Thursday, September 04, 2008

It's Thursday, September 4, and here are the answers to Wednesday's Cisco certification exam practice questions!

CCNA Certification And CCENT Certification:

Write a configuration that would allow the following three users to successfully telnet in with the appropriate access level. Their first name is their username, last name is their password. (Don't do this at work! :) ) Include any necessary line configuration.


Jack Trump - highest privilege level possible

Donald Canfield - lowest privilege level possible

Stacy Putty - higher than Canfield, but lower than Trump

Answer: You'd need three separate username/password commands....

username jack privilege 15 password trump
username donald privilege 0 password canfield
username stacy privilege 1 password putty

You could put any value from 1 - 14 for the last password.

You'll also need the login local command on the VTY lines in order to use this local username/database for telnet authentication.

CCNA Security Certification / CCNP ISCW Exam:

Name five common address ranges that should be prohibited as source addresses for any packets entering your network from the outside.

Answer: RFC 3704 (an updated version of RFC 2827) recommends that packets from the following network ranges be prohibited from entering your network: /8 /8 (RFC 1918 Class A private range) /8 (loopback address range) /12 (RFC 1918 Class B private range) /16 (RFC 1918 Class C private range) /4 (reserved for IP multicasts) /4 (RFC 1918 Class E private range)

CCNA Wireless:

What happens if you start the WCS service and it's already running? Discuss any potential issues that could arise from this situation.

Answer: All that happens is that you'll receive a message that WCS is already running. Nothing bad happens. Don't mean to disappoint you. ;)

CCNA Voice:

You're running cRTP, and UDP checksums are not in use. What is the approximate compression percentage of the IP, UDP, and RTP headers?

Answer: If UDP checksums are not in use, you're going from 40 bytes of headers to only 2 - a 95% reduction in header overhead.

CCNP Certification / BSCI Exam:

What is the net effect of the following configuration? Are there options for this command that should be considered?

R1(config)#router ospf 1

R1(config-router)#default-information originate

Answer: As shown here, this router will advertise a default route into OSPF as long as one actually exists in the router's routing table. To advertise a default route even if none exists in the local router's tables, use the always option at the end of this command.

CCNP Certification / BCMSN Exam:

What should you do to avoid the error message shown below?

SW2(config)#int fast 0/8

SW2(config-if)#switchport nonegotiate

Command rejected: Conflict between 'nonegotiate' and 'dynamic' status.

Answer: The Dynamic Trunking Protocol (DTP) can be turned off at the interface level with the switchport nonegotiate command, but as you see below, you cannot turn DTP off until the port is no longer in dynamic desirable trunking mode.

SW2(config)#int fast 0/8
SW2(config-if)#switchport nonegotiate
Command rejected: Conflict between 'nonegotiate' and 'dynamic' status.

SW2(config-if)#switchport mode ?
access Set trunking mode to ACCESS unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
trunk Set trunking mode to TRUNK unconditionally

SW2(config-if)#switchport mode trunk
SW2(config-if)#switchport nonegotiate

You can verify DTP operation (or non-operation) with show dtp.

SW1#show dtp
Global DTP information
Sending DTP Hello packets every 30 seconds
Dynamic Trunk timeout is 300 seconds
4 interfaces using DTP

CCNP / ONT Exam:

What options will IOS Help show in the following configuration?

R1(config)#int tunnel 0

R1(config-if)#ip address

R1(config-if)#tunnel source

R1(config-if)#tunnel destination ?

Answer: You'll be prompted for to enter either a destination IP address (IPv4 or IPv6) or a hostname.

R1(config)#int tunnel 0
R1(config-if)#ip address
R1(config-if)#tunnel source
R1(config-if)#tunnel destination ?
Hostname or A.B.C.D ip address or host name
X:X:X:X::X IPv6 address

I'll have new questions here on the blog and on the main site later today - be sure to read yesterday's blog postings for new links as well. And when you're done, head over to my Cisco CCNA And CCNP Tutorial Page - over 200 free tutorials, articles, and practice exams await you!


Chris Bryant
CCIE #12933

No comments:

Blog Archive