The TCP/IP application layer protocols provide ____________ to the ______________ running on a computer.

SERVICES

APPLICATION SOFTWARE

List two protocols for each layer in the TCP model

APPLICATION

TRANSPORT

INTERNET

DATA-LINK + PHYSICAL

APPLICATION - HTTP, SMTP, POP3

TRANSPORT - TCP, UDP

INTERNET - IP, ICMP

DATA-LINK + PHYSICAL - Ethernet, 802.11 (wireless)

Transport layer protocols provide services to the application layer protocols that reside one layer ____________ in the TCP/IP model.

1. higher
2. lower

HIGHER

TCP/IP needs a mechanism to guarantee delivery of data across a network. To recover from errors, TCP uses the concept of _______________

1. salutes
2. handshakes
3. agreements
4. acknowledgements

ACKNOWLEDGEMENTS

__________, which refers to the concepts of how adjacent layers in a networking model, on the same computer, work together.

1. Same-layer interaction
2. adjacent-layer interaction
3. OSI layer
4. Routing

ADJACENT LAYER

Name the four different switchport modes can be configured on a switch:

1. access

2. trunk

3. dynamic desirable

4. and dynamic auto.

TRUE/FALSE: The switchport mode access and switchport mode trunk commands statically configure a switchport as an access or a trunking port, respectively.

TRUE

TRUE/FALSE: The switchport mode dynamic desirable and switchport mode dynamic auto commands ARE NOT used to configure a switchport to dynamically form a trunk.

FALSE

TRUE/FALSE: A switchport in desirable mode will actively attempt to form a trunk, whereas the auto mode will not form a trunk unless connected to another device that is configured as either dynamic desirable or as static trunk .

TRUE

Refer to the exhibit and diagram; to make it possible for all traffic to pass between PC1’s LAN and PC2’s LAN, the link between SW1 and SW2 will be configured as a trunk. Which Cisco IOS command could be used on SW1’s Gi0/1 interface to force it to actively attempt to trunk with SW2?

• switchport trunk negotiate
• switchport mode dynamic auto
• switchport mode dynamic desirable
• switchport trunk auto

switchport mode dynamic desirable

In this network, all switches are powered on, and all relevant VLANs have been configured correctly and are working. Based on the output in the exhibit, which of the following statements is true about switch SW2?

• Not enough information is provided to know which interfaces are trunking.
• No interfaces are currently trunking.
• Three interfaces are trunking.
• Only one interface is trunking.
• Two interfaces are trunking.

Three interfaces are trunking.

Which Cisco IOS command can be used to display which VLANs are supported over a specific configured switch trunk?

show interfaces trunk

TRUE/FALSE: Both the show interfaces trunk and the show interfaces interface switchport commands CAN BE USED to display the VLANs that are allowed over a trunk.

TRUE

Refer to the highlighted photo. What does the highlighted text mean?

That EtherChannel is operational

Refer to the highlighted photo. What is a port channel?

1. A port channel bundles up to eight individual interfaces into a group to provide increased bandwidth and redundancy.

2. Port channeling also load balances traffic across physical interfaces.

3. The port channel stays operational as long as at least one physical interface within the port channel is operational.

Refer to the highlighted photo.

TRUE/FALSE: Both the passive and active modes allow LACP to negotiate between ports to determine if they can form a port channel, based on criteria such as the port speed and the trunking state.

TRUE

Refer to the highlighted photo:

TRUE/FALSE: A port in active mode can form a port channel successfully with another port that is in active mode.

TRUE

Refer to the highlighted photo:

TRUE/FALSE: A port in active mode can form a port channel with another port in passive mode.

TRUE

Refer to the highlighted photo:

TRUE/FALSE

• A port in passive mode cannot form a port channel with another port that is also in passive mode, because neither port will initiate negotiation.
• A port in on mode is not running LACP.

TRUE

TRUE

Which Cisco IOS command can be used to display which VLANs are supported over a specific configured switch trunk?

show interfaces trunk

Refer to the highlighted photo. What is LACP?

Link Aggregation Control Protocol IEEE 802.3ad (LACP) is an open standard of Ethernet link aggregation. LACP allows Cisco switches to manage Ethernet channels between switches that conform the 802.3ad protocol.

