The latest Cisco Certified Network Associate 200-301 CCNA certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Cisco Certified Network Associate 200-301 CCNA exam and earn Cisco Certified Network Associate 200-301 CCNA certification.
Exam Question 31
Below is the output of the show ip route command from one of your routers:
Output of the show ip route command from one of your routers
What does the value 110 represent in the output?
A. OSPF administrative distance
B. EIGRP administrative distance
C. OSPF cost
D. EIGRP cost
Correct Answer:
A. OSPF administrative distance
Answer Description:
The value of 110 represents the administrative distance of the route, which in this case was learned by OSPF. OSPF routes are always indicated by an O to the left of the route details. The two values in brackets in each route entry indicate the administrative distance on the left of the forward slash. The value to the right of the slash is the cost of the route. Therefore, [110/2] represents an administrative distance of 110 and a cost of 2.
The value of 110 does not represent EIGRP administrative distance because the route was not learned from EIGRP. If it were, the route would have a D to the left of the route details. Moreover, the default administrative distance of EIGRP is 90, not 110.
The values do not represent OSPF cost. The cost value is on the right side of the forward slash within the brackets in each route entry. For example, the route entry O 1.1.1.4 [110/2] via 1.1.1.2, 00:10:04, FastEthernet0/1 indicates an OSPF cost of 2.
The values do not represent an EIGRP cost. First, if it were an EIGRP route, the route would have a D to the left of the route details. Moreover, the cost value is located within the square brackets to the right of the forward slash in each route entry. The only cost values shown in the table are 2, 11, and 12.
Objective: Routing Fundamentals
Sub-Objective: Describe how a routing table is populated by different routing information sources
Exam Question 32
With the following equipment list, which of the following network scenarios could be supported?
- Two IP subnets of 255.255.255.0
- Seven 48-port switches
- Two router interfaces
A. 300 workstations in a single broadcast domain, each workstation in its own collision domain
B. 300 workstations, with 150 workstations in two broadcast domains and each workstation in its own collision domain
C. 300 workstations, with 150 workstations in two broadcast domains and all workstations in the same collision domain
D. 600 workstations, with 300 workstations in two broadcast domains and each workstation in its own collision domain
Correct Answer:
B. 300 workstations, with 150 workstations in two broadcast domains and each workstation in its own collision domain
Answer Description:
This equipment will support 300 workstations, with 150 workstations divided in two broadcast domains and each workstation in its own collision domain. Subnets with a 24-bit mask (255.255.255.0) yield 254 addresses in each network, so 150 is within those limits. Also, seven 48-port switches make 336 ports available. After subtracting out 2 ports per switch for connecting the switches to each other and the router ( a total of 14) that leaves 321 ports yielding 160 for each subnet ( with one left over) . Two subnets require two router interfaces, which are available in the scenario, and since switches are in use, each switch port is its own collision domain.
This equipment will not support 300 workstations in a single broadcast domain with each workstation in its own collision domain. With a 24-bit mask, 300 workstations cannot be placed in a single subnet.
This equipment will not support 300 workstations, 150 each in two broadcast domains and all workstations in the same collision domain. The 300 workstations cannot be placed in the same collision domain when using switches. If hubs were in use that would be possible, but not desirable.
This equipment will not support 600 workstations, 300 each in two broadcast domains; each workstation in its own collision domain. 600 workstations cannot be placed in two subnets when using the mask 255.255.255.0. Each subnet can only hold 254 workstations, not 300. Moreover, 300 workstations cannot be placed in the same collision domain when using switches. If hubs were in use that would be possible but not desirable.
Objective: Network Fundamentals
Sub-Objective: Describe the impact of infrastructure components in an enterprise network
Exam Question 33
Which of the following is NOT a true statement regarding Virtual Private Networks (VPNs)?
A. A VPN is a method of securing private data over public networks
B. IPsec is a method for providing security over VPN
C. Frame Relay is a Layer 3 VPN technology
D. IPsec provides packet-level encryption
E. A Cisco VPN solution provides increased security, reduced cost, and scalability
Correct Answer:
C. Frame Relay is a Layer 3 VPN technology
Answer Description:
Frame Relay is a Layer 2 VPN technology, providing connectivity over switched carrier Wide Area Networks (WANs). Packets are encapsulated in Frame Relay frames, and assigned Data Link Connection Identifiers (DLCIs) to identify to the local Frame Relay switch the virtual circuit (VC) that the data should follow.
