Answers and Explanations

  1. B. Even though it is a basic program, Telnet communicates using data that interacts with the application layer of an operating system. Answers A, C, and E are incorrect because these utilities (ping and traceroute) rely on ICMP, which only tests connectivity up to the network layer of the OSI model. Answer D is not a valid command.

  2. B. Communications software should be configured to communicate at 9600bps, with 8 data bits, 1 stop bit, no parity, and no flow control. This is commonly written 9600 8N1N. The other answers have settings that fail to match this.

  3. A. One of the major drawbacks to using Telnet to manage your Cisco devices is the fact that all communication is sent in clear text. If a malicious person captures data using a packet sniffer, that person will have no trouble decoding the exact information entered into the remote Cisco device. This includes all password information! Because of this, Cisco has introduced Secure Shell (SSH) support into all modern IOS versions. SSH uses encryption for all communication. Answer B is incorrect because Telnet does not use any encryption. Answers C and D are incorrect because passwords can be changed using Telnet, and passwords are typically used when connecting to a Telnet session.

  4. D. By connecting a crossover cable from your computer’s Ethernet port to the router’s Ethernet port, you should have direct network access to the device. You could then assign your PC an IP address from the same subnet as the router interface. This is a tricky question and could lead you to choose answer B. This will allow you to connect to the console port to configure the router, but this will not allow you to test TCP/IP connectivity to the router. All other answers are invalid cable connections.

  5. A. Because a hub sends all traffic out all ports, it can be a device used for sniffing the network (for information gathering) or for use with an IDS/IPS appliance. Answer B was a true statement until switches used ASIC-based chipsets allowing them to transmit data at line speed. VoIP and VIP traffic will be destroyed because only one device can send or receive at a time when using a hub, making answers C and D incorrect.

  6. C. The Trivial File Transfer Protocol (TFTP) works at the application layer of the OSI model. This results in it being dependent on lower-layer protocols such as UDP for transmission. TFTP uses UDP port 69 when communicating. All other answers either use the wrong layer of the OSI model, wrong port number (TCP port 21 is used for FTP control signals), or wrong protocol.

  7. C. When communicating across a network, a TCP/IP client will use both a source and destination port. The well-knowndestination port of HTTP is TCP port 80; however, the source port will be randomly generated by the underlying operating system and will be above port 1024 (as ports below 1024 are considered well-known port numbers—making answers A, B, and D incorrect). This allows a source PC to have many network-capable applications actively communicating at the same time.

  8. A, D, E. In a small network environment requiring wireless access (for the mobile laptops) and Internet connectivity, all that should be required is a Cisco ASA 5505 firewall (providing protected Internet connectivity and VPN services), a Cisco switch (providing LAN connectivity), and one or more Cisco Wireless Access Points (providing wireless network connectivity). The Cisco 3800 ISR (answer B) would be far too large of a router for a small network environment. VLANs (answer C) is a network concept and not equipment. An IPS Sensor (answer F) is also typically used in larger high-traffic, high-security environments.

  9. A. A T1-capable interface can transmit data at 1.544 megabits per second (Mbps). The measurement of 1.544 megabytes per second (MBps) (answer B) would be eight times the speed of a T1 interface (12.352 Mbps) because there are eight bits in every byte. Answers C and D represent gigabits per second (Gbps) and gigabytes per second (GBps), which far exceed the capabilities of a T1 interface.

  10. E. The network layer of the OSI model is responsible for the routing of data packets (selecting the best path to deliver data) and logical addressing (such as IP addressing). Answer A is incorrect because the application layer provides an interface to the network application itself. Answer B is incorrect because the transport layer dictates the reliability of the connection and port numbers. Answer C is incorrect because the session layer starts, ends, and manages network sessions. Answer D is incorrect because the data link layer handles physical addressing and formatting data for the network media.

  11. A, C, D. 802.3 MAC is a sublayer of the Ethernet standard that provides Layer 2 addressing for clients. PPP and HDLC are Layer 2 WAN encapsulation protocols for communicating over point-to-point WAN links. IP and TCP (answers B and F) work at Layer 3 and 4 of the OSI model, respectively. ISDN (answer E) is a legacy WAN standard that operates at Layer 1, 2, and 3 of the OSI model.

  12. B, D, E. Email, database communication (such as SQL or Oracle), and instant messaging are common network-based applications. All other answers are applications installed for operation on a local PC rather than network communication.

  13. B, C. Routers provide connections multiple networks and find the best path between them. Likewise, a router also controls broadcast and multicast traffic. Without this control, broadcast and multicast traffic would flood through the network unbounded. Answer A could be vaguely interpreted as a network proxy, hub, or switch. Answer D demonstrates one capability of Cisco routers, but this is not a router’s primary purpose.

  14. C. HostA can only communicate directly with the devices on its local network segment. When communicating with the remote ServerB , HostA will put its own source IP address and the destination IP address of ServerB into the header. It will then add its own source MAC address and the destination MAC address of its default gateway to allow communication with a network outside its own. All other answers do not apply to this question.

  15. F. HostA will use its own IP address as the source and the server’s IP address as the destination. This is why two layers of addressing are so critical. The MAC address allows devices to communicate on the local network, while the IP address allows communication to the local network AND networks outside the local network. All other answers do not apply to this question.

  16. D. After the packet has reached the network segment where ServerB is located, the old source and destination MAC addresses are removed by RouterB and replaced by the MAC addresses relevant for the local network. All other answers do not apply to this question.

  17. D. A router to switch connection should use straight-through cabling rather than crossover. Answers A and B are incorrect because HostA and ServerB are on different subnets by design because they have multiple routers between them. By a slim chance, an access list could be the issue; however, the glaring issue based on the diagram is incorrect cabling, making answer C an unlikely and not the best answer.

  18. A, C, D, F. In a TCP header, the sequence and acknowledgement numbers allow the receiving machine to dictate how much data can be received at once (the TCP window size) and allow the sending machine to realize whether data has been dropped. The checksum provides a mechanism to ensure that the TCP header information has not been damaged during transmission. The destination port number dictates what services the TCP packet is attempting to reach. Answer B is incorrect because the IP address is not a valid field because this is part of the network layer (Layer 3) header. Answer E is incorrect because the MAC address is part of the data link layer (Layer 2) header.

  19. A. When HostA attempts to contact HostB , it will realize that HostB is not located on the same network. This causes HostA to send an ARP message for its default gateway (, whose MAC address is then added to the ARP table. You will never see ARP messages for hosts on a network other than the network your computer resides on, which is why answers B and C are incorrect. Answer D is incorrect because the switch IP address ( will not allow HostA to reach HostB .

  20. D. Clearing the client ARP table is often done during network changes. This can be accomplished using the syntax “arp –d *” from a command prompt. The asterisk argument instructs the PC to clear all ARP entries rather than just a specific entry. Answers A and C are incorrect because these are not valid arguments for the ARP command. Answer B is incorrect because this command will display the ARP table to the screen.

  21. C. The traceroute command (implemented as tracert on a Microsoft Windows machine) can be compared to an enhanced ping. Rather than just testing connectivity to an end device, it tests connectivity to every network layer device in the path, displaying the ping results (delay) for each device as it moves through the network to the destination. Answer A is incorrect because the ping command only tests direct connectivity to a destination device. Answers B and E are incorrect because these commands are not valid. Answer D is incorrect because Telnet invokes a connection rather than testing connectivity.

  22. B. This tricky question requires an intimate understanding of TCP sequence and acknowledgement numbers. When HostA sends data up to sequence number 63751, the expected acknowledgement (ACK) under normal network conditions would be the next sequence number in line (63752 in this case). However, because HostB responded with the same sequence number, it indicated that some of the data was not received (making answer D incorrect). HostA will respond by resending the last requested sequence number (63751 in this case), followed by whatever maximum amount of data is allowed by the current TCP window size. Answer A is incorrect because there is nothing in the figure to indicate a retransmission. Answer C is incorrect because there is no signal to end the TCP session.

    1. _A Provides error detection

    2. _B Routes data packets

    3. _B Finds the best path to use when delivering data

    4. _B Provides logical addressing

    5. _A Provides physical addressing

    6. _A Defines how data is formatted for transmission

    1. _D Segments

    2. _B Frames

    3. _A Bits

    4. _C Packets

  23. E, F, H. The TCP/IP stack groups the top three layers into a single application layer, as shown in . This is because the functions of the top three OSI layers are typically handled within the application layer protocol standard.

    Figure 1.7. TCP/IP to OSI model mappings.

  24. C. A quick calculation of the subnet addresses defined in the question shows that the server belongs to the subnet (addresses while the host belongs to the subnet (addresses Because of this, the host will need to contact its default gateway. To accomplish this, the host will send an ARP broadcast request to determine the MAC address of its default gateway. Answer A is incorrect because the server is located on a different subnet. Answer B is incorrect because ARP messages are always broadcasts and cannot be sent directly. Answer D is incorrect because an ARP broadcast will be stopped at the router.

  25. B. The connectivity issues are resulting from the hosts being on a different subnet than the default gateway. Based on the host’s IP address ( and subnet mask (, you can determine that the network range is– Because the default gateway falls outside this range, it will be considered unreachable. Answer A is incorrect because speed and duplex being set to auto will work correctly in most cases. While the default gateway could be blocking ICMP traffic, answer B is the “better answer” making answer C incorrect. Answer D is incorrect because this would only degrade network performance in modern networks.

  26. D. When a switch receives a request for an unknown MAC address, it will flood the frame out all ports with the exception of the port on which the request was received, which makes answer B incorrect. Answer A is incorrect because this will occur only if the switch had already known the MAC address of HostB . Answer C is incorrect because the switch floods an unknown MAC address out all ports.

  27. D. The headers are added to data in the following order: application, transport, internet, and then data link. The last information to be added during the encapsulation process is the Frame Check Sequence (FCS). This is also called the Cyclical Redundancy Check (CRC) field, which is a hash of the data contained in the frame. If any of the data changes during transmission, the FCS will become invalid, and the data will be dropped at the receiving end. Answers B and C are incorrect because IP address information is added at the network layer. Answer A is incorrect because TCP port numbers are added at the transport layer.

  28. A, D, E. The IP protocol operates at the network layer of the OSI model. It simply defines addressing standards for the network. Because of this, it does not offer any reliability or session-based communication. For this, it relies on the upper-layer TCP protocol. Answers B, C, and F are characteristics of the TCP protocol.

Topic revision: r3 - 2016-06-24 - JimSkon
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback