Our pass rate is high to 98.9% and the similarity percentage between our icnd 100 105 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Cisco 105 100 exam in just one try? I am currently studying for the Cisco ccent ccna icnd1 100 105 exam. Latest Cisco icnd 100 105 Test exam practice questions and answers, Try Cisco ccent ccna icnd1 100 105 pdf Brain Dumps First.

Q76. - (Topic 5) 

The hosts in the LAN are not able to connect to the Internet. Which commands will correct this issue? 

A. Option A 

B. Option B 

C. Option C 

D. Option D 

E. Option E 

Answer:

Explanation: 

Do a “show ip int brief” and you will see that Fa0/1 has an IP address assigned, but it is shut down. 


Q77. - (Topic 2) 

Refer to the exhibit. 

How many collision domains are shown? 

A. one 

B. two 

C. three 

D. four 

E. six 

F. twelve 

Answer:

Explanation: 

Hubs create single collision and broadcast domains, so in this case there will be a single collision domain for each of the two hubs. 


Q78. - (Topic 5) 

What should be part of a comprehensive network security plan? 

A. Allow users to develop their own approach to network security. 

B. Physically secure network equipment from potential access by unauthorized individuals. 

C. Encourage users to use personal information in their passwords to minimize the likelihood of passwords being forgotten. 

D. Delay deployment of software patches and updates until their effect on end-user equipment is well known and widely reported. 

E. Minimize network overhead by deactivating automatic antivirus client updates. 

Answer:

Explanation: 

From Cisco CCENT Exam Essentials study guide by Todd Lammle: 

Know what the first part of a comprehensive network security plan is. The first part of your comprehensive network security plan is to physically secure network equipment from potential access by unauthorized individuals. 

List the recommended ways of protecting network devices from outside network security threats. Use a firewall to restrict access from the outside to the network devices, and use SSH or another encrypted and authenticated transport to access device configurations. 

Reference: 

CCENT Cisco Certified Entry Networking Technician Study Guide: (ICND1 Exam 640-822), 2nd Edition 

by Todd Lammle 

Published by Sybex, 2013 


Q79. - (Topic 5) 

From which of the following attacks can Message Authentication Code (MAC) shield your network? 

A. DoS 

B. DDoS 

C. spoofing 

D. SYN floods 

Answer:

Explanation: 

Message Authentication Code (MAC) can shield your network from spoofing attacks. Spoofing, also known as masquerading, is a popular trick in which an attacker intercepts a network packet, replaces the source address of the packets header with the address of the authorized host, and reinserts fake information which is sent to the receiver. This type of attack involves modifying packet contents. MAC can prevent this type of attack and ensure data integrity by ensuring that no data has changed. MAC also protects against frequency analysis, sequence manipulation, and ciphertext-only attacks. MAC is a secure message digest that requires a secret key shared by the sender and receiver, making it impossible for sniffers to change both the data and the MAC as the receiver can detect the changes. A denial-of-service (DoS) attack floods the target system with unwanted requests, causing the loss of service to users. One form of this attack generates a flood of packets requesting a TCP connection with the target, tying up all resources and making the target unable to service other requests. MAC does not prevent DoS attacks. Stateful packet filtering is the most common defense against a DoS attack. A Distributed Denial of Service attack (DDoS) occurs when multiple systems are used to flood the network and tax the resources of the target system. Various intrusion detection systems, utilizing stateful packet filtering, can protect against DDoS attacks. In a SYN flood attack, the attacker floods the target with spoofed IP packets and causes it to either freeze or crash. A SYN flood attack is a type of denial of service attack that exploits the buffers of a device that accept incoming connections and therefore cannot be prevented by MAC. Common defenses against a SYN flood attack include filtering, reducing the SYN-RECEIVED timer, and implementing SYN cache or SYN cookies. 


Q80. - (Topic 3) 

What information can be used by a router running a link-state protocol to build and maintain its topological database? (Choose two.) 

A. hello packets 

B. SAP messages sent by other routers 

C. LSAs from other routers 

D. beacons received on point-to-point links 

E. routing tables received from other link-state routers 

F. TTL packets from designated routers 

Answer: A,C 

Explanation: 

Reference 1: http://www.ciscopress.com/articles/article.asp?p=24090&seqNum=4 

Link state protocols, sometimes called shortest path first or distributed database protocols, are built around a well-known algorithm from graph theory, E. W. Dijkstra'a shortest path algorithm. Examples of link state routing protocols are: Open Shortest Path First (OSPF) for IP The ISO's Intermediate System to Intermediate System (IS-IS) for CLNS and IP DEC's DNA Phase V Novell's NetWare Link Services Protocol (NLSP) Although link state protocols are rightly considered more complex than distance vector protocols, the basic functionality is not complex at all: 

1.

