Anda di halaman 1dari 24

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Hotspot 2: Topology Question


640-802 CCNA Hotspot Topology Exhibit

Question 1: Note: host 172.30.4.4 is wrongly given in Question the correct host must be 172.30.0.4

1 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Answers: 702 Explanation: The destination layer 2 address is a DLCI for frame-relay network. The destination host packet address is 172.30.0.4 corresponding DLCI is 702. This can be confirmed by looGuides at the show frame-relay map output which shows the frame-relay map statements for layer 3 address to its corresponding layer 2 address IP 172.30.0.4 is mapped to DLCI 702 . Question 2:

Answers: frame-relay map ip 172.30.0.3 196 broadcast Explanation: The show frame-relay map command above output provides the dynamic mapping for S-AMER (.3 as per topology the complete address is 172.30.0.3) to DLCI 196. To create a static frame-relay map on dubai router to S-AMER we use the following command Syntax: frame-relay map protocol protocol-address dlci [broadcast] frame-relay map ip 172.30.0.3 196 broadcast Question 3:

Answers: The serial connection to the MidEast branch office Explanation: By seeing the partial running config provided for Dubai router We can identify what encapuslation type is configured on each interface Interface serial 1/0 : encapsulation frame-relay Interface serial 1/2 and serial 1/3 : Both have encapsulation ppp Interaface serial 1/1: Has no config info on encapsulation type this determines the default encapsulation (HDLC) is not changed on this interface.
2 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Serial 1/1 is connection to MidEast branch office from Dubai router which has the default encapsulation. Question 4:

Answers: T1net CCNA (640-802) exam topic Explain and select the appropriate administrative tasks required for a WLAN Question1: A single 802.11g access point has been configured and installed in the center of a square office. A few wireless users are experiencing slow performance and drops while most users are operating at peak efficiency. What are three likely causes of this problempassguide (Choose three.) A:mismatched TKIP encryption B:null SSID C:cordless phones D:mismatched SSID E:metal file cabinets F:antenna type or direction Answers: C, E, F Explanation: Cordless phones also work on RF so they conflict with WLAN RF and reduce the performance. metal file cabinets also act as obstacles for Radio waves in WLAN results in performane loss. Antenna adds power gain for radio waves if Antenna selected is not correct type or direction is not exact then performance will effect. Question 2: Refer to the exhibit. What two facts can be determined from the WLAN diagrampassguide (Choose two.)

A:The area of overlap of the two cells represents a basic service set (BSS). B:The network diagram represents an extended service set (ESS).
3 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

