CISCO CCNA Exam – Q238

Which two statements about static NAT translations are true? (Choose two.)

A. They allow connections to be initiated from the outside.
B. They require no inside or outside interface markings because addresses are statically defined.
C. They are always present in the NAT table.
D. They can be configured with access lists, to allow two or more connections to be initiated from the outside.

Correct Answers: A, C

Explanation:
Static NAT is to map a single outside IP address to a single inside IP address. This is typically done to allow incoming connections from the outside (Internet) to the inside. Since these are static, they are always present in the NAT table even if they are not actively in use.

CISCO CCNA Exam – Q237

What is a valid HSRP virtual MAC address?

A. 0000.5E00.01A3
B. 0007.B400.AE01
C. 0000.0C07.AC15
D. 0007.5E00.B301

Correct Answer: C

Explanation:
With HSRP, two or more devices support a virtual router with a fictitious MAC address and unique IP address. There are two version of HSRP.
+ With HSRP version 1, the virtual router’s MAC address is 0000.0c07.ACxx , in which xx is the HSRP group.
+ With HSRP version 2, the virtual MAC address if 0000.0C9F.Fxxx, in which xxx is the HSRP group.
Note: Another case is HSRP for IPv6, in which the MAC address range from 0005.73A0.0000 through 0005.73A0.0FFF.

CISCO CCNA Exam – Q236

In GLBP, which router will respond to client ARP requests?

A. The active virtual gateway will reply with one of four possible virtual MAC addresses.
B. All GLBP member routers will reply in round-robin fashion.
C. The active virtual gateway will reply with its own hardware MAC address.
D. The GLBP member routers will reply with one of four possible burned in hardware addresses.

Correct Answer: A

Explanation:
One disadvantage of HSRP and VRRP is that only one router is in use, other routers must wait for the primary to fail because they can be used. However, Gateway Load Balancing Protocol (GLBP) can use of up to four routers simultaneously. In GLBP, there is still only one virtual IP address but each router has a different virtual MAC address.
First a GLBP group must elect an Active Virtual Gateway (AVG). The AVG is responsible for replying ARP requests from hosts/clients. It replies with different virtual MAC addresses that correspond to different routers (known as Active Virtual Forwarders – AVFs) so that clients can send traffic to different routers in that GLBP group (load sharing).

CISCO CCNA Exam – Q235

Which statement describes VRRP object tracking?

A. It monitors traffic flow and link utilization.
B. It ensures the best VRRP router is the virtual router master for the group.
C. It causes traffic to dynamically move to higher bandwidth links.
D. It thwarts man-in-the-middle attacks.

Correct Answer: B

Explanation:
Object tracking is the process of tracking the state of a configured object and uses that state to determine the priority of the VRRP router in a VRRP group.

CISCO CCNA Exam – Q234

What are three benefits of GLBP? (Choose three.)

A. GLBP supports up to eight virtual forwarders per GLBP group.
B. GLBP supports clear text and MD5 password authentication between GLBP group members.
C. GLBP is an open source standardized protocol that can be used with multiple vendors.
D. GLBP supports up to 1024 virtual routers.
E. GLBP can load share traffic across a maximum of four routers.
F. GLBP elects two AVGs and two standby AVGs for redundancy.

Correct Answers: B, D, E

CISCO CCNA Exam – Q233

Which three statements about HSRP operation are true? (Choose three.)

A. The virtual IP address and virtual MA+K44C address are active on the HSRP Master router.
B. The HSRP default timers are a 3 second hello interval and a 10 second dead interval.
C. HSRP supports only clear-text authentication.
D. The HSRP virtual IP address must be on a different subnet than the routers’ interfaces on the same LAN.
E. The HSRP virtual IP address must be the same as one of the router’s interface addresses on the LAN.
F. HSRP supports up to 255 groups per interface, enabling an administrative form of load balancing.

Correct Answers: A, B, F

Explanation:
The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP version 2 uses a virtual MAC address of 0000.0C9F.FXXX (XXX: HSRP group in hexadecimal).

CISCO CCNA Exam – Q232

Which three statements about Syslog utilization are true? (Choose three.)

A. Utilizing Syslog improves network performance.
B. The Syslog server automatically notifies the network administrator of network problems.
C. A Syslog server provides the storage space necessary to store log files without using router disk space.
D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.
E. Enabling Syslog on a router automatically enables NTP for accurate time stamping.
F. A Syslog server helps in aggregation of logs and alerts.

Correct Answers: C, D, F

Explanation:
The Syslog sender sends a small (less than 1KB) text message to the Syslog receiver. The Syslog receiver is commonly called “syslogd,” “Syslog daemon,” or “Syslog server.”

Syslog messages can be sent via UDP (port 514) and/or TCP (typically, port 5000). While there are some exceptions, such as SSL wrappers, this data is typically sent in clear text over the network. A Syslog server provides the storage space necessary to store log files without using router disk space.

In general, there are significantly more Syslog messages available within IOS as compared to SNMP Trap messages. For example, a Cisco Catalyst 6500 switch running Cisco IOS Software Release 12.2(18)SXF contains about 90 SNMP trap notification messages, but has more than 6000 Syslog event messages.

System logging is a method of collecting messages from devices to a server running a syslog daemon. Logging to a central syslog server helps in aggregation of logs and alerts.

CISCO CCNA Exam – Q231

A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)

A. informational
B. emergency
C. warning
D. critical
E. debug
F. error

Correct Answers: B, D, F

Explanation:
The Message Logging is divided into 8 levels as listed below:
CISCO CCNA Exam – Q231

If you specify a level with the “logging trap level” command, that level and all the higher levels will be logged. For example, by using the “logging trap 3″ command, all the logging of emergencies, alerts, critical, and errors, will be logged.

CISCO CCNA Exam – Q230

What is the default Syslog facility level?

A. local4
B. local5
C. local6
D. local7

Correct Answer: D

Explanation:
By default, Cisco IOS devices, CatOS switches, and VPN 3000 Concentrators use facility local7 while Cisco PIX Firewalls use local4 to send syslog messages. Moreover, most Cisco devices provide options to change the facility level from their default value.

CISCO CCNA Exam – Q229

What command instructs the device to timestamp Syslog debug messages in milliseconds?

A. service timestamps log datetime localtime
B. service timestamps debug datetime msec
C. service timestamps debug datetime localtime
D. service timestamps log datetime msec

Correct Answer: B

Explanation:
Enable millisecond (msec) timestamps using the service timestamps command:

router(config)#service timestamps debug datetime msec.
router(config)#service timestamps log datetime msec The “service timestamps debug”.

command configures the system to apply a time stamp to debugging messages. The time-stamp format for datetime is MMM DD HH:MM:SS, where MMM is the month, DD is the date, HH is the hour (in 24-hour notation), MM is the minute, and SS is the second. With the additional keyword msec, the system includes milliseconds in the time stamp, in the formatHH:DD:MM:SS.mmm, where .mmm is milliseconds.