CCNA1 v7 & v7.02 – ITNv7 – Practice Final – ITN Answers 2023 and 2024 Correct 100%

Discover the ultimate collection of NetAcad Cisco CCNA1 v7 & v7.02 ITNv7 Practice Final exam answers for 2023 and 2024. This guide includes all questions and expertly verified answers for the ITN (Version 7.00) Practice Final exams, ensuring you achieve a perfect score of 100%. Ideal for students and professionals, these resources will deepen your understanding and help you excel in your Cisco certification exams. Prepare thoroughly with this collection and succeed with confidence in your networking journey.

ITN (Version 7.00) – ITNv7 Practice Final Exam Answers 2022 2023 Full 100%

  1. Which two devices would be described as intermediary devices? (Choose two.)

    • wireless LAN controller
    • IPS
    • server
    • gaming console
    • retail scanner
    • assembly line robots
  2. What characteristic describes spyware?

    • software that is installed on a user device and collects information about the user
    • an attack that slows or crashes a device or network service
    • the use of stolen credentials to access private data
    • a network device that filters access and traffic coming into a network
  3. Which statement describes network security?

    • It ensures sensitive corporate data is available for authorized users.
    • It prioritizes data flows in order to give priority to delay-sensitive traffic.
    • It supports growth over time in accordance with approved network design procedures.
    • It synchronizes traffic flows using timestamps.
  4. What is a user trying to determine when issuing a ping 10.1.1.1 command on a PC?

    • if the TCP/IP stack is functioning on the PC without putting traffic on the wire
    • if there is connectivity with the destination device
    • the path that traffic will take to reach the destination
    • what type of device is at the destination
      Answers Explanation & Hints:

      The ping destination command can be used to test connectivity.

  5. What is a characteristic of a switch virtual interface (SVI)?​

    • Although it is a virtual interface, it needs to have physical hardware on the device associated with it.
    • An SVI is created in software and requires a configured IP address and a subnet mask in order to provide remote access to the switch.
    • SVIs come preconfigured on Cisco switches.
    • SVIs do not require the no shutdown command to become enabled.
      Answers Explanation & Hints:

      Cisco IOS switches have physical ports for devices to connect to, but also have one or more switch virtual interfaces (SVIs). These are virtual interfaces, because there is no physical hardware on the device associated with them, rather they are created in software. The virtual interface provides a means to remotely manage a switch over a network that is using IP. Each switch comes with one SVI appearing in the default configuration “out-of-the-box.” The default SVI is interface VLAN1. The no shutdown command needs to be issued to activate this interface.​

  6. Match the descriptions to the terms. (Not all options are used.)

    CCNA1 v7 - ITNv7 - Practice Final - ITN Answers 01
    CCNA1 v7 – ITNv7 – Practice Final – ITN Answers 01
    Answers Explanation & Hints:

    A GUI, or graphical user interface, allows the user to interact with the operating system by pointing and clicking at elements on the screen. A CLI, or command-line interface, requires users to type commands at a prompt in order to interact with the OS. The shell is the part of the operating system that is closest to the user. The kernel is the part of the operating system that interfaces with the hardware.

  7. Refer to the exhibit. An administrator is trying to configure the switch but receives the error message that is displayed in the exhibit. What is the problem?

    CCNA1 v7 - ITNv7 - Practice Final - ITN Answers 003
    CCNA1 v7 – ITNv7 – Practice Final – ITN Answers 003
    • The entire command, configure terminal , must be used.
    • The administrator is already in global configuration mode.
    • The administrator must first enter privileged EXEC mode before issuing the command.
    • The administrator must connect via the console port to access global configuration mode.
      Answers Explanation & Hints:

      In order to enter global configuration mode, the command configure terminal , or a shortened version such as config t , must be entered from privileged EXEC mode. In this scenario the administrator is in user EXEC mode, as indicated by the > symbol after the hostname. The administrator would need to use the enable command to move into privileged EXEC mode before entering the configure terminal command.

  8. Which PDU is processed when a host computer is de-encapsulating a message at the transport layer of the TCP/IP model?

    • bits
    • frame
    • packet
    • segment
      Answers Explanation & Hints:

      At the transport layer, a host computer will de-encapsulate a segment to reassemble data to an acceptable format by the application layer protocol of the TCP/IP model.

