PIXNET Logo登入

Johnson峰的部落格

跳到主文

部落格全站分類:數位生活

  • 相簿
  • 部落格
  • 留言
  • 名片
  • 6月 18 週日 201712:50

  • 找出AD網域5大角色主機

sad1
找出AD網域5大角色主機
 
(繼續閱讀...)
文章標籤

Johnson峰 發表在 痞客邦 留言(0) 人氣(28)

  • 個人分類:網路
▲top
  • 1月 30 週六 201622:40

  • CCNA151~200題解析


















CCNA151~200題解析





















( ) 151.What are features of the cut-through switching technology?(choose 2)


               A.Copy an entire frame to its buffer.

               B.Copy a frames destination address to its buffer

               C.Has more latency than store-and-forward switching

               D.Has less latency than store-and-forward switching

               E.no latency


 

151.下列哪兩個選項是直通式交換式技術的特點?

               A.Copy an entire frame to its buffer.
               B.Copy a frames destination address to its buffer
               C.Has more latency than store-and-forward switching
               D.Has less latency than store-and-forward switching
               E.no latency

ANS(B、D)
 
( ) 152.How much speed will a full-duplex 10 Bass T theoretically has?


               A.10 Mbps
               B.20Mbps
               C.185Mbps
               D.100Mbps
               E.200Mbps


 

152.全雙工的10 Bass T 理論上有多少速度?

               A.10 Mbps
               B.20Mbps
               C.185Mbps
               D.100Mbps
               E.200Mbps
 
ANS(B)

 
( ) 153.Which one of followings has a maximum segment lenght of 500 meters?


               A.10 Base 2
               B.10 Base 5
               C.10 Base T
               D.100 Base FX
               E.100 Base T4


 

153.哪一個選項的最大區段長500米?

               A.10 Base 2
               B.10 Base 5
               C.10 Base T
               D.100 Base FX
               E.100 Base T4
 
ANS(B)

 
( ) 154.Which one of followings has a maximum segment lenght of 400 meters?


               A.10 Base T
               B.100 Base T
               C.100 Base T4
               D.100 Base FX


 

154.哪一個選項的最大區段長400米?

               A.10 Base T
               B.100 Base T
               C.100 Base T4
               D.100 Base FX
 
ANS(D)

 
( ) 155.Which are features of the store-and-forward switching technology?(choose 2)



               A.Copy an entire frame to its buffer.

               B.Copy a frames destination address to its buffer

               C.Has more latency than cut-through switching

               D.Has less latency than cut-through switching

               E.no latency at all



 

155.下列哪兩個選項是儲存後轉送交換式技術的特點?

               A.Copy an entire frame to its buffer.
               B.Copy a frames destination address to its buffer
               C.Has more latency than cut-through switching
               D.Has less latency than cut-through switching
               E.no latency at all
 
ANS(A、C)

 
( ) 156.What's the advantage of a virtual local area network(VLAN)?



               A.Use physical location grouping function

               B.Use logical grouping of physical location

               C.Use virtual application to implement LAN

               D.Use physical grouping of logical location



 

156.下列哪個選項是使用VLAN的好處?

               A.Use physical location grouping function
               B.Use logical grouping of physical location
               C.Use virtual application to implement LAN
               D.Use physical grouping of logical location
 
ANS(B)

 
( ) 157.You use a bridge to segment a LAN, your station sends out packs with source and destination address on the same segment, what will the bridge do?



               A.Bridge Broadcast the packets

               B.Bridge drop the packets

               C.Bridge holds the packets

               D.Bridge sends the packets back to source



 

157.你在不同區段的區域網路使用橋接器,當相同區段的來源位址朝目的位址傳送封包時,橋接器會怎麼做?

               A.Bridge Broadcast the packets
               B.Bridge drop the packets
               C.Bridge holds the packets
               D.Bridge sends the packets back to source
 
ANS(B)

 
( ) 158.What are the advantages of Fast Ethernet(choose 3)



               A.Easily upgrade from 10 Base T

               B.lower performance than 10 Base T

               C.Higher performance than 10 Base T

               D.More secure than 10 Base T



               E.Utilize the cable and other hardware
 

158.下列哪三個是高速乙太網路的優點?

               A.Easily upgrade from 10 Base T
               B.lower performance than 10 Base T
               C.Higher performance than 10 Base T
               D.More secure than 10 Base T
               E.Utilize the cable and other hardware
 

ANS(A、C、E)

 
( ) 159.Which one of following will a bridge use to determine the packets should be forward or drop?




               A.IP address

               B.port address

               C.Source MAC address

               D.Destination MAC address

               E.Network address




 

159.橋接器是靠下列哪個選項來決定傳送或是丟棄?

               A.IP address
               B.port address
               C.Source MAC address
               D.Destination MAC address
               E.Network address
 

ANS(D)

 
( ) 160.What are features of the store-and-forward switching method?(choose 3)





               A.Compute the CRC

               B.Discards the giant packs

               C.forward the giant packs

               D.Discard the Erroneous frames

               E.Forward the Erroneous frames





 

160.下列哪三個是使用儲存後轉送交換式技術的特點?

               A.Compute the CRC
               B.Discards the giant packs
               C.forward the giant packs
               D.Discard the Erroneous frames
               E.Forward the Erroneous frames
 

 
ANS(A、B、D)

 
( ) 161.How many bits of a MAC address?






               A.48 bits

               B.32 bits

               C.16 bits

               D.8 bits

               E.64 bits
 






161.請問MAC位只有多少bits?

               A.48 bits
               B.32 bits
               C.16 bits
               D.8 bits
               E.64 bits
 

 
ANS(A)
 

 
( ) 162.What are the benefits of LAN Segmentation?(choose 2)

 





               A.Reduce cost

               B.Reduce the number of user in each collision domain

               C.Increase bandwidth

               D.Increase the number of use in each collision domain

               E.Increase delay
 







 
162.請問切割區域網路的好處是什麼?(選擇2個答案)

               A.Reduce cost
               B.Reduce the number of user in each collision domain
               C.Increase bandwidth
               D.Increase the number of use in each collision domain
               E.Increase delay
 
 

 

ANS(B、C)



 
( ) 163.Which one of following is a switching method with least latency?







               A.IP routing

               B.port redirected

               C.cut-through

               D.store-and-forward
 







163.下列哪一個交換方式是最少的延遲?

               A.IP routing
               B.port redirected
               C.cut-through
               D.store-and-forward
 
ANS(C)

 
( ) 164.How does a switched network determine a bridge's root port?








               A.It has the least path cost to root

               B.It has the greatest path cost to root

               C.It has highest Bridge ID

               D.It has the lowest Bridge ID

               E.none


 







164.請問橋接器如何在交換網路選擇root port?

               A.It has the least path cost to root
               B.It has the greatest path cost to root
               C.It has highest Bridge ID
               D.It has the lowest Bridge ID
               E.none
 
ANS(A)

 
( ) 165.How does a switched network determine a Root bridge?








               A.It has the least path cost to root

               B.It has the greatest path cost to root

               C.It has highest Bridge ID

               D.It has the lowest Bridge ID

               E.none


 







165.請問如何在交換網路選擇根橋接器?

               A.It has the least path cost to root
               B.It has the greatest path cost to root
               C.It has the lowest Bridge ID
               D.It has highest Bridge ID
               E.All Bridge are root bridge
 
ANS(C)

 
( ) 166.Which two of following descriptions are true about LAN switches?








               A.Reduce the contention for media access

               B.It has many high speed ports

               C.Reduce the bandwidth for media access

               D.Use IP address to make the switching decision

               E.Use routing table to make the switching decision


 







166.有關區域網路的交換器敘述哪兩個選項是正確的?

               A.Reduce the contention for media access
               B.It has many high speed ports
               C.Reduce the bandwidth for media access
               D.Use IP address to make the switching decision
               E.Use routing table to make the switching decision
 
ANS(A、B)

 
( ) 167.Which one of following states devices transmit data one way at a time?









               A.Half-Duplex

               B.Full-Duplex

               C.One way Duplex

               D.whole Duplex

               E.One Duplex



 







167.下列哪一樣是在陳述設備同一個時間點只能傳送一方?

               A.Half-Duplex
               B.Full-Duplex
               C.One way Duplex
               D.whole Duplex
               E.One Duplex
 
ANS(A)

 
( ) 168.A LAN switch 10 Base T has 10 ports; How much bandwidth will a port has?










               A.100 Mbps

               B.10 Mbps

               C.1 Mbps

               D.2 Mbps




 







168.在區域網路有一台10 Base T  10 ports的交換器,請問一個port的頻寬有多少?

               A.100 Mbps
               B.10 Mbps
               C.1 Mbps
               D.2 Mbps
 
ANS(B)
 


( ) 169.What are advantages of the Spanning Tree Protocol(STP)?(choose 2)










               A.Reactived the blocking bridge port when connecting port fail

               B.Eliminated the loops

               C.Add loops to increase bandwidth

               D.Cocked the blocking bridge port when connecting port fail




               E.Add loops to eliminate band width
 







169.哪兩個選項是STP的優點?

               A.Reactived the blocking bridge port when connecting port fail
               B.Eliminated the loops
               C.Add loops to increase bandwidth
               D.Cocked the blocking bridge port when connecting port fail
               E.Add loops to eliminate band width
 
ANS(A、B)
 

 
( ) 170.How much efficiency will half-duplex Ethernet utilize on real network enviroment ?

 










               A.20~30 percent

               B.30~40 percent

               C.40~50 percent

               D.50~60 percent

               E.60~70 percent





 







 
170.請問在乙太網路半雙工在實體網路環境有多少效率?

               A.20~30 percent
               B.30~40 percent
               C.40~50 percent
               D.50~60 percent
               E.60~70 percent
 
 

 

ANS(D)



 

( ) 171.A bridge receive packets without destination address, what will the bridge do?

 











               A.Drop Packets

               B.Forward Packets to all ports

               C.Forward Packets to all ports except the receiving port

               D.Do nothing

               E.Forward Packets to the receiving port
 













 
171.橋接器在收到未帶有目的位址的封包後,橋接器將會?


               A.Drop Packets

               B.Forward Packets to all ports

               C.Forward Packets to all ports except the receiving port

               D.Do nothing

               E.Forward Packets to the receiving port

 


 

ANS(C)


 
( ) 172.Which one of following protocol does bridges use to prevent network loops?













               A.loop

               B.STP

               C.ICMP

               D.IP

               E.TCP+UDP


 












172.下列哪一個協定是用來預防橋接器使用時的網路迴圈?




               A.loop

               B.STP

               C.ICMP

               D.IP

               E.TCP+UDP

 




 

ANS(B)

 
( ) 173.What is the important function of a MAC address on the network?














               A.Provide logical control

               B.Provide address control

               C.Identify logical address

               D.Uniquely identifies each device

               E.Identify the vendor of the device



 












173.請問MAC位址在網路中有哪樣重要的功能?





               A.Provide logical control

               B.Provide address control

               C.Identify logical address

               D.Uniquely identifies each device

               E.Identify the vendor of the device


 




 

ANS(D)

 
( ) 174.Which one of following switching method is more efficient?















               A.IP

               B.TCP

               C.UDP

               D.cut-through

               E.store-and-forward




 












174.請問哪一種交換方式是較高效率的?






               A.IP

               B.TCP

               C.UDP

               D.cut-through

               E.store-and-forward



 




 

ANS(D)

 
( ) 175.Which one of following switching method will provide error checking?