A VPN is a method of securing private data over public networks (such as the Internet), so this is a true statement.
IPsec is a security framework that provides security for data traveling over VPNs, so this is a true statement. It is an open standard protocol framework that is used to secure end-to-end communications.
IPsec allows for encryption at the packet level (Layer 3) when configured in tunnel mode, so this is a true statement.
VPN solutions such as those supported by Cisco ASA firewalls and Cisco integrated routers provide the following benefits:
- Lower desktop support costs
- Threat protection
- Flexible and cost-effective licensing
- Reduced cost and management complexity
Objective: WAN Technologies
Sub-Objective: Describe WAN access connectivity options
Exam Question 34
Refer to the following sample output:
Refer to the following sample output
Which Cisco Internetwork Operating System (IOS) command produces this output?
A. show interfaces
B. show interfaces summary
C. show interfaces serial fast-ethernet
D. show interfaces fast-ethernet 0/0
Correct Answer:
B. show interfaces summary
Answer Description:
The show interfaces summary command will produce the given output. This command provides a summarized view of all interfaces configured on a device.
The show interfaces command is incorrect because this command does not produce the displayed output. This command is used to view information regarding statistics for specific interfaces. Without specifying an interface, a section for each interface will display, as in the example below for FastEthernet0:
Without specifying an interface, a section for each interface will display, as in the example below for FastEthernet0
The show interfaces serial fast-ethernet command is incorrect because this is not a valid Cisco IOS command.
The show interfaces fast-ethernet 0/0 command is incorrect. Although it produces similar output, that output only relates to the FastEthernet 0/0 interface. An example of this output follows:
The show interfaces fast-ethernet 0/0 command is incorrect. Although it produces similar output, that output only relates to the FastEthernet 0/0 interface.
Notice that the line of output that says FastEthernet0 is up, line protocol is up indicates that Layers 1 to 3 of the OSI Model are functioning correctly. Also, in the lower portion, there are no values in the error counters such as input errors, output errors, and so on. Finally, make note in line 8 where the interface is set to autosense both the duplex and the speed. Duplex and speed must be in agreement between the NIC on the host and the switch port.
Objective: Routing Fundamentals
Sub-Objective: Troubleshoot basic Layer 3 end-to-end connectivity issues
Exam Question 35
Which of the following is NOT a VLAN Trunking Protocol (VTP) mode of operation?
A. client
B. server
C. virtual
D. transparent
Correct Answer:
C. virtual
Answer Description:
Virtual is not a valid VTP mode of operation. There are three different VTP modes of operation: client, server, and transparent.
In client mode, a switch can synchronize VLAN information with the domain and forward advertisements. However, VLANs cannot be created, deleted, or modified from a switch in client mode. Also, a client mode switch does not save VLAN information in non-volatile Random Access Memory (NVRAM). It is stored in Flash in a file called vlan.dat.
In server mode, a switch synchronizes the VLAN information with the domain, sends and forwards advertisements, and can create, delete, or modify VLANs. In server mode, VLAN information is stored in Flash in a file called vlan.dat.
In transparent mode, a switch does not synchronize its VLAN configuration with the domain, but it forwards advertisements. VLANs can be created, deleted, or modified locally and VLAN configuration is saved in both the running-config file in RAM and in flash in a file called vlan.dat.
Objective: LAN Switching Fundamentals
Sub-Objective: Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switches
Exam Question 36
A host is powered up, but the connected switch port does not turn amber or green.
Which of the following methods would you use to troubleshoot the situation? (Choose three. Each answer is a complete solution.)
A. Ensure the switch is powered up.
B. Reinstall Windows on the workstation.
C. Reseat the cable.
D. Ensure that the cable is straight-through.
E. Ensure that the cable is crossover.
Correct Answer:
A. Ensure the switch is powered up.
C. Reseat the cable.
D. Ensure that the cable is straight-through.
Answer Description:
A black or unlit switch port LED is symptomatic of a Layer 1 problem. The port LED should first turn amber and then turn solid green when a host is powered up. The amount of time it takes to turn solid green will depend on the Spanning Tree Protocol configuration. If the LED is unlit, you should ensure that the switch is powered up and that a straight-through cable is used to connect a switch port to a host, such as a workstation or a printer. If the switch is powered up and a straight-through cable is used, reseat the cable to ensure a firm connection.
Reinstalling Windows on the workstation will not help because this is a Layer 1 problem having to do with the switch having power or the use of proper cabling.
