Vous êtes sur la page 1sur 39

CCNA 4 Chapter 1 V4.

0
Labels: CCNA 4 Chapter 1 V4.0 0 comments

1 What are two mechanisms that provide redundancy for server farm implementations? (Choose two.)

host intrusion prevention systems

virtual private networks

network intrusion prevention systems

Rapid Spanning Tree Protocol

Hot Standby Routing Protocol

2 The ability to connect securely to a private network over a public network is provided by which WAN technology?

DSL

Frame Relay

ISDN

PSTN

VPN

Which three statements describe the functions of the Cisco hierarchical network design model? (Choose three.)

Route summarization is not necessary at the core and distribution layers.

The distribution layer is responsible for traffic filtering and isolating failures from the core.

Two goals of the core layer are 100 percent uptime and maximizing throughput.

The access layer provides a means of connecting end devices to the network.

The distribution layer distributes network traffic directly to end users.

The core layer usually employs a star topology.

4 A network designer is creating a new network. The design must offer enough redundancy to provide protection against a single link or device failure, yet must not be too complex or expensive to implement. What topology would fill these needs?

star

full mesh

partial mesh

extended star

hub and spoke

5 Refer to the exhibit. If the firewall module has been correctly configured using best practices for network security, which statement is true about the security design for the network?

Servers in the network are not protected from internal attacks.

Servers in the DMZ are protected from internal and external attacks.

Servers in the server farm are protected from internal and external attacks.

Traffic from the external networks is not able to access the servers in the DMZ.

6 Which statement is true about a DMZ in a traditional network firewall design?

A DMZ is designed to provide service for external access but not for internal access.

Servers in the DMZ provide limited information that can be accessed from external networks.

User access to the DMZ from the Internet and the internal network usually is treated the same way.

All servers in the enterprise network should be located in a DMZ because of enhanced security measures.

7 download and upload documents on the network file server. What network connection would be most cost efficient while still meeting the security and connectivity needs of this teleworker?

dedicated leased line connection with a dialup backup link

Frame Relay connection with a DSL backup link

DSL VPN connection with a dialup backup link

ATM connection with a DSL VPN backup link

DSL connection with no backup link

8 Refer to the exhibit. The network administrator creates a standard access control list to prohibit traffic from the 192.168.1.0/24 network from reaching the 192.168.2.0/24 network while still permitting Internet access for all networks. On which router interface and in which direction should it be applied?

interface fa0/0, inbound

interface fa0/0, outbound

interface fa0/1, inbound

interface fa0/1, outbound

9 Refer to the exhibit. The server broadcasts an ARP request for the MAC address of its default gateway. If STP is not enabled, what is the result of this ARP request?

Router_1 contains the broadcast and replies with the MAC address of the next-hop router.

Switch_A replies with the MAC address of the Router_1 E0 interface.

Switch_A and Switch_B continuously flood the message onto the network.

Switch_B forwards the broadcast request and replies with the Router_1 address.

10 What are two best practices in wireless LAN design to ensure secure wireless access to the corporate network? (Choose two.)

Configure APs for broadcast SSID.

Place APs as far apart as possible.

Use a separate WLAN for employees.

Configure WPA.

Use wireless routers in all IDFs.

11 In a well-designed, high-availability network, which device significantly affects the most users if a failure occurs?

desktop PC of the user

large switch in the network core layer

large switch in the network distribution layer

small workgroup switch in the network access layer

12 Which two statements are true regarding network convergence? (Choose two.)

In a large network, using the EIGRP or OSPF routing protocols rather than RIPv2 may improve convergence time.

Using STP at the core layer improves convergence time by allowing the use of redundant links between devices.

Route summarization improves convergence time by minimizing the size of the routing table.

A full mesh topology improves convergence time by allowing load balancing.

ACLs can be configured to improve convergence time.

13 Centralizing servers in a data center server farm can provide which benefit over a distributed server environment?

It keeps client-to-server traffic local to a single subnet.

Servers located in a data center require less bandwidth.

It is easier to filter and prioritize traffic to and from the data center.

Server farms are not subject to denial of service attacks.

14 Refer to the exhibit. What effect does the ACL shown have on network traffic, assuming that it is

correctly applied to the interface?

All traffic to network 172.16.0.0 is denied.

All TCP traffic is denied to and from network 172.16.0.0.

