ICND1 Category

RIPv2 SIM

April 13th, 2019 144 comments

Question

Configuration_Sim.jpg

TUT Company recently installed a new router in their office. Complete the network installation by performing the initial router configurations and configuring RIPv2 routing using the router command line interface (CLI) on the R2-TUT.

Name of the router is R2-TUT
Enable-secret password is Sec@ret
The password to access user EXEC mode using the console is Sec@ret2
The password to allow telnet access to the router is Sec@ret3
IPV4 addresses must be configured as follows:
Ethernet network 213.123.20.128/27 – router has last assignable host address in subnet
Serial network is 200.0.1.16/28 – router has last assignable host address in the subnet. Interfaces should be enabled.
Router protocol is RIPv2

Answer and Explanation

Read more…

DHCP Sim

December 26th, 2018 153 comments

[am4show have=’p2;’]

Premium Member: You can try this sim with our simulator here.

[/am4show]

Refer to the topology below and answer the questions.

Topology.jpg

Read more…

Show Configuration Sim

April 11th, 2018 232 comments

[am4show have=’p2;’]

Premium Member: You can try this sim with our simulator here.

[/am4show]

This task requires the use of various show commands from the CLI of Router1 to answer 5 multiple-choice questions. This does not require any configuration.

Show_Configuration_Sim_topology.jpg

NOTE: The show running-configuration and the show startup-configuration commands have been disabled in this simulation.
To access the multiple-choice questions, click on the numbered boxes on the right of the top panel.
There are 5 multiple-choice questions with this task. Be sure to answer all 5 questions before leaving this item.

Read more…

ICND1 – Security Testlet

December 30th, 2016 556 comments

[am4show have=’p2;’]

Premium Member: You can test your knowledge with these questions first via this link.

[/am4show]

Question

 

 

Security_SIM.jpg

[am4show have=’p2;’]RouterA and SwitchA have been configured to operate in a private network which will connect to the Internet. you have been asked to review the configuration prior to cabling and implementation.
This task requires the use of various commands to access and check the running configuration of the two devices. No configuration changes are necessary (and the configuration command has been disabled for these two devices).[/am4show]

Read more…

WAN Questions

September 10th, 2011 129 comments

Here you will find answers to WAN Questions

Question 1

As a network technician, you must know the various layers of the OSI model. At which layers of the OSI Model do Wide Area Networks operate in? (Choose two)

A. Physical Layer
B. Datalink Layer
C. Network Layer
D. Session Layer
E. Transport Layer
F. Presentation Layer
G. Application Layer


Answer: A B

Explanation

Frame Relay is a high-performance WAN protocol that operates at the physical and data link layers of the OSI reference model.

Question 2

Network equipment supporting the use of flow control mechanisms has been recently installed in the network. What is the purpose of flow control in a data network?

A. It ensures that data is retransmitted if an acknowledgment is not received.
B. It reassembles segments in the correct order on the destination device.
C. It provides a mechanism for the receiver to control the transmission speed.
D. It regulates the size of each datagram segment.
E. All of the above are functions of flow control


Answer: C

Explanation

Flow control is the process that control the rates at which data is transferred between two endpoints, enabling a receiving device to signal congestion to a sending device, which allows for the sending device to temporarily halt transmission, alleviating congestion at the receiving device.

Question 3

You are a network administrator working in the communication company. One day, you find that the encapsulation has been altered by someone on a synchronous serial line and this new configuration is not the optimal one. So you attempt to return the encapsulation to the default. Which measure will you take to reach this goal?

A. Issue the shutdown then no shutdown commands to reset the encapsulation on the interface.
B. Reboot the router and allow it to reload the configuration.
C. Configure the interface for HDLC encapsulation.
D. Change the encapsulation to ARPA.


Answer: C

Explanation

We can’t use the “shutdown” & “no shutdown” commands to reset the encapsulation because it doesn’t affect the encapsulation type -> A is not correct.

Reboot the router and reload the configuration can solve this problem but other configuration will be erased too -> not a good choice.

The question asks “attempt to return the encapsulation to the default” and the default encapsulation on a Cisco router is HDLC so we can configure the interface for HDLC encapsulation -> C is the correct.

D is not correct as ARPA is not the default WAN encapsulation of a Cisco router. ARPA is the standard Ethernet version 2.0 encapsulation.

Question 4

During your interview for a network administrator job, your interviewer gives you some statements to judge. The following options are all related to the configuration of a serial link on a Cisco router. You should point out which one is the correct. What is your answer?

