Question 1

0 / 1 pts
Which approach is being used when network maintenance is performed in order of urgency?

structured

Correct Answer

interrupt-driven

baseline

You Answered

regular maintenance cycle

Refer to Chapter 3.

Question 2
0 / 1 pts
Which structured maintenance methodology should a network engineer use?

the methodology that is approved by the ISO

You Answered

the methodology that is suggested by the ITU-T

the methodology that is outlined by Cisco

Correct Answer

the methodology that is prescribed by the organization

Refer to Chapter 2.

Question 3
1 / 1 pts
What is a characteristic of network maintenance?

Network maintenance typically excludes consideration of network changes.

Proper network maintenance will eliminate network downtime.

Correct!

Maintaining network documentation is an important element of network maintenance.

The amount of resources expended on network maintenance is consistent across all

companies.
Refer to Chapter 3.

Question 4
1 / 1 pts
Which backup mechanism presents the highest security risk?

FTP

HTTPS

SCP

Correct!

TFTP

Refer to Chapter 3.

Question 5
1 / 1 pts
What are two limitations of using buffered logging? (Choose two.)

Only high severity messages can be captured.

Messages are lost when there is a connectivity issue.

Correct!

Log messages are removed when a device is powered down.

Message services may have messages filtered through a firewall.

Correct!

Oldest messages are overwritten when allocated memory is exceeded.

Refer to Chapter 3.

Question 6
0 / 1 pts
What is the highest logging severity level message that is displayed by default on the console
line?
You Answered

error (3)

warning (4)

notification (5)

informational (6)

Correct Answer

debugging (7)

Refer to Chapter 3.

Question 7
0 / 1 pts
What best describes a stratum 3 time source?

The clock is synchronized to a stratum 0 time server.

The clock is synchronized to a stratum 1 time server.

You Answered

The clock acts as a time source for stratum 2 time servers.

The clock acts as a time source for other stratum 3 time servers.

Correct Answer

The clock is synchronized to a time server that is in turn synchronized to a stratum 1 time
server.
Refer to Chapter 3.

Question 8
1 / 1 pts
Which two advantages does scheduled maintenance offer over interrupt-driven events?
(Choose two.)
Correct!

reduced network downtime

faster time to resolution of problems

simplified troubleshooting processes

Correct!

predictable lead times for change requests

maintenance windows during regular business hours

Refer to Chapter 3.

Question 9
1 / 1 pts

Refer to the exhibit. Based on the output that is generated, which two statements are true?
(Choose two.)
Correct!

The archive path is the only mandatory archive parameter that must be configured.
Correct!

Every time the running configuration file is saved to NVRAM, it will also be automatically
archived.

The $h and $t parameters will automatically add the device hostname and version number to
the archive filename.

Use the archive config privileged EXEC mode command to replace the running configuration
file with the most recent archived file.

The time-period parameter must be configured to enable the automatic archiving of the
running-configuration file everytime it is saved to NVRAM.
Refer to Chapter 3.

Question 10
0 / 1 pts
Refer to the exhibit. Which two FTP-related statements are true? (Choose two.)
You Answered

The Configuration Rollback feature was preconfigured on router R1 via the archive command.
Correct!

The configuration was copied using a method that is less secure than HTTPS.
Correct Answer

The ip ftp username and ip ftp password commands were issued on router R1.

The login credentials were sent to the FTP server in an encrypted format.

The R1-test.cfg configuration was successfully copied from the FTP server to the running
configuration file of router R1.

The R1-test.cfg configuration was successfully copied from the FTP server to the startup
configuration file of router R1.
Refer to Chapter 3.

Question 11
1 / 1 pts
What term refers to alleviating the symptoms of the problem without resolving the root cause?

escalation

hypothesis

solution

Correct!

workaround

Refer to Chapter 2.
Question 12
1 / 1 pts
What is the final task in a structured troubleshooting process?

gathering information

testing the hypothesis

Correct!

documenting the changes

eliminating possible causes

Refer to Chapter 2.

Question 13
1 / 1 pts
RSPAN depends on which type of VLAN?

native VLAN

management VLAN

default VLAN

Correct!