All Telnet traffic from the 172.16.0.0 network to any destination is denied.

All port 23 traffic to the 172.16.0.0 network is denied.

All traffic from the 172.16.0.0 network is denied to any other network.

15 Which Cisco IOS function can be configured at the distribution layer to filter unwanted traffic and provide traffic management?

virus protection

spyware protection

VPNs

access control lists

16 What kind of ACL inspects outbound UDP, TCP, and ICMP traffic and allows inbound access only to traffic that belongs to these established sessions?

dynamic ACL

time-based ACL

reflexive ACL

lock and key ACL

17 Which three functions are performed at the distribution layer of the hierarchical network model? (Choose three.)

summarizing routes from the access layer

allowing end users to access the local network

providing the gateway of last resort for core layer devices

preserving bandwidth at the access layer by filtering network functions

isolating network problems to prevent them from affecting the core layer

utilizing redundant links for load balancing to increase available bandwidth

18 Refer to the exhibit. Which two devices are part of the access design layer? (Choose two.)

Edge2

ISP4

BR4

FC-AP

FC-CPE-1

FC-ASW-2

19 What is true about implementing a centralized server farm topology?

requires direct cabling from the MPOE to enhance the performance of servers

requires the addition of high-capacity switches to each workgroup

provides defined entry and exit points so that filtering and securing traffic is easier

allows for placement of workgroup servers at the access layer

20 Refer to the exhibit. What happens when Host 1 attempts to send data?

Frames from Host 1 are dropped, but no other action is taken.

Frames from Host 1 cause the interface to shut down, and a log message is sent.

Frames from Host 1 are forwarded, but a log message is sent.

Frames from Host 1 are forwarded, and the mac-address table is updated.

21 Which two considerations are valid when designing access layer security?(Choose two.)

In a large wireless network, the most efficient method to secure the WLAN is MAC address filtering.

DoS attacks are normally launched against end-user PCs and can be mitigated by installing personal firewalls on all company PCs.

SSH is more secure than Telnet to administer network devices.

Disabling unused ports on the switches helps prevent unauthorized access to the network.

All Telnet passwords are at least 6 characters long.

22 What address can be used to summarize only networks 172.16.0.0/24, 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24?

172.16.0.0/21

172.16.0.0/22

172.16.0.0 255.255.255.248

172.16.0.0 255.255.254.0

23 Which two items in a physical WLAN design can be identified through a site survey? (Choose two.)

the types of antennas that are required

the encryption techniques that are required

the access point hardware that is required

the different levels of access that are required

the connection reliability that is required

24 Refer to the exhibit. Which two statements correctly describe the benefits of the network access layer design that is shown? (Choose two.)

If host A sends a broadcast message, only hosts in VLAN10 receive the broadcast frame.

If host A attempts to transmit data at the same time as another host, only hosts in VLAN10 are affected by the collision.

Segmenting all voice traffic on a separate VLAN facilitates the implementation of QoS.

VLANs improve network performance by facilitating the use of route summarization.

VLANs at the access layer help guarantee network availability by facilitating load balancing.

25 What are three ways to ensure that an unwanted user does not connect to a wireless network and view the data? (Choose three.)

Disable SSID broadcasting.

Configure filters to restrict IP addresses.

Use authentication between clients and the wireless device.

Use NetBIOS name filtering between clients and the wireless device.

Configure strong encryption such as WPA.

Use a WEP compression method.

CNA 4 Chapter 2 V4.0


Labels: CCNA 4 Chapter 2 V4.0

1 During an evaluation of the currently installed network, the IT staff performs a gap analysis to determine whether the existing network infrastructure can support the desired new features. At which stage of the Cisco Lifecycle Services approach does this activity occur?

Prepare Phase

Plan Phase

Design Phase

Implement Phase

Operate Phase

Optimize Phase

Which stage of the Cisco Lifecycle Services strategy is usually completed before an organization issues a Request For Proposal (RFP) or Request For Quotation (RFQ)?

Prepare Phase

Plan Phase

Design Phase

Implement Phase

Operate Phase

Optimize Phase

3 What is the purpose of SNMP?

to facilitate the exchange of information between devices and the NMS

to monitor and control managed network devices

to report user logins to a monitoring station

to verify traffic throughout the network and keep a log of all activity

4 During an analysis of a customer network, several possible opportunities for network improvement are identified. At which stage of the Cisco Lifecycle Services does this process occur?

