思科认证考试 CCNA

思科认证CCNA认证试题和答案中文版思科认证CCNA认证试题和答案中文版想要获得思科认证，首先要参加由思科推荐并授权的培训中心(Cisco Training Partner，简称CTP)所开设的培训课程。

完成学业后再到由全球考试机构Sylvan Prometric授权的.考试中心参加由思科指定的科目的认证考试。

通过指定的系列科目考试后，学员就可以获得相应分支系列等级的资格认证。

下面是店铺为大家搜集的相关试题，供大家参考练习。

16、路由器A串口0配置如下interface serial0link-protocol pppppp pap local-user huawei password simple quidwayip address 2.2.2.1 255.0.0.0路由器B串口及全局配置如下local-user huawei service-type ppp password simple quidway!interface serial0link-protocol pppppp authentication-mode papip address 2.2.2.2 255.0.0.0当两台路由器串口0相连时，两台路由器是否可以连接到对端()(A) 能(B) 不能答案：A17、关于千兆以太网，以下说法正确的是( )(A) IEEE802.3ab定义了千兆以太网(B) 在同一冲突域中，千兆以太网不允许中继器的互连(C) IEEE802.3z专门定义了千兆以太网在双绞线上的传输标准(D) 千兆以太网支持网络速率的自适应，可以与快速以太网自动协商传输速率答案：AB参考知识点：华为3com认证教材第一册3-8页18、高层的协议将数据传递到网络层后，形成( )，而后传送到数据链路层(A) 数据帧(B) 信元(C) 数据包(D) 数据段答案：C参考知识点：华为3com认证教材第一册1-20页19、在路由器上配置帧中继静态map必须指定( )参数(A) 本地的DLCI(B) 对端的DLCI(C) 本地的协议地址(D) 对端的协议地址答案：AD20、路由器的主要性能指标不包括( )(A) 延迟(B) 流通量(C) 帧丢失率(D) 语音数据压缩比答案：D【思科认证CCNA认证试题和答案中文版】。

Cisco CCNA 认证考试最新真题体验1. The command frame-relay map ip 10.121.16.8 102 broadcast was entered on the router. Which of the following statements is true concerning this command?A.This command should be executed from the global configuration mode.B.The IP address 10.121.16.8 is the local router port used to forward data.C.102 is the remote DLCI that will receive the information.D.The broadcast option allows packets, such as RIP updates, to be forwarded across the PVC2. While troubleshooting a network connectivity problem, a technician observes steady link lights on both the workstation NIC and the switch port to which the workstation is connected. However, when the ping command is issued from the workstation, the output message "Request timed out." is displayed. At which layer of the OSI model does the problem most likely exist?A.the session layerB.the network layerC.the data link layerD.the access layer3. In order to allow the establishment of a Telnet session with a router, which set of commands must be configured?A.router(config)# line console 0router(config-line)# enable password ciscoB.router(config)# line console 0router(config-line)# enable secret ciscorouter(config-line)# loginC.router(config)# line console 0router(config-line)# password ciscorouter(config-line)# loginD.router(config)# line vty 0router(config-line)# password cisco router(config-line)# login4. On point-to-point networks, OSPF hello packets are addressed to which address?A.127.0.0.1B.192.168.0.5C.224.0.0.5D.254.255.255.2555. What should be part of a comprehensive network security plan?A.Allow users to develop their own approach to network security.B.Physically secure network equipment from potential access by unauthorized individualsC.Encourage users to use personal information in their passwords to minimize the likelihood of passwords being forgottenD.Delay deployment of software patches and updates until their effect on end-user equipment is well known and widely reported6. During startup, the router displays the following error message:boot: cannot open "flash:" What will the router do next?A.Because of damaged flash memory, the router will fail the POST.B.It will attempt to locate the IOS from a TFTP server. If this fails, it will initiate the setup dialogC.It will attempt to locate the IOS from a TFTP server. If this fails, it will load a limited IOS from ROM.D.It will attempt to locate the configuration file from a TFTP server. If this fails, it will initiate the setup dialog7. At which OSI layer is a logical path created between two host systems?A.sessionB.transportworkD.physical8. A routing protocol is required that supports:1) routing update authentication2) an addressing scheme that conserves IP addresses3) multiple vendors4) a network with over 50 routersWhich routing protocol fulfills these requirements?A.RIPv1B.RIPv2C.EIGRPD.OSPF9. When a new trunk is configured on a 2950 switch, which VLANs by default are allowed over the trunk link?A.no VLANsB.all VLANsC.only VLANs 1 - 6D.only the VLANs that are specified when creating the trunk10. Which protocol provides a method of sharing VLAN configuration information between switches?A.VTPB.STPC.ISLD.802.1QDBDCB CCDBA博主的更多文章>>CCNA第一学期《Final Examination》2009-02-27 08:58:47 标签：CCNA[推送到技术圈]1请参见图示。

