CCNA Discovery 4 Module 5 Exam Answers Version 4.0
1.      Which rule should be followed when implementing the  security requirements of a network design?
• Always use a common security plan for all business needs.
• As standard practice, lower access restrictions for users if cost is too high.
• Avoid reducing security in order to add additional network capabilities.
• When possible, implement an IDS to protect users from spam.
• Always use a common security plan for all business needs.
• As standard practice, lower access restrictions for users if cost is too high.
• Avoid reducing security in order to add additional network capabilities.
• When possible, implement an IDS to protect users from spam.
2.      What limitations of the 2960 switch prevent it from  providing the services needed in the Distribution layer?
• It is limited to copper connections.
• It does not support QoS.
• It does not support voice VLAN capability.
• It does not support route summarization.
• It is limited to copper connections.
• It does not support QoS.
• It does not support voice VLAN capability.
• It does not support route summarization.
3.      When considering converged  network designs, it is important  to identify appropriate service  demands. What is a concern when  preparing a network design to fit this  environment?
• business data compensation for sensitivity to noise
• location and placement of firewalls
• voice-level quality of service
• security policy requirements
• business data compensation for sensitivity to noise
• location and placement of firewalls
• voice-level quality of service
• security policy requirements
4.      Which three design requirements are implemented at the  access layer? (Choose three.)
• PoE
• VLANs
• high-density routing
• packet filtering
• rapidly converging routing protocols
• QoS traffic classification and marking
• PoE
• VLANs
• high-density routing
• packet filtering
• rapidly converging routing protocols
• QoS traffic classification and marking
5.      Refer to the exhibit. Which statement is true regarding how  the ISP router filters traffic?
• Traffic from the 64.100.0.1 address to any destination on the Internet is denied.
• Traffic from any source address entering the ISP router interface s0/0/0 is permitted.
• Only traffic with a source address of 64.100.0.1/30 is allowed into the ISP router interface s0/0/0.
• All traffic from the 64.100.0.0/21 network can access the Internet.
• Traffic from any source address can access the 64.100.0.0/21 network.
• Traffic from the 64.100.0.1 address to any destination on the Internet is denied.
• Traffic from any source address entering the ISP router interface s0/0/0 is permitted.
• Only traffic with a source address of 64.100.0.1/30 is allowed into the ISP router interface s0/0/0.
• All traffic from the 64.100.0.0/21 network can access the Internet.
• Traffic from any source address can access the 64.100.0.0/21 network.
6.      Which two factors should be  considered when designing a  wireless LAN that provides seamless roaming  capabilities? (Choose two.)
• use of a wireless controller to manage IP addressing
• type of routing protocols
• location of existing wired clients
• coverage
• position of MDF
• use of a wireless controller to manage IP addressing
• type of routing protocols
• location of existing wired clients
• coverage
• position of MDF
7.      What are three features of a Catalyst 2960 switch? (Choose  three.)
• network layer functionality
• redundant power availability
• route summarization
• SNMP
• switch clustering
• inter-VLAN routing
• network layer functionality
• redundant power availability
• route summarization
• SNMP
• switch clustering
• inter-VLAN routing
8.      A company lists this equipment in their network design:
Two Catalyst 4503 Layer 3 switches
One 5500 security appliance firewall
Two Catalyst 6509 switches
Two lightweight access points
Two Catalyst 2960 switches
Which two types of devices would be appropriate to use at the access layer to provide end-user connectivity? (Choose two.)
• Catalyst 4503 switches
• Cisco 1841 router
• Catalyst 6509 switches
• lightweight access points
• Catalyst 2960 switches
Two Catalyst 4503 Layer 3 switches
One 5500 security appliance firewall
Two Catalyst 6509 switches
Two lightweight access points
Two Catalyst 2960 switches
Which two types of devices would be appropriate to use at the access layer to provide end-user connectivity? (Choose two.)
• Catalyst 4503 switches
• Cisco 1841 router
• Catalyst 6509 switches
• lightweight access points
• Catalyst 2960 switches
9.      Which two statements are true regarding the following  extended ACL? (Choose two.)
• access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 20
access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 21
access-list 101 permit ip any any
• FTP traffic originating from network 172.16.3.0/24 is denied.
• All traffic is implicitly denied.
• FTP traffic destined for the 172.16.3.0/24 network is denied.
• Telnet traffic originating on network 172.16.3.0/24 is denied.
• Web traffic originating from 172.16.3.0 is permitted.
• access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 20
access-list 101 deny tcp 172.16.3.0 0.0.0.255 any eq 21
access-list 101 permit ip any any
• FTP traffic originating from network 172.16.3.0/24 is denied.
• All traffic is implicitly denied.
• FTP traffic destined for the 172.16.3.0/24 network is denied.
• Telnet traffic originating on network 172.16.3.0/24 is denied.
• Web traffic originating from 172.16.3.0 is permitted.
10.  Which statement applies to a large network with thousands of  nodes?
• Each wireless phone is normally in a separate VLAN for security reasons.
• Multiple firewalls exist throughout the access layer for maximum security protection.
• Firewalls cannot be implemented in the multilayer switches and routers.
• Intrusion detection is more likely to be performed by a separate device rather than integrated into a switch or router
• Each wireless phone is normally in a separate VLAN for security reasons.
• Multiple firewalls exist throughout the access layer for maximum security protection.
• Firewalls cannot be implemented in the multilayer switches and routers.
• Intrusion detection is more likely to be performed by a separate device rather than integrated into a switch or router
11.  on campus. The college currently  has only wired network device  access. Which two devices must be  incorporated into the network design  to best accommodate roaming for  wireless IP phones?(Choose two.)
