Routing and Switching Essentials Version 6 – RSE 6.0 Chapter 3 Exam

Routing and Switching Essentials (Version 6.00) – RSE 6.0 Chapter 3 Exam

QUESTION 1

Hotspot Question

Which will fix the issue and allow ONLY ping to work while keeping telnet disabled?

A.Correctly assign an IP address to interface fa0/1.
B.Change the ip access-group command on fa0/0 from “in* to “our.
C.Remove access-group 106 in from interface fa0/0 and add access-group 115 in.
D.Remove access-group 102 out from interface s0/0/0 and add access-group 114 in
E.Remove access-group 106 in from interface fa0/0 and add access-group 104 in.

Correct Answer: E
Section: (none)
Explanation

Explanation/Reference:
Explanation:
Let’s have a look at the access list 104:

The question does not ask about ftp traffic so we don’t care about the two first lines. The 3rd line denies all
telnet traffic and the 4th line allows icmp traffic to be sent (ping). Remember that the access list 104 is
applied on the inbound direction so the 5th line “access-list 104 deny icmp any any echo-reply” will not
affect our icmp traffic because the “echo-reply” message will be sent over the outbound direction.

QUESTION 2

Hotspot Question

What would be the effect of issuing the command ip access-group 114 in to the fa0/0 interface?

 

A.Attempts to telnet to the router would fail.
B.It would allow all traffic from the 10.4.4.0 network.
C.IP traffic would be passed through the interface but TCP and UDP traffic would not.
D.Routing protocol updates for the 10.4.4.0 network would not be accepted from the fa0/0 interface.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
Explanation:
From the output of access-list 114: access-list 114 permit ip 10.4.4.0 0.0.0.255 any we can easily
understand that this access list allows all traffic (ip) from 10.4.4.0/24 network

QUESTION 3

Hotspot Question

What would be the effect of Issuing the command ip access-group 115 in on the s0/0/1 interface?

A.No host could connect to RouterC through s0/0/1.
B.Telnet and ping would work but routing updates would fail.
C.FTP, FTP-DATA, echo, and www would work but telnet would fail.
D.Only traffic from the 10.4.4.0 network would pass through the interface.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
Explanation:
First let’s see what was configured on interface S0/0/1:

QUESTION 4

Refer to the exhibit. Based on the information given, which switch will be elected root bridge and why?

A.Switch A, because it has the lowest MAC address
B.Switch A, because it is the most centrally located switch
C.Switch B, because it has the highest MAC address
D.Switch C, because it is the most centrally located switch
E.Switch C, because it has the lowest priority
F. Switch D, because it has the highest priority

Correct Answer: E
Section: (none)
Explanation

Explanation/Reference:

QUESTION 5

Lab Simulation Question – EIGRP

A.
B.
C.
D.

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
First we should check the configuration of the ENG Router.
Click the console PC “F” and enter the following commands.
ENG> enable
Password: cisco
ENG# show running-config

Building configuration…
Current configuration : 770 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname ENG
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
interface FastEthernet0/0
ip address 192.168.77.34 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.60.65 255.255.255.240
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 192.168.60.81 255.255.255.240
duplex auto
speed auto
!
router eigrp 22
network 192.168.77.0
network 192.168.60.0
no auto-summary
!
ip classless
!
line con 0
line vty 0 4
login
!
end
ENG#
From the output above, we know that this router was wrongly configured with an autonomous number (AS)
of 22. When the AS numbers among routers are mismatched, no adjacency is formed.
(You should check the AS numbers on other routers for sure)
To solve this problem, we simply re-configure router ENG router with the following commands:
ENG# conf t
ENG(config)# no router eigrp 22
ENG(config)# router eigrp 12
ENG(config-router)# network 192.168.60.0
ENG(config-router)# network 192.168.77.0
ENG(config-router)# no auto-summary
ENG(config-router)# end
ENG# copy running-config startup-config
Second we should check the configuration of the MGT Router.

