CCNA ICND1 Certification

Which of the following does NOT describe TCP?

Options are :

  • Does not guarantee delivery of segments
  • Performs error detection and recovery
  • Performs "windowing"
  • Is considered "connection-oriented"
  • Operates at Layer 4 of the OSI networking model
  • Operates at the Transport layer of the OSI networking model

Answer : Does not guarantee delivery of segments

Explanation One of the things we love about TCP is that it guarantees delivery of segments. In addition, TCP does perform error detection and recovery, it performs windowing, and it's connection-oriented. It runs at Layer 4 of the OSI model; that layer is named the Transport layer.

Mock : CCNA Cyber Ops - SECOPS # 210-255

Which of the following does NOT describe UDP?   Choose three.

Options are :

  • Guarantees delivery of segments.
  • Performs error detection via "windowing"
  • Is considered "connectionless"
  • Runs at Layer 4 of the OSI networking model
  • Runs at the Network layer of the OSI networking model

Answer : Guarantees delivery of segments. Performs error detection via "windowing" Runs at the Network layer of the OSI networking model

Explanation UDP performs "best-effort" delivery as opposed to guaranteed delivery. Also, UDP doesn't perform error detection, nor does it perform windowing. UDP does run at Layer 4 of the OSI model, which is the Transport layer, not the Network layer.

Which of the following best describes the order of messages in the TCP three-way handshake?

Options are :

  • SYN, SYN/ACK, ACK
  • SYN, ACK, SYN/ACK
  • SYN, SYN/ACK, ACK, FIN
  • SYN, ACK, SYN/ACK, FIN
  • ACK, SYN, FIN
  • SYN, ACK, SYN/ACK, FIN

Answer : SYN, SYN/ACK, ACK

Explanation The TCP three-way handshake: Initiator sends SYN; recipient of SYN sends SYN/ACK back to initiator; initiator sends ACK back to recipient.

Which of the following statements are true regarding error detection and recovery at the Transport layer of the OSI model?   Choose three.

Options are :

  • When the segment recipient sends an ACK back to the host, that ACK contains a sequence number that matches the last segment received by the recipient.
  • When the segment recipient sends an ACK back to the host, that ACK contains a sequence number that matches the next sequence number the recipient expects to see.
  • The cumulative acknowledgement scheme makes error detection and recovery possible.
  • Both TCP and UDP offer error detection and recovery.
  • Only TCP offers error detection and recovery.
  • Only UDP offers error detection and recovery.

Answer : When the segment recipient sends an ACK back to the host, that ACK contains a sequence number that matches the next sequence number the recipient expects to see. The cumulative acknowledgement scheme makes error detection and recovery possible. Only TCP offers error detection and recovery.

Explanation Only TCP offers error detection and recovery, and it does so via the cumulative acknowledgement scheme. In short, that scheme has the recipient send an ACK back to the sender, identifying the next sequence number it expects to see. If that doesn't match up with the next sequence number the sender was planning on using, the sender knows some segments were lost.

Certification : CCNA Cyber Ops - SECOPS # 210-255

Identify the true statements regarding flow control and windowing at the Transport layer of the OSI model.   Choose three.

Options are :

  • Both TCP and UDP offer these features.
  • Only TCP offers these features.
  • Only UDP offers these features.
  • Flow control allows the data sender to control the speed of the data flow by continually querying the recipient as to whether they can handle a quicker data flow (or not).
  • Flow control allows the data recipient to control the speed of the data flow by telling the sender when to slow down and when to speed up.
  • The size of the window is static and is set on the data sender.
  • The size of the window is static and is set on the data recipient.
  • The size of the window is dynamic and is controlled by the data sender.
  • The size of the window is dynamic and is controlled by the data recipient.

Answer : Only TCP offers these features. Flow control allows the data recipient to control the speed of the data flow by telling the sender when to slow down and when to speed up. The size of the window is dynamic and is controlled by the data recipient.

Explanation A TCP-only feature, flow control allows the data recipient to control how fast the data sender actually sends that data. This is done by the recipient changing the size of the window, a dynamic value that tells the sender how much data it can send before it must receive an ACK from the data recipient.

Test : CCNA Cyber Ops - SECOPS # 210-255

What single word describes the major drawback to using TCP over UDP?

Options are :

  • overhead
  • synchronization
  • handshake
  • transport
  • acknowledgement
  • sequence

Answer : overhead

Explanation TCP has huge overhead when compared to UDP. That's the main reason that UDP is used over TCP, even though TCP has several great features that UDP does not. All of those TCP features come at a cost, and that cost is high overhead.