  9. Which three layers of the OSI model are comparable in function to the application layer of the TCP/IP model? (Choose three.)

    • application
    • presentation
    • session
    • transport
    • data link
    • physical
    • network
      Answers Explanation & Hints:

      The TCP/IP model consists of four layers: application, transport, internet, and network access. The OSI model consists of seven layers: application, presentation, session, transport, network, data link, and physical. The top three layers of the OSI model: application, presentation, and session map to the application layer of the TCP/IP model.

  10. Which two OSI model layers have the same functionality as two layers of the TCP/IP model? (Choose two.)

    • data link
    • network
    • physical
    • session
    • transport
      Answers Explanation & Hints:

      The OSI transport layer is functionally equivalent to the TCP/IP transport layer, and the OSI network layer is equivalent to the TCP/IP internet layer. The OSI data link and physical layers together are equivalent to the TCP/IP network access layer. The OSI session layer (with the presentation layer) is included within the TCP/IP application layer.

  11. What OSI physical layer term describes the measure of the transfer of bits across a medium over a given period of time?

    • throughput
    • bandwidth
    • latency
    • goodput
  12. Refer to the exhibit. What is the maximum possible throughput between the PC and the server?

    CCNA1 v7 - ITNv7 - Practice Final - ITN Answers 002
    CCNA1 v7 – ITNv7 – Practice Final – ITN Answers 002
    • 128 kb/s
    • 10 Mb/s
    • 100 Mb/s
    • 1000 Mb/s
      Answers Explanation & Hints:

      The maximum throughput between any two nodes on a network is determined by the slowest link between those nodes.

  13. Which two statements describe the characteristics of fiber-optic cabling? (Choose two.)

    • Fiber-optic cabling does not conduct electricity.
    • Fiber-optic cabling has high signal loss.
    • Fiber-optic cabling is primarily used as backbone cabling.
    • Multimode fiber-optic cabling carries signals from multiple sending devices.
    • Fiber-optic cabling uses LEDs for single-mode cab​les and laser technology for multimode cables.
      Answers Explanation & Hints:

      Fiber-optic cabling is primarily used for high-traffic backbone cabling and does not conduct electricity. Multimode fiber uses LEDs for signaling and single-mode fiber uses laser technology. FIber-optic cabling carries signals from only one device to another.

  14. Match the description with the media. (Not all options are used.)

    CCNA1 v7 - ITNv7 - Practice Final - ITN Answers 02
    CCNA1 v7 – ITNv7 – Practice Final – ITN Answers 02
    Answers Explanation & Hints:

    UTP cables are used in wired office environments. Coaxial cables are used to connect cable modems and televisions. Fiber optics are used for high transmission speeds and to transfer data over long distances. STP cables are used in environments where there is a lot of interference.

  15. Which two acronyms represent the data link sublayers that Ethernet relies upon to operate? (Choose two.)

    • CSMA
    • FCS
    • LLC
    • MAC
    • SFD
      Answers Explanation & Hints:

      For Layer 2 functions, Ethernet relies on logical link control (LLC) and MAC sublayers to operate at the data link layer. FCS (Frame Check Sequence) and SFD (Start Frame Delimiter) are fields of the Ethernet frame. CSMA (Carrier Sense Multiple Access) is the technology Ethernet uses to manage shared media access.

  16. A network team is comparing topologies for connecting on a shared media. Which physical topology is an example of a hybrid topology for a LAN?

    • bus
    • extended star
    • ring
    • partial mesh
      Answers Explanation & Hints:

      An extended star topology is an example of a hybrid topology as additional switches are interconnected with other star topologies. A partial mesh topology is a common hybrid WAN topology. The bus and ring are not hybrid topology types.