g p ( ) C:Access points in each cell must be configured to use channel 1. D:The area of overlap must be less than 10% of the area to ensure connectivity. E:The two APs should be configured to operate on different channels. Answers: B, E Explanation: The Extended Service Set (ESS) uses multiple APs with overlapping microcells to cover all clients. Microcells should overlap by 1015 percent for data, and 1520 percent for voice traffic. Each AP should use a different channel. Question 3: Which spread spectrum technology does the 802.11b standard define for operationpassguide A: IR B: DSSS C: FHSS D: DSSS and FHSS E: IR, FHSS, and DSSS Answers: B Explanation: 802.11b is a widely adopted standard that operates in the 2.4 GHz range and uses Direct Sequence Spread Spectrum (DSSS). Question 4: What is the maximum data rate specified for IEEE 802.11b WLANspassguide A: 10 Mbps B: 11 Mbps C: 54 Mbps D: 100 Mbps Answers: B Explanation: 802.11b supports four data rates: 1, 2, 5.5, and 11 Mbps. Question 5: Which two statements best describe the wireless security standard that is defined by WPApassguide (Choose two.) A:It specifies use of a static encryption key that must be changed frequently to enhance B:It requires use of an open authentication method. C:It specifies the use of dynamic encryption keys that change each time a client establishes a connection. D:It requires that all access points and wireless devices use the same encryption key. E:It includes authentication by PSK. Answers: C, E Explanation: Wi-Fi Protected Access (WPA) is a Wi-Fi Alliance standard. Uses Temporal Key Integrity Protocol (TKIP) for encryption
4 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Uses Temporal Key Integrity Protocol (TKIP) for encryption, dynamic keys, and 802.1x user authentication. WPA-PSK (Pre shared Key) is a special mode of WPA for home users without an enterprise authentication server and provides the same strong encryption protection. Question 6: Which additional configuration step is necessary in order to connect to an access point that has SSID broadcasting disabledpassguide A: Set the SSID value in the client software to public. B: Configure open authentication on the AP and the client. C: Set the SSID value on the client to the SSID configured on the AP. D: Configure MAC address filtering to permit the client to connect to the AP. Answers: C Explanation: Since access point has SSID broadcasting disabled here we need to manually configure client the same SSID value configured on AP so that client can associate with the AP. Question 7: You and a co-worker have established wireless communication directly between your wireless laptops. What type of wireless topology has been createdpassguide A: BSS B: ESS C: IBSS D: SSID Answers: C Explanation: Ad-hoc mode or Independent Basic Service Set [IBSS] is simply a group of computers talGuides wirelessly to each other with no access point (AP). Question 8: What is one reason that WPA encryption is preferred over WEPpassguide A: A WPA key is longer and requires more special characters than the WEP key. B: The access point and the client are manually configured with different WPA key values. C: WPA key values remain the same until the client configuration is changed. D: The values of WPA keys can change dynamically while the system is used. Answers: D Explanation: WPA uses dynamic keys ; WEP uses static keys. Question 9: Which two devices can interfere with the operation of a wireless network because they operate on similar frequenciespassguide (Choose two.) A:copier B:microwave oven C:toaster
5 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

C:toaster D:cordless phone E:IP phone F:AM radio Answers: B, D Question 10: Which encryption type does WPA 2 use passguide A: AES-CCMP B: PPK via IV C: PSK D: TKIP/MIC Answers: A Explanation: WPA 2 uses AES-CCMP encryption . AES-CCMP incorporates two sophisticated cryptographic techniques (counter mode and CBC-MAC) and adapts them to Ethernet frames to provide a robust security protocol between the mobile client and the access point

Implement, verify, and troubleshoot NAT and ACLs


CCNA (640-802) exam topic Implement, verify, and troubleshoot NAT and ACLs in a medium-size Enterprise branch office network . Question1: What are two reasons that a network administrator would use access listspassguide (Choose two.) A:to control vty access into a router B:to control broadcast traffic through a router C:to filter traffic as it passes through a router D:to filter traffic that originates from the router E:to replace passwords as a line of defense against security incursions Answers: A, C Question 2: Refer to the exhibit. The access list has been configured on the S0/0 interface of router RTB in the outbound direction. Which two packets, if routed to the interface, will be deniedpassguide (Choose two.) access-list 101 deny tcp 192.168.15.32 0.0.0.15 any eq telnet access-list 101 permit ip any any

6 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

A:source ip address: 192.168.15.5; destination port: 21 B:source ip address:, 192.168.15.37 destination port: 21 C:source ip address:, 192.168.15.41 destination port: 21 D:source ip address:, 192.168.15.36 destination port: 23 E:source ip address: 192.168.15.46; destination port: 23 F:source ip address:, 192.168.15.49 destination port: 23 Answers: D, E Explanation: access-list 101 deny tcp 192.168.15.32 0.0.0.15 any eq telnet access-list 101 permit ip any any The above two access-list statements are configured on RTB router and placed in outbound direction on S 0/0 interface. First ACL statement denies all telnet ( port 23) connections from source address range 192.168.15.32 192.168.15.47 to any destination hosts. Since we need to find the two packets that will be denied when routed outside s 0/0 interface . source ip address:, 192.168.15.36 destination port: 23 this matches the ACL statement so this packet is denied. source ip address: 192.168.15.46; destination port: 23 also matches the ACL statment so this packet is denied. Question 3: Refer to the exhibit. Why would the network administrator configure RA in this mannerpassguide