 Each router establishes a relationship—an adjacency—with each of its neighbors. 

2.

 Each router sends link state advertisements (LSAs), some 

3.

 Each router stores a copy of all the LSAs it has seen in a database. If all works well, the databases in all routers should be identical. 

4.

 The completed topological database, also called the link state database, describes a graph of the internetwork. Using the Dijkstra algorithm, each router calculates the shortest path to each network and enters this information into the route table. OSPF Tutorial 


Q81. - (Topic 3) 

Which commands are required to properly configure a router to run OSPF and to add network 192.168.16.0/24 to OSPF area 0? (Choose two.) 

A. Router(config)# router ospf 0 

B. Router(config)# router ospf 1 

C. Router(config)# router ospf area 0 

D. Router(config-router)# network 192.168.16.0 0.0.0.255 0 

E. Router(config-router)# network 192.168.16.0 0.0.0.255 area 0 

F. Router(config-router)# network 192.168.16.0 255.255.255.0 area 0 

Answer: B,E 

Explanation: 

In the router ospf command, the ranges from 1 to 65535 so o is an invalid number -> but To configure OSPF, we need a wildcard in the “network” statement, not a subnet mask. We also need to assgin an area to this process. 


Q82. - (Topic 3) 

Given a Class C IP address subnetted with a /30 subnet mask, how many valid host IP addresses are available on each of the subnets? 

A. 1 

B. 2 

C. 4 

D. 8 

E. 252 

F. 254 

Answer:

Explanation: 

/30 CIDR corresponds to mask 55.255.255.252 whose binary is 11111100 which means 6 subnet bits and 2 host bits which means 62 subnets and 2 hosts per subnet. 


Q83. DRAG DROP - (Topic 5) 

Drag the appropriate command on the left to the configuration task it accomplishes. (Not all options are used.) 

Answer: 


Q84. - (Topic 1) 

Refer to the exhibit. 

If host A sends an IP packet to host B, what will the source physical address be in the frame when it reaches host B? 

A. 10.168.10.99 

B. 10.168.11.88 

C. A1:A1:A1:A1:A1:A1 

D. B2:B2:B2:B2:B2:B2 

E. C3:C3:C3:C3:C3:C3 

F. D4:D4:D4:D4:D4:D4 

Answer:

Explanation: 

When packets transfer from one host to another across a routed segment, the source IP address always remains the same source IP address, and the source physical (MAC) address will be the existing router’s interface address. Similarly, the destination IP address always remains the same and the destination physical (MAC) address is the destination router’s interface address. 


Q85. - (Topic 3) 

What command sequence will configure a router to run OSPF and add network 10.1.1.0 /24 to area 0? 

A. router ospf area 0 network 10.1.1.0 255.255.255.0 area 0 

B. router ospf network 10.1.1.0 0.0.0.255 

C. router ospf 1 network 10.1.1.0 0.0.0.255 area 0 

D. router ospf area 0 network 10.1.1.0 0.0.0.255 area 0 

E. router ospf network 10.1.1.0 255.255.255.0 area 0 F. router ospf 1 network 10.1.1.0 0.0.0.255 

Answer:

Explanation: 

Enabling OSPFSUMMARY STEPS 

1. 

enable 

2. 

configure terminal 

3. 

router ospf process-id 

4. 

network ip-address wildcard-mask area area-id 

5. 

end 

DETAILED STEPS 

Command or Action Purpose Step.1 enable 

Example: 

Device> enable Enables privileged EXEC mode. . Enter your password if prompted. 

Step.2 configure terminal 

Example: 

Device# configure terminal Enters global configuration mode. 

Step.3 router ospf process-id 

Example: 

Device(config)# router ospf 109 

Enables OSPF routing and enters router configuration mode. 

Step.4 network ip-address wildcard-mask area area-id 

Example: 

Device(config-router)# network 192.168.129.16 0.0.0.3 area 0 

Defines an interface on which OSPF runs and defines the area ID for that interface. 

Step.5 end 

Example: 

Device(config-router)# end 

Exits router configuration mode and returns to privileged EXEC mode. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/12-4t/iro-12-4t-book/iro-cfg.html#GUID-588D1301-F63C-4DAC-BF1C-C3735EB13673 


Q86. - (Topic 7) 

Under which circumstance should a network administrator implement one-way NAT? 