RSPAN VLAN

black hole VLAN

private VLAN

Refer to Chapter 5.

Question 14
1 / 1 pts
Which command would a network administrator use to verify which VLANs are allowed on a
trunk?

show vlan
Correct!

show interfaces trunk

show vlan interface

show mac address-table

Refer to Chapter 2.

Question 15
1 / 1 pts

Refer to the exhibit. A port channel link between a branch site and the main site experiences
an outage after a hardware upgrade at the branch site. The network administrator at the main
site checks the log and sees a %SPANTREE-2-CHNL_MISCFG message. What is a likely
cause of this message?

The branch site has been configured for the Spanning Tree Protocol, but the main site has not.
Correct!

The main site has been configured to bundle links into an EtherChannel and the branch site
has not.

The branch site is running a newer, incompatible version of the Spanning Tree Protocol.
The main site has inconsistencies in the physical ports that are members of the channel.
Refer to Chapter 3.

Question 16
0 / 1 pts
What happens to the route connected to a routed port on a multilayer switch when the port
goes down?
You Answered

It remains in the routing table as unavailable.

Correct Answer

It is immediately removed from the routing table.

It is removed from the routing table at the next spanning-tree convergence.

It is tagged to be removed and the backup route is installed as the primary.

Refer to Chapter 4.

Question 17
1 / 1 pts
Refer to the exhibit. Switch1 and Switch2 are unable to establish a trunk link. Based on the
information in the exhibit, what could be the reason for this problem?

encapsulation mismatch

switchport mode mismatch

MTU mismatch

VTP mismatch

DTP mismatch

Correct!
native VLAN mismatch

Refer to Chapter 3.

Question 18
1 / 1 pts

Refer to the exhibit. In a converged spanning tree, how many blocked ports will there be in
VLAN 1 for the pictured topology?

Correct!

Refer to Chapter 6.
Question 19
0 / 1 pts
A network administrator is troubleshooting why hosts are taking a suboptimal path to another
network and suspects that it is an EIGRP routing problem. Which command should be used to
verify which neighbors sent routes, the state of those neighbors, and the distance vector
metrics associated with those routes?

debug eigrp packets

debug ip routing

show ip eigrp interfaces

You Answered

show ip eigrp neighbors

Correct Answer

show ip eigrp topology

Refer to Chapter 7.

Question 20
0 / 1 pts
A network administrator is troubleshooting packet flow in a routed network where there are two
or more equal routes for a particular prefix. Why would the show ip cef exact-route source
destination command be useful in this scenario?
You Answered

The output displays all redundant paths in the FIB.

Correct Answer

The output displays which of the paths a particular packet would take.

The output displays the contents of the routing table instead of the FIB.

The output displays all prefixes in the routing table that fall within the prefix specified.
Refer to Chapter 6.
Question 21
0 / 1 pts
A network administrator uses the clear ip arp * command on a router. What type of issue is he
likely troubleshooting?

the contents of the FIB

You Answered

routing table entries

redundant paths on multipoint interfaces

Correct Answer

IP address to Ethernet MAC address mappings

Refer to Chapter 6.

Question 22
1 / 1 pts
What are two problems that can occur when routes are redistributed in two directions?
(Choose two.)
Correct!

suboptimal routing

Correct!

routing loops

lost seed metrics

route filtering

lost external routes

Refer to Chapter 6.

Question 23
0 / 1 pts
Which two conditions could cause two routers to have trouble establishing a neighbor
relationship in an OSPF network? (Choose two.)
Correct Answer

The interfaces have different network types.

Correct!

Hello packets are not sent from either neighbor.

One of the routers is redistributing the OSPF routes into EIGRP.

You Answered

Slow network connections cause OSPF advertisements to time out.

The network command has put the connected interfaces into the same OSPF area.
Refer to Chapter 7.

Question 24
0 / 1 pts
Which statement is true based on the show ip ospf neighbor command output that is shown
in the exhibit?
You Answered

RTB did not see its router ID in the hello packet that was received from RTA.
Correct Answer

RTB did not receive a hello packet from RTA.

RTB is able to exchange routing updates with RTA.

RTB has established an adjacency with RTA.