A. The clock rate command is a requirement for DCE interfaces.
B. If the clock rate command is configured, then the bandwidth command is required.
C. If the bandwidth command is configured, then the clock rate command is required.
D. Cisco routers are DCE devices.


Answer: A

Explanation

The purpose of DCE equipment is to provide clocking and switching services in a network. Clock rate doesn’t have a default value so we have to configure it manually (while bandwidth does have a default value). Cisco routers can be configured as DTE or DCE devices.

Question 5

As a network technician, you should know how to gain information from the exhibit. According to the command output displayed in the following exhibit, please point out the correct description about interface Serial 0/0/0.

Exhibit

Router#show running-config
Building configuration


Current configuration :59 bytes

<output omitted>

interface Serial0/0/0
ip address 209.165.200.225 255.255.255.224
!

A. The configuration is incomplete, which will cause the interface status to be “Serial0/0/0 is down, line protocol is down”
B. The interface is using Cisco HDLC for layer 2 encapsulation.
C. The configuration is incomplete, which will cause the interface status to be “Serial0/0/0 is up, line protocol is down”.
D. A ping to the remote address 209.165.200.226 will be successful.


Answer: B

Explanation

The configuration is correct and the “no shutdown” command was used (because we don’t see a “shutdown” line in the output) so we can see at least “Serial0/0/0 is up” -> A is not correct.

Although the configuration is correct but we don’t know if this interface is connected with another router or not. If it is connected with another interface (on another router) and that interface is up, we will see the “Serial0/0/0 is up, line protocol is up”. Otherwise we will see “Serial0/0/0 is up, line protocol is down” -> we can’t guarantee answer C is correct.

Answer D is the same with C because we don’t know if the remote interface 209.165.200.226 exists (and turned up) or not.

For WAN interface (serial interface), the default layer 2 encapsulation is HDLC -> B is correct.

Question 6

PPP_Encapsulation.jpg

Router2#show interface serial 0/0
Serial0/0 is up, line protocol is down
Hardware is PowerQUICC Serial
Internet address is 172.16.10.1/30
MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255 load 1/255
Encapsulation HDLC, loopback not set, keepalive set (10 sec)
<output omitted>

You work as a network administrator. You study the exhibits carefully. The corporate office and branch office have been attached through two non-Cisco routers over a highly reliable WAN connection over a year. A new Cisco router has been installed to replace the hardware at the branch location. Since the installation, IP communication cannot be verified across the link.

Given the output on router R1, what could be a logical first step to take to resolve this problem?

A. Ensure an exact match between the bandwidth setting on Router1 and Router2
B. Change the encapsulation on Router1 to PPP.
C. Change the bandwidth setting on Router1 to match the actual line speed
D. Verify successful DCE communication between the two sites.
E. Verify Layer1 communication on the Router1 Serial0/0 interface


Answer: B

Explanation

HDLC is a Cisco proprietary protocol so we can’t use it when connecting to a non-Cisco router. PPP is the standard protocol that is widely supported and used by many ISPs.

Question 7

From the choices shown above, which port can be used for a WAN T1 connection?

AUI_Serial_BRI_Console_Ports.jpg

A. Console
B. Serial 0
C. AUI
D. BRI
E. None of the other alternatives apply


Answer: B

Explanation

The console port is intended for local administrative access from an ASCII terminal or a computer using a terminal emulator.

Serial ports support WAN T1 connection.

Attachment Unit Interface (AUI) ports are designed to connect to an external transceiver for conversion to a specific media type (such as twisted pair, coax, or fiber). AUI can transfer only 1 bit at a time.

BRI ports are used for ISDN services (mostly voice).

Question 8

A WAN connection is shown below:

WAN_Connection.jpg

Based on this diagram, which two devices can be used to complete the connection between the WAN router at the customer site and the service provider? (Choose two)

A. CSU/DSU
B. modem
C. WAN switch
D. ATM switch
E. Frame Relay switch
F. ISDN TA


Answer: A B

Explanation

A modem or CSU/DSU can provide clock rate so it can be used for the topology above.

The Channel Service Unit (CSU) can echo loopback signals from the phone company for testing purposes.

The Data Service Unit (DSU) manages line control, and converts input and output between RS-232C, RS-449, or V.35 frames from the LAN and the time-division multiplexed (TDM) DSX frames on the T-1 line. The DSU provides a modem-like interface between the computer as Data Terminal Equipment (DTE) and the CSU.