               A.IP

               B.TCP

               C.UDP

               D.cut-through

               E.store-and-forward




 












175.請問哪一種交換方式提供錯誤檢查?






               A.IP

               B.TCP

               C.UDP

               D.cut-through

               E.store-and-forward



 




 

ANS(E)

 
( ) 176.What is the feature of store-and-forward switches?















               A.They check the destination address only

               B.They increase delay

               C.They forward part of frame

               D.They have the same function as cut-through




 












176.請問哪一個是store-and-forward交換方式的功能?







               A.They check the destination address only

               B.They increase delay

               C.They forward part of frame

               D.They have the same function as cut-through




 




 

ANS(B)

 
( ) 177.What are the benefits of switch over Router?(choose 2)















               A.more management control

               B.Higher throughput

               C.Lower overhead

               D.Greater functionality




               E.More paths
 












177.哪兩樣是交換器優於路由器的功能?








               A.more management control

               B.Higher throughput

               C.Lower overhead

               D.Greater functionality

               E.More paths





 




 

ANS(B、C)
 

 
( ) 178.Which one of following can be used to reduce the size of a broadcast domain?

 














               A.cut-though

               B.store-and-forward

               C.Fragment Free

               D.VLAN




               E.Hub
 













178.哪以個可以減少廣播網域的大小?









               A.cut-though

               B.store-and-forward

               C.Fragment Free

               D.VLAN

               E.Hub






 




 

ANS(D)



 
( ) 179.Which one of following describes the switch best?















               A.One broadcast domain and collision domain


               B.Single broadcast domain and separate collision domain

               C.Multiple broadcast domain and Single subnet

               D.Separate broadcast domain and Separate collision domain

               E.None broadcast domain and collision domain





 












179.哪一種交換器的敘述較好?










               A.One broadcast domain and collision domain

               B.Single broadcast domain and separate collision domain

               C.Multiple broadcast domain and Single subnet

               D.Separate broadcast domain and Separate collision domain

               E.None broadcast domain and collision domain







 




 

 
ANS(B)

 
( ) 180.Which two of following do switches use to prevent network loops?
















               A.IEEE 802.1d

               B.IEEE 802.1Q

               C.Spanning Tree Protocol

               D.Lock loop Protocol

               E.IEEE 802.3

               F.IEEE 802.IP





 












180.哪兩個選項是用來預防交換器上的網路迴圈?











               A.IEEE 802.1d

               B.IEEE 802.1Q

               C.Spanning Tree Protocol

               D.Lock loop Protocol

               E.IEEE 802.3

               F.IEEE 802.IP








 




 
ANS(A、C)

 
( ) 181.Which one of following switching method is the default switching mode of latest LAN switch?
















               A.cut-through

               B.store-and-forward

               C.cut-and-forward

               D.Fragment Free

               E.flow control





 












181.哪一種交換方式是在最新區域網路的交換器上所預設的?











               A.cut-through
               B.store-and-forward
               C.cut-and-forward
               D.Fragment Free
               E.flow control








 




 
ANS(D)

 
( ) 182.What's the main function of a VLAN?
















               A.Use Virtual address

               B.Use Network address

               C.Use port number

               D.Place user in logical grouping rather than physical location

               E.Place user in physical location rather than logical grouping





 












182.哪一個選項是在講VLAN的功用











               A.Use Virtual address
               B.Use Network address
               C.Use port number
               D.Place user in logical grouping rather than physical location
               E.Place user in physical location rather than logical grouping
 











 
ANS(D)

 
( ) 183.Which switching mode provides error-free transport,rather then maximizing speed?
















               A.cut-through
               B.store-and-forward
               C.fragment free
               D.fragment-forwarding
               E.frame-filtering





 












183.哪一種交換模式是提供無錯誤傳輸,而不是最高速度?











               A.cut-through
               B.store-and-forward
               C.fragment free
               D.fragment-forwarding
               E.frame-filtering
 











ANS(B)

 
( ) 184.Which one of the following protocols operates at Layer 2 of the OSI model and is used to prevent a loop network?

















               A.VTP

               B.RIP

               C.STP

               D.IGRP

               E.CDP






 












184.哪一個協定是操作在OSI模型的第二層用來預防網路迴圈











               A.VTP
               B.RIP
               C.STP
               D.IGRP
               E.CDP
 











ANS(C)

 
( ) 185.Which one of the following statements determines the spanning-tree path cost?


















               A.It is based on transmission latency

               B.It is based on the hop count

               C.It is the sum of the costs based on bandwidth

               D.It is based on the load of network







 












185.哪一種敘述用來確定SPT的path cost?











               A.It is based on transmission latency
               B.It is based on the hop count
               C.It is the sum of the costs based on bandwidth
               D.It is based on the load of network
 











ANS(C)

 
( ) 186.What is function of the spanning-tree algorithm in a switched LAN?



















               A.To manage VLANs across multiple switches

               B.To prevent switching loops in networks.

               C.To prevent routing loops in network

               D.To segment a network into multiple collision domains

               E.To segment a network into multiple broadcast domains








 












186.哪一個是STP演算法在交換區域網路上的功能?











               A.To manage VLANs across multiple switches
               B.To prevent switching loops in networks.
               C.To prevent routing loops in network
               D.To segment a network into multiple collision domains
               E.To segment a network into multiple broadcast domains
 











ANS(B)

 
( ) 187.Which two of the following items does STP count when it elects the root bridge




















               A.The BPDU updated number

               B.The Bridge ID

               C.The access layer bridge setting

               D.The bridge priority

               E.The spanning update number

               F.The BPDU version number









 












187.哪兩個選項是STP選擇root bridge的依據?











               A.The BPDU updated number
               B.The Bridge ID
               C.The access layer bridge setting
               D.The bridge priority
               E.The spanning update number
               F.The BPDU version number
 











ANS(B、D)

 
( ) 188.Which three of the following are spanning tree port states?





















               A.listening

               B.initializing

               C.learning

               D.spanning

               E.forwarding

               F.ending
               G.stopping
 





















188.哪三個選項是spanning tree port 的狀態?











               A.listening
               B.initializing
               C.learning
               D.spanning
               E.forwarding
               F.ending
               G.stopping
 











ANS(A、C、E)

 
( ) 189.What is the characteristic of converged spanning-three network?






















               A.All switch and bridge ports are in the Blocking state

               B.All switch and bridge ports are in the forwarding state

               C.All switch and bridge ports are in either the forwarding or blocking state

               D.All switch and bridge ports are in either learning blocking or blocking

               E.All switch and bridge ports are in the stand-by state


 





















189.哪一個是STP在網路上收斂時的特點?











               A.All switch and bridge ports are in the Blocking state
               B.All switch and bridge ports are in the forwarding state
               C.All switch and bridge ports are in either the forwarding or blocking state
               D.All switch and bridge ports are in either learning blocking or blocking
               E.All switch and bridge ports are in the stand-by state
 











ANS(C)

 
( ) 190.Which command will you use a t the user mode to enter the privileged mode?























               A.enable

               B.disable

               C.enter

               D.setup

               E.show



 





















190.使用哪個指令後將會從使用者模式進入到特權模式?











               A.enable
               B.disable
               C.enter
               D.setup
               E.show
 











ANS(A)

 
( ) 191.Which configuration mode will you use to enter the name of the router?
























               A.Local

               B.Global

               C.line

               D.Rommonitor

               E.User




 





















191.在哪一個組態模式下可以設定路由器的名稱?











               A.Local
               B.Global
               C.line
               D.Rommonitor
               E.User
 











ANS(B)

 
( ) 192.You are using IOS version prior to 10.3,which command can you copy the running configuration to a TFTP server?
























               A.Taipei>copy running-config tftp

               B.Taipei#copy running-config tftp

               C.Taipei>write network

               D.Taipei#write network

               E.Taipei#copy tftp running-config 




 





















192.你使用IOS 10.3之前的版本,哪一個指令可以讓你拷貝running configuration到TFTP伺服器?











               A.Taipei>copy running-config tftp
               B.Taipei#copy running-config tftp
               C.Taipei>write network
               D.Taipei#write network
               E.Taipei#copy tftp running-config 
 












ANS(D)

 
( ) 193.Which command will you use to display router memory statistics?

























               A.show hosts

               B.show IP route

               C.show flash

               D.show memory

               E.show protocol





 





















193.哪一個指令用來顯示路由器上記憶體的狀態?











               A.show hosts
               B.show IP route
               C.show flash
               D.show memory
               E.show protocol
 











ANS(D)

 
( ) 194.Which command will you use to execute configuration commands form the router terminal?


























               A.Taipei#execute terminal

               B.Taipei#configure terminal

               C.Taipei#configure line

               D.Taipei#execute line

               E.Taipei#execute command






 





















194.執行下列哪個指令後,可以在終端機上進行組態設定?











               A.Taipei#execute terminal
               B.Taipei#configure terminal
               C.Taipei#configure line
               D.Taipei#execute line
               E.Taipei#execute command
 











ANS(B)

 
( ) 195.For a specific line, which command will you use to set the IP address format to hexadecimal?


























               A.Taipei>term IP netmask-format hexadecimal

               B.Taipei#term IP netmask-format hexadecimal

               C.Taipei[config-if]#term IP netmask-format hexadecimal

               D.Taipei[config-line]#term IP netmask-format hexadecimal






 





















195.有一條特別的線路,請問要下什麼指令才能將IP格式轉為十六進制?











               A.Taipei>term IP netmask-format hexadecimal
               B.Taipei#term IP netmask-format hexadecimal
               C.Taipei[config-if]#term IP netmask-format hexadecimal
               D.Taipei[config-line]#term IP netmask-format hexadecimal
 











ANS(D)

 
( ) 196.You want to display the host name and address in Router, which one of the command will you use?


























               A.Taipei#show IP hosts

               B.Taipei[config]#show IP hosts

               C.Taipei#show router host

               D.Taipei#show hosts






 





















196.你想要顯示路由器上的主機名稱和位址,你將使用什麼命令?











               A.Taipei#show IP hosts
               B.Taipei[config]#show IP hosts
               C.Taipei#show router host
               D.Taipei#show hosts
 











ANS(D)
 

 
( ) 197.Which command will you use to display the IP routing table?


























               A.show IP table

               B.show IP protocol

               C.show IP route

               D.show IP flash






               E.show flash
 





















197.你想要顯示IP路由表,你將使用什麼命令?











               A.show IP table
               B.show IP protocol
               C.show IP route
               D.show IP flash
               E.show flash
 












ANS(C)



 
( ) 198.Which command will you use to set the password for the console terminal



























               A.line vty 0

               B.line console 0

               C.line vty console

               D.line console vty
 



























198.哪一個命令可以設置console terminal的密碼?











               A.line vty 0
               B.line console 0
               C.line vty console
               D.line console vty
 












ANS(B)

 
( ) 199.Which two command can you recall the previous command?



























               A.Ctrl + P

               B.Ctrl + C

               C.Down arrow

               D.Up arrow
               E.Ctrl + shift 
 



























199.哪兩個命令可以叫回之前的指令?











               A.Ctrl + P
               B.Ctrl + C
               C.Down arrow
               D.Up arrow
               E.Ctrl + shift 
 











ANS(A、D)

 
( ) 200.Which command will you use to copy configuration from a tftp Server to NVRAM?



























