The Bryant Advantage Bulldog Blog

What exactly does "CoPP" protect?

A. The control plane

B. The management plane

C. Both

D. Neither

Answers right here on Wednesday, October 1!

Be sure to read today's other blog posts for links to the first four videos on my new YouTube channel - I'll add a new CCNA Security video for you later today, too! I promise! :)

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Welcome back! It's Tuesday, September 30, and here are the answers to the Cisco certification exam training questions posted on Monday!

CCNA Certification And CCENT Certification:

Short answer: What command resulted in the following output?

R3# ?
HD unit 1, idb = 0x1C44E8, driver structure at 0x1CBAC8
buffer size 1524 HD unit 1, V.35 DCE cable

Answer: That's the output of show controller serial x. The above content is followed by about 25 lines of hex, but the DTE/DCE cable information you see there is (thankfully) near the top!

CCNA Security Certification / CCNP ISCW Exam:

Short answer: "All" is one of the SDEE Message display options available in SDM. Name the other three.

Answer: error, status, and alerts.

CCNP Certification / BSCI Exam:

Is the following configuration legal? If so, what's the meaning of the third line?

R2(config)#route-map PASSBSCI permit 20
R2(config-route-map)#match ip address 23
R2(config-route-map)#set interface serial0 ethernet0

Answer: Yes, this configuration is legal! When you name two interfaces with the set interface command in a route map, the first interface will be used as long as it's available, with the second interface being put into use only if the first interface is unavailable.

CCNP Certification / BCMSN Exam:

Port security can't be used with which of the following?

A. trunk ports

B. Etherchannel ports

C. destination SPAN port

D. 802.1x ports

Answer: A, B, C, D. You can't configure port security on any of those port types.

CCNP / ONT Exam:

Give both the numeric and non-numeric name and value for the highest level of IP Precedence available in the following configuration.

R2(config-pmap-c)#set precedence ?

Answer: Numerically, it's 7, the network level.

I'll have new practice exam questions for you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Monday, September 29, 2008

Here are your Cisco practice exam questions for Monday, September 29!

CCNA Certification And CCENT Certification:

Short answer: What command resulted in the following output?

R3# ?
HD unit 1, idb = 0x1C44E8, driver structure at 0x1CBAC8
buffer size 1524 HD unit 1, V.35 DCE cable

CCNA Security Certification / CCNP ISCW Exam:

Short answer: "All" is one of the SDEE Message display options available in SDM. Name the other three.

CCNP Certification / BSCI Exam:

Is the following configuration legal? If so, what's the meaning of the third line?

R2(config)#route-map PASSBSCI permit 20
R2(config-route-map)#match ip address 23
R2(config-route-map)#set interface serial0 ethernet0

CCNP Certification / BCMSN Exam:

Port security can't be used with which of the following?

A. trunk ports

B. Etherchannel ports

C. destination SPAN port

D. 802.1x ports

Be sure to read today's other blog posts for links to the first four videos on my new YouTube channel - I'll add a new CCNA Security video for you later today, too!
To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Monday, September 29, and here are the answers to Saturday's Cisco practice exam questions!

CCNA Certification And CCENT Certification:

Host A sends data to Host B. A router separates the two devices. Which of the following will change between the time the Request leaves Host A and arrives as Host B?

A. Source IP address

B. Source MAC address

C. Destination IP address

D. Destination MAC address

Answers: B, D. Both the source and destination MAC addresses will change, but the IP addresses will remain the same.

CCNA Security Certification / CCNP ISCW Exam:

Short answer: What is the numerically highest logging level available on a Cisco router? Give another non-numeric name for the level.

Answer: That's 7, the debugging level. IOS Help shows all our options:

R1(config)#logging 172.12.123.1
R1(config)#logging trap ?
<0-7> Logging severity level
alerts Immediate action needed (severity=1)
critical Critical conditions (severity=2)
debugging Debugging messages (severity=7)
emergencies System is unusable (severity=0)
errors Error conditions (severity=3)
informational Informational messages (severity=6)
notifications Normal but significant conditions (severity=5)
warnings Warning conditions (severity=4)

CCNP Certification / BSCI Exam:

What is the net effect of the following command?

R1(dhcp-config)#lease 30 23 59

Answer: You're setting the length of the DHCP lease, and IOS Help shows the meaning of each value along with the infinite option.

R1(dhcp-config)#lease ?
<0-365> Days
infinite Infinite lease

R1(dhcp-config)#lease 30 ?
<0-23> Hours

R1(dhcp-config)#lease 30 23 ?
<0-59> Minutes

R1(dhcp-config)#lease 30 23 59

CCNP Certification / BCMSN Exam:

In the wonderful world of wireless, what is CCKM?

Answer: CCKM is Cisco Centralized Key Management, which allows roaming users to roam between APs very quickly - according to their website, in less than 150 milliseconds.

AutoQoS has trouble running with one of the following - which one?

A. Serial interfaces running HDLC

B. Serial interfaces running PPP

C. Frame Relay DLCIs on PTP interfaces

D. Virtual Templates

Answer: D. AutoQoS does not play well with virtual templates!

More questions and a new CCNA Security video for you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Saturday, September 27, 2008

It's Saturday, September 27, and it's time for today's Cisco CCNA, CCENT, and CCNP practice exam questions!

Wireless and Voice questions return on Monday!

Let's get started on today's questions!

CCNA Certification And CCENT Certification:

Host A sends an ARP Request to Host B. A router separates the two devices. Which of the following will change between the time the Request leaves Host A and arrives as Host B?

A. Source IP address

B. Source MAC address

C. Destination IP address

D. Destination MAC address

CCNA Security Certification / CCNP ISCW Exam:

Short answer: What is the numerically highest logging level available on a Cisco router? Give another non-numeric name for the level.

CCNP Certification / BSCI Exam:

What is the net effect of the following command?

R1(dhcp-config)#lease 30 23 59

CCNP Certification / BCMSN Exam:

In the wonderful world of wireless, what is CCKM?

AutoQoS has trouble running with one of the following - which one?

A. Serial interfaces running HDLC

B. Serial interfaces running PPP

C. Frame Relay DLCIs on PTP interfaces

D. Virtual Templates

Answers right here on Sunday, September 28!

Be sure to read today's other blog posts for links to the first four videos on my new YouTube channel - I'll add a new CCNA Security video for you later today, too!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Welcome back!

It's Saturday, September 27,and here are the answers to yesterday's Cisco practice exam questions!

CCNA Certification And CCENT Certification:

Host B (172.1.1.1, aa-bb-cc-dd-ee-ff) has just received an ARP Request from Host A (172.1.1.3, bb-cc-dd-ee-ff-11). Assuming there are no Layer 3 devices between the two, what will the following values of the ARP Request packet be upon receipt?

A. Source MAC address

B. Source IP address

C. Destination MAC address

D. Destination IP address

Answers: Since there's no L3 device between the two, we can discount Proxy ARP.

A: The source MAC address will be HostB's MAC address.

B. The destination MAC address will be ff-ff-ff-ff-ff-ff, since ARP Requests are L2 broadcasts.

C. The source IP address will be Host B's IP address.

D. The destination IP address will be Host A's IP address.

CCNA Security Certification / CCNP ISCW Exam:

Considering both an IPS and an IDS, which is directly in the flow of traffic?

A. Both

B. Neither

C. The IPS only

D. The IDS only

Answer: C. The IPS will be directly in the flow of traffic, where the IDS will not be. This in itself makes the IPS more efficient in detecting and defending against network attacks.

CCNP Certification / BSCI Exam:

In OSPF, which routes are replaced with a single default route when you configure a total stub area?

A. external

B. inter-area

C. both of these

D. neither of these

Answer: C. A total stub will have a default route take the place of external and inter-area routes.

CCNP Certification / BCMSN Exam:

What command resulted in the following output?

SW1# ?

Port Mode Encapsulation Status Native vlan
Fa0/11 desirable 802.1q trunking 1
Fa0/12 desirable 802.1q trunking 1

Answer: That's the result of show interface trunk.

CCNP Certification / BCMSN Exam:

Which of the following are default SDM settings?

A. Preview commands before delivering to router

B. Save signature file to Flash

C. Confirm before exiting from SDM

D. Program opens to the Home window

Answer: B, C, D. When I use SDM, I like to see the commands before they're delivered to the router, but that's not a default setting. I'll have a new CCNA Security video on YouTube and the website over the weekend that will show you how to change this default.

I'll have some new questions for you later today, and at least one new CCNA Security video as well! See you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Friday, September 26, 2008

It's Friday, September 26, and here are your free Cisco training questions for today!

Later today, I'll have a new Cisco Certification video for you on the website and on my YouTube channel as well. Read today's other blog posts for links to my other videos over on YouTube, and be sure to subscribe to my channel while you're there to be the first to know about new videos!

Let's get started on today's questions!

CCNA Certification And CCENT Certification:

Host B (172.1.1.1, aa-bb-cc-dd-ee-ff) has just received an ARP Request from Host A (172.1.3.1, bb-cc-dd-ee-ff-11). Assuming there are no Layer 3 devices between the two, what will the following values of the ARP Request packet be upon receipt?

A. Source MAC address

B. Source IP address

C. Destination MAC address

D. Destination IP address

CCNA Security Certification / CCNP ISCW Exam:

Considering both an IPS and an IDS, which is directly in the flow of traffic?

A. Both

B. Neither

C. The IPS only

D. The IDS only

CCNP Certification / BSCI Exam:

In OSPF, which routes are replaced with a single default route when you configure a total stub area?

A. external

B. inter-area

C. both of these

D. neither of these

CCNP Certification / BCMSN Exam:

What command resulted in the following output?

SW1# ?

Port Mode Encapsulation Status Native vlan
Fa0/11 desirable 802.1q trunking 1
Fa0/12 desirable 802.1q trunking 1

CCNP / ONT Exam:

Which of the following are default SDM settings?

A. Preview commands before delivering to router

B. Save signature file to Flash

C. Confirm before exiting from SDM

D. Program opens to the Home window

I'll have the answers right here for you on Saturday, September 27!

Be sure to read today's other blog posts for links to the first four videos on my new YouTube channel - I'll add a new video later today as well!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Here are the answers to the Cisco practice exam questions posted on Thursday, September 26!

If you missed this week's Cisco Certification Jeopardy! game, be sure to scroll down and play!

CCNA Certification And CCENT Certification:

List the three steps in the TCP 3-way handshake and briefly describe what happens in each step.

Answer: The initial segment with the SYN bit set contains negotiable values, including the synchronization number. The SYN-ACK response is an acknowledgement that the initial message was received, and an agreement to the negotiated values. The final ACK is an acknowledgement that the SYN-ACK was received, and the three-way handshake is complete.

CCNA Security Certification / CCNP ISCW Exam:

Define each "A" in AAA and briefly describe the purpose of each.

Answer: Basically, Authentication defines who can gain access to your network, Authorization defines what they can do once they're in, and Accounting keeps track of what resources are used.

CCNP Certification / BSCI Exam:

What exactly does the default-information originate command do, and under what conditions?

Answer: This OSPF command results in the router advertising a default route, as long as a default route actually exists in the routing table. To advertise a default route even when there isn't one in the routing table, use the always option with this command.

What purpose does DHCP Option 43 serve in wireless networking?

Answer: When Option 43 is in effect, the DHCP Server will include the IP addresses of WLCs in the Option 43 field of the DHCP Offer packet. The LAP can then send L3 LWAPP Discovery Request messages to each of the WLCs.

CCNP / ONT Exam:

What's the main difference between the two available versions of WLSE?

Answer: Actually, there are two differences to be aware of.

There are two versions of WLSE. The full version (generally referred to as simply "WLSE") can manage a maximum of 2500 devices. WLSE Express is for smaller networks that have 100 or fewer devices to manage.

One important setup difference between the two - the Express version has an integrated AAA server; the "regular" version does not, so you will need an external AAA server for use with the full version.

New questions and a new YouTube video will be posted here on the blog later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Thursday, September 25, 2008

Here's a new Bryant Advantage video that will help you choose the right path to CCNA success!

Cisco certification candidates often ask me whether they should take the one-exam or two-exam path on the way to their CCNA. I've posted a new video on the website to help you make that decision:

CCNA Certification Success: One Exam Or Two?

The five minutes you spend watching that video will truly help you make the right decision for your career. Enjoy!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Thursday, September 25, and here are your Cisco practice exam questions for today!

If you missed yesterday's Cisco Certification Jeopardy! game, be sure to scroll down and play!

Yesterday, I gave you the answers, so today you have to give me the answers - with no choices given! :)

CCNA Certification And CCENT Certification:

List the three steps in the TCP 3-way handshake and briefly describe what happens in each step.

CCNA Security Certification / CCNP ISCW Exam:

Define each "A" in AAA and briefly describe the purpose of each.

CCNP Certification / BSCI Exam:

What exactly does the default-information originate command do, and under what conditions?

CCNP Certification / BCMSN Exam:

What purpose does DHCP Option 43 serve?

CCNP / ONT Exam:

What's the main difference between the two available versions of WLSE?

Answers will be posted right here on Friday, September 25! Be sure to play yesterday's Cisco Certification Jeopardy! game if you haven't already done so, and I'll see you later today with a new YouTube video!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Judging from my email, everyone really enjoyed the Cisco Certification Jeopardy game yesterday - so let's take a look at the questions to Wednesday's answers and see if you did as well as these contestants!

(If you didn't play yesterday, the answers are in one of yesterday's blog posts, so scroll down and play!)

CCNA Certification And CCENT Certification:

The category is WANs:

$ 20 - It's the default encapsulation for a Serial interface

What is HDLC?

$ 40 - This is the net result to the physical and logical point-to-point connections when encap types don't match

What is "the physical line stays up, but the line protocol goes down?"

$ 60 - This protocol is considered the "manager" of a PPP connection

What is LCP, the Link Control Protocol?

$ 80 - These are the three default Frame Relay LMI types

What are Cisco, ansi, and q933a?

$ 100 - You forgot to do this if you see a dynamic frame mapping to "0.0.0.0"

What is "disable Inverse ARP"?

