CCNA Networking Concepts Questions

75 of 104 questions · Page 1/2 · Networking Concepts topic · Answers revealed

1
MCQmedium

Which of the following is a characteristic of UDP?

A.Provides guaranteed delivery
B.Uses sequence numbers
C.Supports three-way handshake
D.Has lower overhead than TCP
AnswerD

UDP has minimal header size and no connection establishment, resulting in lower overhead.

Why this answer

UDP (User Datagram Protocol) is a connectionless transport-layer protocol that provides minimal overhead compared to TCP. It does not establish a connection before sending data, nor does it provide reliability, flow control, or error recovery, making it ideal for real-time applications like VoIP and streaming where speed is prioritized over guaranteed delivery.

Exam trap

The trap here is that candidates often confuse UDP's lack of reliability with being 'unreliable' in a negative sense, but the exam tests that UDP's lower overhead is a deliberate design choice for performance-sensitive applications.

How to eliminate wrong answers

Option A is wrong because UDP does not provide guaranteed delivery; it is a best-effort protocol that does not retransmit lost packets. Option B is wrong because UDP does not use sequence numbers; sequence numbers are a feature of TCP used for ordering and reliability. Option C is wrong because UDP does not support a three-way handshake; the three-way handshake is a TCP mechanism used to establish a reliable connection.

2
MCQmedium

A network technician is analyzing a small office network topology. An 8-port switch has 7 workstations directly connected. The remaining switch port is connected to a 4-port hub, which has 4 workstations attached. All devices are configured on the same VLAN and IP subnet. How many collision domains and broadcast domains are present in this network?

A.8 collision domains, 1 broadcast domain
B.11 collision domains, 1 broadcast domain
C.12 collision domains, 5 broadcast domains
D.8 collision domains, 5 broadcast domains
AnswerA

Correct. Each switch port creates its own collision domain (8 total). The hub does not add separate collision domains; it connects all its ports into the collision domain of the switch port it is attached to. All devices are on the same VLAN, so there is one broadcast domain.

Why this answer

Switches create a separate collision domain per port, so the 8-port switch provides 8 collision domains. The hub connected to one switch port extends that single collision domain to all its attached devices, but does not create new ones. All devices are on the same VLAN and IP subnet, so there is only one broadcast domain.

Therefore, the network has 8 collision domains and 1 broadcast domain.

Exam trap

Cisco often tests the distinction between hubs (Layer 1 repeaters that extend collision domains) and switches (Layer 2 devices that segment collision domains), and the trap here is assuming that each hub port creates its own collision domain, leading to overcounting collision domains, or confusing collision domains with broadcast domains by thinking hubs or switches create multiple broadcast domains.

How to eliminate wrong answers

Option B is wrong because it counts 11 collision domains, which incorrectly assumes each hub port creates its own collision domain (hubs do not segment collision domains; they repeat all signals, so the hub and its four workstations share one collision domain with the switch port). Option C is wrong because it claims 12 collision domains and 5 broadcast domains; a hub does not create additional collision domains beyond the switch port it connects to, and all devices on the same VLAN share a single broadcast domain, not five. Option D is wrong because it states 8 collision domains (correct) but 5 broadcast domains; broadcast domains are not segmented by hubs or switches in the same VLAN, so there is exactly one broadcast domain for the entire subnet.

3
MCQeasy

Which of the following is a characteristic of a Layer 2 broadcast domain?

A.Devices can communicate using MAC addresses alone.
B.All devices must be on the same IP subnet.
C.Broadcast frames are forwarded to all ports within the domain.
D.Routers are required to communicate between devices in the same domain.
AnswerC

The key characteristic of a broadcast domain is that a broadcast frame sent by any device is received by all other devices in that domain. Switches forward broadcasts to all ports in the same VLAN.

Why this answer

A Layer 2 broadcast domain consists of all devices that receive a broadcast frame sent by any device within that domain. Switches forward broadcast frames (destination MAC FF:FF:FF:FF:FF:FF) out all ports except the ingress port, ensuring every device in the same VLAN or collision-free segment sees the broadcast. This is why option C is correct.

Exam trap

The trap here is that candidates often confuse a broadcast domain with a collision domain, or incorrectly assume that being on the same IP subnet is a requirement for receiving broadcasts, when in fact Layer 2 broadcasts are forwarded regardless of IP addressing.

How to eliminate wrong answers

Option A is wrong because while devices within a Layer 2 broadcast domain can communicate using MAC addresses alone, this is not a defining characteristic of the broadcast domain itself—it is true of any switched network, and the question asks for a characteristic of the broadcast domain specifically. Option B is wrong because devices in the same Layer 2 broadcast domain do not have to be on the same IP subnet; they can be on different subnets and still receive each other's broadcast frames, though communication between subnets would require a router. Option D is wrong because routers are not required for communication within the same broadcast domain; switches handle all Layer 2 forwarding, and a router is only needed to route between different broadcast domains (subnets/VLANs).

4
MCQeasy

Which of the following best describes the primary difference between a hub and a switch?

A.A switch is faster than a hub because it operates at Layer 3
B.A hub broadcasts all frames to all ports; a switch forwards frames only to the destination port
C.A hub can segment collision domains; a switch cannot
D.Both hubs and switches operate at the same OSI layer but use different frame types
AnswerB

This is the core difference. Hubs repeat signals out all ports; switches use MAC address tables to deliver frames selectively.

Why this answer

A hub operates at Layer 1 (physical layer) and simply repeats electrical signals out all ports, causing all connected devices to receive every frame. A switch operates at Layer 2 (data link layer) and uses the MAC address table to forward frames only to the specific port where the destination device resides, reducing unnecessary traffic and improving network efficiency.

Exam trap

The trap here is that candidates often confuse the OSI layer of a switch (Layer 2) with a router (Layer 3) and incorrectly assume switches are faster because they operate at a higher layer, or they mistakenly think hubs can segment collision domains when in fact they expand them.

How to eliminate wrong answers

Option A is wrong because a switch operates at Layer 2, not Layer 3; Layer 3 devices are routers or multilayer switches that perform routing based on IP addresses. Option C is wrong because a hub does not segment collision domains—it creates a single collision domain for all ports, while a switch segments collision domains by providing a dedicated collision domain per port. Option D is wrong because hubs and switches operate at different OSI layers (Layer 1 vs.

Layer 2) and use the same Ethernet frame types, not different ones.

5
MCQmedium

A router has two routes to the same destination network: one learned via OSPF with a metric of 10, and another learned via EIGRP with a composite metric of 3072. The default administrative distances are OSPF=110, EIGRP=90. Which route will be installed in the routing table?

A.The OSPF route because it has a lower metric
B.The EIGRP route because it has a lower administrative distance
C.Both routes will be installed for load balancing
D.The OSPF route because it is a link-state protocol
AnswerB

EIGRP's default administrative distance of 90 is lower than OSPF's 110, so the router chooses the EIGRP route regardless of metric values.

Why this answer

The EIGRP route is installed because administrative distance (AD) is the primary tiebreaker when multiple routing protocols provide routes to the same destination. EIGRP has a default AD of 90, which is lower than OSPF's AD of 110, so the router prefers the EIGRP route regardless of metric values. Metrics are only compared when routes come from the same protocol.

Exam trap

The trap here is that candidates often confuse metric with administrative distance, mistakenly thinking a lower OSPF metric (10) beats a higher EIGRP metric (3072), when in fact the router first compares AD values (90 vs 110) and selects the EIGRP route.

How to eliminate wrong answers

Option A is wrong because it assumes metric is the deciding factor between different routing protocols; metrics are only comparable within the same protocol, not across OSPF and EIGRP. Option C is wrong because load balancing across different routing protocols does not occur by default; the router selects only the route with the lowest administrative distance, and both routes would not be installed unless the ADs were equal and the metrics were also equal, which is not the case here.

6
MCQhard

An IPv6 address has the prefix 2001:db8::/32. Which of the following IP addresses belongs to the same prefix?

A.2001:db8:1::1
B.2001:db9::1
C.2001:db7::1
D.fe80::1
AnswerA

The first 32 bits are 2001:0db8, which matches the prefix 2001:db8::/32.

Why this answer

The prefix 2001:db8::/32 means the first 32 bits of the address must be 2001:0db8. Option A (2001:db8:1::1) expands to 2001:0db8:0001:0000:0000:0000:0000:0001, which matches the first 32 bits exactly, so it belongs to the same /32 prefix.

Exam trap

Cisco often tests the misconception that the double-colon (::) compresses the prefix itself, leading candidates to incorrectly assume that 2001:db8::/32 matches any address starting with 2001:db8, even if the second hextet is altered (e.g., 2001:db9 or 2001:db7).

How to eliminate wrong answers

Option B is wrong because 2001:db9::1 expands to 2001:0db9:...; the second hextet (0db9) differs from the required 0db8, so it falls outside the /32 prefix. Option C is wrong because 2001:db7::1 expands to 2001:0db7:...; the second hextet (0db7) also differs from 0db8, placing it in a different /32 prefix.

7
MCQeasy

A network technician is explaining the process of resolving Layer 2 addresses to Layer 3 addresses on a local network. Which protocol is used by a host to determine the MAC address of another host given its IP address?

AnswerB

Address Resolution Protocol (ARP) maps an IPv4 address to a MAC address on the same local network.

Why this answer

ARP (Address Resolution Protocol) is the correct answer because it is specifically designed to resolve a known Layer 3 (IP) address to an unknown Layer 2 (MAC) address on a local network. When a host needs to send a frame to another host, it first checks its ARP cache; if no entry exists, it broadcasts an ARP request containing the target IP, and the host with that IP responds with its MAC address. This process is defined in RFC 826 and operates at the data link layer, enabling direct communication within the same broadcast domain.

Exam trap

The trap here is that candidates often confuse ARP with DNS because both involve 'resolution,' but DNS resolves names to IPs (Layer 3) while ARP resolves IPs to MACs (Layer 2), and Cisco tests this distinction by including DNS as a distractor in Layer 2 addressing questions.

How to eliminate wrong answers

Option A is wrong because DNS (Domain Name System) resolves human-readable domain names to IP addresses, not MAC addresses, and operates at the application layer. Option C is wrong because DHCP (Dynamic Host Configuration Protocol) is used to automatically assign IP addresses, subnet masks, default gateways, and other network configuration parameters to hosts, but it does not perform MAC-to-IP address resolution.

8
MCQeasy

A network engineer is troubleshooting a communication issue between two hosts. The engineer determines that the data is being segmented at the source and reassembled at the destination, but the segments are arriving out of order. Which OSI layer is responsible for sequencing the segments?

A.A) Physical layer
B.B) Data Link layer
C.C) Network layer
D.D) Transport layer
AnswerD

Correct. The Transport layer (e.g., TCP) segments data at the source, assigns sequence numbers, and reassembles the data in correct order at the destination.

Why this answer

The Transport layer (Layer 4) is responsible for end-to-end communication, including segmentation, reassembly, and sequencing of data segments. Protocols like TCP use sequence numbers to order segments correctly at the destination, even if they arrive out of order. This ensures the upper layers receive a complete, ordered data stream.

Exam trap

CompTIA often tests the misconception that the Network layer (Layer 3) handles sequencing because it deals with packet fragmentation and reassembly, but fragmentation is based on MTU size, not sequence numbers for ordering; sequencing is strictly a Transport layer function.

How to eliminate wrong answers

Option A is wrong because the Physical layer (Layer 1) handles raw bit transmission over the physical medium, with no concept of segments or sequencing. Option B is wrong because the Data Link layer (Layer 2) manages frame delivery on a single link, using MAC addresses and error detection, but does not perform end-to-end segment sequencing. Option C is wrong because the Network layer (Layer 3) handles packet routing and logical addressing (e.g., IP), but relies on the Transport layer for segment sequencing; IP packets can arrive out of order and are not resequenced at Layer 3.

9
MCQhard

A network administrator is configuring BGP between two autonomous systems. Which BGP attribute is primarily used to influence inbound traffic to a particular AS?

