CCNA 200-125 Exam: PPP Questions With Answers

  1. Which two statements about using the CHAP authentication mechanism in a PPP link are true? (Choose two)
    • A. CHAP uses a two-way handshake.
    • B. CHAP uses a three-way handshake.*
    • C. CHAP authentication periodically occurs after link establishment.*
    • D. CHAP authentication passwords are sent in plaintext.
    • E. CHAP authentication is performed only upon link establishment.
    • F. CHAP has no protection from playback attacks.
  2. A network administrator needs to configure a serial link between the main office and a remote location. The router at the remote office is a non-Cisco router. How should the network administrator configure the serial interface of the main office router to make the connection?
    • A. Main(config)# interface serial 0/0
      Main(config-if)# ip address 172.16.1.1 255.255.255.252
      Main(config-if)# no shut
    • B. Main(config)# interface serial 0/0
      Main(config-if)# ip address 172.16.1.1 255.255.255.252
      Main(config-if)# encapsulation ppp
      Main(config-if)# no shut
    • C. Main(config)# interface serial 0/0
      Main(config-if)# ip address 172.16.1.1 255.255.255.252
      Main(config-if)# encapsulation frame-relay
      Main(config-if)# authentication chap
      Main(config-if)# no shut
    • D. Main(config)# interface serial 0/0
      Main(config-if)#ip address 172.16.1.1 255.255.255.252
      Main(config-if)#encapsulation ietf
      Main(config-if)# no shut
  3. Refer to the exhibit:

    The Bigtime router is unable to authenticate to the Littletime router. What is the cause of the problem?

    • A. The usernames are incorrectly configured on the two routers.
    • B. The passwords do not match on the two routers.*
    • C. CHAP authentication cannot be used on a serial interface.
    • D. The routers cannot be connected from interface S0/0 to interface S0/0.
    • E. With CHAP authentication, one router must authenticate to another router. The routers cannot be configured to authenticate to each other.

    Show (Hide) Explanation/Reference
    Both routers must use the same password for CHAP to authentication.
  4. What is the benefit of point-to-point leased line?
    • A. Low cost
    • B. Full-mesh capability
    • C. Flexibility of design
    • D. Simply configuration*

    Show (Hide) Explanation/Reference
    Point-to-point leased line is the most expensive interconnection between two ends as the line is dedicated to a single user, the user should still pay for all available bandwidth, including those unused. -> A is not correct.

    With the cost of point-to-point leased line, the full-mesh capability is only achieved when your company has very very strong budget to pay all the bills. To create a full-mesh topology for n sites, we need n*(n-1)/2 leased line connections. For example if we have 6 sites then we need 6*5/2 = 15 leased line connections -> It is nearly impossible for a normal company to achieve full-mesh topology -> B is not correct.

    Flexibility is not an advantage of leased line connection -> C is not correct.

    Point-to-point leased line simplifies the configuration as the circuit is available on a permanent basis and does not require a connection to be set up before traffic is passed. It does not require to define a permanent virtual circuit (PVC) in the configuration either -> D is correct.

  5. When you deploy multilink PPP on your network, where must you configure the group IP Address on each device?
    • A. In the global config
    • B. Under serial interface
    • C. Under the routing protocol
    • D. Under the multilink interface*

    Show (Hide) Explanation/Reference
    Suppose R1 has two Serial interfaces which are directly connected to R2. This is how to configure multilink on R1:

    R1(config-if)# interface Serial 0/0 
    R1(config-if)# encapsulation ppp 
    R1(config-if)# ppp multilink 
    R1(config-if)# ppp multilink group 1 
    R1(config-if)# no shutdown
    
    R1(config-if)# interface Serial 0/1 
    R1(config-if)# encapsulation ppp 
    R1(config-if)# ppp multilink 
    R1(config-if)# ppp multilink group 1 
    R1(config-if)# no shutdown
    
    R1(config)# interface multilink 1 
    R1(config-if)# ip address 192.168.42.1 255.255.255.252 
    R1(config-if)# ppp multilink 
    R1(config-if)# ppp multilink group 1

    Therefore we must configure IP address under multilink interface, not physical member interfaces.

  6. What are two authentication types of MLPPP?
    • A. PEAP
    • B. LEAP
    • C. PAP*
    • D. CHAP*
    • E. TACACS+

    Show (Hide) Explanation/Reference
    The Multilink PPP feature provides load balancing functionality over multiple WAN links while providing multivendor interoperability and support for packet fragmentation, proper sequencing, and load calculation on both inbound and outbound traffic.

    Multilink PPP combines multiple physical links into a logical bundle called a Multilink PPP bundle. A Multilink PPP bundle is a single, virtual interface that connects to the peer system. Having a single interface (Multilink PPP bundle interface) provides a single point to apply hierarchical queueing, shaping, and policing to traffic flows. Individual links in a bundle do not perform any hierarchical queueing. None of the links have any knowledge about the traffic on parallel links.

    Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/wan_mlp/configuration/xe-3s/wan-mlp-xe-3s-book/wan_cfg_mlppp_conn_xe.html

    MLPPP supports two authentication protocols: Password Authentication protocol (PAP) and Challenge-Handshake Authentication Protocol (CHAP)

  7. At which layer of the OSI model does PPP perform?
    • A. Layer 2*
    • B. Layer 3
    • C. Layer 4
    • D. Layer 5
    • E. Layer 1
  8. Which command is used to enable CHAP authentication with PAP as the fallback method on a serial interface?
    • A. (config-if)# authentication ppp chap fallback ppp
    • B. (config-if)# authentication ppp chap pap
    • C. (config-if)# ppp authentication chap pap*
    • D. (config-if)# ppp authentication chap fallback ppp

    Show (Hide) Explanation/Reference
    The command “ppp authentication chap pap” command indicates the CHAP authentication is used first. If it fails or is rejected by other side then uses PAP instead. If you want to use PAP first (then CHAP) you can use the “ppp authentication pap chap” command.

 


Related Articles

Leave a Reply

avatar
Photo and Image Files
 
 
 
Audio and Video Files
 
 
 
Other File Types
 
 
 

Send this to a friend