  17. What does a router do when it receives a Layer 2 frame over the network medium?

    • determines the best path
    • de-encapsulates the frame
    • re-encapsulates the packet into a new frame
    • forwards the new frame appropriate to the medium of that segment of the physical network
      Answers Explanation & Hints:

      Routers are responsible for encapsulating a frame with the proper format for the physical network media they connect. At each hop along the path, a router does the following:Accepts a frame from a medium
      De-encapsulates the frame
      Determines the best path to forward the packet
      Re-encapsulates the packet into a new frame
      Forwards the new frame appropriate to the medium of that segment of the physical network

  18. Although CSMA/CD is still a feature of Ethernet, why is it no longer necessary?

    • the virtually unlimited availability of IPv6 addresses
    • the use of CSMA/CA
    • the use of full-duplex capable Layer 2 switches
    • the development of half-duplex switch operation
    • the use of Gigabit Ethernet speeds
      Answers Explanation & Hints:

      The use of Layer 2 switches operating in full-duplex mode eliminates collisions, thereby eliminating the need for CSMA/CD.

  19. Which two functions are performed at the LLC sublayer of the OSI Data Link Layer to facilitate Ethernet communication? (Choose two.)

    • adds Ethernet control information to network protocol data
    • places information in the Ethernet frame that identifies which network layer protocol is being encapsulated by the frame
    • applies source and destination MAC addresses to Ethernet frame
    • implements CSMA/CD over legacy shared half-duplex media
    • integrates Layer 2 flows between 10 Gigabit Ethernet over fiber and 1 Gigabit Ethernet over copper
  20. Two network engineers are discussing the methods used to forward frames through a switch. What is an important concept related to the cut-through method of switching?

    • The fragment-free switching offers the lowest level of latency.
    • Fast-forward switching can be viewed as a compromise between store-and-forward switching and fragment-free switching.
    • Fragment-free switching is the typical cut-through method of switching.
    • Packets can be relayed with errors when fast-forward switching is used.
      Answers Explanation & Hints:

      Fast-forward switching offers the lowest level of latency and it is the typical cut-through method of switching. Fragment-free switching can be viewed as a compromise between store-and-forward switching and fast-forward switching. Because fast-forward switching starts forwarding before the entire packet has been received, there may be times when packets are relayed with errors.

  21. Which two issues can cause both runts and giants in Ethernet networks? (Choose two.)

    • a malfunctioning NIC
    • CRC errors
    • electrical interference on serial interfaces
    • half-duplex operations
    • using the incorrect cable type
      Answers Explanation & Hints:

      Because collisions are a normal aspect of half-duplex communications, runt and giant frames are common by-products of those operations. A malfunctioning NIC can also place frames on the network that are either too short or longer than the maximum allowed length. CRC errors can result from using the wrong type of cable or from electrical interference. Using a cable that is too long can result in late collisions rather than runts and giants.

  22. What happens when a switch receives a frame and the calculated CRC value is different than the value that is in the FCS field?

    • The switch places the new CRC value in the FCS field and forwards the frame.
    • The switch notifies the source of the bad frame.
    • The switch drops the frame.
    • The switch floods the frame to all ports except the port through which the frame arrived to notify the hosts of the error.
      Answers Explanation & Hints:

      The purpose of the CRC value in the FCS field is to determine if the frame has errors. If the frame does have errors, then the frame is dropped by the switch.

  23. Which term describes a field in the IPv4 packet header that contains a unicast, multicast, or broadcast address?

    • destination IPv4 address
    • protocol
    • TTL
    • header checksum
  24. If the default gateway is configured incorrectly on the host, what is the impact on communications?

    • The host is unable to communicate on the local network.
    • The host can communicate with other hosts on the local network, but is unable to communicate with hosts on remote networks.
    • The host can communicate with other hosts on remote networks, but is unable to communicate with hosts on the local network.
    • There is no impact on communications.
      Answers Explanation & Hints:

      A default gateway is only required to communicate with devices on another network. The absence of a default gateway does not affect connectivity between devices on the same local network.