A.AS_PATH
B.Next Hop
C.Local Preference
D.MED (Multi-Exit Discriminator)
AnswerD

The MED attribute is used to suggest to a neighboring AS the preferred path for inbound traffic when multiple entry points exist.

Why this answer

The Multi-Exit Discriminator (MED) is a BGP attribute used to influence inbound traffic from a neighboring AS when multiple entry points exist. A lower MED value is preferred, allowing an AS to advertise to its neighbor which path should be used to reach it, thereby influencing traffic entering the local AS.

Exam trap

The trap here is confusing MED with Local Preference: candidates often pick Local Preference because it is a well-known attribute for path selection, but it influences outbound traffic from the local AS, not inbound traffic from a neighboring AS.

How to eliminate wrong answers

Option A is wrong because AS_PATH is used for loop prevention and path selection, but it primarily influences outbound traffic from an AS, not inbound traffic to a particular AS. Option B is wrong because Next Hop specifies the next router to reach a destination and is not used to influence inbound traffic decisions. Option C is wrong because Local Preference is used within an AS to influence outbound traffic leaving the AS, not inbound traffic entering it.

10
MCQeasy

A network administrator is configuring IP addresses for a new subnet. The network address is 192.168.1.0 with a subnet mask of 255.255.255.240. How many usable host addresses are available on this subnet?

A.14
B.16
C.30
D.62
AnswerA

A /28 subnet yields 16 addresses; after removing the network and broadcast addresses, 14 host addresses remain usable.

Why this answer

The subnet mask 255.255.255.240 (or /28) provides 16 total addresses per subnet. The network address (192.168.1.0) and the broadcast address (192.168.1.15) are reserved, leaving 16 - 2 = 14 usable host addresses. This is calculated as 2^(32-28) - 2 = 2^4 - 2 = 16 - 2 = 14.

Exam trap

The trap here is that candidates often forget to subtract the network and broadcast addresses, selecting the total number of addresses (16) instead of the usable host count (14).

How to eliminate wrong answers

Option B is wrong because 16 is the total number of addresses in the subnet, but it fails to subtract the two reserved addresses (network and broadcast), which are not assignable to hosts. Option C is wrong because 30 usable hosts would require a /27 subnet mask (255.255.255.224), which provides 32 total addresses minus 2, not the /28 mask given in the question.

11
MCQmedium

A company needs a subnet that will support exactly 50 devices. Which subnet mask provides the minimum number of usable host addresses while still accommodating the requirement?

A.255.255.255.128 (/25)
B.255.255.255.192 (/26)
C.255.255.255.224 (/27)
D.255.255.255.240 (/28)
AnswerB

/26 provides 62 usable hosts, which is the smallest subnet that can accommodate 50 devices.

Why this answer

Option B (255.255.255.192, /26) provides 2^(32-26) - 2 = 62 usable host addresses, which is the smallest subnet that supports exactly 50 devices. A /27 yields only 30 usable addresses (too few), while a /25 yields 126 usable addresses (wasteful). The requirement is to minimize waste while meeting the need.

Exam trap

Cisco often tests the candidate's ability to distinguish between total addresses and usable host addresses, with the trap being that candidates forget to subtract the network and broadcast addresses, leading them to incorrectly select a /27 (which has 32 total addresses but only 30 usable).

How to eliminate wrong answers

Option A is wrong because 255.255.255.128 (/25) provides 126 usable host addresses, which far exceeds the requirement of 50 devices and is not the minimum subnet mask. Option C is wrong because 255.255.255.224 (/27) provides only 30 usable host addresses (2^(32-27) - 2 = 30), which is insufficient to support 50 devices.

12
MCQeasy

A network technician is explaining the role of a network switch to a new employee. Which of the following best describes the primary function of a switch in a local area network?

A.It forwards data based on IP addresses.
B.It forwards data based on MAC addresses.
C.It connects different networks and performs routing.
D.It amplifies and repeats the signal to all ports.
AnswerB

A layer 2 switch uses MAC addresses to forward frames to the correct destination port, reducing unnecessary traffic.

Why this answer

A network switch operates at Layer 2 of the OSI model and uses MAC addresses to make forwarding decisions. When a frame arrives, the switch examines the destination MAC address, looks it up in its MAC address table, and forwards the frame only to the port associated with that address, reducing collision domains and improving network efficiency.

Exam trap

Cisco often tests the distinction between Layer 2 switching (MAC addresses) and Layer 3 routing (IP addresses), and the trap here is that candidates confuse the switch's forwarding decision with that of a router, especially when dealing with multilayer switches that can perform both functions.

How to eliminate wrong answers

Option A is wrong because switches forward data based on MAC addresses, not IP addresses; IP address-based forwarding is the function of a router (Layer 3 device). Option C is wrong because connecting different networks and performing routing is the role of a router, not a switch; a switch operates within a single local area network and does not route between subnets.

13
MCQeasy

Which of the following network topologies provides the highest level of redundancy and fault tolerance?

A.Star
B.Bus
C.Ring
D.Mesh
AnswerD

A mesh topology offers multiple redundant paths, providing the highest fault tolerance.

Why this answer

A mesh topology provides the highest level of redundancy and fault tolerance because every node has a dedicated point-to-point connection to every other node. This means that if any single link or node fails, traffic can be immediately rerouted through multiple alternative paths without any single point of failure. In a full mesh, the number of links is n(n-1)/2, ensuring maximum path diversity and resilience.

Exam trap

Cisco often tests the misconception that a ring topology (especially a dual-ring like FDDI) offers the highest fault tolerance, but candidates must remember that a full mesh provides more redundant paths and no single point of failure, whereas even a dual ring can be disrupted by multiple simultaneous failures.

How to eliminate wrong answers

Option A is wrong because a star topology relies on a central hub or switch; if that central device fails, all connected nodes lose connectivity, creating a single point of failure. Option B is wrong because a bus topology uses a single shared backbone cable; a break or fault in the backbone brings down the entire segment, and it offers no redundancy. Option C is wrong because a ring topology connects nodes in a closed loop; while some ring variants (e.g., FDDI) use dual rings for fault tolerance, a standard single-ring topology breaks entirely if any one node or link fails, and even dual rings provide less path diversity than a mesh.

14
MCQeasy

At which layer of the OSI model does a network device encapsulate data into frames and add source and destination MAC addresses?

A.Layer 1 – Physical
B.Layer 2 – Data Link
C.Layer 3 – Network
D.Layer 4 – Transport
AnswerB

The Data Link layer creates frames, adds MAC addresses, and provides error detection. It is the correct layer for this function.

Why this answer

The Data Link layer (Layer 2) is responsible for node-to-node communication and encapsulates packets from the Network layer into frames. It adds a header containing the source and destination MAC addresses, which are used for delivery within the same local network segment. This process is defined by IEEE 802 standards such as Ethernet (802.3) and Wi-Fi (802.11).

Exam trap

CompTIA often tests the distinction between MAC addresses (Layer 2) and IP addresses (Layer 3), and the trap here is that candidates may confuse the encapsulation process and incorrectly associate MAC addressing with the Network layer due to familiarity with IP addressing.

How to eliminate wrong answers

Option A is wrong because the Physical layer (Layer 1) deals with the transmission and reception of raw bit streams over a physical medium, such as electrical signals, light pulses, or radio waves, and does not perform framing or MAC addressing. Option C is wrong because the Network layer (Layer 3) encapsulates data into packets and adds source and destination IP addresses, not MAC addresses, and is responsible for logical addressing and routing across networks. Option D is wrong because the Transport layer (Layer 4) provides end-to-end communication services, segmenting data into segments (TCP) or datagrams (UDP), and adds port numbers and sequence numbers, not MAC addresses.

15
MCQeasy

A network administrator wants to automate IP address assignment for client devices. Which protocol should be used?

AnswerA

DHCP dynamically provides IP configuration to devices, making it the correct protocol for automated IP address assignment.

Why this answer

DHCP (Dynamic Host Configuration Protocol) automates IP address assignment by leasing IP configurations to client devices from a defined pool. This eliminates the need for manual static IP configuration, making it the correct protocol for automated IP address management.

Exam trap

CompTIA often tests the distinction between DHCP for address assignment and DNS for name resolution, leading candidates to confuse the two when the question mentions 'automating IP address assignment'.

How to eliminate wrong answers

Option B (DNS) is wrong because DNS translates domain names to IP addresses, it does not assign IP addresses to clients. Option C (ARP) is wrong because ARP resolves IP addresses to MAC addresses on a local network, it does not provide IP address assignment. Option D (ICMP) is wrong because ICMP is used for error reporting and diagnostic functions like ping, not for IP address allocation.

16
MCQeasy

A network technician is explaining the difference between a hub and a switch to a junior technician. Which statement correctly describes a key difference between these devices?

A.A hub operates at Layer 2, while a switch operates at Layer 1.
B.A hub sends frames out all ports except the incoming port; a switch sends frames only to the port with the matching MAC address.
C.A hub uses MAC addresses to make forwarding decisions, while a switch uses IP addresses.
D.A hub creates a separate collision domain for each port, while a switch creates a single collision domain.
AnswerB

This accurately describes the behavior: hubs flood all ports, switches forward based on MAC address table.

Why this answer

B is correct because a hub operates at Layer 1 (physical layer) and blindly repeats electrical signals out all ports except the incoming port, creating a single collision domain. In contrast, a switch operates at Layer 2 (data link layer) and uses the MAC address table to forward frames only to the specific port associated with the destination MAC address, reducing unnecessary traffic and creating separate collision domains per port.

Exam trap

Cisco often tests the confusion between Layer 1 and Layer 2 operations, where candidates mistakenly think a hub operates at Layer 2 or that a switch uses IP addresses, but the key trap is reversing the collision domain behavior—hub creates one collision domain, switch creates many.

How to eliminate wrong answers

Option A is wrong because a hub operates at Layer 1 (physical layer), not Layer 2, while a switch operates at Layer 2 (data link layer), not Layer 1. Option C is wrong because a hub does not use MAC addresses for forwarding decisions—it simply floods all ports; a switch uses MAC addresses, not IP addresses, for forwarding decisions at Layer 2. Option D is wrong because a hub creates a single collision domain for all ports, while a switch creates a separate collision domain for each port, thereby reducing collisions.

17
MCQhard

A network engineer is designing a new IPv6 addressing scheme. The company has been assigned a /48 prefix and needs to support up to 250 subnets. Which subnet size should be used to minimize waste while meeting the requirement?

A./52
B./56
C./64
D./60
AnswerB

A /56 prefix uses 8 bits for subnetting (48+8=56), providing 256 subnets (2^8). This meets the requirement of 250 subnets with minimal waste (6 unused subnets).

Why this answer

A /56 subnet provides 256 subnets (2^(56-48) = 2^8 = 256), which meets the requirement of up to 250 subnets with minimal waste. A /48 prefix is the site-level allocation, and using a /56 subnet mask leaves 8 bits for subnetting, offering exactly the needed capacity without over-allocating address space.

Exam trap

Cisco often tests the misconception that /64 is the only valid subnet size in IPv6, but the question asks for subnet size to minimize waste for subnets, not for SLAAC, so candidates incorrectly choose /64 without considering the requirement for only 250 subnets.

How to eliminate wrong answers

Option A (/52) is wrong because it provides only 16 subnets (2^(52-48) = 2^4 = 16), which is far fewer than the required 250 subnets. Option C (/64) is wrong because it provides 65,536 subnets (2^(64-48) = 2^16 = 65,536), which is excessive and wastes address space, though it is the standard subnet size for SLAAC. Option D (/60) is wrong because it provides 4,096 subnets (2^(60-48) = 2^12 = 4,096), which is more than needed but still wasteful compared to a /56.

18
MCQeasy

A network engineer is explaining to a manager why wireless networks often have lower throughput than wired Ethernet. Which of the following best describes the primary reason for this difference?

