350-001-V4

350-001 CCIE Routing and Switching Written Exam V4 - Examking

Number: 000-000Passing Score: 800Time Limit: 120 minFile Version: 1.0

Cisco 350-001

350-001 CCIE Routing and Switching Written Exam V4

Practice Test

Updated: Nov 30, 2009

Cisco 350-001: Practice Exam

Exam A

QUESTION 1What does the root guard feature provide in a bridged network?

A. it ensures that the bridge is elected asRoot Bridge in the network.

B. it enforces the root bridge placement in the network

C. It ensures that BPDUs sent by the root bridge are forwarded in a timely manner.

D. It ensures that all ports receiving BPDUs from the root bridge are in the forwarding state.

Answer: B

Section: (none)

Explanation/Reference:Explanation:Root Guard-Enabled per port; ignores any received superior BPDUs to prevent a switch connected to this portfrom becoming root. Upon receipt of superior BPDUs, this switch puts the port in a loop-inconsistent state,ceasing forwarding and receiving frames until the superior BPDUs cease.The STP topology can be changed based on one of these unexpected and undesired switches being added tothe network. For instance, this newly added and unexpected switch might have the lowest bridge ID andbecome the root. To prevent such problems, BPDU Guard and Root Guard can be enabled on these accessports to monitor for incoming BPDUs.

QUESTION 2Which two of these statements about WCCP version 2 are false? (Choose two.)

A. It allows for the redirection of traffic other than HTTP, including a variety of UDP and TCP traffic.

B. Only one router can redirect content requests.

C. Multiple routers can redirect content requests.

D. It works only with IP networks.

E. The Cache Engine defines one central "home router" and stores it in its memory.

F. The Cache Engine defines one central "home router," and stores it in its memory.

Answer: BF

Section: (none)

Explanation/Reference:Explanation:WCCP transparently redirects Hypertext Transfer Protocol (HTTP) requests going to the intended server to aCache Engine. End users do not know that the page came from the Cache Engine rather than the originallyrequested web server.WCCP Version 2 now contains the following new features:

Multiple router support

Improved security

Faster throughput

Redirection of multiple TCP port-destined traffic

Load distributing applications capability

Client IP addressing transparencyMultirouter Support:WCCP Version 2 enables a series of Cache Engines, called a Cache Engine cluster , to connect to multiplerouters. This feature provides redundancy and a more distributed architecture for instances when a CacheEngine needs to connect to a large number of interfaces. This strategy also has the benefit of keeping all theCache Engines in a single cluster, avoiding unnecessary duplication of web pages across several clusters.Reference:http://www.cisco.com/en/US/products/sw/conntsw/ps547/products_user_guide_chapter09186a008 009f1ae.html

QUESTION 3According to the exhibit provided, what will be the purpose of this route map when applied to traffic passingthrough a router?

A. take any packet sourced from any address in the 10.2.0.0/16 network or destined to 10.1.14.25 and set thenext hop to 10.1.1.1

B. nothing; extended access lists are not allowed in route maps used for policy-based routing

C. take any packet sourced from any address in the 10.2.0.0/16 network and destined to 10.1.14.25 and setthe next hop to 10.1.1.1

D. drop any packet sourced from 10.2.0.0/16

Answer: A

Section: (none)

Explanation/Reference:Explanation:In this configuration example, any traffic matching access list 100 will have their next hop set to 10.1.1.1overriding the normal behavior of the routing table. Access list 100 has two entries, so any traffic matchingeither will be policy routed.

QUESTION 4Which two benefits are of applying WRED? (Choose two.)

A. helps to avoid TCP synchronization

B. allows a different drop profile to be manually enabled for each IP precedence or DSCP

C. provides minimal bandwidth guarantees

D. provides bounded low latency

Answer: AB

Section: (none)

Explanation/Reference:Explanation:

WRED and distributed WRED (DWRED)-both of which are the Cisco implementations of RED- combine thecapabilities of the RED algorithm with the IP Precedence feature. Within the section on WRED, the followingrelated features are discussed:-

Flow-based WRED. Flow-based WRED extends WRED to provide greater fairness to all flows on an interfacein regard to how packets are dropped.-

DiffServ Compliant WRED-DiffServ Compliant WRED extends WRED to support Differentiated Services(DiffServ) and Assured Forwarding (AF) Per Hop Behavior (PHB). This feature enables customers toimplement AF PHB by coloring packets according to differentiated services code point (DSCP) values and thenassigning preferential drop probabilities to those packets.

WRED avoids the globalization problems that occur when tail drop is used as the congestion avoidancemechanism on the router. Global TCP synchronization occurs as waves of congestion crest only to be followedby troughs during which the transmission link is not fully utilized. Global synchronization of TCP hosts, forexample, can occur because packets are dropped all at once. Global synchronization manifests when multipleTCP hosts reduce their transmission rates in response to packet dropping, then increase their transmissionrates once again when the congestion is reduced.

Reference:http://www.google.com/search?hl=en&q=WRED%2C+A+different+drop+profile+can+be+manually +enabled+per+IP+Precedence+or+DSCP

QUESTION 5Refer to the exhibit. The output of the show interface command for the link between R2 and R5 in this EIGRPnetwork shows that the link load varies between 10 and 35. What K value setting could you use to ensure thatthis link is not used by EIGRP when the link load reaches 35, but can be used again when the link load dropsbelow 20?

A. Link load is not read in real-time, so there is no way to set the K values to make EIGRP choose to use ornot use a link based on the link load.

B. Use the K5 setting to include load in EIGRP's metric calculations.

C. Use theK2 setting to include load in EIGRP's metric calculations.

D. There is not enough information in the question to determine the correct answer.

Answer: A

Section: (none)

Explanation/Reference:Explanation:EIGRP computes its composite metric from five parameters, one of them being interface load, therefore raisingthe theoretical possibility of having route metrics that include interface load. However, tweaking EIGRP K-values with the "metric weights" command to include interface load in metric calculations is highly discouraged - every change in interface load could lead to network instability.Even worse, whenever an interface load would increase, the increased composite metric of the affected routesin EIGRP topology table would cause them to enter active state (and the router to start the DUAL algorithmtrying to find more optimum paths toward the destination). To make the whole idea even more impractical,EIGRP does not scan the interface load (and other parameters influencing the metric) on periodical basis, butonly when triggered by a change in network topology (for example, interface or neighbor up/down even).

QUESTION 6NBAR is used to provide which QoS function?

A. classification

B. policing

C. CBWFQ bandwidth guarantees

D. shaping

Answer: A

Section: (none)

Explanation/Reference:Explanation:NBAR addresses IP QoS classification requirements by classifying application-level protocols so that QoSpolicies can be applied to the classified traffic. NBAR addresses the ongoing need to extend the classificationengine for the many existing and emerging application protocols by providing an extensible Packet DescriptionLanguage (PDL). NBAR can determine which protocols and applications are currently running on a network sothat an appropriate QoS policy can be created based upon the current traffic mix and application requirements.Reference:http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800c75d1.html#54116

QUESTION 7You work as a network technician at Pas4sure.com, study the exhibit carefully. Upon examining the EIGRPtopology table, you see that ROUTER1 has routes to 10.1.3.0/24 and 10.1.4.0/24, but not to 192.168.2.0/24.ROUTER3 has routes to 10.1.1.0/24 and 10.1.2.0/24, but not to 192.168.1.0/24. Which would most likely causethis problem?

A. ROUTER2 is most likely filtering EIGRP externals, but you cannot be certain without examining itsconfiguration

B. ROUTER1 and ROUTER3 have the same router ID, so they will reject each other's redistributed (external)EIGRP routes.

C. Autosummarization is removing the routes to 192.168.1.0/24 and 192.168.2.0/24. ROUTER1 andROUTER3 should have routes to 192.168.0.0/16 instead.

D. The redistribution at ROUTER1 and ROUTER3 is configured incorrectly.

Answer: B

Section: (none)

Explanation/Reference:Explanation:Many times, EIGRP will not install routes because of a duplicate router ID problem. EIGRP does not use routerID as extensively as OSPF. EIGRP uses the notion of router ID only on external routes to prevent loops. EIGRPchooses the router ID based on the highest IP address of the loopback interfaces on the router. If the routerdoesn't have any loopback interfaces, the highest active IP address of all the interfaces is chosen as the routerID for EIGRP. In this case, the loopback addresses are both 10.1.5.1 so the redistributed routes will be rejectedas Router1 and Router3 will assume that there is a routing loop.Reference: Troubleshooting EIGRP by Zaheer Aziz, Johnson Lui, Abe Martey, Faraz Shamim, Cisco Press.

QUESTION 8Which of these potential issues is eliminated by the use of split horizon?

A. asymmetric routing throughout the network

B. packet forwarding loops

C. joined horizons

D. Cisco Express Forwarding load-balancing inconsistency

Answer: B

Section: (none)

Explanation/Reference:Explanation:Distance-vector routing protocols employ the split horizon rule which prohibits a router from advertising a routeback out the interface from which it was learned. Split horizon is one of the methods used to prevent routingloops due to the slow convergence times of distance-vector routing protocols.

QUESTION 9The 802.1w protocol is seen as the next evolution beyond the 802.1 D standard protocol. Which of thesestatements regarding port states is true of both 802.1 D and 802.1w?

A. All 802.1 D port states (Disabled, Blocking, Listening, Learning, and Forwarding) are identical in 802.1w.

B. The 802.1 D port states Disabled and Blocking have become the 802.1w port state Discarding, and all other802.1D port states remain the same in 802.1w.

C. The 802.1 D port states Disabled, Blocking, and Listening have become the 802.1w port state Discarding,and all other 802.1D port states remain the same in 802.1w.

D. The 802.1 D port states Disabled, Blocking, and Listening have been removed completely from 802.1w(there is no corresponding port state), and all other 802.1 D port states remain the same in 802.1w. )

E. The 802.1 D port state Disabled has been removed from 802.1w, and the 802.1 D port states Blocking andListening have become the 802.1w port state Discarding; all other 802.1D port states remain the same in802.1w.

Answer: C

Section: (none)


QUESTION 10When a router makes a forwarding decision, which of these routes in the routing table always wins?

A. administrative distance

B. router ID

C. longest prefix match

D. routing process ID

Answer: C

Section: (none)

Explanation/Reference:Explanation:Making a forwarding decision actually consists of three sets of processes: the routing protocols, the routingtable, and the actual process, which makes a forwarding decision and switches packets. These three sets ofprocesses are illustrated, along with their relationship, below:

The longest prefix match always wins among the routes actually installed in the routing table, while the routingprotocol with the lowest administrative distance always wins when installing routes into the routing table.Reference: www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094823.shtml

QUESTION 11On what type of ports would STP Port Fast BPDU guard be most appropriate?

A. root ports

B. Designated ports

C. Host ports

D. alternate ports

Answer: C

Section: (none)

Explanation/Reference:

QUESTION 12Which of these statements best describes how neighbor adjacencies are formed in a multi-access OSPF network?

A. The router with the highest priority will become the DR

B. Only those routers with the Cisco default priority of 0 are eligible to become the DR or BDR.

C. The router with the highest loop-back address will become the DR if two or more routers have the samepriority.

D. The router with the lowest Router ID will become the DR and the router with the next lowest Router ID willbecome the BDR.

E. Election of the DR and BDR begins only after a router that wants to become either the DR or BDR entersthe ExStart state.