Refer to Chapter 7.

Question 25
0.33 / 1 pts
What are the three main data structures used by EIGRP? (Choose three.)
Correct Answer

interface table
Forwarding Information Base (FIB)

Correct!

neighbor table

You Answered

Routing Information Base (RIB)

Correct!

topology table

routing table

Refer to Chapter 7.

Question 26
0 / 1 pts
What type of BGP message precedes the successful formation of a BGP peering session?
You Answered

update

keepalive

established

withdraw

Correct Answer

open
Refer to Chapter 7.

Question 27
1 / 1 pts
Which two pieces of information are displayed by the debug ip bgp command? (Choose two.)

BGP updates

route redistribution information

Correct!

BGP related events

Correct!

phases of BGP peering relationships

internal metrics of IBGP routes

Refer to Chapter 7.

Question 28
1 / 1 pts
Refer to the exhibit. A network administrator is unable to have two BGP peers exchange
routing information. Which solution would correct this problem?
Correct!

Change the neighbor peer IP addresses on R1 and R2 to the loopback interface IP address of
the other router.

Change the neighbor x.x.x.x update-source command on R1 and R2 to refer to the

FastEthernet interfaces.

Enter the neighbor x.x.x.x ebgp-multihop 1 command on R1 and R2.

Remove the loopback interfaces on each router.

Refer to Chapter 7.

Question 29
1 / 1 pts
Refer to the exhibit. A network administrator is unable to have two BGP peers exchange
routing information. Based on the output generated, which solution would correct this problem?
Correct!

Issue the neighbor x.x.x.x update-source loopback0 command on both routers.

Issue the neighbor x.x.x.x update-source fastethernet0/0 command on both routers.

Issue the neighbor x.x.x.x update-source null command on both routers.

Issue the neighbor x.x.x.x ebgp-multihop 1 command on both routers.

Refer to Chapter 7.

Question 30
0 / 1 pts
Refer to the exhibit and its partial output. During the testing of the network, it was discovered
that the workstations could ping the router but could not reach any outside destinations.
Troubleshooting revealed that proper translations were being set up in the router, but
communication still was not occurring. What is the problem?

The ip nat inside and ip nat outside commands are on the wrong interfaces.

The NAT address mapping statement is incorrect.

Correct Answer

The inbound access list is incorrect and should allow the 192.168.10.1 address.
You Answered

The access list should be placed on fa0/1 instead of on fa0/0.

Refer to Chapter 6.

Question 31
1 / 1 pts

Refer to the exhibit. Based on the output of the debug ip nat command in the exhibit, which
two statements are true? (Choose two.)

Packets were not translated for the return path from source 192.168.1.95.

Correct!

Packets that are destined for 172.31.2.132 from source 192.168.1.95 are translated into
172.31.233.209.
Correct!

Entries that are indicated with NAT* have been translated via the fast path.

The IP address 172.31.233.209 is the configured IP address on the remote PC.

Entries with NAT* have the ToS value 5.

Refer to Chapter 6.

Question 32
1 / 1 pts
What is the correct sequence for the DHCP negotiation process?

DHCPACK, DHCPOFFER, DHCPREQUEST, DHCPDISCOVER

Correct!

DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, DHCPACK

DHCPDISCOVER, DHCPACK, DHCPREQUEST, DHCPOFFER

DHCPREQUEST, DHCPOFFER, DHCPDISCOVER, DHCPACK

Refer to Chapter 6.

Question 33
1 / 1 pts

Refer to the exhibit. A network administrator is troubleshooting a NAT translation issue on

router R2. The IP addresses of hosts on the R2 LAN are not being translated by R2. Based on
the information in the exhibit, what is the issue?
The NAT pool is exhausted.

The static translation prevents any new dynamic translations.

The ACL is using a wrong pool reference.

Correct!

The R2 LAN is not configured as an inside interface.

Refer to Chapter 6.

Question 34
1 / 1 pts
Refer to the exhibit. A network administrator is troubleshooting a connectivity issue between
LAN clients on routers R1 and R3. Connectivity tests from R2 to the R1 and R3 LAN segments
are successful. The administrator confirms that a routing issue exists. Based on the information
that is presented in the exhibit, which configuration command would correct the problem?