A.Wireless uses a different MAC method that requires waiting for an acknowledgment, reducing available bandwidth.
B.Wireless operates at half-duplex, while wired Ethernet typically operates at full-duplex.
C.Wireless uses CSMA/CA which involves a collision avoidance mechanism that adds overhead, whereas wired Ethernet uses CSMA/CD which only responds after collision.
D.Wireless signals are subject to interference, but the MAC protocol is identical to Ethernet.
AnswerC

Correct. CSMA/CA requires proactive steps to avoid collisions, reducing the effective data rate. CSMA/CD is more efficient in wired networks because it transmits immediately and handles collisions after they occur.

Why this answer

Option C is correct because wireless networks use CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance), which requires stations to perform a four-way handshake (RTS/CTS) and wait for an acknowledgment before transmitting. This collision avoidance mechanism introduces significant overhead, reducing effective throughput. In contrast, wired Ethernet uses CSMA/CD, which detects collisions after they occur and does not require such proactive overhead, allowing higher throughput.

Exam trap

The trap here is that candidates often assume half-duplex operation (Option B) is the primary cause, but Cisco tests the deeper understanding that the MAC protocol's overhead (CSMA/CA vs. CSMA/CD) is the fundamental reason for throughput differences, not just the duplex mode.

How to eliminate wrong answers

Option A is wrong because while wireless does use a different MAC method (CSMA/CA) that requires acknowledgments, the primary throughput difference is due to the collision avoidance overhead, not just the acknowledgment wait time. Option B is wrong because although wireless typically operates at half-duplex, this is a consequence of the shared medium and CSMA/CA, not the primary reason for lower throughput; wired Ethernet can also operate at half-duplex but still achieves higher throughput due to CSMA/CD's lower overhead. Option D is wrong because wireless signals are indeed subject to interference, but the MAC protocol is not identical to Ethernet; wireless uses CSMA/CA while wired Ethernet uses CSMA/CD, and this protocol difference is the key factor.

19
Drag & Dropmedium

Drag and drop the steps to recover a lost router password on a Cisco device into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Password recovery involves boot interruption, register change, and config reload.

20
MCQeasy

A network technician is explaining the difference between connection-oriented and connectionless protocols to a junior technician. Which of the following protocols is connectionless at the transport layer?

AnswerB

UDP is a connectionless protocol; it sends data without establishing a connection, making it faster but less reliable.

Why this answer

UDP (User Datagram Protocol) is the correct answer because it is a connectionless transport-layer protocol. It does not establish a session or guarantee delivery, instead sending datagrams independently without handshaking or acknowledgments, which makes it suitable for real-time applications like VoIP and streaming.

Exam trap

The trap here is that candidates often confuse ICMP or ARP as transport-layer protocols because they are involved in network communication, but the question specifically asks for the transport layer, where only TCP and UDP reside, and UDP is the connectionless one.

How to eliminate wrong answers

Option A is wrong because TCP (Transmission Control Protocol) is connection-oriented at the transport layer, requiring a three-way handshake and maintaining state for reliable, ordered delivery. Option C is wrong because ICMP (Internet Control Message Protocol) operates at the network layer (Layer 3), not the transport layer, and is used for error reporting and diagnostics. Option D is wrong because ARP (Address Resolution Protocol) operates at the data link layer (Layer 2) to map IP addresses to MAC addresses, and is not a transport-layer protocol.

21
MCQeasy

At which layer of the OSI model does logical addressing (e.g., IP addresses) and routing occur?

A.Data Link layer
B.Network layer
C.Transport layer
D.Physical layer
AnswerB

The Network layer (Layer 3) uses IP addresses for logical addressing and routing decisions.

Why this answer

The Network layer (Layer 3) of the OSI model is responsible for logical addressing, such as IPv4 and IPv6 addresses, and for routing packets between different networks. Routers operate at this layer, using routing tables and protocols like OSPF, BGP, or static routes to determine the best path for data. This layer provides end-to-end delivery and handles packet fragmentation and reassembly when necessary.

Exam trap

The trap here is that candidates often confuse the Network layer's logical addressing with the Data Link layer's MAC addressing, especially when they see 'addressing' in the question and default to Layer 2 without considering the 'routing' keyword that clearly points to Layer 3.

How to eliminate wrong answers

Option A is wrong because the Data Link layer (Layer 2) uses physical (MAC) addresses for communication within a single network segment and handles framing, error detection, and media access control, not logical addressing or routing. Option C is wrong because the Transport layer (Layer 4) manages end-to-end communication, segmentation, and flow control using protocols like TCP and UDP, but it does not perform logical addressing or routing. Option D is wrong because the Physical layer (Layer 1) deals with the raw bit stream over the physical medium, including electrical signals, connectors, and cable specifications, and has no concept of addresses or routing.

22
MCQeasy

A device is configured with IP address 192.168.1.130 and subnet mask 255.255.255.192. What is the network address of this device?

A.192.168.1.0
B.192.168.1.128
C.192.168.1.192
D.192.168.1.64
AnswerB

Correct: 130 is in the range 128-191, so the network address is 192.168.1.128.

Why this answer

The network address is found by performing a bitwise AND between the IP address 192.168.1.130 and the subnet mask 255.255.255.192. The mask 255.255.255.192 has a prefix length of /26, meaning the first 26 bits are the network portion. 192.168.1.130 in binary is 11000000.10101000.00000001.10000010, and the mask is 11111111.11111111.11111111.11000000; the AND yields 11000000.10101000.00000001.10000000, which is 192.168.1.128.

Exam trap

Cisco often tests the confusion between the network address and the broadcast address, especially when the IP address falls near the boundary of a subnet, leading candidates to mistakenly pick the broadcast address (192.168.1.192) or the default classful network (192.168.1.0).

How to eliminate wrong answers

Option A is wrong because 192.168.1.0 is the network address for a /24 subnet (255.255.255.0), not for a /26 subnet; it incorrectly assumes the default classful boundary. Option C is wrong because 192.168.1.192 is actually the broadcast address for the 192.168.1.128/26 subnet, not the network address; it results from setting all host bits to 1 instead of 0.

23
MCQeasy

A network engineer is designing a subnet that can support at least 10 hosts. Which subnet mask would provide exactly 14 usable host addresses?

A./27
B./28
C./29
D./30
AnswerB

Correct. /28 gives 2^(32-28)-2 = 14 usable hosts, satisfying the requirement of at least 10 and exactly 14.

Why this answer

A /28 subnet mask (255.255.255.240) provides 16 total addresses per subnet. Subtracting the network address and broadcast address leaves 14 usable host addresses, which exactly meets the requirement of at least 10 hosts.

Exam trap

Cisco often tests the distinction between total addresses and usable addresses, where candidates forget to subtract the network and broadcast addresses, leading them to incorrectly select /29 (8 total addresses) thinking it supports 8 hosts.

How to eliminate wrong answers

Option A (/27) is wrong because it provides 30 usable host addresses (32 total minus 2), which exceeds the requirement of exactly 14 usable addresses. Option C (/29) is wrong because it provides only 6 usable host addresses (8 total minus 2), which is insufficient to support at least 10 hosts.

24
MCQmedium

A network engineer needs to assign IP addresses to a new subnet that will support exactly 25 devices. Which subnet mask would provide the minimum number of usable host addresses while still accommodating the requirement?

A.255.255.255.240 (/28)
B.255.255.255.224 (/27)
C.255.255.255.192 (/26)
D.255.255.255.128 (/25)
AnswerB

/27 provides 28 usable hosts, which meets the requirement with minimal waste.

Why this answer

Option B (255.255.255.224, /27) provides 32 total addresses per subnet, with 30 usable host addresses (2^(32-27)-2 = 30). This is the smallest subnet that can accommodate exactly 25 devices, as /28 yields only 14 usable hosts and /26 yields 62, which is excessive.

Exam trap

Cisco often tests the common misconception that the number of usable hosts equals 2^(host bits) without subtracting the network and broadcast addresses, leading candidates to incorrectly choose a /28 mask thinking 16 addresses are enough for 25 devices.

How to eliminate wrong answers

Option A is wrong because 255.255.255.240 (/28) provides only 14 usable host addresses (2^(32-28)-2 = 14), which is insufficient for 25 devices. Option C is wrong because 255.255.255.192 (/26) provides 62 usable host addresses (2^(32-26)-2 = 62), which far exceeds the requirement of 25 devices and is not the minimum subnet mask.

25
MCQeasy

A client obtains an IP address from a DHCP server but cannot resolve hostnames. The client can ping the default gateway and external IP addresses successfully. What is the most likely cause?

A.Incorrect subnet mask
B.DNS server misconfiguration
C.Default gateway not set
D.Firewall blocking DNS
AnswerB

DNS is used for hostname resolution. If the DNS server address is wrong or unreachable, name resolution will fail even though IP connectivity works.

Why this answer

The client can ping external IP addresses and the default gateway, confirming that IP connectivity and routing are functional. However, the inability to resolve hostnames points directly to a DNS resolution failure, which occurs when the DNS server address is misconfigured or unreachable. Since DHCP provided the IP address, the DNS server setting is likely incorrect or missing in the DHCP scope.

Exam trap

Cisco often tests the distinction between IP connectivity and name resolution, trapping candidates who assume that successful pings to external IPs imply DNS is working, when in fact DNS is a separate service that must be explicitly configured.

How to eliminate wrong answers

Option A is wrong because an incorrect subnet mask would prevent communication with hosts outside the local subnet, but the client can ping external IP addresses successfully, ruling out a subnet mask issue. Option C is wrong because the default gateway is correctly set, as evidenced by successful pings to external IP addresses; if it were missing, external pings would fail.

26
MCQmedium

In the OSI model, which layer is responsible for establishing, managing, and terminating sessions between applications, as well as providing checkpoints and recovery?

A.Transport layer
B.Session layer
C.Network layer
D.Data link layer
AnswerB

The session layer (Layer 5) is responsible for establishing, maintaining, and terminating sessions between applications. It also provides synchronization points for checkpointing and recovery.

Why this answer

The Session layer (Layer 5) of the OSI model is explicitly responsible for establishing, managing, and terminating sessions between applications, as well as providing checkpointing and recovery mechanisms. This layer uses protocols like NetBIOS, RPC, and PPTP to coordinate dialog control, synchronization points, and session restoration after failures, ensuring that long-lived transactions can resume from a checkpoint rather than restarting entirely.

Exam trap

Cisco often tests the Session layer by describing its functions in a way that sounds like Transport-layer reliability (e.g., 'checkpoints and recovery'), leading candidates to mistakenly choose the Transport layer because they associate recovery with TCP's retransmission, but TCP only recovers lost segments, not application sessions.

How to eliminate wrong answers

Option A is wrong because the Transport layer (Layer 4) handles end-to-end delivery, segmentation, reassembly, and error recovery at the segment level (e.g., TCP retransmission), but it does not manage application-level sessions, checkpoints, or dialog control. Option C is wrong because the Network layer (Layer 3) is responsible for logical addressing (IP addresses), routing, and packet forwarding, not for session management or recovery between applications.

27
MCQeasy

Which layer of the OSI model is responsible for logical addressing and routing of packets between networks?

A.Data Link layer
B.Network layer
C.Transport layer
D.Application layer
AnswerB

The Network layer provides logical addressing and routing functions, enabling communication across different networks.

Why this answer

The Network layer (Layer 3) is responsible for logical addressing (e.g., IPv4/IPv6 addresses) and routing packets between different networks by determining the best path using routing protocols such as OSPF, BGP, or static routes. Unlike the Data Link layer, which handles physical addressing (MAC) within a single network segment, the Network layer enables end-to-end delivery across multiple hops.

Exam trap

Cisco often tests the distinction between logical addressing (Layer 3) and physical addressing (Layer 2), leading candidates to mistakenly choose the Data Link layer because they associate 'addressing' with MAC addresses rather than IP addresses.

