1. Which statement correctly describes the problem when NAT and IPsec implementation coexist in the network?
- NAT changes the encryption keys that are used by IPsec during the key negotiation processes.
- NAT changes the TCP and UDP transport protocols that are embedded in the payload of the IPsec packets.
- NAT changes the source and destination IP addresses that are encapsulated inside the IPsec packets.
- NAT changes the IP header fields, and those changes can conflict with the integrity of IPsec protocols.*
2. Refer to the exhibit. Users on the LAN complained that they cannot access the Internet. Based on the provided output, what could be the possible cause of the problem?
- Too few addresses are assigned to the NAT pool.
- The NAT pool is configured with the wrong netmask.
- An incorrect ACL is referenced during the NAT translation process.*
- The configurations for the inside and outside interfaces are reversed.
3. What are two things to be taken into consideration when NAT is configured in the network? (Choose two.)
- the type of interface that is configured for NAT
- the scope of the IP addresses that are configured in the NAT pool
- the protocols that are used in the network*
- the type of ACLs that are filtering the traffic from source to destination
- the port numbers that are used by the applications*
4. Refer to the exhibit. Users on the LAN complained that they cannot access the resources on the network. A network administrator issued the debug ip udp command on R2 to verify the DHCP server operation. On the basis of the provided output, what could be the possible cause of the problem?
- The domain-name command is missing from the R3 configuration.
- The ip helper-address command is missing from the R2 configuration.*
- The ip dhcp pool command is missing from the R2 configuration.
- The ip dhcp excluded-addresses command is missing from the R2 configuration.
5. Refer to the exhibit. Users on LAN_1 complained that they cannot communicate with the other users on the network. A network administrator issued show ip dhcp conflict command to verify the DHCP server operation on the router. Based on the provided outputs, what could be done to remedy the problem?
- Issue the dhcp services command on router R2.
- Configure the IP addresses that must be excluded from the DHCP pool.*
- Issue the ip helper-address command under the Fa0/1 interface.
- Configure the DHCP pool for a larger scope of IP addresses.
6. Refer to the exhibit. Routers R1 and R2 cannot get DHCP addresses from router R3, which is configured as a DHCP server. After issuing the show ip socket command and troubleshooting the problem, a network administrator verifies that the R1 and R2 interfaces are up and operational. Based on the provided output, what could be the possible cause of the problem?
- The IP addresses from the DHCP pool have been exhausted.
- Illegal addresses have been assigned to the interfaces of routers R1 and R2.
- The DHCP services are disabled on R3.*
- The IP helper address is missing from the R3 configuration.
7. Refer to the exhibit. Host A is unable to obtain an IP address from the DHCP server. Which procedure would solve this problem?
- Configure interface Fa0/1 of router RTA with the ip helper-address 10.1.2.10 command.
- Configure interface Fa0/0 of router RTA with the ip helper-address 10.1.2.1 command.
- Configure interface Fa0/0 of router RTA with the ip forward-protocol 67 command.
- Configure interface Fa0/0 of router RTA with the ip helper-address 10.1.2.10 command.*
8. Refer to the exhibit. Which statement accurately describes the IPv6 routing configuration?
- The network 4001::1/128 is unreachable.
- The command ipv6 route 5000::/64 null0 was entered on the router.
- The command ipv6 route 5432::/48 null0 was entered on the router.*
- The network 4000::2/128 was learned via a routing protocol.
9. Refer to the exhibit. R2 is a branch router and accesses all nonlocal networks via R1. The network administrator is troubleshooting why router R2 cannot access any external networks. Based on the output of the commands, what is the likely issue?
- IPv6 unicast routing has not been enabled on R1.*
- The IPv6 address configured for R1 is invalid.
- The default router for R1 is invalid.
- R2 has not been configured for autoconfiguration.
10. Refer to the exhibit. A network administrator has configured NAT on router R1. However, R1 does not translate addresses when hosts from the 10.0.0.0 /24 LAN attempt to access the Internet. Which configuration change would correct this situation?
- Enter the no ip nat inside source static 10.0.0.10 126.96.36.199 command.
- Make interface Fa0/0 the inside NAT interface and S0/0/0 the outside NAT interface.*
- Change the netmask of the NATPOOL to 255.255.255.224.
- Change the NAT pool to be in the same subnet as the IP address of s0/0/0.
- Append the overload keyword to the ip nat inside source list 1 pool NATPOOL command.
11. Which type of DHCP message is sent by a DHCP client to a DHCP server?
- DHCP ACK
- DHCP NACK
- DHCP OFFER
- DHCP INFORM *
12. What are the three roles a router may assume with respect to DHCP? (Choose three.)
- server *
- remote agent
- relay agent *
- client *
13. Which three UDP ports are associated with messages that are forwarded by default by a DHCP relay agent? (Choose three.)
- 53 *
- 37 *
- 69 *
14. Refer to the exhibit. A network technician is having issues setting up router R4 in a IPv6 network. What problem is indicated from the router output?
- The interface also requires an IPv4 address.
- IPv4 routes should be redistributed into IPv6.