Click the console PC “G” and enter the following commands.
MGT> enable
Password: cisco
MGT# show running-config
Building configuration…
Current configuration : 1029 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname MGT
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
interface FastEthernet0/0
ip address 192.168.77.33 255.255.255.252
duplex auto
speed auto
!
interface Serial0/0
ip address 192.168.36.13 255.255.255.252
clock rate 64000
!
interface Serial0/1
ip address 192.168.60.25 255.255.255.252
clock rate 64000
!
interface Serial1/0
ip address 198.0.18.6 255.255.255.252
!
interface Serial1/1
no ip address
shutdown
!
interface Serial1/2
no ip address
shutdown
!
interface Serial1/3
no ip address
shutdown
!
router eigrp 12
network 192.168.36.0
network 192.168.60.0
network 192.168.85.0
network 198.0.18.0
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 198.0.18.5
!
line con 0
line vty 0 4
login
!
end
MGT#
Notice that it is missing a definition to the network ENG. Therefore we have to add it so that it can recognize
ENG router
MGT# conf t
MGT(config)# router eigrp 12
MGT(config-router)# network 192.168.77.0
MGT(config-router)# end
MGT# copy running-config startup-config
Now the whole network will work well. You should check again with ping command from router ENG to
other routers!
In Short:
ENG Router
ENG>enable
Password: cisco ENG# conf t
ENG(config)# no router eigrp 22
ENG(config)# router eigrp 12
ENG(config-router)# network 192.168.60.0
ENG(config-router)# network 192.168.77.0
ENG(config-router)# no auto-summary
ENG(config-router)# end
ENG# copy running-config startup-config
MGT Router
MGT>enable
Password: cisco MGT# conf t
MGT(config)# router eigrp 12
MGT(config-router)# network 192.168.77.0
MGT(config-router)# end
MGT# copy running-config startup-config
Some Modification in Question
After adding ENG router, no routing updates are being exchanged between MGT and the new location. All
other inter connectivity for the existing locations of the company are working properly. But Internet
connection for existing location including Remote1 and Remote2 networks are not working.
Faults Identified:
1. Incorrect Autonomous System Number configured in ENG router.
2. MGT router does not advertise route to the new router ENG.
3. Internet Connection is not working all stations.
We need to correct the above two configuration mistakes to have full connectivity
Steps:
1. ENG Router: Change the Autonomous System Number of ENG
2. Perimiter Router: Add the network address of interface of Permiter that link between MGT and ENG.
3. Perimiter Router: Add default route and default-network.

Check the IP Address of S1/0 interface of MGT Router using show runningconfig command.
(The interfaced used to connect to the ISP)
!
interface Serial1/0
ip address 198.0.18.6 255.255.255.252
!
For Internet sharing we have create a default route, and add default-network configuration. The IP address
is 198.0.18.6/30. Then the next hop IP will be 198.0.18.5.
ENG Router
ENG>enable
Password: cisco ENG# conf t
ENG(config)# no router eigrp 22
ENG(config)# router eigrp 12
ENG(config-router)# network 192.168.60.0
ENG(config-router)# network 192.168.77.0
ENG(config-router)# no auto-summary
ENG(config-router)# end
ENG# copy running-config startup-config
MGT Router
MGT>enable
Password: cisco MGT# conf t
MGT(config)# router eigrp 12
MGT(config-router)# network 192.168.77.0
MGT(config-router)# exit
MGT(config)# ip route 0.0.0.0 0.0.0.0 198.0.18.5
MGT(config)# ip default-network 198.0.18.0
MGT(config)# exit
MGT# copy running-config startup-config
Important:
If you refer the topology and IP chart, the MGT router uses Fa0/0 to connect ENG router, S0/0 used to
connect Remote1, and S0/1 used to connect Remote2.
Refer to the command show running-config, the command #PASSIVE-INTERFACE <Interface Name> will
deny EIGRP updates to specified interface. In that case we need to use #no passive- interface <Interface
Name> to allow the routing updates to be passed to that interface. For example when used the #show run
command and we see the output like below.
!
router eigrp 22
network 192.168.77.0
network 192.168.60.0
passive-interface FastEthernet 0/0
passive-interface Serial 1/0
no auto-summary
!
Then the command would be
MGT(config)#router eigrp 12
MGT(config-router)#no passive-interface Fa0/0
MGT(config-router)#end

Also MGT router connect to the ISP router using Serial 1/0. If you seen passive-interface s1/0, then do not
remove it using #no passive-interface s1/0 command.

