Question 1hardmultiple choice
Full question →hardmultiple choiceObjective-mapped
A host reaches websites by IP address but fails when using hostnames. Which service is the strongest suspect?
Answer choices
Why each option matters
Good practice is not just finding the correct option. The wrong answers often show the exact trap the exam wants you to fall into.
A
Best answer
DNS
This is correct because hostname resolution is the missing function in this scenario.
B
Distractor review
STP
This is wrong because STP loop prevention is unrelated to a specific hostname-resolution failure pattern.
C
Distractor review
PAT
This is wrong because NAT issues would usually affect IP connectivity more broadly rather than only names.
D
Distractor review
Port security
This is wrong because port security is not the service that resolves hostnames.
Common exam trap
Common exam trap: answer the scenario, not the keyword
A frequent exam trap is selecting NAT or PAT as the cause of hostname resolution failure because these services involve IP address translation. However, NAT and PAT affect IP connectivity and address translation between private and public networks, not the translation of hostnames to IP addresses. Another trap is choosing STP, which is unrelated to IP services and only manages Layer 2 loop prevention. Candidates might also confuse port security with DNS, but port security controls switch port access and does not resolve hostnames. The key mistake is overlooking that DNS is the sole service responsible for converting hostnames into IP addresses, which is why it is the strongest suspect when name-based access fails but IP-based access succeeds.
Technical deep dive
How to think about this question
Domain Name System (DNS) is a critical IP service that translates human-readable hostnames into IP addresses, enabling users and devices to access resources using easy-to-remember names instead of numeric IP addresses. In Cisco networking and the CCNA context, DNS operates by querying configured DNS servers to resolve these names, which is essential for most network applications and services. Without DNS, devices must rely solely on IP addresses, which is impractical for everyday use and troubleshooting. When a host can reach websites by IP address but fails when using hostnames, the problem typically lies in the DNS resolution process. This indicates that the underlying IP routing, switching, and connectivity are functioning correctly, but the host cannot translate domain names into IP addresses. Cisco devices rely on DNS servers configured via DHCP or manually to perform this translation. If DNS is misconfigured, unreachable, or the DNS server itself is down, hostname resolution fails, causing access issues to websites and other network resources. A common exam trap is confusing DNS failure with other network services like NAT or STP. For example, PAT (Port Address Translation) affects IP address translation for outbound traffic but does not impact hostname resolution directly. Similarly, STP (Spanning Tree Protocol) prevents Layer 2 loops but does not influence IP or DNS functionality. Understanding that DNS specifically handles name-to-IP translation helps avoid misdiagnosing connectivity issues. In practical Cisco environments, verifying DNS server reachability and configuration is a key step when hostname resolution fails but IP connectivity works.
KKey Concepts to Remember
- DNS translates human-readable hostnames into IP addresses, enabling devices to access network resources using names instead of numeric IPs.
- A host that can reach IP addresses but not hostnames indicates that IP routing and switching are functional but DNS resolution is failing.
- Cisco devices rely on configured DNS servers to resolve hostnames, and failure to reach these servers causes name resolution issues.
- PAT and NAT affect IP address translation for outbound traffic but do not impact DNS or hostname resolution directly.
- STP prevents Layer 2 switching loops and does not influence IP services or DNS functionality.
- Port security controls switch port access and does not participate in IP address or hostname resolution.
- Troubleshooting DNS issues involves verifying DNS server configuration, reachability, and correct client settings.
- Understanding the distinct roles of DNS, NAT, STP, and port security prevents misdiagnosis of network problems in CCNA exams.
TExam Day Tips
- Watch for words such as best, first, most likely and least administrative effort.
- Review why wrong options are wrong, not only why the correct option is correct.
Related practice questions
Related 200-301 practice-question pages
Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.
CCNA subnetting practice questions
Practise IPv4 subnetting, CIDR, masks, host ranges and subnet selection.
CCNA OSPF practice questions
Practise OSPF neighbours, router IDs, metrics, areas and routing-table interpretation.
CCNA VLAN practice questions
Practise VLANs, access ports, trunks, allowed VLANs and switching scenarios.
CCNA STP practice questions
Practise spanning tree, root bridge election, port roles and STP troubleshooting.
CCNA EtherChannel practice questions
Practise LACP, PAgP, port-channel behaviour and bundle requirements.
CCNA ACL practice questions
Practise standard and extended ACLs, permit/deny logic and traffic filtering.
CCNA NAT practice questions
Practise static NAT, dynamic NAT, PAT and inside/outside address translation.
CCNA DHCP practice questions
Practise DHCP scopes, relay, leases and troubleshooting.
CCNA show ip route practice questions
Practise routing-table output, longest-prefix match, AD and route selection.
CCNA show interfaces trunk practice questions
Practise trunk verification and VLAN forwarding across switches.
CCNA wireless security practice questions
Practise WLAN security, authentication and wireless architecture concepts.
CCNA IPv6 practice questions
Practise IPv6 addressing, routes, neighbour discovery and common IPv6 exam traps.
More questions from this exam
Keep practising from the same exam bank, or move into a focused topic page if this question exposed a weak area.
Question 1
A router learns the same prefix from both OSPF and EIGRP. Which route is installed by default?
Question 2
A router shows this output: R1#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 10.1.1.2 1 FULL/DR 00:00:34 192.168.12.2 GigabitEthernet0/0 10.1.1.3 1 2WAY/DROTHER 00:00:39 192.168.12.3 GigabitEthernet0/0 Which statement is correct?
Question 3
What is the OSPF metric called?
Question 4
A non-root switch has two uplinks toward the root bridge. One path has a lower total STP cost than the other. What role will the lower-cost uplink have?
Question 5
A router interface applies this ACL inbound: 10 deny tcp any any eq 80 20 permit ip any any A user reports that web browsing to a server by IP address fails, but ping works. Which statement best explains the behavior?
Question 6
A router learns route 198.51.100.0/24 from OSPF with AD 110 and also has a static route to the same prefix configured with AD 150. Which route is installed?
FAQ
Questions learners often ask
What does this 200-301 question test?
DNS translates human-readable hostnames into IP addresses, enabling devices to access network resources using names instead of numeric IPs.
What is the correct answer to this question?
The correct answer is: DNS — The strongest suspect is DNS. In plain language, the host can already reach the remote system when given the numeric address directly, which suggests the underlying IP connectivity works. The missing piece is the translation of hostnames into IP-related information, and that is exactly the role of DNS. This is one of the most common real troubleshooting patterns because it cleanly separates connectivity problems from name-resolution problems. If IP works but names fail, DNS becomes the most likely area to investigate.
What should I do if I get this 200-301 question wrong?
Then try more questions from the same exam bank and focus on understanding why the wrong options are tempting.
Discussion
Loading comments…
Sign in to join the discussion.