CCNA 2 (v5.0.3 + v6.

0) Chapter 2 Exam Answers 2019 –

100% Full
[Link]/[Link]

New Version:
1. What are two advantages of static routing over dynamic routing? (Choose two.)

Static routing is more secure because it does not advertise over the
network.*
Static routing scales well with expanding networks.
Static routing requires very little knowledge of the network for correct
implementation.
Static routing uses fewer router resources than dynamic routing.*
Static routing is relatively easy to configure for large networks.

2. Refer to the exhibit. What routing solution will allow both PC A and PC B to
access the Internet with the minimum amount of router CPU and network
bandwidth utilization?

Configure a static route from R1 to Edge and a dynamic route from Edge to R1.
Configure a static default route from R1 to Edge, a default route from Edge to
the Internet, and a static route from Edge to R1.*
1/21
 Configure a dynamic route from R1 to Edge and a static route from Edge to R1.
Configure a dynamic routing protocol between R1 and Edge and advertise all
routes.

3. What is the correct syntax of a floating static route?

ip route [Link] [Link] serial 0/0/0

ip route [Link] [Link] [Link] 120*
ip route [Link] [Link] serial 0/0/0
ip route [Link] [Link] [Link]

4. What is a characteristic of a static route that matches all packets?

It backs up a route already discovered by a dynamic routing protocol.

It uses a single network address to send multiple static routes to one destination
address.
It identifies the gateway IP address to which the router sends all IP packets
for which it does not have a learned or static route.*
It is configured with a higher administrative distance than the original dynamic
routing protocol has.

5. What type of route allows a router to forward packets even though its routing
table contains no specific route to the destination network?

dynamic route
default route*
destination route
generic route

6. Why would a floating static route be configured with an administrative distance

that is higher than the administrative distance of a dynamic routing protocol that
is running on the same router?

to be used as a backup route*

to load-balance the traffic
to act as a gateway of last resort
to be the priority route in the routing table

7. A company has several networks with the following IP address requirements:

2/21
IP phones – 50
PCs – 70
IP cameras – 10
wireless access points – 10
network printers – 10
network scanners – 2

Which block of addresses would be the minimum to accommodate all of these

devices if each type of device was on its own network?

[Link]/25
[Link]/24*
[Link]/23
[Link]/22

8. What happens to a static route entry in a routing table when the outgoing
interface associated with that route goes into the down state?

The static route is removed from the routing table.*

The router polls neighbors for a replacement route.
The static route remains in the table because it was defined as static.
The router automatically redirects the static route to use another interface.

9. The network administrator configures the router with the ip route [Link]
[Link] [Link] command. How will this route appear in the routing table?

C [Link] is directly connected, Serial0/0

S [Link] is directly connected, Serial0/0
C [Link] [1/0] via [Link]
S [Link] [1/0] via [Link]*

10. Graphic shows output of show ip route as follows:

A# show ip route
Gateway of last resort is not set
S [Link]/8 [1/0] via [Link]
[Link]/16 is subnetted, 1 subnets
C [Link] is directly connected, Serial0/1/0
C [Link]/16 is directly connected, Loopback2
[Link]/24 is subnetted, 1 subnets
C [Link] is directly connected, Serial0/0/0
C [Link]/24 is directly connected,FastEthernet0/0/0
S [Link]/24 [1/0] via [Link]
C [Link]/24 is directly connected, Loopback0

3/21
Refer to the exhibit. What two commands will change the next-hop address for the
[Link]/8 network from [Link] to [Link]? (Choose two.)

A(config)# no network [Link]

[Link] [Link]
A(config)# no ip address
[Link] [Link] [Link]
A(config)# no ip route
[Link] [Link]
[Link]*
A(config)# ip route [Link]
[Link] s0/0/0
A(config)# ip route [Link]
[Link] [Link]*

11. Which type of static route that is configured on a router uses only the exit
interface?

recursive static route

directly connected static route*
fully specified static route
default static route

12. Refer to the graphic. Which command would be used on router A to configure a
static route to direct traffic from LAN A that is destined for LAN C?

