Which form of NAT maps multiple private IP addresses to a single registered IP address by using different ports?


A.  static NAT

B.  dynamic NAT

C.  overloading

D.  overlapping

E.  port loading


Correct Answer: C






Unauthorized users have used Telnet to gain access to a company router. The network administrator wants to configure and apply an access list to allow Telnet access to the router, but only from the network administrator’s computer. Which group of commands would be the best choice to allow only the IP address to have Telnet access to the router?

A.  access-list 101 permit tcp any host eq telnet interface s0/0 ip access-group 101 in

B.  access-list 3 permit host line vty 0 4

access-class 3 in

C.  access-list 101 permit tcp any host eq telnet access-list 101 permit ip any any interface s0/0

ip access-group 101 in

D.  access-list 3 permit host line vty 0 4

ip access-group 3 in


Correct Answer: B






Refer to the exhibit. What command sequence will enable PAT from the inside to outside network?




A.  (config) ip nat pool isp-net netmask overload

B.  (config-if) ip nat outside overload

C.  (config) ip nat inside source list 1 interface ethernet1 overload

D.  (config-if) ip nat inside overload


Correct Answer: C






Which two statements about static NAT translations are true? (Choose two.)


A.  They allow connections to be initiated from the outside.

B.  They require no inside or outside interface markings because addresses are statically defined.

C.  They are always present in the NAT table.

D.  They can be configured with access lists, to allow two or more connections to be initiated from the outside.


Correct Answer: AC





The output of the show frame-relay pvc command shows “PVC STATUS = INACTIVE”. What does this mean?


A.  The PVC is configured correctly and is operating normally, but no data packets have been detected for more than five minutes.

B.  The PVC is configured correctly, is operating normally, and is no longer actively seeking the address of the remote router.

C.  The PVC is configured correctly, is operating normally, and is waiting for interesting traffic to trigger a call to the remote router.

D.  The PVC is configured correctly on the local switch, but there is a problem on the remote end of the


E.  The PVC is not configured on the local switch.


Correct Answer: D






What are three reasons that an organization with multiple branch offices and roaming users might implement a Cisco VPN solution instead of point-to-point WAN links? (Choose three.)


A.  reduced cost

B.  better throughput

C.  broadband incompatibility

D.  increased security

E.  scalability

F.  reduced latency


Correct Answer: ADE






A network administrator wants to ensure that only the server can connect to port Fa0/1 on a Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is about to bring the server online. What can the administrator do to ensure that only the MAC address of the server is allowed by switch port Fa0/1? (Choose two.)


A.  Configure port Fa0/1 to accept connections only from the static IP address of the server.

B.  Employ a proprietary connector type on Fa0/1 that is incompatible with other host connectors.

C.  Configure the MAC address of the server as a static entry associated with port Fa0/1.

D.  Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address.

E.  Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of the server.

F.  Configure an access list on the switch to deny server traffic from entering any port other than Fa0/1.


Correct Answer: CE

Refer to the exhibit. What commands must be configured on the 2950 switch and the router to allow communication between host 1 and host 2? (Choose two.)




A.  Router(config)# interface fastethernet 0/0

Router(config-if)# ip address

Router(config-if)# no shut down

B.  Router(config)# interface fastethernet 0/0

Router(config-if)# no shut down

Router(config)# interface fastethernet 0/0.1

Router(config-subif)# encapsulation dot1q 10

Router(config-subif)# ip address

Router(config)# interface fastethernet 0/0.2

Router(config-subif)#encapsulation dot1q 20

Router(config-subif)# ip address

C.  Router(config)# router eigrp 100

Router(config-router)# network

Router(config- router)# network

D.  Switch1(config)#vlan database Switch1(config-vlan)#vtp domain XYZ Switch1(config-vlan)#vtp server

E.  Switch1 (config)# interface fastethernet 0/1

Switch1 (config-if)# switchport mode trunk

F.  Switch1 (config)# interface vlan 1

Switch1 (config-if)# ip default-gateway


Correct Answer: BE






Refer to the exhibit. The output that is shown is generated at a switch. Which three of these statements are true? (Choose three.)




A.  All ports will be in a state of discarding, learning, or forwarding.

B.  Thirty VLANs have been configured on this switch.

C.  The bridge priority is lower than the default value for spanning tree.

D.  All interfaces that are shown are on shared media.

E.  All designated ports are in a forwarding state.

F.  This switch must be the root bridge for all VLANs on this switch.


Correct Answer: ACE






Refer to the exhibit. Which switch provides the spanning-tree designated port role for the network segment that services the printers?




A.  Switch1

B.  Switch2

C.  Switch3

D.  Switch4


Correct Answer: C


