.255.255.224 subnet mask?

A. 14
B. 15
C. 16
D. 30
E. 31
F. 32


Answer: D


Explanation:
The subnet mask 255.255.255.224 means that there are 27 network bits. The remaining 5 bits are the host bits. The maximum possible combinations with 5 bits are 25 = 32. As all zero's and all one's hosts are not allowed so, maximum number of valid hosts with the mask 255.255.255.224 are 25 -2 =32-2 = 30 Hosts

If an Ethernet port on router was assigned an IP address of 172.16.112.1/20, what is the maximum number of hosts allowed on this subnet?

A. 1024
B. 2046
C. 4094
D. 4096
E. 8190


Answer: C


Explanation:
Given IP address of 172.16.112.1 / 20,
subnet mask: 255.255.240.0
max. num of hosts =(( 2^12) -2 ) = 4096-2 = 4094

Which of the following IP addresses is a private IP address?

A. 12.0.0.1
B. 168.172.19.39
C. 172.20.14.36
D. 172.33.194.30
E. 192.168.42.34


Answer: C, E



Explanation:
RFC 1918 Private Address Space:
Range of IP Addresses Class of Networks Number of Network

10.0.0.0 to
10.255.255.255.255

A 1
172.16.0.0 to
172.31.255.255

B 16
192.168.0.0 to
192.168.255.255

C 256

Which of the following are true regarding a network using a subnet mask of 255.255.248.0?

A. It corresponds to a Class A address with 13 bits borrowed.
B. It corresponds to a Class B address with 4 bits borrowed.
C. The network address of the last subnet will have 248 in the 3rd octet.
D. The first 21 bits make the host portion of the address.
E. This subnet mask allows for 16 total subnets to be created.
F. The subnetwork numbers will be in multiples of 8.

Answer: A, C, F


Explanation:
This subnet mask includes the first 5 bits within the third octet, so for a class A address 13 bits will be used for the mask (8 bits in the second octet plus 5 in the third).
Since the first 5 bits are used in this octet, that means that remaining 3 bits in this octet will be available for hosts, so each network will be a factor of 8, making the last available subnet with a .248 in the third octet.

Regarding DHCP (dynamic host configuration protocol), which two of the following choices below are true?

A. The DHCP Discover message uses FF-FF-FF-FF-FF as the Layer 2 destination
address.
B. The DHCP Discover message uses UDP as the transport layer protocol.
C. The DHCP Discover message uses a special Layer 2 multicast address as the
destination address.
D. The DHCP Discover message uses TCP as the transport layer protocol.
E. The DHCP Discover message does not use a Layer 2 destination address.
F. The DHCP Discover message does not require a transport layer protocol.

Answer: A, B


Explanation:
DHCP uses UDP as its transport protocol. DHCP messages from a client to a server are sent to the DHCP server port (UDP port 67), and DHCP messages from a server to a client are sent to the DHCP client port (UDP port 68).The client broadcasts a DHCPDISCOVER message on its local physical subnet. The DHCPDISCOVER message may include options that suggest values for the network address and lease duration.

BOOTP relay agents may pass the message on to DHCP servers not on the same physical subnet.

Each server may respond with a DHCPOFFER message that includes an available
network address in the "ipaddr" field (and other configuration parameters in DHCP
options). Servers need not reserve the offered network address, although the protocol will work more efficiently if the server avoids allocating the offered network address to another client. The server unicasts the DHCPOFFER message to the client (using the DHCP/BOOTP relay agent if necessary) if possible, or may broadcast the message to a broadcast address (preferably 255.255.255.255) on the client's subnet.Incorrect Answers:

C. DHCP messages are broadcast to the "all hosts" address. IP multicast addresses are not used.
D. UDP is used, not TCP.
E. Since DHCP is used so that a client can obtain an IP address, a layer two destination address must be used, as the layer 3 IP address does not yet exist on the client for the return traffic.
F. DHCP, along with nearly every other type of traffic, requires the use of a transport layer protocol.

Which protocol below uses TCP port 443?

A. HTML
B. HTTPS
C. TFTP
D. Telnet
E. SMTP

HTTPS is the secured version of the HTTP application, which normally uses 128 bit SSL encryption to secure the information sent and received on a web page. An example is a banking web site, or a trustworthy shopping web site that takes credit card information. It is an application layer protocol which uses TCP port 443.


Incorrect Answers:
A. HTML is not a protocol.
C. TFTP uses UDP port 69.
D. Telnet uses TCP port 23.
E. SMTP uses TCP port 25.

Which protocol automates all of the following functions for hosts on a network: IP configuration, IP addresses, subnet masks, default gateways,and DNS


A. CDP
B. SNMP
C. DHCP
D. ARP
E. DNS
F. None of the above


Answer: C



Explanation:
DHCP uses the concept of the client making a request and the server supplying the IP address to the client, plus other information such as the default gateway, subnet mask, DNS IP address, and other information.


Incorrect Answers:
A. CDP is the Cisco Discovery Protocol. It is used by Cisco devices at the data link layer to obtain information about their directly connected neighbors.