               A.Taipei#copy tftp ROM

               B.Taipei#copy tftp flash

               C.Taipei#copy tftp running-config

               D.Taipei#copy tftp startup-config
 



























200.哪個命令可以從tftp 到 NVRAM拷貝組態 ?











               A.Taipei#copy tftp ROM
               B.Taipei#copy tftp flash
               C.Taipei#copy tftp running-config
               D.Taipei#copy tftp startup-config
 











ANS(D)

轉載http://ccnatiy.blogspot.tw/2014/10/ccna151200.html






































(繼續閱讀...)
文章標籤

Johnson峰 發表在 痞客邦 留言(0) 人氣(118)

  • 個人分類:網路
▲top
  • 1月 30 週六 201622:39

  • CCNA151~200題


















CCNA151~200題





















( ) 151.What are features of the cut-through switching technology?(choose 2)


               A.Copy an entire frame to its buffer.

               B.Copy a frames destination address to its buffer

               C.Has more latency than store-and-forward switching

               D.Has less latency than store-and-forward switching

               E.no latency


 


( ) 152.How much speed will a full-duplex 10 Bass T theoretically has?


               A.10 Mbps
               B.20Mbps
               C.185Mbps
               D.100Mbps
               E.200Mbps


 

( ) 153.Which one of followings has a maximum segment lenght of 500 meters?


               A.10 Base 2
               B.10 Base 5
               C.10 Base T
               D.100 Base FX
               E.100 Base T4


 

( ) 154.Which one of followings has a maximum segment lenght of 400 meters?


               A.10 Base T
               B.100 Base T
               C.100 Base T4
               D.100 Base FX


 

( ) 155.Which are features of the store-and-forward switching technology?(choose 2)



               A.Copy an entire frame to its buffer.

               B.Copy a frames destination address to its buffer

               C.Has more latency than cut-through switching

               D.Has less latency than cut-through switching

               E.no latency at all



 

( ) 156.What's the advantage of a virtual local area network(VLAN)?



               A.Use physical location grouping function

               B.Use logical grouping of physical location

               C.Use virtual application to implement LAN

               D.Use physical grouping of logical location



 

( ) 157.You use a bridge to segment a LAN, your station sends out packs with source and destination address on the same segment, what will the bridge do?



               A.Bridge Broadcast the packets

               B.Bridge drop the packets

               C.Bridge holds the packets

               D.Bridge sends the packets back to source



 

( ) 158.What are the advantages of Fast Ethernet(choose 3)



               A.Easily upgrade from 10 Base T

               B.lower performance than 10 Base T

               C.Higher performance than 10 Base T

               D.More secure than 10 Base T



               E.Utilize the cable and other hardware
 

( ) 159.Which one of following will a bridge use to determine the packets should be forward or drop?




               A.IP address

               B.port address

               C.Source MAC address

               D.Destination MAC address

               E.Network address




 

( ) 160.What are features of the store-and-forward switching method?(choose 3)





               A.Compute the CRC

               B.Discards the giant packs

               C.forward the giant packs

               D.Discard the Erroneous frames

               E.Forward the Erroneous frames





 

( ) 161.How many bits of a MAC address?






               A.48 bits

               B.32 bits

               C.16 bits

               D.8 bits

               E.64 bits







 
( ) 162.What are the benefits of LAN Segmentation?(choose 2)

 





               A.Reduce cost

               B.Reduce the number of user in each collision domain

               C.Increase bandwidth

               D.Increase the number of use in each collision domain

               E.Increase delay
 








( ) 163.Which one of following is a switching method with least latency?







               A.IP routing

               B.port redirected

               C.cut-through

               D.store-and-forward
 







( ) 164.How does a switched network determine a bridge's root port?








               A.It has the least path cost to root

               B.It has the greatest path cost to root

               C.It has highest Bridge ID

               D.It has the lowest Bridge ID

               E.none


 







( ) 165.How does a switched network determine a Root bridge?








               A.It has the least path cost to root

               B.It has the greatest path cost to root

               C.It has highest Bridge ID

               D.It has the lowest Bridge ID

               E.none


 







( ) 166.Which two of following descriptions are true about LAN switches?








               A.Reduce the contention for media access

               B.It has many high speed ports

               C.Reduce the bandwidth for media access

               D.Use IP address to make the switching decision

               E.Use routing table to make the switching decision


 







( ) 167.Which one of following states devices transmit data one way at a time?









               A.Half-Duplex

               B.Full-Duplex

               C.One way Duplex

               D.whole Duplex

               E.One Duplex



 







( ) 168.A LAN switch 10 Base T has 10 ports; How much bandwidth will a port has?










               A.100 Mbps

               B.10 Mbps

               C.1 Mbps

               D.2 Mbps




 







( ) 169.What are advantages of the Spanning Tree Protocol(STP)?(choose 2)










               A.Reactived the blocking bridge port when connecting port fail

               B.Eliminated the loops

               C.Add loops to increase bandwidth

               D.Cocked the blocking bridge port when connecting port fail




               E.Add loops to eliminate band width








 
( ) 170.How much efficiency will half-duplex Ethernet utilize on real network enviroment ?

 










               A.20~30 percent

               B.30~40 percent

               C.40~50 percent

               D.50~60 percent

               E.60~70 percent





 










( ) 171.A bridge receive packets without destination address, what will the bridge do?












               A.Drop Packets

               B.Forward Packets to all ports

               C.Forward Packets to all ports except the receiving port

               D.Do nothing

               E.Forward Packets to the receiving port
 













( ) 172.Which one of following protocol does bridges use to prevent network loops?













               A.loop

               B.STP

               C.ICMP

               D.IP

               E.TCP+UDP


 












( ) 173.What is the important function of a MAC address on the network?














               A.Provide logical control

               B.Provide address control

               C.Identify logical address

               D.Uniquely identifies each device

               E.Identify the vendor of the device



 












( ) 174.Which one of following switching method is more efficient?















               A.IP

               B.TCP

               C.UDP

               D.cut-through

               E.store-and-forward




 












( ) 175.Which one of following switching method will provide error checking?















               A.IP

               B.TCP

               C.UDP

               D.cut-through

               E.store-and-forward




 












( ) 176.What is the feature of store-and-forward switches?















               A.They check the destination address only

               B.They increase delay

               C.They forward part of frame

               D.They have the same function as cut-through




 












( ) 177.What are the benefits of switch over Router?(choose 2)















               A.more management control

               B.Higher throughput

               C.Lower overhead

               D.Greater functionality




               E.More paths
 














( ) 178.Which one of following can be used to reduce the size of a broadcast domain?

 














               A.cut-though

               B.store-and-forward

               C.Fragment Free

               D.VLAN




               E.Hub
 














( ) 179.Which one of following describes the switch best?















               A.One broadcast domain and collision domain


               B.Single broadcast domain and separate collision domain

               C.Multiple broadcast domain and Single subnet

               D.Separate broadcast domain and Separate collision domain

               E.None broadcast domain and collision domain





 













( ) 180.Which two of following do switches use to prevent network loops?
















               A.IEEE 802.1d

               B.IEEE 802.1Q

               C.Spanning Tree Protocol

               D.Lock loop Protocol

               E.IEEE 802.3

               F.IEEE 802.IP





 












( ) 181.Which one of following switching method is the default switching mode of latest LAN switch?
















               A.cut-through

               B.store-and-forward

               C.cut-and-forward

               D.Fragment Free

               E.flow control





 












( ) 182.What's the main function of a VLAN?
















               A.Use Virtual address

               B.Use Network address

               C.Use port number

               D.Place user in logical grouping rather than physical location

               E.Place user in physical location rather than logical grouping





 












( ) 183.Which switching mode provides error-free transport,rather then maximizing speed?
















               A.cut-through
               B.store-and-forward
               C.fragment free
               D.fragment-forwarding
               E.frame-filtering





 












( ) 184.Which one of the following protocols operates at Layer 2 of the OSI model and is used to prevent a loop network?

















               A.VTP

               B.RIP

               C.STP

               D.IGRP

               E.CDP






 












( ) 185.Which one of the following statements determines the spanning-tree path cost?


















               A.It is based on transmission latency

               B.It is based on the hop count

               C.It is the sum of the costs based on bandwidth

               D.It is based on the load of network


















 
( ) 186.What is function of the spanning-tree algorithm in a switched LAN?



















               A.To manage VLANs across multiple switches

               B.To prevent switching loops in networks.

               C.To prevent routing loops in network

               D.To segment a network into multiple collision domains

               E.To segment a network into multiple broadcast domains








 












( ) 187.Which two of the following items does STP count when it elects the root bridge




















               A.The BPDU updated number

               B.The Bridge ID

               C.The access layer bridge setting

               D.The bridge priority

               E.The spanning update number

               F.The BPDU version number









 












( ) 188.Which three of the following are spanning tree port states?





















               A.listening

               B.initializing

               C.learning

               D.spanning

               E.forwarding

               F.ending
               G.stopping
 





















( ) 189.What is the characteristic of converged spanning-three network?






















               A.All switch and bridge ports are in the Blocking state

               B.All switch and bridge ports are in the forwarding state

               C.All switch and bridge ports are in either the forwarding or blocking state

               D.All switch and bridge ports are in either learning blocking or blocking

               E.All switch and bridge ports are in the stand-by state


 





















( ) 190.Which command will you use a t the user mode to enter the privileged mode?























               A.enable

               B.disable

               C.enter

               D.setup

               E.show



 





















( ) 191.Which configuration mode will you use to enter the name of the router?
























               A.Local

               B.Global

               C.line

               D.Rommonitor

               E.User




 





















( ) 192.You are using IOS version prior to 10.3,which command can you copy the running configuration to a TFTP server?
























               A.Taipei>copy running-config tftp

               B.Taipei#copy running-config tftp

               C.Taipei>write network

               D.Taipei#write network

               E.Taipei#copy tftp running-config 




 





















( ) 193.Which command will you use to display router memory statistics?

























               A.show hosts

               B.show IP route

               C.show flash

               D.show memory

               E.show protocol





 





















( ) 194.Which command will you use to execute configuration commands form the router terminal?


























               A.Taipei#execute terminal

               B.Taipei#configure terminal

               C.Taipei#configure line

               D.Taipei#execute line

               E.Taipei#execute command






 





















( ) 195.For a specific line, which command will you use to set the IP address format to hexadecimal?


























               A.Taipei>term IP netmask-format hexadecimal

               B.Taipei#term IP netmask-format hexadecimal

               C.Taipei[config-if]#term IP netmask-format hexadecimal

               D.Taipei[config-line]#term IP netmask-format hexadecimal






 





















( ) 196.You want to display the host name and address in Router, which one of the command will you use?


























               A.Taipei#show IP hosts

               B.Taipei[config]#show IP hosts

               C.Taipei#show router host

               D.Taipei#show hosts






 






















 
( ) 197.Which command will you use to display the IP routing table?


























               A.show IP table

               B.show IP protocol

               C.show IP route

               D.show IP flash






               E.show flash
 























( ) 198.Which command will you use to set the password for the console terminal



























               A.line vty 0

               B.line console 0

               C.line vty console

               D.line console vty
 



























( ) 199.Which two command can you recall the previous command?



























               A.Ctrl + P

               B.Ctrl + C

               C.Down arrow

               D.Up arrow
               E.Ctrl + shift 
 



























( ) 200.Which command will you use to copy configuration from a tftp Server to NVRAM?



























