New CCNA – Drag and Drop 3
Here you will find answers to CCNA Drag and Drop Questions – Part 3
Question 1
Drag the security features on the left to the specific security risks they help protect against on the right. (Not all options are used)
Answer:
1) VTY password: remote access to device console
2) console password: access to the console 0 line
3) access-group: access to connected networks or resources
4) service password-encryption: viewing of passwords
5) enable secret: access to privileged mode
The unselected left-box – CHAP – is used to verify the identity of the peer by means of a three-way handshake.
Question 2
Refer to the exhibit. PC-A is sending packets to the FTP server. Consider the packets as they leave RA interface Fa0/0 forwards RB. Drag the correct frame and packet address to their places in the table.
Answer:
Source MAC: 0000.0C93.9999
Destination MAC: 0000.0C89.3333
Source IP: 172.16.21.7
Destination IP: 172.16.34.250
Explanation
Remember these rules:
The IP addresses (of source and destination) of a packet never change during the transportation through the network. For example if PC-A wants to send a packet to PC-Z then the source and destination IP addresses of the packet will be the IP addresses of PC-A and PC-Z no matter how many devices they go through.
The MAC addresses, conversely, will change while passing the devices. The source MAC address is the address of the last sender and the destination MAC address is the address of the next device.
Question 3
As a network administrator, you are required to configure the network security policy. And the policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy? Please choose appropriate commands and drag the items to the proper locations.
Answer:
Appropriate commands:
SW(config-if)# switchport port-security maximum 1
SW(config-if)# switchport port-security violation shutdown
Question 4
The left describes boot sequence, while the right describes the orders. Drag the items on the left to the proper locations.
Answer:
1) Step 1: The power on self test executes.
2) Step 2: The bootstrap loader in ROM executes.
3) Step 3: The IOS is located and loaded based on boot system commands in NVRAM.
4) Step 4: The configuration file is loaded from NVRAM.
5) Step 5: If no configuration file is located, the setup dialog initiates.
Explanation
When a router boots up, it performs a series of steps, called the boot sequence, to test the hardware and load the necessary software. The boot sequence consists of the following steps:
1) Power on self test (POST): tests the hardware to verify that all components of the device are operational and present.
2) The bootstrap loader in ROM executes: The bootstrap loader is a program in ROM that is used to find where a valid Cisco IOS image is located.
3) If a valid Cisco IOS image is located, it is loaded.
4) IOS loads configuration file. Once the IOS image is loaded, it will search for a valid startup configuration in NVRAM.
5) If a valid startup configuration file cannot be found, the router will load the System Configuration Dialog (sometimes called setup mode). This mode allows you to perform the initial configuration of the router.
Question 5
Drag and Drop question. Drag the items to the proper locations.
Routing has been configured on the local router with these commands:
Local(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1
Local(config)# ip route 10.1.0.0 255.255.255.0 192.168.2.2
Local(config)# ip route 10.1.0.0 255.255.0.0 192.168.3.3
Drag each destination IP address on the top to its correct next hop address at the bottom.
Answer:
Next hop 192.168.1.1:
+ 10.2.1.3
+ 10.6.8.4
Next hop 192.168.2.2:
+ 10.1.0.14
+ 10.1.0.123
Next hop 192.168.3.3:
+ 10.1.1.10
+ 10.1.4.6
Explanation
If we have many entries matching for next hop ip address then the router will choose the one with most specific path to send the packet. This is called the “longest match” rule, the route with the most bits in the mask set to “1″ will be chosen to route packet.
For example, the destination IP address of 10.1.0.14 will match two “ip route” commands:
ip route 10.1.0.0 255.255.255.0 192.168.2.2
ip route 10.1.0.0 255.255.0.0 192.168.3.3
But the first command is more specific (10.1.0.0/24 is more specific than 10.1.0.0/16) so the packet will be routed to 192.168.2.2.
Note: The IP address 10.1.1.10 only matches the second command “ip route 10.1.0.0 255.255.0.0 192.168.3.3″. It does not match the command “ip route 10.1.0.0 255.255.255.0 192.168.2.2″ because the third octet is different (10.1.1.10 is different from 10.1.0.0/24).
Question 6
If a Cisco router has learned about network 10.1.1.0 from multiple sources, the router will select and install only one entry into the routing table. Indicate the order of preference that the router will use by dragging the routes on the left to the order of preference category on the right.
Answer:
1) First preference: S 10.1.1.0 is directly connected, Serial1
2) Second preference: S 10.1 1.0/24 [1/0] via 10.1.2.2
3) Third preference: D 10.1.1.0/24 [90/2172416] via 10.1.5.5, Serial0
4) Fourth preference: O 10.1.1.0/24 [ 110/789] via 10.1.3.1, Serial0
5) Fifth preference: R 10.1.1.0/24 [120/3] via 10.1.3.1, Senal0
Explanation
Administrative distance is the first criterion that a router uses to determine which routing protocol to use if two protocols provide route information for the same destination. It is a measure of the trustworthiness of the source of the routing information. The smaller the administrative distance value, the more reliable the protocol.
In this question, notice that the destination of all routes is 10.1.1.0/24 so we need to use Administrative distance of each routing protocol to specify the priority of each route. Below lists the Administrative Distance default values of popular routing protocols:
+ Directly connected: 0
+ Static route: 1
+ EIGRP (symbolize by “D”): 90
+ OSPF (symbolize by “O”): 110
+ RIP (symbolize by “R”): 120
Answer to #5 should be rewritten. It says:
Next hop 192.168.1.1:
+ 10.2.1.3
+ 10.6.8.4
Next hop 192.168.2.2:
+ 10.1.0.14
+ 10.1.0.123
Next hop 192.168.3.3:
+ 10.1.1.10
+ 10.1.4.6
BUT in the explanation, it says 10.1.1.10 would take the more specific path (i.e. 10.1.0.0 255.255.255.0 not 255.255.0.0). It should read as follows:
Next hop 192.168.1.1:
+ 10.2.1.3
+ 10.6.8.4
Next hop 192.168.2.2:
+ 10.1.1.10
+ 10.1.4.6
Next hop 192.168.3.3:
+ 10.1.0.14
+ 10.1.0.123
@Josh: The explanation was wrong. Thanks for your detection, we updated it!
Yeah … went through the same mistake, dealt with the mask as if it’s a wildcard mask, that’s why it reversed the answer, that was a pretty intelligent question!
very worst explanation….:( damn
pls explain clearly not understood anything :(
Hello Guys good news for you that CCNA discounted and Microsoft vouchers are now available. Now New CCNA (200-120) vouchers on special discount of 58% for World wide, with six months expiry date till you purchase. Each voucher cost 70USD.
Details Required For CCNA Voucher For Discount Processing:
1-Full Name. 1st Name & Last Name (as you want to appear on certificate & documents)
2-Country.
3-City.
4-State.
5-Pin Code (or Area Code)
6-Residential Address (or where you can collect your Certificate or further correspondence
can be received)
7-Date of birth
Add me on Skype through this information which is written below:
Skype Name: rockon660
you can also email me at this email address which is written below:
madeelqaiser@gmail.com
If you have any Questions feel free to contact me.
Thanks,
Best regards,
Adeel
Q5 was in today’s exam.
hi … i am writing my ccna exam on monday please could u sent me the latest dumps that u people got.. mohsinfida489@yahoo.com
Q5 was answerd the right way.
Answer to #5 should be rewritten. It says:
Next hop 192.168.1.1:
+ 10.2.1.3
+ 10.6.8.4
Next hop 192.168.2.2:
+ 10.1.0.14
+ 10.1.0.123
Next hop 192.168.3.3:
+ 10.1.1.10
+ 10.1.4.6
Local(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1 (10.X.Y.Z)
Local(config)# ip route 10.1.0.0 255.255.255.0 192.168.2.2 (more specific. 10.1.0.X)
Local(config)# ip route 10.1.0.0 255.255.0.0 192.168.3.3 (10.1.X.Y)
@Josh:you are right
Correct me if I’m wrong but with a netmask of 255.255.255.0, numbers in the first 3 octets have to match exactly. (getting into ip subnet zero) The address 10.1.1.x does not match the address in the given static route of 10.1.0.x /24. So Josh would be incorrect in saying that
“Next hop 192.168.2.2:
+ 10.1.1.10
+ 10.1.4.6″
Because the 3rd octect digit of 1 does not match the 0 in the static route with netmask of 255.255.255.0, that address would move on to the /16 route that only cares about the first 2 octets. So Mac is right on this one
Agree with Joe.
thanks 9tut
i passed the exam yesterday (april 28, 2014)
i hope xplanation of q5 of 9tut was right……
I passed my CCNA exam yesterday and i am willing to share the dumps. Please email me at gattumania@hotmail.com
Was on the exam today
the explanation for q5 haven’t been updated. which is correct?
Josh November 4th, 2013
Answer to #5 should be rewritten. It says:
Next hop 192.168.1.1:
+ 10.2.1.3
+ 10.6.8.4
Next hop 192.168.2.2:
+ 10.1.0.14
+ 10.1.0.123
Next hop 192.168.3.3:
+ 10.1.1.10
+ 10.1.4.6
BUT in the explanation, it says 10.1.1.10 would take the more specific path (i.e. 10.1.0.0 255.255.255.0 not 255.255.0.0). It should read as follows:
Next hop 192.168.1.1:
+ 10.2.1.3
+ 10.6.8.4
Next hop 192.168.2.2:
+ 10.1.1.10
+ 10.1.4.6
Next hop 192.168.3.3:
+ 10.1.0.14
+ 10.1.0.123
9tut November 5th, 2013
@Josh: The explanation was wrong. Thanks for your detection, we updated it!
please updated with correct answer.
@edwin: The explanation was updated on that date. Currently we don’t see anything wrong with the explanation & answer. Could you please describe more what you see is not correct?
Thanks 9tut i passed my exam yesterday
tomorrow iam going to wrote a exam
EL FIN DE SEMANA VOY A PRESENTAR MI EXAMEN PARA CCNA, ALGUN TIP PARA LOS LABS, O ALGUNO QUE SIEMPRE PONGAN EN EL EXAMEN, GRACIAS Y SALUDOS
@chillo can you confirm which sim you got and these dumps are still valid or not?
Question 2 and something similar to 5 were in the exam recently
Hi dear member 9tut. I wonder if there is a French version of the CCNA 200-120 exam because I’d passed the exam in French. I live in Ivory Coast
could any one please send me the latest dumps to lavanya.kalvaparthi@gmail.com
I will take CCNA exam on 2 weeks later, could any one please send me the latest dumps. my email johnchen2020@gmail.com. thanks
send me the latest dumps please o.kurwana@yahoo.co.uk
send me the latest dumps please , ahmed.salman.iq@gmail.com
send me the latest dumps please, chea_thong@yahoo.com
stcarshad@gmail.com
pls send the latest dumps
great!!
aaa
can anyone help me with the latest dump. this is my email taophycnicky@yahoo.com
send me the latest dumps please, nibble3@gmail.com
can anyone confirm question 2 is correct. ive seen other dumps that have conflicting information stating it would use the destination IP and Source IP of the routers.
I AM DOING MY EXAM ON MONDAY,,I SEEM TO TRUST THIS SITE TO NAIL THIS EXAM
so, now, the Q5′s answer is up to date? is it really the right anwser?
Hello QuattroGinger, Q2 is correct here. As the Source and Destination IP address will never change in the packet. But the Mac address always get change from router to router. If the Source or Destination IP address get change then the packet will be lost.
Think this way… you are travelling from Canada to USA. your Source address (IP) is Canada and Destination (IP) is USA. If you loose one of these you will never be able to get back. But when you travel by bus or plane the ticket you are getting that is your MAC address which says the start point and the end point. When you get to the next bus or plane then you get another MAC address.
So this way always remember IP address never change but MAC address always get change in the route. Hope it will help you to understand. If I make any mistake to explain some one please correct me. Thank you!
Dear All
Regarding all CISCO exams CCNA CCNA Security CCNP (Route Switch Tshoot) updated valid dumps & Exam discount vouchers available globally.
1. CCNA 200-120 60 % discounted vouchers
2. CCNP (Route Switch TShoot) 25 % discounted Vouchers
3. CCNA Security 640-554 60 % discounted Vouchers
Ask any kind of technical and exam related questions from our CCIE experts.
Feel Free to Contact
Email Contact:dheprofessionals@gmail.com
Skype Id:net.rideplay
Thanks
Best Regard
Admins
The question 5 is correct:
Local(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1
Local(config)# ip route 10.1.0.0 255.255.255.0 192.168.2.2
Local(config)# ip route 10.1.0.0 255.255.0.0 192.168.3.3
with a wildcard of 0.0.0.0 0.0.0.0 it will match any remote network.
with a subnet mask of 255.255.255.0 and a network of 10.1.0.0 the address range must be in 10.1.0.1 to 10.1.0.254.
the destition host of 10.2.1.3 and 10.6.8.4 will use 192.168.1.1 as gateway because of changing of second byte which mean they are in network 10.0.0.0/8.
for destition host 10.1.0.14 and 10.1.0.123 will use a gateway of 10.1.2.2, because the two hosts use a /24 subnet mask which match with our second statement.
with a subnet mask of 255.255.0.0 and 10.1.0.0 the address range begin 10.1.0.1 to 10.1.255.254. the hosts 10.1.1.10 and 10.1.4.6 use a subnet mask of /16.
9tut you right.
Q5 I don’t understand please anyone to explain.
please send me latest dumps
sairam.paripati@gmai.com
Question number looks confusing. Please share who has better explanation.
Question number 5 looks confusing. Please share who has better explanation.
Q1 yesterday
Andrew the Question is talking about what order the routes would be added to the routing table. As u know, only the best routes are added to the routing table and the routing table looks at the lowedt administrative distance, so from a routing table’s perspective it would choose 1st directly connected route AD=0, then a static route AD=1, then EIGRP AD=90, Then OSPF AD=110, then RIP AD=120.
Hope that helps
Q5 on 27th NOV 2014
Q2 and Q5 today
WRITING MY CCNA TOMORROW
Q1 was on my exam 1/1/15