• voice VLAN capable switch
• autonomous AP
• PoE switch
• Cisco wireless LAN controller
• 2960 switch with 48 100-Mb ports
• lightweight access points
• voice VLAN capable switch
• autonomous AP
• PoE switch
• Cisco wireless LAN controller
• 2960 switch with 48 100-Mb ports
• lightweight access points
12.  What type of WAN service is Frame Relay?
• dedicated
• cell switched
• packet switched
• circuit switched
• dedicated
• cell switched
• packet switched
• circuit switched
13.  Refer to the exhibit. What is an advantage of having two links  connected between the two switches shown?
• provides redundancy in case one of the switches fails
• provides connectivity to Switch1 when the link to the server fails
• provides connectivity when one of the connections between the switches fails
• provides power to the other switch when the other switch has lost AC power
• provides redundancy in case one of the switches fails
• provides connectivity to Switch1 when the link to the server fails
• provides connectivity when one of the connections between the switches fails
• provides power to the other switch when the other switch has lost AC power
14.  What is the function of the access layer in the Cisco  three-layer hierarchical internetworking model?
• provides QoS classification and marking
• implements a fast-converging routing protocol
• uses routed interconnections between devices
• aggregates traffic and performs route summarization
• provides QoS classification and marking
• implements a fast-converging routing protocol
• uses routed interconnections between devices
• aggregates traffic and performs route summarization
15.  When applying network security, what security measure should  be implemented first?
• securing the network devices
• implementing the firewalls or filters at the enterprise edge
• applying security to resources accessed by internal users
• applying ACLs to the interfaces of the routers in the internal network
• securing the network devices
• implementing the firewalls or filters at the enterprise edge
• applying security to resources accessed by internal users
• applying ACLs to the interfaces of the routers in the internal network
16.  What characteristic of a network supports high availability?
• VPNs
• high-bandwidth paths to servers
• redundancy
• wireless management
• VPNs
• high-bandwidth paths to servers
• redundancy
• wireless management
17.  What is integrated into a Cisco IP phone to reduce the number  of ports needed in the wiring closet?
• hub
• router
• switch
• firewall appliance
• hub
• router
• switch
• firewall appliance
18.  Which network design process identifies where to place access  points?
• site survey
• risk assessment
• scalability design
• network protocol analysis
• site survey
• risk assessment
• scalability design
• network protocol analysis
19.  Using expandable, modular network devices is a key element of  what network design criteria?
• availability
• performance
• scalability
• security
• availability
• performance
• scalability
• security
20.  What is a primary function of a wireless LAN controller?
• tuning each AP channel for optimal coverage
• providing PoE to the wireless clients
• distributing VLAN information to the wireless clients
• serving as the point of connection between wireless clients and the wired LAN
• tuning each AP channel for optimal coverage
• providing PoE to the wireless clients
• distributing VLAN information to the wireless clients
• serving as the point of connection between wireless clients and the wired LAN
21.  What characteristic in a routing protocol allows it to support  the network design criteria for availability?
• CIDR support
• fast convergence
• timed updates
• VLSM suppor
• CIDR support
• fast convergence
• timed updates
• VLSM suppor
22.  A network designer is evaluating  the network security  implementation for an organization. The designer  recommends adding  network security devices in front of the server farm,  although network  security devices have been deployed in the Enterprise  Edge for two  years. What type of attack can be effectively prevented  with this  recommendation?
• virus attack
• internal attack
• Internet attack
• phishing attack
• virus attack
• internal attack
• Internet attack
• phishing attack
23.  Refer to the exhibit. The branch  office needs constant access  to the servers in the enterprise  headquarters. Therefore, a backup Frame  Relay link is added. A network
• administrator is configuring the routers in the branch office to make sure that when the backup Frame Relay link is used, only the traffic to access the enterprise headquarters is allowed. Which statement is true about the routing configuration on branch office edge routers?
• The command ip route 0.0.0.0 0.0.0.0 serial 0/0 50 should be configured on BE2.
• The command ip route 128.107.0.0 255.255.0.0 serial 0/0 50 should be configured on BE1.
• The command ip route 128.107.0.0 255.255.0.0 serial 0/0 50 should be configured on BE2.
• The command ip route 192.135.250.0 255.255.255.0 serial 0/0 50 should be configured on BE1.
• administrator is configuring the routers in the branch office to make sure that when the backup Frame Relay link is used, only the traffic to access the enterprise headquarters is allowed. Which statement is true about the routing configuration on branch office edge routers?
• The command ip route 0.0.0.0 0.0.0.0 serial 0/0 50 should be configured on BE2.
• The command ip route 128.107.0.0 255.255.0.0 serial 0/0 50 should be configured on BE1.
• The command ip route 128.107.0.0 255.255.0.0 serial 0/0 50 should be configured on BE2.
• The command ip route 192.135.250.0 255.255.255.0 serial 0/0 50 should be configured on BE1.
24.  An automobile sales company is  establishing a new, small sales  showroom in a downtown area. To update  the inventory database, the new  sales office will need a WAN connection  to the headquarters that is  located in the suburban area. The WAN  connection should be around a 4  Mb/s connection. Which WAN service will  provide the most economical  approach to meet the requirement?
• DSL
• ATM
• T1 line
• Frame Relay
• DSL
• ATM
• T1 line
• Frame Relay
25.  A network designer is selecting a  WAN technology for connections  between the headquarters of an  organization and its branch offices. In  this context, what is one  advantage of choosing Frame Relay over a T1  line?
• more secure
• flexible bandwidth
• shared media across the link
• efficiency with fixed length packet size
• more secure
• flexible bandwidth
• shared media across the link
• efficiency with fixed length packet size


0 komentar:
Posting Komentar