               A.Taipei#copy tftp ROM

               B.Taipei#copy tftp flash

               C.Taipei#copy tftp running-config

               D.Taipei#copy tftp startup-config

轉載http://ccnatiy.blogspot.tw/2014/10/ccna151200_23.html
































































(繼續閱讀...)
文章標籤

Johnson峰 發表在 痞客邦 留言(0) 人氣(17)

  • 個人分類:網路
▲top
  • 1月 30 週六 201622:35

  • CCNA101~150題解析

CCNA101~150題解析

















( ) 101.Which one of following is a valid hosts of 203.66.47.10/24?

               A.203.66.47.0~203.66.47.255

               B.203.66.47.1~203.66.47.254

               C.203.66.47.9~203.66.47.15

               D.203.66.47.1~203.66.47.31

               E.203.66.47.0~203.66.47.32

               F.203.66.47.1~203.66.47.127

 

101.下列哪一個選項是203.66.47.0/24的可使用主機位址

               A.203.66.47.0~203.66.47.255
               B.203.66.47.1~203.66.47.254
               C.203.66.47.9~203.66.47.15
               D.203.66.47.1~203.66.47.31
               E.203.66.47.0~203.66.47.32
 
               F.203.66.47.1~203.66.47.127


ANS(B)

 

( ) 102.Which class will you use for multicast of TCP/IP address?

               A.Class E

               B.Class D

               C.Class C

               D.Class B

 

               E.Class A

 

102.下列哪一個級別在TCP/IP位址中是使用群播?

               A.Class E
               B.Class D
               C.Class C
               D.Class B
               E.Class A
 
ANS(B)

 

( ) 103.What are the valid range of hosts for 203.66.47.10/30?

               A.203.66.47.1~203.66.47.255

               B.203.66.47.1~203.66.47.15

               C.203.66.47.9~203.66.47.10

               D.203.66.47.9~203.66.47.15

               E.203.66.47.1~203.66.47.31

 

 

103.在203.66.47.10/30中下列哪一個可使用主機位址的範圍?

               A.203.66.47.1~203.66.47.255
               B.203.66.47.1~203.66.47.15
               C.203.66.47.9~203.66.47.10
               D.203.66.47.9~203.66.47.15
               E.203.66.47.1~203.66.47.31
 
ANS(C)               

 

( ) 104.Which followings are private IP address?(choose 3)

               A.10.0.0.0

               B.192.168.0.0

               C.172.168.0.0

               D.172.16.0.0

               E.168.172.0.0

 

104.下列哪三個是私有IP位址?

               A.10.0.0.0
               B.192.168.0.0
               C.172.168.0.0
               D.172.16.0.0
               E.168.172.0.0
 

ANS(A、B、D)        

 

( ) 105.Which one of the following is a function of the Transmission control protocol?

               A.Ping

               B.Telnet

               C.Sliding windows

               D.SQL

               E.NFS

 

105.下列哪一個是TCP的功能?

               A.Ping
               B.Telnet
               C.Sliding windows
               D.SQL
               E.NFS
 

 

ANS(C)       

 

( ) 106.You are a network administrator and considering the use of a connectionless service. What are the characteristics of a connectionless service?(Choose two answers)

               A.It uses three ways handshaking

               B.It uses a non-reliable transport mechanism

               C.It is less bandwidth-intensive than connection oriented services

               D.It uses a Reliable transport mechanism

 

 

 

106.你是個網路管理員正考慮使用非連結導向服務。請問非連結導向有哪些特點(選2個答案)

               A.It uses three ways handshaking
               B.It uses a non-reliable transport mechanism
               C.It is less bandwidth-intensive than connection oriented services
               D.It uses a Reliable transport mechanism
 
 

 

ANS(B、C)     

 

( ) 107.Which following are need on network layer?(choose 2)

               A.LLC

               B.MAC

               C.ARP

               D.RARP

               E.TCP

 

               F.UDP

 

107.下列哪些需要在網路層?

               A.LLC
               B.MAC
               C.ARP
               D.RARP
               E.TCP
               F.UDP
 
 

 

 

ANS(C、D)   

 

( ) 108.Which class will you use for research?

               A.Class E

               B.Class D

               C.Class C

               D.Class B

               E.Class A

 

 

 

 

108.下列哪個級別是使用在研究?

               A.Class E
               B.Class D
               C.Class C
               D.Class B
               E.Class A
 
 

 

 

 

ANS(A)   

 

( ) 109.Which standard is defined in RFC 1700?

               A.public IP address

               B.privateIP address

               C.Routing IP address

               D.IP address

 

               E.TCP port number

 

109.在RFC 1700的標準中,是定義什麼?

               A.public IP address
               B.privateIP address
               C.Routing IP address
               D.IP address
               E.TCP port number
 
 

 

 

 

 

ANS(B)   

 

( ) 110.Which command will you use to have a second IP address 203.66.47.50 on Ethernet interface?

               A.IP address 203.66.47.50  255.255.0.0

               B.IP address 203.66.47.50  insert

               C.IP address 203.66.47.50  Ethernet 

               D.IP address 203.66.47.50  255.255.255.10 secondary

 

               E.IP address 203.66.47.50  255.255.255.0 secondary IP

 

110.你要在乙太網路介面使用第二個IP位址 206.66.47.50 請問要使用哪個指令 ?

               A.IP address 203.66.47.50  255.255.0.0
               B.IP address 203.66.47.50  insert
               C.IP address 203.66.47.50  Ethernet 
               D.IP address 203.66.47.50  255.255.255.10 secondary
               E.IP address 203.66.47.50  255.255.255.0 secondary IP
 
 

 

 

 

 

 

ANS(D)   

 
( ) 111.Which following are connectionless communications (choose 2)

               A.Ping
               B.Trace
               C.Tftp
               D.FTP
               E.SNMP
               F.SQL

 

111.下列哪些是非連結通訊?(選2個答案)

               A.Ping
               B.Trace
               C.Tftp
               D.FTP
               E.SNMP
               F.SQL
 

 

 

 

 

 

 
 

 

ANS(C、E)   



 


( ) 112.You have an IP address 20.30.220.40 and subnet mask 255.255.240.0. what's the ranges of hosts address in the subnet

               A.20.30.220.1~20.30.220.254
               B.20.30.220.10~20.30.220.255
               C.20.30.208.1~20.30.223.254
               D.20.30.0.0~20.30.255.255
               E.20.30.0.1~20.30.255.255

 

112.你有個IP位址 20.30.220.40 子網路遮罩為255.255.240.0那些範圍是子網路內的主機位址?

               A.20.30.220.1~20.30.220.254
               B.20.30.220.10~20.30.220.255
               C.20.30.208.1~20.30.223.254
               D.20.30.0.0~20.30.255.255
               E.20.30.0.1~20.30.255.255
 
ANS(C)   


 
( ) 113.Which command will you use to assign the IP address 203.66.47.10 and subnet mask 255.255.255.224 to the interface?


               A.Taipei>IP address 203.66.47.10  255.255.255.224

               B.Taipei#IP address 203.66.47.10  255.255.255.224

               C.Taipei[config]#IP address 203.66.47.10  255.255.255.224

               D.Taipei[config-if]#IP address 203.66.47.10  255.255.255.224


 

113.哪一個指令是用來分配IP位址 203.66.47.10 和子網路遮罩 255.255.255.224 給界面?

               A.Taipei>IP address 203.66.47.10  255.255.255.224
               B.Taipei#IP address 203.66.47.10  255.255.255.224
               C.Taipei[config]#IP address 203.66.47.10  255.255.255.224
               D.Taipei[config-if]#IP address 203.66.47.10  255.255.255.224
 
ANS(D) 


 
( ) 114.Which port number is used by Telnet?


               A.53

               B.161

               C.69

               D.23

               E.21


 

114.哪一個埠號是給Telnet使用?

               A.53
               B.161
               C.69
               D.23
               E.21
 
ANS(D)  


 
( ) 115.When the buffer of receiving Station is full,it will inform source station to stop sending data. Which one of following will do the process?


               A.Flow control

               B.Error control

               C.Buffer control

               D.Message control


 

115.當緩衝區接收站已滿時,他將會通知來源站停止傳送資料。下列何者是他所做的處理?

               A.Flow control
               B.Error control
               C.Buffer control
               D.Message control
 
ANS(A)  


 
( ) 116.You have an IP address 170.90.0.0, you need each subnet must support at least 230 hosts, and have greatest number of subnets. Which one of following subnet mask will you use?



               A.255.255.255.0

               B.255.255.0.0

               C.255.255.255.128

               D.255.255.255.192

               E.255.0.0.0



 

116.你有一個IP位址170.90.0.0,你需要每個子網路必須提供最少230個主機而且數量最多的子網路下列何者為你所使用的子網路遮罩?

               A.255.255.255.0
               B.255.255.0.0
               C.255.255.255.128
               D.255.255.255.192
               E.255.0.0.0
 
ANS(A)  


 
 

 


( ) 117.Which four of the following IOS commands could you use to troubleshoot a router connectivity problem on an IP network?





               A.ping

               B.ipconfig

               C.show ip route

               D.shoe interfaces

               E.traceroute

 

               F.tracert





 



117.下列哪四個選項是在IOS指令中可以用來排除路由器上的故障和IP在網路上的連結問題?


               A.ping
               B.ipconfig
               C.show ip route
               D.shoe interfaces
               E.traceroute
               F.tracert
 

 

 


ANS(A、C、D、E)  




 
( ) 118.Which three of following commands will you use to troubleshoot connectivity issues about checking the current IP address,layer 1 and layer 2 status of the interface?





               A.TAIPEI#show protocols

               B.TAIPEI#show control

               C.TAIPEI#show ip interface

               D.TAIPEI#show version

               E.TAIPEI#show interfaces

 

               F.TAIPEI#show running-config





 

118.下列哪三個指令可以排除連結問題有關確認當前IP位址第一層和第二層的界面狀態?

               A.TAIPEI#show protocols
               B.TAIPEI#show control
               C.TAIPEI#show ip interface
               D.TAIPEI#show version
               E.TAIPEI#show interfaces
               F.TAIPEI#show running-config
 
ANS(B、C、E)  


 
( ) 119.You give the "shutdown" interface configuration command in you router.what will you expect the status of the serial interface to be?






               A.Serial 0 is down,line protocol is down

               B.Serial 0 is up,line protocol is up

               C.Serial 0 is up,line protocol is down

               D.Serial 0 is administratively down,line protocol is down

               E.Serial 0 is down,line protocol is up

 

               F.Serial 0 is administratively down,line protocol is up






 

119.你設定"關閉"界面的組態指令給路由器後。你預計serial 界面會是什麼狀態?

               A.Serial 0 is down,line protocol is down
               B.Serial 0 is up,line protocol is up
               C.Serial 0 is up,line protocol is down
               D.Serial 0 is administratively down,line protocol is down
               E.Serial 0 is down,line protocol is up
               F.Serial 0 is administratively down,line protocol is up
 
ANS(D)  

 
( ) 120.The TCP/IP network model differs from the more popular OSI model. Which three of the following OSI model layers are belong to the TCP/IP model?







               A.application layer

               B.presentation layer

               C.session layer

               D.transport layer

               E.internet layer

 

               F.data link layer
               G.physical layer







 

120.TCP/IP網路模型不同於眾所皆知的OSI模型。下咧哪三個OSI模型的層名與TCP/IP模型相同?

               A.application layer
               B.presentation layer
               C.session layer
               D.transport layer
               E.internet layer
               F.data link layer
               G.physical layer
 
ANS(A、D、E)  
 

( ) 121.Which of following statements is true about voice over IP?








