Download Cisco Certified Network Associate (CCNA) Certification Exam 2025: Complete Study Guide and more Exams Nursing in PDF only on Docsity!
Cisco Certified Network Associate (CCNA)
Certification Exam 2025: Complete Study Guide,
Practice Questions, and Step-by-Step Path to
Become a Network Engineer
Question 1: Which of the following best describes the Presentation layer? a. Establishes, maintains, and manages sessions between applications b. Translates, encrypts, or prepares data from the Application layer for network transmission. - Correct Answer c. Handles routing information for data packets d. Provides the electrical and mechanical transmissions of data e. Handles link control and uses the MAC address on the network interface card (NIC) Rationale:
- b. Translates, encrypts, or prepares data from the Application layer for network transmission: The Presentation layer is responsible for data formatting, encryption, and compression to ensure that data from the Application layer is in a format that can be understood by the receiving application.
- a. Establishes, maintains, and manages sessions between applications: This describes the Session layer.
- c. Handles routing information for data packets: This describes the Network layer.
- d. Provides the electrical and mechanical transmissions of data: This describes the Physical layer.
- e. Handles link control and uses the MAC address on the network interface card (NIC): This describes the Data Link layer. Question 2: Which of the following best describes the Network layer? a. Handles routing information for data packets - Correct Answer
b. Provides the electrical and mechanical transmission of data c. Handles link control and uses MAC address on the NIC d. Establishes, maintains, and manages sessions between applications e. Translates, encrypts, or prepares data from the Application layer for network transmission Rationale:
- a. Handles routing information for data packets: The Network layer is responsible for logical addressing (IP addresses) and routing packets across networks to their destination.
- b. Provides the electrical and mechanical transmission of data: This describes the Physical layer.
- c. Handles link control and uses MAC address on the NIC: This describes the Data Link layer.
- d. Establishes, maintains, and manages sessions between applications: This describes the Session layer.
- e. Translates, encrypts, or prepares data from the Application layer for network transmission: This describes the Presentation layer. Question 3: Which of the following best describes the Session layer? a. Translates, encrypts, or prepares data from the Application layer for network transmission b. Handles routing information for data packets c. Provides the electrical and mechanical transmission of data d. Handles link control and uses MAC address on the NIC e. Establishes, maintains, and manages sessions between applications - Correct Answer Rationale:
- e. Establishes, maintains, and manages sessions between applications: The Session layer is responsible for creating, managing, and terminating connections (sessions) between applications on different hosts.
- a. Translates, encrypts, or prepares data from the Application layer for network transmission: This describes the Presentation layer.
b. Handles link control and uses MAC address on the NIC - Correct Answer c. Establishes, maintains, and manages sessions between applications d. Translates, encrypts, or prepares data from the Application layer for network transmission e. Handles routing information for data packets Rationale:
- b. Handles link control and uses MAC address on the NIC: The Data Link layer is responsible for the reliable transfer of data frames between two directly connected nodes. It uses MAC addresses for physical addressing within a local network.
- a. Provides the electrical and mechanical transmission of data: This describes the Physical layer.
- c. Establishes, maintains, and manages sessions between applications: This describes the Session layer.
- d. Translates, encrypts, or prepares data from the Application layer for network transmission: This describes the Presentation layer.
- e. Handles routing information for data packets: This describes the Network layer. Question 6: Which of the following best describes the Physical layer? a. Establishes, maintains, and manages sessions between applications b. Translates, encrypts, or prepares data from the Application layer for network transmission c. Provides the electrical and mechanical transmission of data - Correct Answer d. Handles link control and uses MAC address on the NIC e. Provides network services to the user Rationale:
- c. Provides the electrical and mechanical transmission of data: The Physical layer is the lowest layer of the OSI model and is responsible for the physical transmission of data bits over a communication medium. It defines electrical and mechanical specifications.
- a. Establishes, maintains, and manages sessions between applications: This describes the Session layer.
- b. Translates, encrypts, or prepares data from the Application layer for network transmission: This describes the Presentation layer.
- d. Handles link control and uses MAC address on the NIC: This describes the Data Link layer.
- e. Provides network services to the user: This describes the Application layer. Question 7: Which of the following best describes the Application layer? a. Establishes, maintains, and manages sessions between applications b. Translates, encrypts, or prepares data from the Application layer for network transmission c. Provides network services to the user - Correct Answer d. Handles routing information for data packets e. Provides the electrical and mechanical transmission of data Rationale:
- c. Provides network services to the user: The Application layer is the highest layer of the OSI model and provides the interface between network applications and the underlying network services. Examples of protocols at this layer include HTTP, FTP, and SMTP.
- a. Establishes, maintains, and manages sessions between applications: This describes the Session layer.
- b. Translates, encrypts, or prepares data from the Application layer for network transmission: This describes the Presentation layer.
- d. Handles routing information for data packets: This describes the Network layer.
- e. Provides the electrical and mechanical transmission of data: This describes the Physical layer. Which of the following accurately describe the Media Access Control (MAC) address? (Choose all that apply)
b. Acknowledgement c. Unreliable - - correct ans- - c. Unreliable Which of the following describes services that receive an acknowledgement from the destination? (Choose all that apply.) a. Datagram b. Reliable c. Connection-oriented d. Connectionless e. Unreliable - - correct ans- - b. Reliable c. Connection-oriented Place the following steps of data encapsulation in their correct descending order: a. Frame headers and trailers added b. Segment header added c. Bit transmission d. Packet creation and network header e. Data conversion - - correct ans- - e. Data conversion b. Segment header added d. Packet creation and network header a. Frame headers and trailers added c. Bit transmission Which of the following correctly defines a WAN?
a. A network contained within a single geographic location and usually connected by a privately maintained medium. b. A network spread over multiple geographic areas and usually connected by publicly and privately maintained media. c. A network spread over a single metropolitan area - - correct ans- - b. A network spread over multiple geographic areas and usually connected by publicly and privately maintained media. Which of the following best describes a LAN? a. A network that is contained in a single geographic area such as a building or floor in a building. b. A countywide network that spans multiple geographic locations. c. A large network that is connected by both publicly and privately maintained cabling spread over multiple geographic regions. - - correct ans- - a. A network that is contained in a single geographic area such as a building or floor in a building. Which of the following reasons for providing a layered OSI architecture are correct? (Choose all that apply.) a. To provide design modularity, which allows upgrades to a specific layer to remain separate from the other layers. b. To simplify the networking model by dividing it into 14 layers and 12 sublayers c. To discourage interoperability between disparate networking models. d. To enable programmers to specialize in a particular layer e. To allow for standardize interfaces from networking vendors. - - correct ans- - a. To provide design modularity, which allows upgrades to a specific layer to remain separate from the other layers. d. To enable programmers to specialize in a particular layer e. To allow for standardize interfaces from networking vendors.
e. Connectors - - correct ans- - a. NIC d. Network media e. Connectors Which of the following are network software? (Choose all that apply.) a. Components that map to the Application layer of the OSI model b. NIC c. NOS d. Media connectors - - correct ans- - a. Components that map to the Application layer of the OSI model c. NOS All networking vendors follow the OSI model and design seven-layer architectures. True or False? a. True b. False - - correct ans- - b. False Communications on a network originate at the _______. a. Destination b. Breaker c. Peak d. Source - - correct ans- - d. Source Transmitted signals are bound for a _______ computer. a. Destination
b. Breaker c. Peak d. Source - - correct ans- - a. Destination Information transmitted on a network is called a(n) _______. a. Package b. Expresser c. Data destination d. Data frame e. E-pack - - correct ans- - d. Data frame Which of the following are layers of the OSI model? (Choose all that apply.) a. OSI b. Physical c. IEEE d. Data Link - - correct ans- - b. Physical d. Data Link Which layer of the OSI model is responsible for media access and packaging data into frames? a. Network layer b. Physical layer c. Data Link layer d. Transport layer - - correct ans- - c. Data Link layer
What is an asset? It is anything that is valuable to an organization. These could be tangible items (people, computers, and so on) or intangible items (intellectual property, database information, contact lists, accounting info). Knowing the assets that you are trying to protect and their value, location, and exposure can help you more effectively determine the time and money to spend securing those assets. Which asset characteristic refers to risk that results from a threat and lack of a countermeasure? a. High availability b. Liability c. Threat prevention d. Vulnerability - - correct ans- - d. Vulnerability A vulnerability is an exploitable weakness in a system or its design. Vulnerabilities can be found in protocols, operating systems, applications, and system designs. Vulnerabilities abound, with more discovered every day. Which three items are the primary network security objectives for a company? a. Revenue generation b. Confidentiality c. Integrity d. Availability - - correct ans- - b. Confidentiality c. Integrity d. Availability Which data classification label is usually not found in a government organization? a. Unclassified b. Classified but not important c. Sensitive but unclassified d. For official use only
e. Secret - - correct ans- - b. Classified but not important Governmental classifications are: Unclassified, Sensitive but unclassified (SBU), Confidential, Secret, and Top secret Private sector classifications are: Public, Sensitive, Private, and Confidential Classification criteria are: Value, Age, Replacement cost, and Useful lifetime Classification roles are : Owner (the group ultimately responsible for the data, usually senior management of a company), Custodian (the group responsible for implementing the policy as dictated by the owner), and User (those who access the data and abide by the rules of acceptable use for the data) Which of the following represents a physical control? a. Change control policy b. Background checks c. Electronic lock d. Access lists - - correct ans- - c. Electronic lock What is the primary motivation for most attacks against networks today? a. Political b. Financial c. Theological d. Curiosity - - correct ans- - b. Financial Which type of an attack involves lying about the source address of a frame or packet? a. Man-in-the-middle attack b. Denial-of-service attack
d. Current patches on servers - - correct ans- - a. Firewall b. IPS c. Access lists d. Current patches on servers In relation to production networks, which of the following are viable options when dealing with risk? (Choose all that apply.) a. Ignore it b. Transfer it c. Mitigate it d. Remove it - - correct ans- - b. Transfer it c. Mitigate it d. Remove it Network security objectives usually involve three basic concepts: CIA "triad". Explain the "C" in Regards to CIA Acronym - - correct ans- - The CIA triad of Confidentiality, Integrity, and Availability is at the heart of information security. Confidentiality: There are two types of data: data in motion as it moves across the network; and data at rest, when data is sitting on storage media (server, local workstation, in the cloud, and so forth). Confidentiality means that only the authorized individuals/ systems can view sensitive or classified information. This also implies that unauthorized individuals should not have any type of access to the data. Regarding data in motion, the primary way to protect that data is to encrypt it before sending it over the network. Another option you can use with encryption is to use separate networks for the transmission of confidential data. Network security objectives usually involve three basic concepts: CIA "triad". Explain the "I" in Regards to CIA Acronym - - correct ans- - Integrity: Integrity for data means that changes made to data are done only by authorized individuals/systems. Corruption of data is a failure to maintain data integrity.