CCNA认证试题一（附答案和解析）中文版(一)1、目前，我国应用最为广泛的LAN标准是基于（）的以太网标准.(A) IEEE 802.1(B) IEEE 802.2(C) IEEE 802.3(D) IEEE 802.5答案：C参考知识点：现有标准：IEEE 802.1 局域网协议高层IEEE 802.2 逻辑链路控制IEEE 802.3 以太网IEEE 802.4 令牌总线IEEE 802.5 令牌环IEEE 802.8 FDDIIEEE 802.11 无线局域网记住IEEE802.1-------IEEE802.5的定义以太网是一种计算机局域网组网技术。

IEEE制定的IEEE 802.3标准给出了以太网的技术标准。

它规定了包括物理层的连线、电信号和介质访问层协议的内容。

以太网是当前应用最普遍的局域网技术。

它很大程度上取代了其他局域网标准，如令牌环、FDDI和ARCNET。

以太网的标准拓扑结构为总线型拓扑，但目前的快速以太网（100BASE-T、1000BASE-T标准）为了最大程度的减少冲突，最大程度的提高网络速度和使用效率，使用交换机（Switch）来进行网络连接和组织，这样，以太网的拓扑结构就成了星型，但在逻辑上，以太网仍然使用总线型拓扑的C***A/CD介质访问控制方法。

电气电子工程师协会或IEEE（Institute of Electrical and Electronics Engineers）是一个国际性的电子技术及信息科学工程师的协会。

建会于1963年1月1日。

总部在美国纽约市。

在150多个国家中它拥有300多个地方分会。

目前会员数是36万。

专业上它有35个专业学会和两个联合会。

IEEE发表多种杂志，学报，书籍和每年组织300多次专业会议。

IEEE定义的标准在工业界有极大的影响。

下面列出：IEEE802．3以太网标准802.3--------- 10Base以太网标准802.3u-------- 100Base-T（快速以太网）802.3z-------- 1000Base-X（光纤吉比特以太网）802.3ab-------- 1000Base-T（双绞线吉比特以太网）2、对于这样一个地址,192.168.19.255/20,下列说法正确的是: （）(A) 这是一个广播地址(B) 这是一个网络地址(C) 这是一个私有地址(D) 地址在192.168.19.0网段上(E) 地址在192.168.16.0网段上(F) 这是一个公有地址答案：CE注：IP地址中关键是看她的主机位，将子网掩码划为二进制，1对应上面的地址是网络位，0对应的地址是主机位192.168.19.255/20划为二进制为：11000000.10101000.00010011.1111111111111111.11111111.11110000.00000000主机位变成全0表示这个IP的网络地址主机槐涑扇?表示这个IP的广播地址RFC1918文件规定了保留作为局域网使用的私有地址：10.0.0.0 - 10.255.255.255(10/8 prefix)172.16.0.0 - 172.31.255.255 (1 72.16/12 prefix)192.168.0.0 - 192.168.255.255 (192.168/16 prefix)3、Quidway系列路由器在执行数据包转发时，下列哪些项没有发生变化（假定没有使用地址转换技术）？（）(A) 源端口号(B) 目的端口号(C) 源网络地址(D) 目的网络地址(E) 源MAC地址(F) 目的MAC地址答案：ABCD参考知识点：路由功能就是指选择一条从源网络到目的网络的路径，并进行数据包的转发。

思科认证网络工程师CCNA平安认证考试大纲思科认证网络工程师CCNA平安认证考试大纲CCNA平安认证可满足那些负责网络平安的IT专业人员的需求。

它表示通过认证的专业人士拥有相应的`专业技能，能够胜任网络平安专家、网络平安管理员和网络平安支持工程师等职位。

该认证所验证的技能包括：在保持数据和设备的完整性、保密性和可用性的条件下安装、故障排解和监控网络设备，以及使用思科在平安架构中所接受的技术进行开发的力气。

考试说明实施思科网络平安210-260 IINS考试时间为90分钟，考生需要完成60-70到考题。

210-260 IINS考试验证考生是否具备网络平安架构，理解网络平安核心概念，管理平安访问，VPN加密，防火墙，平安入侵防备，网页及邮件内容平安及终端设备平安等学问。