A: to give students access to the Internet B: to prevent students from accessing the command prompt of RA C: to prevent administrators from accessing the console of RA D: to give administrators access to the Internet E: to prevent students from accessing the Internet F: to prevent students from accessing the Admin network Answers: B E
7 of 24

ti

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Explanation: The above config entered on RA by administrator is to allow only Admin people (10.1.1.0) to access RA command prompt using telnet . Since there is an implicit deny any statement at the end of access-list 2, so rest all (students) are prevented from accessing command prompt of RA using telnet. Question 4: What is the function of the Cisco IOS command ip nat inside source static 10.1.1.5 172.35.16.5passguide A: It creates a global address pool for all outside NAT transactions. B: It establishes a dynamic address pool for an inside static address. C: It creates dynamic source translations for all inside local PAT transactions. D: It creates a one-to-one mapping between an inside local address and an inside global address. E: It maps one inside source address to a range of outside global addresses. Answers: D Explanation: This command creates a static NAT translation entry for inside local address(10.1.1.5) to inside global address(172.35.16.5) . Question 5: What is the effect of the following access list conditionpassguide access-list 101 permit ip 10.25.30.0 0.0.0.255 any A: permit all packets matching the first three octets of the source address to all destinations B: permit all packets matching the last octet of the destination address and accept all source addresses C: permit all packets from the third subnet of the network address to all destinations D: permit all packets matching the host bits in the source address to all destinations E: permit all packets to destinations matching the first three octets in the destination address Answers: A Explanation: The wild card mask (0.0.0.255) 0s in wildcard mask needs a definite match . So for the above access-list wildcard mask specifies that it need to match first three octets of source address. Destination address for the ACL is any so it permits all packets that matches the first three octets of source address to all destinations Question 6: What does the Inside Global address represent in the configuration of NATpassguide A: the summarized address for all of the internal subnetted addresses B: the MAC address of the router used by inside hosts to connect to the Internet C: a globally unique, private IP address assigned to a host on the inside network D: a registered address that represents an inside host to an outside network Answers: D Explanation: Inside global address A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP addresses to the outside world. Question 7: Wh t th i
8 of 24

fi f

ti

di

t d d

li t t filt

t ffi

id (Ch

th

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

What three pieces of information can be used in an extended access list to filter trafficpassguide (Choose three.) A:protocol B:VLAN number C:TCP or UDP port numbers D:source switch port number E:source IP address and destination IP address F:source MAC address and destination MAC address Answers: A, C, E Question 8: An access list was written with the four statements shown in the graphic. Which single access list statement will combine all four of these statements into a single statement that will have exactly the same effectpassguide

A: access-list 10 permit 172.29.16.0 0.0.0.255 B: access-list 10 permit 172.29.16.0 0.0.1.255 C: access-list 10 permit 172.29.16.0 0.0.3.255 D: access-list 10 permit 172.29.16.0 0.0.15.255 E: access-list 10 permit 172.29.0.0 0.0.255.255 Answers: C Explanation: To combine all four ACL statements into one ACL statement with same effect we need new network that matches all 4 statements network statement and new wildcard mask for the new network we will use. New Network for the ACL statement: AND operation needs to be perform on all four statements. AND operation: (AND: The output is true only when both inputs A and B are true.) A B = Output 0 -0 = 0; 0-1 = 0 ; 1-0 = 0; 1-1= 1 Following above AND operations procedure 172.29.16.0 = 10101100.00011101.00010000.00000000 172.29.17.0 = 10101100.00011101.00010001.00000000 172.29.18.0 = 10101100.00011101.00010010.00000000 172.29.19.0 = 10101100.00011101.00010011.00000000 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 172.29.16.0 = 10101100.00011101.00010000.00000000 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: new network after AND operation is 172.29.16.0 Now to find out Wildcard mask to match all four networks we need to perform XOR operations. XOR operation: (XOR: The output is true when either inputs A or B are true, but not if both A and B are true.) A B = Output 0 0 = 0 ; 0 1 = 1 ; 1-0 = 1 ; 1 1 = 0 Following above XOR operations procedure 172 29 16 10101100 00011101 00010000
9 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