  25. Why is NAT not needed in IPv6?​

    • Because IPv6 has integrated security, there is no need to hide the IPv6 addresses of internal networks.​
    • Any host or user can get a public IPv6 network address because the number of available IPv6 addresses is extremely large.​
    • The problems that are induced by NAT applications are solved because the IPv6 header improves packet handling by intermediate routers.​
    • The end-to-end connectivity problems that are caused by NAT are solved because the number of routes increases with the number of nodes that are connected to the Internet.
      Answers Explanation & Hints:

      The large number of public IPv6 addresses eliminates the need for NAT. Sites from the largest enterprises to single households can get public IPv6 network addresses. This avoids some of the NAT-induced application problems that are experienced by applications that require end-to-end connectivity.

  26. What routing table entry has a next hop address associated with a destination network?

    • directly-connected routes
    • local routes
    • remote routes
    • C and L source routes
      Answers Explanation & Hints:

      Routing table entries for remote routes will have a next hop IP address. The next hop IP address is the address of the router interface of the next device to be used to reach the destination network. Directly-connected and local routes have no next hop, because they do not require going through another router to be reached.

  27. Refer to the exhibit. PC1 issues an ARP request because it needs to send a packet to PC3. In this scenario, what will happen next?

    CCNA1 v7 - ITNv7 - Practice Final - ITN Answers 004
    CCNA1 v7 – ITNv7 – Practice Final – ITN Answers 004
    • RT1 will forward the ARP request to PC3.
    • RT1 will send an ARP reply with its own Fa0/0 MAC address.
    • RT1 will send an ARP reply with the PC3 MAC address.
    • SW1 will send an ARP reply with its Fa0/1 MAC address.
    • RT1 will send an ARP reply with its own Fa0/1 MAC address.
      Answers Explanation & Hints:

      When a network device has to communicate with a device on another network, it broadcasts an ARP request asking for the default gateway MAC address. The default gateway (RT1) unicasts an ARP reply with the Fa0/0 MAC address.

  28. Which destination address is used in an ARP request frame?

    • 0.0.0.0
    • 255.255.255.255
    • FFFF.FFFF.FFFF
    • AAAA.AAAA.AAAA
    • the physical address of the destination host
      Answers Explanation & Hints:

      The purpose of an ARP request is to find the MAC address of the destination host on an Ethernet LAN. The ARP process sends a Layer 2 broadcast to all devices on the Ethernet LAN. The frame contains the IP address of the destination and the broadcast MAC address, FFFF.FFFF.FFFF. The host with the IP address that matches the IP address in the ARP request will reply with a unicast frame that includes the MAC address of the host. Thus the original sending host will obtain the destination IP and MAC address pair to continue the encapsulation process for data transmission.

  29. Refer to the exhibit. The exhibit shows a small switched network and the contents of the MAC address table of the switch. PC1 has sent a frame addressed to PC3. What will the switch do with the frame?

    CCNA1 v7 - ITNv7 - Practice Final - ITN Answers 006
    CCNA1 v7 – ITNv7 – Practice Final – ITN Answers 006
    • The switch will discard the frame.
    • The switch will forward the frame only to port 2.
    • The switch will forward the frame to all ports except port 4.
    • The switch will forward the frame to all ports.
    • The switch will forward the frame only to ports 1 and 3.
      Answers Explanation & Hints:

      The MAC address of PC3 is not present in the MAC table of the switch. Because the switch does not know where to send the frame that is addressed to PC3, it will forward the frame to all the switch ports, except for port 4, which is the incoming port.

  30. Floor(config)# interface gi0/1 
    Floor(config-if)# description Connects to the Registrar LAN 
    Floor(config-if)# ip address 192.168.235.234 255.255.255.0 
    Floor(config-if)# no shutdown 
    Floor(config-if)# interface gi0/0 
    Floor(config-if)# description Connects to the Manager LAN 
    Floor(config-if)# ip address 192.168.234.114 255.255.255.0 
    Floor(config-if)# no shutdown 
    Floor(config-if)# interface s0/0/0 
    Floor(config-if)# description Connects to the ISP 
    Floor(config-if)# ip address 10.234.235.254 255.255.255.0 
    Floor(config-if)# no shutdown 
    Floor(config-if)# interface s0/0/1 
    Floor(config-if)# description Connects to the Head Office WAN 
    Floor(config-if)# ip address 203.0.113.3 255.255.255.0 
    Floor(config-if)# no shutdown 
    Floor(config-if)# end 

    Refer to the exhibit. A network administrator is connecting a new host to the Registrar LAN. The host needs to communicate with remote networks. What IP address would be configured as the default gateway on the new host?

