Rabu, 29 Desember 2010

Validate Choise of VPN topology, devices, and topologies

Validate Choise of VPN topology, devices, and topologies

CCNA Discovery 4 Module 4 Exam Answers Version 4.0

CCNA Discovery 4 Module 4 Exam Answers Version 4.0


1. In addition to the technical considerations, what other major factor is used to evaluate the success of a network installation?
• final project costs
• maintenance costs
• user satisfaction
• statistics describing the performance of network devices

2. Which two network applications are most affected by network congestion and delays? (Choose two.)
• IP telephony
• live video webcasts

• audio file downloads
• online banking services
• file archival and retrieval

3. What two Cisco tools can be used to analyze network application traffic? (Choose two.)
• NBAR
• NetFlow

• AutoQoS
• Wireshark
• Custom Queuing

4. In network design, which technology can be implemented to prioritize traffic based on its importance and technical requirements?
• STP
• QoS
• RTP
• TCP
• VPN

5. What are two characteristics of voice over IP traffic? (Choose two.)
• Voice packets tend to be small.
• Voice packets must be processed in real time.

• Voice packets can effectively use TCP reliability features.
• Voice traffic can survive packet drops and retransmission delays.
• Voice packets must be converted to analog before being sent across the IP network.
• Voice packets automatically receive a higher priority value than other types of packets.

6. What are two things that a network designer can do to determine current and anticipated network traffic flows? (Choose two.)
• Survey end users to obtain customer input.
• Upgrade the Cisco IOS software in all networking devices to optimize traffic flow.
• Limit the analysis to host-to-server traffic because host-to-host traffic is unimportant.
• Run a network traffic analysis to determine which applications are in use and by whom.
• Conduct an inventory of all networking devices that includes model numbers and memory configurations

7. A company that has a traditional telephone system wants to convert to IP telephony. Which two factors should be considered for the design? (Choose two.)
• Digital communications systems have greater noise than analog systems when processing voice traffic.
• Voice-enabled routers or a server must be used for call control and signaling.
• Voice to IP conversions can cause router overhead.
• Power to the phones can be supplied through properly equipped patch panels or switches.
• The cost to combine voice and data VLANs can be a considerable amount.

8. Several web and email servers have recently been installed as part of an enterprise network. The security administrator has been asked to provide a summary of security features that can be implemented to help prevent unauthorized traffic from being sent into or out of sensitive internal networks. Which three features should the security administrator recommend? (Choose three.)
• firewalls
• priority queuing
• access control lists
• intrusion detection systems

• DHCP
• 128-bit WEP

9. The design of an IP telephony system needs to meet the technical requirements to provide a connection to the PSTN as well as provide high-quality voice transmissions using the campus network. Which two elements directly affect the ability of the design to meet these requirements?(Choose two.)
• voice-enabled firewall
• PoE switches and patch panels
• redundant backbone connectivity
• voice-enabled router at the enterprise edge
• separate voice and data VLANs with QoS implemented


10. When implementing VoIP services, which two design considerations should be followed?(Choose two.)
• Confirm that network jitter is minimal.
• Use TCP to reduce delays and dropped packets.
• Establish priority queuing to ensure that large data packets are sent uninterrupted.
• Disable real-time protocols to reduce queuing strategy demands.
• Ensure that packet delays do not exceed 150 ms.

11. What design strategy should be followed when designing a network that uses video on demand?
• implement the appropriate routing protocol to ensure that data segments arrive in order
• implement different QoS queues based on the type of video traffic being distributed
• install servers to store the data in a centrally located server farm
• configure queuing in the core routers to ensure high availability

12. When implementing QoS in traffic queues, what is the first step the designer should take to ensure that traffic is properly prioritized?
• define QoS policies
• define traffic classes
• determine traffic patterns
• identify traffic requirements
• identify networking equipment

13. Which two statements are characteristics of file transfer traffic flows? (Choose two.)
• RTP should be used.
• Traffic is predictable.
• Packets are small in size.
• Transfers are throughput intensive.
• Response-time requirements are low.


14. Which two items can be determined by diagramming internal traffic flow? (Choose two.)
• the type of ISP services needed
• the capabilities of end-user devices
• the areas where network congestion may occur
• the location of VPN servers used to connect teleworkers
• locations where high-bandwidth connections are required

15. Which two traffic types are examples of external traffic flows? (Choose two.)
• A user in the IT department telnets to the core layer router.
• A user in marketing connects to the web server of a competitor.
• A user in the IT department telnets into the access layer switch.
• A user in the services department logs in to a web-based email program.
• A user in accounting connects to an FTP server that is connected to the access layer switch.

16. Which service can be provided by the NetFlow Cisco utility?
• network planning and mapping
• IDS and IPS capabilities
• peak usage times and traffic routing
• network billing and accounting application
• security and user account restrictions
• source and destination UDP port mapping

17. Refer to the exhibit. If ACL 150 identifies only voice traffic from network 192.168.10.0/24 and no other traffic, which queue will voice traffic from other networks use?
• high
• normal
• medium
• default

18. Refer to the exhibit. After configuring QoS, a network administrator issues the command show queueing interface s0/1. What two pieces of information can an administrator learn from the output of this command? (Choose two.)
• queue traffic definitions
• priority list protocol assignments
• type of queuing being implemented
• number of packets placed in each queue

• queuing defaults that have been changed
• queuing has not been applied to this interface

19. An analysis of network protocols reveals that RTP and RTCP are being used. What uses these protocols?
• IDS
• VPN
• WLAN
• firewall
• real-time video

20. A company is considering adding voice and video to the data networks. Which two statements are true if voice and video are added? (Choose two.)
• PoE switches must be purchased.
• More UDP-based traffic flows will be evident.
• Response times will be increased even if QoS is implemented.
• QoS will most likely be implemented to prioritize traffic flows.
• VPNs will most likely be implemented to protect the voice traffic.

21. Refer to the exhibit. Which option correctly matches the terms on top with its definition on the bottom?
• A=1, B=3, C=2, D=4
• A=2, B=1, C=4, D=3
• A=2, B=4, C=1, D=3
• A=3, B=2, C=4, D=1
• A=4, B=3, C=1, D=2
• A=4, B=2, C=3, D=1

22. A database server is configured to purge all data that is 60 days old. Ten data items that are 60 days old are to be purged. However, there is a failure halfway through the transaction, and the entire transaction is voided. What type of transaction action occurred?
• atomic
• consistent
• durable
• isolated

23. What is the primary goal of QoS?
• classification of traffic
• filtering and queuing voice traffic
• reducing bandwidth requirements
• providing priority service to selected traffic

24. Which technology provides a mechanism for implementing QoS at Layer 2?
• ToS
• CoS
• DSCP
• IP precedence

25. A customer purchases tickets online and pays using a credit card, but the system goes down before the transaction is complete. What transaction type retains a record of this transaction after the system failure so that the customer will still receive the tickets and the credit card account will be debited accordingly?
• atomic
• consistent
• durable
• isolated

26. Refer to the exhibit. The network design documents include requirements to prevent switching loops, to provide link-specific failover, and to provide Layer 3 recovery. Which two protocols would be needed to provide the support? (Choose two.)
• HDLC
• HSRP
• PPP
• RSTP
• VTP

27. network design must minimize latency to support real-time streaming applications. Which two protocols enable control and scalability of the network resources and minimize latency by incorporating QoS mechanisms? (Choose two.)
• RTCP
• HSRP
• RSTP
• RTP
• RPC

28. Which two major differences are associated with IP telephony when compared to traditional telephony that uses a PBX? (Choose two.)
• manages phones centrally
• utilizes centralized call routing
• creates peer-to-peer relationships between phones
• requires a separate infrastructure to support data transfer
• requires significant manual configuration when adding, moving, or changing phones