How to eliminate wrong answers

Option A is wrong because the Data Link layer (Layer 2) handles physical addressing (MAC addresses) and frame delivery within a single broadcast domain, not logical addressing or routing between networks. Option C is wrong because the Transport layer (Layer 4) manages end-to-end communication, segmentation, and error recovery (e.g., TCP/UDP), but does not perform logical addressing or routing. Option D is wrong because the Application layer (Layer 7) provides network services to user applications (e.g., HTTP, FTP), and has no role in packet forwarding or logical addressing.

28
MCQeasy

Which transport layer protocol is used by VoIP and streaming video because it provides low latency and does not require retransmission?

A.TCP
B.UDP
D.IGMP
AnswerB

UDP is connectionless, low-latency, and does not retransmit lost packets, making it ideal for VoIP and streaming video.

Why this answer

VoIP and streaming video use UDP (User Datagram Protocol) because it is connectionless and provides low-latency transmission without retransmission of lost packets. This is critical for real-time applications where a slight delay is more disruptive than occasional packet loss.

Exam trap

CompTIA often tests the misconception that 'reliable delivery is always better,' leading candidates to choose TCP, but the trap is that real-time applications prioritize low latency over guaranteed delivery, making UDP the correct choice.

How to eliminate wrong answers

Option A is wrong because TCP (Transmission Control Protocol) is connection-oriented and provides reliable delivery with retransmission, which introduces latency and jitter unsuitable for real-time streaming. Option C is wrong because ICMP (Internet Control Message Protocol) is a network-layer protocol used for error reporting and diagnostics (e.g., ping), not for transporting application data. Option D is wrong because IGMP (Internet Group Management Protocol) is used for managing multicast group memberships at the network layer, not for end-to-end data transport.

29
MCQeasy

At which layer of the OSI model does a device provide flow control, error detection, and recovery for end-to-end communication?

A.A: Transport layer
B.B: Network layer
C.C: Data Link layer
D.D: Session layer
AnswerA

The Transport layer manages end-to-end connections, flow control, and error recovery.

Why this answer

The Transport layer (Layer 4) is responsible for end-to-end communication between source and destination hosts. It provides flow control (e.g., TCP's sliding window mechanism), error detection (via checksums in TCP and UDP headers), and recovery (through TCP retransmission of lost segments). These functions ensure reliable data delivery across the network, distinguishing it from lower layers that handle hop-by-hop or link-local tasks.

Exam trap

Cisco often tests the distinction between hop-by-hop (Data Link) and end-to-end (Transport) responsibilities, tricking candidates into confusing link-layer error detection (e.g., Ethernet CRC) with end-to-end recovery, which is exclusively a Transport layer function.

How to eliminate wrong answers

Option B is wrong because the Network layer (Layer 3) handles routing and logical addressing (e.g., IP), but does not provide end-to-end flow control or error recovery; it relies on upper layers for reliability. Option C is wrong because the Data Link layer (Layer 2) provides flow control and error detection only on a single link (e.g., Ethernet's CRC), not for end-to-end communication across multiple hops.

30
MCQeasy

A junior network technician asks which device operates at Layer 2 of the OSI model and uses MAC addresses to forward frames. Which device is the technician describing?

A.Hub
B.Switch
C.Router
AnswerB

Switches use MAC addresses to forward frames at Layer 2.

Why this answer

A switch operates at Layer 2 (Data Link layer) of the OSI model and uses MAC addresses to make forwarding decisions. It builds a MAC address table by learning source MAC addresses from incoming frames and then forwards frames only to the specific port associated with the destination MAC address, reducing collision domains and improving network efficiency.

Exam trap

Cisco often tests the distinction between Layer 2 and Layer 3 devices by asking about forwarding decisions based on MAC vs. IP addresses, and the trap here is that candidates may confuse a switch with a router because both can connect multiple devices, but only the switch operates purely at Layer 2 using MAC addresses.

How to eliminate wrong answers

Option A is wrong because a hub operates at Layer 1 (Physical layer) and simply repeats electrical signals out all ports, with no ability to read or use MAC addresses; it creates a single collision domain and cannot filter frames. Option C is wrong because a router operates at Layer 3 (Network layer) and forwards packets based on IP addresses, not MAC addresses; it uses routing tables and protocols like OSPF or BGP to determine the best path.

31
MCQeasy

Which of the following best describes the purpose of the TCP three-way handshake?

A.To establish a reliable connection between two hosts
B.To terminate a connection gracefully
C.To resolve an IP address to a MAC address
D.To encrypt data between two devices
AnswerA

Correct. The three-way handshake sets up a TCP connection with synchronized sequence numbers.

Why this answer

The TCP three-way handshake is the process by which two hosts synchronize sequence numbers and establish a reliable connection before data transfer begins. It involves the exchange of SYN, SYN-ACK, and ACK segments, ensuring both sides are ready to communicate and agree on initial sequence numbers (ISNs) as defined in RFC 793.

Exam trap

The trap here is that candidates confuse the TCP three-way handshake with connection termination (the four-way handshake) or with lower-layer address resolution protocols like ARP, leading them to select the graceful termination or IP-to-MAC resolution options.

How to eliminate wrong answers

Option B is wrong because terminating a connection gracefully is accomplished using the TCP four-way handshake (FIN/ACK exchange), not the three-way handshake. Option C is wrong because resolving an IP address to a MAC address is the function of ARP (Address Resolution Protocol), not a TCP handshake mechanism.

32
Matchingmedium

Match each network device to its primary function.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Forwards packets between different networks based on IP addresses

Forwards frames within the same network based on MAC addresses

Filters traffic based on security rules

Connects wireless clients to a wired network

Why these pairings

These are essential network devices.

33
MCQhard

A network engineer is troubleshooting connectivity issues between two data center switches that are configured to support jumbo frames with an MTU of 9000. The link is a 10 Gigabit Ethernet fiber connection. Large file transfers fail, but small transfers succeed. What is the most likely cause?

A.A
B.B
C.C
D.D
AnswerC

An intermediate device with a standard MTU will drop large frames, causing jumbo frame traffic to fail.

Why this answer

The most likely cause is that the MTU mismatch is causing large frames to be dropped. Jumbo frames of 9000 bytes require a consistent MTU across the entire Layer 2 path. If one switch is configured for 9000 and the other for the standard 1500, large frames will be silently discarded because the receiving switch cannot reassemble them.

Small transfers succeed because they fit within the standard MTU.

Exam trap

The trap here is that candidates often assume a physical layer issue (like a bad cable or transceiver) when the symptom is selective failure based on packet size, but the real cause is an MTU mismatch, which is a Layer 2 configuration problem.

How to eliminate wrong answers

Option A is wrong because a duplex mismatch would cause collisions and errors on all traffic, not just large file transfers, and 10 Gigabit Ethernet fiber links typically auto-negotiate duplex to full. Option B is wrong because a faulty SFP+ transceiver would cause intermittent or complete link failure, not a selective failure based on frame size; the link would likely show errors or go down entirely.

34
MCQeasy

Which IPv6 address type is used for one-to-many communication and is similar to an IPv4 multicast address?

A.Multicast
B.Anycast
C.Unicast
D.Broadcast
AnswerA

Multicast delivers packets to all interested nodes in a group, analogous to IPv4 multicast.

Why this answer

IPv6 multicast addresses (FF00::/8) are designed for one-to-many communication, where a single packet is delivered to multiple interfaces that have joined the multicast group. This directly parallels the behavior of IPv4 multicast addresses (224.0.0.0/4), making option A correct.

Exam trap

The trap here is that candidates confuse anycast with multicast because both involve groups of interfaces, but anycast delivers to only one member (the nearest), while multicast delivers to all members.

How to eliminate wrong answers

Option B is wrong because anycast addresses are used for one-to-one-of-many communication, where a packet is delivered to the nearest interface (by routing metric) among a group, not to all members simultaneously. Option C is wrong because unicast addresses (e.g., global unicast, link-local) are strictly one-to-one communication between a single source and a single destination. Option D is wrong because IPv6 does not have a broadcast address; broadcast functionality is replaced by multicast (e.g., the all-nodes multicast address FF02::1).

35
MCQeasy

Which device operates at Layer 1 (Physical) of the OSI model and regenerates electrical signals to extend the distance of a network segment?

A.Switch
B.Router
C.Hub
D.Bridge
AnswerC

A hub is a Layer 1 device that repeats incoming signals to all ports, extending the physical range of the network.

Why this answer

A hub operates at Layer 1 (Physical) of the OSI model. It receives incoming electrical signals on one port and regenerates (repeats) those signals out to all other ports, effectively extending the physical reach of a network segment. Unlike switches or routers, it performs no frame inspection or forwarding decisions.

Exam trap

CompTIA often tests the distinction between a hub (Layer 1, signal regeneration) and a bridge/switch (Layer 2, frame forwarding), trapping candidates who confuse signal regeneration with MAC-based forwarding.

How to eliminate wrong answers

Option A is wrong because a switch operates at Layer 2 (Data Link) and uses MAC addresses to make forwarding decisions, not simply regenerating electrical signals. Option B is wrong because a router operates at Layer 3 (Network) and forwards packets based on IP addresses, not electrical signal regeneration. Option D is wrong because a bridge operates at Layer 2 (Data Link) and uses MAC addresses to segment collision domains, though it does regenerate signals, it is not a pure Layer 1 device like a hub.

36
MCQeasy

In a network, a collision domain is a network segment where which of the following is true?

A.A: Only one device can transmit at a time to avoid data collisions
B.B: All devices share the same IP subnet
C.C: Broadcast traffic is confined to that segment
D.D: MAC addresses are resolved to IP addresses
AnswerA

This is the definition of a collision domain; collisions occur if two devices transmit simultaneously.

Why this answer

In a collision domain, only one device can transmit at a time because if two or more devices transmit simultaneously, their signals collide, corrupting the data. This is a fundamental characteristic of half-duplex Ethernet segments, such as those using hubs or legacy bus topologies, where the medium is shared and CSMA/CD (Carrier Sense Multiple Access with Collision Detection) is used to manage access.

Exam trap

The trap here is that candidates often confuse collision domains with broadcast domains, mistakenly thinking that confining broadcast traffic or sharing an IP subnet defines a collision domain, when in fact collision domains are strictly about physical-layer contention for the medium.

How to eliminate wrong answers

Option B is wrong because sharing the same IP subnet defines a broadcast domain at Layer 3, not a collision domain, which is a Layer 1/2 concept. Option C is wrong because broadcast traffic being confined to a segment describes a broadcast domain, typically bounded by a router or VLAN, not a collision domain. Option D is wrong because MAC-to-IP address resolution is performed by ARP (Address Resolution Protocol) and is unrelated to collision domains; it operates across broadcast domains.

37
MCQeasy

Which of the following uniquely identifies a hardware network interface on a device?

AnswerA

A MAC address is a 48-bit hardware address assigned to each network interface card (NIC) for local network communications.

Why this answer

A MAC (Media Access Control) address is a hardware-embedded, globally unique identifier assigned to a network interface controller (NIC) by the manufacturer. It operates at Layer 2 (Data Link Layer) of the OSI model and is used for local network communication, ensuring that no two devices on the same broadcast domain have the same MAC address.

Exam trap

The trap here is that candidates often confuse the MAC address with the IP address, thinking the IP address is the hardware identifier, but Cisco tests that the MAC address is the only Layer 2 permanent identifier, while IP addresses are logical and can be reassigned via DHCP or static configuration.

How to eliminate wrong answers

Option B (IP address) is wrong because an IP address is a logical, network-layer (Layer 3) identifier that can change based on the network the device is connected to, and it does not uniquely identify the hardware interface itself. Option C (Subnet mask) is wrong because it is a 32-bit value used to divide an IP address into network and host portions, not an identifier for any interface. Option D (Default gateway) is wrong because it is the IP address of a router that forwards traffic to other networks, not a property of the local device's hardware interface.

38
MCQeasy

Which network topology connects all devices to a central device?

A.Star
B.Mesh
C.Bus
D.Ring
AnswerA

A star topology uses a central device to connect all end devices.

Why this answer

In a star topology, each device connects directly to a central device such as a switch or hub. This central device manages all communication between endpoints, meaning any data sent from one device must pass through the central point before reaching its destination. This design simplifies fault isolation because a single cable failure only affects the connected device, not the entire network.