    • 192.168.235.234
    • 192.168.235.1
    • 10.234.235.254
    • 203.0.113.3
    • 192.168.234.114
  31. Match the command with the device mode at which the command is entered. (Not all options are used.)

    CCNA1 v7 - ITNv7 - Practice Final - ITN Answers 03
    CCNA1 v7 – ITNv7 – Practice Final – ITN Answers 03
    Answers Explanation & Hints:

    The enable command is entered in R1> mode. The login command is entered in R1(config-line)# mode. The copy running-config startup-config command is entered in R1# mode. The ip address 192.168.4.4 255.255.255.0 command is entered in R1(config-if)# mode. The service password-encryption command is entered in global configuration mode.

  32. A router boots and enters setup mode. What is the reason for this?

    • The IOS image is corrupt.
    • Cisco IOS is missing from flash memory.
    • The configuration file is missing from NVRAM.
    • The POST process has detected hardware failure.
      Answers Explanation & Hints:

      If a router cannot locate the startup-config file in NVRAM, it will enter setup mode to allow the configuration to be entered from the console device.

  33. What type of address is 198.133.219.162?

    • public
    • link-local
    • loopback
    • multicast
  34. Given network 172.18.109.0, which subnet mask would be used if 6 host bits were available?

    • 255.255.255.192
    • 255.255.255.252
    • 255.255.224.0
    • 255.255.255.248
    • 255.255.192.0
      Answers Explanation & Hints:

      With an IPv4 network, the subnet mask is determined by the hosts bits that are required:
      11 host bits required – 255.255.248.0
      10 host bits required – 255.255.252.0
      9 host bits required – 255.255.254.0
      8 host bits required – 255.255.255.0
      7 host bits required – 255.255.255.128
      6 host bits required – 255.255.255.192
      5 host bits required – 255.255.255.224
      4 host bits required – 255.255.255.240
      3 host bits required – 255.255.255.248
      2 host bits required – 255.255.255.252

  35. Three devices are on three different subnets. Match the network address and the broadcast address with each subnet where these devices are located. (Not all options are used.)

    Device 1: IP address 192.168.10.77/28 on subnet 1

    Device 2: IP address192.168.10.17/30 on subnet 2

    Device 3: IP address 192.168.10.35/29 on subnet 3

    CCNA1 v7 - ITNv7 - Practice Final - ITN Answers 04
    CCNA1 v7 – ITNv7 – Practice Final – ITN Answers 04
    Answers Explanation & Hints:

    To calculate any of these addresses, write the device IP address in binary. Draw a line showing where the subnet mask 1s end. For example, with Device 1, the final octet (77) is 01001101. The line would be drawn between the 0100 and the 1101 because the subnet mask is /28. Change all the bits to the right of the line to 0s to determine the network number (01000000 or 64). Change all the bits to the right of the line to 1s to determine the broadcast address (01001111 or 79).

  36. What does the IP address 192.168.1.15/29 represent?

    • subnetwork address
    • multicast address
    • unicast address
    • broadcast address
      Answers Explanation & Hints:

      A broadcast address is the last address of any given network. This address cannot be assigned to a host, and it is used to communicate with all hosts on that network.

  37. What type of IPv6 address is represented by ::1/128?

    • loopback
    • unspecified
    • global unicast
    • EUI-64 generated link-local
  38. Which is the compressed format of the IPv6 address fe80:0000:0000:0000:0220:0b3f:f0e0:0029?

    • fe80::220:b3f:f0e0:29
    • fe80:9ea:0:2200::fe0:290
    • fe80:9ea0::2020:0:bf:e0:9290
    • fe80:9ea0::2020::bf:e0:9290
  39. Refer to the exhibit. A user issues the command netstat –r on a workstation. Which IPv6 address is one of the link-local addresses of the workstation?