A(config)# ip route [Link] [Link] [Link]

A(config)# ip route [Link] [Link] [Link]*
4/21
 A(config)# ip route [Link] [Link] [Link]
A(config)# ip route [Link] [Link] [Link]
A(config)# ip route [Link] [Link] [Link]

13. Refer to the exhibit. The network administrator needs to configure a default
route on the Border router. Which command would the administrator use to
configure a default route that will require the least amount of router processing
when forwarding packets?

Border(config)# ip route [Link] [Link] [Link]

Border(config)# ip route [Link] [Link] [Link]
Border(config)# ip route [Link] [Link] s0/0/1*
Border(config)# ip route [Link] [Link] s0/0/0

14. What two pieces of information are needed in a fully specified static route to
eliminate recursive lookups? (Choose two.)

the interface ID exit interface*

the interface ID of the next-hop neighbor
the IP address of the next-hop neighbor*
the administrative distance for the destination network
the IP address of the exit interface

15. Refer to the exhibit. What command would be used to configure a static route
on R1 so that traffic from both LANs can reach the [Link]/64 remote
network?

5/21
 ipv6 route ::/0 serial0/0/0
ipv6 route [Link]/64 [Link]
ipv6 route [Link]/64 [Link]*
ipv6 route [Link]/65 [Link]

16. Refer to the exhibit. Which default static route command would allow R1 to
potentially reach all unknown networks on the Internet?

R1(config)# ipv6 route [Link]/64 G0/0

R1(config)# ipv6 route ::/0 G0/0 fe80::2
R1(config)# ipv6 route ::/0 G0/1 fe80::2*
R1(config)# ipv6 route [Link]/64 G0/1 fe80::2

17. Consider the following command:

ip route [Link] [Link] [Link] 5
Which route would have to go down in order for this static route to appear in the
routing table?
6/21
 a default route
a static route to the [Link]/24 network*
an OSPF-learned route to the [Link]/24 network
an EIGRP-learned route to the [Link]/24 network

18. Refer to the exhibit. The routing table for R2 is as follows:

Gateway of last resort is not set

[Link]/30 is subnetted, 2 subnets
C [Link] is directly connected, Serial0/0/0
C [Link] is directly connected, Serial0/0/1
[Link]/26 is subnetted, 3 subnets
S [Link] is directly connected, Serial0/0/0
C [Link] is directly connected, FastEthernet0/0
S [Link] [1/0] via [Link]

What will router R2 do with a packet destined for [Link]?

drop the packet

send the packet out interface Serial0/0/0
send the packet out interface Serial0/0/1*
send the packet out interface FastEthernet0/0

19. A network administrator has entered a static route to an Ethernet LAN that is
connected to an adjacent router. However, the route is not shown in the routing
table. Which command would the administrator use to verify that the exit
interface is up?
7/21
 show ip interface brief*
show ip protocols
show ip route
tracert

20. Consider the following command:

ip route [Link] [Link] [Link] 5
How would an administrator test this configuration?

Delete the default gateway route on the router.

Ping any valid address on the [Link]/24 network.
Manually shut down the router interface used as a primary route.*
Ping from the [Link] network to the [Link] addres

21. R1 router has a serial connection to the ISP out s0/0/1. R1 router has the
[Link]/24 LAN connected to G0/0. R1 has the [Link]/24 LAN connected to G0/1.
Finally, R1 has the s0/0/0 [Link]/24 network shared with R2. R2 also has the
[Link]/24 LAN connected through G0/0. The following information is below R1.

R1# show ip route

Gateway of last resort is [Link] to network [Link]
[Link]/8 is variably subnetted, 6 subnets, 7 masks
C [Link]/24 is directly connected, GigabitEthernet0/0
L [Link]/32 is directly connected, GigabitEthernet0/0
C [Link]/24 is directly connected, GigabitEthernet0/1
L [Link]/32 is directly connected, GigabitEthernet0/1
C [Link]/24 is directly connected, Serial0/0/0
L [Link]/32 is directly connected, Serial0/0/0
[Link]/24 is variably subnetted, 2 subnets, 3 masks
C [Link]/30 is directly connected, Serial0/0/1
L [Link]/32 is directly connected, Serial0/0/1
S* [Link]/0 is directly connected, Serial0/0/1
R2 has the following information below it.
R2# show ip route
Gateway of last resort is [Link] to network [Link]
[Link]/8 is variably subnetted, 4 subnets, 5 masks
C [Link]/24 is directly connected, Serial0/0/0
L [Link]/32 is directly connected, Serial0/0/0
C [Link]/24 is directly connected, GigabitEthernet0/0
L [Link]/32 is directly connected, GigabitEthernet0/0
S* [Link]/0 is directly connected, Serial0/0/0