CCNA Security Certification / CCNP ISCW Exam:

The category is .... the IOS Firewall Set:

$20 - In a typical firewall-protected network, you have three logical areas - "inside", "outside", and this

What is a DMZ?

$40 - To create the answer to the $20 question with SDM, you must use this

What is the Advanced Firewall Wizard? (The Basic wizard does not support DMZs.)

$60 - These three commands must be on a router before SDM can be used

What are "ip http server", "ip http secure-server", and "ip http authentication local"? (For one of these, you could have said that a username/password combination granting a privilege level of 15 is needed as well.)

$80 - These three "V"s must be considered when configuring firewalls

What are voice, VPNs, and video?

$100 - It's this command that defines the time allowed for a TCP handshake to reach the Established stage

What is "ip inspect tcp sywait-time"?

CCNP Certification / BSCI Exam:

The subject is... BGP.

$20 - It's this port that BGP uses to establish neighbor adjacencies

What is TCP port 179?

$40 - In the neighbor command, these are the two required numeric values

What are the IP address of the neighbor and that neighbor's AS number?

$60 - They're the two well-known discretionary BGP attributes

What are local preference and atomic aggregate?

$80 - The BGP attribute Local Preference uses this for a default setting

What is 100?

$100 - Assuming Cisco routers are in use, this is the 4th tiebreaker in the BGP best-path selection process

What is "shortest AS path"?

CCNP Certification / BCMSN Exam:

The subject is ... Multilayer Switching.

$20 - Not enabled by default, this must be enabled for a multilayer switch to run CEF

What is IP routing?

$40 - Other terms for this include "Layer 3 engine" and "Layer 3 forwarding engine"

What is the control plane?

$60 - Defined in RFC 1256, IRDP routers and hosts send these two kinds of packets to facilitate the router redundancy process

What are Router Advertisements and Router Solicitations? (The protocol is IRDP.)

$80 - It's the well-known virtual MAC address used by the protocol defined by RFC 2281

What is 00-00-0c-07-ac-xx, with "xx" being the HSRP group number in hex?

$100 - Of routed ports, SVIs, and Layer 3 port-channels, these are the interface types that support HSRP on a multilayer switch

What is "all of them"?

The subject is.... queuing. (Or queueing, depending on which book you're reading!)

$20 - It's the default queuing scheme for interfaces running at over E1 speed

What is FIFO, or "first in, first out"?

$40 - The default capacity of the default queue used in Priority Queuing

What is 60 packets?

$60 - Three of the four criteria commonly used to define a WFQ traffic flow

What are "source or destination IP address", "source or destination port number", "protocol number", and "ToS"?

$80 - The maximum number of queues available in CBWFQ

What is 64?

$100 - These two common CBWFQ commands can't be used in the same policy map

What are "bandwidth" and "bandwidth percent"?

I hope you did well! Don't forget to pick up your promotional gift on your way to the next post ...

... and I'll see you later today with another set of practice exam questions!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Wednesday, September 24, 2008

It's Wednesday, September 24, and it's time to play... Cisco Certification Jeopardy!

Let's have a look at today's board.... and yes, we are using the old school board! :)

Dollar values are doubled for this round, but it doesn't matter since we're not playing for real money! :) So let's get started!

CCNA Certification And CCENT Certification:

The category is WANs:

$ 20 - It's the default encapsulation for a Serial interface

$ 40 - This is the net result to the physical and logical point-to-point connections when encap types don't match

$ 60 - This protocol is considered the "manager" of a PPP connection

$ 80 - These are the three default Frame Relay LMI types

$ 100 - You forgot to do this if you see a dynamic frame mapping to "0.0.0.0"

CCNA Security Certification / CCNP ISCW Exam:

The category is .... the IOS Firewall Set:

$20 - In a typical firewall-protected network, you have three logical areas - "inside", "outside", and this

$40 - To create the answer to the $20 question with SDM, you must use this

$60 - These three commands must be on a router before SDM can be used

$80 - These three "V"s must be considered when configuring firewalls

$100 - It's this command that defines the time allowed for a TCP handshake to reach the Established stage

CCNP Certification / BSCI Exam:

The subject is... BGP.

$20 - It's this port that BGP uses to establish neighbor adjacencies

$40 - In the neighbor command, these are the two required numeric values

$60 - They're the two well-known discretionary BGP attributes

$80 - The BGP attribute Local Preference uses this for a default setting

$100 - Assuming Cisco routers are in use, this is the 4th tiebreaker in the BGP best-path selection process

CCNP Certification / BCMSN Exam:

The subject is ... Multilayer Switching.

$20 - Not enabled by default, this must be enabled for a multilayer switch to run CEF

$40 - Other terms for this include "Layer 3 engine" and "Layer 3 forwarding engine"

$60 - Defined in RFC 1256, IRDP routers and hosts send these two kinds of packets to facilitate the router redundancy process

$80 - It's the well-known virtual MAC address used by the protocol defined by RFC 2281

$100 - Of routed ports, SVIs, and Layer 3 port-channels, these are the interface types that support HSRP on a multilayer switch

The subject is.... queuing. (Or queueing, depending on which book you're reading!)

$20 - It's the default queuing scheme for interfaces running at over E1 speed

$40 - The default capacity of the default queue used in Priority Queuing

$60 - Three of the four criteria commonly used to define a WFQ traffic flow

$80 - The maximum number of queues available in CBWFQ

$100 - These two common CBWFQ commands can't be used in the same policy map

Look for the questions right here on Thursday!

Also, while you're here , be sure to read today and yesterday's blog posts for links to new YouTube videos. I'll be hosting those on the website soon as well!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Two New CCNA Security Tutorials Have Been Posted!

As part of the countdown to the release of my CCNA Security Exam Study Package, here's a new tutorial on how to use SDM to perform a security audit.

CCNA Security Exam: SDM And Security Audits

And my latest tutorial, this one on the importance of being wary of both internal and external threats:

CCNA Security Tutorial: Network Defense Decisions

Only 34 33 Days Until My CCNA Security Study Package Is Released....

But Why Wait? Start Studying Today And Save Money, Too!

Big News - The CCNA Security Study Package will also be available in hard copy, and you can still begin studying just minutes from now!

I've been around Cisco certifications for over 10 years, and I've never seen anything like the positive response to the new CCNA certifications, especially CCNA Security.

As you know, you've got to earn your CCNA before you can take these new exams, and plenty of you are doing that right now - more of you than ever before!

My inbox has been flooded with emails wanting to know how long it'll be before my CCNA Security Study Package is ready.

Well, I've got great news - you can click on that link and start working on your CCNA Security certification less than five minutes from now, using the same techniques I've used to help certification candidate around the world earn their CCNA, CCNP, and CCENT!

Not only that, but you now have the opportunity to save serious money at the same time - by locking in the lowest price I've ever put on one of my Study Packages!

You can start working on your CCNA Security certification right away, and you save 30% on the regular price of my Study Packages. You also now have the option of purchasing a hard copy edition!

Take advantage of this opportunity and start working on your CCNA Security certification now - just click this link!

The Ultimate CCNA Security Study Package

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Let's take a look at the answers to the Cisco practice exam questions posted Tuesday, September 24!

CCNA Certification And CCENT Certification:

The statements below describe RAM, ROM, Flash, and/or NVRAM. Identify the term(s) that each statement describes.

For this question, I'll list the correct answers after each choice.

A. Contents are lost on a reload - RAM

B. Default location from which the IOS image is loaded. - Flash

C. Contains the startup configuration - NVRAM

D. Contains the running configuration - RAM

E. Stores the power-on self-test programs - ROM

CCNA Security Certification / CCNP ISCW Exam:

You're configuring SSH and want to define how many seconds must pass before an incomplete SSH connection is terminated. What command can you use to do this?

A. exec-timeout

B. ip ssh time-out

C. ssh terminate

D. ip ssh timer-log

E. ssh idle-timer

Answer: You'll need the ip ssh time-out command.

CCNP Certification / BSCI Exam:

Which of the following values must match exactly between potential OSPF neighbors in order for a neighbor relationship to form?

A. hello time

B. dead time

C. stub flag

D. process number

E. AS number

Answer: A, B, C. The OSPF process number does not need to match, and OSPF does not use AS numbers. Potential OSPF neighbors must agree on the hello time, dead time, and stub flag.

CCNP Certification / BCMSN Exam:

Short answer: What is the basic purpose of a VMPS?

Answer: When you move a user from one port to another using static VLANs, you have to change the configuration of the switch to reflect these changes. Using a VLAN Membership Policy Server (VMPS) results in these changes being performed dynamically, because the port's VLAN membership is decided by the source MAC address of the device connected to that port. (Yet another reason that the first value a switch looks at on an incoming frame is the source MAC address!)

ONT Exam:

Short answer: Name the three business-critical sub-categories of traffic created by SDM when using the QoS Wizard.

Answer: Transactional, Management, and Routing.

More questions... and maybe, just maybe, a few answers.... right here later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Tuesday, September 23, 2008

Even MORE Proof That Cisco Certification Is More Important Than It's Ever Been!

Opportunities are everywhere for Cisco certified network admins today, and there are going to be even more opportunities in the future - take a few minutes to read this vital article from Forbes' website on Cisco's plans for the future:

Cisco Continues To Grow And Grow

And they're doing very, very well now! Just look at these recent sales figures....

Product sales rose 8.8%

Service sales climbed 16%

Someone's got to install and troubleshoot all of this equipment - and Cisco certified network admins are at the front of the line!

Whether you're just getting started with your Cisco studies for the CCENT exam, working on your CCNA, or adding the CCNP to your resume, the facts are clear:

There's never been a better or more important time to earn your Cisco certifications.

Get started right now!

The Ultimate CCENT Study Package (With video tour and free upgrade to CCNA Study Package!)

The Ultimate CCNA Study Package

The Ultimate CCNP Study Package Bundle

All downloadable in minutes, and all 100% satisfaction guaranteed! I'm ready to help you build a brighter future by coaching you all the way to your Cisco certifications and your career goals.

There's never been a more important time to start working on your Cisco certifications - now is the time, and I'm ready to do everything I can to help you get there! Click those links and let's get started!

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Here are your CCNA, CCNP, CCENT, and Cisco Security exam questions for Tuesday, September 23.

CCNA Voice and Wireless questions return on October 1!

CCNA Certification And CCENT Certification:

The statements below describe RAM, ROM, Flash, and/or NVRAM. Identify the term(s) that each statement describes.

A. Contents are lost on a reload

B. Default location from which the IOS image is loaded.

C. Contains the startup configuration

D. Contains the running configuration

E. Stores the power-on self-test programs

CCNA Security Certification / CCNP ISCW Exam:

You're configuring SSH and want to define how many seconds must pass before an incomplete SSH connection is terminated. What command can you use to do this?

A. exec-timeout

B. ip ssh time-out

C. ssh terminate

D. ip ssh timer-log

E. ssh idle-timer

CCNP Certification / BSCI Exam:

Which of the following values must match exactly between potential OSPF neighbors in order for a neighbor relationship to form?

A. hello time

B. dead time

C. stub flag

D. process number

E. AS number

CCNP Certification / BCMSN Exam:

Short answer: What is the basic purpose of a VMPS?

Short answer: Name the three business-critical sub-categories of traffic created by SDM when using the QoS Wizard.

Answers right here on Wednesday, September 24!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Welcome back!

Let's take a look at the answers to the Cisco practice exam questions posted here on Monday, September 22!

All of yesterday's questions were short answer.

CCNA Certification And CCENT Certification:

In the wonderful world of WANs, what is the "demarc point"?

Answer: That's the point where your network's wiring and equipment meet that of the service provider. It also makes for some interesting tech support discussions. ("No, sir, I'm quite sure the problem is on your side of the demarc point!")

CCNA Security Certification / CCNP ISCW Exam:

Just 34 days until the release of my CCNA Security Study Package!

What command resulted in the following output?

R1# ?
Session audit trail is disabled
Session alert is enabled
one-minute (sampling period) thresholds are [400:500] connections
max-incomplete sessions thresholds are [400:500]
max-incomplete tcp connections per host is 50. Block-time 0 minute.
tcp synwait-time is 30 sec -- tcp finwait-time is 5 sec
tcp idle-time is 3600 sec -- udp idle-time is 30 sec

Answer: That's the (very) partial output of the show ip inspect config command.

CCNP Certification / BSCI Exam:

In OSPF, Area 0 cannot be made into which of the following ?

A. stub

B. total stub

C. not-so-stub stub

D. partial stub

Answer: A, B, C, D. You can't configure Area 0 as any kind of stub area.

CCNP Certification / BCMSN Exam:

What global command will enable BPDU Guard on all ports on your Cisco switch?

Answer: SW1(config)#spanning-tree portfast bpduguard default

CCNP / ONT Exam:

Name three values commonly examined to determine the bandwidth of a VoIP call.

Answer: Any three of these six values would be correct: packet rate, packetization period, header overhead, L2 overhead, tunneling overhead (if you're tunneling, that is), and the CODEC in use.

More questions for you right here later today! Be sure to read today's other blog posts for my latest YouTube CCNA and CCNP certification videos!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Monday, September 22, 2008

Congratulations To Chris Hartzer, Who Just Finished Sweeping His CCNA And CCNP Exams With The Bryant Advantage!

"Chris, using your study tools I went from nothing to CCNP in 7 months! I started studying and receiving the daily emails in February and I passed my last CCNP exam on September 13th 2008!

I scored 954 on the CCNA, 945 on the BSCI, 955 on the BCMSN, 870 on the ISCW and 966 on the ONT! THANKS!" - Chris Hartzer, CCNA and CCNP

Whether you prefer ebooks or videos, you can join the parade of Cisco Certification success with a single click! Click these links and let's get started!

The Ultimate CCENT Study Package (with video tour and free upgrade to CCNA Study Package!)

The Ultimate CCNA Study Package

The CCNP Study Package Bundle - Save $70 And Get CCNP Certified, Just Like Chris Did!

Or my exclusive CCNA And CCNP Video Boot Camps....

Don't wait to create your future - click those links and let's get started!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Monday, September 22 - let's take a look at your free Cisco certification exam training questions for today!