               A.The voice over IP requires low delay and high gitter

               B.The voice over IP requires low jitter and high packet loss rate

               C.The voice over IP requires low packet loss rate and high delay

               D.The voice over IP requires low delay and low packet loss rate








 

121.下列哪個關於VoIP的敘述是正確的?

               A.The voice over IP requires low delay and high gitter
               B.The voice over IP requires low jitter and high packet loss rate
               C.The voice over IP requires low packet loss rate and high delay
               D.The voice over IP requires low delay and low packet loss rate
 

 
ANS(D)  

 
( ) 122.Which of following statements is true about audio over IP?







               A.The audio over IP requires low delay and high bandwidth.

               B.The audio over IP requires low bandwidth and high packet loss rate .

               C.The audio over IP requires low packet loss rate and high delay.

               D.The audio over IP requires low delay and high packet loss rate.


 







122.下列哪個關於audio over IP的敘述是正確的?

               A.The audio over IP requires low delay and high bandwidth.
               B.The audio over IP requires low bandwidth and high packet loss rate .
               C.The audio over IP requires low packet loss rate and high delay.
               D.The audio over IP requires low delay and high packet loss rate.
 
ANS(A)  

 
( ) 123.Which of following items are the purposes of domain name system?








               A.To translate IP to name

               B.To translate name to IP

               C.Help people to get IP address

               D.Help people to get company name








 

123.下列哪些項目是DNS的用途?

               A.To translate IP to name
               B.To translate name to IP
               C.Help people to get IP address
               D.Help people to get company name
 
ANS(B、C)  

 
( ) 124.Which of following is true to configure DNS in a router?









               A.IP 192.168.1.1

               B.IP DNS 192.168.1.1

               C.IP name server 192.168.1.1

               D.IP name-server 192.168.1.1
 









124.下列哪個選項是在路由器上設定DNS?

               A.IP 192.168.1.1
               B.IP DNS 192.168.1.1
               C.IP name server 192.168.1.1
               D.IP name-server 192.168.1.1
 
ANS(D)  

 
( ) 125.Which three of following items are benefits of dynamic host configuration protocol (DHCP)










               A.Automatically assign IP address

               B.To avoid IP address conflict

               C.To have more IP address

               D.To increase IP address usage


 









125.下列哪三個選項是DHCP的好處?

               A.Automatically assign IP address
               B.To avoid IP address conflict
               C.To have more IP address
               D.To increase IP address usage
 
ANS(A、B、D)  

 
( ) 126.Which of following items is the correct DHCP command when you want to exclude DHCP IP address 200.1.1.1-200.1.1.20 on a router?











               A.Router(config)#dhcp ip excluded-address 200.1.1.1  200.1.1.20

               B.Router(config)#excluded-address dhcp ip 200.1.1.1  200.1.1.20

               C.Router(config)#excluded-address ip dhcp 200.1.1.1  200.1.1.20

               D.Router(config)#ip dhcp excluded-address 200.1.1.1  200.1.1.20



 









126.當你在路由器上想要排除DHCP IP位址200.1.1.1-200.1.1.20下列哪個選項是正確的DHCP指令?

               A.Router(config)#dhcp ip excluded-address 200.1.1.1  200.1.1.20
               B.Router(config)#excluded-address dhcp ip 200.1.1.1  200.1.1.20
               C.Router(config)#excluded-address ip dhcp 200.1.1.1  200.1.1.20
               D.Router(config)#ip dhcp excluded-address 200.1.1.1  200.1.1.20
 
ANS(D)  

 
( ) 127.Which following are used at the physical layer?(choose 3)












               A.IP

               B.ARP

               C.RARP

               D.Token Ring

               E.FDDI

 

               F.Ethernet




 









127.下咧哪三個選項使用到實體層?

               A.IP
               B.ARP
               C.RARP
               D.Token Ring
               E.FDDI
               F.Ethernet
 
ANS(D、E、F)  
 

 
( ) 128.What is a benefit when you use a LAN segmentation?

 











               A.Increase collisions

               B.Increase broadcasts

               C.Increase more packets

               D.Increase more protocol

               E.Control Broadcast

 

 




 









 
128.當你對LAN進行切割時有時什麼好處?

               A.Increase collisions
               B.Increase broadcasts
               C.Increase more packets
               D.Increase more protocol
               E.Control Broadcast
 
 

ANS(E)  



 
( ) 129.What is a function of a bridge?












               A.Increase broadcast domains

               B.Increase collisions domains

               C.Decrease the number of broadcast domains

               D.Decrease the size of collisions domains

 

 

 




 









129.請問橋接器的功能是?

               A.Increase broadcast domains
               B.Increase collisions domains
               C.Decrease the number of broadcast domains
               D.Decrease the size of collisions domains
 
ANS(D)  

 
( ) 130.Which one of the addressing is used by a bridge?













               A.MAC

               B.LLC

               C.IP

               D.TCP

               E.UDP


 

 

 




 









130.請問橋接器是使用什麼位址?

               A.MAC
               B.LLC
               C.IP
               D.TCP
               E.UDP
 
ANS(A)  

 
( ) 131.Which one of layer is dealing with path determination?













               A.Data link layer

               B.Network layer

               C.Transport layer

               D.Session layer

               E.Presentation layer


 

 

 




 









131.哪一層負責決定路徑?

               A.Data link layer
               B.Network layer
               C.Transport layer
               D.Session layer
               E.Presentation layer
 
ANS(B)  

 
( ) 132.Which followings are disadvantages of connection-oriented network?














               A.no path selection

               B.static path selection

               C.Dynamic path Selection

               D.Need reservation of network resource

               E.Reduce the use of network resources



 

 

 




 









132.下列哪些是連結導向在網路中的缺點?

               A.no path selection
               B.static path selection
               C.Dynamic path Selection
               D.Need reservation of network resource
               E.Reduce the use of network resources
 
ANS(B、D)  

 
( ) 133.Which followings are used at the Data link layer?















               A.TCP

               B.LLC

               C.UDP

               D.MAC

               E.IP




 

 

 




 









133.下列哪些是在資料鏈結層使用?

               A.TCP
               B.LLC
               C.UDP
               D.MAC
               E.IP
 

 
ANS(B、D)  


 
( ) 134.What are characteristics of connection-oriented data transfer?















               A.Establish Connection

               B.Test connection

               C.Transfer data

               D.Terminate connection

               E.Open connection




 

 

 




 









134.哪些是連結導向傳遞資料的特點?

               A.Establish Connection
               B.Test connection
               C.Transfer data
               D.Terminate connection
               E.Open connection
 

 

 
ANS(A、C、D)  


 
( ) 135.Which one of followings represent network part of an address?
















               A.Mac address

               B.Whole IP address

               C.TCP port address

               D.Segment





 












135.下列哪些代表網路部份的位址?

               A.Mac address
               B.Whole IP address
               C.TCP port address
               D.Segment
 

 

 
ANS(D)  


 
( ) 136.Which layer are PICT and MIDI used at?
















               A.Application layer

               B.Presentation layer

               C.Session layer

               D.Transport layer





 












136.請問PICT和MIDI被使用在哪一層?

               A.Application layer
               B.Presentation layer
               C.Session layer
               D.Transport layer
 

 
ANS(B) 

 
( ) 137.Which one of following is the best description of a router?

















               A.Has a single broadcast domain and a single collision domain

               B.Has a single broadcast domain and a separating collision domain

               C.Has a separating broadcast domain and a single collision domain

               D.Has a separating broadcast domain and a separating collision domain







 












137.下列哪個有關路由器的說明比較好?

               A.Has a single broadcast domain and a single collision domain
               B.Has a single broadcast domain and a separating collision domain
               C.Has a separating broadcast domain and a single collision domain
               D.Has a separating broadcast domain and a separating collision domain

 

 
ANS(D) 

 
( ) 138.Which three of following items are the possible causes of congestion on a LAN?


















               A.A broadcast domain with too many hosts

               B.Low bandwidth

               C.Broadcast storms

               D.Multicasting

               E.VLAN Segmentation








 












138.下列哪三個選項可能造成區域網路擁堵的情形?

               A.A broadcast domain with too many hosts
               B.Low bandwidth
               C.Broadcast storms
               D.Multicasting
               E.VLAN Segmentation

 

 
ANS(A、B、C) 

 
( ) 139.Which layer of the OSI reference model is responsible for delivering reliable end-to-end data?



















               A.Data-Link

               B.Network

               C.Transport

               D.Session

               E.Presentation

 

               F.Application









 












139.請問OSI參考模型的哪一層負責提供點對點傳送資料?

               A.Data-Link
               B.Network
               C.Transport
               D.Session
               E.Presentation
               F.Application

 

 
ANS(C) 

 
( ) 140.Which three of the following protocols belong to the application layer?



















               A.HTTPS

               B.ICMP

               C.SMTP

               D.RARP

               E.TFTP

 

               F.ARP









 












140.下列哪三個協定是屬於應用層協定?

               A.HTTPS
               B.ICMP
               C.SMTP
               D.RARP
               E.TFTP
               F.ARP
 

ANS(A、C、E) 
 
( ) 141.You are using the Cisco Router Ethernet interface,what the default type?




















               A.novell-ether

               B.sap

               C.snap

               D.ppp

               E.hdlc










 












141.當你使用思科路由器進入乙太網路介面時,請問哪一個是預設的類型?

               A.novell-ether
               B.sap
               C.snap
               D.ppp
               E.hdlc
 

 
ANS(A) 



 
( ) 142.You are using the Cisco Router FDDI interface,what the default type?




















               A.hdlc

               B.snap

               C.sap

               D.novell-ether










 












142.當你使用思科路由器進入FDDI介面時,請問哪一個是預設的類型?

               A.hdlc
               B.snap
               C.sap
               D.novell-ether
 

 
ANS(B) 

 
( ) 143.Which one of the following commands would you use to terminate a VTY line session?





















               A.disconnect

               B.disable

               C.close

               D.exit

               E.stop











 












143.請問使用哪個指令後會終止VTY線路的會談?

               A.disconnect
               B.disable
               C.close
               D.exit
               E.stop
 

 
ANS(D) 

 
( ) 144.You are using the Cisco Router serial interface,what the default type?




















               A.sap

               B.snap

               C.hdlc

               D.ppp










 












144.當你使用思科路由器進入serial介面時,請問哪一個是預設的類型?

               A.sap
               B.snap
               C.hdlc
               D.ppp
 

 
ANS(C) 

 
( ) 145.Which command will you use to display IOS name and boot images?




















               A.Show memory

               B.Show flash

               C.Show IOS

               D.Show version









               E.Show protocol
 












145.使用哪個指令後將會顯示IOS的名稱和開機訊息?

               A.Show memory
               B.Show flash
               C.Show IOS
               D.Show version
               E.Show protocol
 

 
ANS(D) 

 
( ) 146.Which command will you use to set the IP address of a router interface?





















               A.config IP

               B.term IP

               C.IP address

               D.IP network










 












146.使用哪個指令後將會設置IP位址給路由介面?

               A.config IP
               B.term IP
               C.IP address
               D.IP network
 

 
ANS(C) 

 
( ) 147.Which command will return you to the privileged EXEC prompt from privileged EXEC set up mode?





















               A.Ctrl-A

               B.Ctrl-ESC

               C.Ctrl-C

               D.Ctrl-Shift










               E.Ctrl-B
 












147.哪個指令可以從特權執行安裝模式返回特權模式?