B. SNMP is the Simple Network Management Protocol. This is used for the maintenance, management, and monitoring of network devices.

D. ARP is the Address Resolution Protocol, which is used to resolve layer 2 MAC
addresses to layer 3 IP addresses.

E. DNS is the Domain Name Service. It is used to resolve domain names to IP addresses. The IP address location of primary and secondary DNS resolver servers can be obtained for hosts using DHCP.

Which three address ranges are used for internal private address blocks as defined by RFC 1918?

A. 0.0.0.0 to 255.255.255
B. 10.0.0.0 to 10.255.255.255
C. 172.16.0.0 to 172.16.255.255
D. 172.16.0.0 to 172.31.255.255
E. 127.0.0.0. to 127.255.255.255
F. 192.168.0.0 to 192.168.255.255
G. 224.0.0.0 to 239.255.255.255

Answer: B, D, F


Explanation:

RFC 1918 defines three different IP address ranges as private, meaning that they can be used by any private network for internal use, and these ranges are not to be used in the Internet. The class A private range is 10.0.0.0 to 10.255.255.255. The class B address
range is 172.16.0.0 to 172.31.255.255. The class C private IP address range is 192.168.0.0 to 192.168.255.255.


Incorrect Answers:

A. The 0.0.0.0 network address is invalid and can not be used.

C. The correct address range is 172.16.X.X through 172.31.X.X

What statements are true regarding ICMP packets?

A. They acknowledge receipt of TCP segments.
B. They guarantee datagram delivery.
C. They can provide hosts with information about network problems.
D. They are encapsulated within IP datagrams.
E. They are encapsulated within UDP datagrams.

Answer: C, D


Explanation:
ping may be used to find out whether the local machines are connected to the network or whether a remote site is reachable. This tool is a common network tool for determining the network connectivity which uses ICMP protocol instead of TCP/IP and UDP/IP. This protocol is usually associated with the network management tools which provide network information to network administrators, such as ping and traceroute (the later also uses the UDP/IP protocol).
ICMP is quite different from the TCP/IP and UDP/IP protocols. No source and
destination ports are included in its packets. Therefore, usual packet-filtering rules for TCP/IP and UDP/IP are not applicable. Fortunately, a special "signature" known as the packet's Message type is included for denoting the purposes of the ICMP packet. Most commonly used message types are namely, 0, 3, 4, 5, 8, 11, and 12 which represent echo reply, destination unreachable, source quench, redirect, echo request, time exceeded, and parameter problem respectively.
In the ping service, after receiving the ICMP "echo request" packet from the source location, the destination

Incorrect Answers
ICMP is an IP protocol so A and E are incorrect.
ICMP doesn't guarantee datagram delivery so B is wrong as well.

exhibit displays the partial contents of encapsulation header.

A. This is a UDP header
B. This is an OSI layer 4 header.
C. This is traffic from an FTP server.
D. This is traffic from an Telnet client.
E. The last PDU received in this session had a sequence number of 292735.

Answer: B, C, E

Explanation:
As the header contains the sequence number and ACK number fields, it represents a TCP header. Choice B is correct as TCP works on Layer 4 i.e. Transport Layer.
Source Port mentioned in the header is 21 which indicate it is FTP Traffic because FTP uses port 20 and 21 for data and control. So choice C is correct.
The acknowledgment number refers to the sequence number of the last PDU received, which is 292735, making choice E also correct.

Catalyst switches utilize a special technology to identify and prevent topology loops and ensure that data flows properly through single network path

A. VTP

B. ISL

C. 802.1Q

D. STP

E. None of the above

Answer: D

Explanation:

Catalyst switches use the STP (spanning tree protocol) to prevent loops and to ensure data flows through a single network path. A separate instance of the STP mechanism is applied to every individual VLAN that is configured on the Catalyst switch.

Incorrect Answers:

A. VTP is the VLAN Trunking Protocol, which is used by Catalyst switches to pass VLAN information between switches. By itself, it does not provide any mechanism for detecting and preventing loops.

B, C. Inter-Switch Link (ISL) and 802.1Q are encapsulation types used for the creation of trunks. ISL is Cisco proprietary and 802.1Q is the industry standard method, but neither of these two options provide for any way to prevent a layer 2 loop in the network.

What are two characteristics of "store and forward" switching? (Select two answer choices)



A. Latency fluctuates regardless of frame size.

B. The switch receives the complete frame before beginning to forward it.
C. Latency through the switch varies with frame length.
D. The switch checks the destination address upon receipt of headers.

Answer: B, C

Explanation:
With store-and-forward, the entire frame is received by the switch before the first bit of the frame is forwarded.
As soon as the incoming switch port receives enough of the frame to see the destination MAC address, the forwarding decision is made and the frame is transmitted out the appropriate outgoing port to the destination device. So, each frame might experience slightly less latency. Store and forward switching may add latency when compared to
other switching methods such as cut through, but it can reduce the amount of errors that become forwarded through a network.