Exam trap

The trap here is that candidates often confuse a physical star topology with a logical bus topology (e.g., early Ethernet using a hub) and forget that a switch-based star creates a point-to-point logical connection, eliminating the shared medium and collision domain of a bus.

How to eliminate wrong answers

Option B is wrong because a mesh topology connects every device to every other device, either fully or partially, without relying on a single central device; this provides redundancy but increases cabling and complexity. Option C is wrong because a bus topology uses a single shared backbone cable where all devices tap into the same line, and a failure in the backbone can bring down the entire segment. Option D is wrong because a ring topology connects devices in a closed loop where each device has exactly two neighbors, and data travels sequentially around the ring; there is no central device, and a single break can disrupt the entire ring unless a dual-ring or self-healing mechanism (e.g., FDDI) is used.

39
MCQmedium

A network technician is assigned a subnet mask of 255.255.255.248. How many usable host addresses are available in this subnet?

A.A) 6
B.B) 8
C.C) 14
D.D) 30
AnswerA

Correct. /29 gives 8 total addresses minus 2 = 6 usable hosts.

Why this answer

The subnet mask 255.255.255.248 corresponds to a /29 prefix length, which provides 2^(32-29) = 8 total addresses. Subtracting the network address and broadcast address leaves 8 - 2 = 6 usable host addresses.

Exam trap

Cisco often tests the distinction between total addresses and usable host addresses, trapping candidates who forget to subtract the two reserved addresses (network and broadcast) from the total.

How to eliminate wrong answers

Option B is wrong because 8 is the total number of addresses in the subnet, not the number of usable hosts; the usable count excludes the network and broadcast addresses. Option C is wrong because 14 usable hosts would require a /28 mask (255.255.255.240), not a /29. Option D is wrong because 30 usable hosts would require a /27 mask (255.255.255.224), not a /29.

40
MCQmedium

A network technician is configuring a small office network with two subnets: 10.0.1.0/24 and 10.0.2.0/24. Each subnet has its own switch, and both switches are connected to a router with interfaces 10.0.1.1 and 10.0.2.1. Hosts on subnet A can ping the router's interface in their subnet but cannot ping hosts on subnet B. Which of the following is the most likely cause?

A.The router is not configured with a routing protocol.
B.IP routing is disabled on the router.
C.The hosts in subnet A have the wrong default gateway.
D.The switch in subnet A is blocking ICMP traffic.
AnswerB

If IP routing is disabled, the router will not forward packets between its interfaces, preventing inter-subnet communication.

Why this answer

The hosts on subnet A can ping their default gateway (10.0.1.1) but cannot reach hosts on subnet B, which indicates that the router is not forwarding packets between the two directly connected subnets. This behavior is characteristic of a router with IP routing disabled, as the router will not perform inter-VLAN or inter-subnet forwarding unless the 'ip routing' command is enabled globally. Without IP routing, the router acts as a host and will only respond to traffic destined for its own interfaces, dropping any packets that require forwarding to another subnet.

Exam trap

Cisco often tests the distinction between 'routing protocol' and 'IP routing' — candidates mistakenly think a routing protocol is required for directly connected subnets, when in fact the 'ip routing' global command is the fundamental enabler of any Layer 3 forwarding.

How to eliminate wrong answers

Option A is wrong because a routing protocol is unnecessary for forwarding between directly connected subnets; the router can use its connected routes without any dynamic routing protocol. Option C is wrong because the hosts in subnet A can ping their default gateway (10.0.1.1), which proves the default gateway is correctly configured; if it were wrong, they would not be able to reach the router interface. Option D is wrong because the switch in subnet A is a Layer 2 device and does not block ICMP traffic between subnets; ICMP filtering would be applied on the router, not the switch, and the hosts can already ping the router interface, confirming Layer 2 connectivity is fine.

41
MCQhard

A network has a single switch with VLANs 10, 20, and 30 configured. The switch is connected to a router that has three subinterfaces, each in a different VLAN. How many broadcast domains are present?

A.1
B.3
C.4
D.5
AnswerB

Each VLAN (10, 20, 30) creates its own broadcast domain. Router subinterfaces do not combine them.

Why this answer

Each VLAN is a separate Layer 2 broadcast domain. With VLANs 10, 20, and 30 configured on the switch and a router using subinterfaces to route between them, there are exactly three broadcast domains — one per VLAN. Broadcasts are confined to their VLAN and do not cross VLAN boundaries without a Layer 3 device.

Exam trap

The trap here is that candidates often count the router subinterfaces as separate broadcast domains, not realizing that broadcast domains are strictly Layer 2 constructs and that the router only provides inter-VLAN routing without adding new broadcast domains.

How to eliminate wrong answers

Option A is wrong because a single broadcast domain would imply no VLAN segmentation, but the switch has three VLANs configured, each isolating broadcasts. Option C is wrong because four broadcast domains would require an additional VLAN or a separate management VLAN acting as a distinct broadcast domain, which is not described. Option D is wrong because five broadcast domains would require five separate VLANs or a mix of VLANs and routed ports, neither of which is present in the scenario.

42
MCQmedium

Which of the following protocols is used to automatically assign IP addresses to devices on a network and also provides the subnet mask and default gateway?

AnswerB

DHCP provides automatic IP configuration including subnet mask and default gateway.

Why this answer

DHCP (Dynamic Host Configuration Protocol) is the correct answer because it is specifically designed to automatically assign IP addresses to devices on a network, along with essential configuration parameters such as the subnet mask and default gateway. When a DHCP client sends a discover message, the DHCP server responds with an offer that includes these details, allowing the client to fully participate in network communication without manual configuration.

Exam trap

Cisco often tests the distinction between DHCP and DNS, where candidates mistakenly think DNS assigns IP addresses because it 'looks up' information, but DNS only resolves names, not addresses or subnet masks.

How to eliminate wrong answers

Option A (DNS) is wrong because DNS (Domain Name System) resolves human-readable domain names to IP addresses, not assign IP addresses or provide subnet masks and default gateways. Option C (ARP) is wrong because ARP (Address Resolution Protocol) maps IP addresses to MAC addresses on a local network, and does not handle IP address assignment or gateway information. Option D (ICMP) is wrong because ICMP (Internet Control Message Protocol) is used for error reporting and diagnostic functions like ping, not for IP address allocation or configuration.

43
MCQeasy

Which device is used to connect two different network segments and makes forwarding decisions based on IP addresses?

A.Switch
B.Router
C.Hub
D.Bridge
AnswerB

A router forwards packets based on IP addresses, connecting different networks.

Why this answer

A router is the correct device because it operates at Layer 3 (Network layer) of the OSI model and makes forwarding decisions based on destination IP addresses. It connects two different network segments (subnets) and uses routing tables to determine the best path for packet delivery, often employing protocols like OSPF or BGP.

Exam trap

Cisco often tests the distinction between Layer 2 and Layer 3 devices, trapping candidates who confuse a switch's MAC-based forwarding with a router's IP-based forwarding, especially when the question mentions 'different network segments'—a switch can segment collision domains but not broadcast domains, while a router segments broadcast domains.

How to eliminate wrong answers

Option A is wrong because a switch operates at Layer 2 (Data Link layer) and forwards frames based on MAC addresses, not IP addresses, and it typically connects devices within the same network segment. Option C is wrong because a hub is a Layer 1 device that simply repeats electrical signals to all ports without any forwarding logic or address awareness. Option D is wrong because a bridge, while it can connect two network segments, operates at Layer 2 and makes forwarding decisions based on MAC addresses, not IP addresses.

44
MCQeasy

Which of the following best describes the primary function of a subnet mask in IPv4 networking?

A.It identifies which part of an IP address is the network address and which part is the host address
B.It dynamically assigns IP addresses to devices on the network
C.It encrypts data packets to ensure secure communication
D.It specifies the IP address of the router that forwards traffic to other networks
AnswerA

The subnet mask is used to divide the IP address into network and host bits, allowing devices to determine if a destination is on the same local network or requires routing.

Why this answer

The subnet mask is a 32-bit value that separates the IP address into network and host portions through a bitwise AND operation. This allows routers and hosts to determine whether a destination IP is on the same local network or requires forwarding to a default gateway. Without the subnet mask, a device cannot distinguish the network prefix from the host identifier, making routing impossible.

Exam trap

CompTIA often tests the misconception that the subnet mask assigns IP addresses or acts as a gateway, so candidates confuse it with DHCP or the default gateway, especially when questions pair subnet mask with 'dynamic' or 'router' in the answer choices.

How to eliminate wrong answers

Option B is wrong because dynamic IP address assignment is the function of DHCP (Dynamic Host Configuration Protocol), not the subnet mask. Option C is wrong because encryption of data packets is performed by protocols like IPsec, TLS, or SSH, not by the subnet mask. Option D is wrong because the IP address of the router that forwards traffic to other networks is the default gateway, which is a separate configuration parameter, not the subnet mask.

45
MCQhard

A network administrator has configured a switch with four VLANs: VLAN 10, 20, 30, and 99 (native). The switch is connected to a router via an 802.1Q trunk link. The router has subinterfaces for VLANs 10, 20, and 30, each with an IP address. VLAN 99 is used for management and does not have a router subinterface. How many Layer 3 broadcast domains exist in this network?

A.1
B.2
C.3
D.4
AnswerD

Correct. Each of the four VLANs (10, 20, 30, 99) is a separate broadcast domain, regardless of router subinterface configuration.

Why this answer

Each VLAN is a separate Layer 2 broadcast domain, and a router subinterface provides the default gateway for that VLAN, creating a corresponding Layer 3 broadcast domain. VLAN 99 (native) has no router subinterface, so it does not have a Layer 3 broadcast domain. Therefore, only VLANs 10, 20, and 30 have Layer 3 broadcast domains, totaling 3.

Exam trap

CompTIA often tests the distinction between Layer 2 broadcast domains (one per VLAN) and Layer 3 broadcast domains (one per routed subnet), leading candidates to incorrectly count all VLANs as Layer 3 domains even when a native VLAN lacks a subinterface.

How to eliminate wrong answers

Option A is wrong because it assumes all VLANs share a single Layer 3 broadcast domain, which would only be true if no routing occurred (e.g., a flat Layer 2 network). Option B is wrong because it suggests only two VLANs are routed, ignoring the third subinterface. Option D is wrong because it counts VLAN 99 as a Layer 3 broadcast domain, but without a router subinterface, VLAN 99 remains purely Layer 2 and does not participate in Layer 3 forwarding.

46
MCQhard

A network engineer configures OSPF on two routers with a primary link (1 Gbps) and a backup link (100 Mbps). The engineer expects traffic to always use the primary link unless it fails, but the router is sending traffic over the backup link. What is the most likely cause?

A.A
B.B
C.C
D.D
AnswerB

If the primary link's cost is higher (e.g., due to a misconfigured interface bandwidth), OSPF will choose the lower-cost backup link.

Why this answer

OSPF uses cost to determine the best path, calculated as 10^8 / interface bandwidth. A 1 Gbps link has a cost of 1 (100,000,000 / 1,000,000,000), while a 100 Mbps link has a cost of 1 (100,000,000 / 100,000,000). Since both costs are equal, OSPF will load-balance traffic across both links instead of preferring the primary link, which is why traffic is seen on the backup link.

Exam trap

CompTIA often tests the misconception that OSPF prefers higher bandwidth links automatically, but the trap is that OSPF's default cost calculation makes any link at 100 Mbps or faster have the same cost of 1, causing equal-cost multipath (ECMP) instead of primary/backup behavior.

How to eliminate wrong answers

Option A is wrong because OSPF does not use hop count; it uses cost based on bandwidth. Option C is wrong because OSPF does not have a native 'primary' or 'backup' designation; it relies on cost metrics, and equal costs cause ECMP. Option D is wrong because OSPF does not use a hold-down timer for path selection; that is a concept from distance-vector protocols like RIP or EIGRP.