    CCNA1 v7 - ITNv7 - Practice Final - ITN Answers 005
    CCNA1 v7 – ITNv7 – Practice Final – ITN Answers 005
    • ::1/128
    • fe80::30d0:115:3f57:fe4c/128
    • fe80::/64
    • 2001:0:9d38:6ab8:30d0:115:3f57:fe4c/128
      Answers Explanation & Hints:

      In the IPv6 address scheme, the network of fe80::/10 is reserved for link-local addresses. The address fe80::/64 is a network address that indicates, in this workstation, fe80::/64 is actually used for link-local addresses. Thus the address fe80::30d0:115:3f57:fe4c/128 is a valid IPv6 link-local address.

  40. Network information:
    * local router LAN interface: 172.19.29.254 / fe80:65ab:dcc1::10
    * local router WAN interface: 198.133.219.33 / 2001:db8:FACE:39::10
    * remote server: 192.135.250.103

    What task might a user be trying to accomplish by using the ping 2001:db8:FACE:39::10 command?

    • verifying that there is connectivity to the internet
    • verifying that there is connectivity within the local network
    • creating a network performance benchmark to a server on the company intranet
    • determining the path to reach the remote server
  41. A network technician types the command ping 127.0.0.1 at the command prompt on a computer. What is the technician trying to accomplish?

    • checking the IP address on the network card
    • testing the integrity of the TCP/IP stack on the local machine
    • pinging a host computer that has the IP address 127.0.0.1 on the network
    • tracing the path to a host computer on the network and the network has the IP address 127.0.0.1
      Answers Explanation & Hints:

      127.0.0.1 is an address reserved by TCP/IP to test the NIC, drivers and TCP/IP implementation of the device.

  42. Which two ICMP messages are used by both IPv4 and IPv6 protocols? (Choose two.)​

    • router solicitation
    • route redirection
    • neighbor solicitation
    • protocol unreachable
    • router advertisement
      Answers Explanation & Hints:

      The ICMP messages common to both ICMPv4 and ICMPv6 include: host confirmation, destination (net, host, protocol, port) or service unreachable, time exceeded, and route redirection. Router solicitation, neighbor solicitation, and router advertisement are new protocols implemented in ICMPv6.

  43. To which TCP port group does the port 414 belong?

    • registered
    • well-known
    • private or dynamic
    • public
      Answers Explanation & Hints:

      There are different types of TCP and UDP port numbers:Well-known ports – numbers 0 to 1023
      Registered ports – numbers 1024 to 49151
      Dynamic or private ports – numbers 49152 to 65535

  44. A client packet is received by a server. The packet has a destination port number of 22. What service is the client requesting?

    • SSH
    • DHCP
    • DNS
    • TFTP
  45. Refer to the exhibit. What does the value of the window size specify?

    CCNA1 v7 - ITNv7 - Practice Final - ITN Answers 001
    CCNA1 v7 – ITNv7 – Practice Final – ITN Answers 001
    • the amount of data that can be sent at one time
    • the total number of bits received during this TCP session
    • the amount of data that can be sent before an acknowledgment is required
    • a random number that is used in establishing a connection with the 3-way handshake
      Answers Explanation & Hints:

      The window size specifies the amount of data that can be sent before an acknowledgment is received from the receiver. This value specifies the highest number of bytes, not the required number of bytes.

  46. What service is provided by POP3?

    • Retrieves email from the server by downloading the email to the local mail application of the client.
    • Allows remote access to network devices and servers.
    • Uses encryption to provide secure remote access to network devices and servers.
    • An application that allows real-time chatting among remote users.
  47. Two students are working on a network design project. One student is doing the drawing, while the other student is writing the proposal. The drawing is finished and the student wants to share the folder that contains the drawing so that the other student can access the file and copy it to a USB drive. Which networking model is being used?

    • peer-to-peer
    • client-based
    • master-slave
    • point-to-point
      Answers Explanation & Hints:

      In a peer-to-peer (P2P) networking model, data is exchanged between two network devices without the use of a dedicated server. ​​

  48. Which command is used to manually query a DNS server to resolve a specific host name?

    • nslookup
    • ipconfig /displaydns
    • tracert
    • net
      Answers Explanation & Hints:

      The nslookup command was created to allow a user to manually query a DNS server to resolve a given host name. The ipconfig /displaydns command only displays previously resolved DNS entries. The tracert command was created to examine the path that packets take as they cross a network and can resolve a hostname by automatically querying a DNS server. The net command is used to manage network computers, servers, printers, and network drives.