ARP Testlet

April 24th, 2011 86 comments

This is a testlet. The testlet consists of 4 questions that relate to the scenario below:

ICND1_testlet_question

Directions: Refer to the exhibit. This testlet consists of four questions that address steps in the process of data communication between host F and the server named WWW” on another LAN. You are free to move back and forth between the questions to review your answers.

Question 1:

In order to begin communicating with the server, host F sends out an ARP request. How will the devices exhibited in the topology respond to this request?

A – Switch West _1 will reply with the MAC address of the server.
B – Hosts D and E will respond that the destination is not on the local LAN.
C – Router SFX will forward the ARP request to the ILM router .
D – Switch West _1 will block the request since the server is not on the LAN.
E – The ILM router will respond with the IP address of the WWW server.
F – Router SFX will respond with the MAC address of its Fa0/0 interface.

 

Answer: F

Explanation:

Because the server WWW is on another LAN of host F, host F knows that it has to send its packets to the default gateway. Therefore, for the first time, it will send out an ARP broadcast message asking for the MAC address of router SFX. Router SFX receives this message and replies with the MAC address of Fa0/0 interface. Later, when host F wants to send packets to WWW server, it will include the IP address of WWW server and the MAC address of Fa0/0 interface of SFX router in the “destination IP address” and “destination MAC address” fields, respectively.

Question 2:

The ARP reply has been received by host F, which needs to build the packet. What information will be placed in the header of the packet that leaves host F if host F is to communicate with the WWW server? (Choose two)

A – The destination address will be the IP address of interface Fa0/0 of the ILM router .
B – The destination address will be the IP address of the WWW server.
C – The destination address will be the IP address of interface Fa0/0 of router SFX.
D – The source address will be the IP address of host F.
E – The source address will be the IP address of interface Fa0/0 of router SFX.
F – The destination address will be the IP address of interface Fa0/0 of router SFX.

 

Answer: B D

Explanation:

After receiving ARP reply from SFX router, host F will place these fields in the header of the packets:

Source addresses: the IP address of host F and the MAC address of host F
Destination addresses: the IP address of WWW server and the MAC address of SFX router

Question 3:

The frame has been received by the ILM router and is to be delivered on the local LAN. Which two statements describe the addressing of the Ethernet frame that has been created by the ILM router ? (Choose two)

A – The destination address will the be the MAC address of the switch A port attached to the Fa0/0 interface of the ILM router .
B – The destination address will be the MAC address of the WWW server.
C – The destination address will be the MAC address of the A switch port attached to the WWW server.
D – The source address will be the MAC address of host F.
E – The source address will be the MAC address of interface Fa0/0 of the ILM router.

 

Answer: B E

Question 4:

Host F is displaying two World Wide Web documents from the WWW server in two browser windows at the same time. How did the data find its way to the correct browser windows?

A – The IP source addresses of the packets will be used to direct the data to the correct browser window.
B – The browsers track the data by the URL.
C – TCP port numbers are used to direct the data to the correct application window.
D – The OSI application layer tracks the conversations and directs them to the correct browser.

 

Answer: C

Explanation:

TCP and UDP protocol port numbers are designed to distinguish multiple applications running on a single device from one another. In the TCP and UDP header, there are “Source Port” and “Destination Port” fields which are used to indicate the message sending process and receiving process identities defined. The combination of the IP address and the port number is called “socket”.

Other lab-sims in the ICND 1 Exam:

ICND 1 – Show Configuration Sim

ICND 1 – Implementation SIM

ICND 1 – RIPv2 SIM

ICND 1 – Implementation Sim 2

Frame Relay Sim – Hotspot (on 9tut.com)

Other lab-sims might appear in the real ICND 1 exam, read and understand them if you have enough time!

Hotspot

April 8th, 2011 52 comments

Here you will find answers to hotspot questions in ICND 1 exam


Refer to the topology. Using the information shown, answer the five questions shown on the Questions tab.

RIP_hotspot

Question 1:

On which router should a default route be configured?

A – on the ISP router
B – on R1
C – on R2
D – on R3
E – on R4


Answer: B

Question 2:

With all links operational and all routers converged, which of the following describes the messaging between routers?

A – Hellos are sent every five seconds.
B – Multicasts are sent every 60 seconds.
C – Broadcasts are sent every 30 seconds.
D – No messaging unless the topology changes.


Answer: C


Question 3:

Which of the following describes the route update process if the interface from R4 connected to LAN 4 goes down?