A. when the network must route UDP traffic 

B. when traffic that originates outside the network must be routed to internal hosts 

C. when traffic that originates inside the network must be routed to internal hosts 

D. when the network has few public IP addresses and many private IP addresses require outside access 

Answer:

Explanation: NAT operation is typically transparent to both the internal and external hosts. Typically the internal host is aware of the true IP address and TCP or UDP port of the external host. Typically the NAT device may function as the default gateway for the internal host. However the external host is only aware of the public IP address for the NAT device and the particular port being used to communicate on behalf of a specific internal host. 

NAT and TCP/UDP 

"Pure NAT", operating on IP alone, may or may not correctly parse protocols that are totally concerned with IP information, such as ICMP, depending on whether the payload is interpreted by a host on the "inside" or "outside" of translation. As soon as the protocol stack is traversed, even with such basic protocols as TCP and UDP, the protocols will break unless NAT takes action beyond the network layer. IP packets have a checksum in each packet header, which provides error detection only for the header. IP datagrams may become fragmented and it is necessary for a NAT to reassemble these fragments to allow correct recalculation of higher-level checksums and correct tracking of which packets belong to which connection. The major transport layer protocols, TCP and UDP, have a checksum that covers all the data they carry, as well as the TCP/UDP header, plus a "pseudo-header" that contains the source and destination IP addresses of the packet carrying the TCP/UDP header. For an originating NAT to pass TCP or UDP successfully, it must recompute the TCP/UDP header checksum based on the translated IP addresses, not the original ones, and put that checksum into the TCP/UDP header of the first packet of the fragmented set of packets. The receiving NAT must recompute the IP checksum on every packet it passes to the destination host, and also recognize and recompute the TCP/UDP header using the retranslated addresses and pseudo-header. This is not a completely solved problem. One solution is for the receiving NAT to reassemble the entire segment and then recompute a checksum calculated across all packets. The originating host may perform Maximum transmission unit (MTU) path discovery to determine the packet size that can be transmitted without fragmentation, and then set the don't fragment (DF) bit in the appropriate packet header field. Of course, this is only a one-way solution, because the responding host can send packets of any size, which may be fragmented before reaching the NAT. 


Q87. - (Topic 3) 

OSPF is configured using default classful addressing. With all routers and interfaces operational, how many networks will be in the routing table of R1 that are indicated to be learned by OSPF? 

A. 2 

B. 3 

C. 4 

D. 5 

E. 6 

F. 7 

Answer:

Explanation: 

Although OSPF is configured using default classful addressing but OSPF is a link-state routing protocol so it will always send the subnet mask of each network in their advertised routes. Therefore R1 will learn the the complete subnets. Four networks list below will be in the routing table of R1:+ 172.16.2.64/30+ 172.16.2.228/30+ 172.16.2.232/30+ 172.16.3.0/24 Note: Other networks will be learned as “Directly connected” networks (marked with letter “C”) 


Q88. - (Topic 5) 

Refer to the exhibit. 

A network technician is asked to design a small network with redundancy. The exhibit represents this design, with all hosts configured in the same VLAN. What conclusions can be made about this design? 

A. This design will function as intended. 

B. Spanning-tree will need to be used. 

C. The router will not accept the addressing scheme. 

D. The connection between switches should be a trunk. 

E. The router interfaces must be encapsulated with the 802.1Q protocol. 

Answer:

Explanation: 

The proposed addressing scheme is on the same network. Cisco routers will not allow you to assign two different interfaces to be on the same IP subnet. 


Q89. - (Topic 5) 

Including the address on the Routed Ethernet interface, how many hosts can have IP addresses on the LAN to which Routed is connected? 

A. 6 

B. 30 

C. 62 

D. 126 

Answer:

Explanation: 

This is a /29 address, so there are 6 usable IP’s on this subnet. 


Q90. - (Topic 2) 

Refer to the exhibit. 

The MAC address table is shown in its entirety. The Ethernet frame that is shown arrives at 

the switch. 

What two operations will the switch perform when it receives this frame? (Choose two.) 

A. The switch will not forward a frame with this destination MAC address. 

B. The MAC address of 0000.00aa.aaaa will be added to the MAC Address Table. 

C. The MAC address of ffff.ffff.ffff will be added to the MAC address table. 

D. The frame will be forwarded out of all the active switch ports except for port fa0/0. 

E. The frame will be forwarded out of fa0/0 and fa0/1 only. 

F. The frame will be forwarded out of all the ports on the switch. 

Answer: B,D 

Explanation: 

If the switch already has the MAC address in its table for the destination, it will forward the frame directly to the destination port. If it was not already in its MAC table, then they frame would have been flooded out all ports except for the port that it came from.