You should not ensure that the cable is crossover, because straight-through (patch) cables are used to connect switch ports to hosts.
Objective: LAN Switching Fundamentals
Sub-Objective: Troubleshoot interface and cable issues (collisions, errors, duplex, speed)
Exam Question 37
A router is running a classful routing protocol. Which command will enable this router to select a default route when routing to an unknown subnet of a network for which it knows the major network?
A. ip classless
B. no ip classless
C. auto-summary
D. no auto-summary
Correct Answer:
A. ip classless
Answer Description:
The ip classless command causes a routing protocol to change its default behavior of discarding any traffic that is bound for unknown subnets of a known classful network. If the command is enabled, the router tries to match the most number of bits possible against the route in its routing table. Alternatively, the router will use the default route rather than dropping the packet.
For an example of this behavior, examine the diagram below. The ip route 0.0.0.0 0.0.0.0 serial 0/0 command has been issued on Router B. If the 25.1.6.0/24 network is unknown to Router B, then under normal circumstances, Router B would NOT use its configured default route. Instead, it would drop any packets addressed to that unknown network, because when a router knows a route to a major classful network or its subnets (in this case, 25.1.5.0/30 and 25.1.1.0/24), it will not use a statically configured default route to forward traffic to an unknown subnet of that network (in this case 25.1.6.0/24). In the scenario described in the diagram, Router B will drop the packet. However, if the ip classless command has been executed, it will use the default route and send the traffic to Router A.
However, if the ip classless command has been executed, it will use the default route and send the traffic to Router A
The ip classless command is a global configuration mode command enabled by default in Cisco IOS version 12.0 and later. If the default route is learned from IS-IS or OSPF, as opposed to being statically configured as in the above example, the ip classless command is not necessary for the router to use the default route.
The no ip classless command on routers will disable the forwarding of packets destined to an unknown subnet of a known classful network. Therefore, it is an incorrect option.
The auto-summary command is used to allow automatic summarization of subnet routes into network-level routes. This is a command executed in router configuration mode.
Classless routing protocols such as Routing Information Protocol version 2 (RIPv2) and Enhanced Interior Gateway Routing Protocol (EIGRP) perform automatic route summarization at classful boundaries. The no auto-summary command is used to turn off this route summarization.
Objective: Routing Fundamentals
Sub-Objective: Configure, verify, and troubleshoot IPv4 and IPv6 static routing
Exam Question 38
Which Cisco IOS command is used to configure encapsulation for a PPP serial link on a Cisco router?
A. encapsulation ppp
B. encapsulation ip ppp
C. ip encapsulation ppp
D. encapsulation ppp-synch
Correct Answer:
A. encapsulation ppp
Answer Description:
PPP is a Layer 2 protocol encasulation type that supports both synchronous and asynchronous circuits and provides built-in security mechanaims. The encapsulation ppp interface configuration mode command is used to configure encapsulation for a PPP (Point to Point Protocol) serial link on a Cisco router. PPP encapsulation provides for router-to-router and host-to-network connections over both synchronous and asynchronous circuits. Serial links are configured to use Cisco High Level Data Link Control (HDLC) encapsulation, by default, on Cisco routers. The Cisco version of HDLC is incompatible with the industry standard version used on other router brands because it contains a type field that identifies the underlying network protocol being encapsulated by HDLC. This is a beneficial feature of Cisco HDLC but makes it incompatible with other router brands.
For this reason, a Cisco router that is going to be connected to a non-Cisco router should be configured to use PPP instead of the default. The encapsulation ppp interface configuration mode command will do this. If you set one of the routers for PPP and leave the other router at the default encapsulation for a serial connection, the connection will fail due to incompatible encapsulation.
You would use the show run command to verify matching encapsulation types. In the partial output of the show run command for two routers shown below, it can be seen that although one of the routers has the encapsulation ppp command in its configuration, the other does not. The absense of the encapsulation ppp command means that the default HDLC is being used. This incompatibility will cause both routers to report a serial interface up, line protocol down condition since the connection is live, but the Layer 2 framing is misconfigured.
This incompatibility will cause both routers to report a serial interface up, line protocol down condition since the connection is live, but the Layer 2 framing is misconfigured
If authentication between the routers is also required, the authentication pap, authentication ms-chap, or authentication chap commands could be used to apply Password Authentication Protocol (PAP), Microsoft Challenge Authentication Protocol (MS-CHAP), or Challenge Authentication Protocol (CHAP) authentication to the connection, respectively.