QUESTION 6

Lab Simulation Question – CLI
Central Florida Widgets recently installed a new router in their office. Complete the network installation by
performing the initial router configurations and configuring R1PV2 routing using the router command line
interface (CLI) on the RC.
Configure the router per the following requirements:
– Name of the router is R2
– Enable.secret password is cisco
– The password to access user EXEC mode using the console is cisco2
– The password to allow telnet access to the router is cisco3
IPV4 addresses mast be configured as follows:
– Ethernet network 209.165.201.0/27 – router has fourth assignable host address in subnet
– Serial network is 192.0.2.176/28 – router has last assignable host address in the subnet.
– Interfaces should be enabled.
– Router protocol is RIPV2
Attention:
In practical examinations, please note the following, the actual information will prevail.
1. Name or the router is xxx
2. EnablE. secret password is xxx
3. Password In access user EXEC mode using the console is xxx
4. The password to allow telnet access to the router is xxx
5. IP information

A.
B.
C.
D.

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
Step 1:
Click on the console host, you will get a pop-up screen CLI of Router.
Router>
Configure the new router as per the requirements provided in Lab question Requirement 1:
Name of the router is R2
Step 2:
To change the hostname of the router to R2 follow the below steps:
Router>
Router>enable
Router#configure terminal
Router(config)#hostname R2
R2(config)#
Requirement 2:
Enable-secret password is cisco1
Step 3:
To set the enable secret password to cisco1 use the following command
R2(config)#enable secret cisco1
Requirement 3:
The password to access user EXEC mode using the console is cisco2
Step 4:
We need to configure the line console 0 with the password cisco2 Also remember to type login command
after setting up the password on line con 0 which allows router to accept logins via console.
R2(config)#line con 0
R2(config-line)#password cisco2
R2(config-line)#login
R2(config-line)#exit
R2(config)#
Requirement 4:
The password to allow telnet access to the router is cisco3
Step 5:
To allow telnet access we need to configure the vty lines 0 4 with the password cisco3 Also remember to
type login command after setting up the password on line vty 0 4 which allows router to accept logins via
telnet.
R2(config)#line vty 0 4
R2(config-line)#password cisco3
R2(config-line)#login
R2(config-line)#exit
R2(config)#
Requirement 5:
(5.1) Ethernet network 209.165.201.0 /27 – Router has the fourth assignable host address in subnet.
(5.2) Serial Network is 192.0.2.176 /28 – Router has the last assignable host address in subnet.
Step 6:
Ethernet network 209.165.201.0 /27 – Router has the fourth assignable host address in subnet. Ethernet
Interface on router R2 is Fast Ethernet 0/0 as per the exhibit First we need to identify the subnet mask
Network: 209.165.201.0 /27
Subnet mask: /27: 27 bits = 8 + 8 + 8 + 3
=8(bits).8(bits).8(bits) .11100000 (3bits)
=255.255.255.11100000
=11100000 = 128+64+32+0+0+0+0+0
= 224
Subnet mask: 255.255.255.224
Different subnet networks and there valid first and last assignable host address range for above subnet
mask are
Subnet Networks :::::: Valid Host address range :::::: Broadcast address 209.165.201.0 :::::: 209.165.201.1 -209.165.201.30 ::::: 209.165.201.31 209.165.201.32 :::::: 209.165.201.33 – 209.165.201.62 :::::
209.165.201.63 209.165.201.64 :::::: 209.165.201.65 – 209.165.201.94 :::::: 209.165.201.95 209.165.201.96
:::::: 209.165.201.97 – 209.165.201.126 :::::: 209.165.201.127 209.165.201.128 :::::: 209.165.201.129 -209.165.201.158 :::::: 209.165.201.159 209.165.201.160 :::::: 209.165.201.161 – 209.165.201.190 ::::::
209.165.201.191 209.165.201.192 :::::: 209.165.201.193 – 209.165.201.222 :::::: 209.165.201.223
209.165.201.224 :::::: 209.165.201.225 – 209.165.201.254 :::::: 209.165.201.255 Use above table
information for network 209.165.201.0 /27 to identify First assignable host address: 209.165.201.1
Last assignable host address: 209.165.201.30
Fourth assignable host address: 209.165.201.4
This IP address (209.165.201.4) which we need to configure on Fast Ethernet 0/0 of the router using the
subnet mask 255.255.255.224
R2(config)#interface fa 0/0
R2(config-if)#ip address 209.165.201.4 255.255.255.224
Requirement 6:
To enable interfaces
Use no shutdown command to enable interfaces
R2(config-if)#no shutdown
R2(config-if)#exit
Step 7:
Serial Network is 192.0.2.176 /28 – Router has the last assignable host address in subnet.
Serial Interface on R2 is Serial 0/0/0 as per the exhibit
First we need to identify the subnet mask
Network: 192.0.2.176 /28
Subnet mask: /28: 28bits = 8bits+8bits+8bits+4bits
=8(bits).8(bits).8(bits) .11110000 (4bits)
=255.255.255.11100000
=11100000 = 128+64+32+16+0+0+0+0
= 240
Subnet mask: 255.255.255.240
Different subnet networks and there valid first and last assignable host address range for above subnet
mask are
Subnet Networks ::::: Valid Host address ::::::::::: Broadcast address 192.0.2.0 :::::: 192.0.2.1 – 192.0.2.14
::::::: 192.0.2.15
192.0.2.16 ::::::: 192.0.2.17 – 192.0.2.30 ::::::: 192.0.2.31 192.0.2.32 :::::::: 192.0.2.33 – 192.0.2.46 ::::::
192.0.2.47 192.0.2.48 :::::: 192.0.2.49 – 192.0.2.62 ::::::: 192.0.2.64 192.0.2.64 ::::::: 192.0.2.65 – 192.0.2.78
::::::: 192.0.2.79 192.0.2.80 :::::::: 192.0.2.81 – 192.0.2.94 :::::: 192.0.2.95 192.0.2.96 :::::: 192.0.2.97 -192.0.2.110 ::::::: 192.0.2.111 192.0.2.112 ::::::: 192.0.2.113 – 192.0.2.126 ::::::: 192.0.2.127 192.0.2.128
:::::::: 192.0.2.129 – 192.0.2.142 :::::: 192.0.2.143 192.0.2.144 :::::: 192.0.2.145 – 192.0.2.158 :::::::
192.0.2.159 192.0.2.160 ::::::: 192.0.2.161 – 192.0.2.174 ::::::: 192.0.2.175
192.0.2.176 :::::::: 192.0.2.177 – 192.0.2.190 :::::: 192.0.2.191 and so on ….
Use above table information for network 192.0.2.176 /28 to identify First assignable host address:
192.0.2.177
Last assignable host address: 192.0.2.190
We need to configure Last assignable host address (192.0.2.190) on serial 0/0/0 using the subnet mask
255.255.255.240
R2(config)#interface serial 0/0/0
R2(config-if)#ip address 192.0.2.190 255.255.255.240
Requirement 6:
To enable interfaces
Use no shutdown command to enable interfaces
R2(config-if)#no shutdown
R2(config-if)#exit
Requirement 7:
Router protocol is RIPv2
Step 8:
Need to enable RIPv2 on router and advertise its directly connected networks
R2(config)#router rip
To enable RIP v2 routing protocol on router use the command version 2
R2(config-router)#version 2
Optional: no auto-summary (Since LAB networks do not have discontinuous networks) RIP v2 is classless,
and advertises routes including subnet masks, but it summarizes routes by default.
So the first things we need to do when configuring RIP v2 is turn off auto-summarization with the router
command no auto-summary if you must perform routing between disconnected subnets.
R2 (config-router) # no auto-summary
Advertise the serial 0/0/0 and fast Ethernet 0/0 networks into RIP v2 using network command
R2(config-router)#network 192.0.2.176
R2(config-router)#network 209.165.201.0
R2(config-router)#end
Step 9:
Important please do not forget to save your running-config to startup-config
R2# copy running-config startup-config