172.29.16.x = 10101100.00011101.00010000.x 172.29.17.x = 10101100.00011101.00010001.x 172.29.18.x = 10101100.00011101.00010010.x 172.29.19.x = 10101100.00011101.00010011.x :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 0.0.3.x = 00000000.00000000.00000011.x :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Since we are only concern about first three octets the last octet can be 255 so the new wildcard mask is 0.0.3.255 The complete single acl statement with new network and wildcard mask that matches all four networks is access-list 10 permit 172.29.16.0 0.0.3.255 Question 9: An inbound access list has been configured on a serial interface to deny packet entry for TCP and UDP ports 21, 23 and 25. What types of packets will be permitted by this ACLpassguide (Choose three.) A:FTP B:Telnet C:SMTP D:DNS E:HTTP F:POP3 Answers: D, E, F Explanation: Ports 21, 23 and 25 are denied by ACL. 21 = FTP ; 23= Telnet ; 25= SMTP Remaining ports are permited so DNS, HTTP and POP3 ports are permitted by ACL. Quesstion 10: Refer to the exhibit. The FMJ manufacturing company is concerned about unauthorized access to the Payroll Server. The Accounting1, CEO, Mgr1, and Mgr2 workstations should be the only computers with access to the Payroll Server. What two technologies should be implemented to help prevent unauthorized access to the serverpassguide (Choose two.)

A:access lists B:encrypted router passwords C:STP D:VLANs E:VTP F:wireless LANs
10 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Answers: A, D Explanation: Access-lists are created to permit only Accounting1, CEO, Mgr1, and Mgr2 workstations to Payroll server. VLAN can be created which creates a separate Broadcast domain with vlan members only Accounting1, CEO, Mgr1, and Mgr2 workstations including Payroll server. Question 11: A network administrator would like to implement NAT in the network shown in the graphic to allow inside hosts to use a private addressing scheme. Where should NAT be configuredpassguide

A: Corporate router B: Engineering router C: Sales router D: all routers E: all routers and switches Answers: A Question 12: An access list has been designed to prevent HTTP traffic from the Accounting Department from reaching the HR server attached to the Holyoke router. Which of the following access lists will accomplish this task when grouped with the e0 interface on the Chicopee routerpassguide

A: permit ip any any


11 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

p p y y deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80 B: permit ip any any deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80 C: deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80 permit ip any any D: deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80 permit ip any any Answers: D Explanation:. We need to create a ACL which denies Account department network from accessing HTTP on HR server. Source address is account department network: 172.16.16.0 mask 255.255.255.0 Destination address is HR server : 172.17.17.252 Port number for HTTP traffic on destination addresss : 80 First create deny statement access-list 100 deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 80 Since there is a implicit deny any any statement at the end of ACL we need to permit remaining traffic. access-list 100 permit ip any any

Implement and verify WAN links


CCNA (640-802) topic Implement and Verify WAN links answers the questions from this topic in exam.