All of today's questions are short answer. No need to thank me! :)

CCNA Certification And CCENT Certification:

In the wonderful world of WANs, what is the "demarc point"?

CCNA Security Certification / CCNP ISCW Exam:

CCNP Certification / BSCI Exam:

In OSPF, Area 0 cannot be made into which of the following ?

A. stub

B. total stub

C. not-so-stub stub

D. partial stub

CCNP Certification / BCMSN Exam:

What global command will enable BPDU Guard on all ports on your Cisco switch?

CCNP / ONT Exam:

Name three values commonly examined to determine the bandwidth of a VoIP call.

I'll have the answers right here for you on Tuesday, September 23! Be sure to read today's other blog posts for links to the first four videos on my new YouTube channel!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Monday, September 22, and here are the answers to Saturday's Cisco certification practice exam questions!

CCNA Certification And CCENT Certification:

Take a look at the following configuration and answer these questions:

1. What's the escape sequence mentioned in the first line?

2. What two commands combined to create this output?

3. What is a more common name for "ICMP Echos"?

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.12.123.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 136/139/152 ms
R3#
IP: s=172.12.123.3 (local), d=172.12.123.2 (Serial0), len 100, sending
IP: s=172.12.123.1 (Serial0), d=172.12.123.3 (Serial0), len 56, rcvd 3
IP: s=172.12.123.2 (Serial0), d=172.12.123.3 (Serial0), len 100, rcvd 3
IP: s=172.12.123.3 (local), d=172.12.123.2 (Serial0), len 100, sending

Answers: The escape sequence is crtl-c. The two commands running are debug ip packet and ping 172.12.123.2 (the destination of the pings is indicated by "d="), and naturally the ICMP Echos are commonly called pings.

CCNA Security Certification / CCNP ISCW Exam:

Which of the following does IKE *not* negotiate?

A. IKE keys

B. IPSec Security Agreements

C. QM_IDLE mode (Tunnel or Transport)

D. authentication of IPSec peers

Answer: C. There's no such thing as QM_Idle mode, but IKE does negotiate the other three values.

Define the term modulation, and discuss briefly what the term means in today's wireless networks.

Answer: Modulation refers to the addition of information to a signal; the "mo" in modem refers to this process. In wireless networking, information is added to a radio signal in order to transmit the data in that fashion.

Which of the following is *not* a VoIP signaling protocol?

A. SCCP

B. SIP

C. YAGI

D. MGCP

E. UNI

Answer: C, E. Yagi and uni(directional) are antenna types. The others are VoIP signaling protocols.

CCNP Certification / BSCI Exam:

What message should you expect the router to display immediately after entering the following configuration?

R1(config)#router ospf 1

R1(config-router)#redistribute connected

Answer: You'll see a message telling you that only classful networks will be connected. To redistribute all subnets as well, add the subnets option to the redistribute connected command, as shown in the following configuration.

R1(config)#router ospf 1
R1(config-router)#redistribute connected
% Only classful networks will be redistributed
R1(config-router)#redistribute connected subnets

CCNP Certification / BCMSN Exam:

What command resulted in the output shown below?

SW1# ?
Session 1
---------
Type : Local Session
Source Ports :
Both : Fa0/1-5
Destination Ports : Fa0/6
Encapsulation : Native
Ingress: Disabled

Answer: You're verifying your SPAN configuration with the show monitor command.

Name the three drop behaviors that RED can carry out.

Answer: No Drop, Random Drop, and Full Drop.

I'll have more questions for you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Saturday, September 20, 2008

It's Saturday, September 20, and here are your Cisco certification exam training questions for today!

CCNA Certification And CCENT Certification:

Take a look at the following configuration and answer these questions:

1. What's the escape sequence mentioned in the first line?

2. What two commands combined to create this output?

3. What is a more common name for "ICMP Echos"?

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.12.123.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 136/139/152 ms
R3#
IP: s=172.12.123.3 (local), d=172.12.123.2 (Serial0), len 100, sending
IP: s=172.12.123.1 (Serial0), d=172.12.123.3 (Serial0), len 56, rcvd 3
IP: s=172.12.123.2 (Serial0), d=172.12.123.3 (Serial0), len 100, rcvd 3
IP: s=172.12.123.3 (local), d=172.12.123.2 (Serial0), len 100, sending

CCNA Security Certification / CCNP ISCW Exam:

Which of the following does IKE *not* negotiate?

A. IKE keys

B. IPSec Security Agreements

C. QM_IDLE mode (Tunnel or Transport)

D. authentication of IPSec peers

Define the term modulation, and discuss briefly what the term means in today's wireless networks.

Which of the following is *not* a VoIP signaling protocol?

A. SCCP

B. SIP

C. YAGI

D. MGCP

E. UNI

CCNP Certification / BSCI Exam:

What message should you expect the router to display immediately after entering the following configuration?

R1(config)#router ospf 1

R1(config-router)#redistribute connected

Name the three drop behaviors that RED can carry out.

I'll have the answers right here for you on Sunday, September 21!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Saturday, September 20, and here are the answers to Friday's Cisco practice exam questions!

CCNA Certification And CCENT Certification:

What is the meaning of the term microsegmentation as it relates to switching?

Answer: Microsegmentation is a term sometimes used in Cisco documentation to describe the "one host, one collision domain" topology resulting from each host being connected to its own switch port.

CCNA Security Certification / CCNP ISCW Exam:

Which of the following can the IOS Firewall set perform?

A. Application Inspection

B. Stateful Packet Inspection

C. Authentication Proxy

D. Java Blocking

E. URL filtering

Answers: A, B, C, D, E. The IOS Firewall Set can perform all of these actions.

CCNP Certification / BSCI Exam:

In the following output, which metric is the feasible distance? Which is the advertised distance? And what is the difference between the two? (No charge for the extra questions!)

R3# <>

P 172.23.0.0/16, 2 successors, FD is 2195456
via 172.12.123.2 (2195456/281600), Serial0
via 172.12.123.3 (2195456/281600), Serial0

Answer: The first number, 2195456, is the route's feasible distance. This is the full metric of the route to the destination network.

The second number, 281600, is the route's advertised distance. This is the metric from the next-hop router to the destination network.

CCNP Certification / BCMSN Exam:

You want to copy the contents of your Cisco switch's startup configuration file to the running configuration file. What's the exact syntax of the global command that will do this?

Answer: copy start run for short. You can see the full syntax in the following IOS Help readout. Remember, the first location in the command is what you're copying, and the second location is where you're copying to.

BRYANT_ADVANTAGE_1#copy ?
flash Copy from system flash
flh-log Copy FLH log file to server
mop Copy from a MOP server
rcp Copy from an rcp server
running-config Copy from current system configuration
startup-config Copy from startup configuration
tftp Copy from a TFTP server

BRYANT_ADVANTAGE_1#copy startup-config ?
rcp Copy to an rcp server
running-config Update (merge with) current system configuration
tftp Copy to a TFTP server

BRYANT_ADVANTAGE_1#copy startup-config running-config

CCNP / ONT Exam:

What are we configuring in the following example?

R1(config-pmap-c)#shape peak ?
<8000-154400000> Target Bit Rate (bits per second), the value needs to be multiple of 8000

Answer: We're configuring traffic shaping, and this particular section of the configuration is a policy map.

I'll have more fresh-baked Cisco questions for you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Thursday, September 18, 2008

Welcome! It's Friday, September 19 (despite what the Blogger header says, they seem to be having an issue with the date right now), and in the following blog posts, you'll find....

... three new YouTube videos, two dealing with the configuration of a Frame Relay switch and one to help you decide which path to take to your CCNA!

And even if you're not working on a Cisco home lab right now, those Frame Relay switching videos review some important concepts for you CCNA and CCENT candidates!

.... I've posted a video tour of my CCNA / CCENT Study Package

.... the answers to yesterday's Cisco practice exam questions, and a brand-new set of questions

.... and more ! So pull up a chair and stay a while, we've got plenty of Cisco resources here for you on the blog and even more over on the website!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Friday, September 19, and there's a new YouTube CCNA video for you today as well as a new set of Cisco certification exam practice questions!

Be sure to read today's other blog posts for links to my new YouTube videos and learn how to subscribe to my YouTube channel!

Let's get started!

CCNA Certification And CCENT Certification:

What is the meaning of the term microsegmentation as it relates to switching?

CCNA Security Certification / CCNP ISCW Exam:

Which of the following can the IOS Firewall set perform?

A. Application Inspection

B. Stateful Packet Inspection

C. Authentication Proxy

D. Java Blocking

E. URL filtering

CCNP Certification / BSCI Exam:

In the following output, which metric is the feasible distance? Which is the advertised distance? And what is the difference between the two? (No charge for the extra questions!)

R3# <>

P 172.23.0.0/16, 2 successors, FD is 2195456
via 172.12.123.2 (2195456/281600), Serial0
via 172.12.123.3 (2195456/281600), Serial0

What are we configuring in the following example?

R1(config-pmap-c)#shape peak ?
<8000-154400000> Target Bit Rate (bits per second), the value needs to be multiple of 8000

Answers right here on Saturday, September 20! Be sure to check today's other blog posts for my latest YouTube CCNA videos!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Friday, September 19, and I've got a new YouTube video for you as well as the answers to yesterday's Cisco practice exam questions!

Here's a new YouTube video for you - this one covers a question I'm asked every day in email. "Should I take the one- or two-exam path to the CCNA?"

CCNA And CCENT Certification: The Path(s) To Success

Be sure to subscribe to my YouTube channel to be notified of every one of my upcoming Cisco certification videos!

Let's check out the answers to yesterday's questions...

CCNA Certification And CCENT Certification:

Short answer: You need to find out which end of a DTE/DCE cable is connected to a Cisco router. Problem is, the router cabinet is so packed with cables that you can't begin to see the lettering on the cable. (Not that this would ever happen, right?)

What command will give you this information, assuming the cable is connected to Serial0?

Answer: You can run show controller serial 0 to get that information. The DTE/DCE cable information is near the top of the command output.

CCNA Security Certification / CCNP ISCW Exam:

Name two major differences between RADIUS and TACACS+.

Answer: TACACS+ is Cisco-proprietary and is TCP-based, where RADIUS is an open-standard protocol and is UDP-based.

CCNP Certification / BSCI Exam:

What command resulted in the following output?

R3# ?

OSPF Process 1 internal Routing Table

Codes: i - Intra-area route, I - Inter-area route

i 1.1.1.1 [64] via 172.12.123.1, Serial0, ABR/ASBR, Area 0, SPF 38
i 2.2.2.2 [64] via 172.12.123.2, Serial0, ABR, Area 0, SPF 38

Answer: That's the output of show ip ospf border-routers.

CCNP Certification / BCMSN Exam:

You want to initialize a Cisco switch - totally. What commands should you run?

Answer: In addition to a write erase, you should run delete vlan.dat to get rid of any VLAN information.

CCNP / ONT Exam:

Name the two fixed-length processing delays, the two variable-length processing delay, and a brief description of each.

Variable-Length Delays:

Queuing Delay is the amount of time a packet spends in the exit queue before being transmitted.
Processing Delay is the time it takes the network device to move a packet from the incoming queue into the appropriate outgoing queue.

Fixed-Length Delays:

Serialization Delay is the time it takes to place the frame onto the physical medium.

Propagation Delay is the amount of time it takes for the bits to cross the physical media from the tranmission point to the point of reception.

I'll have more questions and answers for you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Two New Bryant Advantage CCNA / CCNP Videos Have Just Been Posted On YouTube!

I've just posted my recent Frame Relay switching video on YouTube - I've also divided it into two parts!

Even if you're not working on a home lab right now, I strongly recommend these videos for all CCENT and CCNA candidates, as these videos also review some important Frame Relay concepts:

CCNA / CCNP Home Lab Video: Frame Relay Switch Theory

The second video shows you how to configure a Frame Relay switch, along with verification and troubleshooting procedures:

CCNA / CCNP Home Lab Video: Frame Relay Switch Configuration

While you're there, be sure to click "subscribe" to be the first to know about future Cisco certification videos I'll be posting regularly on YouTube, including in-depth looks at the new Security, Wireless and Voice videos, along with study tips and a lot more!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Answers To Last Week's CCNP Practice Exams Have Been Posted!

CCNP ISCW Exam: Virtual Private Networks

CCNP BSCI Exam: Multicasting

CCNP BCMSN Exam: Multilayer Switching And HSRP

Check today's other blog posts for a link to the new CCNA/CCNP video I've posted on the main site, showing you how to configure a frame relay switch - and even if you're not working on a home lab right now, it's a great frame relay review for your studies!

There are more practice exams on the way for you CCNA and CCENT candidates as well, and in the meantime, visit this page - there are quite a few practice exams for you there!

CCNA And CCENT Practice Exams

Read today's other blog posts for the first two entries in my YouTube video channel, which include videos every CCNA and CCENT candidate should see!

Enjoy!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Thursday, September 17, and it's time for your free Cisco certification practice exam questions!

Be sure to read today's other blog posts for links to my new YouTube videos and learn how to subscribe to my YouTube channel!

All of today's questions are short answer. Let's get started!

CCNA Certification And CCENT Certification:

Short answer: You need to find out which end of a DTE/DCE cable is connected to a Cisco router. Problem is, the router cabinet is so packed with cables that you can't begin to see the lettering on the cable. (Not that this would ever happen, right?)

What command will give you this information, assuming the cable is connected to Serial0?

CCNA Security Certification / CCNP ISCW Exam:

Name two major differences between RADIUS and TACACS+.

CCNP Certification / BSCI Exam:

What command resulted in the following output?

R3# ?

OSPF Process 1 internal Routing Table

Codes: i - Intra-area route, I - Inter-area route

i 1.1.1.1 [64] via 172.12.123.1, Serial0, ABR/ASBR, Area 0, SPF 38
i 2.2.2.2 [64] via 172.12.123.2, Serial0, ABR, Area 0, SPF 38

CCNP Certification / BCMSN Exam:

You want to initialize a Cisco switch - totally. What commands should you run?

CCNP / ONT Exam:

Name the two fixed-length processing delays, the two variable-length processing delay, and a brief description of each.