通过210-260 IINS考试证明考生拥有在思科平安网络架构中实施操作的力气。

考生可以通过参加实施思科网络平安(IINS)课程来预备参加考试。

考试大纲1.0 Security Concepts12%1.1 Common security principles1.1.a Describe confidentiality, integrity, availability (CIA)1.1.b Describe SIEM technology1.1.c Identify common security terms1.1.d Identify common network security zones1.2 Common security threats1.2.a Identify common network attacks1.2.b Describe social engineering1.2.c Identify malware1.2.d Classify the vectors of data loss/exfiltration1.3 Cryptography concepts1.3.a Describe key exchange1.3.b Describe hash algorithm1.3.c Compare and contrast symmetric and asymmetric encryption1.3.d Describe digital signatures, certificates, and PKI1.4 Describe network topologies1.4.a Campus area network (CAN)1.4.b Cloud, wide area network (WAN)1.4.c Data center1.4.d Small office/home office (SOHO)1.4.e Network security for a virtual environment2.0 Secure Access14%2.1 Secure management2.1.a Compare in-band and out-of band2.1.b Configure secure network management2.1.c Configure and verify secure access through SNMP v3 using an ACL2.1.d Configure and verify security for NTP2.1.e Use SCP for file transfer2.2 AAA concepts2.2.a Describe RADIUS and TACACS+ technologies2.2.b Configure administrative access on a Cisco router using TACACS+2.2.c Verify connectivity on a Cisco router to a TACACS+ server2.2.d Explain the integration of Active Directory with AAA2.2.e Describe authentication and authorization using ACS and ISE2.3 802.1X authentication2.3.a Identify the functions 802.1X components2.4 BYOD2.4.a Describe the BYOD architecture framework2.4.b Describe the function of mobile device management (MDM)3.0 VPN17%3.1 VPN concepts3.1.a Describe IPsec protocols and delivery modes (IKE, ESP,AH, tunnel mode, transport mode)3.1.b Describe hairpinning, split tunneling, always-on, NAT traversal3.2 Remote access VPN3.2.a Implement basic clientless SSL VPN using ASDM3.2.b Verify clientless connection3.2.c Implement basic AnyConnect SSL VPN using ASDM3.2.d Verify AnyConnect connection3.2.e Identify endpoint posture assessment3.3 Site-to-site VPN3.3.a Implement an IPsec site-to-site VPN with pre-shared key authentication on Cisco routers and ASA firewalls3.3.b Verify an IPsec site-to-site VPN4.0 Secure Routing and Switching18%4.1 Security on Cisco routers4.1.a Configure multiple privilege levels4.1.b Configure Cisco IOS role-based CLI access4.1.c Implement Cisco IOS resilient configuration4.2 Securing routing protocols4.2.a Implement routing update authentication on OSPF4.3 Securing the control plane4.3.a Explain the function of control plane policing4.4 Common Layer 2 attacks4.4.a Describe STP attacks4.4.b Describe ARP spoofing4.4.c Describe MAC spoofing4.4.d Describe CAM table (MAC address table) overflows4.4.e Describe CDP/LLDP reconnaissance4.4.f Describe VLAN hopping4.4.g Describe DHCP spoofing4.5 Mitigation procedures4.5.a Implement DHCP snooping4.5.b Implement Dynamic ARP Inspection4.5.c Implement port security4.5.d Describe BPDU guard, root guard, loop guard4.5.e Verify mitigation procedures4.6 VLAN security4.6.a Describe the security implications of a PVLAN4.6.b Describe the security implications of a native VLAN5.0 Cisco Firewall Technologies18%5.1 Describe operational strengths and weaknesses of the different firewall technologies5.1.a Proxy firewalls5.1.b Application firewall5.1.c Personal firewall5.2 Compare stateful vs. stateless firewalls5.2.a Operations5.2.b Function of the state table5.3 Implement NAT on Cisco ASA 9.x5.3.a Static5.3.b Dynamic5.3.c PAT5.3.d Policy NAT5.3 e Verify NAT operations5.4 Implement zone-based firewall5.4.a Zone to zone5.4.b Self zone5.5 Firewall features on the Cisco Adaptive Security Appliance (ASA) 9.x5.5.a Configure ASA access management5.5.b Configure security access policies5.5.c Configure Cisco ASA interface security levels5.5.d Configure default Cisco Modular Policy Framework (MPF)5.5.e Describe modes of deployment (routed firewall, transparent firewall)5.5.f Describe methods of implementing high availability5.5.g Describe security contexts5.5.h Describe firewall services6.0 IPS9%6.1 Describe IPS deployment considerations6.1.a Network-based IPS vs. host-based IPS6.1.b Modes of deployment (inline, promiscuous - SPAN, tap)6.1.c Placement (positioning of the IPS within the network)6.1.d False positives, false negatives, true positives, true negatives6.2 Describe IPS technologies6.2.a Rules/signatures6.2.b Detection/signature engines6.2.c Trigger actions/responses (drop, reset, block, alert, monitor/log, shun)6.2.d Blacklist (static and dynamic)7.0 Content and Endpoint Security12%7.1 Describe mitigation technology for email-based threats7.1.a SPAM filtering, anti-malware filtering, DLP, blacklisting, email encryption7.2 Describe mitigation technology for web-based threats7.2.a Local and cloud-based web proxies7.2.b Blacklisting, URL filtering, malware scanning, URLcategorization, web application filtering, TLS/SSL decryption7.3 Describe mitigation technology for endpoint threats7.3.a Anti-virus/anti-malware7.3.b Personal firewall/HIPS7.3.c Hardware/software encryption of local data。