Refer to the exhibit. The small company shown uses static routing. Users on the R2
LAN have reported a problem with connectivity. What is the issue?

8/21
 R2 needs a static route to the R1 LANs.
R1 and R2 must use a dynamic routing protocol.
R1 needs a default route to R2.
R1 needs a static route to the R2 LAN.*
R2 needs a static route to the Internet.

22. Which three IOS troubleshooting commands can help to isolate problems with
a static route? (Choose three.)

show version
ping*
tracert
show ip route*
show ip interface brief*
show arp

23. An administrator issues the ipv6 route [Link]/32 gigabitethernet0/0

[Link] 100 command on a router. What administrative distance is
assigned to this route?

0
1
32
100*
9/21
24. Refer to the exhibit. The network engineer for the company that is shown
wants to use the primary ISP connection for all external connectivity. The backup
ISP connection is used only if the primary ISP connection fails. Which set of
commands would accomplish this goal?

ip route [Link] [Link]

ip route [Link] [Link]
ip route [Link] [Link]
ip route [Link] [Link] 10
ip route [Link] [Link] s0/0/0
ip route [Link] [Link] s0/1/0
ip route [Link] [Link] s0/0/0*
ip route [Link] [Link] s0/1/0 10*

25. Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question.
Why are the pings from PC0 to Server0 not successful?

The static route to network [Link] is misconfigured on Router1.

The static route to network [Link] is misconfigured on Router2.​
The static route to network [Link] is misconfigured on Router1.​*
The static route to network [Link] is misconfigured on Router2.​

26. Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question. What IPv6 static route can be configured on router R1 to
make a fully converged network?
10/21
 ipv6 route [Link]/64 S0/0/1*
ipv6 route [Link]/64 S0/0/0
ipv6 route [Link]/64 [Link]
ipv6 route [Link]/64 [Link]

Older Version
27. Which interface is the default location that would contain the IP address used
to manage a 24-port Ethernet switch?

VLAN 1*
Fa0/0
Fa0/1
interface connected to the default gateway
VLAN 99

28. Which statement describes the port speed LED on the Cisco Catalyst 2960
switch?

If the LED is green, the port is operating at 100 Mb/s.*

If the LED is off, the port is not operating.
If the LED is blinking green, the port is operating at 10 Mb/s.
If the LED is amber, the port is operating at 1000 Mb/s.

29. What is a function of the switch boot loader?

to speed up the boot process

to provide security for the vulnerable state when the switch is booting
to control how much RAM is available to the switch during the boot process
to provide an environment to operate in when the switch operating system
cannot be found*

30. In which situation would a technician use the show interfaces switch
command?

to determine if remote access is enabled

when packets are being dropped from a particular directly attached host*
when an end device can reach local devices, but not remote devices
to determine the MAC address of a directly attached network device on a particular
interface

31. Refer to the exhibit. A network technician is troubleshooting connectivity

issues in an Ethernet network with the command show interfaces fastEthernet 0/0.
What conclusion can be drawn based on the partial output in the exhibit?

11/21
 All hosts on this network communicate in full-duplex mode.
Some workstations might use an incorrect cabling type to connect to the network.
There are collisions in the network that cause frames to occur that are less than 64
bytes in length.
A malfunctioning NIC can cause frames to be transmitted that are longer
than the allowed maximum length. *

32. Refer to the exhibit. The network administrator wants to configure Switch1 to
allow SSH connections and prohibit Telnet connections. How should the network
administrator change the displayed configuration to satisfy the requirement?

Use SSH version 1.