A – No updates occur
B – R4 tells both R1 and R3 the network not accessible. Both R3 and R1 update R2.
C – R4 tells only R1 the network is not accessible. R1 updates R2 and R2 updates R3.
D – R4 tells only R3 the network is not accessible. R3 updates R2 and R2 updates R1.


Answer: B

Question 4:

Why would RIP be used rather than static routes on R1, R2, R3, and R4?

A – RIP creates more accurate than static routes.
B – RIP uses less network resources than do static routes.
C – RIP is supported by more different vendors equipment than static routes.
D – RIP requires less configuration to automatically adjust when links go down than static routes.


Answer: D

Question 5:

On which router should a static route be configured?

A – on the ISP router
B – on R1
C – on R2
D – on R3
E – on R4


Answer: A

Operations

April 5th, 2011 107 comments

Here you will find answers to operation questions in ICND 1 exam

Question 1:

Refer to the exhibit. The junior network support staff provided the diagram as a recommended configuration for the first phase of a four-phase network expansion project. The entire network expansion will have over 1000 users on 14 network segments and has been allocated this IP address space:

192.168.1.1 through 192.168.5.255
192.168.100.1 through 198.168.100.255

What are three problems with this design? (Choose three)

subnet1

A – The AREA 1 IP address space is inadequate for the number of users.
B – The AREA 3 IP address space is inadequate for the number of users.
C – AREA 2 could use a mask of /25 to conserve IP address space.
D – The network address space that is provided requires a single network-wide mask.
E – The router-to-router connection is wasting address space.
F – The broadcast domain in AREA 1 is too large for IP to function.

Answer: A C E

Question 2:

Refer to the exhibit. A technician is testing connection problems in the internetwork. What is the problem indicated by the output from HostA?

ping_tracert

A – The routing on Router2 is not functioning properly.
B – An access list is applied to an interface of Router3.
C – The Fa0/24 interface of Switch1 is down.
D – The gateway address of HostA is incorrect or not configured.

Answer: D

Explanation:

When trying to ping the IP 192.168.3.254,you received the replies from that IP. It means that you can reach the Fa0/0 interface of Router1. But notice that the IP of host A (192.168.3.1/24) and the IP of the Fa0/0 interface of Router 1 (192.168.3.254/24) are on the same network. So you don’t need a gateway address configured on HostA. Therefore you can’t conclude the gateway address of HostA was configured correctly.

Lately, you tried to use the tracert command to reach another network (192.168.4.7). In this case, a gateway address was required for reaching the network of hostB. But the result told that “Destination host unreachable” – means that Host A can not find a route to Host B -> The gateway address of Host A was incorrect (something other than 192.168.3.254) or not configured is a possibility.

A and B are incorrect because if there is a mis-configuration on Router 2 or Router 3 (while Router 1 is configurated correctly), you will see at least one successful line when using tracert command likes the bold line below:

PC>tracert 192.168.4.7

Tracing route to 192.168.4.7 over a maximum of 30 hops:

1 62 ms 62 ms 46 ms 192.168.3.254
2 * * * Request timed out.

C is incorrect because we can ping Router 1 -> port Fa0/24 on Switch 1 was turned on and running correctly.

Question 3:

Refer to the exhibit. The internetwork is using subnets of the address 192.168.1.0 with a subset mask of 255.255.255.224. The routing protocol in use is RIP version 1. Which address could be assigned to the FastEthernet interface on RouterA?

subnet2

A – 192.168.1.31
B – 192.168.1.64
C – 192.168.1.127
D – 192.168.1.190
E – 192.168.1.192

Answer: D

Explanation:

255.255.255.224 = 1111 1111.1111 1111.1111 1111.1110 0000 (binary form)

Increment: 32

First subnetwork: 192.168.1.0 -> 192.168.1.31 (A is incorrect because 192.168.1.31 is a broadcast address)
Second subnetwork: 192.168.1.32 -> 192.168.1.63
Third subnetwork: 192.168.1.64 -> 192.168.1.95 (B is incorrect because 192.168.1.64 is a network address)
Fourth subnetwork: 192.168.1.96 -> 192.168.1.127 (C is incorrect because 192.168.1.127 is a broadcast address)
Fifth subnetwork: 192.168.1.128 -> 192.168.1.159
Sixth subnetwork: 192.168.1.160 -> 192.168.1.191 (D is correct because 192.168.1.190 is the last assignable host address of this subnetwork)
Seventh subnetwork: 192.168.1.192 -> 192.168.1.224 (E is incorrect because 192.168.1.192 is a network address)

Question 4:

Refer to the exhibit. For security reasons, information about RTA, including platform and IP addresses, should not be accessible from the Internet. This information should, however, be accessible to devices on the internal networks of RTA. Which command or series of commands will accomplish these objectives?

cdp_enable

A – RTA(config)#no cdp run
B – RTA(config)#no cdp enable
C – RTA(config)#interface s0/0
RTA(config-if)#no cdp run
D – RTA(config)#interface s0/0
RTA(config-if)#no cdp enable

Answer: D

Question 5:

Refer to the exhibit, PC1 pings PC2. What three things will CORE router do with the data that is received from PC1? (Choose three)

ip_mac_address

A – The data frames will be forwarded out interface FastEthernet0/1 of CORE router.
B – The data frames will be forwarded out interface FastEthernet1/0 of CORE router.
C – CORE router will replace the destination IP address of the packets with the IP address of PC2.
D – CORE router will place the MAC address of PC2 in the destination MAC address of the frames.
E – CORE router will put the IP address of the forwarding FastEthernet interface in the place of the source IP address in the packets.
F – CORE router will put the MAC address of the forwarding FastEthernet interface in the place of the source MAC address.

Answer: B D F

Subnetting Questions

April 1st, 2011 160 comments

Here you will find answers to subnetting questions in ICND 1 exam

Note: If you are not sure about subnetting, please read my Subnetting tutorial.

Question 1

Refer to the exhibit. The goal of this network design is to provide the most efficient use of IP address space in a network expansion. Each circle defines a network segment and the number of users required on that segment. An IP subnetwork number and default gateway address are shown for each segment.

What are three problems with the network design as shown? (Choose three)

IP_subnetworks

A – Interface fa0/3 has an IP address that overlaps with network 10.1.3.0/30.
B – Interface fa0/1 has an invalid IP address for the subnet on which it resides.
C – Interface fa0/2 has an invalid IP address for the subnet on which it resides.
D – Network 10.1.2.0/25 requires more user address space.
E – Network 10.1.3.128/25 requires more user address space.
F – The IP subnet 10.1.1.0/30 is invalid for a segment with a single server.

 

Answer: A B D

Explanation

Answer A should be “Interface fa0/3 has an invalid IP address for the subnet on which it resides” to be the correct answer. But there is no better solution (answers C E F are obviously incorrect) so we must choose answer A.

Question 2:

If an ethernet port on a router was assigned an IP address of 172.16.112.1/20, what is the maximum number of hosts allowed on this subnet?

A – 1024
B – 2046
C – 4094
D – 4096
E – 8190

 

Answer: C

Question 3:

Refer to the exhibit. The internetwork is using subnets of the address 192.168.1.0 with a subnet mask of 255.255.255.224. The routing protocol in use is RIP version 2. Which address could be assigned to the FastEthernet interface on RouterA?

subnetting_1

A – 192.168.1.31
B – 192.168.1.64
C – 192.168.1.127
D – 192.168.1.190
E – 192.168.1.192

 

Answer: D

Question 4:

Refer to the exhibit. HostA cannot ping HostB. Assuming routing is properly configured, what could be the cause of this problem?

subnetting_2

A – HostA is not on the same subnet as its default gateway.
B – The address of SwitchA is a subnet address.
C – The Fa0/0 interface on RouterA is on a subnet that can’t be used.
D – The serial interfaces of the routers are not on the same subnet.
E – The Fa0/0 interface on RouterB is using a broadcast address.

 

Answer: D

Drag and Drop Questions

March 29th, 2011 92 comments

Here you will find answers to drag and drop questions in ICND 1 exam

Question 1:

Drag the appropriate command on the left to the configuration task it accomplishes (not all options are used)

ICND1_dragAndDrop_question_1_passwords


Answer:

1) service password-encryption
2) line console 0
password friendS0nly
3) enable secret noWay1n4u
4) line vty 0 4
password 2hard2Guess
5) enable password uwi11NeverNo

Question 2:

Construct the command sequence to configure an IP address on a serial interface (not all options are used)

ICND1_dragAndDrop_question_2_config


Answer:

1) Hub# configure terminal
2) Hub(config)# interface s0/0
3) Hub(config-if)# ip address 10.8.5.255 255.255.252.0
4) Hub(config-if)# no shutdown
5) Hub(config-if)# description T1 to WAN

Explanation:

One thing interesting in the answers is that the command ip address “10.8.5.255 255.255.252.0” (answer 3) is correct because 10.8.5.255 255.255.255.0 is not a broadcast address. Let’s analyze this case a bit closer:

Increment: 4 for the third octet (255.255.252.0 = 1111 1111.1111 1111.1111 1100.0000 0000)
First subnetwork range: 10.8.0.0 to 10.8.3.255
Second subnet range: 10.8.4.0 to 10.8.7.255

Therefore 10.8.3.255 and 10.8.7.255 are the broadcast addresses but not 10.8.5.255. So we can assign this address to s0/0 interface.