- IPv6 routing needs to be enabled.*
- A routing protocol for IPv6 must be enabled.
15. Refer to the exhibit. A network technician is attempting to get the Internet connection operational. The technician gathers the information from the debug command on the border router while attempting a ping from Computer1 to the ISP. After a conversation with the ISP, it is determined that the ISP router lacks the appropriate route to the customer. What route should be added to the ISP router?
- ip route 0.0.0.0 0.0.0.0 Serial 0/3/0
- ip route 188.8.131.52 255.255.255.248 10.10.10.2 *
- ip route 192.168.254.0 255.255.255.0 10.10.10.2
- ip route 10.10.10.0 255.255.255.252 Serial 0/3/0
16. Refer to the exhibit. A network technician is adding the host PC5 to the local LAN. After the host is connected to an operational port on SwA2, which is in the correct VLAN, the host cannot connect to the Internet. All other hosts can reach the Internet. Based on the provided output, what is the problem?
- The DHCP server service is disabled.
- The addresses in the DHCP pool are in the wrong subnet.
- There is no default router defined in the DHCP pool.
- The available addresses in the DHCP pool are exhausted.*
17. Refer to the exhibit. A network administrator has implemented Network Address Translation (NAT) on router R1. However, hosts on the inside LAN cannot connect to addresses outside of the corporate network. Which option correctly identifies the problem?
- The NAT-POOL should have included the S0/0/0 interface IP address.
- NAT cannot use named access control lists.
- The ACL is referring to the wrong internal network.*
- The static NAT entry IP address is not included in the NAT-POOL.
- Interface Fa0/0 should be configured as the outside NAT interface and S0/0/0 as the inside NAT interface.
- The overload keyword has not been appended to the ip nat inside source command.
18. Which IP address should an administrator who is configuring NAT advertise to the outside world?
- outside local
- outside global
- inside local
- inside global *
19. The network administrator changed the DHCP address pool from 10.10.0.0/16 to 10.20.0.0/16 and is now receiving complaints from users that they are unable to connect to the Internet. The administrator issues the command show ip nat translations on the border router and observes that there are no active translations present. The administrator then verifies that connectivity to the Internet from the border router is present. What should the administrator do next?
- Change from dynamic to static NAT for all outbound connections.
- Increase the size of the existing NAT pool.
- Verify that the ACL is selecting the correct addresses for translation.*
- Create a new NAT pool using the 10.20.0.0/16 address space.
20. Refer to the exhibit. A network administrator created a static NAT translation. The purpose of the translation is to allow outside users to use the IP address 184.108.40.206 to connect to a server that is located on the internal network at IP address 172.16.6.3. However, users are unable to connect to the server by using the supplied address. What is the most probable cause of the problem?
- Dynamic NAT must be used to allow an outside user to connect to the server.
- The network administrator reversed the addresses in the mapping command.*
- The 172.16.0.0/16 network has not been advertised to the outside world.
- There is no outside global address specified.
- No access list has been configured to select the traffic that is allowed to connect to the server.
21. Refer to the exhibit. A network administrator has configured a static NAT entry on router R1 for the internal web server. However, external users still cannot connect to the web server. Which procedure would resolve this problem?
- For security reasons, an outside address cannot be mapped to an internal private address and therefore the web server should be configured with a valid public address.
- Delete the current static entry and issue the ip nat inside source static 10.1.1.10 220.127.116.11 command.*
- Remove the overload keyword from the ip nat inside source list command.
- Delete the current static entry and issue the ip nat outside source static 10.0.0.10 18.104.22.168 command.
22. A network administrator is troubleshooting an EIGRP authentication problem. This is an example of troubleshooting which functional plane?
- Routing Protocol Plane
- Data Plane
- Management Plane
- EIGRP Plane
- Control Plane *
23. Refer to the exhibit. A user has a PC that connects to a VoIP phone and the phone connects to port Fa0/1 on the switch. The user is complaining about not being able to access the network. The user cannot access any local print servers and cannot ping any neighboring devices. The administrator attempts to ping the PC of the user but is unsuccessful. Based on the output of the show portsecurity command, what could be the issue?
- The switch port detected more than one MAC address.*
- The switch port detected a MAC address that belongs to a different VLAN.
- The switch port detected a bridging loop.
- The switch port has not been able to detect any devices connected to it.
24. Refer to the exhibit. Company A is deploying IP telephony in their offices. A network technician unplugs the patch cable that currently connects to the PC from the wall jack and then plugs the cable into the port labeled as 10/100 PC on the IP phone. The technician next uses another patch cable to connect the switch port on the IP phone to the wall jack. After completing these changes, the technician notices that the IP phone cannot initialize and that the PC loses connectivity. The technician then checks the configuration on the switch. According to the output of the show runningconfig command, what should the technician do next in order to find the cause of the problem?
- Switch the two patch cables that connect to the IP phone.
- Make sure that the ports for Skinny and TFTP are not blocked by ACLs.
- Make sure that the voice VLAN 700 is allowed on the trunking port.
- Make sure that the port security setting allows more than one MAC address.*
Download PDF File below: