CCNA Routing Questions

75 of 344 questions · Page 2/5 · Routing topic · Answers revealed

76
Drag & Drophard

Drag and drop the following steps into the correct order to describe how a router selects the best path and forwards a packet, using the routing table lookup process from destination IP to forwarding decision.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

The router first identifies the destination IP, then finds the best matching route using longest prefix match, and forwards to the next hop.

Exam trap

The exam trap here is that candidates often confuse the order of steps, especially placing the longest prefix match before examining the destination IP. Remember: you must know the destination before you can look it up in the routing table.

77
Multi-Selectmedium

Which three statements about the routing table and route selection are correct? (Choose three.)

Select 3 answers
.The route with the longest prefix match is always preferred when multiple routes match the destination IP.
.A directly connected route has an administrative distance of 0 by default.
.If two routes have the same prefix length and metric, load balancing can occur across both.
.The administrative distance of a static route is always 1.
.An OSPF inter-area route has a lower administrative distance than an OSPF intra-area route.
.A default route (0.0.0.0/0) is always preferred over any more specific route.

Why this answer

The route with the longest prefix match is always preferred because it is the most specific route to the destination IP. A directly connected route has an administrative distance of 0 by default, making it the most trusted route source. If two routes have the same prefix length, administrative distance, and metric, equal-cost load balancing can occur, distributing traffic over multiple paths.

Exam trap

Cisco often tests the distinction between administrative distance and metric, and the trap here is that candidates might think load balancing requires different metrics or that directly connected routes have an AD other than 0.

78
Multi-Selectmedium

Which two statements about OSPF neighbor requirements on a shared Ethernet segment are correct? (Choose two.)

Select 2 answers
A.They must be in the same OSPF area on that link.
B.They must use the same subnet on the connected interfaces.
C.They must have identical router IDs.
D.They must use the same process ID number on both routers.
AnswersA, B

Correct. Area mismatch prevents adjacency.

Why this answer

Neighbors must agree on key parameters such as area ID and subnet, and they exchange Hello packets on the segment.

Exam trap

A frequent exam trap is confusing the OSPF process ID with the area ID or router ID requirements. Candidates often think the process ID must match between neighbors, but it is locally significant and does not affect adjacency. Another common mistake is assuming router IDs must be identical; in fact, router IDs must be unique within the OSPF domain to prevent routing conflicts.

Misunderstanding these distinctions can lead to selecting incorrect answers about neighbor requirements. The key is to focus on area ID and subnet matching for adjacency on shared Ethernet segments, not process ID or identical router IDs.

Why the other options are wrong

C

Incorrect because router IDs must be unique within the OSPF domain, not identical. Identical router IDs cause routing conflicts and prevent proper operation.

D

Incorrect because the OSPF process ID is locally significant to each router and does not need to match between neighbors for adjacency formation.

79
MCQhard

A router shows this output: R1#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 10.1.1.2 1 FULL/DR 00:00:34 192.168.12.2 GigabitEthernet0/0 10.1.1.3 1 2WAY/DROTHER 00:00:39 192.168.12.3 GigabitEthernet0/0 Which statement is correct?

A.R1 has failed to form adjacency with 10.1.1.3
B.This can be normal on a broadcast segment where DROTHER routers remain in 2-Way
C.R1 has a duplicate router ID with 10.1.1.3
D.The interface is passive
AnswerB

Correct. This is normal DR/DROTHER behavior on many multiaccess networks.

Why this answer

On broadcast OSPF networks, full adjacency is typically formed with the DR and BDR. DROTHER routers can remain in the 2-Way state with one another and still be operating normally.

Exam trap

Be cautious not to confuse the 2WAY state with being a BDR or DR. Understand the significance of FULL/DR and 2WAY/DROTHER states.

Why the other options are wrong

A

The 2-Way state is a normal OSPF neighbor state on broadcast multiaccess networks for non-DR/BDR routers (DROTHERs). It indicates that bidirectional communication has been established, but full adjacency is not required because they do not exchange LSAs directly. This is not a failure.

C

A duplicate router ID would cause OSPF neighbor state to oscillate or remain in EXSTART/EXCHANGE, not stabilize in 2-Way. The output shows a stable 2-Way state, which is normal for DROTHERs. Duplicate IDs would also generate error messages in the logs.

D

A passive interface in OSPF does not send Hello packets and therefore cannot form any neighbor adjacency. The output shows two neighbors in valid states (FULL and 2-Way), which proves the interface is active and sending Hellos.

80
Drag & Dropmedium

Drag and drop the following steps into the correct order to configure Router R1 with OSPFv2 process 1 to form neighbor adjacencies only on GigabitEthernet0/1 while preventing OSPF hello packets on all other OSPF-enabled interfaces.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

Why this order

First, enter OSPF router configuration mode. Then assign a Router ID (optional but good practice). Next, advertise the local subnet with a network statement to enable OSPF on interfaces.

Then apply passive-interface default to suppress hellos on all OSPF interfaces. Finally, use no passive-interface to allow adjacency on the specific interface.

81
Multi-Selectmedium

Which TWO statements about IPv4 and IPv6 static routing are correct?

Select 2 answers
A.A default static route is used when no dynamic routing protocols are configured.
B.A floating static route is configured with a higher administrative distance than the primary route.
C.A floating static route must have a lower administrative distance than the primary route.
D.An IPv6 default static route uses the prefix ::/0.
E.An IPv6 static route can specify an IPv4 address as the next-hop.
AnswersB, D

A floating static route is a backup route that is installed in the routing table only when the primary route (with a lower AD) is not available. By assigning a higher AD, the router prefers the primary route when it is reachable.

Why this answer

Option B is correct because a floating static route is configured with a higher administrative distance to serve as a backup when the primary route fails. Option D is correct because an IPv6 default static route uses the prefix ::/0 to match all destinations. Option A is incorrect because a default static route can be used independently of whether dynamic routing protocols are configured; it is simply a route with destination 0.0.0.0/0.

Option C is incorrect because a floating static route must have a higher AD, not lower, than the primary route. Option E is incorrect because an IPv6 static route cannot specify an IPv4 address as the next-hop; it must use an IPv6 address or an outgoing interface.

Exam trap

Cisco often tests the misconception that a floating static route must have a lower administrative distance than the primary route, when in fact it must be higher to serve as a backup.

Why the other options are wrong

A

A default static route is used as a gateway of last resort for any destination not in the routing table, regardless of whether dynamic routing protocols are configured. It is not dependent on the absence of dynamic routing.

C

A floating static route is designed to be a backup; therefore, it must have a higher AD than the primary route so that the primary route is preferred.

E

IPv6 static routes require an IPv6 next-hop address. Using an IPv4 address would be invalid because the router would not be able to resolve it in the IPv6 routing table.

82
MCQhard

A route to 10.10.10.0/24 is learned through two OSPF paths. Both have the same prefix length and the same administrative distance, but one path has a lower OSPF metric. Which path is preferred?

A.The path with the lower OSPF metric
B.The path with the higher OSPF metric
C.Both paths equally, because the administrative distance is the same
D.Neither path, because two OSPF routes to the same prefix are invalid
AnswerA

This is correct because within the same protocol and prefix, the lower metric is preferred.

Why this answer

The path with the lower OSPF metric is preferred. In practical terms, when the prefix and route source are the same, the router uses the routing protocol’s internal path-selection logic. For OSPF, the lower metric is the more attractive path.

This is a clean example of metric-based selection within one routing protocol. Administrative distance is not the deciding factor here because the source protocol is the same on both paths.

Exam trap

Remember, administrative distance only matters when comparing different routing protocols, not when choosing between paths within the same protocol.

Why the other options are wrong

B

A higher OSPF metric indicates a less desirable path, as OSPF uses cost as its metric where lower cost is preferred. Selecting a higher metric path would contradict the fundamental routing principle of choosing the best path based on lowest metric.

C

Equal administrative distance does not imply equal preference when metrics differ. The router compares metrics within the same routing protocol; if metrics are different, the lower metric path is chosen, not both.

D

OSPF can learn the same prefix via multiple paths; this is normal. The router selects the best path based on metric, and the other paths are kept in the routing table as backup or for equal-cost load balancing if metrics are equal.

83
MCQhard

A router learns the same destination prefix from OSPF and EIGRP. The prefix length is identical, and both routes are valid. Which route is preferred by default?

A.The EIGRP route
B.The OSPF route
C.Both routes are installed equally because the prefix length matches
D.Neither route is used because protocols cannot advertise the same prefix
AnswerA

This is correct because EIGRP's default administrative distance is lower than OSPF's.

Why this answer

The EIGRP route is preferred by default because EIGRP has a lower default administrative distance than OSPF. In practical terms, once the prefix length is the same, the router compares source trust. Lower administrative distance wins. EIGRP’s default of 90 beats OSPF’s default of 110.

This is not a longest-prefix question. The prefix is identical, so the decision is about source preference rather than specificity.

Exam trap

A frequent exam trap is believing that when two routing protocols advertise the same prefix with identical prefix lengths, the router installs both routes equally or performs load balancing. This misconception ignores the role of administrative distance, which is the primary factor in route preference when prefix lengths match. Another trap is thinking that OSPF is always preferred because it is a widely used IGP, but Cisco routers prioritize routes based on AD values, not protocol popularity.

Misunderstanding this can lead to incorrect answers about route selection in multi-protocol environments.

Why the other options are wrong

B

This option is incorrect because OSPF’s default administrative distance (110) is higher than EIGRP’s (90), making OSPF routes less preferred when both advertise the same prefix.

C

This option is incorrect because equal prefix length does not cause routers to install both routes equally; administrative distance determines which route is preferred and installed.

D

This option is incorrect because routers can receive and compare the same prefix from multiple routing protocols; they do not reject prefixes simply because they come from different sources.

84
Matchingmedium

Drag and drop the OSPFv2 neighbor states on the left to the correct descriptions on the right.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

No hello packets received from neighbor

Master/slave election and DBD sequence number negotiation

Bi-directional communication established (hello seen self)

Requesting and receiving missing LSAs via LSR/LSU

Neighbors are fully adjacent and databases synchronized

Why these pairings

OSPF neighbor states progress: Down (no Hello), Init (Hello seen), 2-Way (bidirectional), ExStart (master/slave election), Exchange (DBD packets), Loading (requesting missing LSAs via LSR/LSU), Full (LSDB synchronized). These states ensure proper adjacency formation and reliable database exchange.

Exam trap

Be careful not to confuse the order of OSPF states. The Down state is the very first state, not Init or 2-Way. Remember that Down means no Hello received at all.

85
Multi-Selectmedium

Which two statements accurately describe OSPF passive interfaces?

Select 2 answers
A.It prevents OSPF from sending hello packets on that interface.
B.It can still allow the connected network to be advertised into OSPF.
C.It changes OSPF into a static route on that interface.
D.It forces the interface to become the router ID.
E.It disables OSPF on every interface in the router automatically.
AnswersA, B

This is correct because passive interfaces suppress OSPF hello exchange locally.

Why this answer

An OSPF passive interface stops hello packet exchange on that interface while still allowing the connected network to be advertised into OSPF through other active adjacencies. In plain language, it tells the router not to try to form neighbors on that interface, but not to forget that the network exists. This is very useful on user-facing or stub-like interfaces where no routing neighbor should appear.

The wrong answers often treat passive as if it disables OSPF globally or removes the network completely. The two correct answers are the ones that preserve the suppression of adjacency on that interface and the continued advertisement of the connected network.

Exam trap

A common exam trap is to confuse the effect of the OSPF passive interface command with disabling OSPF entirely on that interface or converting OSPF routes into static routes. Some candidates mistakenly believe that passive interfaces stop all OSPF activity or remove the network from OSPF advertisements. In reality, passive interfaces only stop OSPF hello packets and adjacency formation but continue to advertise the connected network.

Misunderstanding this can lead to incorrect answers or network misconfigurations, especially when interpreting how OSPF maintains routing information despite passive interfaces.

Why the other options are wrong

C

This option is incorrect because passive interfaces do not convert OSPF routes into static routes; OSPF routing remains dynamic and active elsewhere.

D

This option is incorrect because the passive-interface command does not affect the router ID selection, which is determined by other OSPF rules.

E

This option is incorrect because passive-interface affects only the specified interface unless configured globally; it does not disable OSPF on all interfaces.

86
MCQmedium

Which command correctly configures an IPv6 default route using next-hop address 2001:db8:1::1?

A.ipv6 route ::/0 2001:db8:1::1
B.ip route :: 2001:db8:1::1
C.ipv6 default-route 2001:db8:1::1
D.ip default-gateway 2001:db8:1::1
AnswerA

Correct. This is the valid IOS syntax for an IPv6 default route.

Why this answer

The correct IPv6 default route uses the prefix ::/0 with the command 'ipv6 route ::/0'. Option B is wrong because 'ip route' is used for IPv4 routes, not IPv6. Option C uses 'ipv6 default-route', which is not a valid Cisco IOS command.

Option D sets the management default gateway for IPv4 only and does not insert a route into the IPv6 routing table.

Exam trap

Be cautious about the syntax order and the correct representation of the IPv6 default route prefix.

Why the other options are wrong

B

Uses 'ip route', which is for IPv4; IPv6 routes require 'ipv6 route'.

C

'ipv6 default-route' is not a valid Cisco IOS command.

D

'ip default-gateway' configures the management default gateway for IPv4, not an IPv6 routing entry.

87
MCQhard

A network engineer notices that hosts on VLAN 100 (192.168.10.0/24) cannot ping the loopback interface (10.0.0.1/32) of a directly connected router R2. The engineer checks R1's routing table and sees an entry for 10.0.0.0/24 via a different next-hop, but no entry for 10.0.0.1/32. What is the most likely reason for the connectivity failure?

A.The loopback interface on R2 is administratively down.
B.R2 is advertising the loopback as a /24 network, not a /32 host route.
C.R1 has a route for 10.0.0.0/24 via a different next-hop, causing a routing loop.
D.The EIGRP metric for the /24 route is too high, so R1 prefers the connected route.
AnswerB

The loopback address 10.0.0.1/32 is typically advertised as a /32. If R2's loopback is configured with a /24 mask, it advertises 10.0.0.0/24. R1 then has a /24 route but no /32 route, so when trying to reach 10.0.0.1, the longest-prefix match fails, and the router drops the packet.