               A.Ctrl-A
               B.Ctrl-ESC
               C.Ctrl-C
               D.Ctrl-Shift
               E.Ctrl-B
 

 
ANS(C) 

 
( ) 148.Which command will you use to set the router to look for IOS image?






















               A.boot system

               B.boot memory

               C.boot IOS

               D.boot image

               E.boot router











 












148.哪個指令使用後可以設定從哪裡啟動IOS image檔案?

               A.boot system
               B.boot memory
               C.boot IOS
               D.boot image
               E.boot router
 

 
ANS(A) 

 
( ) 149.Which router mode will you use when you first get into a router?






















               A.RxBoot

               B.User mode

               C.Global mode

               D.Privileged mode

               E.line mode











 












149.當你第一次進到路由器時會是什麼模式?

               A.RxBoot
               B.User mode
               C.Global mode
               D.Privileged mode
               E.line mode
 

 
ANS(B) 

 
( ) 150.What is the definition of a global command in the Cisco IOS?























               A.A command that can be entered in any configuration file

               B.A command that is set once and affects the entire router

               C.A command that is used in all IOS versions

               D.A command that is supported in nearly release of IOS

               E.A command that set to affect all potocols












 












150.思科IOS的全域組態指令定義為何?

               A.A command that can be entered in any configuration file
               B.A command that is set once and affects the entire router
               C.A command that is used in all IOS versions
               D.A command that is supported in nearly release of IOS
               E.A command that set to affect all potocols
 

 
ANS(B) 

轉載http://ccnatiy.blogspot.tw/2014/10/ccna101150.html



















(繼續閱讀...)
文章標籤

Johnson峰 發表在 痞客邦 留言(0) 人氣(108)

  • 個人分類:網路
▲top
  • 1月 30 週六 201622:33

  • CCNA101~150題


















CCNA101~150題





















( ) 101.Which one of following is a valid hosts of 203.66.47.10/24?


               A.203.66.47.0~203.66.47.255


               B.203.66.47.1~203.66.47.254


               C.203.66.47.9~203.66.47.15


               D.203.66.47.1~203.66.47.31


               E.203.66.47.0~203.66.47.32


               F.203.66.47.1~203.66.47.127
 

( ) 102.Which class will you use for multicast of TCP/IP address?

               A.Class E


               B.Class D


               C.Class C


               D.Class B


 

               E.Class A
 

( ) 103.What are the valid range of hosts for 203.66.47.10/30?

               A.203.66.47.1~203.66.47.255


               B.203.66.47.1~203.66.47.15


               C.203.66.47.9~203.66.47.10

               D.203.66.47.9~203.66.47.15

               E.203.66.47.1~203.66.47.31
 

( ) 104.Which followings are private IP address?(choose 3)

               A.10.0.0.0


               B.192.168.0.0


               C.172.168.0.0


               D.172.16.0.0


               E.168.172.0.0
 

( ) 105.Which one of the following is a function of the Transmission control protocol?

               A.Ping


               B.Telnet


               C.Sliding windows


               D.SQL


               E.NFS
 

( ) 106.You are a network administrator and considering the use of a connectionless service. What are the characteristics of a connectionless service?(Choose two answers)

               A.It uses three ways handshaking

               B.It uses a non-reliable transport mechanism

               C.It is less bandwidth-intensive than connection oriented services

               D.It uses a Reliable transport mechanism
 

( ) 107.Which following are need on network layer?(choose 2)

               A.LLC


               B.MAC


               C.ARP


               D.RARP


               E.TCP


 

               F.UDP
 

( ) 108.Which class will you use for research?

               A.Class E


               B.Class D

               C.Class C

               D.Class B

               E.Class A
 

( ) 109.Which standard is defined in RFC 1700?

               A.public IP address


               B.privateIP address

               C.Routing IP address

               D.IP address

 

               E.TCP port number
 

( ) 110.Which command will you use to have a second IP address 203.66.47.50 on Ethernet interface?

               A.IP address 203.66.47.50  255.255.0.0


               B.IP address 203.66.47.50  insert

               C.IP address 203.66.47.50  Ethernet 

               D.IP address 203.66.47.50  255.255.255.10 secondary

 

               E.IP address 203.66.47.50  255.255.255.0 secondary IP
 


( ) 111.Which following are connectionless communications (choose 2)

               A.Ping
               B.Trace
               C.Tftp
               D.FTP
               E.SNMP
               F.SQL
 



( ) 112.You have an IP address 20.30.220.40 and subnet mask 255.255.240.0. what's the ranges of hosts address in the subnet

               A.20.30.220.1~20.30.220.254
               B.20.30.220.10~20.30.220.255
               C.20.30.208.1~20.30.223.254
               D.20.30.0.0~20.30.255.255
               E.20.30.0.1~20.30.255.255
 



( ) 113.Which command will you use to assign the IP address 203.66.47.10 and subnet mask 255.255.255.224 to the interface?


               A.Taipei>IP address 203.66.47.10  255.255.255.224


               B.

Taipei#IP address 203.66.47.10  255.255.255.224

               C.

Taipei[config]#IP address 203.66.47.10  255.255.255.224

               D.Taipei[config-if]#IP address 203.66.47.10  255.255.255.224
 




( ) 114.Which port number is used by Telnet?


               A.53


               B.161


               C.69


               D.23


               E.21
 




( ) 115.When the buffer of receiving Station is full,it will inform source station to stop sending data. Which one of following will do the process?


               A.Flow control


               B.Error control

               C.Buffer control


               D.Message control
 




( ) 116.You have an IP address 170.90.0.0, you need each subnet must support at least 230 hosts, and have greatest number of subnets. Which one of following subnet mask will you use?



               A.255.255.255.0


               B.255.255.0.0


               C.255.255.255.128

               D.255.255.255.192


               E.255.0.0.0
 







( ) 117.Which four of the following IOS commands could you use to troubleshoot a router connectivity problem on an IP network?





               A.ping


               B.ipconfig


               C.show ip route


               D.shoe interfaces


               E.traceroute


 

               F.tracert
 







( ) 118.Which three of following commands will you use to troubleshoot connectivity issues about checking the current IP address,layer 1 and layer 2 status of the interface?





               A.TAIPEI#show protocols

               B.

TAIPEI#show control

               C.

TAIPEI#show ip interface

               D.

TAIPEI#show version

               E.

TAIPEI#show interfaces

 

               F.TAIPEI#show running-config
 







( ) 119.You give the "shutdown" interface configuration command in you router.what will you expect the status of the serial interface to be?






               A.Serial 0 is down,line protocol is down


               B.

Serial 0 is up,line protocol is up

               C.

Serial 0 is up,line protocol is down

               D.

Serial 0 is administratively down,line protocol is down

               E.

Serial 0 is down,line protocol is up

 

               F.Serial 0 is administratively down,line protocol is up
 






( ) 120.The TCP/IP network model differs from the more popular OSI model. Which three of the following OSI model layers are belong to the TCP/IP model?







               A.application layer


               B.presentation layer

               C.session layer


               D.transport layer


               E.internet layer


 

               F.data link layer
               G.physical layer
 







( ) 121.Which of following statements is true about voice over IP?








               A.The voice over IP requires low delay and high gitter


               B.

The voice over IP requires low jitter and high packet loss rate

               C.

The voice over IP requires low packet loss rate and high delay

               D.The voice over IP requires low delay and low packet loss rate
 








( ) 122.Which of following statements is true about audio over IP?







               A.The audio over IP requires low delay and high bandwidth.

               B.The audio over IP requires low bandwidth and high packet loss rate .

               C.The audio over IP requires low packet loss rate and high delay.

               D.The audio over IP requires low delay and high packet loss rate.
 







( ) 123.Which of following items are the purposes of domain name system?








               A.To translate IP to name


               B.To translate name to IP

               C.Help people to get IP address


               D.Help people to get company name
 








( ) 124.Which of following is true to configure DNS in a router?









               A.IP 192.168.1.1


               B.IP DNS 192.168.1.1


               C.IP name server 192.168.1.1

               D.IP name-server 192.168.1.1
 









( ) 125.Which three of following items are benefits of dynamic host configuration protocol (DHCP)










               A.Automatically assign IP address

               B.To avoid IP address conflict


               C.To have more IP address


               D.To increase IP address usage
 










( ) 126.Which of following items is the correct DHCP command when you want to exclude DHCP IP address 200.1.1.1-200.1.1.20 on a router?











               A.Router(config)#dhcp ip excluded-address 200.1.1.1  200.1.1.20

               B.

Router(config)#excluded-address dhcp ip 200.1.1.1  200.1.1.20

               C.

Router(config)#excluded-address ip dhcp 200.1.1.1  200.1.1.20

               D.Router(config)#ip dhcp excluded-address 200.1.1.1  200.1.1.20
 











( ) 127.Which following are used at the physical layer?(choose 3)












               A.IP


               B.ARP


               C.RARP


               D.Token Ring


               E.FDDI


 

               F.Ethernet
 














( ) 128.What is a benefit when you use a LAN segmentation?

 











               A.Increase collisions


               B.Increase broadcasts

               C.Increase more packets

               D.Increase more protocol

               E.Control Broadcast
 














( ) 129.What is a function of a bridge?












               A.Increase broadcast domains

               B.Increase collisions domains

               C.Decrease the number of broadcast domains

               D.Decrease the size of collisions domains
 












( ) 130.Which one of the addressing is used by a bridge?













               A.MAC


               B.LLC


               C.IP


               D.TCP


               E.UDP
 













( ) 131.Which one of layer is dealing with path determination?













               A.Data link layer


               B.Network layer


               C.Transport layer


               D.Session layer


               E.Presentation layer
 













( ) 132.Which followings are disadvantages of connection-oriented network?














               A.no path selection


               B.static path selection


               C.Dynamic path Selection


               D.Need reservation of network resource


               E.Reduce the use of network resources
 














( ) 133.Which followings are used at the Data link layer?















               A.TCP


               B.LLC


               C.UDP


               D.MAC


               E.IP
 

















( ) 134.What are characteristics of connection-oriented data transfer?















               A.Establish Connection

               B.Test connection


               C.Transfer data


               D.Terminate connection


               E.Open connection
 

















( ) 135.Which one of followings represent network part of an address?
















               A.Mac address

               B.Whole IP address


               C.TCP port address


               D.Segment
 



















( ) 136.Which layer are PICT and MIDI used at?


















               A.Application layer



               B.Presentation layer




               C.Session layer




               D.Transport layer

 


















( ) 137.Which one of following is the best description of a router?



















               A.Has a single broadcast domain and a single collision domain




               B.

Has a single broadcast domain and a separating collision domain



               C.

Has a separating broadcast domain and a single collision domain



               D.Has a separating broadcast domain and a separating collision domain

 



















( ) 138.Which three of following items are the possible causes of congestion on a LAN?




















               A.A broadcast domain with too many hosts




               B.Low bandwidth




               C.Broadcast storms




               D.Multicasting



               E.VLAN Segmentation

 




















( ) 139.Which layer of the OSI reference model is responsible for delivering reliable end-to-end data?





















               A.Data-Link




               B.Network




               C.Transport




               D.Session




               E.Presentation




 



               F.Application

 





















( ) 140.Which three of the following protocols belong to the application layer?





















               A.HTTPS




               B.ICMP




               C.SMTP




               D.RARP




               E.TFTP




 



               F.ARP

 























( ) 141.You are using the Cisco Router Ethernet interface,what the default type?






