I'll have the answers for you on Friday, September 19. Look for more links to practice exams in the blog posts from the last few days!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Thursday, September 17, and here are the answers to yesterday's Cisco practice exam questions!

Be sure to check today's other blog posts for links to my new YouTube videos and video channel!

CCNA Certification And CCENT Certification:

What command resulted in the following output?

SW2# ?
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 64
Number of existing VLANs : 6
VTP Operating Mode : Server
VTP Domain Name : CCNA

Answer: That's the output of an excellent first step in VTP troubleshooting - show vtp status.

CCNA Security Certification / CCNP ISCW Exam:

Briefly describe a man-in-the-middle attack and propose at least one solution for this network attack.

Answer: Basically, a potential network intruder eavesdrops on a conversation between "Point A" and "Point B", then contacts each of those points individually and pretends to be the other point.

Two sound defenses against MITM attacks are the use of a Certification Authority (CA) and using cryptography to protect the initial conversation.

CCNA Wireless:

Identify the true statements regarding the RSSI.

A. Can be used to compare values from different vendors

B. Cannot accurately compare values from different vendors

C. Measures signal strength

D. Measures direction of the signal

E. Is a Cisco-proprietary value

Answer: B, C.

Identify the true statements regarding PLAR.

A. Requires only a single number to be dialed to reach the intended destination

B. No number needs to be dialed to reach the destination

C. Dynamically creates dial peer statements for POTS configurations only

D. Dynamically created session target statements for VOIP configurations only

Answer: B. The Private-Line Automatic Ringdown (PLAR) allows a call to be placed with no dialing necessary - the call is placed simply by picking up the line.

CCNP Certification / BSCI Exam:

Short answer: What is the OUI of any multicast MAC address?

Answer: The MAC OUI of a multicast address is 01-00-5e.

CCNP Certification / BCMSN Exam:

What is being configured in the following configuration?

MLS(config-slb-sfarm)# real 210.1.1.11

MLS(config-slb-real)# inservice

Answer: That's part of a Server Load Balancing (SLB) configuration.

Identify the true statements regarding LEAP.

A. It's Cisco-proprietary

B. Non-Cisco vendors cannot support LEAP in any way

C. Uses strong one-way authentication

D. Uses a RADIUS server

Answer: A, C, D. LEAP is a Cisco-proprietary protocol, but third-party vendors can support it via the Cisco Compatible Extensions program. The client and the RADIUS server will authenticate each other, resulting in strong two-way authentication.

Fresh-baked questions posted later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Welcome! :)

Coming up later today - Thursday, September 18 - here at The Bryant Advantage:

... my YouTube channel starts later today! Today, I'll be adding two videos, both dealing with Frame Relay switching for Cisco home labs.

Even if you're not working with a home lab right now, all CCNA and CCENT candidates should watch these videos, as both videos review important Frame Relay concepts that you just might see on your exam - and definitely see in the real world!

Upcoming videos will cover important topics for all CCNA, CCENT, and CCNP exams, including the new Security, Wireless, and Voice exams - so be sure to subscribe to my channel! More details here on the blog and in my newsletter later today!

... the answers to Wednesday's CCNA and CCNP practice exam questions will be posted

.... and while you're waiting for the new videos, take a few minutes to take advantage of these free Cisco certification exam resources!

CCENT And CCNA Practice Exams

CCNA Wireless and CCNA Voice Resource Pages

Cisco Certification Exam Tutorials - over 200 free tutorials, articles, and practice exams

Cisco Home Lab Help - over 20 articles to help you set up your own Cisco practice lab!

See you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Wednesday, September 17, 2008

It's Wednesday, September 17, and here are your free Cisco certification exam training questions for today!

CCNA Certification And CCENT Certification:

What command resulted in the following output?

SW2# ?
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 64
Number of existing VLANs : 6
VTP Operating Mode : Server
VTP Domain Name : CCNA

CCNA Security Certification / CCNP ISCW Exam:

Briefly describe a man-in-the-middle attack and propose at least one solution for this network attack.

CCNA Wireless:

Identify the true statements regarding the RSSI.

A. Can be used to compare values from different vendors

B. Cannot accurately compare values from different vendors

C. Measures signal strength

D. Measures direction of the signal

E. Is a Cisco-proprietary value

Identify the true statements regarding PLAR.

A. Requires only a single number to be dialed to reach the intended destination

B. No number needs to be dialed to reach the destination

C. Dynamically creates dial peer statements for POTS configurations only

D. Dynamically created session target statements for VOIP configurations only

CCNP Certification / BSCI Exam:

Short answer: What is the OUI of any multicast MAC address?

CCNP Certification / BCMSN Exam:

What is being configured in the following configuration?

MLS(config-slb-sfarm)# real 210.1.1.11

MLS(config-slb-real)# inservice

CCNP / ONT Exam:

Identify the true statements regarding LEAP.

A. It's Cisco-proprietary

B. Non-Cisco vendors cannot support LEAP in any way

C. Uses strong one-way authentication

D. Uses a RADIUS server

I'll post the answers on Thursday, September 18!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Answers To Last Week's CCNP Practice Exams Have Been Posted!

CCNP ISCW Exam: Virtual Private Networks

CCNP BSCI Exam: Multicasting

CCNP BCMSN Exam: Multilayer Switching And HSRP

Check today's other blog posts for a link to the new CCNA/CCNP video I've posted on the main site, showing you how to configure a frame relay switch - and even if you're not working on a home lab right now, it's a great frame relay review for your studies!

There are more practice exams on the way for you CCNA and CCENT candidates as well, and in the meantime, visit this page - there are quite a few practice exams for you there!

CCNA And CCENT Practice Exams

And regardless of which certification you're pursuing, be sure to take on these Network Troubleshooting Challenges!

CCNA And CCNP Troubleshooting Challenges

Enjoy!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Wednesday, September 17, and here are the answers to yesterday's Cisco practice exam questions!

CCNA Certification And CCENT Certification:

What is the decimal value of the hex character 21Fe?

Just to be sure you're ready for this kind of hex question, I used one more character than most practice exams do. In this case, we have...

2 units of 4096 = 8192

1 unit of 256 = 256

"F" units of 16 = that's 15 units of 16 = 240

"e" units of 1 = that's 14 units of 1 (case doesn't matter) = 14

8192 + 256 + 240 + 14 = 8702

CCNA Security Certification / CCNP ISCW Exam:

Short answer: You've just applied a mirrored VPN configuration to a router. The mirror configuration was created by SDM. What's the one task you must now carry out on that router to have the configuration work?

Answer: Be sure to apply the crypto map to the interface - the mirrored configuration will not include that command.

CCNP Certification / BSCI Exam:

Which of the following is NOT a good scenario for running PIM Sparse Mode?

A. Multicast routers are widely dispersed over the network

B. There are multiple multicast streams at once

C. There are many receivers in each group

D. The multicast traffic will be steady

Answers: C, D. To run PIM Sparse Mode, there should be few receivers in each group, and the multicast traffic itself should be intermittent.

CCNP Certification / BCMSN Exam:

Which of the following statements accurately describes Uplinkfast?

A. Transition from blocking to forwarding takes only a few seconds

B. Cannot be configured on a root switch

C. Is enabled globally rather than a "per-VLAN" basis

D. Good technique for preventing rogue switches from becoming the root bridge of your network

Answer: A, B, C. Uplinkfast really doesn't do much for stopping a rogue switch from becoming your network's root, but the other three statements are accurate.

CCNP / ONT Exam:

Short answer: What's the purpose of a Packet Description Language Module?

Answer: NBAR's capabilities are continually extended through the development of Packet Description Language Modules (PDLM). Not only do these PDLMs allow your NBAR deployment to identify more and more different types of traffic, but a router reload is not necessary, and you don't need a new IOS image.

More questions for you later today, and be sure to check out today's other blog posts for links to new tutorials over on the main site, including a Cisco training video on frame relay switching!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Tuesday, September 16, 2008

Here are your free Cisco CCNA, CCENT, Security, and CCNP questions for Tuesday, September 15!

I've also posted a brand-new Cisco home lab video tutorial on the website, and even if you're not working on a home lab right now, this video reviews imporant Frame Relay concepts - so look for that link in today's blog posts and start watching!

Here are today's questions....

CCNA Certification And CCENT Certification:

What is the decimal value of the hex character 21Fe?

CCNA Security Certification / CCNP ISCW Exam:

CCNP Certification / BSCI Exam:

Which of the following is NOT a good scenario for running PIM Sparse Mode?

A. Multicast routers are widely dispersed over the network

B. There are multiple multicast streams at once

C. There are many receivers in each group

D. The multicast traffic will be steady

CCNP Certification / BCMSN Exam:

Which of the following statements accurately describes Uplinkfast?

A. Transition from blocking to forwarding takes only a few seconds

B. Cannot be configured on a root switch

C. Is enabled globally rather than a "per-VLAN" basis

D. Good technique for preventing rogue switches from becoming the root bridge of your network

Short answer: What's the purpose of a Packet Description Language Module?

I'll have the answers right here for you on Wednesday, September 17!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Here are the answers to your free Cisco practice exam questions posted on Monday, September 15!

CCNA Certification And CCENT Certification:

What's the net effect of the following two commands?

line con 0
exec-timeout 0 0
logging synchronous

Answer: Setting the exec-timeout command to zero minutes and zero seconds effectively disables the console line timeout, since that's where we're configuring the command. The logging synchronous command prevents console messages from appearing while you're entering a command; the message will appear after you hit Enter.

Both of these are great Cisco home lab commands, and they just might pop up on an exam or two as well!

CCNA Security Certification / CCNP ISCW Exam:

The configuration of which of the following must include a Crypto ACL?

A. IOS Firewall

B. DMZ

C. VPN

D. IPS

E. IDS

Extra credit: What exactly does a Crypto ACL do, anyway?

Answer: C. You'll need a Crypto ACL with a VPN configuration, and it's the Crypto ACL that indicates the traffic that should be protected by the VPN.

CCNA Wireless:

Which of the following uses AES as its encryption method?

A. WEP

B. WPA

C. WPA2

D. AH

E. ESP

Answer: C.

An Auxilary VLAN is designed to carry what kind(s) of traffic?

A. voice

B. low-priority data

C. video

D. multicasting control traffic (in PIM Dense only)

E. multicasting control traffic (for both PIM Dense and Sparse)

F. network control traffic

Answers: A, C. This particular type of VLAN is designed to carry voice and video traffic.

CCNP Certification / BSCI Exam:

Short answer: The reserved IP address 224.0.0.2 is reserved for what protocol, network service, or router transmission type?

Answer: 224.0.0.2 is the "all routers" multicast address.

CCNP Certification / BCMSN Exam:

Which of the following can be specifically configured to protect against a rogue switch becoming the root switch of your network?

A. BPDU Guard

B. Uplinkfast

C. Backbonefast

D. Root Guard

Answers: A, D. Both BDPU Guard and Root Guard can help prevent this situation.

CCNP / ONT Exam:

Short answer: What is the Nyquist Theorem?

Answer: We need a guideline for how many voice samples to take, and the Nyquist Theorem is that guideline. According to this theorem, the sampling rate should be twice as high as the highest frequency of the signal for the signal to be accurately rebuilt at the destination.

I'll have new questions for you later today! I've also posted answers to the three CCNP exams I posted on the website, along with a brand-new CCNA/CCNP home lab video on configuring a frame relay switch - look for links to all these great features in today's other blog posts!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Welcome! :)

Coming up later today - Tuesday, September 16 - here at The Bryant Advantage:

... the first in a series of Cisco Video Tutorials. If you've wondered why you need a frame relay switch in your Cisco home lab, or how to configure one, these free videos will show you everything you need to know!

And even if you're not working on a Cisco home lab right now, there are some important frame relay configs and tips for you CCNA and CCENT candidates!

... the answers to Monday's CCNA and CCNP practice exam questions

... and more! In the meantime, spend some time with these free Cisco certification training resources, and I'll see you later today here on the blog!

CCENT And CCNA Practice Exams

CCNA Wireless and CCNA Voice Resource Pages

Cisco Certification Exam Tutorials - over 200 free tutorials, articles, and practice exams

Cisco Home Lab Help - over 20 articles to help you set up your own Cisco practice lab!

See you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Monday, September 15, 2008

It's Monday, September 15, and here are your complimentary Cisco practice exam questions for today!

Be sure to check today's other blog postings for links to the latest Cisco tutorials that have been posted over on the main site!

CCNA Certification And CCENT Certification:

What's the net effect of the following two commands?

line con 0
exec-timeout 0 0
logging synchronous

CCNA Security Certification / CCNP ISCW Exam:

The configuration of which of the following must include a Crypto ACL?

A. IOS Firewall

B. DMZ

C. VPN

D. IPS

E. IDS

Extra credit: What exactly does a Crypto ACL do, anyway?

CCNA Wireless:

Which of the following uses AES as its encryption method?

A. WEP

B. WPA

C. WPA2

D. AH

E. ESP

CCNP Certification / BSCI Exam:

An Auxilary VLAN is designed to carry what kind(s) of traffic?

A. voice

B. low-priority data

C. video

D. multicasting control traffic (in PIM Dense only)

E. multicasting control traffic (for both PIM Dense and Sparse)

F. network control traffic

CCNP Certification / BSCI Exam:

Short answer: The reserved IP address 224.0.0.2 is reserved for what protocol, network service, or router transmission type?

CCNP Certification / BCMSN Exam:

Which of the following can be specifically configured to protect against a rogue switch becoming the root switch of your network?

A. BPDU Guard

B. Uplinkfast

C. Backbonefast

D. Root Guard

CCNP / ONT Exam:

Short answer: What is the Nyquist Theorem?

Answers will be posted on Tuesday, September 16. Check today's other blog posts for links to new CCNP exams that have been posted on the website, and look for my CCNA And CCNP Video Tutorial Series - that starts later this week!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Here are the answers to the Cisco CCENT, CCNA, and CCNP practice exam questions posted on Saturday, September 13!

CCNA Certification And CCENT Certification:

In a hub-and-spoke OSPF NBMA network, which router should serve as the Designated Router? What is the most common method of making that particular router the OSPF DR?