( Notice that the command Hub(config)# ip address 172.16.20.21 255.255.255.0 is only correct only if it is in interface mode, which is Hub(config-if)# )

Question 3:

Drag the commands on the left to the appropriate functions on the right (Not all options are used)

ICND1_dragAndDrop_question_3


Answer:

1) ipconfig /all
2) tracert
3) telnet
4) ping 127.0.0.1
5) arp -a

Drag and Drop Questions 2

March 28th, 2011 70 comments

Here you will find answers to ICND 1 – Drag and Drop Questions Part 2

Question 1

As a CCNA candidate, you should master the functions of various commands. Look at the following items, some commands are listed on the left. The related roles are listed on the right in a wrong sequence. Please match them together. (Not all options are used)

save_configuration.jpg


Answer:

1) Router#copy tftp flash: replace the IOS image
2) Router#copy flash tftp: backup the current IOS image
3) Router#copy running-config tftp: make a backup copy of configuration in RAM
4) Router#copy running-config startup-config: make the configuration in RAM the configuration the router will use on startup
5) Router#copy tftp running-config: merge a backup configuration with the configuration in RAM

Explanation

First please notice that by saying “replace” we often mean changes to NVRAM and TFTP while saying “merge” or “add” we mean changes to RAM. Next we should review the syntax of “copy” command:

Syntax: copy <source> <base config filename> <destination> <destination filename.txt>

1) By default, the flash memory in a router is used to store the Cisco IOS image so the requirement “replace the IOS image” means that moving file somewhere to the flash memory. In the left columns we only have one choice which has the flash as the destination ->copy tftp flash.

2) Same explanation as above, when saying “backup the current IOS image” the flash takes the role as the source ->copy flash tftp. And “backup” means we should copy it to somewhere like tftp server, CDROM…

3) The running-config is stored in the RAM so “make a backup copy of configuration in RAM” means copy running configuration from RAM so backup server (tftp) -> copy running-config tftp

4) “copy running-config startup-config” is a very common command so no more explanation needed.

5) After solving 4 boxes above, we only have two choices left: “copy tftp running-config” & “copy flash running-config”. The bottom-right box says “merge a backup configuration” so it should be the tftp server and the command here is copy tftp running-config.

Wireless Questions

March 25th, 2011 65 comments

Here you will find answers to Wireless Questions – Part 1

If you are not sure about Wireless, please read my Wireless tutorial and Basic Wireless Terminologies

Question 1

Which wireless LAN design ensures that a mobile wireless user will not lose connectivity when moving from one access point to another on the WLAN?

A. Utilizing MAC address filtering to allow the client MAC address to authenticate with the surrounding APs
B. Using adapters and access points manufactured by the same company
C. Overlapping the wireless cell coverage by at least 10%
D. Configuring all access points to use the same channel


Answer: C

Explanation

By using more than one Access Point (AP) we can create overlapping cells to allow roaming in a larger area. But we have to ensure that two APs must have at least 10% coverage overlap and they use non-overlapping channels.

Question 2

You need to troubleshoot an interference issue with the wireless LAN. Which two devices can interfere with the operation of this network because they operate on similar frequencies? (Choose two)

A. Microwave oven
B. AM radio
C. Toaster
D. Copier
E. Cordless phone
F. IP phone
G. Ipod


Answer: A E

Explanation

Microwave oven and cordless phone radiate energy in the 2.4 GHz unlicensed band so they can interfere with some WLAN standards. As the result of that, you can’t hear clearly on the phone or can’t surf web.

Question 3

Which of the following data network would you implement if you wanted a wireless network that had a relatively high data rate, but was limited to very short distances?

A. Broadband personal comm. Service (PCS)
B. Broadband circuit
C. Infrared
D. Spread spectrum
E. Cable


Answer: C

Explanation

Infrared typically requires a line-of-sight (your TV remote control, for example) which means that it is limited to very short distances. I am not sure if it is considered “relative high data rate” but infrared can transfer up to 4Mpbs.