Answer: A

Section: (none)

Explanation/Reference:Explanation:The router with the highest priority is elected the DR on a multiaccess network. A router with a priority of 0 isineligible to become a DR or BDR. In the event of a tie in priority, the router with the highest router ID is electedthe DR. If no router ID has been manually configured on a router, the router uses its numerically highest

loopback address as its router ID. If no loopback interfaces have been configured, the router uses itsnumerically highest IP address of any physical interface.

QUESTION 13Which two fundamental modifications, related to traffic forwarding, does MPLS introduce? (Choose two.)

A. IP lookup is performed on every hop within the MPLS core.

B. IP destination routing is reduced to label lookup within the MPLS network.

C. For unicast routing, labels are assigned to FECs (in other words, IP prefixes).

D. For multicast routing, labels are assigned to IP multicast groups.

Answer: BC

Section: (none)

Explanation/Reference:Explanation:MPLS works by tagging packets with an identifier (a label) to distinguish the LSPs. When a packet is received,the router uses this label (and sometimes also the link over which it was received) to identify the LSP. It thenlooks up the LSP in its own forwarding table to determine the best link over which to forward the packet, andthe label to use on this next hop. A different label is used for each hop, and it is chosen by the router or switchperforming the forwarding operation. This allows the use of very fast and simple forwarding engines, as therouter can select the label to minimize processing.Ingress routers at the edge of the MPLS network use the packet's destination address to determine which LSPto use. Inside the network, the MPLS routers use only the LSP labels to forward the packet to the egress router.

In the diagram above, LSR (Label Switched Router) A uses the destination IP address on each packet to selectthe LSP, which determines the next hop and initial label for each packet (21 and17). When LSR B receives the packets, it uses these labels to identify the LSPs, from which it determines thenext hops (LSRs D and C) and labels (47 and 11). The egress routers (LSRs D and C) strip off the final labeland route the packet out of the network. As MPLS uses only the label to forward packets, it is protocol-independent, hence the term "Multi- Protocol" in MPLS. Packet forwarding has been defined for all types oflayer-2 link technologies, with a different label encoding used in each case.

QUESTION 14You are using IPv6, and would like to configure EIGRPv3. Which three of these correctly describe how you can

perform this configuration? (Choose three.)

A. EIGRP for IPv6 is directly configured on the interfaces over which it runs.

B. EIGRP for IPv6 is not configured on the interfaces over which it runs, but if a user uses passive- interfaceconfiguration, EIGRP for IPv6 needs to be configured on the interface that is made passive.

C. There is a network statement configuration in EIGRP for IPv6, the same as for IPv4.

D. There is no network statement configuration in EIGRP for IPv6.

E. When a user uses a passive-interface configuration, EIGRP for IPv6 does not need to be configured on theinterface that is made passive.

F. When a user uses a non-passive-interface configuration, EIGRP for IPv6 does not need to be configured onthe interface that is made passive

Answer: ADE

Section: (none)


Restrictions for Implementing EIGRP for IPv6:This section lists ways in which EIGRP for IPv6 differs from EIGRP IPv4 as well as EIGRP for IPv6 restrictions.

EIGRP for IPv6 is directly configured on the interfaces over which it runs. This feature allows EIGRP for IPv6 tobe configured without the use of a global IPv6 address. There is no network statement in EIGRP for IPv6.In per-interface configuration at system startup, if EIGRP has been configured on an interface, then the EIGRPprotocol may start running before any EIGRP router mode commands have been executed.

An EIGRP for IPv6 protocol instance requires a router ID before it can start running.

EIGRP for IPv6 has a shutdown feature. The routing process should be in "no shutdown" mode in order to startrunning.

When a user uses passive-interface configuration, EIGRP for IPv6 does not need to be configured on theinterface that is made passive.

EIGRP for IPv6 provides route filtering using the distribute-list prefix-list command. Use of the routE.mapcommand is not supported for route filtering with a distribute list.

Reference:http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_configuration_guide_chapter09186a00805fc867.html

QUESTION 15

Refer to the exhibit. Which switching feature is being tested?

A. Loop guard

B. Port Fast

C. root guard

D. BDPU guard

Answer: A

Section: (none)

Explanation/Reference:Explanation:Loop guard checks if a root port or an alternate/backup root port receives BPDUs. If the port does not receiveBPDUs, loop guard puts the port into an inconsistent state (blocking) until it starts to receive BPDUs again. Aport in the inconsistent state does not transmit BPDUs. If such a port receives BPDUs again, the port (and link)is deemed viable again. The loop-inconsistent condition is removed from the port, and STP determines the portstate. In this way, recovery is automatic. Loop guard isolates the failure and lets spanning tree converge to astable topology without the failed link or bridge. Loop guard prevents STP loops with the speed of the STPversion that is in use. There is no dependency on STP itself (802.1D or 802.1w) or when tuning the STP timers. For thesereasons, Cisco recommends that you implement loop guard in conjunction with UDLD in topologies that rely onSTP and where the software supports the features. When loop guard blocks an inconsistent port, this messageis logged:

%SPANTREE-SP-2-LOOPGUARD_BLOCK: Loop guard blocking port GigabitEthernet2/1 on VLAN0010

Reference:http://www.cisco.com/en/US/products/hw/switches/ps700/products_white_paper09186a00801b49 a4.shtml

QUESTION 16Refer to the exhibit. In this network, when R6 runs SPF, what

A. R6 not have an entry to 10.1.5.0/24 on its shortest path tree

B. R6 have an entry to 10.1.5.0/24 through R4 on its shortest path tree, since R4 is the closest exit point out ofArea 2

C. R6 choose the path through R5, R2, R1 because this is the shortest path through the network,

D. R6 choose the path through R5, R3, R1 because this is the shortest path through the network.

Answer: A

Section: (none)

Explanation/Reference:Explanation:Router R6 in area 2 is in a totally stubby area.

So there are only Type 1 and 2 LSA's allowed.

So inter-area routes (which require Type 3 LSA's) are not in the database of R6.

All that will be seen is a default route outside the area.

Since the 2 exists (R4+R5= do not have equal cost path, the way over R4 (cost 10) will be preferred.

So all answers who claim that packets will go via R5, are wrong.

Also answer D is wrong, since R6 won't have an entry for 10.1.5.0/24.

QUESTION 17A new router has been allocated a single /24 subnet (172.16.123.0/24). The interface between this new routerand the upstream router has already been configured from a different IP subnet. The four other interfaces onthis router require 56,10, 72, and 24 IP addresses, respectively. The router always uses the first IP address onany subnet.Which one of these combinations of IP addresses allow the router to meet the interface requirements?

Which of these combinations of IP addresses allow the router to meet the interface requirements?

A. 172.16.123.1 255.255.255.128172.16.123.129 255.255.255.192172.16.123.193 255.255.255.224172.16.123.225 255.255.255.240

B. 172.16.123.1 255.255.255.192172.16.123.65 255.255.255.192172.16.123.129 255.255.255.192172.16.123.193 255.255.255.192

C. 172.16.123.1 255.255.255.128172.16.123.129 255.255.255.192172.16.123.193 255.255.255.224172.16.123.225 255.255.255.248

D. 172.16.123.1 255.255.255.128172.16.123.129 255.255.255.224172.16.123.161 255.255.255.224172.16.123.193 255.255.255.224

E. 172.16.123.1 255.255.255.128172.16.123.129 255.255.255.192172.16.123.193 255.255.255.240172.16.123.209 255.255.255.240

Answer: A

Section: (none)

Explanation/Reference:Explanation:The subnet sizes needed to meet the address requirements are:FreeExamKing.com56 = /26 = 255.255.255.19210 = /28 = 255.255.255.24072 = /25 = 255.255.255.12824 = /27 = 255.255.255.224Answer A most efficiently meets these requirements.

QUESTION 18Exhibit:

Refer to the exhibits. At R1 in this network, there is no route to 10.1.4.0/24 in the local routing table. Based onthe output for R1 in the exhibit, what is the most likely reason 10.1.4.0/24 is not in R1's routing table?

A. The forwarding address, 10.1.3.2, is also redistributed into OSPF, and an OSPF external route cannot useanother OSPF external as its next hop.

B. R2 is not properly configured as an Area Border Router.

C. Area 1 is a stub area, and external routes cannot be originated in a stub area.

D. R3 is not redistributing 10.1.4.0/24 properly.

Answer: A

Section: (none)

Explanation/Reference:FreeExamKing.comExplanation:The forwarding address, 10.1.3.2, is also redistributed into OSPF, and an OSPF external route cannot useanother OSPF external as its next hop.

QUESTION 19Which bits are copied to the EXP bits in an MPLS label by default?

A. TOS

B. CoS

C. IP precedence

D. DSCP

Answer: C

Section: (none)

Explanation/Reference:Explanation:MPLS has 3 EXP bits in the label header that are used in much the same way as IP Precedence bits or theDSCP CS bits. By default, when Cisco IOS Software pushes labels onto an IP packet, the most significant bitsin the DiffServ field (the IP Precedence bits) are copied to the EXP field of all imposed labels.Reference: "Traffic Engineering with MPLS" By Eric Osborne, Ajay Simha, Cisco Press. http://www.ciscopress.com/articles/article.asp?p=28688&seqNum=5

QUESTION 20You work as a network technician. Study the exhibit carefully. ROUTER1 is the root bridge for both VLAN 1 andVLAN 2. Which way is the easiest to load-share traffic across both trunks and maintain redundancy in case alink fails, without using any type of EtherChannel link-bundling?

A. Increase the root bridge priority (increasing the numerical priority number) for VLAN 2 on ROUTER2 so thatport B2 becomes the root port on ROUTER2 for VLAN 2.

B. Increase the root bridge priority (decreasing the numerical priority number) for VLAN 2 on ROUTER1 sothat A2 becomes the root port on ROUTER2 for VLAN 2.

C. Decrease the path cost on A2 on ROUTER1 for VLAN 2 so that port B1 will be blocked for VLAN 2 and port B2 will remain blocked for VLAN 1.

D. Decrease the port priority on A2 for VLAN 2 on ROUTER1 so that port B1 will be blocked for VLAN 2 andport B2 will remain blocked for VLAN 1.

Answer: D

Section: (none)

Explanation/Reference:Explanation:To achieve VLAN load sharing you will need to decrease the port priority value for VLAN 2 on port A2. This way,the corresponding port B2 on Router2 receives better BPDUs than the ones that are sent on port A2 (that stillhas a port priority default value of 32).

Router1> (enable) set spantree portvlanpri 2/2 16 1

Port 3/2 vlans 1 using portpri 16.

Port 3/2 vlans 2-1004 using portpri 32.

Port 3/2 vlans 1005 using portpri 4.

Router1> (enable)

The exact same scenario as this question is documented on the Cisco site at the reference link

listed below.

Reference:

VLAN Load Balancing Between Trunks Using the Spanning-Tree Protocol Port Priority

http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96a.shtml

QUESTION 21

On the basis of the network provided in the exhibit, R3 and R4 are configured to run all connected links inOSPF Area 1. The network administrator is complaining that traffic destined to 192.168.1.0/24 is being routedto R2, even if R2 is not running OSPF. Which would be the cause of this problem?

A. The next hop towards 192.168.1.0/24 at R4 should be 10.1.1.1, since R1 is redistributing the route fromEIGRP into OSPF. R3 is forwarding traffic incorrectly

B. R4 would not have a route towards 192.168.1.0/24, so the network administrator is wrong in thinking anytraffic is being forwarded there

C. The next hop towards 192.168.1.0/24 at R4 should be 10.1.1.2 which is R2

D. The next hop towards 192.168.1.0/24 at R4 would be 10.1.2.2, which is R3. R3 should be load sharingbetween R1 and R2 for its next hop

Answer: A

Section: (none)

Explanation/Reference:Explanation:Since OSPF and EIGRP are being redistributed between R 1 and R 2, the route will appear to R4 as anexternal route, with the next hop being the IP address at R2.