Answer; The hub must be the DR, and the most common way of doing so is setting the OSPF interface priority of the spoke routers to zero (the default priority is 1).

CCNA Security Certification / CCNP ISCW Exam:

Which of the following are considered reconnaissance attacks, and which are access attacks?

A. ping sweep

B. port scan

C. password attack

D. trust exploitation

E. DSL query

Answer: Password attacks and trust exploitations are considered access attacks. The other three attacks are recon attacks - attacks that are not primarily created to cause damage, but to gather information for future, more destructive attacks.

CCNP Certification / BSCI Exam:

You're deciding on which PIM method to use. The sender and recipients of multicast traffic are physically close, and there will be few senders. However, you've got a relatively large number of recipients. What is your best choice?

A. PIM Sparse

B. PIM Dense

C. PIM Sparse-Dense

D. PIM Broadcast

Answer: B. That's a great scenario in which to use PIM Dense mode.

CCNP Certification / BCMSN Exam:

Short answer: You're configuring HSRP and need to set the MAC address of the virtual router to 22-33-44-bb-cc-dd. Can this be done? If so, how?

Answer: Yes, you can do that, with the standby mac-address command, as demonstrated here:

R2(config-if)#standby 5 mac-address 2233.44bb.ccdd

CCNP / ONT Exam:

AutoQos uses one particular queuing strategy for voice traffic and another for "regular" data. Name both.

Answer: LLQ for voice traffic, WRR for data.

Fresh-baked questions available later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Welcome back! :)

Coming up later today - Monday, September 15 - here at The Bryant Advantage:

.. a new CCNA Security exam tutorial

... the first in a series of Cisco Video Tutorials. If you've wondered why you need a frame relay switch in your Cisco home lab, or how to configure one, these free videos will show you everything you need to know!

And even if you're not putting a home lab together right now, these videos will still help you in your exam prep!

... the answers to Saturday's CCNA and CCNP practice exam questions

... and more! In the meantime, spend some time with these free Cisco certification training resources, and I'll see you later today here on the blog!

CCNA And CCENT Practice Exams

CCNA Wireless and CCNA Voice Resource Pages

Cisco Tutorials Page - over 200 free tutorials, articles, and practice exams

Cisco Home Lab Help - over 20 articles to help you set up your own Cisco practice lab, and later this week I'll be adding videos to that page as well!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Saturday, September 13, 2008

Here are your Cisco certification practice exam questions for Saturday, September 13!

CCNA Voice and Wireless questions return on Monday!

CCNA Certification And CCENT Certification:

In a hub-and-spoke OSPF NBMA network, which router should serve as the Designated Router? What is the most common method of making that particular router the OSPF DR?

CCNA Security Certification / CCNP ISCW Exam:

Which of the following are considered reconnaissance attacks, and which are access attacks?

A. ping sweep

B. port scan

C. password attack

D. trust exploitation

E. DSL query

CCNP Certification / BSCI Exam:

CCNP Certification / BCMSN Exam:

Short answer: You're configuring HSRP and need to set the MAC address of the virtual router to 22-33-44-bb-cc-dd. Can this be done? If so, how?

CCNP / ONT Exam:

AutoQos uses one particular queuing strategy for voice traffic and another for "regular" data. Name both.

I'll post the answers right here on Sunday, September 14. Check today and yesterday's other blog posts for new CCNP and CCNA Security tutorials and practice exams that have been posted over on the main site!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Only 41 40 Days Until My CCNA Security Study Package Is Released....

But Why Wait? Start Studying Today And Save Money, Too!

Big News - The CCNA Security Study Package will also be available in hard copy, and you can still begin studying just minutes from now!

I've been around Cisco certifications for over 10 years, and I've never seen anything like the positive response to the new CCNA certifications, especially CCNA Security.

As you know, you've got to earn your CCNA before you can take these new exams, and plenty of you are doing that right now - more of you than ever before!

My inbox has been flooded with emails wanting to know how long it'll be before my CCNA Security Study Package is ready.

Well, I've got great news - you can click on that link and start working on your CCNA Security certification less than five minutes from now, using the same techniques I've used to help certification candidate around the world earn their CCNA, CCNP, and CCENT!

Not only that, but you now have the opportunity to save serious money at the same time - by locking in the lowest price I've ever put on one of my Study Packages!

You can start working on your CCNA Security certification right away, and you save 30% on the regular price of my Study Packages. You also now have the option of purchasing a hard copy edition!

Take advantage of this opportunity and start working on your CCNA Security certification now - just click this link!

The Ultimate CCNA Security Study Package

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Saturday, September 13, and here are the answers to yesterday's Cisco practice exam questions!

CCNA Certification And CCENT Certification:

Which of the following is a major difference between OSPF and EIGRP?

A. EIGRP is strictly a link state protocol, OSPF is not.

B. EIGRP is strictly a distance vector protocol, OSPF is not.

C. EIGRP is Cisco-proprietary, OSPF is not.

D. None of these statements is accurate.

Answer: C. EIGRP is a Cisco-proprietary protocol, but OSPF is not.

CCNA Security Certification / CCNP ISCW Exam:

5. What command resulted in the following output?

R2#
Clock is synchronized, stratum 10, reference is 172.12.23.3
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**19
reference time is CBB9CEC8.17FBD1B8 (15:05:44.093 UTC Wed Apr 23 2008)

Answer: show ntp status, an excellent starting point for NTP verification and troubleshooting.

Short answer: In multicasting, what command configures a router as a C-RP?

Another short answer: What the heck is a C-RP, anyway?

Answers: A C-RP is a Candidate Rendezvous Point, and you configured a router as a C-RP as follows:

R2(config)# ip pim rp-candidate

CCNP Certification / BCMSN Exam:

Short answer: To enable BPDU Filtering or BPDU Guard, what other port-level service must first be running?

Answer: Portfast must be running on the interface.

CCNP / ONT Exam:

Short answer: What is the default username for the Location Appliance?

Another short answer: What's the default password for the Location Appliance?

Answers: They're both "admin". I recommend you change those. :)

I'll have more practice questions for you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Friday, September 12, 2008

It's Friday, September 12, and here are your Cisco practice exam questions for today!

Be sure to check today's other blog posts for links to new CCNA Security tutorials and three new practice exams that have been posted this week!

CCNA Certification And CCENT Certification:

Which of the following is a major difference between OSPF and EIGRP?

A. EIGRP is strictly a link state protocol, OSPF is not.

B. EIGRP is strictly a distance vector protocol, OSPF is not.

C. EIGRP is Cisco-proprietary, OSPF is not.

D. None of these statements is accurate.

CCNA Security Certification / CCNP ISCW Exam:

5. What command resulted in the following output?

R2#
Clock is synchronized, stratum 10, reference is 172.12.23.3
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**19
reference time is CBB9CEC8.17FBD1B8 (15:05:44.093 UTC Wed Apr 23 2008)

CCNP Certification / BSCI Exam:

Short answer: In multicasting, what command configures a router as a C-RP?

Another short answer: What the heck is a C-RP, anyway?

CCNP Certification / BCMSN Exam:

Short answer: To enable BPDU Filtering or BPDU Guard, what other port-level service must first be running?

CCNP / ONT Exam:

Short answer: What is the default username for the Location Appliance?

Another short answer: What's the default password for the Location Appliance?

I'll have the answers right here on Saturday, September 13!

Several new CCNP practice exams have been posted - be sure to read today's other blog posts for links to those exams!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Friday, September 12, and here are the answers to Thursday's CCNA, CCNP, and CCENT practice exam qustions.

CCNA Wireless and Voice questions return on Monday!

CCNA Certification And CCENT Certification:

What purposes do the BECN, FECN, and DE bits in Frame Relay serve?

Answer: When a frame arrives at a router with the FECN bit set, that means congestion was encountered in the direction in which the frame was traveling.

When a frame arrives at a router with the BECN bit set, congestion was encountered in the opposite direction in which the frame was traveling.

Frames are sometimes dropped as a result of congestion, and frames with the DE bit set will be dropped before frames without that bit set. Basically, setting the DE bit on a frame indicates data that's considered less important than data without the DE bit set.

CCNA Security Certification / CCNP ISCW Exam:

You're configuring authentication in your Network Time Protocol deployment. What authentication options are available in NTP?

A. MD5

B. Bellman-Ford

C. clear text

D. CHAP

E. PAP

F. None

Answer: A. MD5 is the only option, as shown by IOS Help:

R1(config)#ntp authentication-key 1 ?

md5 MD5 authentication

CCNP Certification / BSCI Exam:

What device sits at the top of a multicast tree?

A. The source of the packets

B. The destination of the packets

C. A multilayer switch

D. The root bridge

Answer: A. The packet source is found at the top of our multicast tree.

CCNP Certification / BCMSN Exam:

A router or multilayer switch goes through the following stages in HSRP. Put the stages in order, from beginning to end.

A. Listen

B. Learn

C. Active

D. Disabled

E. Init

F. Speak

G. Standby

Answer: Here's the order without the letters:

Disabled, Init, Learn, Listen, Speak, Standby, Active

I'll have a new CCNP exam tutorial on this subject on the website over the weekend, with a link here in the blog!

When it comes to configuring COPP and applying it to the Control Plane, in which direction(s) can QoS be applied?

A. Both inbound and outbound

B. Inbound only

C. Outbound only

D. Neither inbound nor outbound

Answer: This can be applied on an inbound and outbound basis.

I'll have new questions here on the blog later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Thursday, September 11, 2008

Cisco Sales And Service $$$ Continue To Climb - Get Certified Now And Get Your Share Of It!

Cisco has reported another strong quarter in both sales and service... check out these numbers!

Product sales rose 8.8%

Service sales climbed 16%

Someone's got to install and troubleshoot all of this equipment - and Cisco certified network admins are at the front of the line!

Whether you're just getting started with your Cisco studies for the CCENT exam, working on your CCNA, or adding the CCNP to your resume, the facts are clear:

There's never been a better or more important time to earn your Cisco certifications.

Get started right now!

The Ultimate CCENT Study Package

The Ultimate CCNA Study Package

The Ultimate CCNP Study Package Bundle

All downloadable in minutes, and all 100% satisfaction guaranteed! I'm ready to help you build a brighter future by coaching you all the way to your Cisco certifications and your career goals.

If you prefer video training for your CCENT and CCNA, my CCNA Video Boot Camp brings you over 25 hours of clearly-explained theory and lab after lab on REAL Cisco routers and switches - plus my friends at Trainsignal are giving away a FREE Windows Server 2008 CBT with every purchase, while they last!

Just click this image to see samples and a full course outline:

Click those links and let's get started!

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Source: Wall Street Journal Online, August 5.

It's Thursday, September 11, and here are your Cisco training questions for today!

Be sure to check today's other blog posts for links to new CCNA Security tutorials and three new practice exams.

CCNA Certification And CCENT Certification:

What purposes do the BECN, FECN, and DE bits in Frame Relay serve?

CCNA Security Certification / CCNP ISCW Exam:

You're configuring authentication in your Network Time Protocol deployment. What authentication options are available in NTP?

A. MD5

B. Bellman-Ford

C. clear text

D. CHAP

E. PAP

F. None

CCNP Certification / BSCI Exam:

What device sits at the top of a multicast tree?

A. The source of the packets

B. The destination of the packets

C. A multilayer switch

D. The root bridge

CCNP Certification / BCMSN Exam:

A router or multilayer switch goes through the following stages in HSRP. Put the stages in order, from beginning to end.

A. Listen

B. Learn

C. Active

D. Disabled

E. Init

F. Speak

G. Standby

CCNP / ONT Exam:

I'll have the answers right here on Friday, September 12!

Several new CCNP practice exams have been posted - be sure to read today's other blog posts for links to those exams!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Welcome back, my friends, to the Cisco questions that never end!

Here are the answers to Wednesday's questions!

CCNA Certification And CCENT Certification:

In the world of Frame Relay, what does "CIR" stand for? More importantly, what does it mean?

Answer: That's the Committed Information Rate, and it's the amount of bandwidth that your service provider guarantees you.

CCNA Security Certification / CCNP ISCW Exam:

You're working with an IPS, and you're prompted about something called "SDEE". What is it, and what is its purpose?

Answer: SDEE (Security Device Event Exchange) is an application-layer protocol that allows the exchange of messages between an IPS server and client. SDEE pulls logs from our routers, and these logs can be viewed in SDM, as shown in the partial screen shot from my CCNA Security Study Package:

CCNP Certification / BSCI Exam:

You're configuring a customer's Cisco switch and note something called "IGMP Snooping" is enabled. Is this desirable? What exactly is being snooped upon?

Answer: It's desirable, and the IGMP reports being sent from a host to a multicast router are being "snooped" upon.

The switch listens to these reports and records the multicast group's MAC address and the switch port upon which the IGMP report was received. This allows the switch to learn which ports actually need the multicast traffic, and will send it only to those particular ports instead of flooding the traffic.

CCNP Certification / BCMSN Exam:

What command will change the port cost of interface fast 0/12 on a Cisco switch to 9 for ALL VLANs? Where should this command be placed?

Answer: On the interface, configure spanning-tree cost 9.

Which of the following LEAP versions involves more than one secure certificate?

A. LEAP

B. EAP-FAST

C. EAP-PEAP

D. EAP-TLS

Answer: D. When using EAP-TLS, both the client and server will have a secure certificate. ( With PEAP, only the server has a secure certificate.)

I'll be back later today with another set of questions - and be sure to check today's other blog posts for links to three new practice exams that have been posted on the website!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Wednesday, September 10, 2008

Here are your Cisco practice exam questions for Wednesday, September 10!

Be sure to check today's other blog posts for links to new CCNA Security tutorials and three new practice exams!

CCNA Certification And CCENT Certification:

In the world of Frame Relay, what does "CIR" stand for? More importantly, what does it mean?

CCNA Security Certification / CCNP ISCW Exam:

You're working with an IPS, and you're prompted about something called "SDEE". What is it, and what is its purpose?

CCNP Certification / BSCI Exam:

You're configuring a customer's Cisco switch and note something called "IP Snooping" is enabled. Is this desirable? What exactly is being snooped upon?