Reconfigure the RSA key.
Configure SSH on a different
line.
Modify the transport input
command.*

33. What is one difference between using Telnet or SSH to connect to a network
device for management purposes?

Telnet uses UDP as the transport protocol whereas SSH uses TCP.
Telnet does not provide authentication whereas SSH provides authentication.
Telnet supports a host GUI whereas SSH only supports a host CLI.
Telnet sends a username and password in plain text, whereas SSH encrypts
the username and password*.

34. In which type of attack does a malicious node request all available IP addresses
in the address pool of a DHCP server in order to prevent legitimate hosts from
obtaining network access?​
12/21
 CAM table overflow
MAC address flooding
DHCP starvation*
DHCP spoofing

35. Which method would mitigate a MAC address flooding attack?

increasing the size of the CAM table

configuring port security*
using ACLs to filter broadcast traffic on the switch​
increasing the speed of switch ports

36. Which two features on a Cisco Catalyst switch can be used to mitigate DHCP
starvation and DHCP spoofing attacks? (Choose two.)

port security*
extended ACL
DHCP snooping*
DHCP server failover
strong password on DHCP servers

37. Which two basic functions are performed by network security tools? (Choose
two.)

revealing the type of information an attacker is able to gather from

monitoring network traffic*
educating employees about social engineering attacks
simulating attacks against the production network to determine any existing
vulnerabilities*
writing a security policy document for protecting networks
controlling physical access to user devices

38. An administrator wants to use a network security auditing tool on a switch to

verify which ports are not protected against a MAC flooding attack. For the audit
to be successful, what important factor must the administrator consider?

if the CAM table is empty before the audit is started

if all the switch ports are operational at the same speed
if the number of valid MAC addresses and spoofed MAC addresses is the same
the aging-out period of the MAC address table*

39. Which action will bring an error-disabled switch port back to an operational
state?

Remove and reconfigure port security on the interface.

Issue the switchport mode access command on the interface.
13/21
 Clear the MAC address table on the switch.
Issue the shutdown and then no shutdown interface commands. *

40. Refer to the exhibit. Port Fa0/2 has already been configured appropriately. The
IP phone and PC work properly. Which switch configuration would be most
appropriate for port Fa0/2 if the network administrator has the following goals?

SWA(config-if)# switchport port-security

SWA(config-if)# switchport port-security mac-
address sticky
SWA(config-if)# switchport port-security mac-
address sticky
SWA(config-if)# switchport port-security
maximum 2
SWA(config-if)# switchport port-security*
SWA(config-if)# switchport port-security maximum 2*
SWA(config-if)# switchport port-security mac-address sticky*
SWA(config-if)# switchport port-security
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address sticky
SWA(config-if)# switchport port-security violation restrict

41. Which two statements are true regarding switch port security? (Choose two.)

The three configurable violation modes all log violations via SNMP.
Dynamically learned secure MAC addresses are lost when the switch
reboots.*
The three configurable violation modes all require user intervention to re-enable
ports.
After entering the sticky parameter, only MAC addresses subsequently learned are
converted to secure MAC addresses.
If fewer than the maximum number of MAC addresses for a port are
configured statically, dynamically learned addresses are added to CAM until
the maximum number is reached.*

42. A network administrator configures the port security feature on a switch. The
security policy specifies that each access port should allow up to two MAC
addresses. When the maximum number of MAC addresses is reached, a frame with
the unknown source MAC address is dropped and a notification is sent to the
syslog server. Which security violation mode should be configured for each access
port?

restrict *
protect
warning
shutdown
14/21
43. Refer to the exhibit. What can be determined about port security from the
information that is shown?

The port has been shut down.

The port has two attached devices.
The port violation mode is the default for any port that has port security
enabled.*
The port has the maximum number of MAC addresses that is supported by a Layer
2 switch port which is configured for port security.

44. Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question.
Fill in the blank.
Do not use [Link] is the missing command on S1?

ip address [Link] [Link]*

45. Open the PT Activity. Perform the tasks in the activity instructions and then
answer the question. Which event will take place if there is a port security
violation on switch S1 interface Fa0/1?