Why this answer

The issue is that R2 is advertising its loopback interface (10.0.0.1/32) as a /24 network (10.0.0.0/24) into the routing protocol. R1 receives this /24 route and installs it in its routing table, but when it tries to reach 10.0.0.1, it performs a longest-prefix match. Since R1 has a more specific /32 route for 10.0.0.1 via a different next-hop (or no /32 route at all), it does not use the /24 route to reach the loopback, causing the ping to fail.

Exam trap

Cisco often tests the concept that a routing protocol may advertise a loopback interface with a different prefix length than configured, and candidates mistakenly think the issue is a routing loop or metric problem rather than a prefix-length mismatch.

Why the other options are wrong

A

If the loopback interface were administratively down, R2 would not advertise any route for 10.0.0.0/24 via EIGRP. However, R1's routing table shows a /24 route via EIGRP, indicating the interface is up and the route is being advertised.

C

A routing loop would require packets to be forwarded back and forth between routers. In this scenario, R1 has a connected route for 10.0.0.0/24 and an EIGRP route for the same prefix, but it will use the connected route due to lower administrative distance. There is no loop because the next-hop for the connected route is directly connected, and packets are not sent to another router.

D

The EIGRP metric of 30720 is normal for a loopback route, and the connected route is preferred due to its lower administrative distance (0 vs 90), not because of a high metric. Even if the metric were lower, the connected route would still be preferred. The core issue is the missing /32 route, not the metric.

88
MCQmedium

Why does a passive interface in OSPF still matter even though it does not send hello packets?

A.The connected network can still be advertised into OSPF through other active adjacencies
B.The passive interface automatically becomes the OSPF router ID
C.The passive interface disables all OSPF operation on the router
D.The passive interface converts OSPF into EIGRP on that link
AnswerA

This is correct because passive-interface suppresses hello exchange on that interface while still allowing the network to be advertised.

Why this answer

A passive interface still matters because the connected network can still be advertised into OSPF even though the interface itself does not form neighbor relationships. In plain language, the router is saying, “This network is mine, and I want others to know about it, but I do not want to speak OSPF directly on this interface.” That is useful on user-facing or stub-like interfaces where no OSPF neighbor should exist.

This distinction is important because some engineers assume passive means “ignored entirely.” It does not. The connected network can still appear in routing updates sent through real neighbors on other interfaces. What changes is neighbor formation on the passive interface itself.

Exam trap

Don't assume 'passive' means the interface is ignored; it still advertises its network.

Why the other options are wrong

B

The OSPF router ID is determined by the highest IP address on a loopback interface or the highest active physical interface IP at the time of OSPF process startup, not by passive-interface configuration. A passive interface does not influence router ID selection.

C

The passive-interface command only suppresses OSPF hello packets on that specific interface; OSPF continues to operate normally on other interfaces, forming adjacencies and exchanging routing information. It does not disable OSPF globally.

D

The passive-interface command is specific to OSPF and does not change the routing protocol. OSPF remains OSPF; it simply stops sending hellos on that interface. EIGRP has its own passive-interface command with similar behavior but does not convert protocols.

89
PBQhard

You are troubleshooting connectivity from R1 to the 172.16.20.0/24 network. The network engineer configured a floating static route on R1 as a backup for the OSPF-learned route, but after the primary OSPF route fails, the backup does not take over. Examine the current routing table and partial configuration on R1, then fix the issue so that when the OSPF neighbor goes down, R1 can still reach 172.16.20.0/24 via R3.

Network Topology
G0/010.0.0.1/30G0/010.0.0.2/30G0/1203.0.113.1/30G0/0203.0.113.2/30R2OSPFR1static backupR3

Hints

  • Check if the next-hop address is reachable via a directly connected interface.
  • A static route with a next-hop that is not directly connected requires a valid route to that next-hop.
  • Configure the static route with an exit interface to make it directly connected.
A.Change the static route to use an exit interface: ip route 172.16.20.0 255.255.255.0 GigabitEthernet0/1 203.0.113.2
B.Change the administrative distance of the static route to 110
C.Remove the OSPF process from R1
D.Add a static route to 203.0.113.0/24 via R1's directly connected interface
AnswerA
solution
! R1
no ip route 172.16.20.0 255.255.255.0 203.0.113.2 130
ip route 172.16.20.0 255.255.255.0 GigabitEthernet0/1 203.0.113.2 130

Why this answer

The floating static route was configured with an administrative distance of 130, intended to be higher than OSPF's default AD of 110 so it would only be used as a backup. However, the static route's AD is set as 130 (the command uses the distance option), which is correct. The problem is that OSPF's AD is 110, which is lower, so the static route is not installed while OSPF is up.

But when OSPF fails, the static route should appear. The issue is that the static route is pointing to a next-hop (203.0.113.2) that is not directly connected; R1 has no route to 203.0.113.2, causing the static route to be inactive. To fix, you must either change the next-hop to a directly connected interface (e.g., GigabitEthernet0/1) or add a route to reach 203.0.113.2.

The simplest solution is to configure the static route with an exit interface: 'ip route 172.16.20.0 255.255.255.0 GigabitEthernet0/1 203.0.113.2'. This ensures the route is valid when the OSPF route disappears.

Exam trap

Trap: Candidates often focus on administrative distance values but forget that a static route must have a valid next-hop to be installed. Always verify that the next-hop is reachable (directly connected) or specify an exit interface for floating static routes.

Why the other options are wrong

B

The specific factual error is that a floating static route must have a higher AD than the dynamic protocol to act as a backup; setting it equal or lower would disrupt the primary route.

C

The specific factual error is that removing OSPF is an extreme measure that breaks connectivity, whereas a floating static route is meant to be a seamless backup.

D

The specific factual error is that adding an extra static route is not the standard solution; Cisco recommends using the exit interface for directly connected next-hops to ensure route validity.

90
PBQhard

You are connected to R1 via console. R1 and R2 are connected via a serial link. OSPFv2 has been configured, but the adjacency is stuck in EXSTART state. You suspect a mismatched MTU. On R1, the interface MTU is currently set to 1400, while R2 uses the default MTU of 1500. You need to verify and fix the issue.

Network Topology
S0/0/010.0.0.1/30S0/0/010.0.0.2/30serial linkR1R2

Hints

  • The issue is with MTU mismatch.
  • Check the MTU on R1's serial interface.
  • After fixing, reset the OSPF process to force adjacency.
A.On R1, configure the interface MTU to 1500 and then clear the OSPF process using 'clear ip ospf process'.
B.On R1, configure the interface MTU to 1500 and then reload the router to apply the change.
C.On R1, configure the interface MTU to 1500 and then change the OSPF network type to point-to-point.
D.On R1, configure the interface MTU to 1500 and then adjust the OSPF hello and dead timers to match R2.
AnswerA
solution
! R1
interface Serial0/0/0
ip mtu 1500
clear ip ospf process
end

Why this answer

OSPF requires matching MTU values on a link. The incorrect MTU on R1 (1400) caused the adjacency to stall in EXSTART. Setting MTU to 1500 and clearing the OSPF process allows proper adjacency formation.

Exam trap

Do not confuse the states of OSPF adjacency. EXSTART state is specifically related to DBD exchange and MTU mismatch, while INIT or 2-WAY states are more common with hello/dead timer mismatches. Always verify MTU when adjacency is stuck in EXSTART.

Why the other options are wrong

B

The specific factual error is that a reload is not required to apply MTU changes; the interface MTU is applied immediately, and the OSPF process can be cleared to re-establish adjacencies.

C

The specific factual error is that OSPF network type does not affect MTU requirements; MTU must match regardless of network type.

D

The specific factual error is that timer mismatches affect the INIT and 2-WAY states, while EXSTART is associated with MTU or database descriptor (DBD) packet issues.

91
PBQmedium

You are connected to R1 via the console. R1 and R2 are running OSPFv2 in area 0. R1's router ID is 1.1.1.1, and R2's router ID is 2.2.2.2. Both routers are connected via GigabitEthernet0/0 on the 192.168.12.0/30 subnet. You need to ensure that R1 does not send OSPF hello messages out of its Loopback0 interface, while still advertising the loopback network into OSPF.

Network Topology
Lo010.0.0.1/32G0/0192.168.12.2/30R1R2

Hints

  • The command is configured under the OSPF process.
  • Use the keyword 'passive-interface' followed by the interface name.
  • This prevents OSPF from sending hello messages on that interface.
A.Configure the passive-interface Loopback0 command under the OSPF process.
B.Remove the network 192.168.12.0 0.0.0.3 area 0 command from the OSPF configuration.
C.Configure the ip ospf passive-interface command on GigabitEthernet0/0.
D.Configure the network 192.168.12.0 0.0.0.3 area 0 command under the OSPF process.
AnswerA
solution
! R1
router ospf 1
passive-interface Loopback0

Why this answer

Configuring the Loopback0 interface as passive under the OSPF process suppresses the sending of hello messages on that interface, preventing unnecessary adjacencies. The network is still advertised because OSPF includes the subnet in its LSAs.

Exam trap

Trap: Candidates may confuse passive-interface with removing network statements or applying it to the wrong interface. Remember that passive-interface suppresses hellos but still advertises the network, and it should be applied to the interface that should not form adjacencies, not the transit link.

Why the other options are wrong

B

The specific factual error is that the network statement for the transit link is necessary for OSPF adjacency; removing it would break the OSPF neighbor relationship.

C

The specific factual error is that applying passive-interface to the transit link would prevent the OSPF neighbor relationship from forming, which is not the goal.

D

The specific factual error is that adding a network statement does not suppress hello messages; it only includes the interface in the OSPF process.

92
MCQmedium

A routing table entry begins with the code C. What does that code indicate?

A.A route learned through EIGRP
B.A connected network
C.A candidate default route
D.A static route to a classful network
AnswerB

Correct. C means connected.

Why this answer

In Cisco routing table output, C indicates a directly connected network. These routes are installed when an interface is up and has an address in that subnet.

Exam trap

A frequent exam trap is mistaking the 'C' code for a static route or a route learned via a routing protocol like EIGRP. Some candidates incorrectly assume 'C' means candidate default or static, but Cisco IOS uses 'S' for static routes and 'D' for EIGRP-learned routes. Misreading these codes can lead to incorrect conclusions about how a route was learned or its trustworthiness.

Remember, 'C' always means the route is directly connected to the router, which is fundamental for understanding routing behavior and troubleshooting.

Why the other options are wrong

A

Option A is incorrect because EIGRP-learned routes are marked with 'D' in Cisco IOS routing tables, not 'C'. The letter 'D' stands for 'Dynamically learned' via EIGRP, so 'C' cannot represent EIGRP routes.

C

Option C is incorrect because candidate default routes are not indicated by 'C'. Cisco uses 'S*' or other notations for candidate default routes, so 'C' does not represent default routes.

D

Option D is incorrect because static routes use the code 'S' in Cisco routing tables. The code 'C' never represents static routes, so this option is invalid.

93
MCQhard

Two routers are directly connected over IPv6 and should form an OSPFv3 adjacency, but they do not. Link-local addressing is present on both interfaces. Which issue is most likely to prevent the adjacency?

A.The interfaces are assigned to different OSPFv3 areas.
B.The routers need matching hostnames before OSPFv3 can start.
C.IPv6 requires a /64 only for routing protocols to function.
D.OSPFv3 cannot run on directly connected interfaces.
AnswerA

This is correct because OSPF neighbors on the same segment must agree on the area for adjacency formation.

Why this answer

An area mismatch is a strong and direct explanation. In plain language, even though the routers can have valid IPv6 addressing and proper link-local communication on the interface, OSPFv3 still requires the two ends of the shared segment to agree on the area context for the adjacency. If one side places the interface in one area and the other side places it in another, the routers will not treat each other as valid neighbors.

This is very similar in principle to OSPF for IPv4. Link-local addressing matters in OSPFv3, but the protocol still enforces key neighbor-formation checks. The correct answer is the one that focuses on a required protocol match rather than on a vague issue like hostname or cable color.

Exam trap

Focus on OSPFv3 configuration requirements like area matching, not on distractors such as hostnames or prefix length.

Why the other options are wrong

B

OSPFv3 adjacency formation does not depend on hostnames; hostnames are only used for identification in show commands and have no impact on routing protocol operation.

C

OSPFv3 can use any valid IPv6 prefix length, including /64, /126, or /127, for the link between routers. The /64 requirement is for SLAAC, not for routing protocols.

D

OSPFv3 is specifically designed to run on directly connected interfaces, just like OSPFv2. It forms adjacencies over directly connected links to exchange routing information.

94
MCQmedium

What problem is HSRP designed to solve?

A.Layer 2 switching loops
B.Loss of the default gateway if one router fails
C.Duplicate MAC addresses on trunks
D.Wireless interference
AnswerB

Correct. HSRP provides first-hop redundancy.

Why this answer

HSRP provides a virtual default gateway so hosts continue forwarding traffic even if one physical gateway router fails.

Exam trap

Avoid confusing HSRP with load balancing or security protocols. Remember, HSRP is about redundancy, not traffic distribution or encryption.

Why the other options are wrong

A

Layer 2 switching loops are prevented by Spanning Tree Protocol (STP), not by HSRP. HSRP operates at Layer 3 to provide default gateway redundancy, not loop prevention.

C

Duplicate MAC addresses on trunks are typically caused by misconfigurations or bridging loops, not by HSRP. HSRP uses a virtual MAC address that is unique and does not cause duplication issues.

D

Wireless interference is a physical layer issue related to radio frequency signals, not something HSRP addresses. HSRP is a Layer 3 redundancy protocol for routers.

95
MCQhard

Based on the exhibit, which route will be used to reach 172.20.10.33?

A.The static route to 172.20.10.32/27
B.The OSPF route to 172.20.10.0/24
D.No route, because the destination does not match any prefix.
AnswerA

This is correct because 172.20.10.33 falls in the more specific /27 prefix.

Why this answer

The route used will be the one with the longest matching prefix. In practical terms, 172.20.10.33 matches both the /24 and the /27 shown, but the /27 is more specific. That means the router selects the /27 route before considering the broader /24 or any default route.

This is exactly the kind of route-table interpretation the CCNA exam likes because it rewards precise thinking about prefix boundaries.

Exam trap

A common exam trap is to select the OSPF route or the default route instead of the static route with the longer prefix. Candidates often mistakenly believe that dynamic routing protocols like OSPF always take precedence or that default routes are used when any route exists. However, Cisco routers first evaluate the longest prefix match before considering administrative distance.