Prepare Phase

Plan Phase

Design Phase

Implement Phase

Optimize Phase

Operate Phase

5 What provides the initial data for the Optimize Phase?

performance monitoring

business goals

technical goals

RFP

6 Which two statements are true regarding the response to an RFQ?(Choose two.)

The response should be brief.

it should strictly conform to the formatting requirements specified by the RFQ.

Only the items that the contracting company will be addressing should be answered.

The response helps the customer compare pricing with other potential contractors.

The response is more complicated than a response to a RFP.

7 What are two disadvantages of using a bottom-up approach instead of a top-down approach to network design? (Choose two.)

It can result in an inappropriate network design.

A new design cannot be implemented right away.

It does not take into account the business goals of the company.

This approach is not commonly practiced and is therefore not as well known.

It requires tedious and time-consuming meetings with the customer to develop an understanding of the organization.

8 What is a business constraint that may impact the WAN design of a company?

company policy regarding specific operating systems on LAN devices

current monitoring protocols implemented on end-user devices

non-availability of end users during implementation

company policy requiring the use of specific vendor networking equipment due to partnerships

9 What is the purpose of preparing a business case?

to justify the financial investment in implementing the technology change

to provide an example of a previous job done in the RFP

to define the technical requirements of the network

to define timelines and critical milestones

10 What is the purpose of creating a prioritized list of technical requirements?

defines the project scope

determines the business profitability

creates a feasibility report for analysis

identifies existing and new user groups

11 A network engineer is analyzing the network of a potential client company to identify problems and determine whether a network upgrade or addition is needed. Which role in the sales team is this engineer assuming?

post-sales field engineer

pre-sales engineer

account manager

network designer

12 Which two statements best describe the responsibilities of an account manager? (Choose two.)

acts as the primary point of contact between the company and the client

directs the sales teams and support personnel

provides technical support to critical clients

selects the equipment and technologies to be used for the client solution

acts as the network design lead

13 What is the purpose of system-level acceptance testing?

To develop an installation plan for the newly designed network

to train end users and support personnel on the newly installed network

to check that the newly installed network meets the business goals and design

requirements

to justify the financial investment required to implement the technology change

14 What is a purpose of establishing a network baseline?

It provides a statistical average for network performance.

It manages the performance of network devices.

It creates a point of reference for future network evaluations.

It checks the security configuration of network devices.

15 When should a network baseline be performed within the stages of the Cisco Lifecycle Services?

Prepare Phase

Plan Phase

Design Phase

Implement Phase

Operate Phase

16 What are two benefits of using a top-down approach instead of a bottom-up approach to

network design? (Choose two.)

incorporates organizational requirements

allows for a quick response to a design request

requires less time up front to create a network design

clarifies design goals from the perspective of applications and network solutions

facilitates a design by using devices and technologies that are based on previous experience

17 Which software component is installed on network devices that are managed through SNMP?

management agents

management stations

network management protocol

Management Information Base (MIB)

18 A network engineer working for a contracting company is informed of a pre-bid meeting with a potential client. What purpose does the network engineer have for attending the pre-bid meeting?

to submit request for proposal responses

to discuss proposed installation and monitoring plans

to perform system-level acceptance tests on the current network

to clarify project scope and timelines not included in the original request for proposal

to create a business case outlining reasons for financial investment in a network upgrade

19 A major corporation has decided to hire someone to upgrade their network infrastructure. A network consulting company wants the job. What document must the network consulting company obtain to learn about the business goals, the project scope, the requirements for the new network and the expected deliverables?

Business Case

Project Plan

Request for Proposal

Request for Comments

20 A corporation (client) wants a network upgrade and is putting out a request for services to various network consulting companies (contractors). A RFQ is required. Which statement is true concerning the RFQ?

sent from the contractors to the client in response to a RFP

sent from the client to the contractors along with the RFP to provide more specific

technical details

sent from the client to the contractors in place of a RFP when the technical specifications of a project are known

sent from the contractors to the client outlining reasons for financial investments for the network upgrade

21 Which stage of the Cisco Lifecycle Services involves proactive management to identify and resolve issues before the organization is affected?