Question 1: A default Frame Relay WAN is classified as what type of physical networkpassguide A: point-to-point B: broadcast multi-access C: nonbroadcast multi-access D: nonbroadcast multipoint E: broadcast point-to-multipoint Answers: C Question 2: The command frame-relay map ip 10.121.16.8 102 broadcast was entered on the router. Which of the following statements is true concerning this commandpassguide A: This command should be executed from the global configuration mode. B: The IP address 10 121 16 8 is the local router port used to forward data
12 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

B: The IP address 10.121.16.8 is the local router port used to forward data. C: 102 is the remote DLCI that will receive the information. D: This command is required for all Frame Relay configurations. E: The broadcast option allows packets, such as RIP updates, to be forwarded across the PVC. Answers: E Explanation: When the frame-relay map command is included in the configuration with the broadcast keyword, it turns Frame Relay network as a broadcast network. Question 3: Refer to the exhibit. Which statement describes DLCI 17passguide

A: DLCI 17 describes the ISDN circuit between R2 and R3. B: DLCI 17 describes a PVC on R2. It cannot be used on R3 or R1. C: DLCI 17 is the Layer 2 address used by R2 to describe a PVC to R3. D: DLCI 17 describes the dial-up circuit from R2 and R3 to the service provider. Answers: C Question 4: How should a router that is being used in a Frame Relay network be configured to avoid split horizon issues from preventing routing updatespassguide A: Configure a separate sub-interface for each PVC with a unique DLCI and subnet assigned to the sub-interface. B: Configure each Frame Relay circuit as a point-to-point line to support multicast and broadcast traffic. C: Configure many sub-interfaces on the same subnet. D: Configure a single sub-interface to establish multiple PVC connections to multiple remote router interfaces. Answers: A Question 5: What can a network administrator utilize by using PPP Layer 2 encapsulationpassguide (Choose three.) A:VLAN support B:compression C:authentication D:sliding windows E:multilink support F:quality of service Answers: B, C, E Question 6: Refer to the exhibit. What is the meaning of the term dynamic as displayed in the output of the show frame-relay
13 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Refer to the exhibit. What is the meaning of the term dynamic as displayed in the output of the show frame relay map command shownpassguide

A: The Serial0/0 interface is passing traffic. B: The DLCI 100 was dynamically allocated by the router. C: The Serial0/0 interface acquired the IP address of 172.16.3.1 from a DHCP server. D: The DLCI 100 will be dynamically changed as required to adapt to changes in the Frame Relay cloud. E: The mapping between DLCI 100 and the end station IP address 172.16.3.1 was learned through Inverse ARP. Answers: E Explanation: Inverse ARP allows a Frame Relay network to discover the protocol address associated with the virtual circuit dynamically. Question 7: Which of the following describes the roles of devices in a WANpassguide (Choose three.) A:A CSU/DSU terminates a digital local loop. B:A modem terminates a digital local loop. C:A CSU/DSU terminates an analog local loop. D:A modem terminates an analog local loop. E:A router is commonly considered a DTE device. F:A router is commonly considered a DCE device. Answers: A, D, E Question 8: Which three Layer 2 encapsulation types would be used on a WAN rather than a LANpassguide (Choose three.) A:HDLC B:Ethernet C:Token Ring D:PPP E:FDDI F:Frame Relay Answers: A, D, F Question 9: The Frame Relay network in the diagram is not functioning properly. What is the cause of the problempassguide

14 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

A: The Gallant router has the wrong LMI type configured. B: Inverse ARP is providing the wrong PVC information to the Gallant router. C: The S3 interface of the Steele router has been configured with the frame-relay encapsulation ietf command. D: The frame-relay map statement in the Attalla router for the PVC to Steele is not correct. E: The IP address on the serial interface of the Attalla router is configured incorrectly. Answers: D Explanation: In above exhibit we need to look at the status of each PVC to identify the problem. At atlanta we find the show command for first Map status deleted. Which is the PVC to Steele because the next map statement in show command is for Gallant and its status is active. Question 10: Which of the following are key characteristics of PPPpassguide (Choose three.) A:can be used over analog circuits B:maps Layer 2 to Layer 3 address C:encapsulates several routed protocols D:supports IP only E:provides error correction Answers: A, C, E Question 11: A Cisco router that was providing Frame Relay connectivity at a remote site was replaced with a different vendors frame relay router. Connectivity is now down between the central and remote site. What is the most likely cause of the problempassguide A: incorrect IP address mapping B: mismatched encapsulation types C: incorrect DLCI D: mismatched LMI types Answers: B Question 12: Refer to the exhibit. The network administrator must complete the connection between the RTA of the XYZ Company and the service provider. To accomplish this task, which two devices could be installed at the customer site to provide a connection through the local loop to the central office of the providerpassguide (Choose two.)