Ignoring this can lead to incorrect answers because the more specific /27 static route will always be preferred over the broader /24 OSPF route or the default route for the destination 172.20.10.33.

Why the other options are wrong

B

This option is incorrect because the OSPF route to 172.20.10.0/24 is less specific than the static /27 route. The router prefers the longer prefix match, so it will not use the /24 route when a /27 route exists.

C

The default route is not used here because there are more specific routes available that match the destination IP. Default routes only apply when no other matching routes exist.

D

This option is incorrect because the destination IP clearly matches both the /24 and /27 prefixes shown in the routing table. Therefore, the router does have routes to reach 172.20.10.33.

96
MCQhard

Two OSPF routers connected on an Ethernet link remain in the INIT state. Which issue is the most likely cause?

A.The routers have identical router IDs
B.The routers cannot exchange Hellos bidirectionally on the segment
C.The routers have already reached FULL and are waiting to install routes
D.The routers are using the same OSPF process ID
AnswerB

Correct. INIT often indicates one-way Hello communication.

Why this answer

INIT means a router is seeing Hellos from its neighbor but does not see its own router ID in the neighbor field of received Hellos. A common cause is one-way communication or a mismatched multicast/adjacency problem, often at Layer 2.

Exam trap

A common exam trap is to assume that duplicate router IDs cause routers to remain stuck in the INIT state. While duplicate router IDs do cause adjacency issues, they typically result in different neighbor states or error messages, not the INIT state specifically. Another trap is to think that using the same OSPF process ID on both routers causes adjacency failure; however, the process ID is locally significant and does not affect neighbor formation.

Misinterpreting the INIT state as a sign of routers already being fully adjacent or waiting to install routes is also incorrect, as FULL is a later state. The key is to recognize that INIT indicates one-way Hello communication, often due to Layer 2 or multicast issues.

Why the other options are wrong

A

Duplicate router IDs cause adjacency problems but usually result in neighbor states other than INIT or generate specific error messages. INIT state more commonly indicates one-way Hello communication rather than duplicate router ID issues.

C

Incorrect. FULL is the final OSPF neighbor state indicating full adjacency and route exchange completion. INIT is an early state and does not mean routers are waiting to install routes.

D

Incorrect. The OSPF process ID is locally significant and does not affect neighbor adjacency formation. Using the same or different process IDs on routers does not cause them to remain stuck in the INIT state.

97
Matchingmedium

Drag and drop the IPv4/IPv6 static routing concepts on the left to the correct descriptions on the right.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

IPv4 default static route

IPv6 default static route

Floating static route (backup)

Standard IPv4 static route

Standard IPv6 static route

Summary static route (discard)

Why these pairings

Each command matches its description as follows: "ip route 0.0.0.0 0.0.0.0 serial0/0/0" is an IPv4 default static route because it uses all-zeros network and mask to match any destination and specifies an exit interface. "ipv6 route ::/0 serial0/0/0" is an IPv6 default static route for the same reason with IPv6. "ip route 10.0.0.0 255.0.0.0 192.168.1.1 200" sets an administrative distance of 200, making it a floating static route that serves as a backup when the primary route fails. "ip route 10.0.0.0 255.0.0.0 192.168.1.1" is a standard static route pointing to a next-hop IP with a specific destination. "ipv6 route 2001:db8::/32 2001:db8:1::1" is a standard IPv6 static route. "ip route 10.0.0.0 255.0.0.0 null0" creates a summary static route (also called a discard route) that drops traffic matching the aggregate to prevent routing loops.

Exam trap

Do not confuse 'default route' with 'summary route'—default matches any destination, summary matches a block of networks. Also, floating routes are about backup, not broad matching.

98
Drag & Dropmedium

Drag and drop the following steps into the correct order to configure a single-area OSPFv2 network on two Cisco routers (R1 and R2) and observe the neighbor state transitions from Down to Full.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

First configure OSPF process and router-id on R1, then add the network; repeat on R2; ensure interfaces are up; finally verify neighbor states to see the full transition sequence.

Exam trap

The trap is that candidates might think interfaces must be up before OSPF configuration, or that verification can be done after configuring only one router. The correct sequence ensures both routers are configured before checking neighbor states.

99
Drag & Dropmedium

Drag and drop the following commands into the correct order to configure OSPFv3 for IPv6 on a Cisco router.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

Commands must be executed in order: global config, IPv6 routing, interface config, OSPFv3 on interface, then verification.

Exam trap

The most common trap is starting with the OSPFv3 router configuration command without first enabling IPv6 routing globally. Also, candidates may try to apply the interface-level OSPFv3 command before entering interface configuration mode.

100
MCQhard

R1 and R2 are directly connected and running OSPF. The IP addressing is correct and both routers are in area 0, but they do not form an adjacency. What is the most likely cause?

A.The OSPF MTU values do not match on the connected interfaces.
B.The routers must use identical hostnames before OSPF can form neighbors.
C.The routers must use VLAN 1 for OSPF to operate.
D.The interfaces need to be configured as trunks instead of routed ports.
AnswerA

This is correct because MTU mismatch is a known cause of OSPF adjacency problems during database exchange.

Why this answer

The most likely cause is an MTU mismatch between the two interfaces. During the OSPF database exchange process, neighbors must agree on the MTU value to successfully exchange DBD packets; a mismatch typically causes the adjacency to become stuck in the ExStart or Exchange state. Basic connectivity (e.g., ping) often still works because ICMP packets are small, but the OSPF adjacency fails due to the MTU discrepancy.

Exam trap

Don't overlook MTU settings when OSPF adjacency issues arise, especially when basic connectivity is confirmed.

Why the other options are wrong

B

OSPF neighbor formation does not depend on hostnames; it relies on matching parameters such as area ID, authentication, hello/dead intervals, and network type. Hostnames are only used for local identification and do not affect OSPF adjacency.

C

OSPF can operate over any VLAN or routed interface; there is no requirement to use VLAN 1. The adjacency issue is unrelated to VLAN numbering, and OSPF works independently of VLAN assignments on routed ports.

D

OSPF is designed to run on routed interfaces (Layer 3 interfaces) and does not require trunking. Trunk ports are used for carrying multiple VLANs between switches, not for OSPF adjacency between routers.

101
MCQmedium

Why is route summarization often useful at distribution or area boundaries in larger networks?

A.It reduces the number of route advertisements by combining multiple specific prefixes
B.It forces all users into the same VLAN
C.It automatically encrypts routing protocols
D.It removes the need for IP addressing
AnswerA

This is correct because summarization aggregates routes into fewer broader advertisements.

Why this answer

Route summarization is useful there because it reduces the number of specific prefixes that must be advertised upstream or across boundaries. In plain language, instead of sending many small route entries, the network can often advertise one broader summary that represents them collectively. This helps control routing-table growth and can make the design more scalable and easier to manage.

Summarization does not eliminate the need for routing detail inside the local area, but it can simplify what needs to be shared outward. That is why it is especially valuable at aggregation points such as distribution layers or area boundaries.

Exam trap

A common exam trap is selecting options that confuse route summarization with unrelated networking concepts such as VLAN design or encryption. For example, option B incorrectly states that summarization forces all users into the same VLAN, which is false because VLANs are Layer 2 constructs unrelated to routing summarization. Option C mistakenly associates summarization with automatic encryption of routing protocols, which is incorrect since encryption is a separate security feature.

Option D wrongly claims summarization removes the need for IP addressing, which is impossible because routing depends on IP addresses. Understanding that summarization only aggregates routing prefixes without altering VLANs, encryption, or IP addressing is essential to avoid these traps.

Why the other options are wrong

B

Incorrect because route summarization is a routing concept and does not influence VLAN membership or force users into the same VLAN, which is a Layer 2 function.

C

Incorrect because route summarization does not provide encryption; encryption of routing protocols is a separate security feature unrelated to summarization.

D

Incorrect because summarization does not remove the need for IP addressing; routing depends on IP addresses to forward packets correctly.

102
MCQhard

A router learns 192.168.30.0/24 from OSPF and also has a static route to 192.168.30.0/24 with administrative distance 200. Which route is installed in the routing table while both are available?

A.The OSPF route
C.Both routes equally for load balancing
D.Neither route, because they conflict
AnswerA

This is correct because OSPF's administrative distance is lower than 200.

Why this answer

The OSPF route is installed because its default administrative distance of 110 is lower than the static route’s configured administrative distance of 200. In practical terms, the static route has been intentionally made a backup. It is present in the configuration, but it does not become active while the lower-distance OSPF route is healthy.

This is a classic floating-static design question. The important point is that route-source preference depends on administrative distance when the prefix length is the same.

Exam trap

A common exam trap is assuming that static routes always take precedence over dynamic routes because their default administrative distance is 1. In this question, the static route’s administrative distance is manually set to 200, which is higher than OSPF’s default 110. Many candidates mistakenly select the static route, overlooking that a higher administrative distance means lower preference.

This trap tests your understanding that administrative distance values can be adjusted to create floating static routes that serve as backups rather than primary routes.

Why the other options are wrong

B

Incorrect because the static route has a higher administrative distance (200) than OSPF (110), making it less preferred and preventing it from being installed while the OSPF route is available.

C

Incorrect because routers do not install multiple routes with different administrative distances to the same prefix simultaneously; only the route with the lowest administrative distance is installed.

D

Incorrect because routers can and do choose one preferred route when multiple routes to the same prefix exist; conflicting routes do not cause both to be rejected.

103
Matchingmedium

Match each IPv6 host-configuration concept to its most accurate description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Host forms addressing information using router advertisements

Server-based IPv6 host configuration method

IPv6 addressing used only on the local link

Method for deriving an interface ID from a MAC address

Why these pairings

SLAAC enables stateless autoconfiguration; stateful DHCPv6 assigns addresses; SLAAC uses RA and EUI-64; DHCPv6-PD delegates prefixes; link-local addresses are for local links.

Exam trap

Be careful not to confuse the roles of Stateful and Stateless DHCPv6: Stateful assigns addresses, Stateless provides extra info. Also, remember that EUI-64 generates the interface ID, not the prefix.

104
MCQhard

A router receives two routes to 10.50.0.0/16: one from OSPF and one static route with an administrative distance of 90. Which route is installed by default?

A.The static route, because its administrative distance is lower than OSPF's
B.The OSPF route, because dynamic routes always override static routes
C.Both routes, because equal destination networks always load-balance
D.Neither route, because the destinations overlap
AnswerA

This is correct because an administrative distance of 90 is lower than OSPF’s default 110.

Why this answer

By default, the static route with administrative distance 90 is installed because it is preferred over the OSPF route with default administrative distance 110. In plain language, the router is being told that the manually configured route is more trustworthy than the OSPF-learned one, so it chooses the static path first. The protocol type alone does not decide the outcome. Administrative distance is the key comparison when two different route sources offer the same destination prefix length.

This is a classic routing-selection question because many learners incorrectly assume OSPF always wins over static routes unless the static route uses the default administrative distance. Once the static route is given a value lower than OSPF’s 110, it becomes the preferred path unless a more specific route exists elsewhere.

Exam trap

A frequent exam trap is assuming that dynamic routing protocols like OSPF always override static routes regardless of administrative distance. Many candidates mistakenly believe that static routes only win if they use the default AD of 1. However, if a static route is manually assigned an AD lower than OSPF's default 110, it becomes the preferred route.

This misunderstanding leads to incorrect answers because the exam tests knowledge of how administrative distance influences route selection, not just the routing protocol type. Remember, the router always chooses the route with the lowest administrative distance, even if it is a static route with a custom AD.

Why the other options are wrong

B

Incorrect. Dynamic routes do not always override static routes; route preference depends on administrative distance, not just whether a route is dynamic or static.

C

Incorrect. Equal destination networks do not automatically cause load balancing if the routes have different administrative distances; only routes with equal AD and metrics are load-balanced.

D

Incorrect. Overlapping destinations from different sources are common and do not prevent route installation; the router uses administrative distance to choose the preferred route.

105
MCQhard

A router has routes to 192.168.0.0/16 and 192.168.100.0/24. Which route is used for traffic to 192.168.100.77?

A.192.168.0.0/16
B.192.168.100.0/24
C.Both routes are discarded because they overlap.
D.The default route is preferred if present.
AnswerB

This is correct because it is the more specific matching prefix.

Why this answer

The route to 192.168.100.0/24 is used because it is more specific. In plain language, even though the /16 route covers a large address range that includes the destination, the /24 route describes the destination network more precisely. Longest-prefix match therefore prefers the /24.

This is a basic but critical routing-table concept. The router does not choose the broader route when a narrower one matches the same destination.

Exam trap

A frequent exam trap is to select the broader route 192.168.0.0/16 because it seems to cover more addresses, including the destination. Candidates may mistakenly think that a larger subnet mask means a better route or that overlapping routes cause the router to discard both. However, Cisco routers always prefer the most specific route based on the longest-prefix match rule.

Overlapping routes are normal and do not cause discarding; instead, the router uses the route with the longest subnet mask. Misunderstanding this can lead to incorrect answers and confusion about routing behavior.

Why the other options are wrong

A

192.168.0.0/16 is a less specific route covering a larger address range. Although it includes 192.168.100.77, it is not chosen because a more specific route exists. Selecting this ignores the longest-prefix match rule.

C

Both routes are not discarded because overlapping routes are common in routing tables. The router uses the longest-prefix match to select the best route, so discarding overlapping routes is incorrect.

D

The default route is only preferred if no specific matching route exists. Since both 192.168.0.0/16 and 192.168.100.0/24 match the destination, the router chooses the more specific /24 route, not the default.

106
MCQhard

A routing table contains these entries for the same destination space: 10.1.0.0/16, 10.1.10.0/24, and 0.0.0.0/0. Which route is used for traffic to 10.1.10.44?

A.10.1.0.0/16
B.10.1.10.0/24
C.0.0.0.0/0
D.No route, because the entries overlap
AnswerB

This is correct because 10.1.10.44 falls within that more specific prefix.

Why this answer

The 10.1.10.0/24 route is used because it is the most specific matching prefix. In plain language, even though the /16 route and the default route could also match, the /24 route describes the destination range more precisely. Longest-prefix match therefore selects the /24 entry.

This is a foundational route-selection rule. The default route remains important as a fallback, but it is not used when more specific routes exist. Likewise, the /16 route is less specific than the /24, so it loses for this destination.