47
MCQeasy

At which layer of the OSI model does end-to-end communication and data segmentation occur?

A.Session layer
B.Transport layer
C.Network layer
D.Data link layer
AnswerB

The Transport layer segments data, provides reliability (TCP) or fast delivery (UDP), and handles end-to-end communication. Examples: TCP and UDP.

Why this answer

The transport layer (Layer 4) is responsible for end-to-end communication between source and destination hosts, as well as data segmentation and reassembly. Protocols such as TCP and UDP operate at this layer, with TCP providing reliable, connection-oriented service by segmenting data into segments and managing flow control and error recovery.

Exam trap

The trap here is that candidates confuse the transport layer's end-to-end communication with the network layer's end-to-end delivery of packets, forgetting that Layer 4 provides logical communication between processes (ports) while Layer 3 provides logical communication between hosts (IP addresses).

How to eliminate wrong answers

Option A is wrong because the session layer (Layer 5) manages dialog control, session establishment, and synchronization, not end-to-end communication or data segmentation. Option C is wrong because the network layer (Layer 3) handles logical addressing (e.g., IP addresses) and routing between networks, not segmentation of data into segments. Option D is wrong because the data link layer (Layer 2) deals with framing, MAC addressing, and error detection on a single link, not end-to-end transport or segmentation.

48
MCQeasy

A network device receives a frame on one port and forwards it out to all other ports. The device does not examine the destination MAC address. Which type of device is being described?

A.Switch
B.Hub
C.Bridge
D.Router
AnswerB

Hubs are Layer 1 devices that forward signals to all ports without any intelligence. They do not read MAC addresses.

Why this answer

A hub operates at Layer 1 (physical layer) of the OSI model and simply repeats incoming electrical or optical signals out all other ports without any processing of the frame's destination MAC address. This behavior matches the description exactly: the device receives a frame on one port and forwards it out all other ports without examining the MAC address.

Exam trap

Cisco often tests the distinction between Layer 1 (hub) and Layer 2 (switch/bridge) devices by describing the 'flooding' behavior of a switch when the MAC address is unknown, which can trick candidates into thinking a switch forwards to all ports without examining the MAC address, but a switch always examines the destination MAC address first.

How to eliminate wrong answers

Option A is wrong because a switch examines the destination MAC address in the frame header, uses its MAC address table to make forwarding decisions, and sends the frame only to the specific port associated with that MAC address (or floods only if unknown). Option C is wrong because a bridge, like a switch, operates at Layer 2 and examines the destination MAC address to decide whether to forward or filter the frame based on its bridging table. Option D is wrong because a router operates at Layer 3, examines the destination IP address in the packet header, and forwards packets based on routing table entries, not by blindly repeating frames out all ports.

49
MCQeasy

A network technician is explaining network segmentation to a junior technician. Which of the following devices increases the number of collision domains but does not increase the number of broadcast domains?

A.Hub
B.Switch
C.Router
D.Repeater
AnswerB

A switch creates a separate collision domain for each port but forwards all broadcast frames, so it does not increase broadcast domains.

Why this answer

A switch creates a separate collision domain for each port, so multiple devices can transmit simultaneously without collisions, but it does not segment broadcast domains; all ports remain in the same broadcast domain unless VLANs are configured. This directly matches the question's requirement: increasing collision domains without increasing broadcast domains.

Exam trap

The trap here is that candidates often confuse collision domains with broadcast domains, thinking that a switch reduces both, when in fact it only reduces collision domains while leaving broadcast domains unchanged (unless VLANs are used).

How to eliminate wrong answers

Option A is wrong because a hub operates at Layer 1 and places all connected devices into a single collision domain, so it does not increase the number of collision domains. Option C is wrong because a router operates at Layer 3 and segments both collision and broadcast domains, increasing the number of broadcast domains, which violates the condition. Option D is wrong because a repeater, like a hub, operates at Layer 1 and simply regenerates signals without creating separate collision domains, so it does not increase the number of collision domains.

50
MCQeasy

A network technician is explaining the OSI model to a junior technician. The technician mentions that the Transport layer is responsible for end-to-end communication and data segmentation. Which protocol operates at the Transport layer?

A.IP
B.TCP
C.Ethernet
AnswerB

Correct. TCP operates at the Transport layer (Layer 4) and provides reliable, connection-oriented communication with segmentation and reassembly.

Why this answer

TCP (Transmission Control Protocol) operates at Layer 4 (Transport) of the OSI model, providing reliable, connection-oriented end-to-end communication and data segmentation with sequencing and acknowledgment. It ensures data is delivered error-free and in order, directly fulfilling the described responsibilities.

Exam trap

CompTIA often tests the distinction between TCP and UDP at the Transport layer, but here the trap is that candidates confuse IP (Layer 3) with Transport layer protocols because IP is fundamental to networking, yet it does not perform end-to-end communication or segmentation.

How to eliminate wrong answers

Option A is wrong because IP (Internet Protocol) operates at Layer 3 (Network), not the Transport layer; it handles logical addressing and routing, not end-to-end communication or segmentation. Option C is wrong because Ethernet operates at Layer 2 (Data Link) and Layer 1 (Physical), dealing with frame delivery on a local network segment, not end-to-end transport. Option D is wrong because HTTP (Hypertext Transfer Protocol) operates at Layer 7 (Application), defining how web clients and servers exchange data, not transport-layer functions.

51
MCQeasy

Which of the following is a characteristic of a connectionless protocol at the transport layer?

A.It establishes a session before sending data
B.It guarantees delivery using acknowledgments
C.It does not require a virtual circuit
D.It retransmits lost segments
AnswerC

Connectionless protocols send data independently without setting up a virtual circuit or logical connection.

Why this answer

Connectionless protocols at the transport layer, such as UDP (User Datagram Protocol), do not establish a virtual circuit or session before sending data. Each datagram is sent independently without prior coordination, making the protocol stateless and reducing overhead. This characteristic is fundamental to UDP's design, as defined in RFC 768.

Exam trap

The trap here is that candidates confuse 'connectionless' at the transport layer with 'connectionless' at the network layer (IP), leading them to think that IP's lack of virtual circuits applies to all layers, but the question specifically targets transport-layer behavior where UDP is the key example.

How to eliminate wrong answers

Option A is wrong because establishing a session before sending data is a characteristic of connection-oriented protocols like TCP, which use a three-way handshake to create a virtual circuit. Option B is wrong because guaranteeing delivery using acknowledgments is a feature of TCP, not connectionless protocols; UDP does not provide delivery guarantees. Option D is wrong because retransmitting lost segments is a reliability mechanism of TCP, which uses sequence numbers and acknowledgments to detect and resend lost data; connectionless protocols like UDP do not track or retransmit lost segments.

52
MCQeasy

A network technician is reviewing the OSI model to understand how data is encapsulated when a web request is sent from a client to a server. At which layer does the web browser's HTTP request data get encapsulated with a TCP segment header?

A.Application layer
B.Presentation layer
C.Session layer
D.Transport layer
AnswerD

The Transport layer (Layer 4) takes data from upper layers, segments it, and adds a TCP or UDP header. For HTTP, the TCP segment header is added at this layer.

Why this answer

The Transport layer (Layer 4) is responsible for encapsulating application data with a TCP or UDP segment header. When a web browser sends an HTTP request, the HTTP data is passed down from the Application layer to the Transport layer, where the TCP segment header (including source/destination ports, sequence numbers, and checksum) is added. This encapsulation occurs at Layer 4, not at any higher layer.

Exam trap

The trap here is that candidates often confuse the Application layer (where HTTP data is generated) with the layer where the TCP header is added, mistakenly thinking encapsulation happens at Layer 7 instead of Layer 4.

How to eliminate wrong answers

Option A is wrong because the Application layer (Layer 7) is where the HTTP request data originates, but it does not add a TCP segment header; it only formats the application data. Option B is wrong because the Presentation layer (Layer 6) handles data translation, encryption, and compression (e.g., SSL/TLS handshake), not TCP header encapsulation. Option C is wrong because the Session layer (Layer 5) manages session establishment, maintenance, and termination (e.g., NetBIOS or RPC), but it does not add transport protocol headers.

53
MCQeasy

Which of the following describes the purpose of a default gateway on a host in a TCP/IP network?

A.It translates domain names to IP addresses
B.It assigns IP addresses to devices on the network
C.It forwards traffic from the local network to other networks
D.It filters traffic to prevent unauthorized access
AnswerC

The default gateway is the router that sends packets destined for non-local networks to the appropriate path.

Why this answer

The default gateway is the router interface on the local subnet that a host uses to send packets destined for IP addresses outside its own network. When a host determines that the destination IP is not in its local subnet (via its subnet mask), it forwards the frame to the default gateway's MAC address, which then routes the packet toward the remote network. Without a default gateway, a host can only communicate with devices on the same local broadcast domain.

Exam trap

The trap here is that candidates confuse the default gateway with a DNS server or DHCP server, because all three are often configured on the same router in small networks, but the exam specifically tests the Layer 3 forwarding role of the default gateway.

How to eliminate wrong answers

Option A is wrong because translating domain names to IP addresses is the function of a DNS server, not a default gateway; the default gateway operates at Layer 3 (routing) while DNS operates at the application layer. Option B is wrong because assigning IP addresses to devices is typically done by a DHCP server, which may run on a router but is not the purpose of the default gateway itself; the default gateway's role is purely forwarding traffic between networks.

54
MCQmedium

A client and server are establishing a TCP connection. The client sends a SYN segment to the server. The server responds with a SYN-ACK segment. What is the next segment in the handshake?

A.ACK
B.RST
C.FIN
D.SYN
AnswerA

The final acknowledgment (ACK) confirms the server's SYN-ACK and completes the handshake.

Why this answer

The TCP three-way handshake requires the client to acknowledge the server's SYN-ACK by sending an ACK segment. This completes the handshake, establishing a full-duplex connection with synchronized sequence numbers. Without this final ACK, the server remains in a half-open state, unable to begin data transmission.

Exam trap

Cisco often tests the misconception that the handshake ends after the SYN-ACK, or that a FIN or RST could be used to complete the handshake, when in fact the final ACK is mandatory to transition the server's state from SYN-RECEIVED to ESTABLISHED.

How to eliminate wrong answers

Option B (RST) is wrong because a reset segment is used to abort a connection or reject a connection attempt, not to complete a successful handshake; sending an RST here would terminate the process prematurely. Option C (FIN) is wrong because a FIN segment is used to gracefully close an established connection, not to complete the initial handshake; sending a FIN at this stage would indicate an immediate desire to close a connection that hasn't even been fully opened yet.

55
MCQeasy

Which of the following describes a unicast transmission?

A.One-to-one communication
B.One-to-many communication
C.One-to-all communication
D.Many-to-many communication
AnswerA

Unicast delivers data to a single destination host.

Why this answer

Unicast transmission is defined as one-to-one communication where a single source sends data to a single destination. In IPv4 networking, this is the standard method for most client-server interactions, such as a host sending an HTTP request to a web server. The destination MAC address in the Ethernet frame is the unique address of the target device, ensuring only that device processes the frame.

Exam trap

The trap here is that candidates often confuse unicast with multicast because both involve a single source, but they forget that unicast is strictly one-to-one, while multicast is one-to-many to a subscribed group.

How to eliminate wrong answers

Option B is wrong because one-to-many communication describes multicast transmission, where a single source sends data to a specific group of interested receivers (e.g., using IGMP and multicast IP addresses in the 224.0.0.0/4 range). Option C is wrong because one-to-all communication describes broadcast transmission, where a single source sends data to every device on the network segment (e.g., using the broadcast MAC address FF:FF:FF:FF:FF:FF or the IPv4 broadcast address 255.255.255.255).

56
MCQmedium

A network engineer is designing a subnet to accommodate 50 devices in a single broadcast domain. The engineer uses a /26 subnet mask. How many usable host addresses are available?

A.30
B.62
C.126
D.254
AnswerB

Correct. /26 provides 62 usable addresses, enough for 50 devices with room for growth.