A:WAN switch B:PVC C:ATM switch D:multiplexer E:CSU/DSU F:modem


15 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

F:modem Answers: E, F Question 13: When a router is connected to a Frame Relay WAN link using a serial DTE interface, how is the interface clock rate determinedpassguide A: It is supplied by the CSU/DSU. B: It is supplied by the far end router. C: It is determined by the clock rate command. D: It is supplied by the Layer 1 bit stream timing. Answers: A This topology contains 3 routers and 1 switch. Complete the topology. Drag the appropriate device icons to the labeled Device Drag the appropriate connections to the locations labeled Connections. Drag the appropriate IP addresses to the locations labeled IP address (Hint: use the given host addresses and Main router information) To remove a device or connection, drag it away from the topology. Use information gathered from the Main router to complete the configuration of any additional routers. No passwords are required to access the Main router . The config terminal command has been disabled for the HQ router. The router does not require any configuration. Configure each additional router with the following Configure the interfaces with the correct IP address and enable the interfaces. Set the password to allow console access to consolepw Set the password to allow telnet access to telnetpw Set the password to allow privilege mode access to privpw
Note: Because routes are not being added to the configurations, you will not be able to ping through the internetwork. All devices have cable autosensing capabilities disabled. All hosts are PCs

ANSWER:
16 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

NSW

The question tells us that they are 3 routers and 1 Switch. Drag the appropriate device icons to the labeled Device Device Router (1) and Router (2) are connected to main router directly. We can confirm this because the other Device labeled has Fa 0/2 and Fa 0/4 interfaces therefore this device is a switch. Drag the appropriate connections to the locations labeled Connections. 1. The Main router is connected over serial link to Router (2) because on Router (2) the exhibit provide S 0/0 IP address icon towards Main router. 2. Router (1) is connected to Main router using a crossover cable. We require a crossover cable to connect two similar devices. 3. To connect host A directly to Router (1) fast ethernet 0/1 we need a crossover cable 4. Straight-through cable is used to connect a router (2) and switch together. Drag the appropriate IP addresses to the locations labeled IP address (Hint: use the given host addresses and Main router information) Host A IP address given 192.168.152.129 /28. Host C IP address given 192.168.152.225 /28 /28 = 11111111. 11111111.11111111.11110000 = 255.255.255.240 Subnet mask is 255.255.255.240 Various subnet networks and its valid IP address ranges for the above subnet mask 1 15 16 31 32 47
17 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

32 47 48 63 64 79 80 95 96 111 112 -127 128 143 (Host A IP address is part of this subnet network IP address range, So Router (1) Fa 0/1 address is 192.168.152.142) 144 159 160 175 176 191 192 207 208 223 224 239 (Host C IP address is part of this subnet network IP address range, Router (2) Fa 0/0 address is 192.168.1.238) 240 255 Use the console of Main router and issue show running-config command at enable mode to verify the existing IP address configured on Main router Serial interface so has to identify the Network used in connecting Router (2) over serial link and depending on the network choose the appropriate IP address for S0/0 Router(2). Similarly verify the Fast Ethernet interface IP address configuration on main router and select a IP address for Router (1) fa 0/0 it should be from same network address range. Configure Router (1) and Router (2) with the following configuration: Configure the interfaces with the correct IP address and enable the interfaces. Router (1): Configuration Router1>enable Router1#configure terminal Router1(config)#interface fa 0/0 Assigns IP address to Fa 0/0 and correct subnet mask Router1(config-if)#ip address 192.168.152.190 255.255.255.240 Enables the interface Router1(config-if)#no shutdown Router1(config-if)#interface fa 0/1 Assigns IP address to Fa 0/1 and correct subnet mask Router1(config-if)#ip address 192.168.152.142 255.255.255.240 Enables the interface Router1(config-if)#no shutdown Set the console, telnet and privilege mode access password as follows Console: consolepw ; Telnet: telnetpw ; Privilege mode: privpw To set console password Router1(config)#line console 0 Router1(config-line)#password consolepw Router1(config-line)#login Router1(config-line)#exit To set telnet password
18 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