Exam trap

A frequent exam trap is selecting the less specific route (10.1.0.0/16) or the default route (0.0.0.0/0) for the destination 10.1.10.44. Candidates might mistakenly believe that overlapping routes cause conflicts or that the default route overrides specific routes. However, Cisco routers always apply the longest-prefix match rule, choosing the most specific subnet mask that fits the destination IP.

Overlapping routes do not cause routing failures; instead, they provide multiple options where the router picks the best match. Misunderstanding this can lead to incorrect answers and confusion about routing behavior.

Why the other options are wrong

A

The 10.1.0.0/16 route is less specific than the 10.1.10.0/24 route. Although it matches the destination IP, the router prefers the more specific /24 prefix, so this option is incorrect.

C

The 0.0.0.0/0 default route is only used when no other specific route matches the destination. Since both /16 and /24 routes match, the default route is not chosen here, so this option is incorrect.

D

Overlapping routes like 10.1.0.0/16 and 10.1.10.0/24 are common and do not prevent routing. The router resolves overlaps by selecting the longest prefix, so this option is incorrect.

107
MCQhard

A router has two static routes to the same 192.168.1.0/24 network: one via next-hop 10.1.1.1 with metric 10, and the other via next-hop 10.1.1.2 with metric 5. Both routes use the default administrative distance of 1. Which next hop does the router use to forward packets to this destination?

A.10.1.1.1 because it appears first in the configuration
B.10.1.1.2 because it has the lower metric
C.Both next hops because all static routes always load balance
D.Neither next hop because static routes need tracking to be installed
AnswerB

Among equal-AD statics to the same prefix, the lower metric wins.

Why this answer

Both routes have the same prefix length and the same administrative distance. The route with the lower metric is preferred for a static route when the AD is equal only if different metrics are configured, and here the route via 10.1.1.2 has metric 5 versus metric 10.

Exam trap

A frequent exam trap is believing that the first static route configured to a destination is always preferred, which is incorrect because Cisco routers prioritize routes based on administrative distance and metric, not configuration order. Another common mistake is assuming static routes require tracking to be installed; tracking is optional and used only for failover scenarios. Additionally, some candidates incorrectly think all static routes load balance by default, but load balancing only happens when routes have equal AD and equal metrics.

Misunderstanding these details can lead to incorrect answers about route selection behavior.

Why the other options are wrong

A

Option A is incorrect because the order of static route configuration does not influence which next hop is used. Cisco routers prioritize routes based on administrative distance and metric, not the sequence of configuration.

C

Option C is incorrect because static routes only load balance when they have equal administrative distance and equal metrics. Since the metrics differ here, only the route with the lower metric is used.

D

Option D is incorrect because static routes do not require tracking to be installed in the routing table. Tracking is optional and used to monitor route availability for failover purposes.

108
PBQhard

You are connected to R1 via console. The network has a primary link to the ISP via R2 and a backup link via R3. Configure IPv4 and IPv6 floating static default routes on R1 so that the primary path goes through R2 (AD 1) and the backup through R3 (AD 10). Additionally, configure a static route on R1 for the internal LAN 192.168.10.0/24 via R2 (AD 1). The current configuration includes a static default route ip route 0.0.0.0 0.0.0.0 10.0.0.3, which causes a recursive routing failure because 10.0.0.3 is not a valid next-hop address. Identify and fix the issue, then apply the floating static routes.

Network Topology
G0/010.0.0.1/30G0/010.0.0.2/30link1G0/1G0/010.0.0.6/30link2R1R2R3

Hints

  • The IPv4 default route to 10.0.0.2 is missing from the routing table. Check if the next-hop is reachable via a directly connected interface.
  • Remove the existing problematic static default route and reconfigure it with an explicit administrative distance of 1.
  • For IPv6, use the ipv6 route command with the prefix ::/0 and specify the next-hop and administrative distance.
A.Remove the existing incorrect IPv4 static default route and reconfigure the primary IPv4 default route with the correct next-hop address (10.0.0.2) and AD 1. Add the backup IPv4 default route via 10.0.0.6 with AD 10. Then add IPv6 static default routes: ipv6 route ::/0 2001:DB8:1:1::2 1 and ipv6 route ::/0 2001:DB8:2:1::2 10. Also add the static route for 192.168.10.0/24 via 10.0.0.2 with AD 1.
B.Add a static route to 10.0.0.0/30 via the backup link to R3, then the default route to 10.0.0.2 will work. Then configure IPv6 default routes with AD 1 and 10 as described.
C.Change the administrative distance of the IPv4 default route to 10 and the backup to 1, so the backup becomes primary. Then configure IPv6 default routes with AD 10 and 1 respectively.
D.Remove the existing IPv4 static default route and configure it with the next-hop as the exit interface (e.g., GigabitEthernet0/0) instead of the IP address. Then add IPv6 default routes using the exit interface as well.
AnswerA
solution
! R1
no ip route 0.0.0.0 0.0.0.0 10.0.0.2
ip route 0.0.0.0 0.0.0.0 10.0.0.2 1
ipv6 route ::/0 2001:DB8:1:1::2 1
ipv6 route ::/0 2001:DB8:2:1::2 10

Why this answer

The IPv4 default route currently uses next-hop 10.0.0.3, which is not a valid address on any directly connected interface, causing a recursive lookup failure. Option A fixes this by removing the incorrect route and correctly adding the primary (10.0.0.2 with AD 1) and backup (10.0.0.6 with AD 10) default routes, fulfilling the floating static requirement. It also adds both IPv6 floating default routes and the LAN static route.

Option B is wrong because adding a route to 10.0.0.0/30 via R3 does not fix the next-hop 10.0.0.3 failure for the default route. Option C incorrectly reverses the administrative distances, making the backup path the primary. Option D erroneously uses an exit interface instead of the correct next-hop IP, which is not suitable for multi-access or point-to-point networks without additional configuration and does not resolve the original misconfigured next-hop.

Exam trap

Be careful: Recursive routing failure means the next-hop is not reachable. Check if the next-hop is directly connected and the interface is up. Do not confuse administrative distance with metric; lower AD is preferred.

Also, ensure IPv6 routes use the correct next-hop addresses and AD values.

Why the other options are wrong

B

Adding a static route to the backup link does not correct the invalid next-hop 10.0.0.3 used in the default route and fails to address the root cause of the recursive lookup failure.

C

Swapping the administrative distances makes the backup path preferred instead of the primary, violating the requirement that R2 be the primary with AD 1.

D

Configuring the default route with an exit interface rather than a next-hop IP can cause ARP resolution issues in broadcast networks and does not replace the incorrect next-hop 10.0.0.3.

109
PBQhard

You are connected to R1. Configure OSPFv3 for IPv6 on R1 and R2 so that they can exchange IPv6 routes. R1's GigabitEthernet0/0 is connected to R2's GigabitEthernet0/0. R1 has a loopback0 with IPv6 address 2001:db8:1::1/32, and R2 has a loopback0 with IPv6 address 2001:db8:2::2/32. Ensure OSPFv3 is enabled on both routers, the link interfaces are in area 0, and R1 learns the loopback route from R2.

Network Topology
G0/02001:db8:abcd::1/64G0/02001:db8:abcd::2/64linkR1R2

Hints

  • OSPFv3 must be enabled on each interface that should participate in the routing process.
  • Use the 'ipv6 ospf <process-id> area <area-id>' command under the interface configuration.
  • Verify with 'show ospfv3 neighbor' and 'show ipv6 route ospf'.
A.Configure 'ipv6 ospf 1 area 0' under GigabitEthernet0/0 and Loopback0 on both routers.
B.Configure 'ipv6 router ospf 1' and then 'network 2001:db8:2::2/32 area 0' under the OSPFv3 process.
C.Configure 'ipv6 unicast-routing' and 'ipv6 ospf 1 area 0' under the global configuration.
D.Configure 'router ospf 1' and then 'ipv6 unicast-routing' under the OSPFv3 process.
AnswerA
solution
! R1
interface GigabitEthernet0/0
ipv6 ospf 1 area 0
exit
interface Loopback0
ipv6 ospf 1 area 0

Why this answer

The provided configuration enables OSPFv3 on the interfaces, which is necessary, but it does not set a router-id. OSPFv3 requires a router-id to form adjacencies. Without any IPv4 addresses configured, the router-id defaults to 0.0.0.0, preventing neighbor formation and route exchange.

Therefore, a valid solution must also include a router-id command under the OSPFv3 process (e.g., 'ipv6 router ospf 1' followed by 'router-id X.X.X.X').

Exam trap

Learners often forget that OSPFv3 requires a manually configured router-id when no IPv4 addresses are present on the router.

Why the other options are wrong

B

The specific factual error is that OSPFv3 uses interface-level commands ('ipv6 ospf area') rather than the network statement used in OSPFv2.

C

The specific factual error is that OSPFv3 interface configuration is required on each interface, not just globally.

D

The specific factual error is that 'router ospf' is for IPv4 OSPF; OSPFv3 requires 'ipv6 router ospf'.

110
MCQhard

An engineer is troubleshooting an OSPF adjacency between two directly connected routers, R1 and R2. R1 is configured with a passive-interface default under the OSPF process, and the interface connecting to R2 is not explicitly set to no passive-interface. The engineer runs a show ip ospf neighbor command on R1 and sees no neighbors. What is the most likely reason for the missing adjacency?

A.The network statement does not match the interface IP address.
B.The passive-interface default command is preventing OSPF hellos on the interface.
C.The router-id is not configured, so OSPF cannot form an adjacency.
D.There is an OSPF authentication mismatch between R1 and R2.
AnswerB

The passive-interface default makes all interfaces passive, and without a no passive-interface command for the specific interface, OSPF hellos are not sent, preventing neighbor discovery.

Why this answer

The `passive-interface default` command under the OSPF process makes all interfaces passive by default, meaning OSPF Hellos are not sent unless explicitly overridden with `no passive-interface`. Since the interface to R2 was not configured with `no passive-interface`, R1 does not send Hellos, preventing adjacency. Option A is less likely because even if the network statement is correct, a passive interface still blocks Hellos.

Option C is incorrect because OSPF automatically selects a router-id if not configured (highest loopback or interface IP), and a missing router-id does not prevent Hellos. Option D is unsupported by the scenario; no authentication mismatch is indicated.

Exam trap

Cisco often tests the nuance that `passive-interface default` suppresses Hellos on all interfaces unless overridden, leading candidates to overlook the fact that even directly connected routers cannot form an adjacency without Hellos being sent.

Why the other options are wrong

A

The network statement 10.0.0.0 0.255.255.255 area 0 matches any IP in the 10.0.0.0/8 range, which likely includes the interface IP. Therefore, the network statement is not the issue.

C

A router-id is automatically selected from the highest loopback or physical interface IP if not manually configured. Lack of manual configuration does not prevent adjacency formation; OSPF will still function.

D

The running-config does not show any authentication configuration, and the symptom (no neighbors) is consistent with passive interfaces, not authentication mismatches. An authentication mismatch would typically show neighbors in EXSTART/EXCHANGE state, not missing entirely.

111
Drag & Dropmedium

Drag and drop the following steps into the correct order to configure HSRP version 2 on an interface and ensure the router becomes the active router, then verify the HSRP state.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

HSRP version must be set before group configuration, then the virtual IP is assigned, followed by priority and preempt to control active router election.

Exam trap

The exam trap is that candidates often misorder the steps, especially placing version after group creation or preempt before priority. Remember: version first, then group, then priority, then preempt.

112
MCQhard

An OSPF router learns a route with metric 20 and another OSPF route to the same destination with metric 30. The prefix length is the same. Which path is preferred?

A.The route with metric 20
B.The route with metric 30
C.Both routes are rejected because the metrics differ
D.The default route is preferred
AnswerA

This is correct because lower metric is preferred within the same routing protocol.

Why this answer

The OSPF path with metric 20 is preferred because, within the same routing protocol and for the same prefix length, the metric is used to compare candidate paths. In practical terms, the router is not comparing source trust here because both routes come from OSPF. It is comparing OSPF’s own internal path-cost values, and the lower metric wins.

This question is about separating administrative distance from metric. Since both routes come from the same protocol, metric is the deciding factor.

Exam trap

A common exam trap is confusing administrative distance with metric when comparing routes from the same protocol. Candidates might incorrectly think that a higher metric route is rejected or that administrative distance plays a role in choosing between two OSPF routes. In reality, OSPF always prefers the route with the lowest metric, and both routes remain valid candidates.

Misunderstanding this can lead to incorrect answers about route selection or route rejection, especially when multiple OSPF routes to the same prefix exist with different metrics.

Why the other options are wrong

B

This option is incorrect because a higher metric indicates a less preferred path in OSPF. The route with metric 30 is less optimal than the one with metric 20 and therefore not preferred.

C

This option is incorrect because OSPF does not reject routes simply because their metrics differ. Differing metrics are normal and help the router choose the best path rather than causing route rejection.

D

This option is incorrect because the router already has specific OSPF routes to the destination. A default route is not preferred when a more specific route with a valid metric exists.

113
Multi-Selectmedium

Which TWO statements correctly describe the configuration and verification of OSPFv3 for IPv6?

Select 2 answers
A.OSPFv3 uses link-local IPv6 addresses to form neighbor adjacencies.
B.OSPFv3 uses global unicast IPv6 addresses to form neighbor adjacencies.
C.OSPFv3 is automatically enabled on all IPv6-enabled interfaces when the routing process is configured.
D.The 'show ospfv3 neighbor' command displays neighbor state, neighbor ID, and interface information.
E.The 'show ospfv3 neighbor' command displays the IPv6 address of the neighbor's interface as the neighbor ID.
AnswersA, D

OSPFv3 routers use link-local addresses (FE80::/10) for neighbor discovery and hello packets, ensuring communication remains within the local link.

Why this answer

OSPFv3 for IPv6 uses link-local IPv6 addresses (FE80::/10) to form neighbor adjacencies, not global unicast addresses (so B is incorrect). OSPFv3 does not automatically enable on all IPv6 interfaces; each interface must be explicitly configured under the OSPFv3 process using the 'ipv6 ospf' command (so C is incorrect). The 'show ospfv3 neighbor' command displays the neighbor's Router ID (a 32-bit value), not the IPv6 address of the neighbor's interface (so E is incorrect).