29. When QoS is implemented in a converged network, which two factors can be controlled to improve performance? (Choose two.)
• link speed
• delay
• packet routing
• jitter
• packet addressing

CCNA Discovery 4 Module 3 Exam Answers Version 4.0

CCNA Discovery 4 Module 3 Exam Answers Version 4.0


1. It is important to identify the details of network sections and devices that will be affected or involved in a new design. This information is included in which section of the Network Design Requirements Document?
• Project Goal
• Project Scope
• Technical Requirements
• Current State of the Network

2. Which two pieces of information does the network designer need to determine if the Cisco IOS of a router requires an upgrade? (Choose two.)
• amount of NVRAM installed
• model number of the router
• number of interfaces and installed HWICs
• installed Cisco IOS feature set and version
• error statistics for each interface

3. Which three pieces of information need to be considered when selecting the proper Cisco IOS version for an upgrade? (Choose three.)
• processor ID
• interface type
• amount of DRAM
• bootstrap version
• device make and model
• size of system flash memory


4. What are two practices a network technician should follow when installing a new interface card in a router? (Choose two.)
• Be sure the interface card faceplate does not touch the chassis rear panel.
• Do not tighten the captive screws until the router has been powered on and recognizes the card.
• Store the blank faceplate inside the card slot to be used if the card is removed.
• Handle the interface card by the edges to avoid static discharge.
• Push the interface card into place until the edge connector is seated securely


5. The new serial interface card for the router arrives and the network technician reads that it is hotswappable. What does this mean?
• The card cannot be installed while the router is powered on because static discharge could damage the card.
• The card cannot be installed until the router is powered off and completely cooled down.
• The card can be installed while the router is powered on if the router supports this technology.
• The card is a replacement and must be installed in the same slot as the card it is replacing.

6. Refer to the exhibit. A network administrator issues the command shown to gain knowledge about a poorly documented network. Which two pieces of information can the network administrator discover from the command output? (Choose two.)
• One connected device has router capability.
• The entire network contains a total of five Cisco devices with CDP enabled.
• None of the directly connected network devices have been configured with an IP address.
• Device EDGE_2811 is connected to port Fast Ethernet 0/0 on device C3750-24_MDF.
• Five Cisco devices with CDP enabled are directly connected to device C3750-24_MDF

7. Refer to the exhibit. Which of the three Cisco IOS images shown will load into RAM?
• The router selects an image depending on the value of the configuration register.
• The router selects the third Cisco IOS image because it is the most recent IOS image.
• The router selects the second Cisco IOS image because it is the smallest IOS image.
• The router selects an image depending on the boot system command in the configuration.
• The router selects the third Cisco IOS image because it contains the advipservicesk9 image.

8. An administrator wants to download a new Cisco IOS software version to the local router. Which command performs this task?
• copy tftp flash
• copy flash run
• copy start tftp
• copy flash tftp
• copy tftp start

9. Refer to the exhibit. The top of the output shows the Cisco Feature Navigator regarding a Cisco IOS image that the administrator wants to install on a router. Below it is the output from the show version command for that router. Which statement is true regarding the capacity of the router to run this Cisco IOS image?
• There is not enough DRAM and flash.
• There is enough DRAM and flash.
• There is enough DRAM but not enough flash.
• There is enough flash but not enough DRAM.

10. Which two items are objectives of a WLAN design site survey? (Choose two.)
• identify coverage areas
• determine primary AP locations

• determine what AP equipment should be purchased
• determine how many users will access the WLAN
• identify the bottleneck of the LAN infrastructure

11. Refer to the exhibit. Which two actions improve the weaknesses of the topology shown, assuming that each access layer segment is in its own subnet? (Choose two.)
• Implement redundant links to each server by adding additional NICs.
• Implement a reduntant link from all access layer switches to Admin, Dist, and Server Farm.
• Implement a backup firewall with a link to a secondary ISP and implement a redundant link to the DMZ.
• Implement reduntant links from the existing firewall to all access layer switches.
• Implement redundant links from the DMZ to Admin and Dist.

12. A company is beginning to analyze their new Cisco IOS upgrade requirements. What is one of the router components that a network administrator must consider when selecting a new Cisco IOS version?
• processor type
• storage space in NVRAM
• interfaces and modules to be supported
• compatibility of the bootstrap version with the new Cisco IOS software

13. An employee at a company notices that the wireless signal strength indicator on his laptop fluctuates from good to low. The network administrator decides to do a site survey of that area. Which three factors need to be included in the survey? (Choose three.)
• type and model number of the WNIC of the laptop
• number of users in the area
• location of the AP

• list of MAC addresses filtered by the AP
• number of simultaneous applications running on the laptop of the employee
• location of walls and filing cabinets in the office

14. The new network design for AnyCompany must include support of voice and video traffic. Before upgrading, the network designer checks whether the existing devices can support the new requirements. Which three items does the designer need to check? (Choose three.)
• number of routers and switches owned by AnyCompany
• routers that will support extra ASICs and WWICs
• size of DRAM and flash on each device
• routers that will support HWICs and VWICs

• system bootstrap version on each router and switch
• modules supported on the loaded Cisco IOS

15. A new Cisco IOS version has been copied into flash from a TFTP server. When a reload is issued to upgrade the Cisco IOS, the router freezes part of the way through the loading process. What could be the problem?
• There is enough flash but not enough RAM in the router.
• The new HWIC cards have not been installed yet.
• The TFTP server needs to be present during a reload.
• The new Cisco IOS should have been loaded into NVRAM.
• The new bootstrap version is not compatible with the original version on the router.

16. Refer to the exhibit. A network designer has no documentation and is attempting to create a logical diagram of the network using the output from show commands. What can be determined from the output shown?
• The device with the ID of ISP is a router on the Internet.
• The attached switch is a VTP server in the Toronto domain.
• The designer cannot telnet to the attached switch.
• The Cisco router IOS supports enterprise-level voice and video technologies.

17. A production router is reloaded and finishes with a Router> prompt. What three facts can be determined? (Choose three.)
• POST occurred normally.
• The boot process was interrupted.
• There is not enough RAM or flash on this router.
• A full version of the Cisco IOS was located and loaded.
• A configuration file was not located in NVRAM or from a TFTP server.

• The router did not locate the Cisco IOS in flash, so it defaulted to ROM.

18. During a site survey, the network designer noticed that people were accessing the company wireless network from the parking lot. What should be done to stop the wireless signal from radiating out into the parking lot?
• change the channel on the wireless AP
• connect the wireless AP to a firewall
• change the type of antenna attached to the AP
• move the wireless AP to a secure VLAN
• move the wireless AP to a port on a Layer 3 switch

19. A network design project includes a review of the existing network. What is the purpose of this phase of the project?
• eliminate the need for a site survey
• shorten the timeframe of the project
• lower the cost of the project by removing redundant links and devices
• determine if the number of applications used within the company can be reduced
• To determine what existing network devices require upgrades to meet the new

20. Refer to the exhibit. Based upon the Cisco IOS file naming convention, what is represented by the value ipvoicek9 listed in the IOS filename?
• version
• file format
• feature set
• hardware platform

21. Refer to the exhibit. What two items can be determined from the output? (Choose two.)
• R2 is a Cisco 2600 device.
• R2 has 22 MB of RAM installed.
• The version of the IOS is 12.3.
• Over 8 MB of NVRAM is installed.
• A new 36 MB IOS file can be installed on the device.

