Section 01 : Short Questions(7x10=70)

IP sub-netting:
1.You are assigned an IP block of 192.168.1.0/24. Find out the network and broadcast address
for below mentioned subnets.
(a) Subnet A = 120 Host
(b) Subnet B = 60 Host
(c) Subnet C = 30 Host
(d) Subent D = 10 Host



















Switching
2. Refer to the diagram, identify the root bridge and each of the port types. [ Mark in the
diagram]
Switch A
MAC:0000:0000:0001
Priority:32768
Switch B
MAC:0000:0000:0002
Priority:32768
Switch C
MAC:0000:0000:0003
Priority:32768
Switch D
MAC:0000:0000:0004
Priority:32768
Switch E
MAC:0000:0000:0005
Priority:32768
FA0/23
FA0/23
FA0/24
FA0/24

Security:
3. Write down access list command to deny access to the web server 172.19.0.7 from 172.16.0.0/16
network. Apply the access list to the appropriate router interface.
R1
R2 R3
PC
Web server
172.19.0.7
Fa0/0
Fa0/1
Fa0/0 Fa0/1
Fa0/0
Fa0/1
172.16.0.0/16
172.17.0.0/16
172.18.0.0/16
172.19.0.0/16












Routing:
4.Write down a basic BGP configuration to advertise a route x.x.x.0 to an EBGP peer with loopback
address y.y.y.y and AS 65000, assume your AS is 65500.













5. A router has following interfaces:
Interface IP
Fa0/0 192.168.12.48
Fa0/1 192.168.12.65
S0/0 192.168.12.121
S0/1 Unassigned
S0/1.102 192.168.12.125
S0/1.103 192.168.12.129
S0/1.104 192.168.12.133

After executing following command in ospf which interfaces will participate in OSPF.
# network 192.168.12.64 0.0.0.63 area 0
A. FastEthernet0/0
B. FastEthernet0/1
C. Serial0/0
D. Serial0/1.102
E. Serial0/1.103
F. Serial0/1.104

6. Draw a basic logical diagram of an ISP with sample configuration.











NAT:
7. Write down necessary commands in router R1, so that devices connected the network 192.168.5.0/24
on fa0/0 interface of R1, can access internet using R1s serial interface s0/0 (ip address 200.2.2.1/30).























Section 2: MCQ (10 x 3 =30)

1. Which router redundancy protocol cannot be configured for interface tracking?
A. GLBP
B. HSRP
C. RPR
D. VRRP
E. SLB
F. RPR+
2. Port security is enabled on an interface of a switch with switchport port-security maximum 5
command, what type of attack can be mitigated?
A. ARP spoofing
B. MAC spoofing
C. VLAN hopping
D. CDP manipulation
E. MAC flood attack
F. spanning tree compromises
3. IPSec is designed to provide the security at the
a) transport layer
b) network layer
c) application layer
d) session layer
4. When configuring Cisco IOS Zone-Based Policy Firewall, what are the three actions that can
be applied to a traffic class? (Choose three)
A. Pass
B. Police
C. Inspect
D. Drop
E. Queue
F. Shape
5.