| Question 1 | What are three disadvantages of NAT? A. The loss of end-to-end IP traceability. B. The wasting of public addresses. C. Additional load on the router's CPU and memory. D. Some programs cannot work with NAT.
|
| A1: | Answers A, C, and D are correct. All three are disadvantages; additionally, your network can experience delays during translation. Answer B is the opposite of what NAT does; it helps preserve the public address space. |
| Question 2 | What is the name of a public address that represents a translated internal host to the outside world? A. Outside global IP address B. Inside global IP address C. Outside local IP address D. Inside local IP address
|
| A2: | The answer is B. The address that represents a host on the Internet which has been translated is the inside global IP address. Remember that the terminology changes based on the perspective of the router performing NAT. An outside global address represents everyone else on the Internet but your machines, so Answer A is wrong. Answer C is incorrect; it is the address of an outside host as it appears to your inside machines. Answer D is also wrong because it is the address of local machines without NAT occurring. |
| Question 3 | What is the name of an address that is configured on your host machines? A. Outside global IP address B. Inside global IP address C. Outside local IP address D. Inside local IP address
|
| A3: | Answer D is correct; it is the address of your internal hosts. An outside global address represents everyone else on the Internet but your machines, so Answer A is wrong. Answer B is the translated address, so it's wrong. Answer C is incorrect; it is the address of an outside host as it appears to your inside machines. |
| Question 4 | NAT can help with which two things? A. Security B. Performance C. Address conservation D. Authentication
|
| A4: | Answers A and C are correct. Answer A, security, is a benefit of NAT because it hides the internal address space. Answer C, address conservation, is why NAT was created: to convert private addresses to public addresses. Answer B is incorrect because NAT usually causes a slight delay, and Answer D is also wrong because NAT has nothing to do with authentication. |
| Question 5 | What type of NAT uses TCP and UDP ports for multiple inside hosts, translated to a single outside address? A. Overlapping B. Static C. Dynamic D. Overloading
|
| A5: | Answers D is correct; overloading translates many inside addresses to a single outside address, and ports differentiate clients, sometimes referred to as PAT. Answer A is incorrect; overlapping NAT connects similarly numbered networks. Answer B is also incorrect; static NAT is for one-to-one mappings. Answer C is wrong because dynamic NAT converts to a range of addresses. |
| Question 6 | You can use static and dynamic NAT simultaneously. |
| A6: | Answer A is true; you can use static and dynamic NAT at the same time. In your configuration, you need to make sure that the addresses for each configuration don't overlap. This configuration is a common configuration to have; you use static mappings to allow connectivity to your shared resources and dynamic NAT to service your clients. |
| Question 7 | What command would you use to always take a host (10.1.1.5) on the inside network and convert it to an outside address of 172.30.3.3? A. ip nat outside source static 10.1.1.5 172.30.3.3 B. ip nat inside source static 172.30.3.3 10.1.1.5 C. ip nat inside static address 10.1.1.5 172.30.3.3 D. ip nat inside source static 10.1.1.5 172.30.3.3
|
| A7: | Answer D is correct. ip nat inside source static 10.1.1.5 172.30.3.3 sets up a static mapping for the inside host 10.1.1.5 to the outside address of 172.30.3.3. Answers A and C have incorrect syntax. Answer B is correct except it is in the opposite direction. |
| Question 8 | If you want NAT to use only one address for all of its translations, what command would you use? A. ip nat inside source list 1 interface serial 0 overload B. ip nat inside source list 1 interface serial 0 overbooking C. ip pat inside source list 1 interface serial 0 D. ip pat inside source list 1 interface serial 0 overload
|
| A8: | Answers A is correct. There is no overbooking option, so Answer B is incorrect. Answers C and D are also incorrect because there is no pat option either. |
| Question 9 | What command would you use to clear all NAT entries? |
| A9: | Answer D is correct; clear ip nat translations * would erase all translations. Answers A and B are fake commands and wrong. Answer C would be correct if you were working on a PIX Firewall. |
| Question 10 | To verify NAT, you use what command? |
| A10: | Answer A is correct; it allows you to view current stats. Answers B and D do not exist and are therefore wrong. Answer C is almost correct, but the command is show ip nat translations. |