QUESTION 7

Lab Simulation Question – ACL-4

A.
B.
C.
D.

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
Corp1>enable
Corp1#configure terminal
Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80 Corp1(config)#access-list 100 permit
ip any any
Corp1(config)#interface fa 0/1 sh ip int brief
Corp1(config-if)#ip access-group 100 out
Corp1(config-if)#end
Corp1#copy running-config startup-config
Explanation:
Select the console on Corp1 router
Configuring ACL
Corp1>enable
Corp1#configure terminal
Comment: To permit only Host C (192.168.33.3){source addr} to access finance server address
(172.22.242.23) {destination addr} on port number 80 (web)
Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
Comment: To deny any source to access finance server address (172.22.242.23) {destination addr} on port
number 80 (web)
Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80
Comment: To permit ip protocol from any source to access any destination because of the implicit deny any
any statement at the end of ACL.
Corp1(config)#access-list 100 permit ip any any
Applying the ACL on the Interface
Comment: Check show ip interface brief command to identify the interface type and number by checking
the IP address configured.
Corp1(config)#interface fa 0/1
If the ip address configured already is incorrect as well as the subnet mask. this should be corrected in
order ACL to work type this commands at interface mode :
no ip address 192.x.x.x 255.x.x.x (removes incorrect configured ipaddress and subnet mask) Configure
Correct IP Address and subnet mask:
ip address 172.22.242.30 255.255.255.240 ( range of address specified going to server is given as
172.22.242.17 – 172.22.242.30 )
Comment: Place the ACL to check for packets going outside the interface towards the finance web server.
Corp1(config-if)#ip access-group 100 out
Corp1(config-if)#end
Important: To save your running config to startup before exit.
Corp1#copy running-config startup-config
Verifying the Configuration:
Step1: show ip interface brief command identifies the interface on which to apply access list. Step2: Click
on each host A,B,C & D . Host opens a web browser page , Select address box of the web browser and
type the ip address of finance web server(172.22.242.23) to test whether it permits /deny access to the
finance web Server .
Step 3: Only Host C (192.168.33.3) has access to the server . If the other host can also access then maybe
something went wrong in your configuration . check whether you configured correctly and in order.
Step 4: If only Host C (192.168.33.3) can access the Finance Web Server you can click on NEXT button to
successfully submit the ACL SIM.

QUESTION 8

Lab Simulation Question – ACL-2

A.
B.
C.
D.

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
Corp1#conf t
Corp1(config)# access-list 128 permit tcp host 192.168.240.1 host 172.22.141.26 eq www Corp1(config)#
access-list 128 deny tcp any host 172.22.141.26 eq www
Corp1(config)# access-list 128 permit ip any any
Corp1(config)#int fa0/1
Corp1(config-if)#ip access-group 128 out
Corp1(config-if)#end
Corp1#copy run startup-config