22. During a wireless site survey, a consultant is determining the hours of peak usage and the estimated number of users in each location. The consultant is currently in what step of the site survey process?
• the defining of customer requirements
• the identification of coverage areas
• the determining of preliminary AP locations
• the measurement of signal strength

23. Refer to the exhibit. The network administrator is attempting to install a new version of the IOS on R2. Based on the exhibited output, what are two possible reasons that the transfer failed?(Choose two.)
• The administrator did not enable TFTP on R2.
• There is not enough flash available to store the new IOS.
• Connectivity between R2 and the TFTP server was not verified.
• The copy command was incorrectly entered.
• The administrator did not verify that the TFTP server is running.
24. In which section of the Network Design Requirements document would a network consulting team detail names and IP addresses of important networking components and servers, provide network diagrams and topologies, and define strengths and weaknesses of the network?
• network requirements
• project scope
• overall project goal
• state of the network

CCNA Discovery 4 Module 2 Exam Answers Version 4.0

CCNA Discovery 4 Module 2 Exam Answers Version 4.0




1. During an evaluation of the currently installed network, the IT staff performs a gap analysis to determine whether the existing network infrastructure can support the desired new features. At which stage of the Cisco Lifecycle Services approach does this activity occur?
• Prepare Phase
• Plan Phase
• Design Phase
• Implement Phase
• Operate Phase
• Optimize Phase

2. Which stage of the Cisco Lifecycle Services strategy is usually completed before an organization issues a Request For Proposal (RFP) or Request For Quotation (RFQ)?
• Prepare Phase
• Plan Phase
• Design Phase
• Implement Phase
• Operate Phase
• Optimize Phase

3. What is the purpose of SNMP?
• to facilitate the exchange of information between devices and the NMS
• to monitor and control managed network devices
• to report user logins to a monitoring station
• to verify traffic throughout the network and keep a log of all activity

4. During an analysis of a customer network, several possible opportunities for network improvement are identified. At which stage of the Cisco Lifecycle Services does this process occur?
• Prepare Phase
• Plan Phase
• Design Phase
• Implement Phase
• Optimize Phase
• Operate Phase

5. What provides the initial data for the Optimize Phase?
• performance monitoring
• business goals
• technical goals
• RFP

6. Which two statements are true regarding the response to an RFQ?(Choose two.)
• The response should be brief.
• it should strictly conform to the formatting requirements specified by the RFQ.
• Only the items that the contracting company will be addressing should be answered.
• The response helps the customer compare pricing with other potential contractors.
• The response is more complicated than a response to a RFP.

7. What are two disadvantages of using a bottom-up approach instead of a top-down approach to network design? (Choose two.)
• It can result in an inappropriate network design.
• A new design cannot be implemented right away.
• It does not take into account the business goals of the company.
• This approach is not commonly practiced and is therefore not as well known.
• It requires tedious and time-consuming meetings with the customer to develop an understanding of the organization.

8. What is a business constraint that may impact the WAN design of a company?
• company policy regarding specific operating systems on LAN devices
• current monitoring protocols implemented on end-user devices
• non-availability of end users during implementation
• company policy requiring the use of specific vendor networking equipment due to partnerships

9. What is the purpose of preparing a business case?
• to justify the financial investment in implementing the technology change
• to provide an example of a previous job done in the RFP
• to define the technical requirements of the network
• to define timelines and critical milestones

10. What is the purpose of creating a prioritized list of technical requirements?
• defines the project scope
• determines the business profitability
• creates a feasibility report for analysis
• identifies existing and new user groups

11. A network engineer is analyzing the network of a potential client company to identify problems and determine whether a network upgrade or addition is needed. Which role in the sales team is this engineer assuming?
• post-sales field engineer
• pre-sales engineer
• account manager
• network designer

12. Which two statements best describe the responsibilities of an account manager? (Choose two.)
• acts as the primary point of contact between the company and the client
• directs the sales teams and support personnel

• provides technical support to critical clients
• selects the equipment and technologies to be used for the client solution
• acts as the network design lead

13. What is the purpose of system-level acceptance testing?
• To develop an installation plan for the newly designed network
• to train end users and support personnel on the newly installed network
• to check that the newly installed network meets the business goals and design requirements
• to justify the financial investment required to implement the technology change

14. What is a purpose of establishing a network baseline?
• It provides a statistical average for network performance.
• It manages the performance of network devices.
• It creates a point of reference for future network evaluations.
• It checks the security configuration of network devices.

15. When should a network baseline be performed within the stages of the Cisco Lifecycle Services?
• Prepare Phase
• Plan Phase
• Design Phase
• Implement Phase
• Operate Phase

16. What are two benefits of using a top-down approach instead of a bottom-up approach to network design? (Choose two.)
• incorporates organizational requirements
• allows for a quick response to a design request
• requires less time up front to create a network design
• clarifies design goals from the perspective of applications and network solutions
• facilitates a design by using devices and technologies that are based on previous experience

17. Which software component is installed on network devices that are managed through SNMP?
• management agents
• management stations
• network management protocol
• Management Information Base (MIB)

18. A network engineer working for a contracting company is informed of a pre-bid meeting with a potential client. What purpose does the network engineer have for attending the pre-bid meeting?
• to submit request for proposal responses
• to discuss proposed installation and monitoring plans
• to perform system-level acceptance tests on the current network
• to clarify project scope and timelines not included in the original request for proposal
• to create a business case outlining reasons for financial investment in a network upgrade

19. A major corporation has decided to hire someone to upgrade their network infrastructure. A network consulting company wants the job. What document must the network consulting company obtain to learn about the business goals, the project scope, the requirements for the new network and the expected deliverables?
• Business Case
• Project Plan
• Request for Proposal
• Request for Comments

20. A corporation (client) wants a network upgrade and is putting out a request for services to various network consulting companies (contractors). A RFQ is required. Which statement is true concerning the RFQ?
• sent from the contractors to the client in response to a RFP
• sent from the client to the contractors along with the RFP to provide more specific technical details
• sent from the client to the contractors in place of a RFP when the technical specifications of a project are known
• sent from the contractors to the client outlining reasons for financial investments for the network upgrade

21. Which stage of the Cisco Lifecycle Services involves proactive management to identify and resolve issues before the organization is affected?
• Prepare Phase
• Plan Phase
• Design Phase
• Implement Phase
• Operate Phase
• Optimize Phase

22. Why is it important to prioritize business goals when developing network design?
• to ensure that the least expensive technologies are implemented first
• to simplify the configuration, administration, and monitoring of the newly installed network
• to anticipate the effects of changes and growth of the business
• to adhere to the best opportunities to contribute to the success of the business

23. Which two items help identify business goals and priorities before a new network project starts? (Choose two.)
• installation
• motivation
• profitability

• trustworthiness
• customer satisfaction

24. A network engineer working for ABC company is writing a response to an RFP for a network upgrade and must create an executive summary. Which statement describes the basic components of an executive summary?
• quick overview of the problem, the recommended solution, and the justification for ABC company doing the job
• detailed description of the solution, including but not limited to, timelines, turnover schedule, warranty information, and emergency recovery information
• detailed description of costs including, the cost of software and hardware components, licensing requirements, labor cost, and other applicable fees
• multiple page document containing additional information such as detailed lists of equipment required, diagrams, company background information, and insurance coverage

25. In a network management architecture, which statement best describes a management agent?
• communication protocol used between a management station and managed device
• standardized database that a device keeps about itself concerning network performance parameters
• host with the management application loaded that is used by the administrator to monitor and configure network devices
• software running on a managed device to collect network information and allow that device to be managed by a management station

