Saturday, 25 June 2011
Free CCNA Practice Stuff Packet Tracer Activities Practice Questions For CCNA Exam
1.You have an internal web server that must be accessed from the corporate Internet connection.
This internal web server has the IP address 172.16.55.10. The router accesses the Internet
through the FastEthernet0/1 interface. What NAT syntax is necessary to forward HTTP requests
to the internal web server?
A. ip nat outside destination tcp 80 fastEthernet0/1 172.16.55.10 80
B. ip nat inside source static tcp 172.16.55.10 80 interface fastEthernet 0/1 80
C. ip nat outside source tcp 80 172.16.55.10 80 interface fastEthernet0/1 80
D. ip nat inside destination static tcp 172.16.55.10 80 interface fastEthernet 0/1 80
2.You would like to configure NAT for a small office DSL connection, as shown in the figure below.
Users on the 192.168.254.0/24 network should share the public address assigned to the router's
Ethernet 0/3 interface for public access. In addition, one of the internal users (192.168.254.32) is
running an FTP server containing files that need to be accessed from the Internet. Which of the
following configurations accomplishes these objectives?
Small office DSL connection.
A. interface fastethernet 2/0
ip nat inside
interface Ethernet 0/3
ip nat outside
ip nat inside source interface Ethernet 0/3 interface
fastethernet 2/0 overload
B. interface fastethernet 2/0
ip nat inside
interface Ethernet 0/3
ip nat outside
ip nat inside source static 192.168.254.32 interface
fastethernet 2/0
ip nat inside source interface ethernet 0/3 interface
fastethernet 2/0 overload
C. interface fastethernet 2/0
ip nat inside
interface Ethernet 0/3
ip nat outside
access-list 50 permit 192.168.254.0 0.0.0.255
ip nat inside source static tcp 192.168.254.32 21
interface fastethernet 2/0 21
ip nat inside source list 50 interface fastethernet 2/0
overload
D. interface fastethernet 2/0
ip nat inside
interface Ethernet 0/3
ip nat outside
access-list 50 permit 192.168.254.0 0.0.0.255
ip nat inside source static tcp interface ethernet 0/3
21 interface fastethernet 2/0 21
ip nat inside source list 50 interface fastethernet
2/0
3.You create an access list in Notepad in preparation to apply it to an interface. Before you add the
lines to the access list, you apply the list to the intended interface. What is the result?
A. You receive an error message to create the access list.
B. You permit all traffic through the interface.
C. All traffic through the interface is denied.
D. You receive a syntax error message.
4.Network Address Translation (NAT) typically translates between one or more internal private
addresses to public Internet addresses. What ranges are defined in RFC 1918 as internal private
addresses? (Choose three.)
A. 10.0.0.0/8
B. 172.16.0.0/16
C. 169.254.0.0/16
D. 172.16.0.0/16–172.31.255.255/16
E. 192.168.0.0/24–192.168.255.255/24
F. 224.0.0.0/24
5.You are troubleshooting a NAT configuration on your 2514 router. It seems that all of the syntax
is in place, but users are not able to access the Internet. You are able to ping Internet websites
from your router successfully. What is the most likely cause of the problem?
interface fastethernet 0
ip address 192.168.1.1 255.255.255.0
interface fastethernet 1
ip address dhcp
ip nat outside
ip route 0.0.0.0 0.0.0.0 fastethernet 1
access-list 50 permit 192.168.1.0 0.0.0.255
ip nat inside source static tcp 192.168.1.50 80 interface fastethernet 1 80
ip nat inside source list 50 interface fastethernet 1 overload
A. The static route is incorrect. It needs to be pointed to the ISP next-hop address rather
than the router's local interface.
B. The NAT configuration is incomplete.
C. Static NAT features cannot be combined with the NAT Overload features.
D. All of the above.
6.Which of the following creates a standard access list that allows traffic from the 172.16 subnet?
A. access-list 1 permit 172.16.0.0 0.0.255.255
B. access-list 100 permit 172.16.0.0 255.255.0.0
C. access-list 1 permit 172.16.0.0 255.255.0.0
D. access-list 100 permit 172.16.0.0 0.0.255.255
7.Which of the following access list lines denies access to a computer with an IP of 172.16.0.5?
A. access-list 1 172.16.0.5 0.0.0.0 deny
B. access-list 1 deny host 172.16.0.5
C. access-list 1 deny 172.16.0.5 255.255.255.255
D. access-list 101 deny 172.16.0.5 0.0.0.0
8. You want to create an access list that denies port 23 TCP traffic from the 172.30.10.0 network
and that is destined for the 172.30.20.0 network. Which of the following commands
accomplishes this?
A. access-list 101 tcp deny 172.30.10.0 0.0.0.255 172.30.20.0 0.0.0.255 eq 23
B. access-list 91 tcp deny 172.30.10.0 0.0.0.255 172.30.20.0 0.0.0.255 eq 23
C. access-list 101 deny tcp 172.30.10.0 0.0.0.255 172.30.20.0 0.0.0.255 eq 23
D. access-list 91 deny tcp 172.30.10.0 0.0.0.255 172.30.20.0 0.0.0.255 eq 23
9.You want to create an access list that denies all outbound traffic to port 80 from the 10.10.0.0
network. Which access list entry meets your requirements?
A. access-list 101 deny tcp 10.10.0.0 0.0.255.255 eq 80
B. access-list 91 deny tcp 10.10.0.0 0.0.255.255 any eq 80
C. access-list 101 deny tcp 10.10.0.0 0.0.255.255 all eq 80
D. access-list 101 deny tcp 10.10.0.0 0.0.255.255 any eq 80
10. Which of the following forms of NAT allows you to translate one group of IP addresses to
another in a 1:1 relationship with minimal configuration?
A. Port Address Translation
B. Static NAT
C. NAT Overload
D. Dynamic NAT
11. You are configuring the Internet connection for the network pictured in the figure below. The
initial NAT Overload configuration has been set up; you must now publish the internal FTP and
web server to the Internet. What commands accomplish this? (Choose two.)
Internet network connection.
A. ip nat inside source static tcp 80 192.168.254.100 80 24.15.240.9
B. ip nat inside source static tcp 192.168.254.50 20 24.15.240.9 20
C. ip nat inside source static tcp 192.168.254.50 21 24.15.240.9 21
D. ip nat inside source static tcp 192.168.254.100 80 24.15.240.9 80
E. ip nat inside source static tcp 21 192.168.254.50 21 24.15.240.9
12.You want to use access list 1 to filter traffic on your inbound vty lines. What command do you
enter?
A. access-group 1 in
B. access-group 1 vty in
C. access-list 1 in
D. access-class 1 in
Solution :
1. B
2. C
3. B
4. A,D,E
5. B
6. A
7. B
8. C
9. D
10. D
11. C,D
12. D