Reference:

CCNA Self-Study CCNA INTRO exam certification Guide (Cisco Press, ISBN 1-58720-094-5) Page 243


Incorrect Answers:

A. The amount of latency that is introduced with this method of switching is dependent on the size of the frame, as the switch must wait to receive the entire frame before sending it.
D. The switch must wait for the entire frame before forwarding it on, and not just the headers.

Leading the way in IT testing and certification tools, You want your Catalyst switch to implement a switching method that holds a packet in its memory

Leading the way in IT testing and certification tools, You want your Catalyst switch to implement a switching method that holds a packet in its memory until the data portion of the respected packet reaches the switch. Which method should you employ on your Catalyst switch?


A. Fast Forward
B. Store and forward
C. Frag-free
D. None of the above

Answer: C

Explanation:
Fragment Free switching filters out the majority of packet errors before forwarding begins. In a properly functioning network, most packet "errors" are due to collisions which are resolved within the first 64 bytes of the packet. These collisions cause packet fragments. After a packet has successfully passed this fragment threshold, it will continue to be received without error with near-certainty. (The next biggest cause of failure arises from "late" collisions which can occur when the network is physically interrupted.) This is how the Fragment Free option works. Fragment Free switching waits until the received packet passes the 64-byte fragment threshold and then forwards the packet.


Incorrect Answers:

A. Fast Forward switching is optimized for performance. It offers the lowest level of latency by immediately forwarding a packet upon receipt of only the destination address (after the first 6 bytes are received). Because Fast Forward does not wait until the entire packet is received before forwarding, this form of switching may sometimes relay a packet that has an error. Although this will be an infrequent occurrence and the destination network adapter will discard the faulty packet upon receipt, this superfluous traffic may be deemed unacceptable in certain environments. Such cut-through overhead can be reduced by using the Fragment Free option.
B. Another switching mode supported by Catalystswitches is the traditional
Store-and-Forward bridging mode. Complete packets are stored and checked for errors prior to transmission. Latency varies by packet size since the entire packet needs to be received prior to transmission.

What are some characteristics of the typical VLAN arrangement?

A. VLANs logically divide a switch into multiple, independent switches at Layer 2.
B. Trunk links can carry traffic for multiple VLANs.
C. VLAN implementation significantly increases traffic due to added trunking
information.
D. A VLAN can span multiple switches.
E. VLANs extend the collision domain to include multiple switches.
F. VLANs typically decrease the number of multiple switches.

Answer: A, B, D


Explanation:

VLANs give you the power of making virtual LAN networks to subdivide collision
domains into smaller units of functionality. Without being limited by physical location.
A is correct because that is the exact function of a VLAN. B is correct because trunk links
are used to carry traffic for multiple VLANs. D is correct because a VLAN can and often
does span across multiple switches, through the use of VTP


Incorrect Answers:

C. This choice is incorrect because although trunking information uses bandwidth, the
amount isn't at all significant.
E. This is incorrect because VLANs do the exact opposite, and are used to segment
collision domains.
F. This is incorrect because VLANs themselves have no power in decreasing the numbers
of multiple switches.

You are a network administrator and you need to implement a routing protocol on your network that provides:

* Scalability
* VLSM support
* Minimal overhead
* Support for connecting networks using routers of multiple vendors


Which of the following routing protocol would best serve your needs?
A. VTP
B. RIP version 1
C. EIGRP
D. OSPF
E. IGRP
F. CDP


Answer: D


Explanation:


Since one of the requirements is that the routing protocol must support other vendors, our
only choices are RIP and OSPF. Since RIP version 1 does not support VLSM, OSPF is
the only choice.
Incorrect Answers:
A. VTP is the VLAN Trunking Protocol. This is not a routing protocol.
B. RIP version one does not support VLSM. Note that RIPv2 does support VLSM, and
would be a valid choice.
C, E. EIGRP and IGRP are Cisco proprietary routing protocols, and are not supported by
other vendors.
F. CDP is the Cisco Discovery Protocol, which is used to exchange information between
Cisco devices. It can only be used between Cisco routers and switches, and it is not a
routing protocol.

When designing OSPF networks; what is the purpose of using a hierarchical design? (Select all choices that apply)

When designing OSPF networks; what is the purpose of using a hierarchical design? (Select all choices that apply)

A. To reduce the complexity of router configuration
B. To speed up convergence
C. To confine network instability to single areas of the network
D. To reduce routing overhead
E. To lower costs by replacing routers
F. To decrease latency


Answer: B, C, D


Explanation:
An OSPF network designed in a hierarchical fashion with different areas is used because
a small change in the topology of a single area won't force every router to run the SPF
algorithm. Changes in one area are limited to that area only, not to every router within the
entire network. Confining the topology changes to one area reduces the overhead and
speeds the convergence of the network.

In network that support VLSM, which network mask should be used for point-to-point WAN links in order to reduce waste of IP addresses?

In network that support VLSM, which network mask should be used for
point-to-point WAN links in order to reduce waste of IP addresses?