Prepare Phase

Plan Phase

Design Phase

Implement Phase

Operate Phase

Optimize Phase

22 Why is it important to prioritize business goals when developing network design?

to ensure that the least expensive technologies are implemented first

to simplify the configuration, administration, and monitoring of the newly

installed network

to anticipate the effects of changes and growth of the business

to adhere to the best opportunities to contribute to the success of the business

23 Which two items help identify business goals and priorities before a new network project starts? (Choose two.)

installation

motivation

profitability

trustworthiness

customer satisfaction

24 A network engineer working for ABC company is writing a response to an RFP for a network upgrade and must create an executive summary. Which statement describes the basic components of an executive summary?

quick overview of the problem, the recommended solution, and the justification for ABC company doing the job

detailed description of the solution, including but not limited to, timelines, turnover schedule, warranty information, and emergency recovery information

detailed description of costs including, the cost of software and hardware components, licensing requirements, labor cost, and other applicable fees

multiple page document containing additional information such as detailed lists of equipment required, diagrams, company background information, and insurance coverage

25 In a network management architecture, which statement best describes a management agent?

communication protocol used between a management station and managed device

standardized database that a device keeps about itself concerning network performance parameters

host with the management application loaded that is used by the administrator to monitor and configure network devices

software running on a managed device to collect network information and allow that device to be managed by a management station

Cisco Discovery - DCompNtwk Chapter 1 - V.4 .


Back to home page

1. What are two mechanisms that provide redundancy for server farm implementations? (Choose two.) host intrusion prevention systems virtual private networks network intrusion prevention systems Rapid Spanning Tree Protocol Hot Standby Routing Protocol 2. The ability to connect securely to a private network over a public network is provided by which WAN

technology? DSL Frame Relay ISDN PSTN VPN 3. Which three statements describe the functions of the Cisco hierarchical network design model? (Choose three.) Route summarization is not necessary at the core and distribution layers. The distribution layer is responsible for traffic filtering and isolating failures from the core. Two goals of the core layer are 100 percent uptime and maximizing throughput. The access layer provides a means of connecting end devices to the network. The distribution layer distributes network traffic directly to end users. The core layer usually employs a star topology. 4. A network designer is creating a new network. The design must offer enough redundancy to provide protection against a single link or device failure, yet must not be too complex or expensive to implement. What topology would fill these needs? star full mesh partial mesh extended star hub and spoke 5. Refer to the exhibit. If the firewall module has been correctly configured using best practices for network security, which statement is true about the security design for the network? Servers in the network are not protected from internal attacks. Servers in the DMZ are protected from internal and external attacks. Servers in the server farm are protected from internal and external attacks. Traffic from the external networks is not able to access the servers in the DMZ. 6. Which statement is true about a DMZ in a traditional network firewall design? A DMZ is designed to provide service for external access but not for internal access.

Servers in the DMZ provide limited information that can be accessed from external networks. User access to the DMZ from the Internet and the internal network usually is treated the same way. All servers in the enterprise network should be located in a DMZ because of enhanced security measures. 7. What network connection would be most cost efficient while still meeting the security and connectivity needs of this teleworker? dedicated leased line connection with a dialup backup link Frame Relay connection with a DSL backup link DSL VPN connection with a dialup backup link ATM connection with a DSL VPN backup link DSL connection with no backup link 8. Refer to the exhibit. The network administrator creates a standard access control list to prohibit traffic from the 192.168.1.0/24 network from reaching the 192.168.2.0/24 network while still permitting Internet access for all networks. On which router interface and in which direction should it be applied? interface fa0/0, inbound interface fa0/0, outbound interface fa0/1, inbound interface fa0/1, outbound 9. Refer to the exhibit. The server broadcasts an ARP request for the MAC address of its default gateway. If STP is not enabled, what is the result of this ARP request? Router_1 contains the broadcast and replies with the MAC address of the next-hop router. Switch_A replies with the MAC address of the Router_1 E0 interface. Switch_A and Switch_B continuously flood the message onto the network. Switch_B forwards the broadcast request and replies with the Router_1 address. 10. What are two best practices in wireless LAN design to ensure secure wireless access to the corporate network? (Choose two.) Configure APs for broadcast SSID. Place APs as far apart as possible. Use a separate WLAN for employees. Configure WPA.