Correct options A and D accurately describe OSPFv3 neighbor formation using link-local addresses and the information shown by the 'show ospfv3 neighbor' command, which includes neighbor state, neighbor ID, and interface.

Exam trap

Cisco often tests the misconception that OSPFv3 behaves like OSPFv2 by using global unicast addresses for neighbor formation, or that enabling the OSPFv3 process automatically activates it on all interfaces, when in fact each interface must be explicitly enabled under the OSPFv3 process.

Why the other options are wrong

B

OSPFv3 uses link-local addresses, not global unicast addresses, for neighbor formation.

C

OSPFv3 requires explicit interface configuration under the routing process; it is not automatically enabled.

E

The neighbor ID shown is the Router ID, not the IPv6 address of the neighbor's interface.

114
MCQhard

A router pair is directly connected, but they do not become OSPF neighbors. IP addressing and area assignment are correct. What is the most likely cause?

A.OSPF network type mismatch on the connected interfaces
B.Duplicate default routes on both routers
C.Missing VLAN trunking on the link
D.The OSPF process IDs are required to match
AnswerA

This is correct because one side is using point-to-point and the other is using broadcast, which can prevent a stable adjacency.

Why this answer

OSPF network type mismatch is a frequent reason for adjacency failure when basic IP and area settings are correct. If one side is configured as broadcast and the other as point-to-point, the hello timers, neighbor discovery behavior, and designated router election rules diverge, preventing neighbor formation. Unlike process IDs (which are locally significant), a mismatch in network type directly affects how OSPF hellos are processed.

This is a well-known L2/L3 misconfiguration that must be checked alongside router‑ID and authentication parameters.

Exam trap

A common exam trap is assuming that OSPF process IDs must match on both routers to form neighbors. Many candidates mistakenly believe process IDs are globally significant, but they are only locally important identifiers. Another tempting mistake is blaming IP addressing or area mismatches without checking the OSPF network type.

Since network type controls how OSPF hellos are sent and received, a mismatch between broadcast and point-to-point types can silently block adjacency formation even when IP and area configurations appear correct. This subtlety often leads to confusion during troubleshooting and exam scenarios.

Why the other options are wrong

B

Incorrect because duplicate default routes affect routing decisions but do not impact the OSPF neighbor formation process, which depends on hello packets and network type compatibility.

C

Incorrect since VLAN trunking applies to Layer 2 switch ports, not routed interfaces running OSPF. The problem described involves OSPF adjacency, not VLAN or trunk configuration.

D

Incorrect because OSPF process IDs are locally significant identifiers and do not need to match between routers for neighbor relationships to form. This does not cause adjacency failure.

115
PBQhard

You are connected to R1 via console. R1 must reach the remote loopback 2001:db8:1::1/128 on R3 via R2 (2001:db8:0:2::2/64). Currently, IPv6 ping fails. Additionally, configure a floating static default route via R2 (198.51.100.2/30) with an appropriate AD so that it only becomes active if a dynamic default route (with default AD 1) is absent. Identify and fix the recursive routing failure, correct the next-hop, set the correct AD, and ensure the default route is present.

Network Topology
G0/12001:db8:0:2::1/64G0/12001:db8:0:2::2/64G0/12001:db8:0:2::2/64R2R1R3

Hints

  • Check if the next-hop address is directly connected; use show ipv6 route to see if a recursive route exists.
  • The default AD for a static route is 1; for a floating static route to back up a dynamic protocol, use a higher AD (e.g., 254).
  • Use the exit interface in the static route to avoid recursive lookup failure.
A.Change the IPv6 static route to '2001:db8:1::1/128 GigabitEthernet0/1 2001:db8:0:2::2' and set the floating default route's AD to 254.
B.Change the IPv6 static route to '2001:db8:1::1/128 2001:db8:0:2::1' and set the floating default route's AD to 1.
C.Change the IPv6 static route to '2001:db8:1::1/128 GigabitEthernet0/1 2001:db8:0:2::2' and set the floating default route's AD to 1.
D.Change the IPv6 static route to '2001:db8:1::1/128 2001:db8:0:2::2' and set the floating default route's AD to 254.
AnswerA, D
solution
! R1
no ipv6 route 2001:db8:1::1/128 2001:db8:0:2::1
ipv6 route 2001:db8:1::1/128 GigabitEthernet0/1 2001:db8:0:2::2
no ip route 0.0.0.0 0.0.0.0 198.51.100.2 1
ip route 0.0.0.0 0.0.0.0 198.51.100.2 254

Why this answer

The original IPv6 static route uses the next-hop 2001:db8:0:2::1, which is R1's own G0/1 address, causing a routing loop. Correct the route by specifying a directly connected remote next-hop (2001:db8:0:2::2) either with or without the exit interface. Set the floating static default route with an AD higher than the dynamic route's default AD (e.g., 254) so it becomes a backup.

Option A (exit interface + next-hop) and Option D (next-hop only) both achieve this; Options B and C fail due to wrong next-hop or AD.

Exam trap

Be careful: using the router's own IP as a next-hop creates a forwarding loop, not a reachability failure. For a floating static route, the AD must be higher than the active route's AD to act as a backup.

Why the other options are wrong

B

The next-hop is R1's own address (loop) and AD 1 makes the route equally preferred to dynamic routes, defeating the floating purpose.

C

AD 1 makes the route equally preferred, not a floating backup.

116
PBQhard

You are connected to R1. Configure HSRP on interface GigabitEthernet0/0 so that R1 becomes the active router for group 10 with a virtual IP of 192.0.2.254/24. Ensure that R1 preempts if it regains a higher priority, and track interface GigabitEthernet0/1 to decrement priority by 20 if it goes down. Additionally, troubleshoot the current configuration: both routers are showing as active for group 11 with virtual IP 203.0.113.1, which is incorrect — the virtual IP should be 203.0.113.254 for group 11.

Network Topology
G0/010.0.0.1/30G0/010.0.0.2/30linkR1R2

Hints

  • Use 'standby <group> preempt' to enable preemption.
  • Track interface uses 'standby <group> track <interface> <decrement>'.
  • Correct the virtual IP for group 11 to 203.0.113.254.
A.interface GigabitEthernet0/0 standby 10 ip 192.0.2.254 standby 10 preempt standby 10 track GigabitEthernet0/1 20 interface GigabitEthernet0/0 standby 11 ip 203.0.113.254 standby 11 preempt
B.interface GigabitEthernet0/0 standby 10 ip 192.0.2.254 standby 10 preempt standby 10 track GigabitEthernet0/1 20 interface GigabitEthernet0/0 standby 11 ip 203.0.113.254
C.interface GigabitEthernet0/0 standby 10 ip 192.0.2.254 standby 10 track GigabitEthernet0/1 20 interface GigabitEthernet0/0 standby 11 ip 203.0.113.254 standby 11 preempt
D.interface GigabitEthernet0/0 standby 10 ip 192.0.2.254 standby 10 preempt standby 10 track GigabitEthernet0/1 20 interface GigabitEthernet0/0 standby 11 ip 203.0.113.1 standby 11 preempt
AnswerA
solution
! R1
interface GigabitEthernet0/0
standby 11 ip 203.0.113.254
standby 10 preempt
standby 10 track GigabitEthernet0/1 20
standby 11 preempt

Why this answer

Both routers showing active for group 11 indicates a mismatch in the virtual IP address or missing preempt. To fix group 11, correct the virtual IP to 203.0.113.254 with 'standby 11 ip 203.0.113.254'. Add preempt with 'standby 11 preempt' to break the tie.

For group 10, to ensure R1 becomes active, you must configure preempt ('standby 10 preempt') and interface tracking ('standby 10 track GigabitEthernet0/1 20'). However, with default priority, R1 might not become active if R2's interface IP is higher; therefore, a priority command like 'standby 10 priority 110' may be necessary. The options shown do not include that priority command, so in practice the configuration is incomplete.

Exam trap

Many candidates forget that HSRP preempt requires a higher priority to actually trigger preemption; without explicitly configuring a higher priority, the router may remain in Standby state even with preempt enabled.

Why the other options are wrong

B

This option lacks 'standby 11 preempt', so R1 will not preempt for group 11, failing to resolve the active-active tie.

C

This option omits 'standby 10 preempt', so R1 will not preempt for group 10 as required.

D

This option uses the incorrect virtual IP 203.0.113.1 for group 11, which does not match the required 203.0.113.254.

117
PBQhard

You are connected to R1. Configure OSPFv3 for IPv6 so that R1 and R2 can exchange IPv6 routes over their directly connected link. Enable IPv6 routing, assign OSPFv3 process and area on the interface, and verify that the neighbor adjacency forms and routes appear in the IPv6 routing table.

Network Topology
G0/02001:DB8:1::1/64G0/0 2001:DB8:1::2/64R1R2

Hints

  • OSPFv3 requires IPv6 unicast routing to be enabled globally.
  • OSPFv3 is enabled on the interface, not under a router ospf process like OSPFv2.
  • Use 'ipv6 ospf <process-id> area <area-id>' on the interface.
A.Enable IPv6 routing with 'ipv6 unicast-routing', configure OSPFv3 on the interface with 'ipv6 ospf 1 area 0', and verify with 'show ospfv3 neighbor' and 'show ipv6 route ospf'.
B.Enable IPv6 routing with 'ipv6 unicast-routing', configure OSPFv3 globally with 'router ospfv3 1' and 'router-id 1.1.1.1', then assign the interface to area 0 with 'ipv6 ospf 1 area 0'.
C.Enable IPv6 routing with 'ipv6 unicast-routing', configure OSPFv3 on the interface with 'ipv6 ospf 1 area 0', and verify with 'show ip ospf neighbor' and 'show ip route ospf'.
D.Enable IPv6 routing with 'ipv6 unicast-routing', configure OSPFv3 on the interface with 'ipv6 ospf 1 area 0', and verify with 'show ospfv3 neighbor' and 'show ipv6 route'.
AnswerA
solution
! R1
configure terminal
ipv6 unicast-routing
interface GigabitEthernet0/0
ipv6 ospf 1 area 0
end

Why this answer

Option A is correct because it includes enabling IPv6 routing with 'ipv6 unicast-routing', applying OSPFv3 to the interface using 'ipv6 ospf 1 area 0', and verifying with the correct OSPFv3-specific commands 'show ospfv3 neighbor' and 'show ipv6 route ospf'. Option B is incorrect because it adds a global 'router ospfv3 1' command, which is unnecessary; OSPFv3 can be configured directly on the interface without a global process. Option C is incorrect because it uses IPv4 OSPF verification commands 'show ip ospf neighbor' and 'show ip route ospf', which are not valid for OSPFv3.

Option D is incorrect because although it uses the correct 'show ospfv3 neighbor', the 'show ipv6 route' command does not filter to OSPF-learned routes, so it displays all IPv6 routes rather than just OSPF routes.

Exam trap

Do not confuse OSPFv3 with OSPFv2. OSPFv3 uses 'ipv6 ospf' on the interface and 'show ospfv3 neighbor' for verification. Also, remember to enable IPv6 routing with 'ipv6 unicast-routing'.

Why the other options are wrong

B

Adding a global 'router ospfv3 1' command is unnecessary; OSPFv3 can be enabled directly on the interface without a separate global configuration.

C

Using 'show ip ospf neighbor' and 'show ip route ospf' are IPv4 OSPFv2 commands, not valid for OSPFv3 which requires 'show ospfv3 neighbor' and 'show ipv6 route ospf'.

D

The 'show ipv6 route' command displays all IPv6 routes, not just OSPF-learned ones; the filter 'ospf' is required to see OSPF routes specifically.

118
MCQhard

A company wants to connect two sites across an IP network by creating a logical tunnel between the edge routers. Which technology is most directly associated with that requirement?

A.GRE
C.DHCP relay
AnswerA

This is correct because GRE is commonly used to create logical tunnels across IP networks.

Why this answer

GRE is the most directly associated technology because it creates a logical tunnel between routers across an existing IP network. In practical terms, it allows the routers to treat the path as a virtual point-to-point connection for encapsulated traffic.

The question is specifically about tunneling between sites, not about plain routing, management, or switching behavior.

Exam trap

A common exam trap is mistaking GRE for unrelated Cisco features like PortFast or DHCP relay. PortFast is a Spanning Tree Protocol optimization for edge ports and does not create tunnels. DHCP relay forwards DHCP requests and is unrelated to site-to-site connectivity.

Another trap is confusing GRE with security features like IPsec; GRE itself does not encrypt traffic but only encapsulates it. Candidates might also overlook that GRE tunnels require proper MTU handling to avoid fragmentation issues, which can cause connectivity problems if ignored.

Why the other options are wrong

B

PortFast is incorrect because it is an STP feature that immediately transitions a switch port to forwarding state and does not provide any tunneling or routing capabilities.

C

DHCP relay is incorrect because it only forwards DHCP broadcast requests between clients and servers and does not create tunnels or connect sites logically over an IP network.

D

Root guard is incorrect because it is an STP topology protection feature that prevents a port from becoming a root port, and it does not create tunnels or affect routing.

119
MCQhard

A network engineer adds a loopback interface Lo0 with IP address 172.16.0.1/32 to router R1. After restarting the OSPF process, the OSPF router-ID changes from 10.1.1.1 to 172.16.0.1, and the neighbor relationship with R2 resets. What should the technician do next to prevent this disruption the next time a loopback is added?

A.Configure passive-interface Lo0 under the OSPF process
B.Configure a static router-id using the router-id command under the OSPF process
C.Set a higher OSPF priority on the router’s interfaces
D.Configure the OSPF area as a stub area
AnswerB

Explicitly setting the OSPF router-ID prevents the process from dynamically re-electing a new router-ID based on interface IPs. This guarantees a stable router-ID regardless of added loopbacks, avoiding adjacency resets.

Why this answer

Configuring a static router-id under the OSPF process ensures the router-ID never changes due to interface IP changes or loopback additions. This directly addresses the root cause of the adjacency reset—dynamic router-ID re-election.

Exam trap

Candidates often mistake the passive-interface command as a way to prevent the loopback IP from being considered for router-ID selection, but OSPF router-ID election is independent of interface passive state; it always picks the highest loopback IP at process start.

Why the other options are wrong

A

Passive-interface does not influence router-ID selection, which is based solely on highest active loopback IP address at process initialization.

C

Confusing DR election parameters with router-ID election leads candidates to a parameter that is irrelevant to router-ID stability.