To set telnet password Router1(config)#line vty 0 4 Router1(config-line)#password telnetpw Router1(config-line)#login Router1(config-line)#exit To set privilege mode password Router1(config)#enable password privpw Router (2): Configuration Router2>enable Router2#configure terminal Router2(config)#interface fa 0/0 Assigns IP address to Fa 0/0 and correct subnet mask Router2(config-if)#ip address 192.168.152.238 255.255.255.240 Enables the interface Router2(config-if)#no shutdown Router2(config-if)#interface serial 0/0 Assigns IP address to serial 0/0 and correct subnet mask Router2(config-if)#ip address 192.168.152.174 255.255.255.240 Enables the interface Router2(config-if)#no shutdown Set the console, telnet and privilege mode access password as follows Console: consolepw ; Telnet: telnetpw ; Privilege mode: privpw Similar configuration needs to be done for Router (2) to set the passwords for console, telnet and privilege mode as we did for Router(1).

Hotspot: Topology Based Questions

19 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Question 1: If router has a packet destination address 192.168.1.255. What describes the operation of the networkpassguide Answer: R1 will drop this packet because it is not a valid ip address Explanation: The destination IP address 192.168.1.255 is broadcast address of the network 192168.1.0 /24 on router R1. Network Address: 192.168.1.0 subnet mask: 255.255.255.0 Network valid host range: 192.168.1.1 192.168.1.254 Broadcast Address : 192.168.1.255 Since router (R1) received a packet with destination IP address (192.168.1.255) which is broadcast address so it simply discards the packet as Forwarding broadcast packet can lead to severe storms of packets, and if uncontrolled could lead to network overload.

Question 2: Users on the 192.168.1.0 /24 network must access files located on the server 1. What route could be configured on router R1 for the file requests to reach the server passguide Answer: ip route 0.0.0.0 0.0.0.0 s 0/0/0 Explanation: To enable users on 192.168.1.0 network to access files on server1, we need to establish a default static route.

20 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Static route syntax: ip route prefix mask {ip-address interface-type interface-number [ip-address]} [distance] [name] [permanent track number] [tag tag] From the options provided for this question the correct default static route is ip route 0.0.0.0 0.0.0.0 S 0/0/0 PS: As per best practices static route to server1 on R1 should have been ip route 209.165.200.0 255.255.255.0 209.165.100.200 (or) ip route 209.165.200.0 255.255.255.0 s 0/0/0

Question 3: When a packet is sent from Host1 to Server1,in how many different frames will the packet be encapsulated as it is sent across the internetworkpassguide Answer: 3 Explanation: First: Host1 encapsulates the packet into frames and forwards to the switch. Switch in turn forwards the same frame to router R1. Second: Router R1 receives the frame on one interface and it is encapsulates into new packet once it leaves the router R1 towards the direction of server1. Third: R2 receives this packet and it also encapsulates the frame into new packet when it is forwarded to server1 on different interface of R2. Therefore the packet is sent using three different frames to reach from Host1 to server1.

Question 4: What must be configured on the network in order for users on the internet to view web pages located on web
21 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

g server2passguide

p g

Answer: On router R1, configure a NAT to translate address on 209.165.100.0 to 192.168.1.0 network.

