CCNA1 v5.1 Chapter 11 Exam Answers

1. A newly hired network technician is given the task of ordering new hardware for a small business with a large growth forecast. Which primary factor should the technician be concerned with when choosing the new devices?

devices with a fixed number and type of interfaces

devices that have support for network monitoring

redundant devices

devices with support for modularity*


2. Which network design consideration would be more important to a large corporation than to a small business?

Internet router


low port density switch



3. Which two traffic types require delay sensitive delivery? (Choose two.)







4. A network administrator for a small company is contemplating how to scale the network over the next three years to accommodate projected growth. Which three types of information should be used to plan for network growth? (Choose three.)

human resource policies and procedures for all employees in the company

documentation of the current physical and logical topologies*

analysis of the network traffic based on protocols, applications, and services used on the network*

history and mission statement of the company

inventory of the devices that are currently used on the network*

listing of the current employees and their role in the company


5. Which two statements describe how to assess traffic flow patterns and network traffic types using a protocol analyzer? (Choose two.)

Capture traffic on the weekends when most employees are off work.

Only capture traffic in the areas of the network that receive most of the traffic such as the data center.

Capture traffic during peak utilization times to get a good representation of the different traffic types.*

Perform the capture on different network segments.*

Only capture WAN traffic because traffic to the web is responsible for the largest amount of traffic on a network.


6. Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe?






7. Which type of network threat is intended to prevent authorized users from accessing resources?

DoS attacks*

access attacks

reconnaissance attacks

trust exploitation


8. Which two actions can be taken to prevent a successful network attack on an email server account? (Choose two.)

Never send the password through the network in a clear text.*

Never use passwords that need the Shift key.

Use servers from different vendors.

Distribute servers throughout the building, placing them close to the stakeholders.

Limit the number of unsuccessful attempts to log in to the server.*


9. Which firewall feature is used to ensure that packets coming into a network are legitimate responses initiated from internal hosts?

application filtering

stateful packet inspection*

URL filtering

packet filtering


10. What is the purpose of the network security authentication function?

to require users to prove who they are*

to determine which resources a user can access

to keep track of the actions of a user

to provide challenge and response questions


11. A network administrator is issuing the login block-for 180 attempts 2 within 30 command on a router. Which threat is the network administrator trying to prevent?

a user who is trying to guess a password to access the router*

a worm that is attempting to access another part of the network

an unidentified individual who is trying to access the network equipment room

a device that is trying to inspect the traffic on a link


12. What is the purpose of using SSH to connect to a router?

It allows a router to be configured using a graphical interface.

It allows a secure remote connection to the router command line interface.*

It allows the router to be monitored through a network management application.

It allows secure transfer of the IOS software image from an unsecure workstation or server.


13. Which two steps are required before SSH can be enabled on a Cisco router? (Choose two.)

Give the router a host name and domain name.*

Create a banner that will be displayed to users when they connect.

Generate a set of secret keys to be used for encryption and decryption.*

Set up an authentication server to handle incoming connection requests.

Enable SSH on the physical interfaces where the incoming connection requests will be received.


14. What is the purpose of issuing the commands cd nvram: then dir at the privilege exec mode of a router?

to clear the content of the NVRAM

to direct all new files to the NVRAM

to list the content of the NVRAM*

to copy the directories from the NVRAM


15. Which command will backup the configuration that is stored in NVRAM to a TFTP server?

copy running-config tftp

copy tftp running-config

copy startup-config tftp*

copy tftp startup-config


16. Refer to the exhibit. Baseline documentation for a small company had ping round trip time statistics of 36/97/132 between hosts H1 and H3. Today the network administrator checked connectivity by pinging between hosts H1 and H3 that resulted in a round trip time of 1458/2390/6066. What does this indicate to the network administrator?

Connectivity between H1 and H3 is fine.

H3 is not connected properly to the network.

Something is causing interference between H1 and R1.

Performance between the networks is within expected parameters.

Something is causing a time delay between the networks.*


17. When should an administrator establish a network baseline?

when the traffic is at peak in the network

when there is a sudden drop in traffic

at the lowest point of traffic in the network

at regular intervals over a period of time*


18. Refer to the exhibit. An administrator is trying to troubleshoot connectivity between PC1 and PC2 and uses the tracert command from PC1 to do it. Based on the displayed output, where should the administrator begin troubleshooting?







19. Which statement is true about CDP on a Cisco device?​

The show cdp neighbor detail command will reveal the IP address of a neighbor only if there is Layer 3 connectivity​.

To disable CDP globally, the no cdp enable command in interface configuration mode must be used.

CDP can be disabled globally or on a specific interface​.*

Because it runs at the data link layer​, the CDP protocol can only be implemented in switches.


20. A network administrator for a small campus network has issued the show ip interface brief command on a switch. What is the administrator verifying with this command?

the status of the switch interfaces and the address configured on interface vlan 1*

that a specific host on another network can be reached

the path that is used to reach a specific host on another network

the default gateway that is used by the switch


21. A network technician issues the arp -d * command on a PC after the router that is connected to the LAN is reconfigured. What is the result after this command is issued?

The ARP cache is cleared.*

The current content of the ARP cache is displayed.

The detailed information of the ARP cache is displayed.

The ARP cache is synchronized with the router interface.


22. Fill in the blank.

__VoIP__  defines the protocols and technologies that implement the transmission of voice data over an IP network


23. Fill in the blank. Do not use abbreviations.

The show __file systems__ command provides information about the amount of free nvram and flash memory with the permissions for reading or writing data.


24. Fill in the blank. Do not use abbreviations.

The __show version__ command that is issued on a router is used to verify the value of the software configuration register.​

25. Match the type of information security threat to the scenario. (Not all options are used.)

Place the options in the following order.

installing virus code to destroy surveillance recordings for certain days -> data loss
pretending to be someone else by using stolen personal information to apply for a credit card -> identity theft
preventing userd from accessing a website by sending a large number of link requests in a short period -> disruption of service
obtaining trade secret documents illegally -> information theft
— not scored —


Time limit is exhausted. Please reload the CAPTCHA.