【正文】 not directly connected to router R2 will be dropped immediately. C. Any packet destined for a network that is not directly connected to router R2 will be dropped immediately because of the lack of a gateway on R1. D. The networks directly connected to router R2 will not be able to municate with the , , and subnetworks. E. Any packet destined for a network that is not referenced in the routing table of router R2 will be directed to R1. R1 will then send that packet back to R2 and a routing loop will occur. Answer: E解釋一下：在R1上產(chǎn)生了一個OSPF的缺省路由，出接口指定為S0/0，這條缺省路由以5類LSA的形式通告給了R2，于是R2上也有了一條標記為O*E2 。所以在最開始的一步中。所以不管怎么樣都有一句是能被匹配的。11．What are two remended ways of protecting network device configuration files from outside network security threats? (Choose two.) A. Allow unrestricted access to the console or VTY ports. B. Use a firewall to restrict access from the outside to the network devices. C. Always use Telnet to access the device mand line because its data is automatically encrypted. D. Use SSH or another encrypted and authenticated transport to access device configurations. E. Prevent the loss of passwords by disabling password encryption. Answer: BD解釋一下：要確保外部的安全的站點才可以訪問我的網(wǎng)絡(luò)，這就涉及到了安全的問題了，我們 可以使用防火墻來限制外網(wǎng)中來的設(shè)備；也可以通過SSH或加密和認證來控制。10．Refer to the exhibit. The network administrator has created a new VLAN on Switch1 and added host C and host D. The administrator has properly configured switch interfaces FastEthernet0/13 through FastEthernet0/24 to be members of the new VLAN. However, after the network administrator pleted the configuration, host A could municate with host B, but host A could not municate with host C or host D. Which mands are required to resolve this problem? A. Router(config) interface fastethernet 0/ Router(configif) encapsulation dot1q 3 Router(configif) ip address B. Router(config) router rip Router(configrouter) network Router(configrouter) network Router(configrouter) network C. Switch1 vlan database Switch1(vlan) vtp v2mode Switch1(vlan) vtp domain cisco Switch1(vlan) vtp server D. Switch1(config) interface fastethernet 0/1 Switch1(configif) switchport mode trunk Switch1(configif) switchport trunk encapsulation isl Answer: A解釋一下：這是一個多VLAN間通訊的問題，雖然都同在一臺交換機上，但是由于處在不同的VLAN中，而導(dǎo)致了不同VLAN中的主機是不能通訊的。因為在默認的情況下，幀中繼的網(wǎng)絡(luò)為非廣播的，而RIP在其上是無法發(fā)包的。但是也可以通過子接口來修改他的網(wǎng)絡(luò)的類型。CCNA640802 V13題庫試題分析題庫講解：吳老師（艾迪飛CCIE實驗室首發(fā)網(wǎng)站：1. What are two reasons that a network administrator would use access lists? (Choose two.) A. to control vty access into a router B. to control broadcast traffic through a router C. to filter traffic as it passes through a router D. to filter traffic that originates from the router E. to replace passwords as a line of defense against security incursions Answer: AC解釋一下：在VTY線路下應(yīng)用ACL，可以控制從VTY線路進來的telnet的流量。3． Refer to the exhibit. How many broadcast domains exist in the exhibited topology?A. one B. two C. three D. four E. five F. six Answer: C解釋一下：廣播域的問題，在默認的情況下，每個交換機是不能隔離廣播域的，所以在同一個區(qū)域的所有交換機都在同一個廣播域中，但是為了減少廣播的危害，將廣播限制在一個更小的范圍，有了VLAN的概念，VLAN表示的是一個虛擬的局域網(wǎng)，而他的作用就是隔離廣播。8．Which of the following are associated with the application layer of the OSI model? (Choose two.) A. ping B. Telnet C. FTP D. TCP E. IP Answer: BC解釋一下：在OSI 7層模型中位于應(yīng)用層的應(yīng)用有telnet 和 ftp 這兩種應(yīng)用。這時我們就需要借助與trunk和三層的路由功能了，在交換機和路由器之間封裝TRUNK，這樣可以允許交換機間的二層的通訊，但是由于兩個VLAN是劃分到不同的網(wǎng)段中的，因此需要借助路由器的路由功能來實現(xiàn)三層的可達，可以將VLAN中的主機的網(wǎng)關(guān)指定為路由器與該VLAN相連的子接口的地址，這樣VLAN中的數(shù)據(jù)包就都會發(fā)往網(wǎng)關(guān)，而由網(wǎng)關(guān)來進行進一步的轉(zhuǎn)發(fā)。12．Refer to the exhibit. The access list has been configured on the S0/0 interface of router RTB in the outbound direction. Which two packets, if routed to the interface, will be denied? (Choose two.)accesslist 101 deny tcp any eq telnet accesslist 101 permit ip any any A. source ip address: 。在上題中， 的流量，然后第二句定義的就是允許所有的IP流量。14. he user of Host1 wants to ping the DSL modem/router at . Based on the Host1 ARP table that is shown in the exhibit, what will Host1 do? A. send a unicast ARP packet to the DSL modem/router B. send unicast ICMP packets to the DSL modem/router C. send Layer 3 broadcast packets to which the DSL modem/router responds D. send a Layer 2 broadcast that is received by Host2, the switch, and the DSL modem/router Answer: B解釋一下：，所以在這主機都只需要發(fā)送單播的ICMP包到DSL modem/router即可。所以R2收到任何路由表中沒有的目的網(wǎng)段時，就將指定給R1，而R1根據(jù)缺省路由的出接口又將數(shù)據(jù)包發(fā)往R2，這樣就形成了一個路由的環(huán)路。22. Refer to the exhibit. Which statement describes DLCI 17? A. DLCI 17 describes the ISDN circuit between R2 and R3. B. DLCI 17 describes a PVC on R2. It cannot be used on R3 or R1. C. DLCI 17 is the Layer 2 address used by R2 to describe a PVC to R3. D. DLCI 17 describes the dialup circuit from R2 and R3 to the service provider. Answer: C解釋一下：DLCI是在Framerelay中的描述二層信息的地址，他的地位等同于以太網(wǎng)中的MAC地址。這還是匯總的問題的一個反向的考察，根據(jù)21位的掩碼位數(shù)可以推斷在第3個八位字節(jié)的前5位是相同的，不同的是后面的3位，而將176寫成二進制的形式為1011 0000，所以可以看出來明細的路由可以是176183，所以在上面的答案中可以很容易看到答案B和E是我們的明細路由。28. wo routers named Atlanta and Brevard are connected by their serial interfaces as shown in the exhibit, but there is no data connectivity between them. The Atlanta router is known to have a correct configuration. Given the partial configurations shown in the exhibit, what is the problem on the Brevard router that is causing the lack of connectivity? A. A loopback is not set. B. The IP address is incorrect. C. The subnet mask is incorrect. D. The serial line encapsulations are inpatible. E. The maximum transmission unit (MTU) size is too large. F. The bandwidth setting is inpatible with the connected interface. Answer: B解釋一下：很明顯的錯誤啊，兩臺路由器的串行接口的地址配置錯誤，不是在相同的網(wǎng)段，從而導(dǎo)致了不能通訊。然后在非根橋上選出根端口，通過比較到根橋的花費來選舉的，花費最小的就是根端口。32. Refer to the exhibit. Why would the network administrator configure RA in this manner?A. to give students access to the Internet B. to prevent students from accessing the mand prompt of RA C. to prevent administrators from accessing the console of RA D. to give adm