               A.novell-ether




               B.sap




               C.snap




               D.ppp




               E.hdlc

 
























( ) 142.You are using the Cisco Router FDDI interface,what the default type?






















               A.hdlc



               B.snap



               C.sap



               D.novell-ether

 






















( ) 143.Which one of the following commands would you use to terminate a VTY line session?























               A.disconnect



               B.disable




               C.close




               D.exit



               E.stop

 























( ) 144.You are using the Cisco Router serial interface,what the default type?






















               A.sap



               B.snap



               C.hdlc



               D.ppp

 






















( ) 145.Which command will you use to display IOS name and boot images?






















               A.Show memory



               B.Show flash



               C.Show IOS



               D.Show version











               E.Show protocol

 














( ) 146.Which command will you use to set the IP address of a router interface?























               A.config IP



               B.term IP




               C.IP address




               D.IP network

 























( ) 147.Which command will return you to the privileged EXEC prompt from privileged EXEC set up mode?























               A.Ctrl-A



               B.Ctrl-ESC




               C.Ctrl-C



               D.Ctrl-Shift












               E.Ctrl-B

 














( ) 148.Which command will you use to set the router to look for IOS image?
























               A.boot system




               B.boot memory




               C.boot IOS



               D.boot image




               E.boot router

 
























( ) 149.Which router mode will you use when you first get into a router?
























               A.RxBoot




               B.User mode




               C.Global mode



               D.Privileged mode



               E.line mode

 
























( ) 150.What is the definition of a global command in the Cisco IOS?

























               A.A command that can be entered in any configuration file




               B.

A command that is set once and affects the entire router



               C.

A command that is used in all IOS versions



               D.A command that is supported in nearly release of IOS



               E.A command that set to affect all potocols

轉載http://ccnatiy.blogspot.tw/2014/10/ccna101150_20.html




























































(繼續閱讀...)
文章標籤

Johnson峰 發表在 痞客邦 留言(0) 人氣(29)

  • 個人分類:網路
▲top
  • 1月 28 週四 201618:03

  • 抓出誰在惡搞網路 用Netflow流量分析工具監控IP異常活動






抓出誰在惡搞網路 用Netflow流量分析工具監控IP異常活動







2011/11/10





丁光立

轉載http://www.netadmin.com.tw/article_content.aspx?sn=1111030003







除了購買昂貴的設備軟體來分析網路流量來源,網管人員還可以運用免費的開放原始碼工具Netflow,找出可能影響公司網路正常運作的內部IP亂源。Netflow是一個分析引擎,只要讀取其他設備或程式送出格式支援的資料,便可提供用以分析的IP流量資料。本文介紹Netflow的安裝、設定及教學,並且針對其網頁介面NfSen及其模組PortTracker的安裝、設定與部署提供簡單的教學及說明。

身為網管人員總會經常發現自家的網路被惡搞。除了不定時偵測Server、設備的駭客外,更讓網管人頭痛的莫過於總是有著千奇百怪的理由而去點那些一看就知道有問題的惡意連結,或者執行看起來就有問題的郵件附檔而致使自己電腦被開後門或感染病毒、蠕蟲而把公司網路搞得一團糟的內部同仁。
要找到這些吹皺一池春水的公司同仁是迫切而且必要的。聰明的網管人必須懂得使用便利的工具來減輕自己的負擔,並且能快速而準確地找到亂源。
比較簡單但陽春的作法是,利用Cisco Router的IP Accounting功能用人眼進行觀察(假設是VPN內部連線或者Cisco Router是對外連線的設備)。
一般而言,企業對外的Internet出口通常是使用防火牆和IDS/IPS來過濾進出的封包,這一類的設備通常都有分析網路流量來源的功能。中小企業大多因預算考量而採用UTM設備,部分UTM設備也有提供陽春的報表或圖表功能。
除了這些昂貴的設備外,還是有一些不花錢的方法。在實務上,針對流量的部分,比較入門的就是MRTG(Multi Router Traffic Grapher),簡單輸入一下,就可以畫出淺顯易懂的圖表,其圖形輸出如圖1所示。MRTG已經發展了很久,相當地成熟,網路上參考資料繁多,在此不再贅述。
如果MRTG不能符合自身的需求,而希望能產生更多變化的話,則可使用RRDtool。它不受限於兩個輸入,熟練的話可以做出更多的效果,並且能夠產出豐富而多變的圖表。RRDtool的輸出如圖2所示。
 










▲圖1 MRTG的圖形輸出。


 










▲圖2 RRDtool的圖形輸出。


MRTG和RRDtool主要是用來做流量的觀測,雖然RRDtool也可以針對個別IP的活動進行繪圖,但是在操作時較為困難。
在圖1與圖2中刻意不使用流量圖作範例,目的是要告訴讀者,它們不僅僅只能用來繪製流量圖,更可以提供不同的輸出變化。
針對個別IP活動的偵測,比較知名而適宜的套件是ntop及本文的主角Netflow。從筆者的使用心得來看,ntop比較容易入門,也較不需要參考資料。Netflow入門的門檻較高,相對ntop而言,其參考資料也較少。因此本文選定Netflow作為介紹的對象。
使用套件說明
在本文中,會介紹Netflow的安裝、設定及教學,並且針對其網頁介面NfSen及其模組PortTracker的安裝、設定與部署做簡單的教學及說明。
在開始之前,必須先介紹一下相關的概念。Netflow充其量只是一個分析引擎,它需要由其他設備(程式)用Netflow認識的資料格式,提供用以分析的IP流量資料。
有幾個方法可以提供IP流量給Netflow程式,一是使用設備,例如Cisco路由器或防火牆,二為使用程式,例如安裝在FreeBSD或Linux上的套件。本文將使用pfSense作為提供分析資料的來源,它的原理是使用FreeBSD上的套件,將流量加以處理後,再以Netflow的格式輸出。
pfSense是一個開放原始碼(Open Source)的防火牆軟體,它可以輕鬆地安裝在個人電腦上,依筆者的經驗,P4等級的機器就可以妥善運作。安裝的部分也很簡單,把ISO檔燒錄成光碟之後,再用此光碟開機,它就會引導使用者進行安裝及相關的設定。
在安裝完成後,就可以在毋須花大錢添購高級設備的前提下,以最少的人力及物力來完成監控IP活動的目的,pfSense架設的位置如圖3防火牆所在的位置。
接著討論網路架構的部分,本文所使用的架構如圖3所示。不管是用戶連至Internet的流量,或是Internet連入用戶端的流量,都會經過pfSense,而pfSense會將流經它的流量,使用pfflowd套件將這些流量加以剖析,並將之轉換為Netflow可以接受的格式,再傳送給Netflow Server進行處理。接著說明Netflow的設定與安裝。
 










▲圖3 Netflow網路架構圖。








使用Netflow
在此選用的Linux發行版本是這幾年相當受歡迎的Ubuntu,使用版本是10.04 Server版。所安裝的套件及安裝方法如下(若是新安裝的機器,記得先執行「apt-get update」指令):
 









安裝librrd-dev時需時較久,請耐心等候。最後所安裝的nfdump就是Netflow的套件。
Netflow的安裝到此就完成了,接著驗證一下Server是否有收到pfSense送過來的資料。必須先到pfSense的管理介面(筆者使用的版本是1.2.1)安裝相關的套件,才能將收到的資料以Netflow的格式輸出。安裝畫面如圖4所示,先點選System選單中的「Packages」。
 










▲圖4 安裝Netflow的套件。


點選後、往下尋找可以找到如圖5的頁面,在pfflowd的項次,點選〔+〕號進行安裝。
 










▲圖5 安裝pfflowd。


安裝完成後,在Services的最下面一行可以看到「pfflowd」,點選它以進行相關的設定。選單所在位置如圖6所示。
 










▲圖6 啟動pfflowd。


圖7是相關資訊的輸入頁面,填入所需的資料。「Host」欄位是用來輸入要接收Netflow的主機,也就是剛剛安裝nfdump的主機。「Port」部分使用預設的「9995」即可。
而「Source Hostname/IP」欄位要輸入的是pfSense主機的IP。「pf rule direction restriction」毋須做特別指定,「Netflow version」使用預設的「5」即可。
 










▲圖7 pfflowd相關設定。


接著驗證Netflow主機是否有收到pfSense送過來的資訊。執行指令「tcpdump udp port 9995」以便確認UDP的Port 9995是否有收到封包,輸出如圖8所示。
 










▲圖8 檢查Netflow是否有收到資料。


確認有收到封包後啟動nfcapd,這是Netflow用來收集封包的程式。執行指令「mkdir -p /var/log/nfdump」,先建立一個目錄來收這些檔案,之後使用「nfcapd -w -D -l /var/log/nfdump」這個命令來啟動nfdump。在該命令中,-w是指輸出成檔案,-D代表以daemon的方式執行,而-l則是指定要儲存的目錄。
接著檢查一下「/var/log/nfdump」目錄裡面是不是已經有檔案。以筆者為例,此時在「/var/log/nfdump」目錄內,已經產生了一個名為「nfcapd.201109221600」的檔案(檔名會依當時的時間而定)。
不過,由於nfcapd產出的是二進位檔,裡面的內容無法直接看懂,必須依靠其他工具的協助,因此在本文中會介紹GUI介面NfSen,屆時就能一窺其中的內容。
在此要特別注意的是,在執行NfSen時,它會自動去呼叫nfcapd,不需要手動執行nfcapd。因此要把剛剛執行的nfcapd從行程池中刪除,使用指令為「kill -9 'ps ax | grep nfcapd | awk '{print $1}"」。測試時建立的目錄「/var/log/nfdump」記得一併刪除。
安裝NfSen
NfSen的全名是Netflow Sensor,它是一個Web介面的Netflow前端程式。可以用圖像化的方式讓管理者輕鬆地查看目前網路的狀態,接下來介紹其安裝及設定方式。
NfSen的安裝及設定流程是,先下載NfSen,將其解壓縮,之後再把預設的設定檔複製成安裝時的設定檔,並編輯其內容,相關指令如下:
 










接著,開始編輯nfsen.conf。首先要編輯的是$BASEDIR,端賴管理者將它安裝在何處,本例安裝至「/usr/local/nfsen」。$WWWUSER及$WWWGROUP部分請參照個人使用的Linux發行版本來調整。以Ubuntu而言,須改為「www-data」。







此外,$HTMLDIR部分必須指定為個人置放網頁的目錄(請自行安裝apache2和php5),在此設定為 「/var/www/nfsen」。$PREFIX部分,筆者設定為 「/usr/bin」,請依nfdump此執行檔所在的目錄進行設定。
而%sources,則將peer1和peer2那兩行刪除。至於upstream1該行最後面的逗號也要拿掉。(upsteam1可以自行更換成自行定義的名稱)。
接下來新增一個使用者netflow,將用來執行該程式,請使用如下的指令格式:
 









然後就可以開始安裝nfsen,指令如下:
 









