It is impossible to pass Cisco 100-105 exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed Cisco 100-105 practice questions. You will get a surprising result by our Improved Cisco Interconnecting Cisco Networking Devices Part 1 (ICND1 v3.0) practice guides.

2016 Dec 100-105 actual test

Q91. DRAG DROP - (Topic 1) 

On the left are various network protocols. On the right are the layers of the TCP/IP model. Assuming a reliable connection is required, move the protocols on the left to the TCP/IP layers on the right to show the proper encapsulation for an email message sent by a host on a LAN. (Not all options are used.) 


Q92. - (Topic 2) 

Refer to the exhibit. 

How many collision domains are shown? 

A. one 

B. two 

C. three 

D. four 

E. six 

F. twelve 



Hubs create single collision and broadcast domains, so in this case there will be a single collision domain for each of the two hubs. 

Q93. - (Topic 1) 

Refer to the exhibit. 

A network has been planned as shown. Which three statements accurately describe the areas and devices in the network plan? (Choose three.) 

A. Network Device A is a switch. 

B. Network Device B is a switch. 

C. Network Device A is a hub. 

D. Network Device B is a hub. 

E. Area 1 contains a Layer 2 device. 

F. Area 2 contains a Layer 2 device. 

Answer: A,D,E 


Switches use a separate collision domain for each port, so device A must be a switch. Hubs, however, place all ports in the same collision domain so device B is a hub. Switches reside in layer 2 while hubs are layer 1 devices. 

Q94. - (Topic 5) 

From which of the following attacks can Message Authentication Code (MAC) shield your network? 

A. DoS 

B. DDoS 

C. spoofing 

D. SYN floods 



Message Authentication Code (MAC) can shield your network from spoofing attacks. Spoofing, also known as masquerading, is a popular trick in which an attacker intercepts a network packet, replaces the source address of the packets header with the address of the authorized host, and reinserts fake information which is sent to the receiver. This type of attack involves modifying packet contents. MAC can prevent this type of attack and ensure data integrity by ensuring that no data has changed. MAC also protects against frequency analysis, sequence manipulation, and ciphertext-only attacks. MAC is a secure message digest that requires a secret key shared by the sender and receiver, making it impossible for sniffers to change both the data and the MAC as the receiver can detect the changes. A denial-of-service (DoS) attack floods the target system with unwanted requests, causing the loss of service to users. One form of this attack generates a flood of packets requesting a TCP connection with the target, tying up all resources and making the target unable to service other requests. MAC does not prevent DoS attacks. Stateful packet filtering is the most common defense against a DoS attack. A Distributed Denial of Service attack (DDoS) occurs when multiple systems are used to flood the network and tax the resources of the target system. Various intrusion detection systems, utilizing stateful packet filtering, can protect against DDoS attacks. In a SYN flood attack, the attacker floods the target with spoofed IP packets and causes it to either freeze or crash. A SYN flood attack is a type of denial of service attack that exploits the buffers of a device that accept incoming connections and therefore cannot be prevented by MAC. Common defenses against a SYN flood attack include filtering, reducing the SYN-RECEIVED timer, and implementing SYN cache or SYN cookies. 

Q95. - (Topic 1) 

Refer to the exhibit. 

HostX is transferring a file to the FTP server. Point A represents the frame as it goes toward the Toronto router. What will the Layer 2 destination address be at this point? 

A. abcd.1123.0045 


C. aabb.5555.2222 


E. abcd.2246.0035 



For packets destined to a host on another IP network, the destination MAC address will be the LAN interface of the router. Since the FTP server lies on a different network, the host will know to send the frame to its default gateway, which is Toronto. 

Leading 100-105 free exam questions:

Q96. - (Topic 5) 

Refer to the exhibit. 

A technician is troubleshooting a host connectivity problem. The host is unable to ping a server connected to Switch_A. Based on the results of the testing, what could be the problem? 

A. A remote physical layer problem exists. 

B. The host NIC is not functioning. 

C. TCP/IP has not been correctly installed on the host. 

D. A local physical layer problem exists. 



Here we see that the host is able to ping its own loopback IP address of and it’s own IP address of, so we know that the NIC is functioning and that the host’s TCP/IP stack is OK. However, it is not able to ping the IP address of its local default gateway, so we know that there is a local cabling problem between the switch and the router. 

Q97. - (Topic 3) 

Given a Class C IP address subnetted with a /30 subnet mask, how many valid host IP addresses are available on each of the subnets? 

A. 1 

B. 2 

C. 4 

D. 8 

E. 252 

F. 254 



/30 CIDR corresponds to mask whose binary is 11111100 which means 6 subnet bits and 2 host bits which means 62 subnets and 2 hosts per subnet. 

Q98. - (Topic 3) 

An administrator is in the process of changing the configuration of a router. What command will allow the administrator to check the changes that have been made prior to saving the new configuration? 

A. Router# show startup-config 

B. Router# show current-config 

C. Router# show running-config 

D. Router# show memory 

E. Router# show flash 

F. Router# show processes 



This command followed by the appropriate parameter will show the running config hence the admin will be able to see what changes have been made, and then they can be saved. 

Q99. - (Topic 7) 

Under which circumstance should a network administrator implement one-way NAT? 

A. when the network must route UDP traffic 

B. when traffic that originates outside the network must be routed to internal hosts 

C. when traffic that originates inside the network must be routed to internal hosts 

D. when the network has few public IP addresses and many private IP addresses require outside access 


Explanation: NAT operation is typically transparent to both the internal and external hosts. Typically the internal host is aware of the true IP address and TCP or UDP port of the external host. Typically the NAT device may function as the default gateway for the internal host. However the external host is only aware of the public IP address for the NAT device and the particular port being used to communicate on behalf of a specific internal host. 


"Pure NAT", operating on IP alone, may or may not correctly parse protocols that are totally concerned with IP information, such as ICMP, depending on whether the payload is interpreted by a host on the "inside" or "outside" of translation. As soon as the protocol stack is traversed, even with such basic protocols as TCP and UDP, the protocols will break unless NAT takes action beyond the network layer. IP packets have a checksum in each packet header, which provides error detection only for the header. IP datagrams may become fragmented and it is necessary for a NAT to reassemble these fragments to allow correct recalculation of higher-level checksums and correct tracking of which packets belong to which connection. The major transport layer protocols, TCP and UDP, have a checksum that covers all the data they carry, as well as the TCP/UDP header, plus a "pseudo-header" that contains the source and destination IP addresses of the packet carrying the TCP/UDP header. For an originating NAT to pass TCP or UDP successfully, it must recompute the TCP/UDP header checksum based on the translated IP addresses, not the original ones, and put that checksum into the TCP/UDP header of the first packet of the fragmented set of packets. The receiving NAT must recompute the IP checksum on every packet it passes to the destination host, and also recognize and recompute the TCP/UDP header using the retranslated addresses and pseudo-header. This is not a completely solved problem. One solution is for the receiving NAT to reassemble the entire segment and then recompute a checksum calculated across all packets. The originating host may perform Maximum transmission unit (MTU) path discovery to determine the packet size that can be transmitted without fragmentation, and then set the don't fragment (DF) bit in the appropriate packet header field. Of course, this is only a one-way solution, because the responding host can send packets of any size, which may be fragmented before reaching the NAT. 

Q100. - (Topic 2) 

What is the purpose of flow control? 

A. To ensure data is retransmitted if an acknowledgement is not received. 

B. To reassemble segments in the correct order at the destination device. 

C. To provide a means for the receiver to govern the amount of data sent by the sender. 

D. To regulate the size of each segment. 



Flow control is the management of data flow between computers or devices or between nodes in a network so that the data can be handled at an efficient pace. Too much data arriving before a device can handle it causes data overflow, meaning the data is either lost or must be retransmitted. For serial data transmission locally or in a network, the Xon/Xoff protocol can be used. For modem connections, either Xon/Xoff or CTS/RTS (Clear to Send/Ready to Send) commands can be used to control data flow. In a network, flow control can also be applied by refusing additional device connections until the flow of traffic has subsided.