Which of the following use UDP?  Choose two.

Options are :

  • DHCP, which uses UDP exclusively
  • DNS , which uses both TCP and UDP
  • DNS, which uses UDP exclusively
  • DHCP, which uses both TCP and UDP
  • FTP, which uses UDP exclusively
  • FTP, which uses both TCP and UDP

Answer : DHCP, which uses UDP exclusively DNS , which uses both TCP and UDP

Explanation DNS uses both UDP and TCP at port 53; DHCP uses UDP exclusively at ports 67 and 68 (server and client, respectively). FTP uses only TCP at ports 20 and 21.

Sometimes used in describing TCP and UDP operation, a socket is the combination of what two logical values?

Options are :

  • IP address and port number
  • MAC address and port number
  • Port number and L4 address
  • Port number and L1 address

Answer : IP address and port number

Explanation A "socket" is the combination of an IP address and port number. For example, Telnet traffic at host 10.1.1.1 could be expressed as 10.1.1.1:23. It can also be expressed as (IP address, transport protocol, port number). In that case, this socket would be (10.1.1.1, TCP, 23).

CCNA ICND1 Certification

At what point during the CSMA/CD process can a host transmit?

Options are :

  • After it has listened to the wire and determined no other host is currently sending data.
  • After it listens for and detects a jam signal.
  • Once the "transmit token" has been received.
  • When it is that host's turn, as CSMA/CD operates in a round-robin manner, ensuring every host has the opportunity to transmit.
  • With CSMA/CD, the host can transmit immediately, with no waiting.

Answer : After it has listened to the wire and determined no other host is currently sending data.

Explanation When CSMA/CD is in effect, a host must first listen to the wire to be sure no other host is already transmitting. If no one else is currently sending data, that host can go forward with doing just that.

Identify the true statements regarding "late collisions".    Choose four.

Options are :

  • They're called "late" since they occur only after the 512th bit of a frame is transmitted.
  • Exceeding cable limitations may result in late collisions.
  • Duplex mismatches often result in late collisions.
  • CDP is an excellent tool with which to detect late collisions, as is the output of "show interface".
  • They're referred to as "late" since they happen after the 256th bit of the frame is sent.
  • They cannot be detected by any service available on a Cisco router; a network analyzer of some kind is required.
  • Creation of more than 100 VLANs on the same switch is likely to result in late collisions.

Answer : They're called "late" since they occur only after the 512th bit of a frame is transmitted. Exceeding cable limitations may result in late collisions. Duplex mismatches often result in late collisions. CDP is an excellent tool with which to detect late collisions, as is the output of "show interface".

Explanation The scoop(s) on late collisions: They occur only after the 512th bit of a frame has been sent, they can be caused by exceeding cable limitations or duplex mismatches; CDP will scream at you about duplex mismatches, but you may not have CDP on, so you can also use the output of show interface to see if the late collision ticker is incrementing.

CCNA ICND1 Certification Exam

Which of the following statements are true regarding CSMA/CD?  Choose two.

Options are :

  • Ports running in half-duplex have to be concerned with CSMA/CD, but full-duplex ports do not.
  • The speed of a port does not determine whether a port needs to use CSMA/CD.
  • The "jam signal" indicates that all hosts can send data after listening to the wire.
  • The backoff timer is a non-random value. Set to 2 seconds by default, it can be changed with the switchport csma-cd backoff timer command.

Answer : Ports running in half-duplex have to be concerned with CSMA/CD, but full-duplex ports do not. The speed of a port does not determine whether a port needs to use CSMA/CD.

Explanation Only ports running in half-duplex have to be concerned with CSMA/CD. The speed of the port is immaterial. The jam signal actually indicates that hosts should not transmit, and the backoff timer is a random value (set to milliseconds, too!)

QA : CCNA Cyber Ops - SECOPS # 210-255

Which network device lends itself to a process known as microsegmentation?

Options are :

  • Switch
  • Router
  • Hub
  • Repeater
  • Wireless Router
  • Bridge

Answer : Switch

Explanation "Microsegmentation" is the technical term for "one port, one collision domain". Every port on a switch is its own little collision domain; therefore, collisions literally cannot occur.

What value or protocol does a switch use to dynamically build a MAC address table?

Options are :

  • Source MAC address of incoming packets
  • Destination MAC of incoming packets
  • ARP
  • CDP
  • Source IP address of incoming packet