Selasa, 28 Desember 2010

Tugas CCNA 3 Lab 8.3.4 Planning, Configuring and Verifying Extended ACLs

Lab 8.3.4 Planning, Configuring and Verifying Extended ACLs
Step 1: Connect the equipment
  1. Connect the Serial 0/0/0 interface of Router 1 to the Serial 0/0/0 interface of Router 2 using a serial cable.
  2. Connect the Fa0/0 interface of Router 1 to the Fa0/1 port of Switch 1 using a straight-through cable.
  3. Connect a console cable to each PC to perform configurations on the routers and switch.
  4. Connect Host 1 to the Fa0/3 port of Switch 1 using a straight-through cable.
  5. Connect Host 2 to the Fa0/2 port of Switch 1 using a straight-through cable.
  6. Connect a crossover cable between Host 3 and the Fa0/0 interface of Router 2.
Step 2: Perform basic configuration on Router 1
  1. Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
  2. On Router 1, configure the hostname, interfaces, passwords, and message-of-the-day banner and disable DNS lookups according to the addressing table and topology diagram. Save the configuration.
Step 3: Perform basic configuration on Router 2
Perform basic configuration on Router 2 and save the configuration.
Step 4: Perform basic configuration on Switch 1
Configure Switch 1 with a hostname, console, Telnet, and privileged passwords according to the addressing table and topology diagram.
Step 5: Configure the hosts with IP address, subnet mask, and default gateway
  1. Configure the hosts with IP address, subnet mask, and default gateway according to the addressing table and the topology diagram.
  2. Each workstation should be able to ping the attached router. If the pings are not successful, troubleshoot as necessary. Check and verify that the workstation has been assigned a specific IP address and default gateway.
Step 6: Configure RIP routing and verify end to end connectivity in the network
  1. On R1, enable the RIP routing protocol and configure it to advertise both connected networks.
  2. On R2, enable the RIP routing protocol and configure it to advertise both connected networks.
  3. Ping from each host to the other two hosts.
Were the pings successful? __________ yes
If the answer is no, troubleshoot the router and host configurations to find the error. Ping again until they are all successful.
Step 7: Configure Extended ACLs to control traffic
Host 3 in this network contains proprietary information. Security requirements for this network dictate that only certain devices should be allowed access to this machine. Host 1 is the only host that will be allowed to access this computer. All other hosts on this network are used for guest access and should not be allowed access to Host 3.
Step 8: Test the ACL
  1. Ping Host 3 from both Hosts 1 and 2.
Can Host 1 ping Host 3? __________ yes
Can Host 2 ping Host 3? __________ no
  1. To verify that other addresses can ping Host 3, ping Host 3 from R1.
Is the ping successful? __________ yes
  1. Display the access control list again with the show access-lists command.
Step 9: Configure and test the ACL for the next requirement
  1. Host 3 is the only host that should be allowed to connect to R1 for remote management.
  2. Because the source traffic could come from any direction, this ACL needs to be applied to both interfaces on R1. The traffic to be controlled would be inbound to the router.
  3. Now attempt to telnet to R1 from all hosts and R2. Attempt to telnet to both R1 addresses.
Can you telnet to R1 from any of these devices? If yes, which one(s)?  Jawaban: Yes, from Host 3 only.
  1. View the output of the show access-lists command on R1.
Step 11: Reflection
  1. Why is careful planning and testing of access control lists required? Jawaban: To verify that the intended traffic – and ONLY the intended – traffic is permitted.
  2. What is an advantage of using Extended ACLs over Standard ACLs? Jawaban: Extended ACLs allow you to filter based on more information that just the source address.

Tugas CCNA 3 Lab 8.3.3 Configuring and Verifying Standard ACLs

Lab 8.3.3 Configuring and Verifying Standard ACLs
Step 1: Connect the equipment
  1. Connect the Serial 0/0/0 interface of Router 1 to the Serial 0/0/0 interface of Router 2 using a serial cable.
  2. Connect the Fa0/0 interface of Rourter 1 to the Fa0/1 port of Switch 1 using a straight-through cable.
  3. Connect a console cable to the PC to perform configurations on the routers and switch.
  4. Connect H1 to the Fa0/2 port of Switch 1 using a straight-through cable.
Step 2: Perform basic configuration on Router 1
  1. Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
  2. On Router 1, configure the hostname, interfaces, passwords, and message-of-the-day banner and disable DNS lookups according to the addressing table and topology diagram. Save the configuration.
Step 3: Perform basic configuration on Router 2
Perform basic configuration on Router 2 and save the configuration.
Step 4: Perform basic configuration on Switch 1
Configure Switch 1 with a hostname and passwords according to the addressing table and topology diagram.
Step 5: Configure the host with IP address, subnet mask, and default gateway
  1. Configure the host with the proper IP address, subnet mask, and default gateway. The host should be assigned the address 192.168.200.10/24 and the default gateway of 192.168.200.1.
  2. The workstation should be able to ping the attached router. If the ping is not successful, troubleshoot as necessary. Check and verify that the workstation has been assigned a specific IP address and default gateway.
Step 6: Configure RIP routing and verify end-to-end connectivity in the network
  1. On Router 1, enable the RIP routing protocol and configure it to advertise both connected networks.
  2. On Router 2, enable the RIP routing protocol and configure it to advertise all three connected networks.
  3. Ping from Host 1 to the two loopback interfaces on Router 2.
Were the pings from Host 1 successful? __________ yes
If the answer is no, troubleshoot the router and host configurations to find the error. Ping again until they are both successful.
Step 7: Configure and test a standard ACL
Step 8: Test the ACL
  1. From Host 1, ping the 192.168.1.1 loopback address.
Is the ping successful? __________ No
  1. From Host 1, ping the 192.168.2.1 loopback address.
Is the ping successful? __________ No
  1. Issue the show access-list command again.
How many matches are there for the first ACL statement (permit)? __________
Answers will vary but there should be at least 8-16 matches if the pings to the loopbacks were done.
Step 9: Reflection
  1. Why is careful planning and testing of access control lists required? Jawaban: To verify that the intended traffic – and ONLY the intended – traffic is permitted.
  2. What is the main limitation of standard ACLs? Jawaban: They can only filter based on source address.

Tugas CCNA 3 Lab 7.2.5.3 Configuring and Verifying PAP and CHAP Authentication

Lab 7.2.5.3 Configuring and Verifying PAP and CHAP Authentication
Step 1: Connect the equipment
Connect Router 1 and Router 2 with a serial cable connecting both Serial 0/0/0 interfaces as shown in the topology diagram.
Step 2: Perform basic configuration on Router 1
  1. Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
  2. On Router 1, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.
Step 3: Perform basic configuration on Router 2
On Router 2, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.
Step 4: Configure PPP encapsulation on both R1 and R2
Change the encapsulation type to PPP by entering encapsulation ppp at the interface Serial 0/0
configuration mode prompt on both routers.
R1(config-if)#encapsulation ppp
R2(config-if)#encapsulation ppp
Step 5: Verify PPP encapsulation on R1 and R2
Enter the command show interface serial 0/0 to verify the PPP encapsulation on R1 and R2.
Step 6: Verify that the serial connection is functioning
Ping from R1 to R2 to verify that there is connectivity between the two routers.
R1#ping 192.168.15.2
R2#ping 192.168.15.1
Step 7: Turn on PPP debugging
To display the authentication exchange process as it occurs, issue the command debug ppp
authentication at the privileged EXEC mode prompt.
R1#debug ppp authentication
R2#debug ppp authentication
Step 8: Configure PPP authentication on R1 with PAP
  1. Configure the username and password on the R1 router.
  2. In Cisco IOS releases 11.1 or later, PAP must be enabled on the interface because it is disabled by default. From the Serial 0/0/0 interface configuration mode prompt, enable PAP on the interface.
Step 9: Verify that the serial connection is functioning
Verify that the serial connection is functioning by pinging the serial interface of R2.
Step 10: Configure PPP authentication on R2 with PAP
  1. Configure the username and password on the R2 router
  2. In Cisco IOS releases 11.1 or later, PAP must be enabled on the interface because it is disabled by default. From the Serial 0/0/0 interface configuration mode prompt, enable PAP on the interface.
Step 11: Verify that the serial connection is functioning
Verify that the serial connection is functioning by pinging the serial interface of R1.
Step 12: Remove PAP from R1 and R2
Remove PAP from R1 and R2 by issuing the command no in front of the commands used to configure PAP.
Step 13: Configure PPP authentication on R1 with CHAP
  1. f both CHAP and PAP are enabled, the first authentication method specified is requested during the link negotiation phase. If the peer suggests using the second method or simply refuses the first method, the second method is tried.
  2. Save the configuration on R1 and R2 and reload both routers.
  3. To display the authentication exchange process as it occurs, issue the command debug ppp authentication at the privileged EXEC mode prompt.
  4. Configure the username and password on the R1 router.
Step 14: Configure PPP authentication on R2 with CHAP
Configure the username and password on the R2 router
Step 15: Verify that the serial connection is functioning
Verify that the serial connection is functioning by pinging the serial interface of R1.
Was it successful? __________ yes
Step 16: Verify the serial line encapsulation on R1
Enter the command show interface serial 0/0 to view the details of the interface.
Step 16: Verify the serial line encapsulation on R1
Enter the command show interface serial 0/0 to view the details of the interface.
Step 18: Turn off debugging on both R1 and R2
Turn off all debugging by issuing the undebug all command on both R1 and R2.
R1#undebug all
R2#undebug all
Step 19: Reflection
  1. What is an advantage of using CHAP over PAP? Jawaban: CHAP is the preferred protocol because CHAP periodically verifies the identity of the remote node using a three-way handshake. CHAP provides protection against playback attack through the use of a variable challenge value that is unique and unpredictable. Because the challenge is unique and random, the resulting hash value will be unique and random.
  2. Which PPP protocol is used for establishing a point-to-point link? Jawaban: LCP
  3. Which PPP protocol is used for configuring the various Network Layer protocols? Jawaban: NCP

Rabu, 22 Desember 2010

CCNA3 - Lab 7.2.3.3 Configuring and Verifying a PPP Link

Step 1: Connect the equipment
Connect Router 1 and Router 2 with a serial cable connecting both Serial 0/0/0 interfaces as shown in the topology diagram.

Step 2: Perform basic configuration on Router 1
Connect a PC to the console port of the router to perform configurations using a terminal emulation program. On Router 1, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.

Step 3: Perform basic configuration on Router 2
On Router 2, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.

Step 4: Show the details of Serial 0/0/0 interface on R1
Enter the command show interface serial 0/0/0 to view the details of the interface.

Step 5: Show the details of Serial 0/0/0 interface on R2
Enter the command show interface serial 0/0/0 to view the details of the interface.

Step 6: Turn on PPP debugging
Turn on the PPP debug function on both routers by entering debug ppp negotiation at the privileged EXEC mode prompt.

Step 7: Change the encapsulation type
Change the encapsulation type to PPP by entering encapsulation ppp at the interface Serial 0/0 configuration mode prompt on both routers.

Step 8: Show the details of Serial 0/0/0 interface on R1
Enter the command show interface serial 0/0/0 to view the details of the interface.

Step 9: Show the details of Serial 0/0/0 interface on R2
Enter the command show interface serial 0/0/0 to view the details of the interface.

Step 10: Verify that the serial connection is functioning
Ping from R1 to R2 to verify that there is connectivity between the two routers.

Step 11: Reflection
  1. What command allows you to view the details of a specific interface? Jawaban: show interface serial 0/0/0 (or whichever interface you select).
  2. When should you use the debug function in a router? Jawaban: when you want to troubleshoot or to view what is occurring in real time on the network. Caution should be used to minimize the negative impact debugging has on network performance.
  3. What is the default serial encapsulation on a Cisco router? Jawaban: HDLC

CCNA3 - Lab 7.2.5.3 Configuring and Verifying PAP and CHAP Authentication

Step 1: Connect the equipment
Connect Router 1 and Router 2 with a serial cable connecting both Serial 0/0/0 interfaces as shown in the topology diagram.

Step 2: Perform basic configuration on Router 1
  1. Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
  2. On Router 1, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.
Step 3: Perform basic configuration on Router 2
On Router 2, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.

Step 4: Configure PPP encapsulation on both R1 and R2
Change the encapsulation type to PPP by entering encapsulation ppp at the interface Serial 0/0
configuration mode prompt on both routers.
R1(config-if)#encapsulation ppp
R2(config-if)#encapsulation ppp

Step 5: Verify PPP encapsulation on R1 and R2
Enter the command show interface serial 0/0 to verify the PPP encapsulation on R1 and R2.

Step 6: Verify that the serial connection is functioning
Ping from R1 to R2 to verify that there is connectivity between the two routers.
R1#ping 192.168.15.2
R2#ping 192.168.15.1

Step 7: Turn on PPP debugging
To display the authentication exchange process as it occurs, issue the command debug ppp
authentication at the privileged EXEC mode prompt.
R1#debug ppp authentication
R2#debug ppp authentication

Step 8: Configure PPP authentication on R1 with PAP
  1. Configure the username and password on the R1 router.
  2. In Cisco IOS releases 11.1 or later, PAP must be enabled on the interface because it is disabled by default. From the Serial 0/0/0 interface configuration mode prompt, enable PAP on the interface.
Step 9: Verify that the serial connection is functioning
Verify that the serial connection is functioning by pinging the serial interface of R2.

Step 10: Configure PPP authentication on R2 with PAP
  1. Configure the username and password on the R2 router
  2. In Cisco IOS releases 11.1 or later, PAP must be enabled on the interface because it is disabled by default. From the Serial 0/0/0 interface configuration mode prompt, enable PAP on the interface.
Step 11: Verify that the serial connection is functioning
Verify that the serial connection is functioning by pinging the serial interface of R1.

Step 12: Remove PAP from R1 and R2
Remove PAP from R1 and R2 by issuing the command no in front of the commands used to configure PAP.

Step 13: Configure PPP authentication on R1 with CHAP
  1. f both CHAP and PAP are enabled, the first authentication method specified is requested during the link negotiation phase. If the peer suggests using the second method or simply refuses the first method, the second method is tried.
  2. Save the configuration on R1 and R2 and reload both routers.
  3. To display the authentication exchange process as it occurs, issue the command debug pppauthentication at the privileged EXEC mode prompt.
  4. Configure the username and password on the R1 router.
Step 14: Configure PPP authentication on R2 with CHAP
Configure the username and password on the R2 router

Step 15: Verify that the serial connection is functioning
Verify that the serial connection is functioning by pinging the serial interface of R1.
Was it successful? Yes

Step 16: Verify the serial line encapsulation on R1
Enter the command show interface serial 0/0 to view the details of the interface.

Step 17: Verify the serial line encapsulation on R1
Enter the command show interface serial 0/0 to view the details of the interface.

Step 18: Turn off debugging on both R1 and R2
Turn off all debugging by issuing the undebug all command on both R1 and R2.
R1#undebug all
R2#undebug all

Step 19: Reflection
  1. What is an advantage of using CHAP over PAP? Jawaban: CHAP is the preferred protocol because CHAP periodically verifies the identity of the remote node using a three-way handshake. CHAP provides protection against playback attack through the use of a variable challenge value that is unique and unpredictable. Because the challenge is unique and random, the resulting hash value will be unique and random.
  2. Which PPP protocol is used for establishing a point-to-point link? Jawaban: LCP
  3. Which PPP protocol is used for configuring the various Network Layer protocols? Jawaban: NCP

Kamis, 09 Desember 2010

CCNA Discovery 3 Module 9 Exam Answers Version 4.0

CCNA Discovery 3 Module 9 Exam Answers Version 4.0
  1. • 172.16.3.0
  2. • There are congestion problems on the network.
  3. • The line protocol of the local router is now up.
  4. • The IP address of each subinterface must be the default gateway address for each VLAN subnet.
  5. • No clock rate has been set on the DCE interface.
  6. • The VTP domain names are different.
  7. • Check the log to see what software components are producing the excess traffic.
  8. • The packet is routed to R1 and then forwarded out Fa0/0 on R1.
  9. • VLSM is not supported by RIPv1.
  10. • The destination host address in an ACL statement is incorrect.
  11. • divide-and-conquer
  12. • The command was entered on router R1.
  13. • The ACL is applied to the wrong interface, but the right direction.
  14. • It will show network 172.16.3.0 learned from RB.
  15. • large failure domain • single point of failure.
  16. • password mismatch for PPP authentication
  17. • The router interface is in the wrong subnet.
  18. • The EIGRP process number on R2 is incorrect.
  19. • Port 0/4 is configured in access mode.20.
  20. • There is an addressing problem on the link between routers R2 and R3.
  21. • Workstation 1 is not on the same network that the RTA router LAN interface is on.
  22. • It should be performed when all switch Cisco IOS versions are upgraded dan • It should be done when the network is performing at normal activity levels.