Question 4

You need to add a wireless access point to a new office. Which additional configuration step is necessary in order to connect to an access point that has SSID broadcasting disabled?

A. Configure open authentication on the AP and the client
B. Set the SSID value in the client software to public
C. Set the SSID value on the client to the SSID configured on the AP
D. Configure MAC address filtering to permit the client to connect to the AP


Answer: C

Explanation

Service Set Identifier (SSID) is the term to identify a WLAN. In most cases SSID is broadcast by the AP, the user only needs to select that SSID and provides a correct password to access it. But in some cases for security reason, the SSID can be disabled. Users can only access to that network if they type both SSID and password correctly.

Question 5

You need to secure a new access point on the a wireless network. Which two practices help secure the configuration utilities on wireless access points from unauthorized access? (Choose two)

A. Changing the default SSID value
B. Configuring traffic filtering
C. Changing the mixed mode setting to single mode
D. Configuring a new administrator password
E. Assigning a private IP address to the AP


Answer: A D

Explanation

To improve security, you should change the default SSID value on your AP. For example, Linksys routers (which are produced by Cisco) typically have an SSID of “linksys” -> A is correct.

In an AP we can configure traffic filtering but it is mainly used for filtering which services clients can use, IP ranges, ports, websites, time access… It has no effect on securing your AP -> B is not correct.

“Mixed mode” here means we can configure AP to allow clients to use different standard like 802.11b, g or n. But setting it to single mode doesn’t have any security protection on it -> C is not correct.

We should also change the administrator password because everyone can access to the admin page of an AP by open a web browser and type the IP address of that AP (for example: http://192.168.1.1). Typically, Linksys Wireless routers have a default username/password of “admin/admin” or “admin/[blank]” which are easily guessed or found out -> D is correct.

We can access the AP by using a private IP address (in the same private network of the AP – 192.168.1.1, for example) -> E is not correct.

Question 6

You need to determine the proper security settings on a new WLAN-capable office. Which encryption type would WPA2 use in this office?

A. PSK
B. AES-CCMP
C. PPK via IV
D. TKIP/MIC
E. None of the other alternatives apply


Answer: B

Explanation

Advanced Encryption Standard (AES) is the cipher system used by RSN. It is the equivalent of the RC4 algorithm used by WPA. However the encryption mechanism is much more complex and does not suffer from the problems associated with WEP. AES is a block cipher, operating on blocks of data 128bits long.

CCMP is the security protocol used by AES. It is the equivalent of TKIP in WPA. CCMP computes a Message Integrity Check (MIC) using the well known, and proven, Cipher Block Chaining Message Authentication Code (CBC-MAC) method. Changing even one bit in a message produces a totally different result.

The AES-CCMP encryption algorithm used in the 802.11i (WPA2) security protocol. It uses the AES block cipher, but restricts the key length to 128 bits. AES-CCMP incorporates two sophisticated cryptographic techniques (counter mode and CBC-MAC) and adapts them to Ethernet frames to provide a robust security protocol between the mobile client and the access point.

Question 7

What is one reason why WPA encryption is preferred over WEP in this network?

A. The WPA key values remain the same until the client configuration is changed.
B. The values of WPA keys can change dynamically while the system is used.
C. The access point and the client are manually configured with different WPA key values.
D. A WPA key is longer and requires more special characters than the WEP key.
E. None of the other alternatives apply


Answer: B

Explanation

Wireless Encryption Protocol (WEP) uses RC4 encryption and a static 64-bit key so it can be easily broken as only 40-bits are encrypted and 24 bits are clear-text IV(Initialization Vector). It was later upgraded to 128-bit, but the IV was still clear text meaning it took slightly longer (minutes) to break-in.

WPA was introduced in 2003 as a replacement for WEP. WPA uses Temporal Key Integrity Protocol (TKIP) to automatically change the keys. TKIP still uses RC4; it just improves how it’s done

Question 8

In an effort to increase security within the wireless network, WPA is being utilized. Which two statements shown below best describe the wireless security standard that is defined by WPA? (Choose two)

A. It requires use of an open authentication method
B. It specifies use of a static encryption key that must be changed frequently to enhance security
C. It includes authentication by PSK
D. It specifies the use of dynamic encryption keys that change each time a client establishes a connection
E. It requires that all access points and wireless devices use the same encryption key
F. WPA works only with Cisc0 access points


Answer: C D

Question 9

You need to configure a new wireless access point for your network. What are three basic parameters to configure an AP? (Choose three)

A. Authentication method
B. RTS/CTS
C. RF channel
D. SSID


Answer: A C D

Explanation

Below lists basic parameters to configure an AP

configure_AP.jpg


Wireless Questions 2

March 24th, 2011 55 comments

Here you will find answers to Wireless – Part 2

If you are not sure about Wireless, please read my Wireless tutorial and Basic Wireless Terminologies

Question 1

You have finished physically installing an access point on the ceiling at a newly opened office. At a minimum, which parameter must you configure on the access point in order to allow wireless clients to operate on it?

