CCNA考试题库中英文翻译版及答案1[1]1. What are two reasons that a network administrator would use access lists? (Choose two.)1.出于哪两种理由，网络管理员会使用访问列表?A. to control vty access into a routerA.控制通过VTY访问路由器B. to control broadcast traffic through a routerB.控制广播流量穿越路由器2.一个默认的帧中继WAN被分类为哪种物理网络类型?A. point-to-pointA.点到点B. broadcast multi-accessB.广播多路访问C. nonbroadcast multi-accessC.非广播多路访问D. nonbroadcast multipointD.非广播多点E. broadcast point-to-multipointE.广播点到多点Answer: C3. A single 802.11g access point has been configured and installed in the center of a squarA few wireless users are experiencing slow performance and drops while most users are oat peak efficiency. What are three likely causes of this problem? (Choose three.)3.一个802.11接入点被部署在一个方形办公室的中央，当大多数用户在大流量传输数一些无线用户发现无线网络变得缓慢和出现丢包A. mismatched TKIP encryptionB. null SSIDC. cordless phonesD. mismatched SSIDE. metal file cabinetsF. antenna type or directionAnswer: CEF4. Refer to the exhibit. How many broadcast domains exist in the exhibited topology?根据下图，图中的拓扑中存在多少个广播域?A. one A.1B. two B.2C. three C.3D. four D.4E. five E.5F. six F.6Answer: C5. Refer to the exhibit. What two facts can be determined from the WLAN diagram? (Choose two.)5.根据下图，WLAN diagram决定了哪两个事实A. The area of overlap of the two cells represents a basic service set (BSS).A. 两个 cells的overlap的区域描述了一个basic service setB. The network diagram represents an extended service set (ESS).B. 网络描述了一个extended service setC. Access points in each cell must be configured to use channel 1.C. 再每个CELL中的AP必须被配置成使用channel 1D. The area of overlap must be less than 10% of the area to ensure connectivity.D. 为了确保连通性,重叠区域必须小于10%E. The two APs should be configured to operate on different channels.E. 两个访问点应该被配置成工作在不同的频道Answer: BE6. The command frame-relay map ip 10.121.16.8 102 broadcast was entered on the router.Which of the following statements is true concerning this command?6.路由器上输入命令frame-relay map ip 10.121.16.8 102 broadcast，以下选项正确的是?A. This command should be executed from the global configuration mode.A.该命令应该在全局配置模式下被执行B. The IP address 10.121.16.8 is the local router port used to forward data.B.IP地址10.121.16.8是本地路由器用来转发数据的接口C. 102 is the remote DLCI that will receive the information.C.102是远端的DLCI它将接受信息。

D. This command is required for all Frame Relay configurations.D.这个命令要求被配置为所有的帧中继配置。

E. The broadcast option allows packets, such as RIP updates, to be forwarded across the PVC.E.这个广播选项允许数据包，例如rip更新信息，将会被转发通过PVC.Answer: E7. Which type of attack is characterized by a flood of packets that are requesting a TCP connectionto a server?7.哪种类型的攻击的特点是发大量的TCP请求连接数据包到服务器?A. denial of service A.拒绝服务B. brute force B.强制叠加C. reconnaissance C.监听D. Trojan horse D.木马Answer: A8. Which of the following are associated with the application layer of the OSI model? (Choosetwo.)8.以下两个选项是工作在OSI模型的应用层的?A. pingB. TelnetC. FTPD. TCPE. IPAnswer: BC9. Refer to the exhibit. The network administrator has created a new VLAN on Switch1 and addedhostC and host D. The administrator has properly configured switch interfaces FastEthernet0/13 through FastEthernet0/24 to be members of the new VLAN. However, after the network administrator completed the configuration, host A could communicate with host B, but host A could not communicate with host C or host D. Which commands are required to resolve this problem?9.网络管理员在交换机1上创建一个新VLAN并且将主机C和主机D加入到此VLAN中.管理员配置交换机接口FastEthernet0/13到FastEthernet0/24成为新VLAN成员.但是网络管理员完成配置以后,主机A可以和主机B通信,但是主机A不能和主机C或者主机D通信.哪个命令可以用来解决这个问题A. Router(config)# interface fastethernet 0/1.3Router(config-if)# encapsulation dot1q 3Router(config-if)# ip address 192.168.3.1 255.255.255.0B. Router(config)# router ripRouter(config-router)# network 192.168.1.0Router(config-router)# network 192.168.2.0Router(config-router)# network 192.168.3.0C. Switch1# vlan databaseSwitch1(vlan)# vtp v2-modeSwitch1(vlan)# vtp domain ciscoSwitch1(vlan)# vtp serverD. Switch1(config)# interface fastethernet 0/1Switch1(config-if)# switchport mode trunkSwitch1(config-if)# switchport trunk encapsulation islAnswer: A10. For security reasons, the network administrator needs to prevent pings into the corporate networks from hosts outside the internetwork. Which protocol should be blocked with access control lists?10.出于安全考虑，网络管理员需要去防止外网主机PING内网，下面那个协议应该用access control lists 限制掉A. IPB. ICMPC. TCPD. UDPAnswer: B11. What are two recommended ways of protecting network device configuration files from outside network security threats? (Choose two.)11.哪两种方法被推荐用来保守网络设备的配置文件不受外网的威胁A. Allow unrestricted access to the console or VTY ports.A.允许unrestricted 访问到console或VTY口B. Use a firewall to restrict access from the outside to the network devices.B.用防火墙去限制外网的网络设备访问C. Always use Telnet to access the device command line because its data is automatically encrypted.C.因为数据被自动加密，所以总是允许使用TELNET命令访问网络设备的命令行，D. Use SSH or another encrypted and authenticated transport to access device configurations.D.使用SSH或其他加密、认证机制去访问设备的配置E. Prevent the loss of passwords by disabling password encryption.E.为了避免丢失密码，所以不对密码进行加密(明文)Answer: BD12. Refer to the exhibit. The access list has been configured on the S0/0 interface of router RTB in the outbound direction. Which two packets, if routed to the interface, will be denied? (Choose two.)12.根据下图，该access list被配置在路由器RTB的S0/0接口上的OUT方向，哪两个数据包会被DENY，如果被路由到该接口上的话?access-list 101 deny tcp 192.168.15.32 0.0.0.15 any eq telnetaccess-list 101 permit ip any anyA. source ip address: 192.168.15.5; destination port: 21B. source ip address:, 192.168.15.37 destination port: 21C. source ip address:, 192.168.15.41 destination port: 21D. source ip address:, 192.168.15.36 destination port: 23E. source ip address: 192.168.15.46; destination port: 23F. source ip address:, 192.168.15.49 destination port: 23Answer: DE13. What are two security appliances that can be installed in a network? (Choose two.)13.以下哪两个安全工具能被安装在一个网络里A. ATMB. IDSC. IOSD. IOXE. IPSF. SDMAnswer: BE14. Refer to the exhibit. Switch1 has just been restarted and has passed the POST routine. HostA sends its initial frame to Host C. What is the first thing the switch will do as regards populating the switching table?14.根据下图， Switch1刚刚完成重启，并完成上电自检。