R1(config)# ip route 0.0.0.0 0.0.0.0 172.16.7.1

Correct!

R1(config)# ip route 172.16.6.0 255.255.255.0 172.16.7.10

R2(config)# ip route 172.16.6.0 255.255.255.0 172.16.7.9

R2(config)# ip route 0.0.0.0 0.0.0.0 172.16.7.9

R3(config)# ip route 0.0.0.0 0.0.0.0 172.16.7.9

R3(config)# ip route 172.16.6.0 255.255.255.0 172.16.7.10

Refer to Chapter 6.

Question 35
1 / 1 pts
Which Cisco IOS router configuration mode is used to enter the command ip dhcp excluded-
address 10.1.1.1?

user EXEC

privileged EXEC

Correct!

global configuration

interface configuration

DHCP pool configuration

Refer to Chapter 6.

Question 36
1 / 1 pts
Refer to the exhibit. A network engineer is investigating a reported issue of Computer1 not
receiving its IP configuration from the DHCP server. Computer2 is receiving its configuration
from the DHCP server. What is a plausible reason for this issue?

An ACL is blocking broadcasts into the F0/0 interface of router North .

Correct!

The DHCP server does not have a DHCP pool for 192.168.0.0 /24 network.

The WAN segment between routers East and North should be replaced with a LAN.

The S0/0/0 interface of router East should be configured to provide DHCP relay.
Refer to Chapter 6.

Question 37
1 / 1 pts
Refer to the exhibit. Users are complaining that they are receiving duplicate address error
messages when they start their machines. What should the administrator do to correct this
problem?

Change the address assigned to the default router and dns server.

Decrease the DHCP lease time to make more addresses available at one time.

Change the netmask to 255.0.0.0 to agree with the class A network that is used in the DHCP
pool.
Correct!

Use the ip dhcp excluded-address command to exclude any statically assigned addresses
from the DHCP pool.
Refer to Chapter 6.

Question 38
1 / 1 pts
Refer to the exhibit. Users are complaining that they are unable to connect to resources
outside of their corporate network during peak hours. What action should the administrator take
to correct this problem?

Remove the ACL because it is blocking connections.

Change the FastEthernet 0/1 interface to an inside NAT interface.

Disable CEF because it is sending packets to the CPU for processing.

Disable static NAT because it is interfering with the dynamic translations.

Correct!

Increase the size of the NAT pool to provide more IP addresses for translation.
Refer to Chapter 6.
Question 39
0 / 1 pts

Refer to the exhibit. To verify network performance a network administrator issued the show
platform tcam utilization command on one of the distribution switches. On the basis of the
output provided, what conclusion can be made?

Subject to the QoS policy to the CPU for forwarding, TCAM will punt any frames.
You Answered

Subject to the security policy to the CPU for forwarding, TCAM will punt any frames.
Correct Answer

TCAM will punt any additional unicast frames for remote networks to the CPU for forwarding.

TCAM will punt any unicast frames for directly connected routes to the CPU for forwarding.
Refer to Chapter 4.

Question 40
1 / 1 pts
Refer to the exhibit. What is occurring with the ARP process on the South1-1.10 switch?
Correct!

ARP is operating normally.

ARP is using excessive CPU time.

ARP requests are indicating malicious network traffic.

ARP has caused TCAM to punt packets to be process-switched.

Refer to Chapter 4.

Question 41
1 / 1 pts
What are two reasons why a switch port would have a status of errdisable? (Choose two.)
Correct!

duplex mismatch

Correct!
late collisions

trunk mismatch

incorrect VLAN

misconfigured MLS

Refer to Chapter 6.

Question 42
1 / 1 pts

Refer to the exhibit. You have been asked to correct the configuration on R1 so that the Tunnel
0 interface does not flap and R3 can be consistently reached from R1. What command would
you issue on R1 to accomplish this?

ip route 10.3.3.3 255.255.255.255 Tunnel0

Correct!

ip route 10.3.3.3 255.255.255.255 Serial0/0/0

ip route 172.16.25.3 255.255.255.0 Serial0/0/0

ip route 172.16.25.0 255.255.255.0 Serial0/0/0

ip route 172.16.25.3 255.255.255.255 Tunnel0

ip route 172.16.15.2 255.255.255.255 Tunnel0

Refer to Chapter 9.