QUESTION 22Refer to the exhibit. R12 (in Area 4) receives a packet destined for a network in Area 1. What routing tableentry will R12 have that will enable it to forward the packet? FreeExamKing.com

A. a summary route generated by R1 and propagated through the OSPF domain

B. a default route generated by R1 and propagated through the OSPF domain

C. a summary route generated by R4 and propagated to R12

D. a default route generated by R4 and propagated to R12

Answer: D

Section: (none)


QUESTION 23When the NTP peer statement is used in a Cisco IOS router, what functionality does this imply is also beingused on the router?

A. static client

B. symmetric active mode

C. static server

D. NTP broadcast client

Answer: B

Section: (none)

Explanation/Reference:Explanation:When a networking device is operating in the symmetric active mod e, it polls its assigned time- serving hostsfor the current time and it responds to polls by its hosts. Because this is a peer-to- peer relationship, the hostalso retains time-related information about the local networking device that it is communicating with. This modeshould be used when there is a number of mutually redundant servers that are interconnected via diversenetwork paths. Most stratum 1 and stratum 2 servers on the Internet today adopt this form of network setup.Use the peer command to individually specify the time-serving hosts that you want your networking device toconsider synchronizing with and to set your networking device to operate in the symmetric active mode .

Reference:http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.3/system_management/configuration/guide/y c33ntp.html

QUESTION 24In Frame Relay, BECN messages indicating congestion are sent or received by which of these?

A. received by the sender

B. sent by the sender

C. received by the destination

D. sent by the destination

Answer: A

Section: (none)

Explanation/Reference:Explanation:Backward Explicit Congestion Notification (BECN) - The router receiving the frame with BECN set knows that aframe it sent experienced congestion. A frame relay switch sends the BECN to the original sender of the frameto indicate congestion in the network.

QUESTION 25Refer to the exhibit. In this network, R1 has been configured to advertise a summary route, 192.168.0.0/22, toR2. R2 has been configured to advertise a summary route, 192.168.0.0/21, to R1. Both routers have beenconfigured to remove the discard route (the route to null created when a summary route is configured) bysetting the administrative distance of the discard route to 255. What will happen if R1 receives a packetdestined to 192.168.3.1?

A. The packet will loop between R1 and R2.

B. It is not possible to set the administrative distance on a summary to 255.

C. The packet will be forwarded to R2, where it will be routed to null0.

D. The packet will be dropped by R1, since there is no route to 192.168.3.1

Answer: A

Section: (none)


QUESTION 26Which two options help minimize router resource requirements and improve manageability? (Choose two.)

A. autosummarization

B. Simple Network Management Protocol

C. CPU optimization

D. prefix aggregation

Answer: AD

Section: (none)

Explanation/Reference:Explanation:Automatic route summarization and prefix aggregation is always a recommended best design practicewhenever possible, as it means less routing table entries for the router to store. For example, many subnetscan be hidden behind a single routing table entry, making these entries smaller, and routing more efficient).

QUESTION 27Which of these best identifies the types of prefixes a router running BGP will advertise to an EBGP peer?

A. prefixes received from any other BGP peer and prefixes locally originated via network statements orredistributed to BGP

B. all prefixes in its IP routing table

C. only prefixes received from EBGP peers and prefixes locally originated via network statements orredistributed

D. only prefixes received from EBGP peers and prefixes received from route reflectors

E. all prefixes in its routing table except the prefixes received from other EBGP peers

F. a prefixes in its routing table except the prefixes received from other IBGP peers

Answer: A

Section: (none)

Explanation/Reference:Explanation:By default, a BGP router will advertise routes that were received form other BGP peers (both IBGP and EBGPpeers) as well as any locally generated routes via the network command or via redistribution. The defaultconfiguration of BGP on a circuit does not advertise any routes or allow any learned routes into the IGP routingtable, these have to be manually entered as Network statements or be redistributed into the IGP.

The network command controls what networks are originated by this box. This is a different concept from whatyou are used to configuring with IGRP and RIP. With this command we are not trying to run BGP on a certaininterface, rather we are trying to indicate to BGP what networks it should originate from this box.The network command is one way to advertise your networks via BGP. Another way is to redistribute your IGP(IGRP, OSPF, RIP, EIGRP, etc.) into BGP. Careful filtering should be applied to make sure you are sending tothe internet only routes that you want to advertise and not everything you have.

QUESTION 28What feature monitors the level of each traffic type in 1-second intervals?

A. Port Fast

B. Uplink Fast

C. Storm Control

D. Port Aggregation Protocol

E. Link Aggregation Configuration Options

Answer: C

Section: (none)

Explanation/Reference:Explanation:Traffic storm control (also called traffic suppression) monitors incoming traffic levels over a 1- second trafficstorm control interval and, during the interval, compares the traffic level with the traffic storm control level thatyou configure. The traffic storm control level is a percentage of the total available bandwidth of the port. Eachport has a single traffic storm control level that is used for all types of traffic (broadcast, multicast, and unicast).

QUESTION 29IP multicast addresses in which range are used for Scope Relative multicast?

A. The lowest (numerically) 256 multicast addresses of each administratively scoped address range areautomatically reserved for Scope Relative multicast.

B. Scope Relative multicast addresses must be chosen from the administratively scoped address range by thenetwork administrator and configured on every router.

C. The highest (numerically) 256 addresses of each administratively scoped address range are automaticallyreserved for Scope Relative multicast.

D. The highest (numerically) 32 addresses of each administratively scoped address range are automaticallyreserved for Scope Relative multicast.

Answer: C

Section: (none)

Explanation/Reference:Explanation:Multicast addresses may be allocated in any of three ways:Static:Statically allocated addresses are allocated by IANA for specific protocols that require well-known addresses towork. Examples of static addresses are 224.0.1.1 which is used for the Network Time Protocol and224.2.127.255 which is used for global scope multicast session announcements.Scope-relative:RFC 2365 reserves the highest 256 addresses in every administrative scope range for relative assignments.Relative assignments are made by IANA and consist of an offset which is valid in every scope.Dynamic:For most purposes, the correct way to use multicast is to obtain a dynamic multicast address. These addressesare provided on demand and have a specific lifetime.

Reference: http://www.ietf.org/rfc/rfc2908.txt

QUESTION 30Refer to the exhibit. Which protocol will load-balance traffic across all gateways in a group by dynamicallyassigning responsibility for a Virtual IP address and multiple virtual MAC addresses to each member of thegroup?

A. Hot Standby Router Protocol

B. Gateway Load Balancing Protocol

C. Virtual Router Redundancy Protocol

D. Simple Network Management Protocol

E. Spanning Tree Protocol

Answer: B

Section: (none)

Explanation/Reference:Explanation:The Gateway Load Balancing Protocol feature provides automatic router backup for IP hosts configured with asingle default gateway on an IEEE 802.3 LAN. Multiple first hop routers on the LAN combine to offer a singlevirtual first hop IP router while sharing the IP packet forwarding load. Other routers on the LAN may act asredundant GLBP routers that will become active if any of the existing forwarding routers fail.GLBP performs a similar, but not identical, function for the user as the HSRP and the VRRP. HSRP and VRRPprotocols allow multiple routers to participate in a virtual router group configured with a virtual IP address. Onemember is elected to be the active router to forward packets sent to the virtual IP address for the group. Theother routers in the group are redundant until the active router fails. These standby routers have unusedbandwidth that the protocol is not using. Although multiple virtual router groups can be configured for the sameset of routers, the hosts must be configured for different default gateways, which results in an extraadministrative burden. GLBP provides load balancing over multiple routers (gateways) using a single virtual IPaddress and multiple virtual MAC addresses. Each host is configured with the same virtual IP address, and allrouters in the virtual router group participate in forwarding packets.Reference: GLBP - Gateway Load Balancing

Protocolhttp://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html

QUESTION 31Which two statements correctly describe CBWFQ? (Choose two.)

A. CBWFQ services each class queue using a strict priority scheduler.

B. Inside a class queue, processing is always FIFO, except for the class-default queue.

C. The CBWFQ scheduler provides a guaranteed minimum amount of bandwidth to each class.

D. The class-default queue only supports WFQ.

Answer: BC

Section: (none)

Explanation/Reference:FreeExamKing.comExplanation:CBWFQ allows a network administrator to create minimum guaranteed bandwidth classes. Instead of providinga queue for each individual flow, a class is defined that consists of one or more flows.Each class can be guaranteed a minimum amount of bandwidth.Within a class queue, processing is always FIFO, except for the class-default queue. CBWFQ supports 64queues, with a maximum and default queue length varying depending on the model of router and the amount ofmemory installed. All 64 queues can be configured, but one class queue, called class-default , is automaticallyconfigured. If the explicitly configured classification does not match a packet, IOS places the packet into theclass-default class. Currently, CBWFQ can use either FIFO or WFQ inside the class-default queue

References: http://www.cisco.com/en/US/docs/internetworking/technology/handbook/QoS.html

http://ninjasd.wordpress.com/2008/06/03/class-default-queue/

QUESTION 32Which Cisco IOS feature can be used to defend against spoofing attacks?

A. Cisco IOS Firewall (CBAC)

B. lock-anD.key ACL and/or reflexive ACL

C. IP Source Guard and/or Unicast RPF

D. TCP Intercept

E. Cisco IOS IPS

F. Auth-Proxy

Answer: C

Section: (none)

Explanation/Reference:Explanation:The proper deployment and configuration of Unicast RPF provides the most effective means of anti-spoofingprotection against attacks with spoofed source IP addresses. IP source guard provides the most effectivemeans of anti-spoofing protection against attacks with spoofed source MAC addresses. Deployment as close toall traffic sources as possible provides maximum effectiveness.Reference: http://tools.cisco.com/security/center/getDocument.x?id=442

QUESTION 33

Refer to the exhibit. Assume that all necessary configurations in this network are correct for routing. Subnet10.1.1.0/24 is sourced by Router A and advertised via BGP, OSPF, and EIGRP. Eventually, Router G learns ofthis subnet. What is the routing protocol and administrative distance that Router G used to reach subnet 10.1.1.0/24?

A. EIGRP, AD 5

B. EIGRP, AD 90

C. EIGRP, AD 170

D. OSPF, AD 110

E. BGP, AD 20

F. BGP, AD 200

Answer: E

Section: (none)

Explanation/Reference:Explanation:In this example, router G will learn this route via OSPF, EIGRP, and IBGP, and external BGP. Since theadministrative distance of EBGP is 20, this will be the preferred route to the 10.1.1.0/24 network.

QUESTION 34Refer to the exhibit. While performing an internal audit of your network, you come across this configuration in allof your routers. Which three statements about this configuration are true? (Choose three.)

A. The Event Manager applet is configured incorrectly.

B. The IP SNMP process is monitored every 10 seconds.

C. The IP SNMP process is monitored every 10 minutes.

D. When CPU process exceeds 50%, an event is generated.

E. SNMP trap type 50 messages are sent to the event managers.

F. A publish event is sent to well-known user 798 with an SNMP trap message.

Answer: BDF

Section: (none)

Explanation/Reference:Explanation:B, D: Example:The following example shows how to configure three EEM applets to demonstrate how the Cisco IOS watchdogsystem monitor (IOSWDSysMon) event detector works:

Watchdog System Monitor Sample1 PolicyThe first policy triggers an applet when the average CPU usage for the process named IP Input is greater thanor equal to 1 percent for 10 seconds:event manager applet IOSWD_Sample1event ioswdsysmon sub1 cpu-proc taskname "IP Input" op ge val 1 period 10 action 1.0 syslog msg"IOSWD_Sample1 Policy Triggered"

To specify the action of publishing an application-specific event when the event specified for an EmbeddedEvent Manager (EEM) applet is triggered, use the action publish-event command in applet configuration mode.To remove the action of publishing an application-specific event, use the no form of this command.action label publish-event sub-system sub-system-id type event-type arg1 argument-data [ arg2 argument-data ] [ arg3 argument-data ] [ arg4 argument-data ] no action label publish-eventSyntax Description

Reference:http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_command_reference_chapter09186a00801a8084.html#wp1110829

QUESTION 35Phase I and Phase II DMVPN differ in terms of which of these characteristics?

A. utilization of spoke-to-spoke dynamic tunnels

B. utilization of hub-to-spoke dynamic tunnels

C. support for multicast

D. utilization ofmultipoint GRE tunnels at the hub site

Answer: A

Section: (none)

Explanation/Reference:Explanation:The 3 DMVPN Phases are:Phase 1: Hub and spoke functionalityPhase 2: Spoke-to-spoke functionalityPhase 3: Architecture and scalingReference:http://www.cisco.com/application/pdf/en/us/guest/products/ps6658/c1161/cdccont_0900aecd8031 3c97.pdf

QUESTION 36Refer to the exhibit. R10 (in Area 2) is redistributing routes learned from BGP into the OSPF process. R2 willgenerate which three OSPF LSA types for advertisements to Area 0? (Choose three.)

A. Type 1 - router LSAs

B. Type 2 - network LSAs

C. Type 3 - network summary LSAs

D. Type 4 - ASBR Summary LSAs

E. Type 5 - AS external LSAs

F. Type 7 - NSSA external LSAs

Answer: CDE

Section: (none)


Explanation:In this example, router R2 is an area border router (ABR) as it connects areas 2 and 0. It also learned of routesfrom R10, which is an ASBR since it redistributes BGP routes into OSPF so these routes will also need to beadvertised into area 0.The OSPF LSA Types are as follows : Type 1: Router link advertisements generated by each router for eacharea it belongs to. Flooded to a single area only. Type 2: Network link advertisements generated by designatedrouters describing the set of routers attached to a particular network. Flooded to the area that contains thenetwork. Type 3/4: Summary link advertisements generated by ABRs describing inter-area routes. Type 3describes routes to networks and is used for summarization. Type 4 describes routes to the ASBR. Type 5:Generated by the ASBR and describes links external to the Autonomous System (AS). Flooded to all areasexcept stub areas. Type 6: Group membership link entry generated by multicast OSPF routers. Type 7: NSSAexternal routes generated by ASBR. Only flooded to the NSSA. The ABR converts LSA type 7 into LSA type 5before flooding them into the backbone (area 0).

QUESTION 37If you have a large number of alignment errors, FCS errors, or late collisions, this may indicate which of theseproblems?

A. there is a half-duplex connection between the switch and an endpoint on a 10/100/1000 BASE.T Ethernetlink

B. no problem, these errors are normal under most circumstances

C. there is a duplex mismatch on a 1000 BASE.LX/LH

D. there is a duplex mismatch on a 10/100/1000 BASE-T Ethernet link

Answer: D

Section: (none)

Explanation/Reference:Explanation:Many different modes of operations for Ethernet over twisted pair (10/100/1000 Base T), and most networkadapters are capable of different modes of operations. In 1995, a standard was released for allowing twonetwork adapters connected to each other to negotiate the best possible shared mode of operation. Theautonegotiation standard contained a mechanism for detecting the speed but not the duplex setting of Ethernetpeers that did not use autonegotiation. When two linked interfaces are set to different duplex modes, the effectof this duplex mismatch is a network that functions much slower than its nominal speed. The primary rule foravoiding this is to avoid setting one end of a connection to full duplex and the other end to autonegotiation.

Duplex mismatch may be inadvertently caused when an administrator configures an interface to a fixed mode(e.g 100 Mbit/s full duplex) and fails to configure the remote interface, leaving it set to autonegotiate. Then,when the autonegotiation process fails, half duplex is assumed by the autonegotiating side of the link.The resulting duplex mismatch results in a dramatically slow network, in which many collisions, and especiallylate collisions occur on the interface set to half-duplex, and FCS errors are seen on the full-duplex side.Gigabit Ethernet standards require autonegotiation to be on in order to operate.

Reference: http://en.wikipedia.org/wiki/10BASE.T

QUESTION 38The Border Gateway Protocol tries to install the best path for a prefix into the Routing Information Base andfails. Which three of these are possible reasons for this failure? (Choose three.)

A. memory failure

B. a route with a worse administrative distance is already present in the IGP routing table

C. a route with a better administrative distance is already present in the IGP routing table

D. the best path for the prefix is already installed in the RIB

E. the number of routes in VRF exceeds the route limit configured for the VRF instance

Answer: ACE

Section: (none)

Explanation/Reference:Explanation:What does r RIB-Failure mean in the "show ip bgp" command output?

R1> show ip bgpBGP table version is 5, local router ID is 200.200.200.1Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Pathr> 6.6.6.0/24 10.10.13.3 0 130 0 30 i*> 7.7.7.0/24 10.10.13.3 0 125 0 30 i

When BGP tries to install the bestpath prefix into Routing Information Base (RIB) (for example, the IP Routingtable), RIB might reject the BGP route due to any of these reasons:

* Route with better administrative distance already present in IGP. For example, if a static route already existsin IP Routing table.* Memory failure.* The number of routes in VPN routing/forwarding (VRF) exceeds the route-limit configured under the VRFinstance.

Reference:http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a00800949e8.shtml

QUESTION 39Refer to the exhibit. R2 does not have any 10.100.x.x routes in either its routing table or its BGP table. What isthe most likely cause of the problem?

A. The advertised BGP next hop is not in R2's routing table.

B. BGP will not advertise a route that is not in the IP routing table.

C. BGP will not advertise a route unless it is synchronized with the IGP.

D. The serial link between the routers in not participating in the BGP process.

Answer: B

Section: (none)

Explanation/Reference:Explanation:A BGP router will not advertise the routes specified in the network command unless it also has that route in itsrouting table. In this case, the 10.100.0.0/16 network was added under the BGP process using the networkcommand, but this route is not in the routing table. Only the more specific 10.100.1.0/24 and 10.100.2.0/24routes are in the routing table as connected routes. By adding a static route to the null0 interface, the10.100.0.0/16 route will be in the IGP routing table and this route will be added to the BGP process andadvertised to neighbors.

QUESTION 40Which of these statements correctly describes traffic policing?

A. It allows for the provision of low latency on congested interfaces.

B. It is mandatory when enabling NBAR and CBWFQ.

C. It allows for the metering and limitation of bandwidth utilization.

D. It is also referred to as 'buffer tuning,1 and is an optimal way to manage router I/O memory.

E. It should be configured on every router to avoid memory corruption.

Answer: C

Section: (none)

Explanation/Reference:Explanation:From the CCIE R&S Exam Certification Guide:CB Policing is enabled for packets either entering or exiting an interface, or those entering or exiting asubinterface. It monitors, or meters, the bit rate of the combined packets; when a packet pushes the meteredrate past the configured policing rate, the policer takes action against that packet. The most aggressive actionis to discard the packet.

QUESTION 41Refer to the exhibit. In this network R1 and R2 are both configured as EIGRP stub routers. If the link betweenR1 and R3 failed, would R3 still be able to reach 192.168.1.0/24, and why or why not?

A. No. R3 would remove its route to 192.168.1.0/24 through R1, but would not query R2 for an alternate route,since R2 is a stub.

B. Yes. When a directly connected link fails, a router is allowed to query all neighbors, including stubneighbors, for an alternate route.

C. Yes, because R3 would know about both routes, through R1 and R2, before the link between R1 and R3failed.

D. No. The path through R2 would always be considered a loop at R3.

Answer: A

Section: (none)

Explanation/Reference:Explanation:EIGRP Stub Router FunctionalityWhen EIGRP routes to destinations are lost and no feasible successor routes exist, EIGRP sends a QUERYpacket to each neighbor to discover whether alternative routes exist. These routers then propagate this QUERYuntil it reaches the edge of the network. In a typical redundant hub-and- spoke scenario, it is typical for thespoke site to be connected via redundant links to the hub site. In this case, the QUERY is propagated back toanother router in the hub site, which may not be optimum. EIGRP has a functionality known as a stub routerfunctionality that prevents this behavior. When a spoke router is explicitly configured to be so, a hub router doesnot send any QUERY packets to a stub router .

QUESTION 42What keywords do you need to the access-list to provide to the logging message like source address andsource mac address?

A. log

B. log-input

C. log-output

D. logging

Answer: B

Section: (none)

Explanation/Reference:Explanation:The "log-input" keyword is an optional access list command and includes the input interface and source MACaddress or VC in the logging output.To define an extended IP access list, use the extended version of the access-list command in globalconfiguration mode. To remove the access lists, use the no form of this command.

access-list access-list-number [ dynamic dynamic-name [ timeout minutes ]] { deny | permit } protocol sourcesource-wildcard destination destination-wildcard [ precedence precedence ] [ tos tos ] [ log | log-input ] [ time-range time-range-name ] [ fragments ] Reference: http://www.cisco.com/en/US/docs/ios/12_3/ipaddr/command/reference/ip1_a1g.html

QUESTION 43Refer to the exhibit. Which of these is applied to the Bearer class?

A. WRED

B. traffic shaping

C. packet marking

D. packet classification

E. FIFO queuing within the class

Answer: E

Section: (none)

Explanation/Reference:Explanation:The "priority" command is used to configure Low Latency queuing (LLQ) where the traffic assigned to the LLQis given strict priority with FIFO queuing.The priority command can be configured in multiple classes, but it should only be used for voice- like, constantbit rate (CBR) traffic. If the traffic is not CBR, you must configure a large enough bandwidth parameter toabsorb the data bursts.Configuring the priority command in multiple classes provides the ability to police the priority classesindividually. For an example, refer to the following configuration:

policy-map policy1Page 35 of 25135

class voice1

priority 24

class voice2

priority 48

class data

bandwidth 20

In this example, voice1 and voice2 classes of traffic go into the high priority queue and get strict

priority queueing over data traffic. However, voice1 traffic will be rate-limited to 24 kbps and voice2

traffic will be rate-limited to 48 kbps. The classes will be individually rate-limited (and given first-in

first-out [FIFO] treatment) even if they go into the same queue.

Reference:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a0080087

b13.html

QUESTION 44Which three of these statements correctly describe Source Specific Multicast? (Choose three.)

A. SSM uses shared trees only.

B. SSM uses shortest path trees only.

C. The use of SSM is recommended when there are many sources and it is desirable to keep the amount ofmroute state in the routers in the network to a minimum.

D. There are no RPs to worry about.

E. Is best suited for applications that are in the many-to-many category.

F. Is best suited for applications that are in the one-to-many category.

Answer: BDF

Section: (none)

Explanation/Reference:Explanation:D: SSM is easy to install and provision in a network because it does not require the network to maintain information about which active sources are sending to multicast groups. This requirement exists inISM (with IGMPv1, IGMPv2, or IGMPv3).The current standard solutions for ISM service are PIM-SM and Multicast Source Discovery Protocol (MSDP).Rendezvous point (RP) management in PIM-SM (including the necessity for Auto-RP or bootstrap router [BSR])and MSDP is required only for the network to learn about active sources. This management is not necessary inSSM. SSM is therefore easier than ISM to install and manage and easier to operationally scale in deployment.Another factor that contributes to the ease of installation of SSM is the fact that it can leverage preexisting PIM-SM networks.B: SSM is a solution where the knowledge of the source is acquired out of band. SSM uses only a source tree,but there is no flooding of data, because learning the source is out of band. SSM is most useful for applicationssuch as Internet broadcasting or corporate communications

F: SSM is a datagram delivery model that best supports one-to-many applications, also known as

broadcast applications. SSM is a core networking technology for the Cisco implementation of IP

multicast solutions targeted for audio and video broadcast application environments and is

described in RFC 3569.

Reference:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801a6

d6f.html

QUESTION 45Refer to the exhibit. What type of issue does this Router A error log indicate?

Exhibit:

A. physical layer problem

B. PortFast is enabled on both HSRP routers

C. HSRP standby router configuration error

D. HSRP router interfaces are in the wrong VLAN

Answer: A

Section: (none)

Explanation/Reference:Explanation:Case Study: HSRP State Continuously Changes (Active, Standby, Speak) These error messages can appear:Jan 9 08:00:42.623: %STANDBY-6-STATECHANGE: Standby: 49:

Vlan149 state Standby -> Active

Jan 9 08:00:56.011: %STANDBY-6-STATECHANGE: Standby: 49:

Vlan149 state Active-> Speak


Vlan149 state Speak -> Standby


Vlan149 state Standby -> Active


Vlan149 state Active-> Speak


Vlan149 state Speak -> Standby

These error messages describe a situation in which a standby HSRP router did not receive three

successive HSRP hello packets from its HSRP peer. The output shows that the standby router

moves from the standby state to the active state. Shortly thereafter, the router returns to the

standby state. Unless this error message occurs during the initial installation, an HSRP issue

probably does not cause the error message. The error messages signify the loss of HSRP hellos

between the peers. When you troubleshoot this issue, you must verify the communication between

the HSRP peers. A random, momentary loss of data communication between the peers is the

most common problem that results in these messages.

There are several possible causes for the loss of HSRP packets between the peers. The most

common problems are physical layer problems or excessive network traffic caused by spanning

tree issues.

Reference:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml

QUESTION 46Poor performance, collisions, and intermittent communication between a PC and a switch port may be theresult of which of these?

A. the wrong wire category is being used

B. the port on the switch is in the errdisable state

C. there are mismatching duplex modes

D. there are mismatching speeds

Answer: C

Section: (none)

Explanation/Reference:Explanation:Issues with autonegotiation of duplex generally do not result in link establishment issues. Instead,autonegotiation issues mainly result in performance-related issues. A duplex mismatch can result inperformance issues, intermittent connectivity, and loss of communication. When you troubleshoot NIC issues,verify that the NIC and switch use a valid configuration.Reference: http://www.cisco.com/warp/public/473/46.html

QUESTION 47All of these switch port errors are indications of duplex mismatches on 10/100/1000 IEEE 802.3u Gigabit

Ethernet ports except which one?

A. alignment errors

B. FCS errors

C. multiple collisions

D. runts

E. excessive collisions

F. late collisions

Answer: C

Section: (none)

Explanation/Reference:Explanation:The causes for the most common errors found in a 10/100/1000 LAN environment is found in the followingtable (Note the answers to this question in bold).Reference:http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00800a7af0.shtml

QUESTION 48R2 does not have any 10.100.x.x routes in either its routing table or its BGP table. What will you do at R5 tosolve this problem?

Network Topology Exhibit:

R5 exhibits:

A. Add a BGP network statement to encompass the serial link.

B. Configure a static route for 10.100.0.0/16 to null0

C. Disable BGP synchronization.

D. Set the BGP next-hop-self command for neighbor R2

Answer: B

Section: (none)


Explanation:A BGP router will not advertise the routes specified in the network command unless it also has that route in itsrouting table. In this case, the 10.100.0.0/16 network was added under the BGP process using the networkcommand, but this route is not in the routing table. Only the more specific 10.100.1.0/24 and 10.100.2.0/24routes are in the routing table as connected routes. By adding a static route to the null0 interface, the10.100.0.0/16 route will be in the IGP routing table and this route will be added to the BGP process andadvertised to neighbors.

QUESTION 49IP multicast routing uses (S,G) entries for multicast packet forwarding. Which addresses are used in the Sentries?

A. GLOP addresses

B. SDP / SAP addresses

C. Source Specific Multicast addresses

D. Any class, class A, class B. or class C host addresses

E. the block of administratively scoped multicast addresses

Answer: D

Section: (none)

Explanation/Reference:Explanation:State entries for a source tree use the notation (S, G) pronounced S comma G . The letter S represents the IPaddress of the source (any valid class A, B, or C host IP address), and G represents the group address.Reference: http://www.ciscopress.com/articles/article.asp?p=32100

QUESTION 50Which of these identifies two types of information that can be used to direct traffic along a specific route whenusing policy-based routing?

A. the source IP address and protocol (such as FTP and HTTP)

B. the type of service header and packet length

C. the packet Time to Live and the source IP address

D. the source IP address and the Layer 2 source address

Answer: A

Section: (none)


QUESTION 51An OSPF adjacency will not form correctly across a point-to-point link in the same area. What is the most likelyreason for this problem?

A. Each interface is configured with the ip unnumbered loop back 0 command.

B. Each interface has a different OSPF cost.

C. Each interface has a different MTU size.

D. Each interface is configured with secondary addresses as well as primary addresses.

Answer: C

Section: (none)

Explanation/Reference:Explanation:By default, OSPF checks whether neighbors are using the same MTU on a common interface. This check isperformed when neighbors exchange Database Descriptor (DBD) packets. If the receiving MTU in the DBDpacket is higher than the IP MTU configured on the incoming interface, OSPF adjacency will not be established.This behavior can be overridden with the interface command: "ip ospf mtu-ignore".

QUESTION 52Which standard supports multiple instances of spanning tree?

A. 802.1D

B. 802.1s

C. 802.1w

D. 802.1Z

Answer: B

Section: (none)

Explanation/Reference:Explanation:Multiple Spanning Tree (802.1s MST) is an IEEE standard inspired from the Cisco proprietary MultipleInstances Spanning Tree Protocol (MISTP) implementation. Reference: Understanding Multiple Spanning TreeProtocol (802.1s) http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfc.shtml

QUESTION 53In order to configure two routers as anycast RPs, which of these requirements, at a minimum, must besatisfied?

A. Multicast Source Discovery Protocol mesh-groups must be configured between the two any cast RPs.

B. The RPs must be within the same IGP domain.

C. Multicast Source Discovery Protocol must be configured between the two any cast RPs.

D. The two any cast RPs must be IBGP peers.

Answer: C

Section: (none)

Explanation/Reference:Explanation:Anycast-RP is an extension of the Static RP technique that also allows multiple Rendezvous Points for a grouprange to be deployed. This allows the network to continue to operate if a Rendezvous Point fails. The idea is toconfigure two or more routers in the network to be the Rendezvous Point. Each of these Anycast-RP routers willbe configured with the same Rendezvous Point address (in this case 10.1.1.1) on one of their Loopbackinterfaces. Each router also will advertise this address (the Rendezvous Point address) as a /32 host route.This will result in the other routers in the network using the closest Anycast-RP as their Rendezvous Pointbased on the unicast routing metrics. Normally, this would split the network into multiple PIM-SM domains thatwould not talk to each other . However, the Multicast Source Discovery Protocol (MSDP) is used tocommunicate active source information from one Anycast-RP to the other in Source Active (SA) messages .This allows active sources in one half of the network to be learned and joined by the Rendezvous Point in theother half of the network.Reference:http://www.cisco.com/en/US/tech/tk828/technologies_white_paper09186a00802d4643.shtml

QUESTION 54What is the reason that RSTP has a better convergence time than 802.1D?

A. it is newer

B. it is not timer-based

C. it has less overhead

D. it has smaller timers

Answer: B

Section: (none)


Explanation:Rapid transition is the most important feature introduced by 802.1w RSTP. The legacy STA passively waited forthe network to converge before it turned a port into the forwarding state. The achievement of fasterconvergence was a matter of tuning the conservative default parameters (forward delay and max_age timers)and often put the stability of the network at stake. The new rapid STP is able to actively confirm that a port cansafely transition to the forwarding state without having to rely on any timer configuration.

QUESTION 55

Which port is on every bridge in a Spanning Tree Protocol IEEE 802.1w network except the root bridge?

A. root port

B. designated port

C. alternate port

D. Backup port

Answer: A

Section: (none)


The root port is the port on each switch with the least cost path back to the root bridge. The root bridge has noneed for a root port.

QUESTION 56If you have overlapping IP address between two different networks or routing domains, what two commands doyou need to globally configure NAT to get this to work?

A. ip nat outside source list 1 interface x and ip nat inside source list 1 interface x

B. ip nat outside source static x.x.x.xy.y.y.y and ip nat inside source static x.x.x.xy.y.y.y

C. ip nat outside source static udp x.x.x.x y.y.y.y and ip nat inside source udp x.x.x.x y.y.y.y

D. ip nat outside source static tcp x.x.x.x y.y.y.y and ip nat outside source tcp x.x.x.x y.y.y.y

Answer: B

Section: (none)

Explanation/Reference:Explanation:Both source and destination address has to be translated for this solution.

QUESTION 57In Layer 2 topologies, spanning-tree failures can cause loops in the network. These unblocked loops can causenetwork failures because of excessive traffic. Which two Catalyst 6500 features can be used to limit excessivetraffic during spanning-tree loop conditions? (Choose two.)

A. storm suppression

B. storm control

C. loop guard

D. broadcast suppression

Answer: BC

Section: (none)


Explanation:Loop Guard: The STP loop guard feature provides additional protection against Layer 2 forwarding loops (STPloops). An STP loop is created when an STP blocking port in a redundant topology erroneously transitions tothe forwarding state. This usually happens because one of the ports of a physically redundant topology (notnecessarily the STP blocking port) no longer receives STP BPDUs. In its operation, STP relies on continuousreception or transmission of BPDUs based on the port role. The designated port transmits BPDUs, and thenon-designated port receives BPDUs.When one of the ports in a physically redundant topology no longer receives BPDUs, the STP conceives thatthe topology is loop free. Eventually, the blocking port from the alternate or backup port becomes designatedand moves to a forwarding state. This situation creates a loop. The loop guard feature makes additionalchecks. If BPDUs are not received on a non-designated port, and loop guard is enabled, that port is moved intothe STP loop-inconsistent blocking state, instead of the listening / learning / forwarding state. Without the loopguard feature, the port assumes the designated port role. The port moves to the STP forwarding state andcreates a loop.

Storm Control: A traffic storm occurs when packets flood the LAN, creating excessive traffic and degradingnetwork performance. The traffic storm control feature prevents LAN ports from being disrupted by a broadcast,multicast, or unicast traffic storm on physical interfaces. Traffic storm control (also called traffic suppression)monitors incoming traffic levels over a 1- second traffic storm control interval and, during the interval, comparesthe traffic level with the traffic storm control level that you configure. The traffic storm control level is apercentage of the total available bandwidth of the port. Each port has a single traffic storm control level that isused for all types of traffic (broadcast, multicast, and unicast). Traffic storm control monitors the level of eachtraffic type for which you enable traffic storm control in 1-second traffic storm control intervals. Within aninterval, when the ingress traffic for which traffic storm control is enabled reaches the traffic storm control levelthat is configured on the port, traffic storm control drops the traffic until the traffic storm control interval ends.

QUESTION 58What is the end result if a 10/100/1000 IEEE 802.3u Gigabit Ethernet link has autonegotiation enabled on theswitch port and the host NIC is statically configured for 100 Mb/s and full-duplex?

A. The link comes up, because autonegotiation sets the switch port to 100Mb/s and full-duplex.

B. The link does not come up because autonegotiation must be enabled or disabled on both sides of the link.

C. Autonegotiation sets the switch port to 100Mb/s and half-duplex.

D. Autonegotiation sets the switch port to the defaults of 10OOMb/s and full-duplex.

E. Autonegotiation sets the switch port to the defaults of 10OOMb/s and half-duplex.

Answer: C

Section: (none)


Explanation:This scenario will create 100Mbs and half duplex. duplex mismatch will result.Why Do Autonegotiation and Compatibility Issues Exist?Autonegotiation issues can result from nonconforming implementation, hardware incapabilities, or softwaredefects. When NICs or vendor switches do not conform exactly to the IEEE specification 802.3u, problems canresult. Hardware incompatibility and other issues can also exist as a result of vendor-specific advancedfeatures, such as autopolarity or cable integrity, which are not described in IEEE 802.3u for 10/100 Mbpsautonegotiation. Generally, if both the NIC and the switch adhere to IEEE 802.3u autonegotiation specificationsand all additional features are disabled, autonegotiation must properly negotiate speed and duplex, and nooperational issues exist.

General Troubleshooting for 10/100/1000 Mbps NICs Autonegotiation Valid Configuration Table Speeddetermination issues can result in no connectivity. However, issues with autonegotiation of duplex generally donot result in link establishment issues. Instead, autonegotiation issues mainly result in performance-relatedissues. The most common problems with NIC issues deal with speed and duplex configuration. Table 1summarizes all possible settings of speed and duplex for FastEthernet NICs and switch ports.Note: This section is only applicable for 10/100/1000 Mbps (1000BASE-T) NICs, and not 1000BASE-X NICs.Table 1-Autonegotiation Valid Configuration1 A duplex mismatch can result in performance issues, intermittent connectivity, and loss of communication.When you troubleshoot NIC issues, verify that the NIC and switch use a valid configuration.2 Some third-party NIC cards can fall back to half-duplex operation mode, even though both the switchport andNIC configuration are manually configured for 100 Mbps, full-duplex. This is because NIC autonegotiation linkdetection still operates when the NIC is manually configured. This causes duplex inconsistency between theswitchport and the NIC. Symptoms include poor port performance and frame check sequence (FCS) errors thatincrement on the switchport. In order to troubleshoot this issue, try to manually configure the switchport to 100Mbps, half-duplex. If this action resolves the connectivity problems,this NIC issue is the possible cause. Try toupdate to the latest drivers for your NIC, or contact your NIC card vendor for additional support.Reference:http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00800a7af0.shtml

QUESTION 59Which of these is a valid differentiated services PHB?

A. Guaranteed PHB

B. Class-Selector PHB

C. Reserved Forwarding PHB

D. Discard Eligible PHB

E. Priority PHB

Answer: B

Section: (none)

Explanation/Reference:Explanation:The Per-Hop Behavior is indicated by encoding a 6-bit value-called the Differentiated Services Code Point(DSCP)-into the 8-bit Differentiated Services (DS) field of the IP packet header.Behaviors:Default PHB-which is typically best-effort traffic

Expedited Forwarding (EF) PHB-for low-loss, low-latency traffic Assured Forwarding (AF)-behavior groupClass Selector PHBs-which are defined to maintain backward compatibility with the IP Precedence field.

QUESTION 60Refer to the exhibit. This exhibit shows the NAT configuration for Router A and the output for a ping issued fromdevice 171.68.200.48 and destined to 172.16.47.142. Based on this information, what change must be made toRouter A in order for the ping to work?

A. reload the router

B. clear the route cache

C. add a static route

D. configure IP as classless

E. Load a newer IOS image

Answer: D

Section: (none)

Explanation/Reference:Explanation:Based on the debug messages we see that the router does not have a route for the destination address(172.16.47.142) in its routing table. The result of the non-routable packet is an ICMP Unreachable message,which is sent to the inside device.However, RouterA has a default route of 172.16.47.145, so why is the route considered non- routable?

RouterA has " no ip classless" configured, which means if a packet destined for a "major" network address (inthis case, 172.16.0.0) for which subnets exist in the routing table, the router does not rely on the default route.In other words, issuing the " no ip classless" command turns off the router's ability to look for the route with thelongest bit match. To change this behavior, you have to configure ip classless on RouterA. The " ip classless"command is enabled by default on Cisco routers with IOS Version 11.3 and above.RouterA# configure terminalEnter configuration commands, one per line. End with CTRL/Z.RouterA#(config)# ip classless

RouterA#(config)# endReference:http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

QUESTION 61If a port configured with STP Port Fast BPDU guard receives a BPDU, what will happen to the port?

A. it will be identified as a designated port

B. it will be put into a forwarding state

C. it will be put into an errdisabled state

D. it will be designated as a root port

Answer: C

Section: (none)

Explanation/Reference:Explanation:The devices behind the ports with STP portfast enabled are not allowed to influence the STP topology. This isachieved by disabling the port with portfast configured upon reception of BPDU. The port is transitioned into err-disable state, and a message is printed on the console.Reference:http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml

QUESTION 62Refer to the exhibit. For this network, assume all routers have been configured to run EIGRP in AS 100, andhave also been configured to run EIGRP on all connected links. If the link between R3 and R4 fails, how manyqueries will R5 and R6 receive?

A. R6 will receive two queries, one for 192.168.1.0/24 and one for 192.168.2.0/24. R5 will receive one query,for 192.168.1.0/24.

B. Both R5 and R6 will receive two queries, one for 192.168.1.0/24 and one for 192.168.2.0/24.

C. Neither R5 nor R6 will receive any queries for either 192.168.1.0/24 or 192.168.2.0/24.

D. R5 will receive one query, for 192.168.1.0/24, and R6 will receive no queries.

Answer: A

Section: (none)

Explanation/Reference:Explanation:Both R5 and R6 will receive queries as R4 will go active to R5 for both routes and since R5 does not have anyother routes to these it queries R6.

QUESTION 63Which of these statements about OSPF external LSAs (type 5) is correct?

A. External LSAs (type 5) are automatically changed to type 1 LSAs at ASBRs.

B. Type 5 LSAs are route summaries describing routes to networks outside the OSPF Autonomous System.

C. OSPF external LSAs are automatically flooded into all OSPF areas, unlike type 7 LSAs, which require thatredistribution be configured.

D. External network LSAs (type 5) redistributed from other routing protocols into OSPF are not permitted toflood into a stub area.

E. OSPF external LSAs can be flooded into an NSSA area if redistributed from other routing protocols intoOSPF and if the subnets parameter is used with the redistribute command.

Answer: D

Section: (none)

Explanation/Reference:Explanation:type 5 not flooded into stub areaOSPF Type 5 LSA: ASBRs generate AS external link advertisements. External link advertisements describeroutes to destinations external to the AS and are flooded everywhere with the exception of stub areas, totallystubby areas, and NSSAs. The link-state ID of the type 5 LSA is the external network number.Configuring a stub area reduces the size of LSDB inside an area, resulting in reduced memory requirements forrouters in that area. Exteranl network LSAs (type 5), such as those redistributed from other routing protocolsinto OSPF, are not permitted to flood into a stub area.Reference: http://jsk984.wordpress.com/page/2/

QUESTION 64Which of these statements is true in reference to IPv6 multicast?

A. IPv6 multicast uses Multicast Listener Discovery.

B. IPv6 multicast requires MSDP.

C. PIM dense mode is not part of IPv6 multicast.

D. The first 8 bits of an IPv6 multicast address are always FF (1111 1111)

Answer: A

Section: (none)

Explanation/Reference:Explanation:The Multicast Listener Discovery Protocol (MLD) is used by IPv6 routers to discover the presence of multicastlisteners (i.e., nodes that wish to receive multicast packets) on their directly attached links, and to discoverspecifically which multicast addresses are of interest to those neighboring nodes. Note that a multicast routermay itself be a listener of one or more multicast addresses; in this case it performs both the "multicast routerpart" and the "multicast address listener part" of the protocol, to collect the multicast listener information neededby its multicast routing protocol on the one hand, and to inform itself and other neighboring multicast routers ofits listening state on the other hand.Reference: http://www.ietf.org/rfc/rfc3810.txt

QUESTION 65

The following network topology is shown in the following exhibit, where routers R1 and R2 are configured withHSRP:

Exhibit:

A. HSRP secondary address configuration error

B. This is not an HSRP problem, but rather an STP error or router or switch configuration issue

C. HSRP standby configuration error

D. HSRP burned-in address error

Answer: B

Section: (none)

Explanation/Reference:Explanation:From the Cisco Troubleshoot HSRP Case Studies :Case Study #1: HSRP Standby IP Address Is Reported as a Duplicate IP Address These error messages canappear:Oct 12 13:15:41 : %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by 0000.0c07.ac19Oct 13 16:25:41 : %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by 0000.0c07.ac19Oct 15 22:31:02 : %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by 0000.0c07.ac19Oct 15 22:41:01 : %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by 0000.0c07.ac19These error messages do not necessarily indicate an HSRP problem. Rather, the error messages indicate apossible Spanning Tree Protocol (STP) loop or router/switch configuration issue. The error messages are justsymptoms of another problem.In addition, these error messages do not prevent the proper operation of HSRP. The duplicate HSRP packet isignored. These error messages are throttled at 30-second intervals. But, slow network performance and packet loss can result from the network instability that causes the STANDBY-3-DUPADDR error messages of the HSRP address.Reference:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml

QUESTION 66Which two of these statements best describe the role of split horizon? (Choose two.)

A. It is a redistribution technique used by routing protocols.

B. It is a function that prevents the advertising of routes over an interface that the router is using to reach aroute.

C. Its role is to help avoid routing loops

D. It is a function used by routing protocols to install routes into routing table.

E. It is used only by EIGRP.

Answer: BC

Section: (none)

Explanation/Reference:Explanation:In computer networks, distance-vector routing protocols employ the split horizon rule which prohibits a routerfrom advertising a route back out the interface from which it was learned. Split horizon is one of the methodsused to prevent routing loops due to the slow convergence times of distance-vector routing protocols.

QUESTION 67Which of these tables is used by an LSR to perform a forwarding lookup for a packet destined to an addresswithin an RFC 4364 VPN?

A. CEF

B. FIB

C. LFIB

D. IGP

Answer: C

Section: (none)

Explanation/Reference:Explanation:LFIB is used to forward labels currently being forwarded.The Label Forwarding Information Base (LFIB) is a table that indicates where and how to forward frames in anMPLS/VPN network. It is created by label switch-capable devices; the LFIB contains a list of entries consistingof an ingress and one or more egress subentries (outgoing label, outgoing interface, outgoing link-levelcomponents). The LFIB is constructed based on information the LSRs gain from interaction with the routing protocols.

QUESTION 68Refer to the exhibit. In this network, all routers are configured to place all interfaces shown in OSPF Area 0. Ifyou examined the OSPF database on R4, what would the network (type 2) LSA generated by R3 contain?

A. a connection to 10.1.5.0/24, and links to R3, R2, and R1

B. a connection to 10.1.5.0/24, and links to R2 and R1

C. connections to 10.1.5.0/24 and 10.1.1.0/31

D. R3 would not generate a network (type 2) LSA in this network.

Answer: D

Section: (none)

Explanation/Reference:Explanation:R3 will not generate any type 2. It is not a DR and this connection with R4 is a point to point link where there isno DR. Type 2 LSA are generated by DR

QUESTION 69WRED is most effective under what circumstances?

A. most traffic is TCP-based

B. an equal distribution of TCP and UDP traffic

C. a mix of TCP, UDP, and non-IP traffic

D. very high bandwidth interfaces such as Gigabit Ethernet

Answer: A

Section: (none)

Explanation/Reference:Explanation:WRED avoids the globalization problems that occur when tail drop is used as the congestion avoidancemechanism. Global synchronization manifests when multiple TCP hosts reduce their transmission rates inresponse to packet dropping, then increase their transmission rates once again when the congestion isreduced.WRED is only useful when the bulk of the traffic is TCP/IP traffic . With TCP, dropped packets indicatecongestion, so the packet source will reduce its transmission rate. With other protocols, packet sources maynot respond or may resend dropped packets at the same rate. Thus, dropping packets does not decreasecongestion.

Reference: http://www.cisco.com/en/US/docs/ios/12_0/qos/configuration/guide/qcconavd.html

QUESTION 70

Both Loop guard and UniDirectional Link Detection protect against Layer 2 STP loops. How to differ loop guardfrom UDLD in loop detection and prevention? (Choose two.)

A. Loop guard can be used with root guard simultaneously on the same port on the same VLAN while UDLDcannot.

B. Loop guard detects and protects against duplicate packets being received and transmitted on differentports.

C. UDLD protects against STP failures caused by cabling problems that create one-way links.

D. Loop guard protects against STP failures caused by problems that result in the loss of BPDUs from adesignated switch port.

Answer: CD

Section: (none)

Explanation/Reference:Explanation:Both UniDirectional Link Detection (UDLD) and Loop Guard protect a switch trunk port from causing loops.Both features prevent switch ports from errantly moving from a blocking to a forwarding state when aunidirectional link exists in the network. Unidirectional links are simply links for which one of the twotransmission paths on the link has failed, but not both. This can happen as a result of miscabling, cutting onefiber cable, unplugging one fiber, GBIC problems, or other reasons. Because STP monitors incoming BPDUs toknow when to reconverge the network, adjacent switches on a unidirectional link could both becomeforwarding, causing a loop.Loop Guard -When normal BPDUs are no longer received, the port does not go through normal STPconvergence, but rather falls into an STP loop-inconsistent state.

Reference: CCIE Routing and Switching Official Exam Certification Guide, Second Edition by Wendell Odom,page 83.

QUESTION 71Which of these statements about anycast RPs is correct?

A. Anycast RPs cannot be used in conjunction with Auto-RPs.

B. After a failure of one of the anycast RPs, the PIM network v reconverge on the remaining anycast RP orRPs in less than one second.

C. After a failure of one of the anycast RPs, the PIM network x reconverge on the remaining anycast RP orRPs in roughly the same time that it takes unicast routing to reconverge

D. The anycast RPs must reside within the same IGP domain.

Answer: C

Section: (none)

Explanation/Reference:Explanation:Anycast-RP:

If an Anycast-RP were to fail, its host route would cease being advertised to the network and the unicast routingwill reconverge on the remaining Anycast-RP. This will cause the routers in the network to rejoin and reregisterreceivers and sources to the remaining Anycast-RP to maintain multicast traffic flow. This process occurs inapproximately the time that it takes unicast routing to converge, which means that Anycast-RP has one of thefastest Rendezvous Point failover times of all of the Rendezvous Point configuration methods.Reference:http://www.cisco.com/en/US/tech/tk828/technologies_white_paper09186a00802d4643.shtml

QUESTION 72Refer to the exhibit. This network is using a classful routing protocol. Subnet 10.1.1.0/24 is sourced by Router Aand advertised to Router B. Router B then sends updates to Router C, which forwards updates to Router D,which propagates routing information beyond. With regards to only the 10.1.1.0/24 subnet, what does Router Dadvertise out its 10.1.4.0/24 interface?

Exhibit:

A. 10.1.1.0

B. 10.1.1.0/24

C. 10.0.0.0

D. 10.0.0.0/8

E. No update is sent regarding the 10.1.1.0/24 subnet

Answer: E

Section: (none)


Explanation:Cisco routers running a classful routing protocol will automatically summarize at network boundaries. In thiscase, B will advertise the summarized 10.0.0.0/8 network to C. Since C will have a more specific route to the10/0.0.0/8 network, he will not advertise this route to D, so D will not receive either the 10.1.1.0/24 or the10.0.0.0/8 route.

QUESTION 73Which of these statements best describes the major difference between an IPv4-compatible tunnel and a 6to4tunnel?

A. An IPv4-compatible tunnel is a static tunnel, but an 6to4 tunnel is a semiautomatic tunnel.

B. The deployment of a IPv4-compatible tunnel requires a special code on the edge routers, but a 6to4 tunneldoes not require any special code.

C. An IPv4-compatible tunnel is typically used only between two IPv6 domains, but a 6to4 tunnel is used toconnect to connect two or more IPv6 domains.

D. For an IPv4-compatible tunnel, the ISP assigns only IPv4 addresses for each domain, but for a 6to4 tunnel,the ISP assigns only IPv6 addresses for each domain.

Answer: C

Section: (none)

Explanation/Reference:Explanation:"It's a semiautomatic tunnel"

6to4 Eliminates Complex Tunnel ManagementThe 6to4 transition mechanism provides a solution to the complexity problem of building manually configured tunnels to an ISP by advertising a site's IPv4 tunnel endpoint (to be used for a dynamic tunnel) in aspecial external routing prefix for that site. Thus one site trying to reach another will discover the 6to4 tunnelendpoint from a Domain Name System (DNS) name to address lookup and use a dynamically built tunnel fromsite to site for the communication. (See Figure 2.) The tunnels are transient in that there is no state maintainedfor them, lasting only as long as a specific transaction uses the path. A 6to4 tunnel also bypasses the need toestablish a tunnel to a wide- area IPv6 routing infrastructure, such as the 6bone.The specification of a 48-bit external routing prefix in the IPv6 Aggregatable Global Unicast Address Format(AGGR) [7] (see Figure 3) that provides just enough space to hold the 32 bits required for the 32-bit IPv4 tunnelendpoint address (called V4ADDR in Figure 3) makes this setup possible.Thus, this prefix has exactly the same format as normal prefixes assigned according to the AGGR. Within thesubscriber site it can be used exactly like any other valid IPv6 prefix, for instance, for automated addressassignment and discovery according to the normal IPv6 mechanisms for this.OLD Style, more work:The 6to4 mechanism addresses many of the practical difficulties with manually configured tunneling: The end-user site network staff must choose an IPv6 Internet service to tunnel to. This entails a process of at least threeparts: - Finding candidate networks when the site's choice of IPv4 service does not provide IPv6 service (eithertunneling or native), - Determining which ones are the best IPv4 path to use so that an IPv6-over-IPv4 tunneldoesn't inadvertently follow a very unreliable or low-performance path, - Making arrangements with the desiredIPv6 service provider for tunneling service, a scenario that may at times be difficult if the selected provider isnot willing to provide the service, or if for other administrative/cost reasons it is difficult to establish a businessrelationship.Clearly it is easiest to use the site's own service provider, but in the early days of IPv6 transition this will oftennot be an option. An IPv6-over-IPv4 tunnel must be built to the selected provider, and a peering relationshipmust be established with the selected provider. This requires establishing a technical relationship with theprovider and working through the various low-level details of how to configure tunnels between two routers,including answering the following questions: - Are the site and provider routers compatible early on in thisprocess? - What peering protocol will be used (presumably an IPv6-capable version of the Border GatewayProtocol Version 4 [BGP4]), and are the versions compatible and well debugged? - Have all the technical tunnelconfiguration issues between the site and provider been addressed? Again, it is clearly easiest to perform all

these steps if they are taken with the site's own IPv4 service provider.

QUESTION 74Traffic classification using NBAR is configured using which IOS command?

A. router(config-if)#ip nbar protocol-discovery

B. router(config)#ip nbar port-map {protocol} [tcp|udp] {port-number} {port-number}

C. router(config-cmap)#match protocol {protocol-name}

D. router(config)#ip nbar pdlm {pdlm-file}

E. router(config-cmap)#match access-group {number}

F. router(config-pmap)#class nbar

Answer: C

Section: (none)

Explanation/Reference:Explanation:To configure a traffic class and the match criteria that will be used to identify traffic as belonging to that class,use the class-map global configuration command.

Example:In the following example, the class-map class1 command uses the NBAR classification of SQL*Net as itsmatching criterion:Router(config)# class-map class1Router(config-cmap)# match protocol sqlnetReference:http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800c75d0.html#32047

QUESTION 75Which two of these are reasons why some ports do not reply to RSTP proposals? (Choose two.

A. the age time has expired

B. the remote bridge is in the discarding state

C. the remote bridge does not understand RSTP BPDU

D. the remote bridge is in the forwarding state

Answer: BC

Section: (none)


If a designated discarding port does not receive an agreement after it sends a proposal, it slowly transitions tothe forwarding state, and falls back to the traditional 802.1D listening-learning sequence. This can occur if theremote bridge does not understand RSTP BPDUs, or if the port of the remote bridge is blocking.

Reference: "Understanding Rapid Spanning Tree Protocol (802.1w)" http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml #agree

QUESTION 76Which of these statements correctly describes the operation of Multicast Listener Discovery?

A. IPv6 routers use MLD to discover multicast listeners on directly attached links.

B. For each unicast and anycast address configured on an interface of a node or router, a corresponding MLDaddress is automatically enabled.

C. MLD addresses are scoped to local links.

D. Since ARP is not used in IPv6, each node and router uses MLD to learn the link layer address of neighbornodes and routers on the same local link.

E. Nodes and routers use MLD to verify if IPv6 addresses are already in use on local links before theyconfigure their own IPv6 addresses with stateless auto-configuration.

Answer: A

Section: (none)

Explanation/Reference:Explanation:The purpose of Multicast Listener Discovery (MLD) is to enable each IPv6 router to discover the presence ofmulticast listeners (that is, nodes wishing to receive multicast packets) on its directly attached links, and todiscover specifically which multicast addresses are of interest to those neighboring nodes. This information isthen provided to whichever multicast routing protocol is being used by the router, in order to ensure thatmulticast packets are delivered to all links where there are interested receivers.MLD is an asymmetric protocol, specifying different behaviors for multicast listeners and for routers. For thosemulticast addresses to which a router itself is listening, the router performs both parts of the protocol, includingresponding to its own messages. If a router has more than one interface to the same link, it need perform therouter part of MLD over only one of those interfaces. Listeners, on the other hand, must perform the listenerpart of MLD on all interfaces from which an application or upper-layer protocol has requested reception ofmulticast packets.

QUESTION 77

The ip inspect inspection-name {in | out} command is used to configure which IOS security feature?