  49. The employees and residents of Ciscoville cannot access the Internet or any remote web-based services. IT workers quickly determine that the city firewall is being flooded with so much traffic that a breakdown of connectivity to the Internet is occurring. Which type of attack is being launched at Ciscoville?

    • Trojan horse
    • reconnaissance
    • DoS
    • access
      Answers Explanation & Hints:

      A DoS (denial of service) attack prevents authorized users from using one or more computing resources.

  50. A network administrator is issuing the login block-for 180 attempts 2 within 30 command on a router. Which threat is the network administrator trying to prevent?

    • a user who is trying to guess a password to access the router
    • a worm that is attempting to access another part of the network
    • an unidentified individual who is trying to access the network equipment room
    • a device that is trying to inspect the traffic on a link
      Answers Explanation & Hints:

      The login block-for 180 attempts 2 within 30 command will cause the device to block authentication after 2 unsuccessful attempts within 30 seconds for a duration of 180 seconds. A device inspecting the traffic on a link has nothing to do with the router. The router configuration cannot prevent unauthorized access to the equipment room. A worm would not attempt to access the router to propagate to another part of the network.

  51. Which statement describes the characteristics of packet-filtering and stateful firewalls as they relate to the OSI model?

    • Both stateful and packet-filtering firewalls can filter at the application layer.
    • A stateful firewall can filter application layer information, whereas a packet-filtering firewall cannot filter beyond the network layer.
    • A packet-filtering firewall typically can filter up to the transport layer, whereas a stateful firewall can filter up to the session layer.
    • A packet-filtering firewall uses session layer information to track the state of a connection, whereas a stateful firewall uses application layer information to track the state of a connection.
      Answers Explanation & Hints:

      Packet filtering firewalls can always filter Layer 3 content and sometimes TCP and UDP-based content. Stateful firewalls monitor connections and thus have to be able to support up to the session layer of the OSI model.

  52. What are two ways to protect a computer from malware? (Choose two.)

    • Use antivirus software.
    • Empty the browser cache.
    • Keep software up to date.
    • Delete unused software.
    • Defragment the hard disk.
      Answers Explanation & Hints:

      At a minimum, a computer should use antivirus software and have all software up to date to defend against malware.

  53. Only employees connected to IPv6 interfaces are having difficulty connecting to remote networks. The analyst wants to verify that IPv6 routing has been enabled. What is the best command to use to accomplish the task?

    • show running-config
    • show interfaces
    • copy running-config startup-config
    • show ip nat translations
  54. Which two commands could be used to check if DNS name resolution is working properly on a Windows PC? (Choose two.)

    • nslookup cisco.com
    • net cisco.com
    • ping cisco.com
    • nbtstat cisco.com
    • ipconfig /flushdns
      Answers Explanation & Hints:

      The ping command tests the connection between two hosts. When ping uses a host domain name to test the connection, the resolver on the PC will first perform the name resolution to query the DNS server for the IP address of the host. If the ping command is unable to resolve the domain name to an IP address, an error will result.

      Nslookup is a tool for testing and troubleshooting DNS servers.

  55. A small advertising company has a web server that provides critical business service. The company connects to the Internet through a leased line service to an ISP. Which approach best provides cost effective redundancy for the Internet connection?

    • Add a second NIC to the web server.
    • Add another web server to prepare failover support.
    • Add a connection to the Internet via a DSL line to another ISP.
    • Add multiple connections between the switches and the edge router.
      Answers Explanation & Hints:

      With a separate DSL connection to another ISP, the company will have a redundancy solution for the Internet connection, in case the leased line connection fails. The other options provide other aspects of redundancy, but not the Internet connection. The options of adding a second NIC and adding multiple connections between the switches and the edge router will provide redundancy in case one NIC fails or one connection between the switches and the edge router fails. The option of adding another web server provides redundancy if the main web server fails.

Subscribe
Notify of
guest
15 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments