Network Fundamentals for CCNA

This page covers the Network Fundamentals domain of the CCNA certification. Master Cybersecurity offers 505 practice questions in this domain, drawn from the same content we use across our timed exam simulations. Below are five sample questions with full answer explanations.

Sample Practice Questions

  1. Question 1

    Refer to the exhibit. Which prefix does Router1 use for traffic to Host A?
    1. A. 10.10.10.0/28
    2. B. 10.10.13.0/25
    3. C. 10.10.13.144/28
    4. D. 10.10.13.208/29
    Explanation

    The correct answer is: D. 10.10.13.208/29.

    When a router has multiple routes that all match a destination, the longest-prefix match rule selects the most specific one — the route with the most bits set in its mask. D is correct because /29 is the longest prefix among the four candidates, so 10.10.13.208/29 wins the lookup if it covers Host A. A (10.10.10.0/28) and C (10.10.13.144/28) are both /28 — less specific than D, so they lose to D whenever they all overlap. B (10.10.13.0/25) is the broadest at /25 and is the first to be ruled out. Longest-prefix match is applied before administrative distance and metric — it operates on the route lookup itself, not the route-installation phase.

  2. Question 2

    A frame that enters a switch fails the Frame Check Sequence. Which two interface counters are incremented? (Choose two.)
    1. A. input errors
    2. B. frame
    3. C. giants
    4. D. CRC
    5. E. runts
    Explanation

    The correct answers are: A. input errors, D. CRC.

    On Cisco switches, a frame that fails the Frame Check Sequence (FCS) increments two counters: A (input errors), the umbrella counter that aggregates every receive-side error type — CRC, runts, giants, frame, overrun, and ignored — and D (CRC), the specific counter for frames whose computed FCS does not match the trailer. B (frame) increments only for alignment errors where the bit count is not a multiple of 8, not for plain FCS mismatches. C (giants) tracks frames that exceed the configured MTU. E (runts) tracks frames smaller than 64 bytes. Neither giants nor runts involve FCS validation.

  3. Question 3

    DRAG DROP - Drag and drop the IPv4 network subnets from the left onto the correct usable host ranges on the right. Select and Place:
      Explanation
      For each /n, find the increment in the deciding octet (256 minus the mask byte): /18 increment 64 in the 3rd octet, /21 increment 8 in the 3rd octet, /23 increment 2 in the 3rd octet, /25 increment 128 in the 4th octet, /29 increment 8 in the 4th octet. The network address rounds the original IP down to the nearest multiple of that increment in the deciding octet; the usable host range then runs from network+1 to broadcast-1. The answer key shows the resulting matches.

    1. Question 4

      How do TCP and UDP differ in the way that they establish a connection between two endpoints?
      1. A. TCP uses the three-way handshake, and UDP does not guarantee message delivery.
      2. B. TCP uses synchronization packets, and UDP uses acknowledgment packets.
      3. C. UDP provides reliable message transfer, and TCP is a connectionless protocol.
      4. D. UDP uses SYN, SYN ACK, and FIN bits in the frame header while TCP uses SYN, SYN ACK, and ACK bits.
      Explanation

      The correct answer is: A. TCP uses the three-way handshake, and UDP does not guarantee message delivery..

      TCP is connection-oriented: it establishes a session via the SYN, SYN-ACK, ACK three-way handshake before any application data flows. UDP is connectionless and fires datagrams without setup or delivery guarantees, so an application using UDP must implement its own reliability if it needs any. B is wrong because UDP does not use acknowledgment packets — ACKs are a TCP-only mechanism. C inverts the two protocols' roles: TCP is the reliable one, UDP is the best-effort one. D mislocates the bits (SYN/ACK/FIN live in the TCP segment header, not the frame header) and incorrectly attributes them to UDP, which has no such flags.

    2. Question 5

      In which way does a spine-and-leaf architecture allow for scalability in a network when additional access ports are required?
      1. A. A spine switch and a leaf switch can be added with redundant connections between them.
      2. B. A spine switch can be added with at least 40 GB uplinks.
      3. C. A leaf switch can be added with connections to every spine switch.
      4. D. A leaf switch can be added with a single connection to a core spine switch.
      Explanation

      The correct answer is: C. A leaf switch can be added with connections to every spine switch..

      In a spine-and-leaf fabric, every leaf connects to every spine in a full mesh — that property is what gives the topology its predictable two-hop, equal-cost-path behaviour. To add more access ports you add a leaf and uplink it to all existing spines, which is C. A is wrong because spine-to-spine connections violate the topology — spines never connect directly to other spines. B is wrong because adding a spine increases east-west bandwidth between leaves but doesn't add host-facing access ports (spines don't connect to endpoints). D is wrong because a leaf with only one spine uplink loses both redundancy and ECMP load-sharing, defeating the architecture's main benefits.

    Other CCNA domains

    Practice all 505 Network Fundamentals questions · Browse CCNA