Cisco CCNA, CCNP, Security Exam Practice Questions: OSPF, VPNs

By: Chris Bryant

Let’s test your knowledge of the default-information originate command, Setup Mode, and VPNs with these Cisco certification exam practice questions!?

CCNA Certification:

What's the main difference between the default-information originate command with and without the always option? Be specific.

Answer: Let's use IOS Help to look at our options for this command.

R1(config)#router ospf 1

R1(config-router)#default-information originate ?

always Always advertise default route

metric OSPF default metric

metric-type OSPF metric type for default routes

route-map Route-map reference

The always option allows the router to propagate a default route without actually having one in its routing table. Without that option, the router must have a default route in its table in order to advertise one.

CCENT Certification:

You're using Setup Mode to configure a Cisco router. You decide halfway through that you'd rather write the configuration at the CLI. How can you exit Setup Mode and not save the configuration you're in the process of writing?

Answer: Use the ctrl-c keystroke combination to exit Setup Mode without saving your configuration. You'll then be placed back at the command prompt.

CCNA Security Certification / CCNP ISCW Exam:

The SA state of your VPN is shown as QM_IDLE.

Is this good? If not, what do we need to do to resolve the issue?

Answer: There is no issue - that's what we want the SA state to be!

CCNP Certification / BSCI Exam:

What command allows you to add protocols to those forwarded by the ip helper-address command? And just to review, what protocols are forwarded by the helper-address command?

Answer: Nine common UDP service broadcasts are "helped" by default:

TIME, port 37

TACACS, port 49

DNS, port 53

BOOTP/DHCP Server, port 67

BOOTP/DHCP Client, port 68

TFTP, port 69

NetBIOS name service, port 137

NetBIOS datagram service, port 138

IEN-116 name service, port 42

You can use the ip forward-protocol command to add any UDP port number to the list.

To remove protocols from the default list, use the no ip forward-protocol command.

R1(config)#ip forward-protocol udp 123

R1(config)#no ip forward-protocol udp 137

R1(config)#no ip forward-protocol udp 138

CCNP Certification / BCMSN Exam:

You've just enabled password encryption on a Cisco switch. When you attempt to view the VTP password, what will you see? And what command did you run to see the VTP password?

Answer: You'll see the password clear as day - the password encryption service has no effect on the VTP password. You can view the password with the "top-secret" show vtp password command.? We generally want our passwords to be a little more secure than that!

CCNP / ONT Exam:

What's the major difference between RED and WRED? (The answer "one letter" is not acceptable.)

Answer: RED is a major improvement over Tail Drop, but it still doesn't give us a great deal of control over the entire queueing and dropping process. With one simple word, thoughFeature Articles, we do gain that control - when we use Weighted Random Early Detection (WRED).

Look for other Cisco practice exams and illustrated tutorials on my website!

Security
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 

» More on Security
 



Share this article :
Click to see more related articles