- Which two statements about using the CHAP authentication mechanism in a PPP link are true? (Choose two)
- A. CHAP uses a two-way handshake.
- B. CHAP uses a three-way handshake.*
- C. CHAP authentication periodically occurs after link establishment.*
- D. CHAP authentication passwords are sent in plaintext.
- E. CHAP authentication is performed only upon link establishment.
- F. CHAP has no protection from playback attacks.
- A network administrator needs to configure a serial link between the main office and a remote location. The router at the remote office is a non-Cisco router. How should the network administrator configure the serial interface of the main office router to make the connection?
- A. Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# no shut - B. Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# encapsulation ppp
Main(config-if)# no shut - C. Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# encapsulation frame-relay
Main(config-if)# authentication chap
Main(config-if)# no shut - D. Main(config)# interface serial 0/0
Main(config-if)#ip address 172.16.1.1 255.255.255.252
Main(config-if)#encapsulation ietf
Main(config-if)# no shut
- A. Main(config)# interface serial 0/0
- Refer to the exhibit:
The Bigtime router is unable to authenticate to the Littletime router. What is the cause of the problem?
- A. The usernames are incorrectly configured on the two routers.
- B. The passwords do not match on the two routers.*
- C. CHAP authentication cannot be used on a serial interface.
- D. The routers cannot be connected from interface S0/0 to interface S0/0.
- E. With CHAP authentication, one router must authenticate to another router. The routers cannot be configured to authenticate to each other.
Show (Hide) Explanation/ReferenceBoth routers must use the same password for CHAP to authentication. - What is the benefit of point-to-point leased line?
- A. Low cost
- B. Full-mesh capability
- C. Flexibility of design
- D. Simply configuration*
Show (Hide) Explanation/ReferencePoint-to-point leased line is the most expensive interconnection between two ends as the line is dedicated to a single user, the user should still pay for all available bandwidth, including those unused. -> A is not correct.With the cost of point-to-point leased line, the full-mesh capability is only achieved when your company has very very strong budget to pay all the bills. To create a full-mesh topology for n sites, we need n*(n-1)/2 leased line connections. For example if we have 6 sites then we need 6*5/2 = 15 leased line connections -> It is nearly impossible for a normal company to achieve full-mesh topology -> B is not correct.
Flexibility is not an advantage of leased line connection -> C is not correct.
Point-to-point leased line simplifies the configuration as the circuit is available on a permanent basis and does not require a connection to be set up before traffic is passed. It does not require to define a permanent virtual circuit (PVC) in the configuration either -> D is correct.
- When you deploy multilink PPP on your network, where must you configure the group IP Address on each device?
- A. In the global config
- B. Under serial interface
- C. Under the routing protocol
- D. Under the multilink interface*
Show (Hide) Explanation/ReferenceSuppose R1 has two Serial interfaces which are directly connected to R2. This is how to configure multilink on R1:R1(config-if)# interface Serial 0/0 R1(config-if)# encapsulation ppp R1(config-if)# ppp multilink R1(config-if)# ppp multilink group 1 R1(config-if)# no shutdown R1(config-if)# interface Serial 0/1 R1(config-if)# encapsulation ppp R1(config-if)# ppp multilink R1(config-if)# ppp multilink group 1 R1(config-if)# no shutdown R1(config)# interface multilink 1 R1(config-if)# ip address 192.168.42.1 255.255.255.252 R1(config-if)# ppp multilink R1(config-if)# ppp multilink group 1
Therefore we must configure IP address under multilink interface, not physical member interfaces.
- What are two authentication types of MLPPP?
- A. PEAP
- B. LEAP
- C. PAP*
- D. CHAP*
- E. TACACS+
Show (Hide) Explanation/ReferenceThe Multilink PPP feature provides load balancing functionality over multiple WAN links while providing multivendor interoperability and support for packet fragmentation, proper sequencing, and load calculation on both inbound and outbound traffic.Multilink PPP combines multiple physical links into a logical bundle called a Multilink PPP bundle. A Multilink PPP bundle is a single, virtual interface that connects to the peer system. Having a single interface (Multilink PPP bundle interface) provides a single point to apply hierarchical queueing, shaping, and policing to traffic flows. Individual links in a bundle do not perform any hierarchical queueing. None of the links have any knowledge about the traffic on parallel links.
MLPPP supports two authentication protocols: Password Authentication protocol (PAP) and Challenge-Handshake Authentication Protocol (CHAP)
- At which layer of the OSI model does PPP perform?
- A. Layer 2*
- B. Layer 3
- C. Layer 4
- D. Layer 5
- E. Layer 1
- Which command is used to enable CHAP authentication with PAP as the fallback method on a serial interface?
- A. (config-if)# authentication ppp chap fallback ppp
- B. (config-if)# authentication ppp chap pap
- C. (config-if)# ppp authentication chap pap*
- D. (config-if)# ppp authentication chap fallback ppp
Show (Hide) Explanation/ReferenceThe command “ppp authentication chap pap” command indicates the CHAP authentication is used first. If it fails or is rejected by other side then uses PAP instead. If you want to use PAP first (then CHAP) you can use the “ppp authentication pap chap” command.