A. /24
B. /30
C. /27
D. /26
E. /32
Answer: B
Explanation:

A 30-bit mask is used to create subnets with two valid host addresses. This is the exact number needed for a point-to-point connection.

If an Ethernet port on router was assigned an IP address of 172.16.112.1/20, what is the maximum number of hosts allowed on this subnet?

If an Ethernet port on router was assigned an IP address of 172.16.112.1/20, what is the maximum number of hosts allowed on this subnet?


A. 1024
B. 2046
C. 4094
D. 4096
E. 8190


Answer: C


Explanation:
Given IP address of 172.16.112.1 / 20,
subnet mask: 255.255.240.0
max. num of hosts =(( 2^12) -2 ) = 4096-2 = 4094

Which of the following IP addresses fall into the CIDR block of 115.54.4.0/22? Select three

A. 115.54.8.32
B. 115.54.7.64
C. 115.54.6.255
D. 115.54.3.32
E. 115.54.5.128
F. 115.54.12.128

Answer: B, C, E


Explanation:
Given CIDR block of 115.54.4.0 /22:
subnet mask : 255.255.252.0
theIP address range would be 115.54.4.1 to 115.54.7.254.
Therefore, 115.54.5.128 (E),115.54.6.255 (C) and 115.54.7.64 (B) are correct.

What is the network address for a host with the IP address 201.100.5.68/28?What is the network address for a host with the IP address 201.100.5.68/28?

A. 201.100.5.0
B. 201.100.5.32
C. 201.100.5.64
D. 201.100.5.65
E. 201.100.5.31
F. 201.100.5.1


Answer: C
Explanation:
This is a C ip with a subnet mask of 255.255.255.240
the host 201.100.5.68/28 belong to the second subnet which is 201.100.5.64

this is determined by doing the following:

subnets?2^4-2=14
hosts?2^4-2=14
valid subnet range?256-240=16
16+16=32,16+32=48,16+48=64,64+16=80 and so as you can see the ip
201.100.5.68 belongs to the second subnet which is.64

Which of the following IP addresses is a private IP address? Select all that apply.

A. 12.0.0.1
B. 168.172.19.39
C. 172.20.14.36
D. 172.33.194.30
E. 192.168.42.34
Answer: C, E
Explanation:
RFC 1918 Private Address Space:
Range of IP Addresses Class of Networks Number of Network
10.0.0.0 to
10.255.255.255.255
A 1
172.16.0.0 to
172.31.255.255
B 16
192.168.0.0 to
192.168.255.255
C 256

Which of the following are true regarding a network using a subnet mask of 255.255.248.0?

A. It corresponds to a Class A address with 13 bits borrowed.
B. It corresponds to a Class B address with 4 bits borrowed.
C. The network address of the last subnet will have 248 in the 3rd octet.
D. The first 21 bits make the host portion of the address.
E. This subnet mask allows for 16 total subnets to be created.
F. The subnetwork numbers will be in multiples of 8.

Answer: A, C, F


Explanation:

This subnet mask includes the first 5 bits within the third octet, so for a class A address
13 bits will be used for the mask (8 bits in the second octet plus 5 in the third).
Since the first 5 bits are used in this octet, that means that remaining 3 bits in this octet
will be available for hosts, so each network will be a factor of 8, making the last available
subnet with a .248 in the third octet.

The Data Link Layer

The Data Link layer provides the physical transmission of the data and handles error notification, network topology, and flow control. This means that the Data Link layer will ensure that messages are delivered to the proper device on a LAN using hardware addresses, and translates messages from the Network layer into bits for the Physical layer to transmit. The Data Link layer formats the message into pieces, each called a data frame, and adds a customized header containing the hardware destination and source address. This added information forms a sort of capsule that surrounds the original message in much the same way that engines, navigational devices, and other tools were attached to the lunar modules of the Apollo project. These various pieces of equipment were useful only during certain stages of space flight and were stripped off the module and discarded when their designated stage was complete. Data traveling through networks is similar.
It’s important for you to understand that routers, which work at the Network layer, don’t care at all about where a particular host is located. They’re only concerned about where networks are located, and the best way to reach them—including remote ones. Routers are totally obsessive when it comes to networks. And for once, this is a good thing! It’s the Data Link layer that’s responsible for the actual unique identification of each device that resides on a local network. For a host to send packets to individual hosts on a local network as well as transmitting packets between routers, the Data Link layer uses hardware addressing. Each time a packet is sent between routers, it’s framed with control information at the Data Link layer, but that information is stripped off at the receiving router and only the original packet is left completely intact. This framing of the packet continues for each hop until the packet is finally delivered to the correct receiving host. It’s really important to understand that the packet itself is never altered along the route; it’s only encapsulated with the type of control information required for it to be properly passed on to the different media types.
The IEEE Ethernet Data Link layer has two sublayers:
Media Access Control (MAC) 802.3 Defines how packets are placed on the media. Contention media access is “first come/first served” access where everyone shares the same bandwidth—hence the name. Physical addressing is defined here, as well as logical topologies. What’s a logical topology? It’s the signal path through a physical topology. Line discipline, error notification (not correction), ordered delivery of frames, and optional flow control can also be used at this sublayer.
Logical Link Control (LLC) 802.2 Responsible for identifying Network layer protocols and then encapsulating them. An LLC header tells the Data Link layer what to do with a packet once a frame is received. It works like this: A host will receive a frame and look in the LLC header to find out where the packet is destined for—say, the IP protocol at the Network layer. The LLC can also provide flow control and sequencing of control bits.
The switches and bridges I talked about near the beginning of the chapter both work at the Data Link layer and filter the network using hardware (MAC) addresses. We will look at these in the following section.