CCNA(1)适用班级：CCNA注意事项：1.在试卷的标封处填写姓名和班级2.考试时间共120分钟3.答案写在答题卡上1. What is the maximum number of IP addresses that can be assigned to hosts on a local subnetthat uses the subnet maskA. 14B. 15C. 16D. 30E. 31F. 622. You have a network that needs 29 subnets while maximizing the number of host addressesavailable on each subnet. How many bits must you borrow from the host field to provide thecorrect subnet maskA. 2B. 3C. 4D. 5E. 6F. 73. What is the subnetwork address for a host with the IP address The network address of provides how many subnets and hostsA. 7 subnets, 30 hosts eachB. 7 subnets, 2,046 hosts eachC. 7 subnets, 8,190 hosts eachD. 8 subnets, 30 hosts eachE. 8 subnets, 2,046 hosts eachF. 8 subnets, 8,190 hosts each5. Which two statements describe the IP address 10.16.3.65/23 (Choose two.)A. The subnet address is 10.16.3.0 The lowest host address in the subnet is 10.16.2.1 The last valid host address in the subnet is 10.16.2.254 The broadcast address of the subnet is 10.16.3.255 The network is not subnetted.6. If a host on a network has the address what is the subnetwork this hostbelongs toA. On a VLSM network, which mask should you use on point-to-point WAN links in order toreduce the waste of IP addressesA. /27B. /28C. /29D. /30E. /318. What is the subnetwork number of a host with an IP address of You have an interface on a router with the IP address of Including the routerinterface, how many hosts can have IP addresses on the LAN attached to the router interfaceA. 6B. 8C. 30D. 62E. 12610. You need to configure a server that is on the subnet The router has the firstavailable host address. Which of the following should you assign to the serverA. You have an interface on a router with the IP address of What is thebroadcast address the hosts will use on this LANA. You need to subnet a network that has 5 subnets, each with at least 16 hosts. Which classfulsubnet mask would you useA. A network administrator is connecting hosts A and B directly through their Ethernet interfaces,as shown in the illustration. Ping attempts between the hosts are unsuccessful. What can bedone to provide connectivity between the hosts (Choose two.)A. A crossover cable should be used in place of the straight-through cable.B. A rollover cable should be used in place of the straight-through cable.C. The subnet masks should be set to A default gateway needs to be set on each host.E. The subnet masks should be set to Address: Address: Cable164 Chapter 3 Subnetting, VLSMs, and Troubleshooting TCP/IP14. If an Ethernet port on a router were assigned an IP address of what wouldbe the valid subnet address of this hostA. Using the following illustration, what would be the IP address of E0 if you were using theeighth subnet The network ID is and you need to use the last available IPaddress in the range. The zero subnet should not be considered valid for this question.A. Using the illustration from the previous question, what would be the IP address of S0 if you wereusing the first subnet The network ID is and you need to use the last availableIP address in the range. Again, the zero subnet should not be considered valid for this question.A. Which configuration command must be in effect to allow the use of 8 subnets if the Class C subnet mask is Router(config)#ip classlessB. Router(config)#ip version 6C. Router(config)#no ip classfulD. Router(config)#ip unnumberedE. Router(config)#ip subnet-zeroF. Router(config)#ip all-nets18. You have a network with a subnet of Which is the valid host addressA. Your router has the following IP address on Ethernet0: Which of the following can be valid host IDs on the LAN interface attached to the router (Choose two.)A. To test the IP stack on your local host, which IP address would you pingA. 1.0.0.127C. You type show running-config and get this output:[output cut]Line console 0Exec-timeout 1 44Password 7098C0BQRLogin[output cut]What do the two numbers following the exec-timeout command meanA. If no command has been typed in 44 seconds, the console connection will be closed.B. If no router activity has been detected in 1 hour and 44 minutes, the console will be locked out.C. If no commands have been typed in 1 minute and 44 seconds, the console connection willbe closed.D. If you’re connected to the router by a Telnet connection, input must be detected within 1 minute and 44 seconds or the connection will be closed.22. You need to find the broadcast address used on a LAN on your router. What command willyou type into the router from user mode to find the broadcast addressA. show running-configB. show startup-configC. show interfacesD. show protocols23. You want to totally reinitialize the router and replace the current running-config with the current startup-config. What command will you useA. replace run startB. copy run startC. copy start runD. reloadReview Questions 24324. Which command will show you whether a DTE or a DCE cable is plugged into serial 0A. sh int s0B. sh int serial 0C. show controllers s 0D. show serial 0 controllers25. What keystroke will terminate setup modeA. Ctrl+ZB. Ctrl+^C. Ctrl+CD. Ctrl+Shift+^26. You set the console password, but when you display the configuration, the password doesn’t show up; it looks like this:[output cut]Line console 0Exec-timeout 1 44Password 7098C0BQRLogin[output cut]What cause the password to be stored like thisA. encrypt passwordB. service password-encryptionC. service-password-encryptionD. exec-timeout 1 4427. Which of the following commands will configure all the default VTY ports on a routerA. Router#line vty 0 4B. Router(config)#line vty 0 4C. Router(config-if)#line console 0D. Router(config)#line vty all28. Which of the following commands sets the secret password to CiscoA. enable secret password CiscoB. enable secret ciscoC. enable secret CiscoD. enable password Cisco244 Chapter 4 Cisco’s IOS and Security Device Manager29. If you wanted administrators to see a message when logging into the router, which command would you useA. message banner motdB. banner message motdC. banner motdD. message motd30. How many simultaneous Telnet sessions does a Cisco router support by defaultA. 