Jason Dion Practice Exam 1 with correct answers
You are working as a network administrator and are worried about the possibility of
an insider threat. You want to enable a security feature that would remember the
Layer 2 address first connected to a particular switch port to prevent someone from
unplugging a workstation from the switch port and connecting their laptop to that
same switch port. Which of the following security features would BEST accomplish
this goal?
a. Port security
b. ACL
c. NAC
d. 802.1x - CORRECT ANSWERS ✔✔a. Port security
Explanation
OBJ-4.3: Port security, also known as persistent MAC learning or Sticky MAC, is a
security feature that enables an interface to retain dynamically learned MAC
addresses when the switch is restarted or if the interface goes down and is brought
back online. This is a security feature that can be used to prevent someone from
unplugging their office computer and connecting their laptop to the network jack
without permission since the switch port connected to that network jack would only
allow the computer with the original MAC address to gain connectivity.
You just started work as a network technician at Dion Training. You have been asked
to check if DHCP snooping has been enabled on one of the network devices. Which
of the following commands should you enter within the command line interface?
,a. show route
b. show config
c. show diagnostic
d. show interface - CORRECT ANSWERS ✔✔b. show config
Explanation
OBJ-5.3: The "show configuration" command is used on a Cisco networking device to
display the device's current configuration. This would show whether or not the
DHCP snooping was enabled on this device. The "show interface" command is used
on a Cisco networking device to display the statistics for a given network interface.
The "show route" command is used on a Cisco networking device to display the
current state of the routing table for a given network device. The "show diagnostic"
command is used on a Cisco networking device to display details about the hardware
and software on each node in a networked device.
An administrator has configured a new 250 Mbps WAN circuit, but a bandwidth
speed test shows poor performance when downloading larger files. The download
initially reaches close to 250 Mbps but begins to drop and show spikes in the
download speeds over time. The administrator checks the interface on the router and
sees the following: DIONRTR01# show interface eth 1/1 GigabitEthernet 1/1 is up,
line is up Hardware is GigabitEthernet, address is 000F.33CC.F13A Configured speed
auto, actual 1Gbit, configured duplex fdx, actual fdx Member of L2 VLAN 1, port is
untagged, port state is forwarding Which of the following actions should be taken to
improve the network performance for this WAN connection?
a. Replace eth1/1 with a 1000Base-T transceiver
b. Configure the interface to use full-duplex
c. Assign the interface a 802.1q tag to its own VLAN
,d. Shutdown and then re-enable this interface - CORRECT ANSWERS ✔✔c. Assign
the interface a 802.1q tag to its own VLAN
Explanation
OBJ-5.5: The WAN interface (eth 1/1) is currently untagged and is being assigned to
the default VLAN (VLAN 1). If there are numerous devices in the default VLAN, the
VLAN may be overloaded or oversubscribed leading to a reduction in the network
performance. To solve this issue, you would assign the WAN interface to a VLAN
with less traffic or to its own VLAN. By adding an 802.1q tag (VLAN tag) to the
interface, you can assign it to its own individual VLAN and eliminate potential
overloading or oversubscription issues. The interface is already set to full-duplex
(fdx) and it operating in full-duplex (fdx). Therefore, the issue is not a duplexing
mismatch. The configuration shows that the interface is already using a
GigabitEthernet, so you do not need to replace the transceiver with a 1000Base-T
module. Also, the physical layer is working properly and a link is established, as
shown by the output "GigabitEthernet 1/1 is up", showing the current transceiver is
functioning properly at 1 Gbps. While issuing the shutdown command and then re-
enabling the interface could clear any errors, based on the interface status shown we
have no indications that errors are being detected or reported.
Dion Training Solutions is launching their brand new website. The website needs to
be continually accessible to our students and reachable 24x7. Which networking
concept would BEST ensure that the website remains up at all times?
a. Snapshots
b. Cold site
c. Warm site
d. High availability - CORRECT ANSWERS ✔✔d. High availability
, Explanation
OBJ-3.3: High availability is a concept that uses redundant technologies and
processes to ensure that a system is up and accessible to the end-users at all times.
Snapshots, warm sites, and cold sites may be useful for recovering from a disaster-
type event, but they will not ensure high availability. High availability (HA) is a
component of a technology system that eliminates single points of failure to ensure
continuous operations or uptime for an extended period.
What is the network ID associated with the host located at 192.168.0.123/29?
a. 192.168.0.96
b. 192.168.0.112
c. 192.168.0.120
d. 192.168.0.64 - CORRECT ANSWERS ✔✔c. 192.168.0.120
Explanation
OBJ-1.4: In classless subnets using variable-length subnet mask (VLSM), the network
ID is the first IP address associated within an assigned range. In this example, the
CIDR notation is /29, so each subnet will contain 8 IP addresses. Since the IP address
provided is 192.168.0.123, it will be in the 192.168.0.120/29 network.
