Kunci CCNA 4 Chapter 1

1
The ability to connect securely to a private network over a public network is provided by which WAN technology?
DSL
Frame Relay
ISDN
PSTN
VPN
2
Refer to the exhibit. The server sends an ARP request for the MAC address of its default gateway. If STP is not
enabled, what is the result of this ARP request?
Router_1 contains the broadcast and replies with the MAC address of the next-hop router.
Switch_A replies with the MAC address of the Router_1 E0 interface.
Switch_A and Switch_B continuously flood the message onto the network.Switch_B forwards the broadcast request and replies with the Router_1 address.
3
Which two considerations are valid when designing access layer security? (Choose two.)
In a large wireless network, the most efficient method to secure the WLAN is MAC address filtering.
DoS attacks are normally launched against end-user PCs and can be mitigated by installing personal firewalls on all
company PCs.
SSH is more secure than Telnet to administer network devices.
Disabling unused ports on the switches helps prevent unauthorized access to the network.
Attacks originating inside the network are common, but placing servers inside a DMZ cannot protect against this
type of attack.
4
Which three functions are performed at the distribution layer of the hierarchical network model? (Choose three.)
aggregating bandwidth by concentrating multiple low-speed access links
isolating network problems to prevent them from affecting the core layer
allowing end users to access the local network
summarizing routes from the access layer
preserving bandwidth at the access layer by filtering network functions
accelerating data transfer between links in the core layer
5
Refer to the exhibit. Two access layer Catalyst switches are connected. Both switches have ports configured for
VLANs 40 and 50 as shown. What must be configured on the two switches to allow the link between the two
switches to carry data for multiple VLANs?
trunking
STP
ACLs
switch blocks
6
Which two statements are true regarding network convergence? (Choose two.)
In a large network, using the EIGRP or OSPF routing protocols rather than RIPv2 may improve convergence
time.
Using STP at the core layer improves convergence time by allowing the use of redundant links between devices.
Route summarization improves convergence time by minimizing the size of the routing table.
A full mesh topology improves convergence time by allowing load balancing.
ACLs can be configured to improve convergence time.
7
Refer to the exhibit. Which two situations cause the router to display the rommon1> prompt? (Choose two.)
This is a normal stage in the router boot sequence.
A password recovery procedure is in progress.
The Cisco IOS software could not be loaded from flash memory or a TFTP server.
The configuration was not saved before the last reload.
The configuration register was changed to 0x2142 before the last reload.
8
Refer to the exhibit. The network administrator creates a standard access control list to prohibit traffic from the
192.168.1.0/24 network from reaching the 192.168.2.0/24 network while still permitting Internet access for all
networks. On which router interface and in which direction should it be applied?
interface fa0/0/0, inbound
interface fa0/0/0, outbound
interface fa0/0/1, inbound
interface fa0/0/1, outbound
9
Refer to the exhibit. What happens when Host 1 attempts to send data?
Frames from Host 1 are dropped, but no other action is taken.
Frames from Host 1 cause the interface to shut down, and a log message is sent.
Frames from Host 1 are forwarded, but a log message is sent.
Frames from Host 1 are forwarded, and no log message is sent because the switchport port-security violation
command was not configured.
10
Which Cisco IOS function can be configured at the distribution layer to filter unwanted traffic and provide traffic
management?
virus protection
spyware protection
VPNs
access control lists
11
In a well-designed, high-availability network, which device significantly affects the most users if a failure occurs?
desktop PC of the user
large switch in the network core layer
large switch in the network distribution layer
small workgroup switch in the network access layer
12
What are three ways to ensure that an unwanted user does not connect to a wireless network and view the data?
(Choose three.)
disable SSID broadcasting
configure filters to restrict IP addresses
use authentication between clients and the wireless device
use NetBIOS name filtering between clients and the wireless device
configure strong encryption such as WPA
use a WEP compression method
13
The network administrator is designing network connectivity for a home teleworker. The teleworker needs secure
access to download and upload documents on the network file server. What network connection would be most
cost efficient while still meeting the security and connectivity needs of this teleworker?
dedicated leased line connection with a dialup backup link
Frame Relay connection with a DSL backup link
DSL VPN connection with a dialup backup link
ATM connection with a DSL VPN backup link
DSL connection with no backup link
14
Refer to the exhibit. What effect does the ACL shown have on network traffic, assuming that it is correctly applied
to the interface?
All traffic to network 172.16.0.0 is denied.
All TCP traffic is denied to and from network 172.16.0.0.
All Telnet traffic from the 172.16.0.0 network to any destination is denied.
All port 23 traffic to the 172.16.0.0 network is denied.
All traffic from the 172.16.0.0 network is denied to any other network.
15
A network designer is creating a new network. The design must offer enough redundancy to provide protection
against a single link or device failure, yet must not be too complex or expensive to implement. What topology
would fill these needs?
star
full mesh
partial mesh
extended star
hub and spoke
16
Centralizing servers in a data center server farm can provide which benefit over a distributed server environment?
It keeps client-to-server traffic local to a single subnet.
Servers located in a data center require less bandwidth.
It is easier to filter and prioritize traffic to and from the data center.
Server farms are not subject to denial of service attacks.
17
Refer to the exhibit. Which two statements correctly describe the benefits of the network access layer design
shown? (Choose two.)
If Host A sends a broadcast message, only hosts in VLAN10 receive the broadcast frame.
If Host A attempts to transmit data at the same time as another host, only hosts in VLAN10 are affected by the
collision.
Segmenting all voice traffic on a separate VLAN facilitates QoS by allowing devices to mark the traffic originating
from the voice VLAN with the highest priority.
VLANs improve network performance by facilitating the use of route summarization.
VLANs at the access layer help guarantee network availability by facilitating load balancing.
18
What address can be used to summarize networks 172.16.1.0/24, 172.16.2.0/24, 172.16.3.0/24, and
172.16.4.0/24?
172.16.0.0/21******
172.16.1.0/22
172.16.0.0 255.255.255.248
172.16.0.0 255.255.252.0
19
Which three statements describe the functions of the Cisco hierarchical network design model? (Choose three.)
Route summarization is not necessary at the core and distribution layers.
The distribution layer is responsible for traffic filtering and isolating failures from the core.
Two goals of the core layer are 100 percent uptime and maximizing throughput.
The access layer provides a means of connecting end devices to the network.
The distribution layer distributes network traffic directly to end users.
The core layer usually employs a star topology.
20
Refer to the exhibit. Which two devices are part of the access design layer? (Choose two.)
Edge2
ISP4
BR4
FC-AP
FC-CPE-1
FC-ASW-2