Question 5: The router address 192.168.1.250 is the default gateway for both web server2 and host 1. What is the correct subnet mask for this networkpassguide Answer: 255.255.255.0 Explanation: Given subnet mask for this network is 255.255.255.0 based on the exhibit. To find the correct subnet mask for this network based on number of devices shown in the exhibit that are already configured with IP address and by not wasting IP addresses scheme. The network 192.168.1.0 consists of only three devices as per the exhibits which are configured with IP address. R1(fa 0/0) : 192.168.1.250 ( default gateway as per the question) Host1: 192.168.1.10 Web server 2: 192.168.1.106 correct subnet mask that will cover all above IP address is 255.255.255.0 ( Thanks to Helmut who identified the exhibit IP address to be considered for this selection of correct subnet mask) Question: A network associate is configuring a router for the weaver company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of 192.168.100.17 192.168.100.30 .

CLICK ON IMAGE TO VIEW

22 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Passguide Click Knowledge Base for NAT SIM to learn the concepts before attempting or learning this SIM Question Passguide

NAT SIM Configuration:


The following configuration translates between inside hosts (Weaver LAN) addressed from 192.168.100.16 /28 network (192.168.100.17 192.168.100.30) to the globally unique pool of address provided by ISP 198.18.184.105 198.18.184.110 /29. Weaver>enable Weaver#configure terminal Before starting the NAT configuration verify that router hostname currently configured is weaver. If not change hostname to Weaver using the command Router(config)#hostname weaver Step1: Create an access-list to match all the Weaver LAN address that need to be the candidates for NAT translations Weaver(config)#access-list 10 permit 192.168.100.16 0.0.0.15 Step2: Create a NAT Pool with pool name isp_adr and specify the pool address range provided by ISP with their netmask. Weaver(config)#ip nat pool isp_adr 198.18.184.105 198.18.184.110 netmask 255.255.255.248 Step3: Packets that match access-list 10 will be translated to an address from the pool called isp_adr. Overload keyword specify to use Port based NATing to support all the Weaver LAN address range. Weaver(config)#ip nat inside source list 10 pool isp_adr overload SIM Question already provides that appropriate interfaces have been configured for NAT Inside and NAT Outside statements. For your information configuration would have been like this Weaver(config)#interface fastethernet 0/0 Weaver(config-if)#ip nat inside Weaver(config)#interface serial 0/0 Weaver(config-if)#ip nat outside Functionality Test:
23 of 24

9/19/2011 2:52 PM

Download passguide ccna Hotspot 2: Topology Question | Free Certificati...

http://www.certbible.net/general/passguide-ccna-hotspot-2-topology-ques...

Functionality Test: Our requirements are to allow the hosts (Weaver LAN) the ability to communicate with the Internet. For this test, we ping the Internet device (ISP router S0/1) from Host for testing. Step1: Go to host for testing: C:\>ping 192.0.2.114 PING should be success to 192.0.2.114 since SIM question provides that static route is already configured on router. Step2: On console of router (Weaver) : Issue show ip nat translation command to verify the NAT translations. Sample output: Considering host for testing IP address is 192.168.100.17 weaver# show ip nat translation Pro Inside global Inside local Outside local Outside global icmp 198.18.184.105:434 192.168.100.17:434 192.0.2.113:434 192.0.2.114:434 icmp 198.18.184.105:435 192.168.100.17:435 192.0.2.113:435 192.0.2.114:435 icmp 198.18.184.105:436 192.168.100.17:436 192.0.2.113:436 192.0.2.114:436 icmp 198.18.184.105:437 192.168.100.17:437 192.0.2.113:437 192.0.2.114:437 icmp 198.18.184.105:438 192.168.100.17:438 192.0.2.113:438 192.0.2.114:438 Any Questions on SIMULATOR welcomed. Best of LUCK to your CCNA EXAM

24 of 24

9/19/2011 2:52 PM