CCNA Discovery 3 Module 8 Exam Answers Version 4.0

CCNA Discovery 3 Module 8 Exam Answers Version 4.0
1. • 60
2.• The new commands are added to the end of the current Managers ACL.
3. • Inbound ACLs deny packets before routing lookups are required.
4. • Port 80 should be specified in the ACL.
5. • informational
6. • 172.16.31.77
• 172.16.31.78
7. • 0.0.15.255
8. • specifying internal hosts for NAT
• identifying traffic for QoS
9. • Create an access list permitting only echo reply and destination unreachable packets from the outside.
10• A router automatically reloads in 30 minutes.
11. • 192.168.20.16 to 192.168.20.31
12. • access-list 137 permit ip 192.0.2.0 0.0.0.255 any
access-list 137 permit tcp 198.18.112.0 0.0.0.255 any eq www
13. • Standard ACLs are usually placed so that all packets go through the network and are filtered at the destination.
• Standard ACLs filter based on source address only, and must be placed near the destination if other traffic is to flow.
• Extended ACLs filter with many possible factors, and they allow only desired packets to pass through the network if placed near the source.
14. • access-list 101 deny ip 192.168.3.77 0.0.0.0 192.168.2.0 0.0.0.255
access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
15. • access-list 56 deny 172.19.123.0 0.0.0.255
access-list 56 permit any
16. • Router(config)# access-list 101 permit tcp any 192.168.10.25 0.0.0.0 eq telnet
Router(config)# access-list 101 deny ip any any
Router(config)# int s0/0
Router(config-if)# ip access-group 101 in
Router(config-if)# int fa0/0
Router(config-if)#ip access-group 101 in
17. • access-list 101 permit tcp 10.220.158.10 0.0.0.0 host 192.168.3.224 eq 80
18. • 0.0.0.31
19. • Use only Secure Shell (SSH) on the vty lines.
20. • A large amount of ICMP traffic is being denied at the interface, which can be an indication of a DoS 


CCNA Discovery 3 Module 6 Exam Answers Version 4.0

CCNA Discovery 3 Module 6 Exam Answers Version 4.0
1. • HQ is a DROTHER.
2. • A DR is not elected.
• OSPF neighbor routers are statically defined.
3. • The default-information originate command is applied on R1.
4. • neighbor adjacencies
5. • R3 to R2 to R1
6. • router ospf 1
network 192.168.10.64 0.0.0.63 area 0
network 192.168.10.192 0.0.0.3 area 0
7. • network 10.8.0.0 0.3.255.255 area 0
8. • The router with the highest OSPF priority setting wins the election for DR.
9. • Router2(config-router)# network 172.16.32.0 0.0.15.255 area 0
10.• All routers in the same area have identical link-state databases when converged.
• Calculating the shortest path for each destination is accomplished with the SPF algorithm.
11. • The DR and BDR do not change until the next election.
12. • Elections are required in broadcast multiaccess networks.
• Elections are sometimes required in NBMA networks.
13. • The timer intervals on the routers do not match.
14. • It is the OSPF cost metric.
15. • provides a stable OSPF router ID on router B
16. • The router views 10.16.1.64/30 and 10.16.1.64/27 as two different networks.
17. • Distance vector protocols take existing routes from their neighbors and add to them. Link-state protocols     independently calculate full routes.
18. • 192.168.0.0/24 through 192.168.15.0/24
19. • 224.0.0.5
20. • R2 will be DR and R3 will be BDR.
21. • isolation of network instability
22. • Routers have direct knowledge of all links in the network and how they are connected.
• After the initial LSA flooding, routers generally require less bandwidth to communicate changes in a topology.
23. • Each router has a link-state database containing the same status information.
24.• The OSPF routing configuration on RTRC has a missing or incorrect network statement.


CCNA Discovery 3 Module 5 Exam Answers Version 4.0

CCNA Discovery 3 Module 5 Exam Answers Version 4.0
1. • They can support multiple routed protocols
• They send partial routing updates in response to topology changes.
• They use hello packets to inform neighboring routers of their status.
2.• A distance vector routing protocol is used.
• Routing updates broadcast every 30 seconds.
• Hop count is the only metric used for route selection.
3. • The route is viable and can be used to forward traffic.
4.• Suboptimal paths will be selected.
• Network convergence may be affected.
5. • 90

6. • RIP is the routing protocol configured.
• The metric for this route is 2.
7.• RTA and RTB will accept updates from each other.
8. • RTP
9. • RTR-2(config)# router eigrp 1
RTR-2(config-router)# network 198.18.76.0
10. • the use of variable length subnet masks
11. • the calculated metric for the destination network
12. • It identifies the directly connected networks that will be included in the RIP routing updates.
13. • by exchanging hello packets with neighboring routers
14. • ip summary-address eigrp 1 192.168.10.64 255.255.255.192
15. • every 30 seconds
16.• RIPv1 is a classful routing protocol.
• RIPv1 does not support VLSM.
17. • EIGRP authentication uses the MD5 algorithm.
• EIGRP authentication uses a pre-shared key.
18. • when a network contains discontiguous network addresses
19. • 15 hops
20. • A feasible successor route can be found in the topology table.
• The topology table shows whether a route is in the passive or active state.
21. • RIPv2 is configured on this router.

Kamis, 02 Desember 2010

CCNA Discovery 3 Module 4 Exam Answers Version 4.0

CCNA Discovery 3 Module 4 Exam Answers Version 4.0

1. A network engineer is implementing a network design using VLSM for network 192.168.1.0/24. After subnetting the network, the engineer has decided to take one of the subnets, 192.168.1.16/28 and subnet it further to provide for point-to-point serial link addresses. What is the maximum number of subnets that can be created from the 192.168.1.16/28 subnet for serial connections?
• 1
• 2
• 4
• 6
• 8
• 16

2. When running NAT, what is the purpose of address overloading?
• limit the number of hosts that can connect to the WAN
• allow multiple inside addresses to share a single global address
• force hosts to wait for an available address
• allow an outside host to share inside global addresses


3. What two advantages does CIDR provide to a network? (Choose two.)
• reduced routing table size
• dynamic address assignment
• automatic route redistribution
• reduced routing update traffic
• automatic summarization at classful boundaries

4. How does a router keep track of which inside local address is used when NAT overload is configured?
• The router adds an additional bit to the source IP address and maintains a separate table.
• The router modifies the QoS field.
• The router uses TCP or UDP port numbers.
• The router uses a manual entry that is created and maintained in the database of the router.

5. What is a characteristic of a classful routing protocol on the network?
• All subnets are seen by all routers.
• CIDR addresses are advertised.
• A subnet can be further subnetted down and advertised correctly.
• Updates received by a router in a different major network have the default mask applied.