Question 43
1 / 1 pts
Refer to the exhibit. You have been asked to troubleshoot a connectivity issue between R3 and
R1. From the partial output of the show running-config command on both routers, what
configuration change is required?

A static route should be added to R3 to point to the 192.168.1.0/24 network.

A static route should be added to R1 to point to the 192.168.1.0/24 network.

The tunnel source for Tunnel0 on R3 should be the IP address of Serial0/0/1 on R1.

The tunnel source for Tunnel0 on R1 should be the IP address of Loopback0 on R3.

The tunnel destination for Tunnel0 on R1 should be the IP address of Serial0/0/1 on R3.
Correct!

The tunnel destination for Tunnel0 on R3 should be the IP address of Loopback0 on R1.
Refer to Chapter 9.

Question 44
1 / 1 pts
Which feature serves to offset the lack of authentication available with IEEE 802.1D Spanning
Tree Protocol?

loop guard

root guard

Correct!

BPDU guard

DHCP snooping

Dynamic ARP Inspection

Refer to Chapter 10.

Question 45
1 / 1 pts

Refer to the exhibit. What could be concluded about the TACACS+ failure based on the
exhibited command output from debug tacacs and debug aaa authentication?

The TACACS+ server is not operational.

The TACACS+ server IP address has been incorrectly configured on the router.
Correct!

The TACACS+ server key of the router does not match that of the TACACS+ server.

The username and password that were supplied by the user were rejected by the TACACS+
server.
Refer to Chapter 9.

Question 46
1 / 1 pts
Refer to the exhibit. A network administrator is trying to secure the remote administration of the
router by enabling the use of the SSH protocol. Which changes should be made on the partial
configuration as shown in the graphic?

The enable password must be encrypted.

The commands listed under the VTY line should be listed under the Console line.
Correct!

The transport input telnet command should be changed to transport input ssh.

The transport input telnet command should be changed to transport input none.
Refer to Chapter 8.

Question 47
1 / 1 pts
Which IPv6 protocol provides Layer 2 address mapping, Duplicate Address Detection (DAD),
and stateless autoconfiguration?

Address Resolution Protocol (ARP)

classless interdomain routing (CIDR)

link-state advertisement (LSA)

Correct!

Neighbor Discovery (ND)

Refer to Chapter 6.

Question 48
1 / 1 pts

Refer to the exhibit. BPDU guard and PortFast have been configured on all edge ports on the
access switches. A junior network administrator tested a new switch in the lab and verified that
the bridge ID is 32887. What would happen when the administrator plugs this switch into port
Fa0/20 on ASW_1 in an attempt to extend the LAN?
Correct!

Port Fa0/20 will be shut down.

Port Fa0/20 will become a root port.

Port Fa0/20 will start forwarding traffic immediately.

Port Fa0/20 will transition from blocking to forwarding state after the spanning tree
convergence.
Refer to Chapter 6.

Question 49
0 / 1 pts
During a network security audit, the auditors indicated a security issue with the transactions
between the network devices and the authentication server. The audit concluded that the
content of the transactions is not being encrypted. How can this security issue be corrected?
You Answered

Change the authentication protocol to CHAP.

Change the authentication method to use UDP.

Change the authentication server location to the network DMZ.

Correct Answer

Change the authentication process and server to use TACACS.

Refer to Chapter 8.

Question 50
1 / 1 pts
An administrator has just implemented two-way route redistribution between an OSPF and
EIGRP domain. However, network performance between domains quickly degraded and an
investigation revealed routing loops. What action could be used to solve this issue?

Change the seed metric of the routes being redistributed.

Correct!

Filter the routes being redistributed between the protocols.

Redistribute all subnets in both EIGRP and OSPF domains.

Configure an additional router to be a secondary point of route redistribution.

Refer to Chapter 9.

Question 51
1 / 1 pts
How can you prevent the forming of an EIGRP adjacency on a specific segment while still
including the interfaces address in the EIGRP routing updates?