1B. 2C. 3D. 4E. 5F. 631. What command do you type to save the configuration stored in RAM to NVRAMA. Router(config)#copy current to startingB. Router#copy starting to runningC. Router(config)#copy running-config startup-configD. Router#copy run startup32. You try to telnet into SFRouter from router Corp and receive this message:Corp#telnet SFRouterTrying SFRouter (10.0.0.1)…OpenPassword required, but none set[Connection to SFRouter closed by foreign host]Corp#Which of the following sequences will address this problem correctlyA. Corp(config)#line console 0B. SFRemote(config)#line console 0C. Corp(config)#line vty 0 4D. SFRemote(config)#line vty 0 433. Which command will delete the contents of NVRAM on a routerA. delete NVRAMB. delete startup-configC. erase NVRAMD. erase startReview Questions 24534. What is the problem with an interface if you type show interface serial 0 and receive the following messageSerial0 is administratively down, line protocol is downA. The keepalives are different times.B. The administrator has the interface shut down.C. The administrator is pinging from the interface.D. No cable is attached.35. Which of the following commands displays the configurable parameters and statistics of all interfaces on a routerA. show running-configB. show startup-configC. show interfacesD. show versions36. If you delete the contents of NVRAM and reboot the router, what mode will you be inA. Privileged modeB. Global modeC. Setup modeD. NVRAM loaded mode37. You type the following command into the router and receive the following output: Router#show serial 0/0^% Invalid input detected at ‘^’marker.Why was this error message displayedA. You need to be in privileged mode.B. You cannot have a space between serial and 0/0.C. The router does not have a serial0/0 interface.D. Part of the command is missing.38. You type Router#sh ru and receive an % ambiguous command error. Why did you receivethis messageA. The command requires additional options or parameters.B. There is more than one show command that starts with the letters ru.C. There is no show command that starts with ru.D. The command is being executed from the wrong router mode.246 Chapter 4 Cisco’s IOS and Security Device Manager39. Which of the following commands will display the current IP addressing and the layer 1 and2 status of an interface (Choose three.)A. show versionB. show protocolsC. show interfacesD. show controllersE. show ip interfaceF. show running-config40. What layer of the OSI model would you assume the problem is in if you type show interface serial 1 and receive the following messageSerial1 is down, line protocol is downA. Physical layerB. Data Link layerC. Network layerD. None; it is a router problem.41. What does the command o/r 0x2142 provideA. It is used to restart the router.B. It is used to bypass the configuration in NVRAM.C. It is used to enter ROM Monitor mode.D. It is used to view the lost password.42. Which command will copy the IOS to a backup host on your networkA. transfer IOS to copy run startC. copy tftp flashD. copy start tftpE. copy flash tftp43. You are troubleshooting a connectivity problem in your corporate network and want to isolate the problem. You suspect that a router on the route to an unreachable network is at fault.What IOS user exec command should you issueA. Router>pingB. Router>traceC. Router>show ip routeD. Router>show interfaceE. Router>show cdp neighbors44. You copy a configuration from a network host to a router’s RAM. The configuration looks correct, yet it is not working at all. What could the problem beA. You copied the wrong configuration into RAM.B. You copied the configuration into flash memory instead.C. The copy did not override the shutdown command in running-config.D. The IOS became corrupted after the copy command was initiated.45. A network administrator wants to upgrade the IOS of a router without removing the image currently installed. What command will display the amount of memory consumed by the currentIOS image and indicate whether there is enough room available to hold both the currentand new imagesA. show versionB. show flashC. show memoryD. show buffersE. show running-config46. The corporate office sends you a new router to connect, but upon connecting the console cable,you see that there is already a configuration on the router. What should be done before a new configuration is entered in the routerA. RAM should be erased and the router restarted.B. Flash should be erased and the router restarted.C. NVRAM should be erased and the router restarted.D. The new configuration should be entered and saved.47. Which command loads a new version of the Cisco IOS into a routerA. copy flash ftpB. copy ftp flashC. copy flash tftpD. copy tftp flash48. Which command will show you the IOS version running on your routerA. sh IOSB. sh flashC. sh versionD. sh running-config49. What should the configuration register value be after you successfully complete the password recovery procedure and return the router to normal operationA. 