6. Refer to the exhibit. Which address is an inside global address?
• 10.1.1.1
• 10.1.1.2
• 198.18.1.55
• 64.100.0.1

7. Refer to the exhibit. All networks that are shown have a /24 prefix. Assuming that all routes have been discovered by all routers in the network, which address will successfully summarize only the networks that are shown?
• 192.168.8.0/21
• 192.168.8.0/24
• 192.168.16.0/20
• 192.168.16.0/21
• 192.168.16.0/24

8. What is the CIDR prefix designation that summarizes the entire reserved Class B RFC 1918 internal address range?
• /4
• /8
• /12
• /16
• /20

9. Which NAT term refers to the IP address of your inside host as it appears to the outside network?
• inside global IP address
• outside global IP address
• inside local IP address
• outside local IP address

10. A network administrator is asked to design a new addressing scheme for a corporate network. Presently, there are 500 users at the head office, 200 users at sales, 425 at manufacturing, and 50 at the research site. Which statement defines the correct VLSM addressing map with minimal waste using the 172.16.0.0/16 network?
• 172.16.0.0/20 head office
172.16.1.0/21 manufacturing
172.16.1.0/22 sales
172.16.3.0/26 research

• 172.16.48.0/19 head office
172.16.16.0/20 manufacturing
172.16.48.128 sales
172.16.48.0/26 research

• 172.16.2.0/23 head office
172.16.4.0/23 manufacturing
172.16.6.0/24 sales
172.16.7.0/26 research

• 172.16.2.0/22 head office
172.16.3.0/23 manufacturing
172.16.4.0/26 sales
172.16.4.128/25 research

11. A company using a Class B IP addressing scheme needs as many as 100 subnetworks. Assuming that variable length subnetting is not used and all subnets require at least 300 hosts, what subnet mask is appropriate to use?
• 255.255.0.0
• 255.255.240.0
• 255.255.254.0
• 255.255.255.0
• 255.255.255.128
• 255.255.255.192

12. Host A in the exhibit is assigned the IP address 10.118.197.55/20. How many more network devices can be added to this same subnetwork?
• 253
• 509
• 1021
• 2045
• 4093

13. Refer to the exhibit. RIP version 2 is configured as the network routing protocol and all of the default parameters remain the same. Which update is sent from R2 to R3 about the 10.16.1.0/24 network connected to R1?
• 10.16.0.0/16
• 10.0.0.0/24
• 10.0.0.0/8
• 10.16.1.0/24

14. What range of networks are summarized by the address and mask, 192.168.32.0/19?
• 192.168.0.0/24 - 192.168.32.0/24
• 192.168.0.0/24 - 192.168.31.0/24
• 192.168.32.0/24 – 192.168.64.0/24
• 192.168.32.0/24 – 192.168.63.0/24

15. Refer to the exhibit. Based on the output of the show ip nat translations command, which kind of address translation is in effect on this router?
• static
• public
• overload
• private

16. How many addresses will be available for dynamic NAT translation when a router is configured with the following commands?
• Router(config)#ip nat pool TAME 209.165.201.23 209.165.201.30 netmask 255.255.255.224
• Router(config)#ip nat inside source list 9 pool TAME
• 7
• 8
• 9
• 10
• 24
• 31

17. Refer to the exhibit. Which two IP addresses could be assigned to the hosts that are shown in the exhibit? (Choose two.)
• 192.168.65.31
• 192.168.65.32
• 192.168.65.35
• 192.168.65.60
• 192.168.65.63
• 192.168.65.64

18. What are the network and broadcast addresses for host 192.168.100.130/27? (Choose two.)
• network 192.168.100.0
• network 192.168.100.128
• network 192.168.100.130
• broadcast 192.168.100.157
• broadcast 192.168.100.159
• broadcast 192.168.100.255

19. Refer to the exhibit. Which two are valid VLSM network addresses for the serial link between Router1 and Router2? (Choose two.)
• 192.168.1.4/30
• 192.168.1.8/30
• 192.168.1.90/30
• 192.168.1.101/30
• 192.168.1.190/30

20. When configuring NAT on a Cisco router, what is the inside local IP address?
• the IP address of an inside host as it appears to the outside network
• the IP address of an outside host as it appears to the inside network
• the IP address of an inside host as it appears to the inside network
• the configured IP address assigned to a host in the outside network

Rabu, 01 Desember 2010

CCNA2 – Lab 5.1.2 Powering Up an Integrated Services Router

CCNA2 – Lab 5.1.2 Powering Up an Integrated Services Router

Objectives
  • Set up a new Cisco 1841 Integrated Services Router ( ISR ).
  • Connect a computer to the router console interface.
  • Configure Hyper Terminal so that the computer can communicate with the router
Background / Preparation
This lab focuses on the initial setup of the Cisco 1841 ISR. If a Cisco 1841 ISR is not available, you can use another router  model. The information in this lab applies to other routers. A Cisco ISR combines routing and switching functions, security, voice, and LAN and WAN connectivity into a single device, which makes it appropriate for small-sized to medium-sized businesses and for ISP-managed customers.
Some steps in this lab are normally only performed once during initial setup. These steps are indicated as optional.
The following resources are required :
  • Cisco 1841 ISR other comparable router.
  • Power Cable
  • Windows PC with terminal emulation program
  • RJ45-to-DB9 connector console cable.
Step 1 : position router and connect ground wire (Optional)
Note : this Step is optional and is required only if the router is being set up for the first time. Read through it to become familiar with the process.
a.    Position the router chassis to allow unrestricted air  flow for chassis cooling. Keep at least 1inch  ( 2.5 4 c m ) of clear space beside the cooling inlet and exhaust vents. CAUTION: Do not place any items that weigh more than 10 pounds (4.5  kilograms)  on top of the chassis, and do not stack routers on top of each other.
b.    Connect the chassis to a reliable earth ground using a ring terminal and size 14AWG (2 mm ) wire using these step :
NOTE: Your instructor should inform you where a reliable earth ground is
1.    Strip one end of the ground wire to expose approximately 3/4 inch ( 20mm ) of conductor.
2.    Crimp the 14AWG (2 mm ) green ground wire to a UL Listed / CS A certified ring terminal using a crimping tool that is recommended by the ring terminal manufacturer. The ring terminal provided on the back panel of the Cisco 1841 ISR router is suitable for a Number 6 grounding screw.
3.    Attach the ring terminal to the chassis as shown in the figure below. Use a Number 2 Phillips screw driver and the screw that is supplied with the ring terminal and tighten the screw
4.    Connect the other end of the ground wire to a suitable earth ground that the instructor indicates.
Step 2 : Install the Compact Flash memory card ( Optional)
NOTE: This step is optional and is required only if the router is being set up for the first time. To avoid wear on the memory card and ejector mechanism, do not actually perform this step. Read through it to become familiar with the process.
a.    Attach a grounding strap to your wrist to avoid electro shock damage to the card. Seat the external Compact Flash memory card properly into the slot. This step depends on the type of router. Not all routers have flash cards.
b.    If  the router has a Compact Flash memory card, check that the ejector mechanism is fully seated. Theejector button is next to the Compact Flash memory card.
c.    Connect the power cable to the ISR and to the power outlet.
Step 4: Power up the ISR
a.    Move the power switch on the back of the ISR to the ON position. During this step, the LEDs on the chassis turn on and off, not necessarily at the same time. The LED  activity depends on what is installed in  the ISR .
b.    Observe the startup messages as they appear in the terminal emulation  program window. While these messages are appearing, do not press any keys  on the keyboard. Pressing a key interrupts the router start up process. Some examples of start up messages displayed are the amount of main memory installed and the image type of the Cisco IOS software that the computer is using. Can you find these example start up  messages in the following figure?
Step 5 : Reflection
a.    Is  there anything about this procedure that is risky?
b.    Why do the router cover, all modules, and cover plates need to be installed?
c.    How many routers can you safely stack on top of each other ?
2)      1
3)      2
4)      3

Kamis, 25 November 2010

modul ccn 3 dan 3

CCNA Discovery 3 Module 3 Exam Answers Version 4.0
1.