RSTP serves as an improved protocol in comparison to the older STP. Which of the following answers lists a feature of RSTP that does not exist in STP?

• The criteria used by a nonroot switch to choose its own root port
• The criteria used by switches to determine the designated port on a segment
• The criteria used by switches to determine a port to act in the backup port role
• The criteria used by switches to elect a root switch

The criteria used by switches to determine a port to act in the backup port role

TRUE/FALSE: RSTP uses the same rules as STP for choosing the root and choosing which ports serve as root port and designated port.

TRUE

What is the default bridge priority on Cisco switches?

32768

TRUE/FALSE: Both the show interfaces trunk and the show interfaces interface switchport commands can be used to display the VLANs that are allowed over a trunk.

TRUE

For which reasons was the RFC 1918 address space defined?

• To reduce the Internet router’s routing table size
• To support the NAT protocol
• To preserve the public IPv6 address space
• To avoid/delay IPv4 address exhaustion

• To reduce the Internet router’s routing table size
• To support the NAT protocol
• To preserve the public IPv6 address space
• To avoid/delay IPv4 address exhaustion

TRUE/FALSE: In the early 1990s, IANA could see issues with the current assignment of IPv4 addresses.

1) Routing information overload.

2) Eventual exhaustion of IP network numbers because of the quick growth of the Internet.

TRUE

An engineer at Acme Corporation was tasked with the subnetting design for a new headquarters location. The only information she was given is shown here:

Use the 172.20.0.0/16 address space.

Plan for at least 400 different subnets of the same size.

Plan for each subnet to have at least 50 hosts per subnet.

How many subnet and host bits would be required?

• Subnet: 8, Host: 8
• Subnet: 11, Host: 5
• Subnet: 9, Host: 7
• Subnet: 10, Host: 6

• Subnet: 8, Host: 8
• Subnet: 11, Host: 5
• Subnet: 9, Host: 7
• Subnet: 10, Host: 6

To which subnet does host 192.168.148.76/29 belong?

192.165.148.56

**TROUBLESHOOTING LAYER 3**

TRUE OR FALSE:the portchannel interface must be configured with no switchport command, and so must the physical interfaces

TRUE

A ping means that you have what kind of layer connectivity?

Layer 1, Layer 2, and Layer 3 connectivity

TRUE/FALSE: A ping fails does not mean that your devices are not connected

TRUE

The number of routers that a packet has to go to in order to reach a destination is called what?

HOPS

true/false: Access Control Lists filter traffic

TRUE

TRUE/FALSE: A ping will not work on a switch

TRUE

TRUE/FALSE: A ping on a switch will not work, because a switch is a layer 2 device

TRUE

Name the protocol that provides a command line interface for communication with a remote device or server, sometimes employed for remote management but also for initial device setup like network hardware.

TELNET

T/F: a router has the responsibility of finding out the best path for network traffic.

TRUE

This type of protocol:

1. Learns routing info about IP subnets from neighboring routers
2. Advertises routing info about IP subnets from neighboring routers
3. If more than one possible route exists to reach one subnet, this protocol pics the best route based on a metric
4. Picks a route based on convergence

Routing protocol

What does the letters in OSPF stand for?

Open shortest path first (OSPF)

What algorithm does OSPF to determin the best path?

Dijkstra Shortest Path First algorithm (SPF)

What algoritm does EIGRP (Enhanced Interior Gateway Routing Protocol) use?

DUAL (diffusing update algorithm)

TRUE/FALSE: Routers discard data link headers and trailers as they forward IP packets.

TRUE

Which two steps must you perform to enable router-on-a-stick on a router subinterface?

• Configure the subinterface with an IP address.
• Configure IEEE 802.1q encapsulation for the VLAN.

Fill in the blank: A ____________ static route is a method that is used to add a static route to the routing table should an existing better route disappear. This usually happens when the main routing protocol that is used is cut off from a spoke/branch. When the device sees that the routing protocol route has been removed from the routing table, it inserts the static route.

FLOATING STATIC ROUTE

FILL IN THE BLANK: Although modern routers often have CSU/DSUs that are built into the card installed, external CSU/DSUs are still installed; in these circumstances, a ________________ is used to connect a router to the CSU/DSU.

SERIAL CABLE

What 3 troubleshooting tools can you use to help resolve a connectivity problem?