The Network Layer

The Network layer (also called layer 3) manages device addressing, tracks the location of devices on the network, and determines the best way to move data, which means that the Network layer must transport traffic between devices that aren’t locally attached. Routers (layer 3 devices) are specified at the Network layer and provide the routing services within an internetwork.
It happens like this: First, when a packet is received on a router interface, the destination IP address is checked. If the packet isn’t destined for that particular router, it will look up the destination network address in the routing table. Once the router chooses an exit interface, the packet will be sent to that interface to be framed and sent out on the local network. If the router can’t find an entry for the packet’s destination network in the routing table, the router drops the packet. Two types of packets are used at the Network layer: data and route updates. Data packets Used to transport user data through the internetwork. Protocols used to support data traffic are called routed protocols; examples of routed protocols are IP and IPX.
Route update packets Used to update neighboring routers about the networks connected to all routers within the internetwork. Protocols that send route update packets are called routing protocols; examples of some common ones are RIP, EIGRP, and OSPF. Route update packets are used to help build and maintain routing tables on each router.
Network addresses Protocol-specific network addresses. A router must maintain a routing table for individual routing protocols because each routing protocol keeps track of a network with a different addressing scheme. Think of it as a street sign in each of the different languages spoken by the residents that live on a particular street. So, if there were American, Spanish, and French folks on a street named “Cat,” the sign would read: Cat/Gato/Chat.
Interface The exit interface a packet will take when destined for a specific network. Metric The distance to the remote network. Different routing protocols use different ways of computing this distance.

The Presentation Layer

The Presentation layer gets its name from its purpose: It presents data to the Application layer and is responsible for data translation and code formatting. This layer is essentially a translator and provides coding and conversion functions. A successful data-transfer technique is to adapt the data into a standard format before transmission. Computers are configured to receive this generically formatted data and then convert the data back into its native format for actual reading (for example, EBCDIC to ASCII). By providing translation services, the Presentation layer ensures that data transferred from the Application layer of one system can be read by the Application layer of another one.

The OSI has protocol standards that define how standard data should be formatted. Tasks like data compression, decompression, encryption, and decryption are associated with this layer. Some Presentation layer standards are involved in multimedia operations too. The following serve to direct graphic and visual image presentation:

PICT A picture format used by Macintosh programs for transferring QuickDraw graphics. TIFF Tagged Image File Format; a standard graphics format for high-resolution, bitmapped images.

JPEG Photo standards brought to us by the Joint Photographic Experts Group.

Other standards guide movies and sound: MIDI Musical Instrument Digital Interface (sometimes called Musical Instrument Device Interface), used for digitized music.

MPEG Increasingly popular Moving Picture Experts Group standard for the compression and coding of motion video for CDs. It provides digital storage and bit rates up to 1.5Mbps.

QuickTime For use with Macintosh programs; manages audio and video applications. RTF Rich Text Format, a file format that lets you exchange text files between different word processors, even in different operating systems.

The Application Layer

The Application layer of the OSI model marks the spot where users actually communicate to the computer. This layer only comes into play when it’s apparent that access to the network is going to be needed soon. Take the case of Internet Explorer (IE). You could uninstall every trace of networking components from a system, such as TCP/IP, NIC card, etc., and you could still use IE to view a local HTML document—no problem. But things would definitely get messy if you tried to do something like view an HTML document that must be retrieved using HTTP, or nab a file with FTP. That’s because IE will respond to requests such as those by attempting to access the Application layer. And what’s happening is that the Application layer is acting as an interface between the actual application program—which isn’t at all a part of the layered structure—and the next layer down, by providing ways for the application to send information down through the protocol stack. In other words, IE doesn’t truly reside within the Application layer—it interfaces with Application-layer protocols when it needs to deal with remote resources.
The Application layer is also responsible for identifying and establishing the availability of the intended communication partner, and determining whether sufficient resources for the intended communication exist. These tasks are important because computer applications sometimes require more than only desktop resources. Often, they’ll unite communicating components from more than one network application. Prime examples are file transfers and e-mail, as well as enabling remote access, network management activities, client/server processes, and information location. Many network applications provide services for communication over enterprise networks, but for present and future internetworking, the need is fast developing to reach beyond the limits of current physical networking. Today, transactions and information exchanges between organizations are broadening to require internetworking applications such as the following:
World Wide Web (WWW) Connects countless servers (the number seems to grow with each passing day) presenting diverse formats. Most are multimedia and can include graphics, text, video, and sound. (And as pressure to keep up the pace mounts, websites are only getting slicker and snappier. Keep in mind, the snazzier the site, the more resources it requires. You’ll see why I mention this later.) Netscape Navigator and IE simplify both accessing and viewing websites. E-mail gateways Versatile; can use Simple Mail Transfer Protocol (SMTP) or the X.400 standard to deliver messages between different e-mail applications.
Electronic data interchange (EDI) A composite of specialized standards and processes that facilitates the flow of tasks such as accounting, shipping/receiving, and order and inventory tracking between businesses.
Special interest bulletin boardsInclude the many Internet chat rooms where people can “meet” (connect) and communicate with each other either by posting messages or by typing a live conversation. They can also share public-domain software.
Internet navigation utilities Include applications such as Gopher and WAIS, as well as search engines such as Google and Yahoo!, which help users locate the resources and information they need on the Internet.
Financial transaction services Target the financial community. They gather and sell information pertaining to investments, market trading, commodities, currency exchange rates, and credit data to their subscribers.