A notification is sent.
A syslog message is logged.
Packets with unknown source addresses will be dropped.*
The interface will go into error-disabled state.

46. What impact does the use of the

15/21
mdix auto

configuration command haveon an Ethernet interface on a switch?

automatically detects duplex settings
automatically detects interface speed
automatically detects copper cable type*
automatically assigns the first detected MAC address to an interface

47. Which type of cable does a network administrator need to connect a PC to a

switch to recover it after the Cisco IOS software fails to load?

a coaxial cable
a console cable*
a crossover cable
a straight-through cable

48. While troubleshooting a connectivity problem, a network administrator notices

that a switch port status LED is alternating between green and amber. What could
this LED indicate?

The port has no link.

The port is experiencing errors.*
The port is administratively down.
A PC is using the wrong cable to connect to the port.
The port has an active link with normal traffic activity.

49. A production switch is reloaded and finishes with a Switch> prompt. What two
facts can be determined? (Choose two.)

POST occurred normally.*

The boot process was interrupted.
There is not enough RAM or flash on this router.
A full version of the Cisco IOS was located and loaded.*
The switch did not locate the Cisco IOS in flash, so it defaulted to ROM.

50. Which command displays information about the auto-MDIX setting for a
specific interface?

show interfaces
show controllers*
show processes
show running-config

51. Refer to the exhibit. What media issue might exist on the link connected to
Fa0/1 based on the show interface command?

16/21
 The bandwidth parameter on the interface might be too high.
There could be an issue with a faulty NIC.
There could be too much electrical interference and noise on the link.*
The cable attaching the host to port Fa0/1 might be too long.
The interface might be configured as half-duplex.

52. Which protocol or service sends broadcasts containing the Cisco IOS software
version of the sending device, and the packets of which can be captured by
malicious hosts on the network?

CDP*
DHCP
DNS
SSH

53. Refer to the exhibit. Which S1 switch port interface or interfaces should be
configured with the ip dhcp snooping trust command if best practices are
implemented?

17/21
 only the G0/1 port
only unused ports
only the G0/1 and G0/24 ports*
only the G0/2, G0/3, and G0/4 ports*
only the G0/1, G0/2, G0/3, and G0/4 ports

54. The network administrator enters the following commands on a Cisco switch:
Switch(config)# interface vlan1
Switch(config-if)# ip address [Link] [Link]
Switch(config-if)# no shutdown
What is the effect of entering these commands?

All devices attached to this switch must be in the [Link]/24 subnet to

communicate.
The switch is able to forward frames to remote networks.
The address of the default gateway for this LAN is [Link]/24.
Users on the [Link]/24 subnet are able to ping the switch at IP address
[Link].*

55. Fill in the blank.

When port security is enabled, a switch port uses the default violation mode of
shutdown until specifically configured to use a different violation mode.

56. Which three statements are true about using full-duplex Fast Ethernet?
(Choose three.)

Performance is improved with bidirectional data flow.*

Performance is improved because the NIC is able to detect collisions.
Latency is reduced because the NIC processes frames faster.
Full-duplex Fast Ethernet offers 100 percent efficiency in both directions.*
Nodes operate in full-duplex with unidirectional data flow.
Performance is improved because the collision detect function is disabled on
the device.*

18/21
57. Fill in the blank.
”Full-duplex” communication allows both ends of a connection to transmit and receive
data simultaneously.

Full-duplex communication improves the performance of a switched LAN, increasing

effective bandwidth by allowing both ends of a connection to transmit and receive data
simultaneously.

58. Place the options in the following order:

step 3
– not scored –
step 1
step 4
step 2
step 5
step 6

59. Identify the steps needed to configure a switch for SSH.

19/21
Place the options in the following order:
[+] Create a local user.
[+] Generate RSA keys.
[+] Configure a domain name.
[+] Use the login local command.
[+] Use the transport input ssh command.
[+] Order does not matter within this group.

60. Match the Link State to the interface and protocol status.

20/21
Place the options in the following order:
disable -> admin down
Layer 1 problem -> down/down
– not scored –
Layer 2 problem -> up/down
operational -> up/up

397s

21/21