Use wireless routers in all IDFs. 11. In a well-designed, high-availability network, which device significantly affects the most users if a failure occurs? desktop PC of the user large switch in the network core layer large switch in the network distribution layer small workgroup switch in the network access layer 12. Which two statements are true regarding network convergence? (Choose two.) In a large network, using the EIGRP or OSPF routing protocols rather than RIPv2 may improve convergence time. Using STP at the core layer improves convergence time by allowing the use of redundant links between devices. Route summarization improves convergence time by minimizing the size of the routing table. A full mesh topology improves convergence time by allowing load balancing. ACLs can be configured to improve convergence time. 13. Centralizing servers in a data center server farm can provide which benefit over a distributed server environment? It keeps client-to-server traffic local to a single subnet. Servers located in a data center require less bandwidth. It is easier to filter and prioritize traffic to and from the data center. Server farms are not subject to denial of service attacks. 14. Refer to the exhibit. What effect does the ACL shown have on network traffic, assuming that it is correctly applied to the interface? All traffic to network 172.16.0.0 is denied. All TCP traffic is denied to and from network 172.16.0.0. All Telnet traffic from the 172.16.0.0 network to any destination is denied. All port 23 traffic to the 172.16.0.0 network is denied. All traffic from the 172.16.0.0 network is denied to any other network. 15. Which Cisco IOS function can be configured at the distribution layer to filter unwanted traffic and provide traffic management?

virus protection spyware protection VPNs access control lists 16. What kind of ACL inspects outbound UDP, TCP, and ICMP traffic and allows inbound access only to traffic that belongs to these established sessions? dynamic ACL time-based ACL reflexive ACL lock and key ACL 17. Which three functions are performed at the distribution layer of the hierarchical network model? (Choose three.) summarizing routes from the access layer allowing end users to access the local network providing the gateway of last resort for core layer devices preserving bandwidth at the access layer by filtering network functions isolating network problems to prevent them from affecting the core layer utilizing redundant links for load balancing to increase available bandwidth 18. Refer to the exhibit. Which two devices are part of the access design layer? (Choose two.) Edge2 ISP4 BR4 FC-AP FC-CPE-1 FC-ASW-2 19. What is true about implementing a centralized server farm topology? requires direct cabling from the MPOE to enhance the performance of servers requires the addition of high-capacity switches to each workgroup provides defined entry and exit points so that filtering and securing traffic is easier

allows for placement of workgroup servers at the access layer 20. Refer to the exhibit. What happens when Host 1 attempts to send data? Frames from Host 1 are dropped, but no other action is taken. Frames from Host 1 cause the interface to shut down, and a log message is sent. Frames from Host 1 are forwarded, but a log message is sent. Frames from Host 1 are forwarded, and the mac-address table is updated. 21. Which two considerations are valid when designing access layer security?(Choose two.) In a large wireless network, the most efficient method to secure the WLAN is MAC address filtering. DoS attacks are normally launched against end-user PCs and can be mitigated by installing personal firewalls on all company PCs. SSH is more secure than Telnet to administer network devices. Disabling unused ports on the switches helps prevent unauthorized access to the network. All Telnet passwords are at least 6 characters long. 22. What address can be used to summarize only networks 172.16.0.0/24, 172.16.1.0/24, 172.16.2.0/24, and 172.16.3.0/24? 172.16.0.0/21 172.16.0.0/22 172.16.0.0 255.255.255.248 172.16.0.0 255.255.254.0 23. Which two items in a physical WLAN design can be identified through a site survey? (Choose two.) the types of antennas that are required the encryption techniques that are required the access point hardware that is required the different levels of access that are required the connection reliability that is required 24. Refer to the exhibit. Which two statements correctly describe the benefits of the network access layer design that is shown? (Choose two.) If host A sends a broadcast message, only hosts in VLAN10 receive the broadcast frame.

If host A attempts to transmit data at the same time as another host, only hosts in VLAN10 are affected by the collision. Segmenting all voice traffic on a separate VLAN facilitates the implementation of QoS. VLANs improve network performance by facilitating the use of route summarization. VLANs at the access layer help guarantee network availability by facilitating load balancing. 25. What are three ways to ensure that an unwanted user does not connect to a wireless network and view the data? (Choose three.) Disable SSID broadcasting. Configure filters to restrict IP addresses. Use authentication between clients and the wireless device. Use NetBIOS name filtering between clients and the wireless device. Configure strong encryption such as WPA. Use a WEP compression method.