Dion Training has a single-mode fiber-optic connection between its main office and
its satellite office located 30 kilometers away. The connection stopped working, so a
technician used an OTDR and found that there is a break in the cable approximately
12.4 kilometers from the main office. Which of the following tools is required to fix
this fiber optic connection?
a. Cable crimper
You are working as a network administrator and are worried about the possibility of
an insider threat. You want to enable a security feature that would remember the
Layer 2 address first connected to a particular switch port to prevent someone from
unplugging a workstation from the switch port and connecting their laptop to that
same switch port. Which of the following security features would BEST accomplish
this goal?
a. Port security
b. ACL
c. NAC
d. 802.1x - CORRECT ANSWERS ✔✔a. Port security
Explanation
OBJ-4.3: Port security, also known as persistent MAC learning or Sticky MAC, is a
security feature that enables an interface to retain dynamically learned MAC
addresses when the switch is restarted or if the interface goes down and is brought
back online. This is a security feature that can be used to prevent someone from
unplugging their office computer and connecting their laptop to the network jack
without permission since the switch port connected to that network jack would only
allow the computer with the original MAC address to gain connectivity.
You just started work as a network technician at Dion Training. You have been asked
to check if DHCP snooping has been enabled on one of the network devices. Which
of the following commands should you enter within the command line interface?
,a. show route
b. show config
c. show diagnostic
d. show interface - CORRECT ANSWERS ✔✔b. show config
Explanation
OBJ-5.3: The "show configuration" command is used on a Cisco networking device to
display the device's current configuration. This would show whether or not the
DHCP snooping was enabled on this device. The "show interface" command is used
on a Cisco networking device to display the statistics for a given network interface.
The "show route" command is used on a Cisco networking device to display the
current state of the routing table for a given network device. The "show diagnostic"
command is used on a Cisco networking device to display details about the hardware
and software on each node in a networked device.
An administrator has configured a new 250 Mbps WAN circuit, but a bandwidth
speed test shows poor performance when downloading larger files. The download
initially reaches close to 250 Mbps but begins to drop and show spikes in the
download speeds over time. The administrator checks the interface on the router and
sees the following: DIONRTR01# show interface eth 1/1 GigabitEthernet 1/1 is up,
line is up Hardware is GigabitEthernet, address is 000F.33CC.F13A Configured speed
auto, actual 1Gbit, configured duplex fdx, actual fdx Member of L2 VLAN 1, port is
untagged, port state is forwarding Which of the following actions should be taken to
improve the network performance for this WAN connection?
a. Replace eth1/1 with a 1000Base-T transceiver
b. Configure the interface to use full-duplex
c. Assign the interface a 802.1q tag to its own VLAN
,d. Shutdown and then re-enable this interface - CORRECT ANSWERS ✔✔c. Assign
the interface a 802.1q tag to its own VLAN
Explanation
OBJ-5.5: The WAN interface (eth 1/1) is currently untagged and is being assigned to
the default VLAN (VLAN 1). If there are numerous devices in the default VLAN, the
VLAN may be overloaded or oversubscribed leading to a reduction in the network
performance. To solve this issue, you would assign the WAN interface to a VLAN
with less traffic or to its own VLAN. By adding an 802.1q tag (VLAN tag) to the
interface, you can assign it to its own individual VLAN and eliminate potential
overloading or oversubscription issues. The interface is already set to full-duplex
(fdx) and it operating in full-duplex (fdx). Therefore, the issue is not a duplexing
mismatch. The configuration shows that the interface is already using a
GigabitEthernet, so you do not need to replace the transceiver with a 1000Base-T
module. Also, the physical layer is working properly and a link is established, as
shown by the output "GigabitEthernet 1/1 is up", showing the current transceiver is
functioning properly at 1 Gbps. While issuing the shutdown command and then re-
enabling the interface could clear any errors, based on the interface status shown we
have no indications that errors are being detected or reported.
Dion Training Solutions is launching their brand new website. The website needs to
be continually accessible to our students and reachable 24x7. Which networking
concept would BEST ensure that the website remains up at all times?
a. Snapshots
b. Cold site
c. Warm site
d. High availability - CORRECT ANSWERS ✔✔d. High availability
, Explanation
OBJ-3.3: High availability is a concept that uses redundant technologies and
processes to ensure that a system is up and accessible to the end-users at all times.
Snapshots, warm sites, and cold sites may be useful for recovering from a disaster-
type event, but they will not ensure high availability. High availability (HA) is a
component of a technology system that eliminates single points of failure to ensure
continuous operations or uptime for an extended period.
What is the network ID associated with the host located at 192.168.0.123/29?
a. 192.168.0.96
b. 192.168.0.112
c. 192.168.0.120
d. 192.168.0.64 - CORRECT ANSWERS ✔✔c. 192.168.0.120
Explanation
OBJ-1.4: In classless subnets using variable-length subnet mask (VLSM), the network
ID is the first IP address associated within an assigned range. In this example, the
CIDR notation is /29, so each subnet will contain 8 IP addresses. Since the IP address
provided is 192.168.0.123, it will be in the 192.168.0.120/29 network.
Dion Training has a single-mode fiber-optic connection between its main office and
its satellite office located 30 kilometers away. The connection stopped working, so a
technician used an OTDR and found that there is a break in the cable approximately
12.4 kilometers from the main office. Which of the following tools is required to fix
this fiber optic connection?
a. Cable crimper