Network security objectives usually involve three basic concepts: CIA "triad". Explain the "A" in Regards to CIA Acronym - - correct ans- - Availability: This applies to systems and to data. If the network or its data is not available to authorized users—perhaps because of a denial-of-service (DoS) attack or maybe because of a general network failure — the impact may be significant to companies and users who rely on that network as a business tool. The failure of a system, to include data, applications, devices, and networks, generally equates to loss of revenue. Threat - - correct ans- - A threat is any potential danger to an asset. If a vulnerability exists but has not yet been exploited or, more importantly, it is not yet publicly known, the threat is latent and not yet realized. If someone is actively launching an attack against your system and successfully accesses something or compromises your security against an asset, the threat is realized. The entity that takes advantage of the vulnerability is known as the malicious actor and the path used by this actor to perform the attack is known as the threat agent or threat vector. Countermeasure - - correct ans- - A countermeasure is a safeguard that somehow mitigates a potential risk. It does so by either reducing or eliminating the vulnerability, or at least reduces the likelihood of the threat agent to actually exploit the risk. For example, you might have an unpatched machine on your network, making it highly vulnerable. If that machine is unplugged from the network and ceases to have any interaction with exchanging data with any other device, you have successfully mitigated all of those vulnerabilities. You have likely rendered that machine no longer an asset, but it is safer. What is "Risk" - - correct ans- - Risk is the potential for unauthorized access to, compromise, destruction, or damage to an asset. If a threat exists, but proper countermeasures and protections are in place (it is your goal to provide this protection), the potential for the threat to be successful is reduced (thus reducing the overall risk). Guidelines for Secure Network Architecture - Explain Separation of Duties - - correct ans- - Separation of duties: When you place specific individuals into specific roles, there can be checks and balances in place regarding the implementation of the security policy. Rotating individuals into different roles periodically will also assist in verifying that vulnerabilities are being addressed, because a person who moves into a new role will be required to review the policies in place.
Which of the following is leveraged in social engineering? a. Software vulnerabilities b. Human nature c. Protocol violations d. Application issues - - correct ans- - b. Human nature Which of the following is not a form of social engineering? a. Phone scams b. Phishing c. Denial of service (DoS) d. Malvertising - - correct ans- - c. Denial of service (DoS) Which of the following is not a valid defense against social engineering? a. Two-factor authentication b. Information classification c. Infrastructure hardening d. Physical security - - correct ans- - c. Infrastructure hardening Which tool provides the most granular information to help in the identification of malware? a. NetFlow b. Syslog c. Packet capture d. Server logs - - correct ans- - c. Packet capture NetFlow provides which of the following? a. Detailed data about each packet on the network b. Troubleshooting messages about the network devices
c. Information on the types of traffic traversing the network d. Network names of routers, end hosts, servers - - correct ans- - c. Information on the types of traffic traversing the network Which of the following is not used for identification of malware on the network? a. NetFlow b. IPS events c. Routing Information Base (RIB) d. Packet captures - - correct ans- - c. Routing Information Base (RIB) or Routing Table is a data table that lists the routes to network destinations, and in some cases, metrics (distances). The Routing Table contains information about the topology of the network. Which type of data is not often attractive to malicious actors? a. Personally identifiable information (PII) b. Training schedules c. Credit and debit card data d. Intellectual property (IP) - - correct ans- - b. Training schedules Phishing - - correct ans- - Phishing elicits secure information through an e-mail message that appears to come from a legitimate source such as a service provider or financial institution. The e-mail message may ask the user to reply with the sensitive data, or to access a website to update information such as a bank account number. Malvertising - - correct ans- - This is the act of incorporating malicious ads on trusted websites, which results in users' browsers being inadvertently redirected to sites hosting malware. Phone Scams - - correct ans- - Phone Scams: It is not uncommon for someone to call up an employee and attempt to convince employees to divulge information about themselves or others within the organization. An example is a miscreant posing as a recruiter asking for names, e-mail addresses, and so on for members of the organization