A full configuration of a serial link for using PPP with authentication is as shown below:
Router1(config)#interface Serial0
Router1(config-if)#encapsulation ppp
Router1(config-if)#ppp authentication pap
Note above that the third line enables PAP authentication, which is not secure. Alternately, you can use CHAP authentication (which is secure) with the ppp authentication chap command. Regardless of which authentication mechanism you choose, these authentication commands will only be accepted on an interface where PPP encapsulation has been enabled, which rules out any non-serial interfaces.
The third type of encapsulation that can be configured on a serial WAN link is Frame Relay, which can be selected with the encapsulation frame relay command under the interface.
In summary, the three encapsulation types available for WAN serial links are PPP, HDLC, and Frame Relay. The command for each is as follows, executed under the interface configuration prompt:
encapsulation ppp
encapsulation hdlc
encapsulation frame relay
All other options are invalid commands.
Objective: WAN Technologies
Sub-Objective: Configure and verify PPP and MLPPP on WAN interfaces using local authentication
Exam Question 39
A user in your network is having trouble accessing resources and the Internet. You decide to examine the partial output of the ipconfig/all command on his machine. The output is shown below:
You decide to examine the partial output of the ipconfig/all command on his machine.
Which of the following statements describes the user’s problem?
A. The default gateway address is incorrect
B. The IP address of the device is incorrect
C. There is no DNS server configured
D. IP routing is not enabled
Correct Answer:
B. The IP address of the device is incorrect
Answer Description:
The IP address of the device is incorrect. It is not in the same subnet as the default gateway address. While it is possible that the default gateway address is incorrect, that is not as likely a reason, given the fact that the DNS server is also in the same IP subnet as the default gateway.
There is a DNS server configured and its IP address is 192.168.0.50. If a DNS server were not configured, this user would be unable to access the Internet, even if all IP addressing problems were resolved.
IP routing is NOT enabled. However, it is not required to be enabled because this device is not acting as a router. The device does not need IP routing enabled to access resources and the Internet if all other IP addressing issues are resolved.
Objective: Infrastructure Services
Sub-Objective: Describe DNS lookup operation
Exam Question 40
You are the network administrator for your company. You have a Class B address range and are planning for a network that allows 150 hosts per subnet and at least 164 subnets.
Which subnet mask should you use to accomplish the task?
A. 255.255.192.0
B. 255.255.255.192
C. 255.255.255.0
D. 255.255.255.252
Correct Answer:
C. 255.255.255.0
Answer Description:
You should use 255.255.255.0 as the subnet mask to allow 150 hosts per subnet and at least 164 subnets.
The formulas used to calculate the number of subnets and hosts are:
Number of subnets = 2number-of-subnet-bits
Number of hosts per subnet = 2number-of-host-bits – 2
Subnet mask in decimal: 255.255.255.0
Subnet mask in binary: 11111111.11111111.11111111.00000000
Number of subnet bits: 8 (binary 1s in the subnet octet of the subnet mask)
Number of host bits: 8 (binary 0s in the subnet mask)
In this scenario, we find that for 255.255.255.0:
Subnets that can be used: 28 = 256
Hosts that can be used: 28 – 2 = 254
The other options do not allow 150 hosts per subnet and at least 164 subnets.
If you use 255.255.192.0 as the subnet mask, then the total number of hosts that can be connected per subnet is 16382 (214 – 2 = 16382). However, there will be 4 subnets (22 = 4).
If you use 255.255.255.192 as the subnet mask, there will be 62 hosts (26 – 2 = 62).
If you use 255.255.255.252 as the subnet mask, there will be two hosts per subnet (22 – 2 = 2).
Note: This mask is frequently used for a subnet that connects two routers. In that case, there are two interfaces in the subnet, and thus it is most efficient use of the addressing space. This is also the most efficient way to address a point-to-point serial link.
A note about the formulas: You will always subtract 2 from the number of hosts (2number-of-host-bits – 2) because the all-zeroes bit address is reserved for the network address and the all-ones bit address is reserved for the broadcast address.
Before Cisco IOS Software Release 12.0, it was common practice to subtract 2 from the networks formula (2number-of-subnet-bits) to exclude the all-ones subnet and subnet zero. Today that range is usable, except with some legacy systems. On certain networks with legacy software, you may need to use the previous formula (2number-of-subnet-bits – 2) to calculate the number of valid subnets.
Objective: Network Fundamentals
Sub-Objective: Apply troubleshooting methodologies to resolve problems