CCNA 4 Chapter 3 V6.0 Answers

1. Which two scenarios are examples of remote access VPNs? (Choose two.)

All users at a large branch office can access company resources through a single VPN connection.

A mobile sales agent is connecting to the company network via the Internet connection at a hotel.

A small branch office with three employees has a Cisco ASA that is used to create a VPN connection to the HQ.

An employee who is working from home uses VPN client software on a laptop in order to connect to the company network.

A toy manufacturer has a permanent VPN connection to one of its parts suppliers.

 

2. Where is PPPoE configured on a Cisco router?

on an Ethernet interface

on the dialer interface

on any physical interface

on a serial interface

 

3. Refer to the exhibit. Which IP address is configured on the physical interface of the CORP router?

209.165.202.134

10.1.1.1

10.1.1.2

209.165.202.133

 

4. What is the function of the DSLAM in a broadband DSL network?

Communicates directly with customer cable modems to provide Internet services to customers

communicates directly with customer cable modems to provide Internet services to customers

separates POTS traffic from ADSL traffic

multiplexes individual customer DSL connections into a single upstream link

 

5. Which three statements are characteristics of generic routing encapsulation (GRE)? (Choose three.)

GRE is the most secure tunneling protocol.

The GRE header alone adds at least 24 bytes of overhead.

GRE is stateless.

GRE provides flow control by default.

GRE encapsulation supports any OSI Layer 3 protocol.

GRE does not have strong security mechanisms.

 

6. Which broadband technology would be best for a small office that requires fast upstream connections?

DSL

fiber-to-the-home

WiMax

cable

 

7. What command specifies a BGP neighbor that has an IP address of 5.5.5.5/24 and that is in AS 500?

(config-router)# neighbor 5.5.5.5 remote-as 500

(config-router)# router bgp 500

(config-router)# neighbor 500 remote-as 5.5.5.5

(config-router)# network 5.0.0.0 0.0.0.255

 

8. Which broadband wireless technology is based on the 802.11 standard?

WiMAX

municipal Wi-Fi

UMTS

CDMA

 

9. How is “tunneling” accomplished in a VPN?

A dedicated circuit is established between the source and destination devices for the duration of the connection.

All packets between two hosts are assigned to a single physical medium to ensure that the packets are kept private.

New headers from one or more VPN protocols encapsulate the original packets.

Packets are disguised to look like other types of traffic so that they will be ignored by potential attackers.

 

10. What is used by BGP to determine the best path to a destination?

hop count

attributes

cost

administrative distance

 

11. Which is a requirement of a site-to-site VPN?

It requires a VPN gateway at each end of the tunnel to encrypt and decrypt traffic.

It requires the placement of a VPN server at the edge of the company network.

It requires a client/server architecture.

It requires hosts to use VPN client software to encapsulate traffic.

 

12. What is the approximate distance limitation for providing a satisfactory ADSL service from the central office to a customer?

6.21 miles or 10 kilometers

2.11 miles or 3.39 kilometers

11.18 miles or 18 kilometers

3.39 miles or 5.46 kilometers

 

13. Refer to the exhibit. A tunnel was implemented between routers R1 and R2. Which two conclusions can be drawn from the R1 command output? (Choose two.)

This tunnel mode provides encryption.

A GRE tunnel is being used.

This tunnel mode is not the default tunnel interface mode for Cisco IOS software.

The data that is sent across this tunnel is not secure.

This tunnel mode does not support IP multicast tunneling.

 

14. What is a component of an ADSL connection that is located at the customer site?

SOHO

CPE

CO

DSLAM

 

15. When PPPoE is configured on a customer router, which two commands must have the same value for the configuration to work? (Choose two.)

interface dialer 2

dialer pool 2

ppp chap password 2

pppoe-client dial-pool-number 2

ppp chap hostname 2

interface gigabitethernet 0/2

 

16. What are two characteristics of a PPPoE configuration on a Cisco customer router? (Choose two.)

The dialer pool command is applied to the Ethernet interface to link it to the dialer interface.

The customer router CHAP username and password are independent of what is configured on the ISP router.

The Ethernet interface does not have an IP address.

The PPP configuration is on the dialer interface.

An MTU size of 1492 bytes is configured on the Ethernet interface.

 

17. What are two WAN connection enhancements that are achieved by implementing PPPoE? (Choose two.)

PPP enables the ISP to assign an IP address to the customer WAN interface.

An Ethernet link supports a number of data link protocols.

DSL CHAP features are included in PPPoE.

Encapsulating Ethernet frames within PPP frames is an efficient use of bandwidth.

CHAP enables customer authentication and accounting.

 

18. What functionality does mGRE provide to the DMVPN technology?

It provides secure transport of private information over public networks, such as the Internet.

It is a Cisco software solution for building multiple VPNs in an easy, dynamic, and scalable manner.

It allows the creation of dynamically allocated tunnels through a permanent tunnel source at the hub and dynamically allocated tunnel destinations at the spokes.

It creates a distributed mapping database of public IP addresses for all VPN tunnel spokes.

 

19. Which two statements describe a remote access VPN? (Choose two.)

It connects entire networks to each other.

It may require VPN client software on hosts.

It requires hosts to send TCP/IP traffic through a VPN gateway.

It is used to connect individual hosts securely to a company network over the Internet.

It requires static configuration of the VPN tunnel.

 

20. Why is the MTU for a PPPoE DSL configuration reduced from 1500 bytes to 1492?

to establish a secure tunnel with less overhead

to accommodate the PPPoE headers

to reduce congestion on the DSL link

to enable CHAP authentication

 

21. On the left is a cloud with the following words: ISP 1 AS 64001 Company A 192.168.10.0/24. A router labeled R1 at the edge of this cloud connects through a serial interface labeled 209.165.200.225 to another router labeled R2. The serial interface on R2 is labeled 209.165.200.226. R2 is inside a second cloud labeled ISP 2 AS 650002 Company B 192.168.20.0/24. Refer to the exhibit. Which two configurations will allow router R1 to establish a neighbor relationship with router R2? (Choose two.)

R1(config)# router bgp 65001

R1(config-router)# network 192.168.10.0

R1(config-router)# neighbor 209.165.200.226 remote-as 65002

 

R1(config)# router bgp 65002

R1(config-router)# network 192.168.20.0

R1(config-router)# neighbor 209.165.200.225 remote-as 65001

 

R2(config)# router bgp 65002

R2(config-router)# network 192.168.10.0

 

R2(config)# router bgp 65002

R2(config-router)# network 192.168.10.0

R2(config-router)# neighbor 209.165.200.226 remote-as 65002

 

R1(config)# router bgp 65001

R1(config-router)# network 192.168.20.0

 

R2(config)# router bgp 65002

R2(config-router)# network 192.168.20.0

R2(config-router)# neighbor 209.165.200.225 remote-as 65001

 

22. Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.

What is the code displayed on the web page?

BGP is running!

BGP is configured!

Welldone!

Configuration is correct!

 

23. The graphic shows two routers, R1 and R2, that connect to the Internet. There is a site attached to each router. Site A is attached to router R1 and site B is attached to router R2. A tunnel is shown spanning the Internet between the two routers.

Refer to the exhibit. What solution can provide a VPN between site A and site B to support encapsulation of any Layer 3 protocol between the internal networks at each site?

an IPsec tunnel

a GRE tunnel

Cisco SSL VPN

a remote access tunnel

 

24. Refer to the exhibit. Which IP address would be configured on the tunnel interface of the destination router?

172.16.1.1

209.165.200.225

172.16.1.2

209.165.200.226

 

25. True or False?

Multiple BGP processes can run on a router.

True

false

 

26. How can the use of VPNs in the workplace contribute to lower operating costs?

VPNs require a subscription from a specific Internet service provider that specializes in secure connections.

High-speed broadband technology can be replaced with leased lines.

VPNs can be used across broadband connections rather than dedicated WAN links.

VPNs prevents connectivity to SOHO users.