CCNP Certification / BCMSN Exam:

What command will change the port cost of interface fast 0/12 on a Cisco switch to 9 for ALL VLANs? Where should this command be placed?

CCNP / ONT Exam:

Which of the following LEAP versions involves more than one secure certificate?

A. LEAP

B. EAP-FAST

C. EAP-PEAP

D. EAP-TLS

I'll have the answers right here on Thursday, September 11! I'm also posting several new practice exams on the main site - look for links in today's other blog posts!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Wednesday, September 10, and here are the answers to Tuesday's Cisco practice exam questions!

CCNA Certification And CCENT Certification:

What loop prevention service or protocol is in effect in the following command output? What command produced the output?

R3# ?
RIP: sending v2 update to 224.0.0.9 via Serial0 (172.12.123.3)
172.12.123.0/24 -> 0.0.0.0, metric 1, tag 0
1.1.1.1/32 -> 172.12.123.1, metric 2, tag 0
2.2.2.2/32 -> 172.12.123.2, metric 3, tag 0
3.3.3.3/32 -> 0.0.0.0, metric 16, tag 0

Answer: The command is debug ip rip, and the last route shows route poisoning in effect.

CCNA Security Certification / CCNP ISCW Exam:

Which of the following are enabled in SDM's IPS wizard by default?

A. Enable Syslog Notification

B. Engine Fail Closed

C. Enable Deny Action On IPS Interface

D. Use Built-In Signature (As Backup)

Answers: A, C.

CCNA Wireless:

Name the four WMM preset priority levels and the traffic type handled by each level.

Answer:

Platinum (for voice)
Gold (for video)
Silver (for everything else - best-effort)
Bronze (background traffic)

Of MGCP, SIP, and H.323, which are IETF standard signaling protocols?

Answers: MGCP and SIP. H.323 is an ITU standard.

CCNP Certification / BSCI Exam:

What version of PIM can be described as a strict "flood-and-prune" operation?

A. Sparse

B. Flood

C. Dense

D. Sparse-Dense

Answer: C.

CCNP Certification / BCMSN Exam:

The following commands are changing how many default values?

SW1(config)#spanning vlan 1 hello 2
SW1(config)#spanning vlan 1 forward-time 10
SW1(config)#spanning vlan 1 max-age 15

Answer: Two - the default forward-time is 15 seconds, and the default max-age value is 20 seconds. The Hello interval is two seconds by default.

Which of the following can NBAR not analyze?

A. non-IP traffic

B. packet fragments

C. MPLS packets

D. packets created or destined for the local router

Answer: A, B, C, D.

More questions later today, along with three new practice exams! See you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Tuesday, September 09, 2008

Here are your CCNA, CCENT, and CCNP questions for Tuesday, September 9!

CCNA Certification And CCENT Certification:

What loop prevention service or protocol is in effect in the following command output? What command produced the output?

R3# ?
RIP: sending v2 update to 224.0.0.9 via Serial0 (172.12.123.3)
172.12.123.0/24 -> 0.0.0.0, metric 1, tag 0
1.1.1.1/32 -> 172.12.123.1, metric 2, tag 0
2.2.2.2/32 -> 172.12.123.2, metric 3, tag 0
3.3.3.3/32 -> 0.0.0.0, metric 16, tag 0

CCNA Security Certification / CCNP ISCW Exam:

Which of the following are enabled in SDM's IPS wizard by default?

A. Enable Syslog Notification

B. Engine Fail Closed

C. Enable Deny Action On IPS Interface

D. Use Built-In Signature (As Backup)

CCNA Wireless:

Name the four WMM preset priority levels and the traffic type handled by each level.

Of MGCP, SIP, and H.323, which are IETF standard signaling protocols?

CCNP Certification / BSCI Exam:

What version of PIM can be described as a strict "flood-and-prune" operation?

A. Sparse

B. Flood

C. Dense

D. Sparse-Dense

Which of the following can NBAR not analyze?

A. non-IP traffic

B. packet fragments

C. MPLS packets

D. packets created or destined for the local router

I'll have the answers right here on Wednesday, September 10!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Tuesday, September 9, and here are the answers to yesterday's Cisco practice exam questions!

CCNA Certification And CCENT Certification:

What command resulted in the following output, and on what device did you run this command?

C:\> ?

Internet Address Physical Address Type
10.3.1.2 11-11-11-11-11-11 dynamic

Answer: The command is arp -a, and you're running that on a PC. To see the ARP cache of a Cisco router, run the show arp command.

CCNA Security Certification / CCNP ISCW Exam:

Which of the following statements regarding views and superviews is FALSE?

A. A single IOS command can be contained in one view.

B. A view can be contained in more than one superview.

C. Commands can be directly assigned to both views and superviews.

D. Superviews and views require a password upon creation.

Answer: C. Commands are assigned to views, and views are then assigned to superviews. Commands can't be directly assigned to superviews.

CCNA Wireless:

Both DSSS and OFDM are methods of using spread spectrum. Describe how each performs this "signal spreading".

Answer: DSSS (Direct Sequence Spread Spectrum) doesn't have the signal hop around between frequencies, but instead spreads the signal over the entire range of frequencies at once.

OFDM (Orthogonal Frequency Division Multiplexing) splits the signal and sends the signal fragments over different frequencies at the same time.

Of MGCP, H.323, and SIP, which are considered centralized call control signaling protocols?

Answer: MGCP is the only centralized protocol. The others are distributed signaling protocols.

CCNP Certification / BSCI Exam:

In IGMP version 1, a host can join a multicast group in two different ways. Name them.

Answer: Either by sending a Membership Report or responding to a Membership Request.

CCNP Certification / BCMSN Exam:

What is the net effect of the following switching configuration?

SW1(config)#spanning vlan 1 hello 5
SW1(config)#spanning vlan 1 forward-time 12
SW1(config)#spanning vlan 1 max-age 15

Answer: From top to bottom....

The Root Bridge will send Configuration BPDUs every 5 seconds.

The listening and learning states will each last 12 seconds.

The switch will retain the contents of a superior BPDU for 15 seconds before discarding it.

BTW, these changes will only take effect if configured on the root bridge.

If you're running AutoQoS on an interface and then change its bandwidth value, do you have to do anything to have AutoQoS use the new setting? If so, what?

Answer: You need to run the AutoQoS process over again - the process does not dynamically adapt to a change in the bandwidth command.

I'll have more questions for you later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Monday, September 08, 2008

It's Monday, September 8, and here are your Cisco CCNA, CCENT, and CCNP questions for today!

CCNA Certification And CCENT Certification:

What command resulted in the following output, and on what device did you run this command?

C:\> ?

Internet Address Physical Address Type
10.3.1.2 11-11-11-11-11-11 dynamic

CCNA Security Certification / CCNP ISCW Exam:

Which of the following statements regarding views and superviews is FALSE?

A. A single IOS command can be contained in one view.

B. A view can be contained in more than one superview.

C. Commands can be directly assigned to both views and superviews.

D. Superviews and views require a password upon creation.

CCNA Wireless:

Both DSSS and OFDM are methods of using spread spectrum. Describe how each performs this "signal spreading".

Of MGCP, H.323, and SIP, which are considered centralized call control signaling protocols?

CCNP Certification / BSCI Exam:

In IGMP version 1, a host can join a multicast group in two different ways. Name them.

If you're running AutoQoS on an interface and then change its bandwidth value, do you have to do anything to have AutoQoS use the new setting? If so, what?

I'll have the answers right here on Tuesday, September 9!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Monday, September 8, and here are the answers to this past Saturday's Cisco certification exam practice questions!

CCNA Certification And CCENT Certification:

You see this line on your router's VTY lines: transport input ssh

What's the net effect of this command on incoming Telnet connections?

A. None - the VTY lines have nothing to do with Telnet.

B. Telnet connections will be allowed with the password ssh.

C. Telnet connections will not be allowed, but secure connections will be.

D. Telnet connections are considered secure, so they will be allowed.

Answer: C. That line will allow Secure Shell connections (SSH), but not Telnet connections.

CCNA Security Certification / CCNP ISCW Exam:

You see the following icons in SDM:

Which section of SDM are you currently in?

A. Home

B. Configure

C. Monitor

D. Troubleshoot

E. Verify

Answer: C. We've spent almost all of our time so far in the Configure section, so I thought I'd show you the Monitor section - which you'll see plenty of in my upcoming CCNA Security Study Package!

CCNA Wireless:

Short answer: What's the main difference between a password and a passphrase?

Answer: Length. Passphrases are longer than passwords, which is why many end users prefer passwords - and why network admins prefer passphrases!

What two options will IOS Help display for this command?

R1(config-if)#ip rtp header-compression ?

Answer:

R1(config-if)#ip rtp header-compression ?
iphc-format Compress using IPHC format
passive Compress only for destinations which send compressed headers

CCNP Certification / BSCI Exam:

Match the reserved multicast IP addresses to their protocol or common usage.

Addresses: 224.0.1.1, 224.0.0.1, 224.0.0.2, 224.0.0.9, 224.0.0.6

A. All OSPF DRs (224.0.0.6)

B. NTP (224.0.1.1)

C. "All Hosts" (224.0.0.1)

D. "All multicast routers" (224.0.0.2)

E. "All RIPv2 routers" (224.0.0.9)

Answers are shown next to the descriptions above.

CCNP Certification / BCMSN Exam:

Short answer: What is CCX, and what is its main purpose?

Answer: The Cisco Compatible Extension website helps you answer this musical question:

"How The $&!(*% Can I Figure Out Which Equipment Supports Which Features?"

CCNP / ONT Exam:

What do the following terms have in common as they relate to AutoQoS?

voice, signaling, transactional, scavenger, bulk, management

Answer: Those are five of the default class maps created by the AutoQoS procedure.

Saturday, September 06, 2008

The answers to my latest three CCNA and CCNP practice exams have been posted!

For CCNA candidates, here's a new practice test for you on EIGRP:

CCNA Practice Exam: EIGRP

For CCNP candidates preparing for the BSCI exam, here's a new practice test on BGP:

CCNP Certification / BSCI Exam: BGP Practice Test Questions

And here's a new CCNA Security practice exam on VPNs!

CCNA Security Practice Exam: Virtual Private Networks

And when you're done there, be sure to read today and yesterday's other blog links for plenty of links to Cisco practice exams, articles, and fully-illustrated tutorials just waiting for you over on the website!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Cisco Has Announced Three Additional CCNA Certifications -

But To Earn Them, You've Got To Be CCNA Certified, So Get Started Today!

Cisco has announced three brand-new CCNA-level Certifications:

CCNA Security

CCNA Voice

CCNA Wireless

Those links go to new resource pages on the main website, where I'll post free tutorials and video training for all three certifications in the days and weeks ahead - be sure to bookmark them! (There's a new CCNA Security tutorial on that particular page.)

These new certifications are going to be a tremendous career boost to those who earn them.

Why? Just look at these statistics!

Security: Right now, 46% of companies included in the survey have a position dedicated to security - that's going to almost double over the next five years to 80%.

Voice: Currently, 40% of surveyed customers have a voice specialist. That number will rise to 69% in the next five years.

Wireless: While 33% of surveyed companies currently have a position dedicated to wireless, that value will double over the next five years to 66%.

(Stats were arrived at by Forrester Consulting during a study sponsored by Cisco. You can get a copy here.)

Those statistics tell a simple tale:

Network admins who have knowledge and certification in security, wireless, and voice will have a huge advantage over network admins who do not.

That's why Cisco is introducing these new certifications, and exactly why I'll be releasing Study Packages for all three of these specializations, beginning in September!

There's one detail you need to take care of now, though.

To earn any of these CCNA specialist certifications, you must earn your CCNA first, by either the one-exam (640-802) path or the two exam path (ICND 1 and 2).

This announcement by Cisco makes it more important than ever to be CCNA certified. Be ready to earn these new certifications by earning your CCNA now!

Thousands of CCNA candidates around the world have used my CCNA Study Package to do just that. Take five minutes to read this page - it's more important than ever.

The Ultimate CCNA Study Package

Over the rest of the year, I'll be releasing Study Packages for CCNA Security, CCNA Voice, and CCNA Wireless. While I'm working on those, you need to be working on your CCNA to take advantage of these vital new certifications.

Click that link and let's get started!

The Ultimate CCNA Study Package

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Here are your Cisco CCNA, CCENT, and CCNP questions for Saturday, September 6!

All of today's questions are short answer.

CCNA Certification And CCENT Certification:

You see this line on your router's VTY lines: transport input ssh

What's the net effect of this command on incoming Telnet connections?

A. None - the VTY lines have nothing to do with Telnet.

B. Telnet connections will be allowed with the password ssh.

C. Telnet connections will not be allowed, but secure connections will be.

D. Telnet connections are considered secure, so they will be allowed.

CCNA Security Certification / CCNP ISCW Exam:

You see the following icons in SDM:

Which section of SDM are you currently in?

A. Home

B. Configure

C. Monitor

D. Troubleshoot

E. Verify

Short answer: What's the main difference between a password and a passphrase?

What two options will IOS Help display for this command?

R1(config-if)#ip rtp header-compression ?

CCNP Certification / BSCI Exam:

Match the reserved multicast IP addresses to their protocol or common usage.

Addresses: 224.0.1.1, 224.0.0.1, 224.0.0.2, 224.0.0.9, 224.0.0.6

A. All OSPF DRs

B. NTP

C. "All Hosts"

D. "All multicast routers"

E. "All RIPv2 routers"

CCNP Certification / BCMSN Exam:

Short answer: What is CCX, and what is its main purpose?

CCNP / ONT Exam:

What do the following terms have in common as they relate to AutoQoS?

voice, signaling, transactional, scavenger, bulk, management

I'll post the answers on Sunday, September 7, and I've got some new practice exams and tutorials on the way for you as well!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Saturday, September 6, and here are the answers to yesterday's Cisco practice exam questions!

Be sure to check today and yesterday's blog posts for links to new CCNA Security tutorials, and I'll have several new CCNA and CCNP exams posted over the weekend with links here in the blog as well!

CCNA Certification And CCENT Certification:

What command resulted in the following output?

R3# ?
All possible debugging has been turned off

Answer: The command was undebug all, or "u all" for short!

CCNA Security Certification / CCNP ISCW Exam:

With regards to the IOS Firewall Feature Set, what is "generic inspection"? What methods of generic inspection are available?

Answer: If you want to inspect all TCP and/or UDP connections, you can specify TCP and/or UDP as the inspected protocol in the ip inspect command rather than a more-specific entry. This is generic inspection. The options are TCP and UDP.

CCNA Wireless:

What version of EAP involves a RADIUS server and strong two-way authentication between client and server?

Answer: Cisco's Lightweight Extensible Authentication Protocol (LEAP). The RADIUS server will authenticate the client, and then the client will authenticate the RADIUS server, resulting in strong two-way authentication.

Describe briefly which countries generally prefer the linear quantization method, and which ones generally prefer the logarithmic method.

Answer: Linear is primarily used in the Unites States, and logarithmic is primarily used everywhere else!

CCNP Certification / BSCI Exam:

What command network service or protocol uses the reserved IP address 224.0.0.12?

Answer: HSRP uses that reserved address.

CCNP Certification / BCMSN Exam:

After you resolve the issue that resulted in the following console output, what should you do next?

05:06:04: %PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/7, puttingFa0/7 in err-disable state

05:06:04: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 000f.f773.ed20 on port FastEthernet0/7.

Answer: You need to bring the port out of err-disabled state, so just shut and reopen the port after resolving the issue - which in this case, of course, is a port-security violation.

What part do access points play in the Cisco Self-Healing Network?

Answer: When an AP is lost, the CiscoWorks Wireless LAN Solution Engine (WLSE) will tell that AP's neighbors to increase their cell coverage, which allows the users who were connected to the now-lost AP to still connect to the wireless network.

More questions, practice exams, and Cisco tutorials to come over the weekend!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Friday, September 05, 2008

It's Friday, September 5, and here are your free Cisco certification exam training questions for today!

Be sure to check today's other blog postings for links to the latest Cisco tutorials that have been posted over on the main site!

Let's take a look at today's questions! All of today's questions are short answer.

CCNA Certification And CCENT Certification:

What command resulted in the following output?

R3# ?
All possible debugging has been turned off

CCNA Security Certification / CCNP ISCW Exam:

With regards to the IOS Firewall Feature Set, what is "generic inspection"? What methods of generic inspection are available?

CCNA Wireless:

What version of EAP involves a RADIUS server and strong two-way authentication between client and server?

Describe briefly which countries generally prefer the linear quantization method, and which ones generally prefer the logarithmic method.

CCNP Certification / BSCI Exam:

What command network service or protocol uses the reserved IP address 224.0.0.12?

CCNP Certification / BCMSN Exam:

After you resolve the issue that resulted in the following console output, what should you do next?

05:06:04: %PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/7, puttingFa0/7 in err-disable state

05:06:04: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 000f.f773.ed20 on port FastEthernet0/7.

CCNP / ONT Exam:

What part do access points play in the Cisco Self-Healing Network?

I'll post the answers on Saturday, September 6!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Here are the answers to Thursday, September 4's Cisco practice exam questions!

CCNA Certification And CCENT Certification:

You're configuring a point-to-point connection between a non-Cisco router and a Cisco router. Which of the following combinations of PTP protocols will function correctly on this combination?

A. Use HDLC on both routers.

B. Use PPP on both routers.

C. Use HDLC on the Cisco router and PPP on the non-Cisco router.

D. Use PPP on the Cisco router and HDLC on the non-Cisco router.

Answer: B. The HDLC version used by Cisco routers is Cisco-proprietary, so we have to use PPP. If you mix encapsulation types, the line protocol will go down and stay there.

You're entering a username and password for a Telnet connection to a Cisco router. Which of the following describes the display defaults?

A. You'll see the username in plain text.

B. You'll see asterisks for the username as you enter it.

C. You'll see nothing for the username - not even the cursor moving.

D. You'll see the password in plain text.

E. You'll see asterisks for the password as you enter it.

F. You'll see nothing for the password - the cursor will not even move.

Answer: A, F. You'll see the username appear in clear text, but the cursor will not move as you enter the password.

CCNA Wireless:

You're using HTTP to open a connection to your Wireless Control System. What will happen?

A. Nothing unusual, you'll be prompted for a username and password.

B. You'll first be redirected to an HTTPS connection.

C. You'll first be redirected to an SNMP connection.

D. Your connection will fail.

Answer: B. You'll be redirected to a Secure HTTP connection.

What service can redirect a VOIP call to the PSTN when CallManager determines that there is not enough bandwidth available for a high-quality VOIP call?

Answer: When CallManager decides that there isn't enough bandwidth for a high-quality call, Automated Alternate Routing (AAR) can step in and make the call. AAR can actually reroute the call to the PSTN without user intervention - in fact, the user doesn't even have to hang up!

CCNP Certification / BSCI Exam:

Short answer: What multicast addressing range is commonly called the "local network control block"?

Answer: The 224.0.0.0 - 224.0.0.255 range is reserved for network protocols. Packets in this range will not be forwarded by routers, so these packets cannot leave the local segment. This block of addresses is the local network control block.

CCNP Certification / BCMSN Exam:

What command resulted in the following output?

R1# ?

*Apr 9 20:15:10.542: HSRP: Fa0/0 API MAC address update
*Apr 9 20:15:10.546: HSRP: Fa0/0 API Software interface coming up
*Apr 9 20:15:10.550: HSRP: Fa0/0 API Add active HSRP addresses to ARP table
*Apr 9 20:15:10.554: HSRP: Fa0/0 API Add active HSRP addresses to ARP table

Answer: That's the debug of HSRP - the command is debug standby.

Short answer: What is "war driving"?

Answer: It's simply driving around and looking for a WiFi hotspot to connect to, whether that hotspot be intentional or an unprotected home network.

I'll have another set of practice exam questions for you later today, and a new CCNA Security tutorial has been posted - check today's other blog posts for a link!

Head over to my Cisco CCNA And CCNP Tutorial Page while you're here - over 200 free Cisco tutorials, articles, and practice exams are right there waiting for you!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Here's A New CCNA Security Exam Tutorial For You!

CCNA Security: Planning For External And Internal Threats

I'll be back later today with the answers to yesterday's questions, and much more.

Be sure to check out yesterday's blog posts for links to several new Cisco tutorials and practice exams that have been posted on the website, too!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Thursday, September 04, 2008

Here are your Cisco practice exam questions for Thursday, September 4!

CCNA Security tutorials and practice exams will be posted 5 - 7 times per week beginning today - I'll have a new tutorial for you later today. Be sure to check today's other blog postings for links to the latest Cisco tutorials that have been posted over on the main site!

Let's take a look at today's questions! All of today's questions are short answer.

CCNA Certification And CCENT Certification:

You're configuring a point-to-point connection between a non-Cisco router and a Cisco router. Which of the following combinations of PTP protocols will function correctly on this combination?

A. Use HDLC on both routers.

B. Use PPP on both routers.

C. Use HDLC on the Cisco router and PPP on the non-Cisco router.

D. Use PPP on the Cisco router and HDLC on the non-Cisco router.

You're using HTTP to open a connection to your Wireless Control System. What will happen?

A. Nothing unusual, you'll be prompted for a username and password.

B. You'll first be redirected to an HTTPS connection.

C. You'll first be redirected to an SNMP connection.

D. Your connection will fail.

What service can redirect a VOIP call to the PSTN when CallManager determines that there is not enough bandwidth available for a high-quality VOIP call?

CCNP Certification / BSCI Exam:

Short answer: What multicast addressing range is commonly called the "local network control block"?

Short answer: What is "war driving"?

I'll post the answers on Friday, September 5!

Head over to my Cisco CCNA And CCNP Tutorial Page right now - over 200 free Cisco tutorials, articles, and practice exams are waiting for you!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

A New CCNA Security Exam Tutorial Has Been Posted!

As part of the countdown to the release of my CCNA Security Exam Study Package, here's a new tutorial on how to use SDM to perform a security audit.

CCNA Security Exam: SDM And Security Audits

Enjoy! Be sure to read today and yesterday's other blog posts for links to new Cisco certification tutorials and practice exams!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Thursday, September 4, and here are the answers to Wednesday's Cisco certification exam practice questions!

CCNA Certification And CCENT Certification:

Write a configuration that would allow the following three users to successfully telnet in with the appropriate access level. Their first name is their username, last name is their password. (Don't do this at work! :) ) Include any necessary line configuration.

Users:

Jack Trump - highest privilege level possible

Donald Canfield - lowest privilege level possible

Stacy Putty - higher than Canfield, but lower than Trump

Answer: You'd need three separate username/password commands....

username jack privilege 15 password trump
username donald privilege 0 password canfield
username stacy privilege 1 password putty

You could put any value from 1 - 14 for the last password.

You'll also need the login local command on the VTY lines in order to use this local username/database for telnet authentication.

Name five common address ranges that should be prohibited as source addresses for any packets entering your network from the outside.

Answer: RFC 3704 (an updated version of RFC 2827) recommends that packets from the following network ranges be prohibited from entering your network:

0.0.0.0 /8

10.0.0.0 /8 (RFC 1918 Class A private range)

127.0.0.0 /8 (loopback address range)

172.16.0.0 /12 (RFC 1918 Class B private range)

192.168.0.0 /16 (RFC 1918 Class C private range)

224.0.0.0 /4 (reserved for IP multicasts)

240.0.0.0 /4 (RFC 1918 Class E private range)

What happens if you start the WCS service and it's already running? Discuss any potential issues that could arise from this situation.

Answer: All that happens is that you'll receive a message that WCS is already running. Nothing bad happens. Don't mean to disappoint you. ;)

You're running cRTP, and UDP checksums are not in use. What is the approximate compression percentage of the IP, UDP, and RTP headers?

Answer: If UDP checksums are not in use, you're going from 40 bytes of headers to only 2 - a 95% reduction in header overhead.

CCNP Certification / BSCI Exam:

What is the net effect of the following configuration? Are there options for this command that should be considered?

R1(config)#router ospf 1

R1(config-router)#default-information originate

Answer: As shown here, this router will advertise a default route into OSPF as long as one actually exists in the router's routing table. To advertise a default route even if none exists in the local router's tables, use the always option at the end of this command.

CCNP Certification / BCMSN Exam:

What should you do to avoid the error message shown below?

SW2(config)#int fast 0/8

SW2(config-if)#switchport nonegotiate

Command rejected: Conflict between 'nonegotiate' and 'dynamic' status.

Answer: The Dynamic Trunking Protocol (DTP) can be turned off at the interface level with the switchport nonegotiate command, but as you see below, you cannot turn DTP off until the port is no longer in dynamic desirable trunking mode.

SW2(config)#int fast 0/8
SW2(config-if)#switchport nonegotiate
Command rejected: Conflict between 'nonegotiate' and 'dynamic' status.

SW2(config-if)#switchport mode ?
access Set trunking mode to ACCESS unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
trunk Set trunking mode to TRUNK unconditionally

SW2(config-if)#switchport mode trunk
SW2(config-if)#switchport nonegotiate

You can verify DTP operation (or non-operation) with show dtp.

SW1#show dtp
Global DTP information
Sending DTP Hello packets every 30 seconds
Dynamic Trunk timeout is 300 seconds
4 interfaces using DTP

CCNP / ONT Exam:

What options will IOS Help show in the following configuration?

R1(config)#int tunnel 0

R1(config-if)#ip address 192.168.1.1 255.255.255.0

R1(config-if)#tunnel source 10.1.1.1

R1(config-if)#tunnel destination ?

Answer: You'll be prompted for to enter either a destination IP address (IPv4 or IPv6) or a hostname.

R1(config)#int tunnel 0
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#tunnel source 10.1.1.1
R1(config-if)#tunnel destination ?
Hostname or A.B.C.D ip address or host name
X:X:X:X::X IPv6 address

I'll have new questions here on the blog and on the main site later today - be sure to read yesterday's blog postings for new links as well. And when you're done, head over to my Cisco CCNA And CCNP Tutorial Page - over 200 free tutorials, articles, and practice exams await you!

Excelsior!

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Hi everyone!

I'm working on a new CCNA Security tutorial that I'll be posting later today - be sure to read yesterday's blog posts for links to several new CCNA and CCNP exams and tutorials I've posted on the main site.

I'll see you later today with that new Security tutorial, a new CCNP practice exam, and more!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Wednesday, September 03, 2008

Welcome back!

I'll have a new CCNA Security tutorial for you later today - in the meantime, just click that link to head over to my CCNA Security Resource Page, which already has six free tutorials and practice exams!

As part of the countdown to my CCNA Security Study Package release, I'll have new tutorials and practice exams on that page 5 - 7 times a week - and another major surprise is on the way to help you earn this valuable certification!

Plenty of other practice exams and tutorials for the CCNA, CCENT, and CCNP are waiting for you - read today and yesterday's blog posts for the latest!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Wednesday, September 3, and here are your Cisco CCNA, Security, Wireless, Voice, CCENT, AND CCNP questions for today!

CCNA Security tutorials and practice exams will be posted 5 - 7 times per week beginning today!

Let's take a look at today's questions! All of today's questions are short answer.

CCNA Certification And CCENT Certification:

Write a configuration that would allow the following three users to successfully telnet in with the appropriate access level. Their first name is their username, last name is their password. (Don't do this at work! :) ) Include any necessary line configuration.

Users:

Jack Trump - highest privilege level possible

Donald Canfield - lowest privilege level possible

Stacy Putty - higher than Canfield, but lower than Trump

Name five common address ranges that should be prohibited as source addresses for any packets entering your network from the outside.

What happens if you start the WCS service and it's already running? Discuss any potential issues that could arise from this situation.

You're running cRTP, and UDP checksums are not in use. What is the approximate compression percentage of the IP, UDP, and RTP headers?

CCNP Certification / BSCI Exam:

What is the net effect of the following configuration? Are there options for this command that should be considered?

R1(config)#router ospf 1

R1(config-router)#default-information originate

CCNP Certification / BCMSN Exam:

What should you do to avoid the error message shown below?

SW2(config)#int fast 0/8

SW2(config-if)#switchport nonegotiate

Command rejected: Conflict between 'nonegotiate' and 'dynamic' status.