By issuing the proper no network network [mask] command.

By issuing the no auto-summary command.

Correct!

By issuing the passive-interface ethernet slot/number command.

By issuing the passive-interface default command.

Refer to Chapter 6.

Question 52
1 / 1 pts
What can go wrong with BGP session on Layer 4?
Correct!

Access lists or firewalls are dropping relevant TCP packets.

BGP authentication is failing.

Clock is not synchronized between BGP routers.

BGP neighbors do not agree on session parameters.

Refer to Chapter 8.

Question 53
0 / 1 pts
Where is the outbound distribute list applied in the configuration?

On the outbound interface.

You Answered

In the global configuration.

Correct Answer

Under BGP configuration with the neighbor command.

None of the above.

Refer to Chapter 8.

Question 54
1 / 1 pts
Which NTP server is used for clock synchronization in the output below?

Router# show ntp associations

address ref clock st when poll reach delay offset disp

~192.165.100.101 .INIT. 16 - 1024 0 0.000 0.000 15937.

*~192.165.100.102 .LOCL. 1 615 1024 377 0.000 0.000 2.036

+~192.165.100.103 .LOCL. 1 509 1024 377 0.000 0.000 2.016

192.165.100.101

Correct!

192.165.100.102
192.165.100.103

127.127.0.1

Refer to Chapter 8.

Question 55
0 / 1 pts
A DNS query was sent by the 10.0.3.33 host to a DNS server at 8.8.8.8. Which access list line
will be matched when the response arrives?

access-list 100 permit udp host 8.8.8.8 eq 53 10.0.3.33 0.0.0.255 eq 53

access-list 100 permit udp any 10.0.3.33 0.0.0.31 eq 53

access-list 100 permit udp any eq 53 10.0.3.3 0.0.0.31

access-list 100 permit udp any 10.0.3.32 0.0.0.31

Line 1.

You Answered

Line 2.

Line 3.

Correct Answer

Line 4.

Refer to Chapter 8.

Question 56
0 / 1 pts
What does this output of the traceroute command mean? (Choose two.)

RouterPC> traceroute 209.165.201.45

Type escape sequence to abort.

Tracing the route to 209.165.201.45

VRF info: (vrf in name/id, vrf out name/id)

1 192.168.0.253 0 msec 0 msec 1 msec

2 192.168.0.253 !H !H *

Correct!

!H Host is unreachable.

Router with an IP address of 192.168.0.253 has responded to the ICMP request.

You Answered

* - Network unreachable.

Correct Answer

* - The probe timed out.

!H Host interrupted test.

Refer to Chapter 9.

Question 57
1 / 1 pts
Which show ip sla command displays number of succeed and failed tests?
Correct!

show ip sla statistics

show ip sla application

show ip sla configuration

show ip sla results

Refer to Chapter 9.

Question 58
0 / 1 pts
A router is configured with a link-local address using ipv6 address fe80::123 link-
local command. When you ping another link-local address, the router prompts you to provide
the source interface. Why?

This is the default behavior for ping when IPv6 addresses are used. It determines which IPv6
address to use as the source address.
You Answered

The configured link-local address belongs to the device and not particular interface. This is the
only way for the router to determine which interface and link-local address to ping from.

It uses interface information to permit the traffic returning from link-local address in the access
list, in case one is configured on the interface.
Correct Answer

The router does not know which interface leads to the link-local address you want to ping,
therefore the source interface must be manually set.
Refer to Chapter 9.

Question 59
1 / 1 pts
Which protocol and port are used by TACACS+?

TCP/47

Correct!

TCP/49

UDP/1645

UDP/1812

Refer to Chapter 9.

Question 60
0 / 1 pts
Which best describes GRE protocol?
GRE adds new IP header, encapsulates original IP packet and adds GRE header at the end of
the IP packet.
Correct Answer

GRE adds new IP header, inserts GRE header and encapsulates original IP packet.
You Answered

GRE uses original IP header and adds GRE header at the end of the packet.

GRE uses original IP header and inserts GRE header between IP header and payload.
Refer to Chapter 9.