• CDP
• ping
• traceroute

Which Cisco IOS command can be used on a router to view the different VLANs that have been configured into a ROAS configuration?

show vlans

The __________________ command is very useful because it not only displays the different VLANs that have been configured on a router but also displays the interfaces or subinterfaces that are handling the traffic, which interface or subinterface is handling the native traffic, and some brief packet statistics.

show vlans

The command _________________ will show the LSAs known by that router.

show ip ospf database

The___________, ________________, _______________, and _______________ commands are all valid commands that can assist in the verification and troubleshooting of OSPF, but they do not show the LSAs known to the router in OSPF.

• show running-config
• show ip ospf interface
• show ip ospf neighbors
• show ip route ospf

Which OSPF command will display the OSPF network type that a specific interface uses?

show ip ospf interface g0/1

Which Cisco IOS command can be used to disable the OSPF process temporarily?

SHUTDOWN

Which Cisco command can be used to list details about the route that a router would match when processing a packet destined for the IPv6 address in the command ?

show ipv6 route

Validation of the right kind of hardware, using an 802.11 capable device is called ________-

OPEN AUTHENTICATION

What does the letters in WEP stand fopr and why is it used

Wireless Equivalent Privacy

• A method to make a wireless link more or like the equivalent to a wired connection.

Router R1 has the configuration shown in the exhibit. The only users allowed to telnet into R1 sit in the subnet connected to R1's Fa0/0 interface. Which of the following configuration commands, added to R1's configuration, would allow access to R1 for only those users, while allowing packets to flow through router R1?

• ip access-group 1 in, from inside interface configuration mode for Fast Ethernet 0/0
• ip access-group 9 in, from inside interface configuration mode for Fast Ethernet 0/0
• access-class 1 in, from inside vty configuration mode
• access-class 9 in, from inside vty configuration mode
• access-class 9 out, from inside vty configuration mode

access-class 1 in, from inside vty configuration mode

Well known (system) ports are assigned by the Internet Assigned Numbers Authority (IANA) with a strict review process for new ports.

• Well known (system) ports range from 0 through _____.
• User (registered) ports range from _____ through _________.
• Ephemeral (dynamic, private) ports are unassigned ports that are intended to be dynamically allocated and temporarily used for client applications while the application is running. Ephemeral ports range from ____ through _____.

• Well known (system) ports range from 0 through 1023.
• User (registered) ports range from 1024 through 49151.
• Ephemeral (dynamic, private) ports are unassigned ports that are intended to be dynamically allocated and temporarily used for client applications while the application is running. Ephemeral ports range from 49152 through 65535.

If you wanted to see the configured subnet mask value in prefix notation rather than in dotted decimal on a Linux system, which command(s) would you use?

ip address

The ____ command shows the subnet mask in dotted decimal format, while the ____ command shows the subnet mask in prefix notation, also referred to as “slash notation.”

The ifconfig command shows the subnet mask in dotted decimal format, while the ip address command shows the subnet mask in prefix notation, also referred to as “slash notation.”

The ____ command is used to show the local routing table on a Windows, macOS, and Linux device.The ________________ command is used to show the configured default gateway on a macOS

The netstat command is used to show the local routing table on a Windows, macOS, and Linux device.The networksetup -getinfo Ethernet command is used to show the configured default gateway on a macOS

What VPN feature provides encryption and authentication services, but only for applications accessible from the user’s web browser?

SSL (Secure Sockets Layer)

What is a Secure Sockets Layer?

a technology that performs data authentication and encryption for the data transmitted through the internet connection.

This technology encrypts the data that is transmitted between two systems (usually between a server and a client) over internet in order to ensure that the information remains private and safe.

Which of the types of malware in the answers propagates automatically?

Worm

Web browsers connect to web servers by referencing the ____ of the web server.

Web browsers connect to web servers by referencing the URI (Uniform Resource Identifier) of the web server.

Which of the following can be assigned to a host?

1. 214.122.127.76/26
2. 225.16.102.232/28
3. 0.102.62.1/24
4. 150.159.216.202/24
5. 12.150.146.96/27

1. 214.122.127.76/26
2. 12.150.146.96/27

What type of output is shown in the exhibit?

JSON (JavaScript Object Notation)

This output is directly from a DNA Center RESTful API request called “Get Network Device by IP” and the output is in JSON form.

