52248327 EWAN Final Exam

  • View

  • Download

Embed Size (px)



Text of 52248327 EWAN Final Exam


Which statement about a VPN is true? VPN link establishment and maintenance is provided by LCP. DLCI addresses are used to identify each end of the VPN tunnel. VPNs use virtual Layer 3 connections that are routed through the Internet. Only IP packets can be encapsulated by a VPN for tunneling through the Internet.


What name is given to the location where a customer network interfaces with a network that is owned by another organization? CPE DCE local loop demarcation point


Which Frame Relay flow control mechanism is used to signal routers that they should reduce the flow rate of frames? DE BE CIR FECN CBIR


A technician is talking to a colleague at a rival company and comparing DSL transfer rates between the two companies. Both companies are in the same city, use the same service provider, and have the same rate/service plan. What is the explanation for why company 1 reports higher download speeds than company 2 reports? Company 1 only uses microfilters at branch locations. Company 1 has a lower volume of POTS traffic than company 2 has. Company 2 is located farther from the service provider than company 1 is. Company 2 shares the connection to the DSLAM with more clients than company 1 shares with.


Refer to the exhibit. ACL 120 is configured to allow traffic coming from network to go to any destination limited to ports 80 and 443. ACL 130 should allow only requested HTTP traffic to flow back into the network. What additional configuration is needed in order for the access lists to fulfill the requirements?


Which statement is true of DSL? It is typically deployed in a mesh topology. The network is shared using a logical bus topology. Bandwidth is dependent on the number of concurrent users. Transfer rates are dependent on the length of the local loop.


A network administrator has moved the company intranet web server from a switch port to a dedicated router interface. How can the administrator determine how this change has affected performance and availability on the company intranet? Conduct a performance test and compare with the baseline that was established previously. Determine performance on the intranet by monitoring load times of company web pages from remote sites.

Interview departmental administrative assistants and determine if they think load time for web pages has improved. Compare the hit counts on the company web server for the current week to the values that were recorded in previous weeks.


A network administrator is instructing a technician on best practices for applying ACLs. Which two suggestions should the administrator provide? (Choose two.) Named ACLs are less efficient than numbered ACLs. Standard ACLs should be applied inside the core layer. Place standard ACLs as close to the destination as possible. ACLs applied to outbound interfaces require fewer router resources. Extended ACLs should be applied closest to the source that is specified by the ACL.


Which two functions are provided by the Local Management Interface (LMI) that is used in Frame Relay networks? (Choose two.) simple flow control error notification congestion notification mapping of DLCIs to network addresses exchange of information about the status of virtual circuits


Refer to the exhibit. From the output of the show interface commands, at which OSI layer is a fault indicated? application transport network

data link physical


Refer to the exhibit. A network administrator is considering updating the IOS on Router1. What version of IOS is currently installed on Router1? 1 12.4 15 1841

12 Which statement is true about wildcard masks? Inverting the subnet mask will always create the wildcard mask. The wildcard mask performs the same function as a subnet mask. A network or subnet bit is identified by a "1" in the wildcard mask. IP address bits that must be checked are identified by a "0" in the wildcard mask.

13 What is an accurate description of CHAP when used with PPP on a serial connection between two routers? A username and password are sent to the peer router, which replies with an accept or reject message. A username and password are sent to the peer router. If these match the configuration in the peer, the peer in turn provides a username and password to the initiating router. A challenge message is sent to the peer router, which responds with its username and a calculated value based on a shared secret. This value is then compared by the challenger to its own calculations. An encrypted password is sent to the peer router, which decrypts it and compares it to a shared secret. If the decrypted passwords match, the peer sends the encrypted password back to the initiating router.

14 What can a network administrator do to recover from a lost router password? use the copy tftp: flash: command

boot the router to bootROM mode and enter the b command to load the IOS manually telnet from another router and issue the show running-config command to view the password boot the router to ROM monitor mode and configure the router to ignore the startup configuration when it initializes

15 Which IEEE 802.16 broadband wireless technology allows users to connect to the ISP at speeds comparable to DSL and cable? Wi-Fi satellite WiMAX Metro Ethernet


Refer to the exhibit. Which statement about the configuration is true? is most likely assigned to the local LAN interface. through is available to be assigned to users. All DHCP clients looking for an IP address will use and All DHCP clients in the network will use as the default gateway.


Refer to the exhibit. Results of the show vlan and show vtp status commands for switches S1 and S2 are displayed in the exhibit. VLAN 11 was created on S1. Why is VLAN 11 missing from S2? There is a Layer 2 loop. The VTP domain names do not match. Only one switch can be in server mode. S2 has a higher spanning-tree priority for VLAN 11 than S1 does.

18 Why is serial communication preferred over parallel communication for long distance WAN links? Serial cables contain a single wire, resulting in faster transmission speeds. Serial cables can take advantage of clock skew to increase the rate of transmission. Parallel cables are more susceptible to crosstalk, resulting in more retransmissions. Parallel cables send a single bit at a time making them slower than serial cables.

19 An administrator wants to use dual stack between IPv6 and IPv4 while using RIPng as the routing protocol. What does the administrator need to do in order to make this successful? RIPv1 or RIPv2 must be enabled. All interfaces must have the IPv4 address removed. Dual stack must be enabled globally before the transition will occur.

An ACL must be created to allow the specified IPv4 addresses to convert to IPv6 addresses.


Refer to the exhibit. RIPv2 has been configured on all routers in the network. Routers R1 and R3 have not received any RIP routing updates. What will fix the issue? Enable RIP authentication on R2. Issue the ip directed-broadcast command on R2. Change the subnet masks to and on R2. Enable CDP on R2 so that the other routers will receive routing updates.


Refer to the exhibit. R1 is performing NAT overload for the inside network. Host A has sent a packet to the web server. What is the source IP address of the return packet from the web server when received at the NIC on host A?


Refer to the exhibit. A network administrator is trying to backup the IOS software on R1 to the TFTP server. He receives the error message that is shown in the exhibit, and cannot ping the TFTP server from R1. What action can help to isolate this problem? Check that R1 has a route to the network. Verify that the TFTP server software supports binary file transfers. Make sure that the TFTP server has as its default gateway. Ensure that the laptop has an IP address in the network.

23 Which combination of authentication and Layer 2 protocol should be used to establish a link between a Cisco and a non-Cisco router without sending authentication information in plain text? CHAP and HDLC CHAP and PPP PAP and HDLC PAP and PPP

24 Which type of ACL will permit traffic inbound into a private network only if an outbound session has already been established between the source and destination? extended reflexive

standard time-based

25 Which three guidelines would help contribute to creating a strong password policy? (Choose three.) Once a good password is created, do not change it. Deliberately misspell words when creating passwords. Create passwords that are at least 8 characters in length. Use combinations of upper case, lower case, and special characters. Write passwords in locations that can be easily retrieved to avoid being locked out. Use long words found in the dictionary to make passwords that are easy to remember.

26 What course of action will ensure data confidentiality? Protect data from eavesdropping. Guarantee that no alterations are made to the data. Ensure that only authorized users may save the data. Prevent unauthorized users from logging into the data network.


Refer to the exhibit. All devices are configured as shown in the exhibit. PC1 is unable to ping the default gateway. What is the cause of the problem?

The default gateway is in the wrong subnet. STP has blocked the port that PC1 is connected to. Port Fa0/2 on S2 is assigned to the wrong VLAN. S2 has the wrong IP address assign