D

Changing area type does not address router-ID fluctuation; it targets LSDB optimization, which is unrelated to the dynamic router-ID re-election after loopback addition.

120
MCQhard

An OSPF-enabled router R1 fails to advertise the 192.168.50.0/24 network to neighbor R2, even though the neighbor relationship is up. Which misconfiguration on R1 would cause this?

A.The OSPF process must be process ID 50 to advertise 192.168.50.0/24
B.The wildcard network statement does not match 192.168.50.0/24
C.OSPF cannot advertise a directly connected LAN
D.R2 needs a default route before learning intra-area routes
AnswerB

Correct choice.

Why this answer

If the network statement on R1 does not match the interface connected to 192.168.50.0/24, OSPF will not enable on that interface and the subnet will not be advertised. The route stays absent from neighbors despite OSPF running elsewhere.

Exam trap

A frequent exam trap is believing that the OSPF process ID must match across routers to advertise specific networks or that OSPF cannot advertise directly connected LANs. Candidates may also incorrectly assume that a default route is required on a router before it can learn intra-area routes. These misconceptions lead to overlooking the actual cause: a mismatched wildcard mask in the network statement that prevents OSPF from activating on the interface.

This trap causes candidates to focus on irrelevant configuration elements instead of verifying the network statement accuracy.

Why the other options are wrong

A

The OSPF process ID is locally significant and does not affect which networks are advertised. Changing the process ID to 50 is unnecessary and does not solve the problem of missing routes.

C

OSPF can advertise directly connected LANs if their interfaces are included in the OSPF network statements. This option is incorrect because directly connected LANs are advertised when properly configured.

D

A default route is not required for a router to learn intra-area OSPF routes. OSPF routers exchange routing information through link-state advertisements without needing a default route first.

121
MCQhard

Exhibit: A router has the following routes in its routing table: - OSPF: 10.1.1.0/24 - Static: 10.1.1.128/25 - Default: 0.0.0.0/0 A packet is destined for 10.1.1.130. Which route does the router use?

A.The OSPF 10.1.1.0/24 route
B.The static 10.1.1.128/25 route
D.The router load-balances across all three
AnswerB

Longest-prefix match sends 10.1.1.130 to the /25.

Why this answer

Routers use longest-prefix match before they think about metrics. The /25 route for 10.1.1.128/25 is more specific than the /24 or the default route, so traffic for 10.1.1.130 follows that path.

Exam trap

A common exam trap is to select a route based solely on routing protocol preference or administrative distance without considering prefix length. Many candidates incorrectly choose the OSPF 10.1.1.0/24 route because OSPF is a dynamic protocol and might assume it is preferred over a static route. However, Cisco routers always apply longest-prefix match first, so the static 10.1.1.128/25 route is chosen because it is more specific.

Another trap is to think the router load-balances across all routes, but load balancing only occurs among routes with equal prefix length and metric, not across different subnet sizes.

Why the other options are wrong

A

The OSPF 10.1.1.0/24 route matches the destination IP but has a shorter prefix length than the static /25 route. Since longest-prefix match takes priority, this route is not used.

C

The default route is a last-resort route used only when no other specific routes match the destination IP. Since more specific routes exist, it is not selected here.

D

The router does not load-balance across routes with different prefix lengths because longest-prefix match selects a single best route, so this option is incorrect.

122
MCQeasy

Which Cisco IOS command configures a default static route pointing to next hop 203.0.113.1?

A.ip route 0.0.0.0 0.0.0.0 203.0.113.1
B.ip default-gateway 203.0.113.1
C.default-information originate 203.0.113.1
D.route add 0.0.0.0 203.0.113.1
AnswerA

Correct. This is the standard Cisco IOS syntax.

Why this answer

A default static route uses the all-zero network and mask, followed by the next-hop IP address or exit interface.

Exam trap

Remember that a default static route uses the all-zero network and mask, not a /32 mask or an exit interface unless specified.

Why the other options are wrong

B

The ip default-gateway command is used on Cisco switches in Layer 2 mode or on routers when IP routing is disabled. On a router with IP routing enabled, this command does not create a static route; it only sets the default gateway for the management interface, not for forwarding traffic.

C

The default-information originate command is used in routing protocols like OSPF or EIGRP to inject a default route into the routing domain. It does not create a static route itself; it only advertises an existing default route (which must already be present in the routing table) to other routers.

D

The route add command is used in Windows or Linux operating systems, not in Cisco IOS. Cisco IOS uses the ip route command to configure static routes. Using route add on a Cisco router would result in an unrecognized command error.

123
Matchingmedium

Match each IPv4 route type to its most accurate source or description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Present because the network is directly attached

Manually configured by an administrator

Learned through a routing protocol

Used when no more specific route matches

Why these pairings

Each route type is matched to its defining characteristic. A connected route is automatically generated when an interface is configured with an IP address and is in an up/up state, making it present solely because the network is directly attached. A static route is explicitly entered by an administrator, hence manually configured.

A dynamic route is learned through a routing protocol such as OSPF or EIGRP, without manual input. A default route (0.0.0.0/0) is primarily defined by its use as the last-resort gateway when no more specific route matches the destination, even though it could be statically or dynamically learned; the key distinguishing factor here is its behavior, not its configuration method.

Exam trap

Be careful to match the route type to its specific source or description. Do not assume that any accurate description is the correct match; read the stem carefully. Directly connected routes are unique because they are automatically generated from interface configurations.

124
MCQhard

A route to 10.10.20.0/24 disappears when an OSPF adjacency fails. Which design would most directly provide an automatic backup without changing the primary OSPF path during normal operation?

B.A standard static route with the default administrative distance of 1
C.Removing OSPF entirely and using only a default route
D.Disabling the routing table on the router until failure occurs
AnswerA

This is correct because it provides a backup route without replacing OSPF under normal conditions.

Why this answer

The most direct design is a floating static route with a higher administrative distance than OSPF. In plain language, that means the router keeps a manually configured backup route in reserve but does not use it while the OSPF route remains healthy. If the OSPF path disappears, the backup static route becomes active automatically. This is a very common and practical way to add simple failover.

The key requirement in the question is that the primary OSPF path should remain unchanged under normal conditions. A normal static route with default distance would override OSPF and break that goal. A floating static route avoids that by staying less preferred until a failure occurs. That is why it is the correct design choice here.

Exam trap

Avoid assuming that static routes are always less preferred than dynamic routes without considering administrative distance.

Why the other options are wrong

B

A standard static route with the default administrative distance of 1 would override the OSPF route (AD 110) because a lower AD is preferred. This would replace the primary OSPF path with the static route, not provide a backup that only activates upon failure.

C

Removing OSPF entirely eliminates the primary dynamic routing protocol, which is not a backup solution. The question requires preserving OSPF as the normal path and only providing an automatic backup when OSPF fails.

D

Disabling the routing table is not a valid operational practice; routers require the routing table to forward packets. This option does not provide any automatic backup mechanism and would break connectivity entirely.

125
MCQmedium

Exhibit: R1 has a static default route to 192.0.2.2 and also learns a default route from OSPF. Which default route is installed in the routing table?

A.The OSPF default route because dynamic routes are preferred
B.The static default route because its administrative distance is lower
C.Both default routes because they have the same prefix length
D.Neither route until a floating static route is configured
AnswerB

Static AD 1 beats OSPF AD 110.

Why this answer

When two routes to the same prefix are learned from different sources, the router compares administrative distance first. A static route has AD 1 by default, while OSPF has AD 110, so the static default route wins unless its AD was changed manually.

Exam trap

A common exam trap is believing that OSPF default routes always override static default routes because dynamic routing protocols are 'more intelligent' or 'preferred.' This misconception leads to selecting the OSPF route as installed, ignoring the fundamental Cisco routing rule that administrative distance determines route preference. Since static routes have a default AD of 1 and OSPF routes have an AD of 110, the static route is preferred unless its AD is manually changed. Misunderstanding this can cause incorrect answers and confusion about route installation behavior.

Why the other options are wrong

A

This option is incorrect because dynamic routes like OSPF are not automatically preferred over static routes. Administrative distance determines preference, and static routes have a lower AD than OSPF by default.

C

This option is incorrect because having the same prefix length does not mean both routes are installed. The router uses administrative distance to choose a single best route.

D

This option is incorrect because a normal static default route is valid and installed immediately. A floating static route is only needed if you want a backup route with a higher AD.

126
PBQhard

You are connected to R1. Configure HSRP so that R1 becomes the active router for VLAN 10, with a virtual IP of 192.168.10.1. Ensure that R1 preempts if it comes back online after a failure. Also, configure R1 to decrement its HSRP priority by 20 if its GigabitEthernet0/1 interface goes down. The current configuration shows both routers as active — identify and fix the issues.

Network Topology
Gi0/0.10192.168.10.3/24Gi0/0.10192.168.10.2/24switchR1R2

Hints

  • Both routers show Active because they have equal priority and no preempt.
  • The virtual IP configured is 192.168.10.254 but the task requires 192.168.10.1.
  • To ensure R1 is active, set its priority higher than R2's default (100) and enable preempt.
A.Change the virtual IP to 192.168.10.1, set priority to 110, enable preempt, and track interface GigabitEthernet0/1 with decrement 20.
B.Change the virtual IP to 192.168.10.1, set priority to 100, enable preempt, and track interface GigabitEthernet0/1 with decrement 20.
C.Change the virtual IP to 192.168.10.254, set priority to 110, enable preempt, and track interface GigabitEthernet0/1 with decrement 20.
D.Change the virtual IP to 192.168.10.1, set priority to 110, enable preempt, but do not track any interface.
AnswerA
solution
! R1
interface GigabitEthernet0/0.10
standby 10 ip 192.168.10.1
standby 10 priority 110
standby 10 preempt
standby 10 track GigabitEthernet0/1 20

Why this answer

The scenario indicates both routers appear as Active, which is abnormal. This could result from a misconfigured virtual IP or group number mismatch. The required fix is to set the virtual IP to 192.168.10.1, assign R1 a higher priority (110 vs R2's default 100), enable preempt so R1 reclaims active role after failure, and track GigabitEthernet0/1 with a decrement of 20 to lower priority if that interface goes down.

Exam trap

Watch for three common mistakes: (1) forgetting to set a higher priority to win the election, (2) using the wrong virtual IP address, and (3) omitting the track command when required. Also note that preempt alone does not guarantee active status if priorities are equal.

Why the other options are wrong

B

HSRP election uses priority as the primary tie-breaker; equal priority leads to comparison of primary IP addresses, which may not favor R1.

C

The virtual IP address must be consistent across all HSRP routers and match the configured gateway; a mismatch prevents proper operation.

D

Without tracking, R1's priority remains unchanged even if the uplink fails, so R1 would remain active despite losing connectivity, causing traffic black-holing.

127
Matchingmedium

Match each route type to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Present because the network is directly attached to a router interface

Manually configured by an administrator

Learned through a routing protocol

Used when no more specific route matches

Why these pairings

Connected routes are automatically generated when a router interface is configured and active because the network is directly attached. Static routes are manually configured by an administrator to define specific paths. Dynamic routes are learned through routing protocols like OSPF or EIGRP.

Default routes serve as a catch-all entry, used when no more specific route matches the destination.

Exam trap

Be careful not to confuse the method of route creation: static routes are manually configured, dynamic routes are learned via protocols, and connected routes are automatically generated. The default route is a special static route but is often considered its own type.

128
MCQeasy

Which OSPF component is used to identify routers uniquely inside an OSPF domain?

A.Area ID
C.Hello timer
AnswerB

The router ID uniquely identifies an OSPF speaker.

Why this answer

The router ID is the unique identifier OSPF uses for each router. It is not the same thing as the process ID, which is locally significant only.

Exam trap

A frequent exam trap is mistaking the OSPF area ID for the router ID. While area IDs define logical groupings of routers within an OSPF domain, they do not uniquely identify individual routers. Another pitfall is confusing the router ID with the OSPF process ID, which is locally significant and does not uniquely identify routers.

Additionally, some candidates incorrectly select hello timers or wildcard masks, which serve different purposes such as neighbor keepalive intervals and network statement definitions, respectively. Understanding these distinctions is critical to avoid selecting incorrect options that sound related but serve different functions.

Why the other options are wrong

A

Area ID identifies OSPF areas, which are logical subdivisions within the OSPF domain, but it does not uniquely identify individual routers. Selecting area ID confuses the concept of router identification with area grouping.

C

Hello timer controls how often OSPF routers send hello packets to maintain neighbor adjacency. It does not serve as a unique identifier for routers.

D

Wildcard mask is used in OSPF network statements to specify which IP addresses belong to an OSPF area. It does not identify routers uniquely.

129
MCQhard

Based on the exhibit, why is traffic to host 198.51.100.70 using the OSPF route instead of the static route?

A.Because the OSPF /26 route is more specific than the static /24 route.
B.Because OSPF always overrides static routing, regardless of prefix length.
C.Because the static route must have an administrative distance of 255 to be considered.
D.Because the destination 198.51.100.70 is outside both listed routes.
AnswerA

This is correct because longest-prefix match causes the /26 route to be chosen for 198.51.100.70.

Why this answer

The traffic uses the OSPF route because it is the more specific match. In practical terms, the router evaluates destination-prefix specificity before comparing route source preference. The static route points to a broader /24, while the OSPF entry points to a narrower /26 that still contains the destination. Because longest-prefix match comes first, the /26 route wins.

This is a good reminder that static routes do not automatically beat dynamic routes when the prefixes are different. Specificity matters first, then source preference only when the prefix length is the same.

Exam trap

A frequent exam trap is believing that static routes always take precedence over OSPF routes because static routes have a lower administrative distance. This misconception ignores the fundamental routing principle of longest-prefix match, which prioritizes the most specific subnet mask regardless of route source. Candidates may incorrectly select the static route simply because it is static, missing that the OSPF route’s /26 mask is more specific than the static /24.

This leads to incorrect answers and confusion about route selection behavior in Cisco routers.

Why the other options are wrong

B

Incorrect because OSPF does not always override static routes. Administrative distance matters only when prefix lengths are equal, and longest-prefix match takes precedence over route source.

C

Incorrect because the static route does not have an administrative distance of 255; it is valid and installed in the routing table. The issue is the static route’s broader prefix, not its administrative distance.