What congestion management solution was designed specifically for voice and video that has specialized low delay, jitter, and loss requirements?

Low Latency Queuing

____provides preferential treatment for this traffic over other class-based queuing methods so that regardless of the current congestion conditions the traffic is forwarded.

Low Latency Queuing

When comparing next-generation firewalls to traditional firewalls what additional capability can be leveraged to more efficiently block invalid application traffic?

Filter based on the application data

For a particular NAT implementation, a private address 192.168.1.1 should always be translated with a 1:1 mapping to IP address 12.150.146.100. Which command accomplishes this?

• ip nat outside source static 192.168.1.1 12.150.146.100
• ip nat inside source static 192.168.1.1 12.150.146.100
• ip nat inside source list 1 pool outside
• ip nat inside source int s0 overload

• ip nat inside source static 192.168.1.1 12.150.146.100

Which part of the following URI is the hostname?

DNAC.example.com

Refer to the diagram. PC1 sent out a DHCP discover message looking to find a DHCP server to obtain an address. What source IP address would R1 use for this message to R2?

• 0.0.0.0
• 255.255.255.255
• 192.168.1.1
• 192.168.2.1

192.168.1.1

The figure shows a design planned by a junior engineer. It shows the switches at three buildings in the same campus. The senior network engineer sends the junior engineer an e-mail, without reviewing the design, and asks the junior engineer to make sure to use a collapsed core design. What must the junior engineer do to change the design into a collapsed core design?

Remove switches 1 and 2, and connect switches 3 through 8 directly to each other.

Refer to the diagram; as a network engineer, you are tasked with creating an ACL. The ACL must be configured on R1 and block traffic coming from PC1 on TCP port 1100 to S1, as well as block traffic coming from PC1 going to S1’s TCP port 80. Which configuration commands will successfully fulfill these requirements?

access-list 150 deny tcp host 192.168.1.1 eq 1100 host 10.150.165.100

access-list 150 deny tcp host 192.168.1.1 host 10.150.165.100 eq 80

There are two Layer 3 switches acting as core routers called SW1 and SW2. SW1 and SW2 have the IP addresses 192.168.1.1 and 192.168.1.2 on VLAN 10, respectively. If host 1 has a configured default gateway of 192.168.1.1 and SW1 were to have a failure that brings the device offline, what protocol should be implemented to mitigate this failure scenario?

HSRP

Where in the SDA fabric is the VXLAN tunneling performed?

ASIC on each switch

In a three-tier design, what are the capabilities for the core devices?

• They aggregate distribution switches
• They provide high forwarding rates

What commands does TFTP support?

• GET FILES
• PUT FILES

______ has very limited functionality compared to FTP because it was meant to be a lightweight protocol.

TFTP

what is the SDA fabric device role to its current function:

Tracks all endpoints in the fabric site and associates the endpoints to fabric nodes. Uses LISP to do this

FABRIC CONTROL NODE

what is the SDA fabric device role to its current function:

The gateway between SDA and external networks

FABRIC BORDER NODE

what is the SDA fabric device role to its current function:

Routes and transports IP traffic inside the fabric. Does not run VXLAN.

FABRIC INTERMEDIATE NODE

what is the SDA fabric device role to its current function:

Where endpoints register with the fabric.

FABRIC EDGE NODE

What layer of a three-tier campus LAN topology provides a connection point for end-user devices?

Access

what does a DHCP server do?

Provides addresses for end devices

what is gratuitous arp?

informs all hosts on a subnet about its current MAC addresses.

what is a dynamic arp inspection

used to validate ARP information as it’s coming into the device.

what is dhcp snooping

can be utilized to mitigate a rouge DHCP server providing address leases to end devices.

What is the proper major steps in order for PoE autonegotiation

1. Do not supply power on a PoE-capable port unless negotiation identifies that the device needs power.
2. Use Ethernet autonegotiation techniques to determine the PoE power class.
3. If identified as a PD, supply the power per the power class, which allows the device to boot.
4. Monitor for changes to the power class; adjust power as needed.
5. If a new power class is identified, adjust the power level per that class.

What protocols utilizes the well-known port number 53?

Domain Name System (DNS)

What option(s) are required criteria for a service to be a cloud service?