QUESTION 9

Lab Simulation Question – ACL-3

A.
B.
C.
D.

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
Corp1>enable
Corp1#configure terminal
Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
Corp1(config)#access-list 100 deny tcp 192.168.33.0 0.0.0.255 host
172.22.242.23 eq 80
Corp1(config)#access-list 100 permit ip any any
Corp1(config)#interface fa 0/1 sh ip int brief
Corp1(config-if)#ip access-group 100 out
Corp1(config-if)#end
Corp1#copy running-config startup-config
Explanation:
Select the console on Corp1 router
Configuring ACL
Corp1 >enable
Corp1#configure terminal
comment: To permit only Host C (192.168. 33. 3){source addr} to access finance server address (172.22.
242. 23){destination addr} on port number 80 (web)
Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
Comment: To deny any source to access finance server address (172. 22. 242. 23) {destination addr} on
port number 80 (web)
Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80
Comment: To permit ip protocol from any source to access any destination because of the implicit deny any
any statement at the end of ACL.
Corp1(config)#access-list 100 permit ip any any
Applying the ACL on the Interface
comment: Check show ip interface brief command to identify the interface type and number by checking the
IP address configured.
Corp1(config)#interface fa 0/1
If the ip address configured already is incorrect as well as the subnet mask, this should be corrected in
order ACL to work type this commands at interface mode :
no ip address 192. x. x. x 255. x. x. x (removes incorrect configured ip address and subnet mask) Configure
Correct IP Address and subnet mask:
ip address 172. 22. 242. 30 255. 255. 255. 240 (range of address specified going to server is given as 172.
22. 242. 17-172. 22. 242. 30 )
Comment: Place the ACL to check for packets going outside the interface towards the finance web server.
Corp1(config-if)#ip access-group 100 out
Corp1(config-if)#end
Important: To save your running config to startup before exit.
Corp1#copy running-config startup- config
Verifying the Configuration:
Step1: show ip interface brief command identifies the interface on which to apply access list. Step2: Click
on each host A,B,C & D. Host opens a web browser page, Select address box of the web browser and type
the ip address of finance web server(172. 22. 242. 23) to test whether it permits /deny access to the finance
web Server.
Step 3: Only Host C (192.168. 33. 3) has access to the server. If the other host can also access then maybe
something went wrong in your configuration check whether you configured correctly and in order.
Step 4: If only Host C (192.168. 33. 3) can access the Finance Web Server you can click on NEXT button to
successfully submit the ACL SIM.

QUESTION 10

Lab Simulation Question – NAT-1

A network associate is configuring a router for the weaver company to provide internet access. The ISP has
provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14
hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned
private space addresses in the range of 192.168.100.17 ?192.168.100.30.

A.
B.
C.
D.
Correct Answer:
Section: (none)
Explanation
Explanation/Reference:
The company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP
addresses from 198.18.184.105 to 198.18.184.110/29.
Therefore we have to use NAT overload (or PAT)
Double click on the Weaver router to open it
Router>enable
Router#configure terminal
First you should change the router’s name to Weaver
Router(config)#hostname Weaver
Create a NAT pool of global addresses to be allocated with their netmask. Weaver(config)#ip nat pool
mypool 198.18.184.105 198.18.184.110 netmask 255.255.255.248
Create a standard access control list that permits the addresses that are to be translated
Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15
Establish dynamic source translation, specifying the access list that was defined in the prior step
Weaver(config)#ip nat inside source list 1 pool mypool overload
This command translates all source addresses that pass access list 1, which means a source address from
192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains
addresses from 198.18.184.105 to 198.18.184.110) Overload keyword allows to map multiple IP addresses
to a single registered IP address (many- to-one) by using different ports
The question said that appropriate interfaces have been configured for NAT inside and NAT outside
statements.
This is how to configure the NAT inside and NAT outside, just for your understanding:
Weaver(config)#interface fa0/0
Weaver(config-if)#ip nat inside
Weaver(config-if)#exit
Weaver(config)#interface s0/0
Weaver(config-if)#ip nat outside
Weaver(config-if)#end
Finally, we should save all your work with the following command:
Weaver#copy running-config startup-config
Check your configuration by going to “Host for testing” and type:
C :\>ping 192.0.2.114
The ping should work well and you will be replied from 192.0.2.114

QUESTION 11

Lab Simulation Question – NAT-2

A network associate is configuring a router for the Weaver company to
provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 -198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in
the
company LAN have been assigned private space addresses in the range of 192.168.100.17
192.168.100.30.