What options will IOS Help show in the following configuration?

R1(config)#int tunnel 0

R1(config-if)#ip address 192.168.1.1 255.255.255.0

R1(config-if)#tunnel source 10.1.1.1

R1(config-if)#tunnel destination ?

I'll post the answers on Thursday, September 4! In the meantime, head over to my Cisco CCNA And CCNP Tutorial Page - over 200 free tutorials, articles, and practice exams await you!

Excelsior!

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

A New CCNA Security Tutorial Has Been Posted!

The second part of my exclusive CCNA Security tutorial on using Security Device Manager to configure one-step lockdown has been posted:

CCNA Security Exam Tutorial: SDM And One-Step Lockdown

You CCNP ISCW exam candidates should take a look at that as well! I'll have the next installment of my CCNA Security tutorial series up later today - Wednesday, September 3!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Wednesday, September 3, and here are the answers to yesterday's Cisco practice exam questions!

CCNA Security tutorials and practice exams will be posted 5 - 7 times per week beginning today!

Let's take a look at yesterday's questions....

CCNA Certification And CCENT Certification:

Identify the true statements regarding Telnet.

A. Telnet operates at L3 of the OSI model.

B. Telnet operates at L4 of the OSI model.

C. A telnet password is not set by default on a Cisco router, but is required.

D. A telnet password is not set by default on a Cisco router, and none is required.

E. Incoming users are placed into the highest privilege level possible by default.

F. Incoming users can do relatively little by default.

Answers: C, F. Telnet runs at Layer 7 of the OSI model. No VTY line password is set by default, but you'll have to set one to allow Telnet connections to your router. By default, remote users can do very little. You can assign a higher privilege level on either a per-user basis or for all incoming users by configuring the privilege level command on the VTY lines.

If you select multiple SDM files in the following window, how will the router decide which one to attempt to load first?

A. In order of size, the largest file first.

B. In order of size, the smallest file first.

C. In the order you list them here.

D. You can't select more than one SDM file.

Answer: C. The screen hints at it a bit - note that you can move the file names up and down.

Short answer: What's the main difference between an autonomous access point and a lightweight access point?

Answer: Autonomous APs are configured individually, where lightweight APs can be configured via LWAPP. Autonomous APs do not understand LWAPP.

Short answer: To enable cRTP on this interface, what's the next command you should enter?

R1(config)#int serial0

R1(config-if)#encap frame

R1(config-if)#

Answer: You'll need the ip rtp header-compression command. The frame mappings on that interface will inherit that setting, as shown below.

R3(config)#int s0/0/0
R3(config-if)#encap frame
R3(config-if)#ip rtp header-compression
R3(config-if)#frame map ip 172.12.123.1 221 broadcast
R3(config-if)#frame map ip 172.12.123.2 221 broadcast

R3#show frame map
Serial0/0/0 (up): ip 172.12.123.1 dlci 221(0xDD,0x34D0), static,
broadcast, CISCO, status active RTP Header Compression (inherited), connections: 256

Serial0/0/0 (up): ip 172.12.123.2 dlci 221(0xDD,0x34D0), static,
broadcast, CISCO, status active RTP Header Compression (inherited), connections: 256

CCNP Certification / BSCI Exam:

Short answer: What is the difference between an OSPF E2 route's metric and an E1 route metric?

Answer: An E2 metric reflects only the cost from the ASBR to the external destination . It does not reflect the cost from the local router to the ASBR itself. An E1 metric does include the cost from the local router to the ASBR.

CCNP Certification / BCMSN Exam:

Identify the statements that accurately describe a SPAN destination port.

A. Can participate in multiple SPAN sessions

B. Can also be a source port

C. Can be part of an Etherchannel

D. Can be either a Fast Ethernet or Ethernet port

Answers: D. Destination SPAN ports can't take part in multiple SPAN sessions, they can't also be source ports, and they can't be part of an Etherchannel.

Short answer: What application is in use in the following illustration?
Answer: That's just a very small part of the information you can access in Cisco's Wireless LAN Controller (WLC).

I've got a new CCNA Security tutorial for you today, at least one new practice exam, and some other great surprises on the way!

While you're waiting, spend some time on my free CCNA, CCNP, and CCENT tutorials page!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Tuesday, September 02, 2008

It's Tuesday, September 2, and here are your free CCNA, CCNP, Wireless, Security, and Voice questions for today!

I also posted the answers to three practice exams that were posted on the main site last week - be sure to read today and yesterday's blog entries for links to those exams and their answers!

CCNA Security tutorials and practice exams will be posted 5 - 7 times per week beginning today!

In the meantime, let's tackle today's questions!

CCNA Certification And CCENT Certification:

Identify the true statements regarding Telnet.

A. Telnet operates at L3 of the OSI model.

B. Telnet operates at L4 of the OSI model.

C. A telnet password is not set by default on a Cisco router, but is required.

D. A telnet password is not set by default on a Cisco router, and none is required.

E. Incoming users are placed into the highest privilege level possible by default.

F. Incoming users can do relatively little by default.

If you select multiple SDM files in the following window, how will the router decide which one to attempt to load first?

A. In order of size, the largest file first.

B. In order of size, the smallest file first.

C. In the order you list them here.

D. You can't select more than one SDM file.

Short answer: What's the main difference between an autonomous access point and a lightweight access point?

Short answer: To enable cRTP on this interface, what's the next command you should enter?

R1(config)#int serial0

R1(config-if)#encap frame

R1(config-if)#

CCNP Certification / BSCI Exam:

Short answer: What is the difference between an OSPF E2 route's metric and an E1 route metric?

CCNP Certification / BCMSN Exam:

Identify the statements that accurately describe a SPAN destination port.

A. Can participate in multiple SPAN sessions

B. Can also be a source port

C. Can be part of an Etherchannel

D. Can be either a Fast Ethernet or Ethernet port

Short answer: What application is in use in the following illustration?

I'll have the answers for you on Wednesday, September 3. While you're waiting, there are quite a few Cisco tutorials and practice exams waiting for you on my CCNA, CCNP, and CCENT tutorials page - head over there and take a look!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Tuesday, September 2 - and you're going to love the new features on the way, all designed to help YOU get Cisco Certified!

My CCNA Security tutorial series resumes later today, and I'll have at least one new practice exam for you CCNA and CCNP candidates alike posted on the website later today - and I'll put a link to those new tests right here on the blog.

My exclusive Cisco Video Training series begins very soon, with videos on topics from building a Cisco home lab to the best way to study for exam success - and everything in between!

Combine all that with my upcoming CCNA Security, Wireless, and Voice Study Packages, free practice exams and tutorials, and my online Mastermind Boot Camp courses for those three certifications debuting in January - plus a surprise or two I can't talk about yet - there's no better way to earn your Cisco certifications than with The Bryant Advantage!

Right now, let's take a look at the answers to yesterday's questions!

CCNA Certification And CCENT Certification:

Identify the true statements regarding Cisco routers.

A. The password encryption service is enabled by default.

B. The password encryption service is disabled by default.

C. The enable secret command uses a relatively strong encryption scheme.

D. The enable secret command uses a relatively weak encryption scheme that is easily compromised.

E. The VTY line password is set by default, and it is "cisco".

F. The VTY line password is not set by default.

Answers: B, D, F. To use the password encryption service, you'll need to use the service password-encryption command, since that service is disabled by default.

The particular encryption used by that command is relatively weak; it'll stop people from casually peeking at the password, but several programs exist that can crack this particular encryption in a matter of seconds.

There is no default VTY line password.

You're configuring the IOS Firewall Set on a router that's also running EIGRP. You're using SDM to configure the firewall. Which of the following statements is true?

A. You'll be prompted by SDM whether you want to permit EIGRP updates to come through the firewall.

B. You can go to the CLI and configure the firewall to allow EIGRP updates, but you can't use SDM to do so.

C. You cannot allow multicast routing updates to pass through a firewall; you'll need to use a protocol that uses broadcasts.

D. You cannot allow broadcast or multicast routing updates to pass through a firewall.

Answer: A. You will be prompted to allow the routing updates, as shown in this screen shot from my CCNA Security Study Package:

Which of the following does NOT describe WEP?

A. uses clear-text keys

B. uses a three-way handshake

C. uses dynamically generated keys

D. uses strong encryption scheme

Answers: B, C, D. WEP uses static keys, one-way authentication, and a weak encryption scheme. ("Other than that, Mrs. Lincoln, how did you enjoy the play?")

You're configuring a POTS dial peer. Which of the following command will you use on that peer?

A. destination-pattern

B. port

C. session-target

D. dial map

Answer: A, B. POTS dial peers do not use the session-target command, and neither POTS not VOIP peers use the dial map command.

CCNP Certification / BSCI Exam:

You've just redistributed an EIGRP route into an OSPF process. What default OSPF routing code will be assigned to that route?

A. O E1

B. O E2

C. O N1

D. O N2

E. None of the above.

Answer: B, as demonstrated in the following command output. Two routes have been redistributed into OSPF - note the default seed metric and the route code.

R4#show ip route ospf

172.12.0.0/24 is subnetted, 1 subnets

O E2 172.12.123.0 [110/20] via 30.1.1.3, 00:00:15, Ethernet0

10.0.0.0/24 is subnetted, 1 subnets

O E2 10.1.1.0 [110/20] via 30.1.1.3, 00:00:15, Ethernet0

CCNP Certification / BCMSN Exam:

Identify the statements that accurately describe a SPAN source port.

A. Can be monitored in multiple, simultaneous SPAN sessions

B. Can be part of an Etherchannel

C. Cannot be configured as a destination port

D. Can be either a Fast Ethernet or Ethernet port

Answers: A, B, C. D. All four statements are accurate.

CCNP / ONT Exam: (My ONT Study Package is now available - the introductory price ends today, Monday, September 1!)

Which of the following interface types is compressed by cRTP?

A. IP

B. RTP

C. UDP

D. TCP

Answer: A, B, C. That's RTP Header Compression, which compresses the IP, RTP, and UDP headers.

Lots more to come later today! In the meantime, spend some time on my CCNA, CCNP, and CCENT tutorials page!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

Monday, September 01, 2008

The answers to my CCNP BGP practice exam have been posted:

CCNP Certification / BSCI Exam: BGP Practice Exam

More answers and questions later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

The answers to my recent CCNA practice exam on EIGRP have been posted!

CCNA Certification: 10 Questions On EIGRP

More answers and questions are on the way later today!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

All right, my friends - here are your Cisco certification practice exam questions for Monday, September 1!

Later today, I'll have the answers for all three CCNA and CCNP practice exams posted on the main site last week.

CCNA Security tutorials and practice exams will be posted 5 - 7 times per week beginning Tuesday, September 2!

Let's get to today's questions.....

CCNA Certification And CCENT Certification:

Identify the true statements regarding Cisco routers.

A. The password encryption service is enabled by default.

B. The password encryption service is disabled by default.

C. The enable secret command uses a relatively strong encryption scheme.

D. The enable secret command uses a relatively weak encryption scheme that is easily compromised.

E. The VTY line password is set by default, and it is "cisco".

F. The VTY line password is not set by default.

You're configuring the IOS Firewall Set on a router that's also running EIGRP. You're using SDM to configure the firewall. Which of the following statements is true?

A. You'll be prompted by SDM whether you want to permit EIGRP updates to come through the firewall.

B. You can go to the CLI and configure the firewall to allow EIGRP updates, but you can't use SDM to do so.

C. You cannot allow multicast routing updates to pass through a firewall; you'll need to use a protocol that uses broadcasts.

D. You cannot allow broadcast or multicast routing updates to pass through a firewall.

Which of the following does NOT describe WEP?

A. uses clear-text keys

B. uses a three-way handshake

C. uses dynamically generated keys

D. uses strong encryption scheme

You're configuring a POTS dial peer. Which of the following command will you use on that peer?

A. destination-pattern

B. port

C. session-target

D. dial map

CCNP Certification / BSCI Exam:

You've just redistributed an EIGRP route into an OSPF process. What default OSPF routing code will be assigned to that route?

A. O E1

B. O E2

C. O N1

D. O N2

E. None of the above.

CCNP Certification / BCMSN Exam:

Identify the statements that accurately describe a SPAN source port.

A. Can be monitored in multiple, simultaneous SPAN sessions

B. Can be part of an Etherchannel

C. Cannot be configured as a destination port

D. Can be either a Fast Ethernet or Ethernet port

CCNP / ONT Exam: (My ONT Study Package is now available - the introductory price ends today, Monday, September 1!)

Which of the following interface types is compressed by cRTP?

A. IP

B. RTP

C. UDP

D. TCP

There are quite a few Cisco tutorials practice exams waiting for you on my CCNA, CCNP, and CCENT tutorials page - head over there and take a look!

To your success,

Chris Bryant
CCIE #12933
http://www.thebryantadvantage.com/

It's Monday, September 1, and here are the answers to Saturday's Cisco practice exam questions!

All of Saturday's questions were short answer. I'll post the answers to last week's three CCNA and CCNP practice exams later today - check Saturday's blogs for links to those practice exams!

CCNA Certification And CCENT Certification:

What keystroke will get you out of the following configuration mode? Will your changes be saved by this keystroke?

Would you like to enter basic management setup? [yes/no]:y

Configuring global parameters:
Enter host name [Switch]: Switch1

The enable secret is a password used to protect access to privileged EXEC and configuration modes. This password, after entered, becomes encrypted in the configuration.
Enter enable secret:

Answer: That's the dreaded setup mode, and you can exit that mode without saving your changes with the ctrl-c keystroke.

CCNA Security Certification / CCNP ISCW Exam:

Two popular signature actions in SDM are denyAttackerInline and denyFlowInline. There's a subtle difference between the two. What is it?

Answer: denyAttackerInline denies the source IP address of the offending packets entirely. This action is carried out by the dynamic creation of an ACL that blocks that particular source IP address. denyFlowInline blocks the specific offending TCP flow, but still allows other connections from that particular source.

What is a "lily pad network"?

Answer: It's a wireless network consisting of multiple Wireless Access Points (WAPs), with each connected to a different network - this topology allows roaming users to access their network.