D

Incorrect because the destination IP 198.51.100.70 falls within both the /24 static route and the /26 OSPF route. The router chooses based on prefix specificity, not exclusion from the routes.

130
MCQhard

What is the best explanation for why a router chooses the OSPF route to 10.50.0.0/16 instead of the RIP route?

A.Because OSPF has a lower administrative distance than RIP for the same prefix.
B.Because RIP routes are never installed when OSPF is running.
C.Because OSPF always has a longer prefix than RIP.
D.Because the RIP metric is lower than the OSPF metric.
AnswerA

This is correct because both routes are /16, so source trust becomes decisive and OSPF wins.

Why this answer

The router chooses the OSPF route because when the prefix length is the same, source preference is considered, and OSPF has a lower administrative distance than RIP. In practical terms, both routes describe the same destination size, so longest-prefix match does not separate them. The router then trusts the OSPF source more than RIP by default.

This is a classic administrative-distance comparison question and a very important route-selection concept.

Exam trap

A frequent exam trap is believing that RIP routes are never installed when OSPF is running or that the router always prefers the route with the lowest metric regardless of protocol. This is incorrect because RIP routes can remain in the routing table alongside OSPF routes. The router actually uses administrative distance, not metric, to choose between routes learned from different protocols.

Confusing metric with administrative distance leads to wrong answers, especially when both protocols advertise the same prefix length. Remember, cross-protocol route selection depends on administrative distance, not metric comparison.

Why the other options are wrong

B

Option B is incorrect because RIP routes can still be installed in the routing table even when OSPF is running; the router does not automatically suppress RIP routes.

C

Option C is wrong because both OSPF and RIP routes shown have the same prefix length (/16), so prefix length does not influence the choice here.

D

Option D is incorrect because cross-protocol route selection is based on administrative distance, not metric comparison; RIP's metric being lower does not make it preferred over OSPF.

131
MCQmedium

Why is RIP rarely chosen for large modern enterprise networks?

A.It does not support IPv4
B.It scales poorly due to slow convergence and hop-count limitations
C.It cannot run on routers and only works on switches
D.It requires link-state advertisements
AnswerB

Correct. Limited scale and slower convergence are major reasons RIP is rarely used in large environments.

Why this answer

RIP is simple but has important scalability limits, including a maximum metric of 15 and relatively slow convergence compared with more modern protocols such as OSPF and EIGRP.

Exam trap

Don't confuse RIP's limitations with features of other protocols; remember RIP's maximum hop count and distance-vector nature.

Why the other options are wrong

A

RIP supports both IPv4 and IPv6 (RIPng). The statement is factually incorrect because RIP has been used for IPv4 routing since its inception.

C

RIP is a routing protocol that runs on routers, not switches. While some multilayer switches can run routing protocols, RIP is not exclusive to switches.

D

RIP is a distance-vector protocol, not a link-state protocol. It uses hop count as its metric and exchanges entire routing tables, not link-state advertisements (LSAs) like OSPF.

132
MCQmedium

Why is a default route often called a route of last resort?

A.Because it is used only when no more specific route matches the destination.
B.Because it always has the lowest bandwidth.
C.Because it must be learned from OSPF only.
D.Because it is more specific than every other route.
AnswerA

This is correct because the default route is a fallback path.

Why this answer

Option A correctly identifies the default route as a route of last resort because it is used only when no more specific route matches the destination. Option B is incorrect because bandwidth is not a defining characteristic of a default route; it is simply a fallback path. Option C is wrong because default routes can be configured statically or learned via any routing protocol (e.g., OSPF, EIGRP, RIP), not exclusively OSPF.

Option D is false because the default route is the least specific route (0.0.0.0/0), not more specific than any other route.

Exam trap

A common exam trap is assuming the default route is learned only via OSPF or that it always has the lowest bandwidth, when in fact it is simply the least specific route used as a fallback.

Why the other options are wrong

B

Bandwidth is not a defining characteristic of a default route; the route is chosen based on prefix length and administrative distance, not bandwidth.

C

Default routes can be statically configured or learned from any routing protocol (including OSPF, EIGRP, RIP), so they are not OSPF-specific.

D

The default route (0.0.0.0/0) is the least specific route, not more specific; specificity is determined by the subnet mask length.

133
MCQhard

Based on the exhibit, which command is the best next step to verify whether the floating static route becomes active after the primary route is lost?

A.show ip route
B.show vlan brief
C.show spanning-tree
D.show power inline
AnswerA

This is correct because it directly shows whether the backup default route has been installed after the primary route disappears.

Why this answer

The best next step is to examine the routing table directly after removing or losing the primary route. In practical terms, the purpose of a floating static route is to appear when the better route disappears. The clearest way to verify that behavior is to inspect the route table for the default route after the failure condition.

This is a simulation-style verification question. It is not asking how to configure the route, but how to confirm failover actually happened.

Exam trap

A common exam trap is selecting commands unrelated to routing table verification, such as "show vlan brief" or "show spanning-tree." These commands provide information about VLAN configurations or Spanning Tree Protocol status but do not show whether a floating static route has become active. Candidates may mistakenly think these outputs indicate network failover status, but only the routing table output confirms if the backup route is installed after the primary route fails. Misunderstanding the purpose of these commands leads to incorrect answers.

Why the other options are wrong

B

"Show vlan brief" shows VLAN status and port assignments but does not provide any information about routing or route failover, so it cannot verify if the floating static route is active.

C

"Show spanning-tree" displays Spanning Tree Protocol information related to Layer 2 loop prevention, which is unrelated to routing table contents or route failover verification.

D

"Show power inline" displays Power over Ethernet (PoE) status and power consumption on switch ports, which has no relevance to routing or verifying floating static route activation.

134
Drag & Dropmedium

Drag and drop the following steps into the correct order to explicitly configure OSPFv3 for IPv6 on a Cisco IOS-XE router, assuming no OSPFv3 routing process exists beforehand.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

To configure OSPFv3, first globally enable IPv6 unicast routing (A). Next, create the OSPFv3 routing process (C) so that it is defined before interfaces try to use it. Then, configure OSPFv3 on the relevant interfaces (B) to activate routing.

Finally, verify the OSPFv3 adjacency (D) to confirm neighbors are formed. This sequence avoids automatic process creation and ensures all steps are explicitly controlled.

Exam trap

Cisco exams often test the order of configuration steps. A common trap is to think that OSPFv3 interface configuration comes before creating the OSPFv3 process, or that verification can be done early. Remember that global IPv6 routing must be enabled first, as OSPFv3 depends on it.

135
MCQhard

You are verifying OSPF operation on router R1. After confirming that OSPF is configured on the correct interfaces, which command should you use next to directly check whether R1 has established a neighbor adjacency with another OSPF router?

A.show ip ospf neighbor
B.show vlan brief
C.show spanning-tree
D.show mac address-table
AnswerA

This is correct because it directly shows OSPF adjacency and neighbor state.

Why this answer

The command show ip ospf neighbor directly displays the OSPF neighbor table, showing whether an adjacency has formed, the neighbor's Router ID, and the current state (e.g., FULL). This is the quickest verification step after confirming configurations. The other commands are unrelated to OSPF: show vlan brief displays VLAN assignments, show spanning-tree shows STP topology, and show mac address-table shows the MAC address table.

None of these provide any OSPF neighbor information and would only delay troubleshooting.

Exam trap

Avoid confusing route visibility with neighbor status; they are related but distinct concepts.

Why the other options are wrong

B

Displays VLAN port membership; irrelevant to OSPF verification.

C

Shows STP topology; does not provide OSPF neighbor status.

D

Displays the switch's MAC address table; no OSPF information.

136
MCQmedium

Exhibit: R1 can ping 10.1.23.2 but cannot ping 192.168.3.10 behind R3. The routing table on R1 lacks 192.168.3.0/24. What is the best next check?

A.Verify whether the remote LAN is being advertised into the routing process
B.Replace the Ethernet cable between R1 and R2
C.Change the OSPF router ID on R1 immediately
D.Disable CEF so the route can be learned
AnswerA

That is the most direct next troubleshooting step.

Why this answer

Because the directly connected next router is reachable, the problem is likely missing routing information for the remote LAN. The best next check is whether R3 is advertising 192.168.3.0/24 or whether that network is present in the routing domain at all.

Exam trap

A frequent exam trap is to confuse physical connectivity with routing issues. Because R1 can ping 10.1.23.2 (likely the next-hop router), candidates might mistakenly try to fix cables or interfaces instead of checking routing advertisements. Another trap is to focus on router ID changes or disabling features like CEF, which do not affect route learning.

The key mistake is ignoring the routing table contents and assuming that reachability to the next-hop router guarantees full path reachability. This leads to wasted time and incorrect troubleshooting steps.

Why the other options are wrong

B

Replacing the Ethernet cable between R1 and R2 is unnecessary because R1 can already ping 10.1.23.2, indicating that the physical link and Layer 3 connectivity to the next-hop router are functioning correctly.

C

Changing the OSPF router ID on R1 is irrelevant here because the problem is not related to router ID conflicts or OSPF neighbor relationships but to missing route advertisements for the remote LAN.

D

Disabling CEF (Cisco Express Forwarding) will not help because CEF does not prevent routes from being learned or advertised; it only affects packet forwarding efficiency, so this option does not address the root cause.

137
Multi-Selectmedium

Which three of the following are true regarding the forwarding decision process in a router? (Choose three.)

Select 3 answers
.The router performs a recursive route lookup if the next-hop address in a static route is not directly connected.
.The router uses the Forwarding Information Base (FIB) for fast packet switching in CEF mode.
.When a packet arrives, the router first checks the routing table for the best match.
.The router always performs an ARP request for every destination IP address in a packet.
.If the destination IP is on the same subnet as an interface, the router forwards the packet directly without checking the routing table.
.The router rewrites the source MAC address to the MAC address of the next-hop router for every forwarded packet.

Why this answer

A router performs a recursive route lookup when the next-hop address in a static route is not directly connected, meaning the router must find a route to that next-hop address before forwarding. The Forwarding Information Base (FIB) is used in Cisco Express Forwarding (CEF) mode to provide fast, hardware-based packet switching by pre-populating the forwarding table from the routing table. When a packet arrives, the router first checks the routing table (RIB) for the best matching route, which is the longest prefix match, to determine the next-hop and outgoing interface.

Exam trap

Cisco often tests the misconception that a router always performs an ARP request for every destination IP or that it skips the routing table for directly connected subnets, but in reality, the routing table is always consulted first, and ARP is only used for next-hop addresses on the same subnet.

138
Multi-Selectmedium

Which two statements accurately describe longest-prefix match?

Select 2 answers
A.The most specific matching route is preferred over broader matching routes.
B.A /24 is more specific than a /16.
C.The default route is always preferred over a matching specific route.
D.Administrative distance replaces the need for longest-prefix match.
E.A /16 is more specific than a /24.
AnswersA, B

This is correct because specificity is the core rule in longest-prefix match.

Why this answer

Longest-prefix match means the router prefers the most specific route that matches the destination. In plain language, if several routes could all work, the router chooses the one that describes the destination range most precisely. That is why a /25 wins over a /24, and a /24 wins over a /16, when all of them match the same destination.

This is a foundational routing rule. The wrong answers usually confuse route specificity with route-source trust or assume the default route is considered first. The two correct answers are the ones that keep the focus on specificity.

Exam trap

A frequent exam trap is assuming that the default route (0.0.0.0/0) is preferred over more specific routes. Many candidates mistakenly believe the default route is always the first choice, but in reality, it is the least specific and only used when no other matching route exists. Another trap is confusing administrative distance with longest-prefix match; administrative distance only applies when choosing between routes learned from different sources, not when selecting the most specific prefix.

Misunderstanding these concepts can lead to incorrect answers about routing behavior in Cisco devices.

Why the other options are wrong

C

Option C is incorrect because the default route is the least specific and is only used when no other matching route exists, not preferred over specific routes.

D

Option D is incorrect as administrative distance is a separate concept used to select between routes from different protocols, not to replace longest-prefix match.

E

Option E is incorrect because a /16 is less specific than a /24; the longer the prefix length, the more specific the route.

139
MCQhard

A network technician is troubleshooting a router-on-a-stick configuration. R1 has sub-interface G0/0.10 with encapsulation dot1q 10 and IP 192.168.10.1/24, and sub-interface G0/0.20 with encapsulation dot1q 20 and IP 192.168.20.1/24. Hosts in VLAN 10 cannot reach hosts in VLAN 20. The physical interface G0/0 is up and no shutdown. Both sub-interfaces show up/up. What should the technician do next?

A.Verify the switch port connected to R1 is configured as a trunk and allows VLANs 10 and 20.
B.Verify the encapsulation dot1Q numbers on the sub-interfaces match the VLAN assignments.
C.Verify the default gateway settings on hosts in VLANs 10 and 20.
D.Check the physical interface G0/0 for interface errors or duplex mismatches.
AnswerA

This directly addresses the most probable cause: a missing or misconfigured trunk on the switch side. Even with router sub-interfaces up/up, the link must be a trunk carrying the correct VLANs for inter-VLAN routing to function.

Why this answer

The router's sub-interfaces being 'up/up' only confirms the physical link and Layer 2 protocol (using the native VLAN untagged, often VLAN 1) are active. It does not prove that the switch port is a trunk, nor that VLANs 10 and 20 are allowed across the link. Without a properly configured trunk, tagged frames for those VLANs will not traverse.

Verifying the switch port trunk configuration and allowed VLANs is the most logical next step to resolve inter-VLAN communication at Layer 2 before investigating Layer 3 settings.

Exam trap

Verifying the default gateway on hosts (option C) – candidates often skip the trunk verification and assume the router's config is correct because the sub-interfaces are up. However, 'up/up' status does not guarantee VLAN-tagged traffic can pass; it only indicates a working physical link and protocol on the native VLAN.

Why the other options are wrong

B

Candidates may think the encapsulation numbers might be swapped, but the stem confirms they are correctly assigned to the respective VLAN IDs.

C

Many candidates jump to end-host configuration, assuming the router is fully reachable because interfaces are up/up, but the trunk is the prerequisite for any communication between VLANs.

D

Candidates might think any communication loss warrants a physical layer check, but here the symptoms point strongly toward a Layer 2 trunking issue.