A. SSID
B. AES
C. TKIP
D. PSK
E. None of the other alternatives apply


Answer: A

Question 2

Part of the wireless LAN is shown below:

AP_overlap.jpg

What two facts can be determined from the diagram of the WLAN shown above? (Choose two)

A. Access points in each cell must be configured to use channel 1
B. The network diagram represents an extended service set (ESS)
C. The two APs should be configured to operate on different channels
D. The area of overlap of the two cells represents a basic service set (BSS)
E. The area of overlap must be less than 10% of the area to ensure connectivity
F. There are too many hosts on this WLAN


Answer: B C

Question 3

A single 802.11g access point has been configured and installed in the center of a square shaped office. A few wireless users are experiencing slow performance and drops while most users are operating at peak efficiency. From the list below, what are three likely causes of this problem? (Choose three)

A. Null SSID
B. Mismatched TKIP encryption
C. Cordless phones
D. Antenna type or direction
E. Mismatched SSID
F. Metal file cabinets


Answer: C D F

Explanation

802.11g operates in 2.4 GHz ISM band. Some popular devices and technologies can interfere 802.11g signal:

+ Newer cordless phones
+ Bluetooth
+ Microwaves
+ Metal surface (can cause interference)
+ Antenna (can reduce wireless signal)


Question 4

Three access points have been installed and configured to cover a small remote office. What term defines the wireless topology?

A. SSID
B. BSS
C. ESS
D. IBSS
E. ASS


Answer: C

Question 5

Two workers have established wireless communication directly between their wireless laptops. What type of wireless topology has been created by these employees?

A. ESS
B. IBSS
C. SSID
D. BSS


Answer: B

Explanation

Independent Basic Service Set – IBSS (ad hoc mode) does not use an AP. It allows two devices to communicate directly.

Basic Service Set (BSS) is a single wireless LAN created with an AP and all devices that associate with that AP.

Extended Service Set (ESS) consists of multiple APs, allowing roaming in a larger coverage area.

Question 6

802.1b is being utilized in the wireless network. Which spread spectrum technology does the 802.1b standard define for operation in this network?

A. FHSS
B. IR
C. DSSS and FHSS
D. DSSS
E. IR, FHSS and DSSS


Answer: D

Explanation

Frequency Hopping Spread Spectrum (FHSS) uses all frequencies in the band, hopping to different ones. By using slightly different frequencies for consecutive transmissions, a device can hopefully avoid interference from other devices that use the same unlicensed band, succeeding at sending data at some frequencies.

Direct Sequence Spread Spectrum (DSSS) followed as the next general class of encoding type for WLANs. Designed for use in the 2.4 GHz unlicensed band, DSSS uses one of several separate channels or frequencies.

The original 802.11 WLAN standards used FHSS, but the current standards (802.11a, 802.11b, and 802.11g) do not. 802.1b uses DSSS while 802.1a & 802.1g use Orthogonal Frequency Division Multiplexing (OFDM).

(Reference: ICND1 Official Exam Certification Guide)

Question 7

Which IEEE standard is used to define Wi-Fi?

A. IEEE 802.3
B. IEEE 802.5
C. IEEE 802.11h
D. IEEE 802.11c
E. IEEE 802.11


Answer: E

Question 8

An office is using an IEEE 802.11b wireless LAN. What is the maximum data rate specified for this WLAN?

A. 11 mbps
B. 100 mbps
C. 54 mbps
D. 10 mbps
E. 1000 mbps
F. 16 mbps


Answer: A

Explanation

The maximum data rate for popular WLAN standards are listed below:

* IEEE 802.11a: 54 Mbps in the 5.7 GHz ISM band
* IEEE 802.11b: 11 Mbps in the 2.4 GHz ISM band
* IEEE 802.11g: 54 Mbps in the 2.4 GHz ISM band

Share your ICND1 Experience

August 16th, 2010 2,216 comments

Please share with us your experience after taking the exam ICND1, your materials, the way you learned, your recommendations…

Please don’t post links to copyrighted work here!