• Rapid elasticity
• Measured service

Which of the following are true about TCP?

• This protocol is used by Telnet.
• This protocol supports multiplexing.
• This protocol provides a limited variety of services.
• This protocol is suited for important traffic such as Voice over IP (VoIP).

• This protocol is used by Telnet.
• This protocol supports multiplexing.

Which options are true about TACACS+?

• Uses ports 1645 and 1812
• Uses UDP
• Doesn’t encrypt the entire packet
• Uses port 49
• Encrypts the entire packet
• Uses TCP

• Uses TCP
• Encrypts the entire package
• Uses port 49

The SDA underlay uses a well-known design called a routed access layer design. What are the features of a routed access layer design?

• The switch to which an endpoint device physically connects is that device’s default gateway.
• FHRP is no longer needed.

Which public cloud WAN connection options do not offer the ability to have reliable QoS?

• Ethernet VPN
• Internet
• Internet VPN
• Intercloud
• MPLS VPN

Select 2 answers

Internet + internet VPN

What is the field that is used on modern systems that allows an IP packet to be marked with a specific QoS value?

DSCP

On modern networks, the IP Type of Service field is split into two subfields: the Differentiated Services Code Point (DSCP) and the Explicit Congestion Notification (ECN) field; of these, the DSCP is primarily used for marking traffic with a specific QoS value.

The configuration of a router uses default settings related to terminal monitor, and none of the users have changed their settings after login. User 1 connects to the console, user 2 connects via Telnet, and user 3 connects via SSH. User 3 issues debug ip ospf hello. Which user(s) sees the debug messages?

USER 1

What is true in a spine-leaf architecture?

• Spine switches must be connected to each other
• Spine switches cannot connect to each other
• Leaf switches cannot connect to each other
• Leaf switches must be connected to each other

• Spine switches cannot connect to each other
• Leaf switches cannot connect to each other

What is the name of the Cisco feature that allows for the identification of protocols that are traditionally hard to classify because of their operation?

NBAR

Considering the differences between NAT and PAT, which is the most accurate description?

• NAT allows for multiple protocols across a single IP address.
• PAT allows for multiple protocols across multiple IP addresses.
• NAT translates many IP addresses into a few or even one IP address.
• PAT translates many IP addresses into a few or even one IP address.

PAT translates many IP addresses into a few or even one IP address.

Which of the following are true about VPNs?

• AnyConnect is an example of software that would be used in a site-to-site VPN solution.
• VPNs remove the need for users to manually log in to their computers each morning.
• SSL and IPsec are the same basic technology and are used for the same types of VPNs.
• IPsec provides authentication, data integrity, and confidentiality.
• Remote-access and site-to-site VPNs are often used as a less-expensive option to traditional WANs.

• IPsec provides authentication, data integrity, and confidentiality.
• Remote-access and site-to-site VPNs are often used as a less-expensive option to traditional WANs.

From the following options, what are the required REST API attributes?

• Peer-to-peer architecture
• Stateless operation
• Stateful operation
• Client/server architecture

• Client/server architecture
• Stateless operation

Which public cloud WAN connection options do not offer the ability to easily migrate between providers?

• Internet VPN
• MPLS VPN
• Internet
• Ethernet VPN
• Intercloud

• MPLS VPN
• Ethernet VPN

Port Address Translation (PAT) is also known as what?

NAT overload

AAA refers to Authentication, Authorization and Accounting. What two protocols does it use?

TACACS (Terminal Access Controller Access Control System) + RADIUS

What is Cisco TACACS?

Terminal Access Controller Access-Control System Plus (TACACS+) is a protocol developed by Cisco and released as an open standard beginning in 1993. Although derived from TACACS, TACACS+ is a separate protocol that handles authentication, authorization, and accounting (AAA) services.

Is RADIUS TCP or UDP?

UDP

Port 53 is used by?

DNS

Port 69 is used by?

TFTP

Does DNS use TCP or UDP

Uses both TCP + UDP

List the Cisco Syslog Severity Levels in order.

• 0 —emergency: System unusable
• 1 —alert: Immediate action needed
• 2 —critical: Critical condition—default level
• 3 —error: Error condition
• 4 —warning: Warning condition
• 5 —notification: Normal but significant condition
• 6 —informational: Informational message only
• 7 —debugging: Appears during debugging only