在安裝過程中,會提示是否要將peer1和peer2的相關資訊刪除,回答「Y」將其刪除。在完成安裝後,可以登入「http://yourhost/nfsen/nfse.php」查看(yourhost請自行代換為自己使用的IP或Domain Name)。
此時會有錯誤訊息,這是因為nfsen還沒有啟動的關係。然後,使用指令「/usr/local/nfsen/bin/nfsen start」啟動nfsen。
倘若之前沒有特別指定profile-data所在目錄,那麼在「/usr/local/nfsen/profiles-data/live/upstream1」目錄中,就會自動產生檔案,檔名為「nfcapd.current」。
在五分鐘之後,就可以看到2011的目錄自動產生。在預設的狀況下,nfsen會自動依年、月、日來儲存,並分類nfcapd所儲存的檔案。
此時可以驗證一下成果,先切換到profiles-data所在的目錄,例如「/usr/local/nfsen/profiles-data/live/upstream1/2011/09/24」,接著執行命令「nfdump -r nfcapd.201109241035」(檔案的副檔名請依實際狀況進行更改)。理論上,應該可以看到許多資料,實際情形類似圖9所示:
 










▲圖9 nfdump的輸出。


NfSen的安裝到此已完成,讀者可以自行操作一下NfSen的介面,它並不難入門。
不過,在略為操作之後,讀者可能會覺得奇怪,NfSen似乎沒有提供更詳細資料的查詢,它只有提供Flows、Packets、Traffic的統計資訊,無法讓管理者去查詢IP、port的使用及連線情形。
要讓NfSen查詢相關的資料,必須自己下filter,它的語法有點類似tcpdump,讀者可以參考網頁「http://nfsen.sourceforge.net/#mozTocId652064」,官網有詳細的說明,並不會太難以理解,不過缺點就是只能用文字的方式呈現,如果想要用圖型化的方式來查看,就需要配合其他的工具。
使用PortTracker
NfSen提供非常豐富的外掛程式(Plugins),如果想要針對IP、Port的使用及連線情形查看的話,需要安裝PortTracker這個套件。接著就來示範怎麼安裝及設定PortTracker。
這裡必須事先說明的是,透過apt-get安裝的nfdump無法提供安裝PortTracker時所需的程式,因此必須手動下載nfdump,並將之編譯,但無須安裝。
STEP 1 首先下載nfdump。
 









(全部為同一行)
STEP 2 將之解壓縮,並切換至解壓縮後的目錄。
 









STEP 3 把編譯過程式需要使用的套件也安裝進來。
 









STEP 4 開始編譯,指定安裝在「/usr/local/nfdump」目錄,並且啟用nftrack模組。再把剛剛產出的nftrack複製到「/usr/bin」目錄內。
 









STEP 5 再來安裝PortTracker,切換至PortTracker所在的目錄。
 









STEP 6 把檔案複製至nfsen的相關目錄。
 









STEP 7 建立目錄來存放PortTracker的資料,並且設定所屬的使用者為www-data。
 









STEP 8 之後編輯「/usr/local/nfsen/plugins/PortTracker.pm」檔,把$PORTSDBDIR的「/data/ports-db」改為「/var/log/netflow/porttracker」(剛剛建立的目錄)。
STEP 9 接著編輯「/usr/local/nfsen/etc/nfsen.conf」,找到@plugins,修改內容如下:
 









STEP 10 以www-data身分執行nftrack以建立rrd檔,此步驟需時較久。
 









STEP 11 隨後,設定此目錄所屬的使用者、群組和權限。
 









STEP 12 執行指令「/usr/local/nfsen/bin/nfsen reload」重新啟動NfSen。稍待片刻,再點選「http://yourhost/nfsen/nfsen.php」裡面的「Plugins」,就可以看到PortTracker的輸出結果。
 










▲圖10 PortTracker的輸出結果。


找出占用大量Session的IP
接下來示範如何查看占用大量session的IP。首先,點選TCP Packets,然後將Display改為12 Hours,將Y-axis改為Log(Y軸取Log,在查看時會比較明顯),最後把Type改為Stacked以方便查看。這個時候可以看出Port 25565(紅色)占了大多數的TCP Packets,如圖10所示。
再來回到NfSen的主選單,找出是哪一個IP正在使用這個Port。點選上面選單的Details,再點選TCP,Display同樣點選12 Hours,旁邊的時間軸,點選最右邊的〔>|〕(Goto last slot),如圖11所示。
 










▲圖11 NfSen的輸出。


最後,在Filter裡執行指令「proto tcp and port 25565」,並按下〔process〕,就可以看到Filter之後的輸出,可以看出210.68.X.Y(IP我遮蔽了)占了最大的流量。
隨後就可以到防火牆或是前述的pfSense做攔阻或監控的動作,相關操作如圖12所示。
 










▲圖12 使用Filter查出占大流量的IP。


結語
此次示範了如何在不增加公司的支出下,使用自由軟體來架設功能強大的Netflow,以找出可能影響公司正常網路運作的IP。
事實上,使用價格昂貴的設備和軟體可以更輕易地解決這些問題,但並不是每一間公司都願意做這樣的投資,如何在兼顧公司成本及管理效率下,對公司網路做適宜的管控,才是真正考驗網管人能力之處。希望每位網管人都能善用這些自由軟體資源,減輕自己和公司的負擔。



































(繼續閱讀...)
文章標籤

Johnson峰 發表在 痞客邦 留言(0) 人氣(98)

  • 個人分類:網路
▲top
  • 1月 25 週一 201623:10

  • CCNA51~100題解析

CCNA51~100題解析
( ) 51.Which two of the addresses below are available for host addresses on the subnet 202.168.11.20/28?(Select two answer choices)
           A.202.168.11.17
(繼續閱讀...)
文章標籤

Johnson峰 發表在 痞客邦 留言(0) 人氣(508)

  • 個人分類:網路
▲top
  • 1月 25 週一 201623:07

  • CCNA51~100題

CCNA51~100題
( ) 51.Which two of the addresses below are available for host addresses on the subnet 202.168.11.20/28?(Select two answer choices)
           A.202.168.11.17
(繼續閱讀...)
文章標籤

Johnson峰 發表在 痞客邦 留言(0) 人氣(50)

  • 個人分類:網路
▲top
  • 1月 08 週五 201615:45

  • VPS 虛擬實體主機的特點


VPS 虛擬實體主機的特點
特點VPS虛擬伺服器技術可以通過多種不同的方式靈活的分配伺服器資源,每個虛擬化伺服器的資源都可以有很大的不同,可以靈活的滿足各種 企業用戶的需求。通過在一台伺服器上建立10個左右的VPS主機,可以確保每一台 VPS 主機的用戶獨享實體資源,其運行和管理完全和獨立 的實體主機相同。VPS主機可以為企業用戶提供安全、可靠、高品質的主機服務。
(繼續閱讀...)
文章標籤

Johnson峰 發表在 痞客邦 留言(0) 人氣(23)

  • 個人分類:網路
▲top
  • 1月 08 週五 201615:40

  • VPS虛擬主機原理介紹

VPS虛擬主機原理介紹
VPS 企業虛擬伺服器,中小企業電子商務內外兼施的最佳解決方案
以目前小型企業使用的虛擬主機(共享型網站代管服務)普遍常見的問題是,當在虛擬主機環境下所有使用者同時共享主機上的全部資源,但又無法確切的限制每一個用戶使用的資源,當其中的一個網站過度使用硬體或網路資源時,便會造成伺服器本身負荷過重而容易造成主機當機或停機等危險,亦會危及其他使用者的情況。
(繼續閱讀...)
文章標籤

Johnson峰 發表在 痞客邦 留言(0) 人氣(78)

  • 個人分類:網路
▲top
123»

ZI內容授權

訪客國籍計數器

google搜尋本站

熱門文章

  • (43,202)fortigate防火牆常用CLI指令
  • (23,457)公司內控之九大循環之名稱
  • (20,957)DLNA使用方法
  • (16,403)CCNA題庫1~50題解析
  • (11,157)切VLAN是否能解決廣播風暴(broadcast storm)
  • (7,389)如何寫bat檔,讓它自行取得IP與電腦名稱
  • (6,919)DOS 環境下如何建立一個空白的檔案
  • (4,867)com連接的設備被誤認作Microsoft Serial ballpoint設備,而一直佔用com
  • (2,065)QNAP NAS網路硬碟空間無法釋放問題
  • (1,558)強制打開Oracle資料庫遭遇ORA-00600 [2662]錯誤

最新文章

  • javascript-點擊按鈕改變圖片-利用button帶值_function接值
  • 自動_新倉_平倉_當沖是什麼意思?
  • 單根K線透露出的賺錢祕密....圖解14種基本長相!
  • 拋物線SAR指標使用教學
  • 布林加通道是什麼?如何用布林加通道選股?
  • MACD指標使用教學
  • 股票技術指標-3分鐘看懂MACD怎麼用
  • 技術分析》什麼是RSI相對強弱指標?計算公式?RSI背離、黃金交叉等指標運用
  • 股票技術指標 第10章 CCI順勢指標
  • CSS--邊框設置:border

文章分類

  • 日文 (1)
  • 歌曲 (7)
  • 福智 (4)
  • 宗教 (7)
  • Android (1)
  • 電子書 (10)
  • 食譜 (5)
  • 數學 (1)
  • 投資理財 (28)
  • DIY (3)
  • 虛擬技術 (1)
  • 紀錄 (11)
  • NPGL (5)
  • 科技生活 (1,039)
  • 財經股市 (16)
  • 網路 (25)
  • 休閒 (27)
  • 英文 (21)
  • 程式語言 (190)
  • 勵志文章 (145)
  • 笑話 (49)
  • 養生 (86)
  • 單版電腦 (4)
  • 網路電視 (4)
  • 法律 (5)
  • 手工藝 (1)
  • 園藝 (2)
  • 資料庫 (17)
  • LINUX (109)
  • 未分類文章 (1)

個人資訊

Johnson峰
暱稱:
Johnson峰
分類:
數位生活
好友:
累積中
地區:

最新留言

  • [25/04/22] 訪客 於文章「Robocopy 指令範例參考 (MIR...」留言:
    /MIR 哪裡問題多?錯誤標題騙人點閱。...
  • [22/06/06] 訪客 於文章「保險是造就人的地方,直銷是成就人的地方!...」留言:
    爛文 一直在捧直銷 ...
  • [22/02/08] hgfhgfhgf 於文章「拿保險套拜神,猜成語...」留言:
    台灣最新詐術~你是否發現最近怪事一羅匡~諸事不順~身體不適~...
  • [21/10/05] 谷家騏 於文章「成功了,屁都有道理...」留言:
    諾貝爾物理獎今揭曉!外媒預測人選曝光 「量子力學」再成大...
  • [21/03/30] 訪客 於文章「拿保險套拜神,猜成語...」留言:
    一個錯誤的選擇 一個錯誤的環境 造就了 一連串 ...
  • [21/03/30] 訪客 於文章「拿保險套拜神,猜成語...」留言:
    關閉系統基哨站。 這個世界,只不過是,謊言支撐起來,當...
  • [21/03/30] 訪客 於文章「拿保險套拜神,猜成語...」留言:
    加油,別放棄,我們的星球,是變動的,生老病死,喜怒哀樂,生命...
  • [20/09/28] Stas Ustimenko 於文章「PHP的IDE整合開發環境:Eclips...」發表了一則私密留言
  • [20/08/02] 訪客 於文章「[分享] 硬碟ntfs突然變成raw該怎...」留言:
    太感謝了!...
  • [20/02/13] 一起使用正確語言 於文章「DLNA使用方法...」留言:
    運作 (X 運行 (O...

動態訂閱

文章精選

文章搜尋

誰來我家

參觀人氣

  • 本日人氣:
  • 累積人氣:

Free Visitor Counter

feedjit

萬年曆