Internetworking Models

When networks first came into being, computers could typically communicate only with computers from the same manufacturer. For example, companies ran either a complete DECnet solution or an IBM solution—not both together. In the late 1970s, the Open Systems Interconnection (OSI) reference model was created by the International Organization for Standardization (ISO) to break this barrier.

The OSI model was meant to help vendors create interoperable network devices and software in the form of protocols so that different vendor networks could work with each other. Like world peace, it’ll probably never happen completely, but it’s still a great goal. The OSI model is the primary architectural model for networks. It describes how data and network information are communicated from an application on one computer, through the network media, to an application on another computer. The OSI reference model breaks this approach into layers.

In the following section, I am going to explain the layered approach and how we can use this approach in helping us troubleshoot our internetworks.

The Layered Approach

A reference model is a conceptual blueprint of how communications should take place. It addresses all the processes required for effective communication and divides these processes into logical groupings called layers . When a communication system is designed in this manner, it’s known as layered architecture . Think of it like this: You and some friends want to start a company. One of the first things you’ll do is sit down and think through what tasks must be done, who will do them, what order they will be done in, and how they relate to each other. Ultimately, you might group these tasks into departments. Let’s say you decide to have an order-taking department, an inventory department, and a shipping department. Each of your departments has its own unique tasks, keeping its staff members busy and requiring them to focus on only their own duties. In this scenario, I’m using departments as a metaphor for the layers in a communication system. For things to run smoothly, the staff of each department will have to trust and rely heavily upon the others to do their jobs and competently handle their unique responsibilities. In your planning sessions, you would probably take notes, recording the entire process to facilitate later discussions about standards of operation that will serve as your business blueprint, or reference model. Once your business is launched, your department heads, armed with the part of the blueprint relating to their department, will need to develop practical methods to implement their assigned tasks. These practical methods, or protocols, will need to be compiled into a standard operating procedures manual and followed closely. Each of the various procedures in your manual will have been included for different reasons and have varying degrees of importance and implementation. If you form a partnership or acquire another company, it will be imperative that its business protocols— its business blueprint—match yours (or at least be compatible with it). Similarly, software developers can use a reference model to understand computer communication processes and see what types of functions need to be accomplished on any one layer. If they are developing a protocol for a certain layer, all they need to concern themselves with is thespecific layer’s functions, not those of any other layer. Another layer and protocol will handle the other functions. The technical term for this idea is binding.

The communication processes that are related to each other are bound, or grouped together, at a particular layer.

Which encapsulation types are configurable on a Cisco switch for a trunk? (Select two answer choices)

A. VTP
B. ISL
C. CDP
D. 802.1Q
E. 802.1p
F. LLC
G. IETF

Answer: B, D
Explanation:
Trunks are used to carry traffic belonging to multiple VLANs between devices over the same link. A device can determine which VLAN the traffic belongs to by its VLAN identifier. The VLAN identifier is a tag that is encapsulated with the data. ISL and 802.1q are two types of encapsulations used to carry data from multiple VLANs over trunk links.
ISL is a Cisco proprietary protocol for interconnecting multiple switches and maintaining VLAN information as traffic goes between switches. ISL provides VLAN trunking capabilities while maintaining full wire speed performance on Ethernet links in full-duplex or half-duplex mode. ISL operates in a point-to-point environment and will support up to 1000 VLANs. In ISL, the original frame is encapsulated and an additional header is added before the frame is carried over a trunk link. At the receiving end, the header is removed and the frame is forwarded to the assigned VLAN. .ISL uses Per VLAN Spanning Tree (PVST) which runs one instance of Spanning Tree Protocol (STP) per VLAN. PVST allows for optimal root switch placement for each VLAN and supports load balancing of VLANs over multiple trunk links.
802.1Q is the IEEE standard for tagging frames on a trunk and supports up to 4096 VLANs. In 802.1Q, the trunking device inserts a four-byte tag into the original frame and re-computes the Frame Check Sequence (FCS) before sending the frame over the trunk link. At the receiving end, the tag is removed and the frame is forwarded to the assigned VLAN. 802.1Q does not tag frames on the native VLAN. It tags all other frames transmitted and received on the trunk. While configuring a 802.1 trunk, you must make sure that the same native VLAN is configured on both sides of the trunk. IEEE 802.1Q defines a single instance of spanning tree running on the native VLAN for all the VLANs in the network which is called Mono Spanning Tree (MST). This lacks the flexibility and load balancing capability of PVST available with ISL. However, PVST+ offers the capability to retain multiple Spanning Tree topologies with 802.1Q trunking.