0x2100B. 0x2101C. 0x2102D. 0x214250. You save the configuration on a router with the copy running-config startup-configcommand and reboot the router. The router, however, comes up with a blank configuration.What can the problem beA. You didn’t boot the router with the correct command.B. NVRAM is corrupted.C. The configuration register setting is incorrect.D. The newly upgraded IOS is not compatible with the hardware of the router.E. The configuration you save is not compatible with the hardware.51. If you want to have more than one Telnet session open at the same time, what keystroke combination would you useA. Tab+spacebarB. Ctrl+X, then 6C. Ctrl+Shift+X, then 6D. Ctrl+Shift+6, then X52. You are unsuccessful in telnetting into a remote device. What could the problem be (Choose two.)A. IP addresses are incorrect.B. Access control list is filtering Telnet.C. There is a defective serial cable.D. The VTY password is missing.53. What information is displayed by the show hosts command (Choose two.)A. Temporary DNS entriesB. The names of the routers created using the hostname commandC. The IP addresses of workstations allowed to access the routerD. Permanent name-to-address mappings created using the ip host commandE. The length of time a host has been connected to the router via Telnet54. Which three commands can be used to check LAN connectivity problems on a router(Choose three.)A. show interfacesB. show ip routeC. tracertD. pingE. dns lookups55. You telnet to a router and make your necessary changes; now you want to end the Telnet session. What command do you type inA. closeB. disableC. disconnectD. exit56. You telnet into a remote device and type debug ip rip, but no output from the debug command is seen. What could the problem beA. You must type the show ip rip command first.B. IP addressing on the network is incorrect.C. You must use the terminal monitor command.D. Debug output is sent only to the console.57. Which command displays the configuration register settingA. show ip routeB. show boot versionC. show versionD. show flash58. You need to gather the IP address of a remote switch that is located in Hawaii. What can youdo to find the addressA. Fly to Hawaii, console into the switch, then relax and have a drink with an umbrella in it.B. Issue the show ip route command on the router connected to the switch.C. Issue the show cdp neighbor command on the router connected to the switch.D. Issue the show ip arp command on the router connected to the switch.E. Issue the show cdp neighbors detail command on the router connected to the switch.59. You have your laptop directly connected into a router’s Ethernet port. Which of the following are among the requirements for the copy flash tftp command to be successful (Choose three.)A. TFTP server software must be running on the router.B. TFTP server software must be running on your laptop.C. The Ethernet cable connecting the laptop directly into the router’s Ethernet port mu st bea straight-through cable.D. The laptop must be on the same subnet as the router’s Ethernet interface.E. The copy flash tftp command must be supplied the IP address of the laptop.F. There must be enough room in the flash memory of the router to accommodate the file tobe copied.60. The configuration register setting of 0x2102 provides what function to a routerA. Tells the router to boot into ROM monitor modeB. Provides password recoveryC. Tells the router to look in NVRAM for the boot sequenceD. Boots the IOS from a TFTP serverE. Boots an IOS image stored in ROM61. A receiving host has failed to receive all of the segments that it should acknowledge. What can the host do to improve the reliability of this communication sessionA. Send a different source port number.B. Restart the virtual circuit.C. Decrease the sequence number.D. Decrease the window size.62. Which fields are contained within an IEEE Ethernet frame header (Choose two.)A. Source and destination MAC addressB. Source and destination network addressC. Source and destination MAC address and source and destination network addressD. FCS field63. Which layer 1 devices can be used to enlarge the area covered by a single LAN segment (Choose two.)A. SwitchB. NICC. HubD. RepeaterE. RJ45 transceiver64. Segmentation of a data stream happens at which layer of the OSI modelA. PhysicalB. Data LinkC. NetworkD. Transport65. Which of the following describe router functions (Choose four.)A. Packet switchingB. Collision preventionC. Packet filteringD. Broadcast domain enlargementE. Internetwork communicationF. Broadcast forwardingG. Path selection66. Routers operate at layer __. LAN switches operate at layer __. Ethernet hubs operate at layer __. Word processing operates at layer __.A. 3, 3, 1, 7B. 3, 2, 1, noneC. 3, 2, 1, 7D. 2, 3, 1, 7E. 3, 3, 2, none67. When data is encapsulated, which is the correct orderA. Data, frame, packet, segment, bitB. Segment, data, packet, frame, bitC. Data, segment, packet, frame, bitD. Data, segment, frame, packet, bit68. Why does the data communication industry use the layered OSI reference model (Choose two.)A. It divides the network communication process into smaller and simpler components, thus aiding component development, design, and troubleshooting.B. It enables equipment from different vendors to use the same electronic components, thus saving research and development funds.C. It supports the evolution of multiple competing standards and thus provides business opportunities for equipment manufacturers.D. It encourages industry standardization by defining what functions occur at each layer ofthe model.E. It provides a framework by which changes in functionality in one layer require changes inother layers.69. What are two purposes for segmentation with a bridgeA. To add more broadcast domainsB. To create more collision domainsC. To add more bandwidth for usersD. To allow more broadcasts for users70. Which of the following are unique characteristics of half-duplex Ethernet when compared tofull-duplex Ethernet (Choose two.)A. Half-duplex Ethernet operates in a shared collision domain.B. Half-duplex Ethernet operates in a private collision domain.C. Half-duplex Ethernet has higher effective throughput.D. Half-duplex Ethernet has lower effective throughput.E. Half-duplex Ethernet operates in a private broadcast