Why this answer

A /26 subnet mask provides 2^(32-26) = 64 total addresses. Subtracting the network and broadcast addresses leaves 62 usable host addresses. This is sufficient for 50 devices in a single broadcast domain.

Exam trap

The trap here is that candidates often forget to subtract the network and broadcast addresses, or they confuse the total addresses (64) with usable addresses (62), leading them to pick 64 or misapply the formula for a different prefix length.

How to eliminate wrong answers

Option A is wrong because it corresponds to a /27 subnet mask (32 total addresses, 30 usable), not a /26. Option C is wrong because it corresponds to a /25 subnet mask (128 total addresses, 126 usable). Option D is wrong because it corresponds to a /24 subnet mask (256 total addresses, 254 usable).

57
MCQhard

An engineer is configuring a network and needs to understand the default behavior of an IPv6 node. When an IPv6 interface is initialized, which type of address is automatically assigned without any configuration server?

A.Global unicast address
B.Unique local address
D.Multicast address
AnswerC

Link-local addresses (fe80::/10) are automatically created when an IPv6 interface is enabled, using methods like EUI-64 or privacy extensions.

Why this answer

When an IPv6 interface is initialized, it automatically generates a link-local address (fe80::/10) using Stateless Address Autoconfiguration (SLAAC) without requiring any external server (e.g., DHCPv6). This address is mandatory for neighbor discovery and other link-local communication, allowing the node to operate on the local network segment immediately.

Exam trap

Cisco often tests the misconception that a global unicast address is automatically assigned, but the trap here is that only the link-local address is generated by default, while global and unique local addresses require additional configuration or router presence.

How to eliminate wrong answers

Option A is wrong because a global unicast address (2000::/3) requires either manual configuration or SLAAC with a router advertisement (RA) from a router; it is not automatically assigned upon interface initialization. Option B is wrong because a unique local address (fc00::/7) is designed for private, site-local communication and must be manually configured or assigned via DHCPv6; it is not auto-generated by default.

58
MCQmedium

A network engineer is reviewing RFC 1918 address ranges to plan a private IP addressing scheme. Which of the following IP addresses falls within the private address space for Class A?

A.172.16.0.1
B.192.168.1.1
C.10.10.10.1
D.172.32.0.1
AnswerC

10.10.10.1 falls within the 10.0.0.0/8 block, which is the Class A private address space defined in RFC 1918.

Why this answer

Option C is correct because RFC 1918 defines the Class A private address range as 10.0.0.0/8, which includes all addresses from 10.0.0.0 to 10.255.255.255. 10.10.10.1 falls within this range, making it a valid private IP address for internal network use.

Exam trap

The trap here is that candidates often confuse the Class B private range (172.16.0.0/12) with any 172.x.x.x address, forgetting that only 172.16.0.0 through 172.31.255.255 are private, while 172.32.0.0 and above are public.

How to eliminate wrong answers

Option A is wrong because 172.16.0.1 belongs to the Class B private range (172.16.0.0/12), not Class A. Option B is wrong because 192.168.1.1 belongs to the Class C private range (192.168.0.0/16), not Class A. Option D is wrong because 172.32.0.1 is outside the RFC 1918 private address space; the Class B private range is 172.16.0.0/12 (172.16.0.0 through 172.31.255.255), and 172.32.0.1 is a public IP address.

59
MCQeasy

A network engineer wants to segment a LAN into multiple broadcast domains without purchasing additional hardware. Which of the following technologies should be implemented?

A.Subnetting
B.VLANs
C.VPN
D.NAT
AnswerB

VLANs allow a single switch to support multiple broadcast domains, each isolated at Layer 2.

Why this answer

VLANs (Virtual Local Area Networks) allow a network engineer to logically segment a single physical LAN switch into multiple isolated broadcast domains without purchasing additional hardware. By assigning switch ports to different VLAN IDs, broadcast traffic is confined to ports within the same VLAN, effectively creating separate Layer 2 networks on the same switch infrastructure.

Exam trap

CompTIA often tests the misconception that subnetting alone can segment broadcast domains, but subnetting only divides IP address space; without VLANs, all devices on the same switch remain in one broadcast domain at Layer 2.

How to eliminate wrong answers

Option A (Subnetting) is wrong because subnetting operates at Layer 3 (IP) and divides a network into smaller IP ranges, but it does not create separate broadcast domains at Layer 2; without VLANs, all devices on the same physical switch still share a single broadcast domain regardless of subnet. Option C (VPN) is wrong because VPNs create encrypted tunnels over public networks for remote connectivity, not for segmenting a local LAN into multiple broadcast domains. Option D (NAT) is wrong because NAT translates private IP addresses to public ones for internet access and has no role in creating broadcast domains on a LAN.

60
Drag & Dropmedium

Drag and drop the steps to configure a static route on a Cisco IOS router into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Static routes require global config mode and must specify the destination network, subnet mask, and next-hop address or exit interface.

61
MCQmedium

A network engineer is configuring IPv6 on a router interface. Which of the following is a valid global unicast IPv6 address?

A.fe80::1
B.2001:db8::1
C.ff02::1
D.::1
AnswerB

2001:db8::/32 is reserved for documentation and examples, but it is within the global unicast range (2000::/3) and is a valid global unicast address.

Why this answer

2001:db8::1 is a valid global unicast IPv6 address because it falls within the 2000::/3 range defined by RFC 4291 for global unicast addresses. The address is routable on the public internet, making it suitable for global communication.

Exam trap

The trap here is that candidates often confuse link-local addresses (fe80::/10) with global unicast addresses, or they mistakenly think multicast addresses (ff00::/8) are unicast, because all three start with 'f' but have different scopes and purposes.

How to eliminate wrong answers

Option A is wrong because fe80::1 is a link-local unicast address (fe80::/10), which is only valid on a single link and cannot be routed. Option C is wrong because ff02::1 is a multicast address (ff00::/8), specifically the all-nodes link-local multicast group, and is not a unicast address.

62
MCQeasy

At which layer of the OSI model does the conversion of data frames into electrical signals for transmission occur?

A.Layer 1 (Physical)
B.Layer 2 (Data Link)
C.Layer 3 (Network)
D.Layer 4 (Transport)
AnswerA

The Physical layer defines the electrical, mechanical, and procedural characteristics for transmitting bits over a medium.

Why this answer

Layer 1 (Physical) is responsible for the actual transmission of raw bits over a physical medium. This includes converting data frames received from Layer 2 into electrical signals (e.g., voltage levels on copper), light pulses (fiber optic), or radio waves (wireless). The Physical layer defines the hardware specifications, such as connectors, cable types, and signaling methods like Manchester encoding or NRZ.

Exam trap

The trap here is that candidates often confuse the Data Link layer's role in 'framing' with the actual physical transmission, leading them to select Layer 2 when the question specifically asks about conversion to electrical signals.

How to eliminate wrong answers

Option B (Layer 2, Data Link) is wrong because the Data Link layer handles framing, MAC addressing, and error detection (e.g., CRC), but it does not perform the conversion of frames into electrical signals; it passes frames down to the Physical layer for that conversion. Option C (Layer 3, Network) is wrong because the Network layer is responsible for logical addressing (e.g., IP addresses) and routing decisions, not for the physical transmission of bits or signal generation.

63
MCQeasy

Which of the following is a characteristic of a Layer 2 network switch?

A.Makes forwarding decisions based on IP addresses
B.Uses MAC addresses to make forwarding decisions
C.Can route traffic between different VLANs without a router
D.Provides Network Address Translation (NAT)
AnswerB

Layer 2 switches use MAC address tables to forward frames to the correct port based on the destination MAC address.

Why this answer

A Layer 2 network switch operates at the Data Link layer of the OSI model and uses MAC addresses to make forwarding decisions. It examines the destination MAC address in an Ethernet frame and consults its MAC address table to determine the appropriate port to forward the frame, enabling efficient local area network communication.

Exam trap

Cisco often tests the distinction between Layer 2 and Layer 3 functionality, and the trap here is that candidates may confuse a switch's ability to segment VLANs with the ability to route between them, forgetting that routing requires a Layer 3 device or process.

How to eliminate wrong answers

Option A is wrong because Layer 2 switches do not use IP addresses for forwarding decisions; that is a function of Layer 3 devices like routers. Option C is wrong because switches cannot route traffic between different VLANs without a Layer 3 device such as a router or a multilayer switch with routing enabled; inter-VLAN routing requires IP-based forwarding. Option D is wrong because Network Address Translation (NAT) is a Layer 3 function typically performed by routers or firewalls, not by Layer 2 switches.

64
MCQeasy

A network device receives a frame and forwards it based on the destination MAC address. The device does not modify the frame and only floods unknown unicast frames. At which layer of the OSI model does this device operate?

A.Layer 1
B.Layer 2
C.Layer 3
D.Layer 4
AnswerB

This describes a switch, which operates at the Data Link layer (Layer 2). It uses MAC addresses to forward frames and floods unknown unicast frames.

Why this answer

This device operates at Layer 2 (Data Link Layer) because it forwards frames based on the destination MAC address, does not modify the frame, and floods unknown unicast frames. These behaviors are characteristic of a transparent bridge or switch, which uses a MAC address table to make forwarding decisions without examining IP addresses or modifying the frame. Layer 2 devices do not perform routing or alter the frame's content, distinguishing them from Layer 3 routers.

Exam trap

Cisco often tests the distinction between Layer 2 switching and Layer 3 routing by describing a device that forwards based on MAC addresses but does not modify frames, leading candidates to mistakenly think of a router (Layer 3) because they associate 'forwarding' with routing, when in fact the key clue is the lack of frame modification and the flooding of unknown unicasts.

How to eliminate wrong answers

Option A is wrong because Layer 1 devices (e.g., hubs, repeaters) operate solely on electrical or optical signals, do not read MAC addresses, and forward all frames out all ports except the incoming port without any filtering or learning. Option C is wrong because Layer 3 devices (e.g., routers) forward packets based on destination IP addresses, modify the frame by decrementing the TTL and recalculating the checksum, and do not flood unknown unicast frames in the same manner—they use routing tables and ARP for next-hop resolution.

65
MCQeasy

A network administrator needs to ensure that data sent from a host arrives at the correct destination on a different network. Which of the following provides the logical address used for this purpose in IPv4?

B.IP address
C.Port number
AnswerB

IP addresses are hierarchical and routable, allowing packets to be forwarded across multiple networks to the destination.

Why this answer

In IPv4, the logical address used to route data between different networks is the IP address. The IP address contains a network portion that routers use to forward packets across network boundaries, ensuring the data reaches the correct destination network and host.

Exam trap

Cisco often tests the distinction between Layer 2 (MAC) and Layer 3 (IP) addressing, trapping candidates who confuse local delivery with inter-network routing.

How to eliminate wrong answers

Option A is wrong because a MAC address is a hardware address used for local delivery within the same network segment (Layer 2), not for routing between different networks. Option C is wrong because a port number identifies a specific application or service on a host (Layer 4), not the destination network or host for inter-network communication.

66
MCQeasy

A network engineer needs to transfer a large database file from one server to another across a WAN link. The transfer must be reliable and guarantee that the data arrives without errors. Which transport layer protocol should the engineer use?

A.UDP
B.IP
C.TCP
AnswerC

TCP provides reliable, ordered delivery of data with error checking and retransmission. It is the correct choice for file transfers where data integrity is critical.

Why this answer

TCP (Transmission Control Protocol) is the correct choice because it provides reliable, connection-oriented data transfer with error checking, retransmission of lost packets, and in-order delivery. For a large database file transfer across a WAN link, TCP ensures the data arrives completely and without errors, which is essential for database integrity.

Exam trap

The trap here is that candidates often confuse UDP with reliability because they associate it with 'fast' transfers, but Cisco tests the fundamental distinction that only TCP provides guaranteed, error-free delivery at the transport layer.

How to eliminate wrong answers

Option A is wrong because UDP (User Datagram Protocol) is a connectionless, unreliable protocol that does not guarantee delivery, order, or error recovery; it is suitable for real-time applications like streaming or VoIP where occasional packet loss is acceptable. Option B is wrong because IP (Internet Protocol) operates at the network layer (Layer 3), not the transport layer; it handles addressing and routing but provides no reliability or error checking for the data payload.

67
MCQmedium

A network technician is explaining the concept of encapsulation to a junior technician. At which OSI layer does a packet get encapsulated with a source and destination IP address?

A.Layer 2
B.Layer 3
C.Layer 4
D.Layer 1
AnswerB

The network layer (Layer 3) adds the IP header containing source and destination IP addresses. This is where logical addressing occurs, enabling routing across networks.

Why this answer

At Layer 3 (the Network layer), the packet is encapsulated with a source and destination IP address. This is defined by the Internet Protocol (IP), which handles logical addressing and routing across networks. The IP header is added to the payload from the upper layers, creating a packet that can be forwarded by routers.

Exam trap

The trap here is that candidates often confuse Layer 2 MAC addressing with Layer 3 IP addressing, mistakenly thinking the packet is encapsulated with IP addresses at the Data Link layer, but encapsulation with IP addresses occurs strictly at the Network layer.

How to eliminate wrong answers

Option A is wrong because Layer 2 (Data Link layer) encapsulates frames with MAC addresses, not IP addresses, using protocols like Ethernet or PPP. Option C is wrong because Layer 4 (Transport layer) encapsulates segments with port numbers and sequence numbers (e.g., TCP or UDP headers), not IP addresses. Option D is wrong because Layer 1 (Physical layer) deals with raw bit transmission over media, such as electrical signals or light pulses, and does not perform encapsulation.

68
MCQeasy

Which of the following IPv6 addresses is a link-local address?

A.2001:db8::1
B.fe80::1
C.ff02::1
D.2000::/3
AnswerB

Addresses starting with fe80: are link-local and are used for communication on the same link (e.g., Neighbor Discovery).

Why this answer

Option B (fe80::1) is correct because IPv6 link-local addresses always begin with the prefix fe80::/10, as defined in RFC 4291. These addresses are automatically assigned to every IPv6-enabled interface and are only valid on a single link (subnet), never routed. The address fe80::1 is a common example of a link-local address.

Exam trap

Cisco often tests the distinction between the link-local prefix (fe80::/10) and the multicast prefix (ff00::/8), so candidates may confuse ff02::1 (all-nodes multicast) with a link-local unicast address.

How to eliminate wrong answers

Option A is wrong because 2001:db8::1 is a global unicast address from the documentation prefix (2001:db8::/32) reserved for examples and documentation, not a link-local address. Option C is wrong because ff02::1 is a multicast address (prefix ff00::/8) specifically the all-nodes link-local multicast group, not a unicast link-local address.

69
MCQmedium

A network administrator wants to segment the network into multiple virtual LANs to reduce broadcast traffic. Which device is required to route traffic between these VLANs?

A.Layer 2 switch
B.Router or Layer 3 switch
C.Bridge
D.Hub
AnswerB

Both routers and Layer 3 switches can route traffic between VLANs by processing IP packets.

Why this answer

VLANs operate at Layer 2, isolating broadcast domains. To route traffic between different VLANs, a device that can forward packets based on Layer 3 IP addresses is required. A router or a Layer 3 switch (which performs hardware-based routing using ASICs) provides the necessary inter-VLAN routing functionality.

Exam trap

CompTIA often tests the misconception that a Layer 2 switch alone can route between VLANs if it supports VLAN tagging (802.1Q), but the switch must have Layer 3 routing capabilities (either as a Layer 3 switch or with an external router) to actually forward traffic between VLANs.

How to eliminate wrong answers

Option A is wrong because a Layer 2 switch forwards frames based on MAC addresses and cannot perform IP routing; it would require an external router or a Layer 3 switch to route between VLANs. Option C is wrong because a bridge operates at Layer 2, connecting two network segments and forwarding frames based on MAC addresses, with no capability for IP routing between VLANs. Option D is wrong because a hub is a physical-layer device that simply repeats electrical signals on all ports, offering no segmentation or routing capabilities at all.

70
MCQmedium

Which of the following is a characteristic of UDP when compared to TCP?

A.A) UDP uses sequence numbers for ordering
B.B) UDP provides reliable data delivery
C.C) UDP has lower overhead due to minimal header
D.D) UDP requires a three-way handshake to establish a connection
AnswerC

Correct. UDP has a smaller header (8 bytes) compared to TCP (20 bytes) and no connection setup, resulting in lower overhead.

Why this answer

UDP (User Datagram Protocol) has a minimal 8-byte header compared to TCP's 20-byte header, resulting in lower overhead and faster transmission. Unlike TCP, UDP does not provide reliability, flow control, or error recovery, making it ideal for real-time applications like VoIP or video streaming where speed is prioritized over guaranteed delivery.

Exam trap

The trap here is that candidates often confuse UDP's lack of reliability with it being 'unusable' or 'broken,' but the exam tests that UDP's lower overhead is a deliberate design choice for performance-sensitive applications where occasional packet loss is acceptable.

How to eliminate wrong answers

Option A is wrong because UDP does not use sequence numbers; sequence numbers are a TCP feature used for ordering and reassembly of segments. Option B is wrong because UDP is connectionless and does not provide reliable data delivery; reliability is a TCP characteristic achieved through acknowledgments and retransmissions. Option D is wrong because UDP does not require a three-way handshake; the three-way handshake is a TCP mechanism used to establish a connection before data transfer.

71
MCQeasy

Which of the following network devices operates at Layer 1 of the OSI model and forwards all incoming electrical signals to all of its ports?

A.Router
B.Switch
C.Hub
D.Bridge
AnswerC

A hub is a Layer 1 device that repeats all incoming signals to all ports without any intelligence or filtering.

Why this answer

A hub operates at Layer 1 (Physical layer) of the OSI model and is a multiport repeater. It regenerates and forwards every incoming electrical signal out of all ports except the incoming port, regardless of the intended destination, because it has no intelligence to process MAC addresses or frames.

Exam trap

Cisco often tests the distinction between a hub and a switch, where candidates mistakenly think a switch forwards all incoming traffic to all ports (like a hub) because they confuse broadcast traffic with general forwarding behavior.

How to eliminate wrong answers

Option A is wrong because a router operates at Layer 3 (Network layer) and forwards packets based on IP addresses, not electrical signals; it does not blindly forward signals to all ports. Option B is wrong because a switch operates at Layer 2 (Data Link layer) and forwards frames based on MAC addresses, using a MAC address table to selectively forward traffic only to the specific destination port, not to all ports.

72
MCQeasy

At which layer of the OSI model does a switch that uses MAC addresses to forward frames operate?

A.Layer 1
B.Layer 2
C.Layer 3
D.Layer 4
AnswerB

Layer 2 (Data Link layer) uses MAC addresses to switch frames within a network segment.

Why this answer

A switch that uses MAC addresses to forward frames operates at Layer 2 (Data Link layer) of the OSI model. Layer 2 is responsible for node-to-node data transfer and error detection, using MAC addresses as the addressing scheme. The switch builds a MAC address table by learning source MAC addresses from incoming frames and then forwards frames based on the destination MAC address, making forwarding decisions at this layer.

Exam trap

The trap here is that candidates often confuse a switch's MAC address-based forwarding with a router's IP-based forwarding, mistakenly selecting Layer 3, or they think of a hub's operation at Layer 1 and incorrectly apply that to a switch.

How to eliminate wrong answers

Option A is wrong because Layer 1 (Physical layer) deals with the physical transmission of raw bits over a medium, such as electrical signals, light, or radio waves, and does not interpret MAC addresses or frames. Option C is wrong because Layer 3 (Network layer) uses logical IP addresses for routing packets between networks, not MAC addresses for forwarding frames within a local network. Option D is wrong because Layer 4 (Transport layer) manages end-to-end communication, segmentation, and flow control using protocols like TCP and UDP, and does not involve MAC address-based forwarding.

73
MCQeasy

Which of the following best describes the function of a default gateway?

A.It translates private IP addresses to public IP addresses.
B.It provides DHCP services to clients.
C.It routes packets from a local subnet to destinations on other networks.
D.It performs DNS resolution for network clients.
AnswerC

This is the fundamental purpose of a default gateway.

Why this answer

The default gateway is a router or Layer 3 device on a local subnet that serves as the next-hop IP address for packets destined to networks outside the local subnet. When a host determines that the destination IP is not on the same subnet (using its subnet mask), it forwards the packet to the default gateway's MAC address via ARP, which then routes the packet toward the remote network. Without a correctly configured default gateway, a host can only communicate within its own subnet.

Exam trap

Cisco often tests the misconception that the default gateway performs NAT or DHCP, but the trap here is that candidates confuse the default gateway's routing role with other common router functions like NAT or DHCP services.

How to eliminate wrong answers

Option A is wrong because translating private IP addresses to public IP addresses is the function of Network Address Translation (NAT), typically performed by a router or firewall, not the default gateway itself. Option B is wrong because providing DHCP services is the role of a DHCP server, which can be a separate server or a router configured with DHCP services, but it is not the primary or defining function of a default gateway.

74
MCQmedium

A network engineer is designing a network and needs to ensure that broadcast traffic is contained within a single broadcast domain. Which of the following devices should be used to create these separate broadcast domains?

A.Hub
B.Bridge
C.Switch
D.Router
AnswerD

A router operates at Layer 3 and does not forward Layer 2 broadcasts, thus separating broadcast domains per interface.

Why this answer

A router operates at Layer 3 of the OSI model and does not forward broadcast frames by default, making it the correct device to segment a network into separate broadcast domains. Each interface on a router creates a distinct broadcast domain, ensuring that broadcast traffic is contained within that interface's subnet.

Exam trap

Cisco often tests the misconception that a switch creates separate broadcast domains, but a switch only separates collision domains; without VLANs, all ports on a switch belong to the same broadcast domain.

How to eliminate wrong answers

Option A is wrong because a hub is a Layer 1 device that simply repeats electrical signals out all ports, so it cannot isolate broadcast traffic; all connected devices share the same collision and broadcast domain. Option B is wrong because a bridge is a Layer 2 device that forwards frames based on MAC addresses but still forwards broadcasts out all ports except the receiving port, so it does not create separate broadcast domains. Option C is wrong because a switch is also a Layer 2 device; while it segments collision domains per port, it still floods broadcast frames to all ports within the same VLAN, meaning a single switch (or multiple switches in the same VLAN) constitutes one broadcast domain unless VLANs are configured.

75
MCQeasy

Which of the following IP addresses is a private IP address as defined by RFC 1918?

A.169.254.1.1
B.172.32.1.1
C.192.168.1.1
D.172.15.1.1
AnswerC

192.168.1.1 belongs to the 192.168.0.0/16 private address range, commonly used in home and small business networks.

Why this answer

Option C (192.168.1.1) is correct because RFC 1918 reserves the 192.168.0.0/16 block (192.168.0.0 – 192.168.255.255) for private use within local networks. This address is not routable on the public internet, making it suitable for internal LAN addressing.

Exam trap

The trap here is that candidates often remember 172.x.x.x as private but forget the specific range (172.16.0.0/12), leading them to select 172.32.1.1 or 172.15.1.1, both of which are public addresses.

How to eliminate wrong answers

Option A is wrong because 169.254.1.1 falls within the 169.254.0.0/16 range, which is reserved for Automatic Private IP Addressing (APIPA) used when a DHCP server is unreachable, not for private addressing per RFC 1918. Option B is wrong because 172.32.1.1 is in the 172.32.0.0/16 range, which is outside the RFC 1918 private block 172.16.0.0/12 (172.16.0.0 – 172.31.255.255); addresses like 172.32.x.x are public or non-private. Option D is wrong because 172.15.1.1 is in the 172.15.0.0/16 range, which is below the RFC 1918 private block 172.16.0.0/12 and is a public IP address.

Page 1 of 2 · 104 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Networking Concepts questions.