Refer to the exhibit. What two statements can be concluded from the information that is shown in the exhibit? (Choose two.)
• All ports that are listed in the exhibit are access ports.
• ARP requests from Host1 will be forwarded to Host2.
• Attaching Host1 to port 3 will automatically allow communication between both hosts.
• The default gateway for each host must be changed to 192.168.3.250/28 to allow communication between both hosts.
• A router connected to the switch is needed to forward traffic between the hosts.
Jawaban
• The default gateway for each host must be changed to 192.168.3.250/28 to allow communication between both hosts.

2.

A router is configured to connect to a trunked uplink as shown in the exhibit. A packet is received on the FastEthernet 0/1 physical interface from VLAN 10. The packet destination address is 192.168.1.120. What will the router do with this packet?
• The router will forward the packet out interface FastEthernet 0/1.1 tagged for VLAN 10.
• The router will forward the packet out interface FastEthernet 0/1.2 tagged for VLAN 60.
• The router will forward the packet out interface FastEthernet 0/1.3 tagged for VLAN 60.
• The router will forward the packet out interface FastEthernet 0/1.3 tagged for VLAN 120.
• The router will not process the packet since the source and destination are on the same subnet.
• The router will drop the packet since no network that includes the source address is attached to the router.
Jawaban
• The router will forward the packet out interface FastEthernet 0/1.3 tagged for VLAN 120.


3. The information contained in a BPDU is used for which two purposes? (Choose two.)
• to prevent loops by sharing bridging tables between connected switches
• to set the duplex mode of a redundant link
• to determine the shortest path to the root bridge
• to determine which ports will forward frames as part of the spanning tree
• to activate looped paths throughout the network

4. A router has two serial interfaces and two Fast Ethernet interfaces. This router must be connected to a WAN link and to a switch that supports four VLANs. How can this be accomplished in the most efficient and cost-effective manner to support inter-VLAN routing between the four VLANs?
• Connect a smaller router to the serial interface to handle the inter-VLAN traffic.
• Add two additional Fast Ethernet interfaces to the router to allow one VLAN per interface.
• Connect a trunked uplink from the switch to one Fast Ethernet interface on the router and create logical subinterfaces for each VLAN.
• Use serial-to-Fast Ethernet transceivers to connect two of the VLANs to the serial ports on the router. Support the other two VLANs directly to the available FastEthernet ports.

5. When are MAC addresses removed from the CAM table?
• at regular 30 second intervals
• when a broadcast packet is received
• when the IP Address of a host is changed
• after they have been idle for a certain period of time

6.

Refer to the exhibit. Switch1 is not participating in the VTP management process with the other switches. Which two are possible reasons for this? (Choose two.)
• Switch2 is in transparent mode.
• Switch1 is in client mode.
• Switch1 is using VTP version 1 and Switch2 is using VTP version 2.
• Switch2 is in server mode.
• Switch1 is in a different management domain.
• Switch1 has no VLANs.

7. Which three must be used when a router interface is configured for VLAN trunking? (Choose three.)
• one subinterface per VLAN
• one physical interface for each subinterface
• one IP network or subnetwork for each subinterface
• one trunked link per VLAN
• a management domain for each subinterface
• a compatible trunking protocol encapsulation for each subinterface

8.

Refer to the exhibit. The switches are connected with trunks within the same VTP management domain. Each switch is labeled with its VTP mode. A new VLAN is added to Switch3. This VLAN does not show up on the other switches. What is the reason for this?
• VLANs cannot be created on transparent mode switches.
• Server mode switches neither listen to nor forward VTP messages from transparent mode switches.
• VLANs created on transparent mode switches are not included in VTP advertisements.
• There are no ports assigned to the new VLAN on the other switches.
• Transparent mode switches do not forward VTP advertisements.

9. Which two criteria are used by STP to select a root bridge? (Choose two.)
• memory size
• bridge priority
• switching speed
• number of ports
• base MAC address
• switch location

10. Which three steps should be taken before moving a Catalyst switch to a new VTP management domain? (Choose three.)
• Reboot the switch.
• Reset the VTP counters to allow the switch to synchronize with the other switches in the domain.
• Download the VTP database from the VTP server in the new domain.
• Configure the VTP server in the domain to recognize the BID of the new switch.
• Select the correct VTP mode and version.
• Configure the switch with the name of the new management domain.

11. Which two items will prevent broadcasts from being sent throughout the network? (Choose two.)
• bridges
• routers
• switches
• VLANs
• hubs

12. Which two characteristics describe a port in the STP blocking state? (Choose two.)
• provides port security
• displays a steady green light
• learns MAC addresses as BPDUs are processed
• discards data frames received from the attached segment
• receives BPDUs and directs them to the system module

13. What is the first step in the process of convergence in a spanning tree topology?
• election of the root bridge
• determination of the designated port for each segment
• blocking of the non-designated ports
• selection of the designated trunk port
• activation of the root port for each segment

14. In which STP state does a switch port transmit user data and learn MAC addresses?
• blocking
• learning
• disabling
• listening
• forwarding

15. What is the purpose of VTP?
• maintaining consistency in VLAN configuration across the network
• routing frames from one VLAN to another
• routing the frames along the best path between switches
• tagging user data frames with VLAN membership information
• distributing BPDUs to maintain loop-free switched paths

16. Which statement best describes adaptive cut-through switching?
• The switch initially forwards all traffic using cut-through switching and then changes to store-and-forward switching if errors exceed a threshold value.
• The switch initially forwards all traffic using cut-through switching and then changes to fast-forward switching if errors exceed a threshold value.
• The switch initially forwards all traffic using cut-through switching and then temporarily disables the port if errors exceed a threshold value.
• The switch initially forwards all traffic using store-and-forward switching and then changes to cut-through switching if errors exceed a threshold value.

17. Using STP, how long does it take for a switch port to go from the blocking state to the forwarding state?
• 2 seconds
• 15 seconds
• 20 seconds
• 50 seconds

18.

Refer to the exhibit. The switches are interconnected by trunked links and are configured for VTP as shown. A new VLAN is added to Switch1. Which three actions will occur? (Choose three.)
• Switch1 will not add the VLAN to its database and will pass the update to Switch 2.
• Switch2 will add the VLAN to its database and pass the update to Switch3.
• Switch3 will pass the VTP update to Switch4.
• Switch3 will add the VLAN to its database.
• Switch4 will add the VLAN to its database.
• Switch4 will not receive the update.

19 Which Catalyst feature causes a switch port to enter the spanning-tree forwarding state immediately?
• backbonefast
• uplinkfast
• portfast
• rapid spanning tree

20.

Refer to the exhibit. Which set of commands would be used on the router to provide communication between the two hosts connected to the switch?
• Router(config)# interface vlan 2
Router(config-if)# ip address 192.168.2.1 255.255.255.0
Router(config-if)# no shutdown
Router(config)# interface vlan 3
Router(config-if)# ip address 192.168.3.1 255.255.255.0
Router(config-if)# no shutdown
• Router(config)# interface fastethernet 0/0
Router(config-if)# no shutdown
Router(config-if)# interface fastethernet 0/0.2
Router(config-subif)# encapsulation dot1q 2
Router(config-subif)# ip address 192.168.2.1 255.255.255.0
Router(config-if)# interface fastethernet 0/0.3
Router(config-subif)# encapsulation dot1q 3
Router(config-subif)# ip address 192.168.3.1 255.255.255.0
• Router(config)# interface vlan 2
Router(config-if)# switchport mode trunk dot1q
Router(config)# interface vlan 3
Router(config-if)# switchport mode trunk dot1q
• Router(config)# interface fastethernet 0/0
Router(config-if)# mode trunk dot1q 2 3
Router(config-if)# ip address 192.168.2.1 255.255.255.0