×

Quiz Session - Attempts With Random Questions

Cisco CCNA Exam Questions

Page 7 of 25

121.

Which command changes VLAN 2 to be the native VLAN?

  • switchport trunk native vlan 2

  • switchport native vlan 2

  • switchport vlan 2 native trunk

  • switchport vlan 2 native

Correct answer: switchport trunk native vlan 2

The correct format for the command to set VLAN 2 to the native VLAN is "switchport trunk native vlan 2."

122.

Which prefix length is used for a host route?

  • /32

  • /24

  • /16

  • /8

  • Zero

Correct answer: /32

A host route is a route that goes to a specific IP address. It has a prefix length of /32, which is equal to a subnet mask of 255.255.255.255.

123.

Which two of the following are modified EUI-64 addresses? (Choose two.)

  • 368c:b6f0:4dca:ef9d:98da:64ff:fe93:ed00

  • 48d3:ee98:2893:e58f:eabf:aeff:fea1:fa2e

  • 3cc7:739e:b9c1:76ff:ee9d:8943:56d1:9739

  • c40e:9fa4:00f6:6cb9:b9e4:377d:70f7:6b63

A modified EUI-64 address is derived from a device's MAC address. This type of address can be recognized because it has the hexadecimal characters fffe between the first and second half of the MAC address.

124.

Which command lists a router's entire routing table?

  • show ip route

  • show arp

  • ip route

  • ip address

Correct answer: show ip route

The "show ip route" command shows a router's entire routing table.

The "show arp" command lists a router's ARP table. The "ip route" command creates a static route. The "ip address" command assigns an IP address to an interface.

125.

An administrator connects a PC to an IP telephone with a patch cable. The IP telephone is then connected to a switch via an Ethernet UTP cable. The switch has VLAN 10 for data and VLAN 20 for voice. Which command will the administrator run for the interface that connects with the IP phone in order to configure it for the voice VLAN?

  • switchport voice vlan 20 

  • switchport access vlan 10 

  • vlan 20 

  • switchport mode trunk

  • switchport mode dynamic auto

Correct answer: switchport voice vlan 20 

Connecting a PC to an IP phone will save on cabling. At the switch, the command "switchport voice vlan 20" for the interface will configure it for the voice VLAN.

The command "switchport access vlan 10" will configure the interface for the data VLAN. The command "vlan 20" sets up a VLAN with an ID of 20. The command "switchport mode trunk" configures an interface for trunking. The command "switchport mode dynamic auto" configures an interface to be in dynamic auto mode.

126.

Which term is used interchangeably with "switch" in many Cisco protocols?

  • Bridge

  • Hub

  • Router

  • Station

Correct answer: Bridge

LAN bridges were used before switches existed, so many Cisco protocols, like STP/RSTP, still use the terms interchangeably. 

A hub does not switch frames at Layer 2. A router routes packets between networks. A station is a device capable of using Wi-Fi.

127.

Which source NAT addressing term refers to an address that is private to an enterprise?

  • Inside local

  • Inside global

  • Outside global

  • Outside local

Correct answer: Inside local

An inside local address is used for a device that is permanently located inside an organization.

An inside global address is a public IPv4 address inside an organization. An outside global address is a public IPv4 address outside the enterprise. An outside local address is used with destination NAT to describe a host outside the enterprise using a local address.

128.

An administrator has just added configurations for a static NAT. Now, they want to verify that the addresses were properly added. Which command can they run to verify the addresses in the static NAT configuration?

  • show ip nat translations

  • show ip route

  • show ip interface brief

  • show running-config

  • show ip nat statistics 

Correct answer: show ip nat translations

The "show ip nat translations" lists entries created by the configuration. The command outputs columns for the inside global, inside local, outside local, and outside global addresses.

The "show ip route" command displays information from the routing table. The "show ip interface brief" command gives a summary of an interface's status. The "show running-config" command displays a router's entire active configuration. The "show ip nat statistics " command displays usage statistics about NAT.

129.

An administrator wants to disable Telnet connections and only allow SSH. Which command enables this?

  • transport input ssh

  • line console 0

  • login local

  • transport input telnet

  • transport input none

Correct answer: transport input ssh

The "transport input ssh" disables Telnet and only allows remote SHS connections. Telnet sends unencrypted data, so its use is not recommended.

The "line console 0" command changes the context to console configuration mode. The "login local" command prompts for a username and password. The "transport input telnet" command allows for Telnet to be used. The "transport input none" command disables Telnet and SSH. 

130.

Which two settings are relevant in the DR/BDR election process? (Choose two.)

  • Interface priority

  • Router ID

  • Prefix length

  • Port state

  • Hop count

For the election of a designated router and backup designated router (DR/BDR) with OSPF, the first factor is the priority of the interface, which has a default value of 1 and is awarded to the highest number. If those values tie, then the highest router ID wins.