domain.58 Chapter 1 Internetworking71. You want to implement a network medium that is not susceptible to EMI. Which type of cabling should you useA. Thicknet coaxB. Thinnet coaxC. Category 5 UTP cableD. Fiber-optic cable72. Acknowledgments, sequencing, and flow control are characteristics of which OSI layerA. Layer 2B. Layer 3C. Layer 4D. Layer 773. Which of the following are types of flow control (Choose all that apply.)A. BufferingB. Cut-throughC. WindowingD. Congestion avoidanceE. VLANs74. Which of the following types of connections can use full duplex (Choose three.)A. Hub to hubB. Switch to switchC. Host to hostD. Switch to hubE. Switch to host75. What is the purpose of flow controlA. To ensure that data is retransmitted if an acknowledgment is not receivedB. To reassemble segments in the correct order at the destination deviceC. To provide a means for the receiver to govern the amount of data sent by the senderD. To regulate the size of each segment76. Which three statements are true about the operation of a full-duplex Ethernet networkA. There are no collisions in full-duplex mode.B. A dedicated switch port is required for each full-duplex node.C. Ethernet hub ports are preconfigured for full-duplex mode.D. In a full-duplex environment, the host network card must check for the availability of the network media before transmitting.E. The host network card and the switch port must be capable of operating in full-duplex mode. Review Questions 5977. What type of RJ45 UTP cable is used between switchesA. Straight-throughB. Crossover cableC. Crossover with a CSU/DSUD. Crossover with a router in between the two switches78. How does a host on an Ethernet LAN know when to transmit after a collision has occurred (Choose two.)A. In a CSMA/CD collision domain, multiple stations can successfully transmit data simultaneously.B. In a CSMA/CD collision domain, stations must wait until the media is not in use before transmitting.C. You can improve the CSMA/CD network by adding more hubs.D. After a collision, the station that detected the collision has first priority to resend thelost data.E. After a collision, all stations run a random backoff algorithm. When the backoff delay period has expired, all stations have equal priority to transmit data.F. After a collision, all stations involved run an identical backoff algorithm and then synchronize with each other prior to transmitting data.79. What type of RJ45 UTP cable do you use to connect a PC’s COM port to a router or switch console portA. Straight-throughB. Crossover cableC. Crossover with a CSU/DSUD. Rolled80. You have the following binary number:What are the decimal and hexadecimal equivalentsA. 69/0x2102B. 183/B7C. 173/A6D. 83/0xC581. What are the decimal and hexadecimal equivalents of the binary number(Choose two.)A. 159B. 157C. 185D. 0x9DE. 0xD9F. 0x15982. Which of the following allows a router to respond to an ARP request that is intended for a remote hostA. Gateway DPB. Reverse ARP (RARP)C. Proxy ARPD. Inverse ARP (IARP)E. Address Resolution Protocol (ARP)83. You want to implement a mechanism that automates the IP configuration, including IP address, subnet mask, default gateway, and DNS information. Which protocol will you useto accomplish thisA. SMTPB. SNMPC. DHCPD. ARP84. What protocol is used to find the hardware address of a local deviceA. RARPB. ARPC. IPD. ICMPE. BootP85. Which of the following are layers in the TCP/IP model (Choose three.)A. ApplicationB. SessionC. TransportD. InternetE. Data LinkF. Physical86. Which class of IP address provides a maximum of only 254 host addresses per network IDA. Class AB. Class BC. Class CD. Class DE. Class E87. Which of the following describe the DHCP Discover message (Choose two.)A. It uses FF:FF:FF:FF:FF:FF as a layer 2 broadcast.B. It uses UDP as the Transport layer protocol.C. It uses TCP as the Transport layer protocol.D. It does not use a layer 2 destination address.8. Which layer 4 protocol is used for a Telnet connectionA. IPB. TCPC. TCP/IPD. UDPE. ICMP89. Which statements are true regarding ICMP packets (Choose two.)A. They acknowledge receipt of a TCP segment.B. They guarantee datagram delivery.C. They can provide hosts with information about network problems.D. They are encapsulated within IP datagrams.E. They are encapsulated within UDP datagrams.90. Which of the following services use TCP (Choose three.)A. DHCPB. SMTPC. SNMPD. FTPE. HTTPF. TFTP91. Which of the following services use UDP (Choose three.)A. DHCPB. SMTPC. SNMPD. FTPE. HTTPF. TFTP92. Which of the following are TCP/IP protocols used at the Application layer of the OSI model (Choose three.)A. IPB. TCPC. TelnetD. FTPE. TFTP93. The following illustration shows a data structure header. What protocol is this header fromA. IPB. ICMPC. TCPD. UDPE. ARPF. RARP94. If you use either Telnet or FTP, which is the highest layer you are using to transmit dataA. ApplicationB. PresentationC. SessionD. Transport95. The DoD model (also called the TCP/IP stack) has four layers. Which layer of the DoD model is equivalent to the Network layer of the OSI modelA. ApplicationB. Host-to-HostC. InternetD. Network Access96. Which two of the following are private IP addressesA. 12.0.0.1B. What layer in the TCP/IP stack is equivalent to the Transport layer of the OSI model A. ApplicationB. Host-to-HostC. InternetD. Network Access98. Which statements are true regarding ICMP packets (Choose two)A. ICMP guarantees datagram delivery.B. ICMP can provide hosts with information about network problems.C. ICMP is encapsulated within IP datagrams.D. ICMP is encapsulated within UDP datagrams.99. What is the address range of a Class B network address in binaryA. 01xxxxxxB. 0xxxxxxxC. 10xxxxxxD. 110xxxxx100. Which of the following protocols uses both TCP and UDPA. FTPB. SMTPC. TelnetD. DNS答题卡。