Which one of the following protocols allows the information about the configuration of a new VLAN to be distributed across entire switched network?

A. STP
B. VTP
C. EIGRP
D. SNMP
E. CDP
F. None of the above

Answer: B

Explanation:

"The basic goals of VLAN Trunking Protocol (VTP) are to manage all configured
VLANs across a switched internetwork and to maintain consistency throughout that network. VTP allows an administrator to add, delete, and rename VLANs-information that is then propagated to all other switches in the VTP domain."

Incorrect Answers:
A. STP is the Spanning Tree Protocol, used to prevent bridging loops in a LAN.
C. EIGRP is a routing protocol used to exchange routing information, not VLAN
information.
D. SNMP is the Simple Network Management Protocol, used to provide information to remote network management stations.
E. CDP is the Cisco Discovery Protocol, which is used to exchange information between Cisco devices. It can only be used between Cisco routers and switches.

What are some of the characteristics of a typical VLAN arrangement? (Select all that apply)

A. VLANs logically divide a switch into multiple, independent switches at Layer 2.
B. Trunk links can carry traffic for multiple VLANs.
C. VLAN implementation significantly increases traffic due to added trunking
information.
D. A VLAN can span multiple switches.
E. VLANs typically increase the number of switches needed
F. VLANs typically decrease the number of switches needed

Answer: A, B, D

Explanation:
VLANs give you the power of making virtual LAN networks to subdivide collision
domains into smaller units of functionality, without being limited by physical location.

A is correct because that is the exact function of a VLAN. B is correct because trunk links are used to carry traffic for multiple VLANs. D is correct because a VLAN can and often does span across multiple switches. VTP makes this possible.

Incorrect Answers:
C. Although trunking information does indeed add some level of overhead, the overall
traffic overhead is greatly reduced though the use of VLANs.
E, F. The number of total switches needed in a network is the result of the number of devices on the entire LAN that need to be connected. Whether VLANs are used or not will have little, if any, impact on the total number of switches needed in a LAN.

A new VLAN needs to be created for an existing network. Which of the following are the minimum tasks that must be accomplished in order to create?

A. The VLAN must be created
B. The VLAN must be named
C. An IP address and subnet mask must be configured for the new VLAN
D. The desired ports must be added to the new VLAN
E. The VLAN must be added to the existing VTP Domain

Answer: A, B, D

Explanation:
The best answers are A, B, D. In order to create a simple VLAN, you must create the VLAN, name it, and then assign ports to it. These are the minimum requirements for a functioning VLAN.

Incorrect Answers:
C. Although an IP address is often configured, it is not required in order to create a functioning VLAN.
E. By default, the VLAN will already be added to the VTP domain. Even if the new
VLAN was not part of the VTP domain, it would still work as a new VLAN on the
switch.

What is a characteristic of ISL and 802.1q frame tagging in a switched LAN environment?

A. They are used to find the best path through a network.
B. They allow the exchange of filtering tables.
C. They specify different implementations of the Spanning-Tree Protocol.
D. They allow the exchange of routing tables
E. They provide inter-switch VLAN communication.

Answer: E


Explanation: A trunk link is the other type of Layer 2 port supported on Cisco

switches. When a trunk port is configured, it begins marking frames as they
exit the port to indicate which VLAN each frame is associated with. The trunk port can also read the markings, called tags, as they enter the trunk port. This enables the switch to send a frame only to the ports for the given VLAN associated with the incoming frame.
The main purpose of trunking is to carry traffic between switches and maintain the VLAN information. Unlike an access link, the trunk link does not belong to a single VLAN but instead can carry traffic from several VLANs over a point-to-point link between two devices that understand the protocol.
Two forms of trunking are used for Cisco switches on Ethernet networks: An IEEE industry standard called IEEE 802.1Q. This is a frame-tagging mechanism that adds a VLAN identifier to the frame by inserting a tag at Layer 2. Another form of trunking on Cisco switches is called Inter-Switch Link (ISL), which is a Cisco proprietary trunking mechanism. ISL uses a frame encapsulation method that adds a header to identify the VLAN.

Incorrect Answers:
A, D. These are the functions of routers, not switches.
B. Filtering tables can be used on certain Catalyst switches via the use of VLAN access control lists, but this information is never shared between switches.
C. A separate STP instance is created for each VLAN, but the STP implementation
remains the same.

Which of the following a true statements regarding the use of VLANs to segment a network? (Select three.)