Prefix length is used with static routing. Port state is used with switches. Hop count is used for RIP.

131.

An organization has observed malware scanning computers for vulnerabilities and, if it finds one, exploiting the vulnerability to install itself on that computer. What type of malware is this?

  • Worm

  • Virus

  • Trojan horse

  • Pharming

  • Watering hole

Correct answer: Worm

A worm is a type of malware that propagates on its own. It spreads to other systems based on their vulnerabilities.

A virus requires a user to help propagate it. A trojan horse is packaged inside of other software. Pharming involves using a legitimate service to send a user to a compromised site. A watering hole is an attack that targets specific victims who visit a compromised site.

132.

Which characteristic of QoS refers to the variation in delay of packets flowing through the same link?

  • Jitter

  • Bandwidth

  • Delay

  • Loss

Correct answer: Jitter

For quality of service (QoS), jitter is the variation in delays between consecutive packets sent by the same application. 

Bandwidth refers to the speed of a link in bits per second. Delay refers to the time it takes from sending a packet until it is received. Loss refers to the number of lost packets during transmission. 

133.

Which two statements are true about native VLANs? (Choose two.)

  • They can change their VLAN ID

  • They are VLAN 1 by default

  • They support ISL

  • There can be an unlimited number per switch

A native VLAN can change its ID and is VLAN1 by default. They do not support ISL and can have as many configured per switch as there are 802.1Q links.

134.

What are three actions that can be done over FTP? (Choose three.)

  • Add directory

  • List files

  • Transfer file

  • Execute file

  • Change file ownership

With FTP, a user can navigate directories, add/remove directories, list files, and transfer files. 

You cannot execute files or change ownership of the file on the server.

135.

Which two of the following are common features in APs used to manage access to the wireless network? (Choose two.)

  • Captive portal

  • ACL

  • Clustering

  • NAT

A captive portal requires users to agree to terms before using an AP and limits their access. An access control list (ACL) is a set of rules that can manage users of the AP. 

Clustering is a feature that allows several APs to be treated as a unified entity for management purposes. A network address table (NAT) translates between public and private IP addresses.

136.

What does AAA refer to in user security terms?

  • Authentication, authorization, and accounting

  • Authentication, alerting, and accounting

  • Authentication, authorization, and access

  • Authentication, authorization, and alerting

  • Alerting, authorization, and accounting

Correct answer: Authentication, authorization, and accounting

137.

What are two prerequisites for a Cisco router to automatically add a route to its routing table for a subnet connected to an interface? (Choose two.)

  • The interface has a line and protocol status of up.

  • The interface has an IP address that was added through the "ip address" command.

  • The interface has been added through the "ip route" command.

  • The interface has been removed from the ARP table with the "clear ip arp" command.

For an interface to be ready for routing automatically, it needs to be configured with an IP address and have both a line up status and protocol up status. Static routes are added with the "ip route" command. Clearing the ARP table removes the mapping of IP addresses to MAC addresses.

138.

Which command verifies syslog settings?

  • show logging

  • show trace

  • show diagnostic

  • show config

Correct answer: show logging

The "show logging" command confirms syslog configuration settings. Among the information included in the output is the logging level for console, monitor, and buffer logging.

The "show trace" command shows the system program modules called by a Server Switch. The "show diagnostic" command shows system diagnostics. The "show config" command displays the system's startup configuration.

139.

An administrator adds a static network route to a router with a next-hop router IP address of 172.16.3.2 by using the "ip route 172.16.5.0 255.255.255.0 S0/0/2" command. Which line shows how the route will be displayed in the output of the "show ip route static" command?

  • S 172.16.5.0/24 is directly connected, Serial0/0/2

  • S 172.16.5.0/24 [1,0], Serial0/0/2

  • S 172.16.5.0/24 [1,0] via 172.16.3.2

  • S 172.16.5.0/24 [1,0] is directly connected, 172.16.3.2

Correct answer: S 172.16.5.0/24 is directly connected, Serial0/0/2

When using the outgoing interface in the command rather than the next-hop router IP address, the output mentions that the route is directly connected. When using the next-hop router address, it will note in the output that it is via that address.

140.

Which feature of an NGFW protects against attackers that are trying to evade a firewall by using non-standard ports?

  • AVC

  • Traditional firewall features

  • Advanced Malware Protection

  • URL filtering

Correct answer: AVC

Application Visibility and Control (AVC) is a feature that lets a next-generation firewall (NGFW) inspect the application layer. This is useful for attacks that use random port numbers because traditional firewalls do not look at the application layer.

Traditional firewall functionality is a feature of NGFWs that includes stateful filtering, NAT, and VPN termination. Advanced Malware Protection can block suspicious file transfers. URL filtering is a feature that looks at web requests and checks the URL's reputation score.

×