140
PBQhard

You are connected to R1. The network currently uses a static default route pointing to ISP1 (198.51.100.1) via GigabitEthernet0/0. However, the backup link to ISP2 (203.0.113.1) via Serial0/0/0 has a floating static default route with an administrative distance of 130. The backup route is not taking over when the primary link fails. Configure the floating static route correctly so that it becomes active when the primary route is lost, and verify that the routing table shows the backup default route with the appropriate next-hop.

Network Topology
G0/0198.51.100.2/30198.51.100.1S0/0/0203.0.113.2/30203.0.113.1R1ISP1ISP2

Hints

  • Examine the primary static route configuration for any unusual keywords.
  • A static route with the 'permanent' keyword remains in the routing table even if the interface goes down.
  • The floating static route has a higher AD (130) so it will only be used when the primary route is absent.
A.Remove the primary static route and reconfigure it without the 'permanent' keyword, then verify the backup route appears in the routing table.
B.Change the administrative distance of the floating static route to 1 so it is preferred over the primary route.
C.Add the 'permanent' keyword to the floating static route to ensure it remains in the routing table.
D.Configure a static route with a next-hop of 203.0.113.1 and an administrative distance of 130, but also add the 'track' command to monitor the primary link.
AnswerA
solution
! R1
conf t
no ip route 0.0.0.0 0.0.0.0 198.51.100.1 permanent
ip route 0.0.0.0 0.0.0.0 198.51.100.1
end

Why this answer

The primary static default route was configured with the 'permanent' keyword, which keeps the route in the routing table even when the GigabitEthernet0/0 interface goes down. This prevents the floating static route (AD 130) from becoming active. The solution is to remove the primary route (no ip route 0.0.0.0 0.0.0.0 198.51.100.1 permanent) and reconfigure it without the 'permanent' keyword.

After that, when the primary link fails, the route is removed, and the backup route (AD 130) enters the routing table. Option A is correct. Option B would make the backup preferred over the primary, which is not the intended behavior.

Option C (adding permanent to the backup) would not help and could cause issues. Option D (track) is an alternative but not the required configuration here.

Exam trap

Be careful: The 'permanent' keyword on a static route keeps it in the routing table even if the interface is down. This can prevent floating static routes from becoming active. Always check for 'permanent' when troubleshooting backup route issues.

Why the other options are wrong

B

The specific factual error: Administrative distance determines route preference; a lower AD is preferred. Setting the backup to AD 1 would make it the primary route, not a backup.

C

The specific factual error: The 'permanent' keyword prevents route removal when the interface goes down, which is not the solution here. The backup route needs to become active when the primary fails, not be forced to stay.

D

The specific factual error: The track command is used to conditionally remove a static route based on reachability, but it is not necessary if the primary route is correctly configured without 'permanent'. The existing backup route should work once the primary route is removed.

141
MCQhard

Based on the exhibit, what is the most likely reason the PPP link is down?

A.The serial interfaces use different encapsulations.
B.PPP requires CAPWAP on both routers.
C.The routers must run BGP before PPP can establish.
D.Serial links can use only OSPF, not PPP.
AnswerA

This is correct because PPP on one side and HDLC on the other will prevent normal link operation.

Why this answer

The PPP link is down because the two ends are configured for different encapsulations. In practical terms, one side is using PPP and the other is using HDLC, so the devices are not speaking the same data-link protocol on the serial link. Until those encapsulations match, the link cannot come up correctly at the data-link layer.

This is a classic WAN troubleshooting pattern that fits well into simulation-style exam coverage.

Exam trap

A frequent exam trap is to assume that routing protocols such as BGP or OSPF must be configured before a PPP link can establish, or that PPP requires additional protocols like CAPWAP. This is incorrect because PPP operates at Layer 2 and must first establish the data link before any routing protocol can function. Another common mistake is to believe that serial links cannot use PPP and only support OSPF or other routing protocols, which confuses encapsulation with routing.

The key is to recognize that mismatched encapsulation protocols like PPP versus HDLC prevent the link from coming up, regardless of routing configuration.

Why the other options are wrong

B

Incorrect because CAPWAP is a wireless protocol unrelated to serial link encapsulation. PPP does not require CAPWAP for operation on serial interfaces.

C

Incorrect because routing protocols like BGP are Layer 3 protocols and do not affect the Layer 2 establishment of a PPP link. The link must be up before routing protocols can run.

D

Incorrect because serial links can use PPP encapsulation. Cisco routers default to HDLC, but PPP is a supported and common WAN encapsulation protocol.

142
MCQeasy

What metric does RIP use to choose the best path?

A.Bandwidth
B.Cost
C.Hop count
D.Delay
AnswerC

Correct. RIP uses hop count.

Why this answer

RIP uses hop count as its metric. Lower hop count paths are preferred, up to the protocol maximum of 15 usable hops.

Exam trap

Don't confuse RIP's hop count metric with metrics used by other protocols like OSPF or EIGRP.

Why the other options are wrong

A

RIP does not use bandwidth as a metric; it relies solely on hop count. Bandwidth is used by EIGRP in its composite metric calculation, not by RIP.

B

Cost is the metric used by OSPF, not RIP. RIP uses hop count as its sole metric, making cost an incorrect choice for this question.

D

Delay is not a metric used by RIP; RIP only considers hop count. Delay is a component in the EIGRP composite metric, but not in RIP.

143
Matchingmedium

Match each wireless concept to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

The network name that clients see when identifying a wireless LAN

A wireless security standard that commonly uses AES encryption

A device that provides wireless connectivity to clients

A design in which centralized devices manage access points

Why these pairings

SSID is the Service Set Identifier, the network name that clients see when scanning for Wi-Fi. WPA2 is a Wi-Fi Protected Access 2 security standard that commonly uses AES encryption to secure traffic. An AP (Access Point) is a device that bridges wired and wireless networks, providing connectivity to clients.

A controller-based WLAN uses a centralized controller to manage configuration, roaming, and security across multiple APs.

Exam trap

The exam often tests the difference between BSS, ESS, and IBSS. Remember: BSS = one AP, ESS = multiple APs, IBSS = no AP. Also, do not confuse BSS with BSSID; BSSID is the AP's MAC address, not the network itself.

144
Matchingmedium

Match each route source or concept to its most accurate description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Present because the network is directly attached to an interface

Manually configured route

Dynamic route source that learns paths through the protocol

Backup static route configured with higher administrative distance

Why these pairings

These are fundamental routing concepts and sources. Each pairing matches the route source with its accurate description as taught in Cisco certification exams.

Exam trap

Be careful not to confuse the descriptions of different route types. The question asks for the most accurate description for each route source or concept. Ensure you know the exact definitions: directly connected routes are automatic, static routes are manual, default routes are catch-all, and floating static routes are backup routes with higher AD.

145
MCQmedium

Exhibit: Consider the following ACL applied inbound on interface G0/0: access-list 100 deny ip host 10.10.10.10 any access-list 100 deny tcp any host 10.10.10.10 eq 23 access-list 100 permit ip any any The intent is to block only Telnet (TCP port 23) to server 10.10.10.10 while permitting everything else. However, users cannot reach any service on that server. Why?

A.The ACL must be applied outbound, not inbound
B.The deny ip statement blocks all traffic to the host before the Telnet-specific line is evaluated
C.Extended ACLs cannot match TCP port 23
D.Telnet uses UDP, so the ACE should reference udp
AnswerB

The first matching ACE wins.

Why this answer

ACLs are processed top-down, and the first match is applied. The first line denies all IP traffic to the host (any protocol, any port). This matches all packets destined for 10.10.10.10 before the Telnet-specific line is ever reached, effectively blocking every service, not just Telnet.

Exam trap

A common mistake is assuming the ACL evaluates all lines before deciding to block or permit; in reality, it stops at the first match, so a broad deny earlier in the list overrides more specific denies later.

Why the other options are wrong

A

Applying the ACL outbound would not change the order of lines; the same logic applies—the first match still blocks all traffic.

C

Extended ACLs can match TCP port 23 using the keyword 'eq telnet' or 'eq 23'; this is not a limitation.

D

Telnet uses TCP, not UDP; referencing udp would never match Telnet traffic.

146
MCQhard

R1 and R2 are directly connected and running OSPF. They can ping each other, the area matches, and the timers match, but they still do not become neighbors. What is the most likely cause?

A.The OSPF authentication keys do not match.
B.The subnet mask is too small for OSPF to operate.
C.The routers must use different process IDs.
D.The interfaces must be configured as switch trunks.
AnswerA

This is correct because mismatched OSPF MD5 authentication prevents neighbor formation even when addressing and area values are correct.

Why this answer

The most likely cause is a mismatch in OSPF authentication keys. Even though the routers have IP connectivity, matching area IDs, and identical timers, OSPF adjacency requires that authentication parameters also match. If authentication is enabled on both sides but the keys differ, OSPF packets are silently rejected, preventing neighbor formation.

Exam trap

A frequent exam trap is to overlook OSPF authentication mismatches when routers have IP connectivity and matching area IDs. Candidates may incorrectly assume that because the routers can ping each other and timers match, adjacency must form. However, if OSPF authentication keys differ, routers silently reject OSPF packets, preventing neighbor formation.

This trap exploits the misconception that IP reachability alone ensures OSPF adjacency, ignoring the critical role of matching authentication parameters in the OSPF neighbor negotiation process.

Why the other options are wrong

B

This is incorrect because OSPF operates normally on /30 subnets commonly used for point-to-point links. Subnet mask size does not prevent OSPF adjacency.

C

This is incorrect because OSPF process IDs are locally significant identifiers and do not need to match between routers to form neighbors.

D

This is incorrect because OSPF runs over routed interfaces and does not require interfaces to be configured as switch trunks, which are used for VLAN tagging.

147
MCQhard

A network administrator configures OSPF on two routers, R1 and R2, connected via their Serial0/0/0 interfaces (IP addresses 10.1.1.1/30 and 10.1.1.2/30). They verify that both routers use the same OSPF process ID and area 0, but R1's 'show ip ospf neighbor' shows no adjacencies. Given the partial exhibit from R1, what is the most likely cause of the adjacency failure and its correct solution?

A.Configure 'no passive-interface Serial0/0/0' under router ospf 1 on R1.
B.Replace the network statement with 'network 10.1.1.0 0.0.0.255 area 0' to cover a larger range.
C.Change the OSPF process ID on R1 to match R2, using 'router ospf 100' and re-entering the network command.
D.Issue 'clear ip ospf process' on R1 to restart OSPF and reattempt neighbor discovery.
AnswerA

This command lifts the passive restriction on Serial0/0/0, allowing OSPF hello packets to be sent and received, enabling the adjacency to form.

Why this answer

The most likely cause is that R1's Serial0/0/0 interface is configured as a passive interface under OSPF. When an interface is set as passive, OSPF does not send Hello packets out of it, preventing neighbor discovery and adjacency formation. The solution is to use the 'no passive-interface Serial0/0/0' command under router ospf 1 on R1, which allows Hello packets to be transmitted and the adjacency to establish.

Exam trap

Cisco often tests the misconception that OSPF process IDs must match between routers, leading candidates to choose option C, when in fact process IDs are locally significant and only area IDs and authentication must match.

Why the other options are wrong

B

A larger wildcard mask does not override the passive-interface setting; adjacency still fails.

C

Adjacency depends on area and authentication, not on the router-local process ID; passive-interface is the real issue.

D

The root cause is a configuration that blocks hellos, not a transient state; the reset is ineffective.

148
Multi-Selectmedium

Which TWO statements accurately describe OSPFv3 configuration and verification for IPv6?

Select 2 answers
A.OSPFv3 uses IPv6 link-local addresses for neighbor discovery and next-hop addresses.
B.The 'network' command under 'ipv6 router ospf' is used to advertise subnets into OSPFv3.
C.The 'ipv6 ospf <process-id> area <area-id>' command is used to enable OSPFv3 on an interface.
D.The 'ipv6 router ospf <process-id>' command is used on an interface to enable OSPFv3.
E.The 'show ipv6 ospf neighbor' command displays the OSPFv3 link-state database.
AnswersA, C

In OSPFv3, routers form adjacencies using their IPv6 link-local addresses, and these addresses are used as next-hop addresses in routing updates.

Why this answer

Option A is correct because OSPFv3 uses IPv6 link-local addresses for neighbor discovery and next-hop addresses. Option C is correct because the 'ipv6 ospf <process-id> area <area-id>' interface command enables OSPFv3 on that interface. Option B is incorrect: OSPFv3 does not use the 'network' command; instead, it relies on interface-level configuration.

Option D is incorrect: 'ipv6 router ospf <process-id>' is a global configuration command to enter OSPFv3 router configuration mode, not an interface command. Option E is incorrect: 'show ipv6 ospf neighbor' displays neighbor adjacencies, not the link-state database; use 'show ipv6 ospf database' for that.

Exam trap

Cisco often tests the misconception that OSPFv3 uses the same 'network' command as OSPFv2, when in fact OSPFv3 requires interface-level configuration with the 'ipv6 ospf <process-id> area <area-id>' command.

Why the other options are wrong

D

'ipv6 router ospf <process-id>' is a global configuration command, not an interface command; enabling OSPFv3 on an interface requires the 'ipv6 ospf <process-id> area <area-id>' command.

E

'show ipv6 ospf neighbor' displays OSPFv3 neighbor adjacencies, not the link-state database; to view the LSDB, use 'show ipv6 ospf database'.

149
Drag & Dropmedium

Drag and drop the following steps into the correct order to configure IPv4 and IPv6 static routes, a default route, and a floating static route with a higher administrative distance, then verify with show ip route and show ipv6 route.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

Start in global config, then configure static routes for IPv4, then IPv6, then default and floating static routes. Finally verify with show commands.

Exam trap

Do not confuse the order of configuration with the order of route preference. The default route is not configured first; it is configured after specific routes. Also, while IPv4 and IPv6 can be configured in any order, the question expects IPv4 before IPv6 based on the stem.

150
Drag & Dropmedium

Drag and drop the following OSPFv2 neighbor state transitions into the correct order, starting from the initial state after an adjacency is attempted and ending with the fully adjacent state.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

OSPF neighbor states progress from Down to Init, then 2-Way, ExStart, Exchange, and finally Full (not listed).

Exam trap

Do not confuse the initial state with the first state where communication occurs. Down is the starting point, even though no communication has happened yet. Remember the full sequence: Down, Init, 2-Way, ExStart, Exchange, Loading, Full.

← PreviousPage 2 of 5 · 344 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Routing questions.