A. They increase the size of collision domains
B. They allow logical grouping of users by function.
C. They can enhance network security.
D. They increase the size of the broadcast domain while decreasing the number of collision domains.
E. They increase the number of broadcast domains while decreasing the size of the broadcast domains.
F. They simplify switch administration.

Answer: B, C, E

Explanation:
VLANs are used to segment a LAN into multiple, smaller LANs. This can be used to enhance security as local traffic from one VLAN will not be passed to users in other VLANS.

Incorrect Answers:
A. VLANs are used to decrease the size of a collision domain, not increase it.
D. The opposite is true.
F. The default operation of a switch is to allow all traffic and to enable all ports in VLAN
1. The use of VLANs will increase the complexity of the switch environment, making for more difficult administration.

A new switch is installed into an existing LAN and a new VTP trunk is set up with an existing switch. Which VLANs will be allowed on this new trunk?

A. All defined VLANs are allowed on the trunk by default.
B. Each VLAN, or VLAN range, that is specified with the switchport mode command.
C. Each VLAN, or VLAN range, that is specified with the vtp domain command.
D. Each VLAN, or VLAN range, that is specified with the vlan database command.


Answer: C


Explanation:
By default, all VLANs that are configured to be in the same VTP domain will be allowed
by the VTP trunk.
A. Only the VLANs contained in the same VTP domain will traverse the trunk.
B, D. These commands do not have any influence on the VLANs that will be allowed
over a trunk.

You are bringing up a new Cisco Catalyst switch, and wish to connect it via a trunk to another switch from a different vendor, which uses the IEEE?

A. Switch(config)# switchport trunk encapsulation isl
B. Switch(config)# switchport trunk encapsulation ietf
C. Switch(config-if)# switchport trunk encapsulation isl
D. Switch(config-if)# switchport trunk encapsulation ietf
E. Switch(config-if)# switchport trunk encapsulation dot1q

Answer: E

Explanation: The only real choices for setting up switching trunks are ISL and
802.1Q. ISL is Cisco proprietary, while 802.1Q uses the IEEE defined standard for
trunking between switches. To configure the 802.1Q standard, the keyword "dot1q" is used in Cisco switches.

Incorrect Answers:
A, B, D. These are not valid options in a Cisco switch.
C. ISL is a Cisco proprietary method for setting up trunks, and will only work between Cisco switches.

Which of the following steps are necessary in order to add a new VLAN to a switched network?

A. Create the VLAN.
B. Name the VLAN.
C. Configure an IP address for the VLAN.
D. Add the desired ports to the new VLAN.
E. Add the VLAN to the VTP domain.

Answer: A B D

Explanation: The following are the basic requirements for creating VLANs:
* Creating the VLAN numbers and names
* Configuring each port's assigned VLAN.

Incorrect Answers:
C. This is an optional feature, but not a necessary step for creating a VLAN.
E. Adding any VLAN to a Virtual Trunking Protocol (VTP) domain may be desired in a complex multi-switch and multi-VLAN network. However, it is not a necessary step for creating stand-alone VLANs on a single switch.

Refer to the topology and partial configuration output shown in the graphic. The ip subnet-zero configuration command is also in effect?

A. 10.10.0.1
B. 10.10.0.17
C. 200.2.2.17
D. 200.2.2.18
E. 199.99.9.33
F. 199.99.9.57

Answer: F


Explanation:
Regarding NAT operation, Cisco defines these terms as follows:
1. Inside local address - The IP address assigned to a host on the inside network. This is the address configured as a parameter of the computer's OS or received via dynamic address allocation protocols such as DHCP. The address is likely not a legitimate IP address assigned by the Network Information Center (NIC) or service provider.

Inside global address - A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP addresses to the outside world. In this case, the NAT pool is used to distribute the Inside Global IP addresses.
3. Outside local address - The IP address of an outside host as it appears to the inside network. Not necessarily a legitimate address, it is allocated from an address space routable on the inside.
4. Outside global address - The IP address assigned to a host on the outside network by the host's owner. The address is allocated from a globally routable address or network space.

Which router console commands are used to manage telnet sessions to other routers?

A. TestKingD# disconnect 3
B. TestKingD# exit session 2
C. TestKingD# kill connection 1
D. TestKingD# show sessions
E. TestKingD# show connection all
F. TestKingD# resume 4

Answer: A, D, F

Explanation:
Function Command Options
Telnet to another device Use telnet exec command.
Just type the host or IP address from
exec mode.
Suspend a Telnet session Press the key sequence Ctrl-Shift-6,
then x
Discover currently suspended Telnet
session
Use the where exec command
Use the show sessions exec command
Resume a suspended Telnet session Use the resume command, with no
parameter, to reconnect to the most
recently suspended Telent.
Use the resume x command, where x
is the number of the suspended
Telent session based on the output of
show sessions.
Just press Enter in exec mode to
resume to the most recently
suspended Telent session.
Terminate a suspended telnet Resume connection, and log out
using the quit command.
Use the disconnect command on the
router you Telnnetted from.
A groan grasps the peanut near the offending anthology.