The following have already been configured on the router:
The basic router configuration
The appropriate interfaces have been configured for NAT inside and NAT
outside
The appropriate static routes have also been configured (since the
company will be a stub network, no routing protocol will be
required.)
All passwords have been temporarily set to “cisco”
The task is to complete the NAT configuration using all IP addresses assigned by the ISP to provide
internet access for the hosts in the weaver LAN. Functionality can be tested by clicking on the host provided
for testing.
Configuration information:
Router name – Weaver
Inside global addresses – 198.18.184.105 198.18.184.110 /29 Inside local addresses – 192.168.100.17 -192.168.100.30 /28 Number of inside hosts – 14
A.
B.
C.
D.
Correct Answer:
Section: (none)
Explanation
Explanation/Reference:
Step 1: Router Name
Router>enable
Router#configure terminal
Router(config)#hostname Weaver
Weaver(config)#
Step 2: NAT Configuration
Weaver(config)#access-list 10 permit 192.168.100.16 0.0.0.15 Weaver(config)#ip nat pool mynatpool
198.18.184.105 198.18.184.110 netmask 255.255.255.248
Weaver(config)#ip nat inside source list 10 pool mynatpool overload Weaver(config)#end
Step 3: Save Configuration
Weaver#copy run start
Verification:
We can verify the answer by pinging the ISP IP Address (192.0.2.114) from Host for testing.
Click “Host for testing”
In command prompt, type “ping 192.0.2.114”. If ping succeeded then the NAT is working properly.
Screen Shots:

 

QUESTION 12

In a switched environment, what does the IEEE 802.1Q standard describe?

A.the operation of VTP
B.a method of VLAN trunking
C.an approach to wireless LAN communication
D.the process for root bridge selection
E.VLAN pruning

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
Explanation:
A broadcast domain must sometimes exist on more than one switch in the network. To accomplish this, one
switch must send frames to another switch and indicate which VLAN a particular frame belongs to. On
Cisco switches, a trunk link is created to accomplish this VLAN identification. ISL and IEEE 802.1Q are
different methods of putting a VLAN identifier in a Layer 2 frame. The IEEE 802.1Q protocol interconnects
VLANs between multiple switches, routers, and servers. With 802.1Q, a network administrator can define a
VLAN topology to span multiple physical devices.
Cisco switches support IEEE 802.1Q for FastEthernet and Gigabit Ethernet interfaces. An 802.1Q trunk link
provides VLAN identification by adding a 4-byte tag to an Ethernet Frame as it leaves a trunk port.

QUESTION 13

What are three benefits of GLBP? (Choose three.)

A.GLBP supports up to eight virtual forwarders per GLBP group.
B.GLBP supports clear text and MD5 password authentication between GLBP group members.
C.GLBP is an open source standardized protocol that can be used with multiple vendors.
D.GLBP supports up to 1024 virtual routers.
E.GLBP can load share traffic across a maximum of four routers.
F. GLBP elects two AVGs and two standby AVGs for redundancy.

Correct Answer: BDE
Section: (none)
Explanation

Explanation/Reference:

QUESTION 14

Which three statements about HSRP operation are true? (Choose three.)

A.The virtual IP address and virtual MA+K44C address are active on the HSRP Master router.
B.The HSRP default timers are a 3 second hello interval and a 10 second dead interval.
C.HSRP supports only clear-text authentication.
D.The HSRP virtual IP address must be on a different subnet than the routers’ interfaces on the same LAN.
E.The HSRP virtual IP address must be the same as one of the router’s interface addresses on the LAN.
F. HSRP supports up to 255 groups per interface, enabling an administrative form of load balancing.

Correct Answer: ABF
Section: (none)
Explanation

Explanation/Reference:
Explanation:
The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in
hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC
address of 0000.0C07.AC0A. HSRP version 2 uses a virtual MAC address of 0000.0C9F.FXXX (XXX:
HSRP group in hexadecimal)

QUESTION 15

Which three statements about Syslog utilization are true? (Choose three.)

A.Utilizing Syslog improves network performance.
B.The Syslog server automatically notifies the network administrator of network problems.
C.A Syslog server provides the storage space necessary to store log files without using router disk space.
D.There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.
E.Enabling Syslog on a router automatically enables NTP for accurate time stamping.
F. A Syslog server helps in aggregation of logs and alerts.

Correct Answer: CDF
Section: (none)
Explanation
Explanation/Reference:

Add Comment