网络工程师CCNA证书考试题库网络工程师是当今社会上一种备受青睐的职业，具备CCNA证书是成为一名合格网络工程师的基本要求之一。

CCNA（Cisco Certified Network Associate）是思科公司提供的一种权威的网络证书，考试内容涵盖了网络基础知识、路由器和交换机配置、网络安全等方面的内容。

下面将为大家整理一份网络工程师CCNA证书考试题库，供大家参考和复习。

一、网络基础知识1. OSI参考模型中，哪一层负责确定数据如何在网络中传输？A. 应用层B. 传输层C. 网络层D. 数据链路层2. IP地址的子网掩码用来做什么？A. 区分网络地址和主机地址B. 确定网络的物理拓扑C. 控制网络访问权限D. 提高网络安全性3. TCP协议是一种什么类型的协议？A. 面向连接型B. 面向无连接型C. 面向消息型D. 面向数据流型4. 下面哪种传输介质是最适合用于在大楼内部连接不同楼层的网络设备？A. 双绞线B. 同轴电缆C. 光纤D. 无线电波二、路由器和交换机配置1. 在路由器上配置静态路由需要设置哪些参数？A. 出接口B. 下一跳地址C. 网关地址D. 子网掩码2. 交换机的VLAN技术主要用来实现什么功能？A. 提高网络传输速度B. 划分不同的广播域C. 增加网络安全性D. 实现无线网络连接3. 在路由器上配置NAT技术的目的是什么？A. 增加网络带宽B. 实现内网主机与外网通信C. 提高网络可靠性D. 实现跨平台数据传输4. 交换机端口默认是属于哪个VLAN？A. VLAN1B. VLAN10C. VLAN100D. VLAN1000三、网络安全1. 以下哪种加密算法用于保护传输过程中的数据机密性？A. DESB. MD5C. RSAD. SHA2. 防火墙的作用是什么？A. 限制网络带宽的使用B. 监控网络流量C. 阻止非法入侵D. 加快网络数据传输速度3. 在网络安全方面，ACL（访问控制列表）主要用来控制什么？A. 网络拓扑B. 主机访问权限C. 广播域D. 数据传输速度4. DDos攻击是指什么？A. 拒绝服务攻击B. 数据泄露攻击C. 蠕虫攻击D. 恶意代码攻击通过以上网络工程师CCNA证书考试题库的复习，相信大家可以更加全面地了解CCNA考试的内容要求，提升自己的备考水平。

思科ccna复习题思科CCNA复习题是许多IT从业者在准备网络认证考试时面临的重要挑战。

CCNA（Cisco Certified Network Associate）认证是全球范围内最受认可的网络认证之一，它涵盖了网络基础知识、路由和交换技术、网络安全、无线网络等方面的内容。

在复习CCNA考试的过程中，掌握并解答复习题是一种非常有效的学习方法。

本文将介绍一些常见的CCNA复习题，并给出相应的解答和解析。

一、网络基础知识1. 什么是IP地址？IP地址有几种类型？答：IP地址是用于标识网络上设备（如计算机、路由器等）的一串数字。

IP地址分为IPv4和IPv6两种类型。

IPv4使用32位二进制数表示，通常以四个十进制数表示，每个数的取值范围是0-255。

IPv6使用128位二进制数表示，通常以八组四位十六进制数表示。

2. 什么是子网掩码？如何计算子网掩码？答：子网掩码是用于划分IP地址的网络部分和主机部分的一串二进制数。

计算子网掩码的方法是将IP地址中网络部分的位全部设置为1，主机部分的位全部设置为0。

例如，对于IP地址192.168.0.1，如果要将前24位作为网络部分，剩余8位作为主机部分，那么子网掩码为255.255.255.0。

二、路由和交换技术1. 什么是路由器？它的作用是什么？答：路由器是一种网络设备，用于在不同的网络之间传输数据包。

它通过查找路由表，将数据包从源地址传输到目标地址。

路由器的作用是实现不同网络之间的互联和数据转发。

2. 什么是交换机？与路由器有何区别？答：交换机是一种网络设备，用于在局域网内传输数据包。

它通过学习MAC地址，将数据包从源地址传输到目标地址。

交换机与路由器的区别在于作用范围不同，交换机只能在局域网内传输数据，而路由器可以在不同网络之间传输数据。

三、网络安全1. 什么是防火墙？它的作用是什么？答：防火墙是一种网络安全设备，用于监控和控制网络数据流。

它通过过滤、检测和阻止不安全的网络流量，保护网络免受未经授权的访问、攻击和数据泄露。