Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Network Services and Security practice sets

CCNA Network Services and Security • Set 32

CCNA Network Services and Security Practice Test 32 — 15 Questions

CCNA Network Services and Security Practice Test 32 — 15 questions with explanations. Free, no signup.

15
Questions
Free
No signup
Certifications/CCNA/Practice Test/Network Services and Security/Set 32
Question 1 of 150 answered
hard

You are connected to R1, a multilayer switch acting as a DNS forwarder for two VLANs. Users on VLAN 10 report that they cannot resolve 'files.example.com' while VLAN 20 works fine. The DNS server 198.51.100.53 is reachable but returns SERVFAIL for queries from subnet 192.168.10.0/24, while server 203.0.113.53 responds correctly for both VLANs. Diagnose and fix the DNS resolution issue using nslookup and dig, then adjust the IOS-XE configuration to ensure proper name resolution. Choose the best fix that permanently resolves the problem.

Exhibit

R1# show running-config | section ip domain
ip domain lookup
ip name-server 198.51.100.53 203.0.113.53
ip domain list example.com

R1# show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0/0   10.0.0.1        YES NVRAM  up                    up
GigabitEthernet0/0/1.10 192.168.10.1   YES NVRAM  up                    up
GigabitEthernet0/0/1.20 192.168.20.1   YES NVRAM  up                    up

R1# ping 198.51.100.53
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 198.51.100.53, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5)

R1# nslookup files.example.com
Server:         198.51.100.53
Address:        198.51.100.53#53
** server can't find files.example.com: NXDOMAIN

R1# nslookup files.example.com 203.0.113.53
Server:         203.0.113.53
Address:        203.0.113.53#53
Name:   files.example.com
Address: 203.0.113.100

R1# dig @198.51.100.53 files.example.com A

; <<>> DiG 9.16.1 <<>> @198.51.100.53 files.example.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12345
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;files.example.com.             IN      A

;; Query time: 100 msec
;; SERVER: 198.51.100.53#53(198.51.100.53)
;; WHEN: Thu Jan 01 00:00:00 UTC 2024
;; MSG SIZE  rcvd: 42

R1# dig @203.0.113.53 files.example.com A

; <<>> DiG 9.16.1 <<>> @203.0.113.53 files.example.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54321
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;files.example.com.             IN      A

;; ANSWER SECTION:
files.example.com.      3600    IN      A       203.0.113.100

;; Query time: 50 msec
;; SERVER: 203.0.113.53#53(203.0.113.53)
;; WHEN: Thu Jan 01 00:00:00 UTC 2024
;; MSG SIZE  rcvd: 60
Network Topology
G0/0/010.0.0.1/30G0/0/1.10192.168.10.1/24G0/0/1.20192.168.20.1/24R1DNSVLAN
R1# show running-config | section ip domain
ip domain lookup
ip name-server 198.51.100.53 203.0.113.53
ip domain list example.com

R1# show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
GigabitEthernet0/0/0   10.0.0.1        YES NVRAM  up                    up
GigabitEthernet0/0/1.10 192.168.10.1   YES NVRAM  up                    up
GigabitEthernet0/0/1.20 192.168.20.1   YES NVRAM  up                    up

R1# ping 198.51.100.53
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 198.51.100.53, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5)

R1# nslookup files.example.com
Server:         198.51.100.53
Address:        198.51.100.53#53
** server can't find files.example.com: NXDOMAIN

R1# nslookup files.example.com 203.0.113.53
Server:         203.0.113.53
Address:        203.0.113.53#53
Name:   files.example.com
Address: 203.0.113.100

R1# dig @198.51.100.53 files.example.com A

; <<>> DiG 9.16.1 <<>> @198.51.100.53 files.example.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 12345
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;files.example.com.             IN      A

;; Query time: 100 msec
;; SERVER: 198.51.100.53#53(198.51.100.53)
;; WHEN: Thu Jan 01 00:00:00 UTC 2024
;; MSG SIZE  rcvd: 42

R1# dig @203.0.113.53 files.example.com A

; <<>> DiG 9.16.1 <<>> @203.0.113.53 files.example.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54321
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;files.example.com.             IN      A

;; ANSWER SECTION:
files.example.com.      3600    IN      A       203.0.113.100

;; Query time: 50 msec
;; SERVER: 203.0.113.53#53(203.0.113.53)
;; WHEN: Thu Jan 01 00:00:00 UTC 2024
;; MSG SIZE  rcvd: 60
R1#
Cisco IOS Software, Version 15.2(4)M1
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Press RETURN to get started.
R1#█

Scored session

Track progress, bookmark weak spots, and get readiness analysis.

Start full session

Practice tests

Scored 10-question sessions with instant feedback and explanations.

CCNA Practice Test 1 — 10 Questions→CCNA Practice Test 2 — 10 Questions→CCNA Practice Test 3 — 10 Questions→CCNA Practice Test 4 — 10 Questions→CCNA Practice Test 5 — 10 Questions→CCNA Practice Exam 1 — 20 Questions→CCNA Practice Exam 2 — 20 Questions→CCNA Practice Exam 3 — 20 Questions→CCNA Practice Exam 4 — 20 Questions→Free CCNA Practice Test 1 — 30 Questions→Free CCNA Practice Test 2 — 30 Questions→Free CCNA Practice Test 3 — 30 Questions→CCNA Practice Questions 1 — 50 Questions→CCNA Practice Questions 2 — 50 Questions→CCNA Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Network Infrastructure and ConnectivitySwitching and Network AccessIP RoutingNetwork Services and SecurityAI and Network Operations

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Network Services and Security setsAll Network Services and Security questionsCCNA Practice Hub