A. IPS

B. IPsec site-to-site VPN

C. Cisco IOS Firewall

D. Cisco Auto Secure

E. IDS

F. Easy VPN

Answer: C

Section: (none)

Explanation/Reference:Explanation:CBAC is a function of the Cisco IOS feature set. CBAC is configured using the "ip inspect" command.The ip inspect inspection-name {in | out} command is used to apply the inspection rule to an interface. Thekeyword in is used for inbound traffic when the CBAC is applied on the internal (trusted, or secure) interface.The keyword out is used for outbound traffic when the CBAC is applied on the external, unsecured interface.Reference: http://www.ciscopress.com/articles/article.asp?p=26533&seqNum=5&rl=1

QUESTION 78Policy-based routing allows network administrators to implement routing policies to allow or deny paths basedon all of these factors except which one?

A. packet size

B. end system

C. protocol

D. application

E. throughput

Answer: E

Section: (none)

Explanation/Reference:Explanation:You can set up PBR as a way to route packets based on configured policies. For example, you can implementrouting policies to allow or deny paths based on the identity of a particular end system, an application protocol,or the size of packets.Instead of routing by the destination address, policy-based routing allows network administrators to determineand implement routing policies to allow or deny paths based on the following:- Identity of a particular end system

- Application- Protocol- Size of packetsReference: http://www.cisco.com/en/US/docs/ios/12_0/qos/configuration/guide/qcclass.html

QUESTION 79Refer to the exhibit. All the routers in this network are configured to advertise all connected links through BGP,and R2 through R4 are configured to advertise all connected links through OSPF. At R4, 172.30.1.0/24 is not inthe local BGP table or the local routing table. What is the most likely cause of this problem?

A. R3 is learning 172.30.1.0/24 through IBGP, and therefore it will not readvertise this route to its IBGP peers,including R4.

B. R4 has no path to the next hop for 172.30.1.0/24, R1.

C. AtR4, the next hop for 172.30.1.0/24 is R1, and R1 is learning about the network between R1 and R2through IBGP. BGP does not allow a route with an IBGP next hop to be installed in the local routing table.

D. R2 is probably filtering 172.30.1.0/24; without looking at the configuration on R2, you cannot determine whatthe problem is.

Answer: A

Section: (none)


QUESTION 80You are a network engineer, study the exhibit carefully. The company's network is running EIGRP and you wantto change the path R5 uses to reach 172.30.1.0/24 to R4. How could you achieve this goal?

Exhibit:

A. Do nothing; the best path to 172.30.1.0/24 from R5 is already through R4.

B. Change the bandwidth on the link between R4 and R5 to 110.

C. Change the bandwidth on the link between R2 and R5 to 70, and change the bandwidth on the link betweenR3 and R5 to 70.

D. Change the bandwidth on the link between R3 and R5 to 70.

E. None of the other alternatives apply.

Answer: C

Section: (none)

Explanation/Reference:Explanation:For default behavior (most K values are 0 by default), you can simplify the EIGRP best path formula as: Metric= Bandwidth + Delay. Since the delay is set to 10 on all links this scenario in this case the best path can beseen by simply looking at the bandwidth. Since the other two paths will be preferred because those paths havehigher cumulative bandwidth values, we must lower one of the links to 70 on each of the paths in order for thepath through R4 to be preferred.

QUESTION 81Refer to the exhibit. In this network, how traffic arriving at R1 for 10.1.3.1 be routed?

A. through R3, since the path through R3 is through the backbone

B. through R1 since the path through R1 has the lowest hop count

C. through R1, since the path through R1 has the lowest total metric (10+10=20, versus 10+10+10=30 throughR3)

D. through R2, because that is the only path available; no neighbor adjacency will be built between R1 and R2

Answer: A

Section: (none)

Explanation/Reference:Explanation:Since there is a mismatch in area configuration between R1 and R2, the traffic is required to go through thebackbone.

QUESTION 82Two directly connected routers, R1 and R2, are both configured for OSPF graceful restart. R2 is capable ofswitching packets in hardware, but R1 is not. If a network administrator logs on to R2 and performs a systemreload, what will the result be?

A. Traffic forwarded from R2 to or through R1 will continue to be forwarded based on the forwarding table stateat the time of the reload. OSPF will resynchronize its local databases after the reload has completed.

B. R2 will continue forwarding traffic to and through R1, but R1 will drop this traffic because it is not capable ofmaintaining its forwarding state through the reload.

C. All the traffic R2 is forwarding to or through R1 will be dropped while OSPF rebuilds its neighbor adjacencyand forwarding tables.

D. R2 will continue to forward traffic to R1, but R1 will drop the traffic because its neighbor adjacency with R2has failed.

Answer: A

Section: (none)

Explanation/Reference:Explanation:Nonstop Forwarding (NSF) for OSPFv2 in Cisco IOS software uses the IETF standardized graceful restartfunctionality that is described in RFC 3623. Under very specific situations, a router may undergo certain well-known failure conditions that should not affect packet forwarding across the switchingplatform. NSF capability allows for the forwarding of data packets to continue along routes that are alreadyknown, while the routing protocol information is being restored. This capability is useful in cases in which thereis a component failure (for example, a Route Processor [RP] crash with a backup RP taking over) or in whichthere is a scheduled hitless software upgrade.A key element of NSF is packet forwarding. The OSPF protocol depends on CEF to continue forwardingpackets during switchover while the routing protocols rebuild the Routing Information Base (RIB) tables. OnceOSPF has converged, CEF updates the Forwarding Information Base (FIB) table and removes stale routeentries. CEF then updates the line cards with the new FIB information. CEF maintains the FIB and uses the FIBinformation that was current at the time of a switchover to continue forwarding packets during the switchover. This feature reduces traffic interruption duringthe switchover.Reference:http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a00805e8 fbd.html

QUESTION 83Which three of these are characteristics of Unidirectional Link Detection? (Choose three.)

A. UDLD detects wiring mistakes when receive and transmit twisted pairs are not connected to the correctpinots.

B. UDLD detects wiring mistakes when receive and transmit fibers are not connected to the same port on theremote side.

C. UDLD protects against situations in which light is received on both sides of a fiber Gigabit Ethernet link (linkup) but the fiber-optic hardware is not communicating correctly.

D. UDLD prevents spanning-tree loops caused by one-way link conditions

E. UDLD prevents spanning-tree loops caused by link speed and duplex configuration mismatches.

Answer: BCD

Section: (none)

Explanation/Reference:Explanation:The UDLD protocol allows devices connected through fiber-optic or copper Ethernet cables (for example,Category5 cabling) to monitor the physical configuration of the cables and detect when a unidirectional linkexists. When a unidirectional link is detected, UDLD shuts down the affected port and alerts the user.Unidirectional links can cause a variety of problems, including spanning- tree topology loops.UDLD is a Layer2 protocol that works with Layer 1 mechanisms such as autonegotiation to determine thephysical status of a link. At Layer1, autonegotiation handles physical signaling and fault detection. UDLD alsoperforms tasks that autonegotiation cannot perform such as detecting

the identities of neighbors and shutting down misconnected ports. When both autonegotiation and UDLD areenabled, Layer1 and Layer2 detection features can work together to prevent physical and logical unidirectionalconnections and malfunctioning of other protocols. A unidirectional link occurs whenever traffic transmitted bythe local device over a link is received by the neighbor but traffic transmitted from the neighbor is not receivedby the local device. For example, if one of the fiber strands in a pair is disconnected, as long as autonegotiationis active the link does not stay up. In this situation, the logical link is undetermined, and UDLD does not takeany actions. If both fibers are working normally at Layer1, then UDLD at Layer 2 determines whether thosefibers are connected correctly and whether traffic is flowing bidirectionally between the correct neighbors. Thischeck cannot be performed by autonegotiation, because autonegotiation is a Layer1 feature.

The switch periodically transmits UDLD messages (packets) to neighbor devices on ports with UDLD enabled.If the messages are echoed back to the sender within a specific time frame and they are lacking a specificacknowledgment (echo), the link is flagged as unidirectional and the port is shut down. Devices on both ends ofthe link must support UDLD in order for the protocol to successfully identify and disable unidirectional links.Reference:http://www.cisco.com/en/US/docs/switches/lan/catalyst5000/catos/5.x/configuration/guide/udld.html#wp1019845

QUESTION 84Refer to the exhibit. Which two of the following statements are true? (Choose two.)

A. The distance commands have no effect, as the specified routers are not directly connected.

B. If either router A or B loses connectivity to the stub network via Domain 1, it is prevented from using a pathvia Domain 2.

C. These configurations prevent a routing loop between routers A & B in the event that router C malfunctionsand stops communicating.

D. The configurations ensure that intra-domain routes to network 10.100.254.0 are preferred over inter-domainroutes, no matter the actual cost to the stub network.

E. The addition of the command distance ospf external 200 to both OSPF processes on both routers A & B willprevent routing loops and allow routing to the stub network via Domain 2 if either one of the routers losesconnectivity via Domain 1.

F. Either router A or router B will actively redistribute routes between the domains; the other router will be instandby. Since the administrative distances are the same, the active and standby roles are determined bywhich router becomes active first.

Answer: BC

Section: (none)


QUESTION 85If a port configured with STP root guard receives a superior STP BPDU, the port will be put into which state?

A. root-inconsistent state

B. forwarding state

C. blocking state

D. errdisabled state

Answer: A

Section: (none)

Explanation/Reference:Explanation:Loop Guard-When normal BPDUs are no longer received, the port does not go through normal STPconvergence, but rather falls into an STP loop-inconsistent state.

QUESTION 86Refer to the exhibit. Assuming that the routing protocol for this network is EIGRP, if the link between R1 and R3failed, what would R4 receive from R3?

A. R4 would receive an update noting R3's higher cost to reach 172.30.1.0/24.

B. R4 would not receive any updates or queries, since R3 would simply move to the path through R2.

C. R4 would receive a query, since R3 would mark 172.30.1.0/24 as active when the link between R1 and R4failed.

D. R4 would not receive any packets, since R3 is not using the link to R1 to reach 172.30.1.0/24.

Answer: A

Section: (none)


QUESTION 87Which three of these statements about Dynamic Trunking Protocol are correct? (Choose three.)

A. It supports auto negotiation for both ISL and IEEE 802.1 Q trunks.

B. It must be disabled on an interface if you do not want the interface to work as a trunk or start negotiation tobecome a trunk.

C. It is a point-to-multipoint protocol.

D. It is a point-to-point protocol.

E. It is not supported on private VLAN ports or tunneling ports.

Answer: ABD

Section: (none)


QUESTION 88Which three Cisco extensions to 802.1D are built in to 802.1w? (Choose three.)

A. BackboneFast

B. UplinkFast

C. FlexLink

D. Port Fast

E. load balancing

F. PortlinkFast

Answer: ABD

Section: (none)

Explanation/Reference:Explanation:From the CCIE R&S Exam Certification Guide:IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) enhances the 802.1d standard with one goal in mind:improving STP convergence. To do so, RSTP defines new variations on BPDUs between switches, new portstates, and new port roles, all with the capability to operate backwardly compatible with 802.1d switches. Thekey components of speeding convergence with 802.1w are as follows:? Waiting for only three missed hellos on an RP before reacting (versus ten missed Hellos via the Maxage timerwith 802.1d)

? New processes that allow transition from the disabled state (replaces the blocking state in 802.1d) to learningstate, bypassing the concept of an 802.1d listening state ? Standardization of features like Cisco PortFast,UplinkFast, and BackboneFast ? An additional feature to allow a backup DP when a switch has multiple portsconnected to the same shared LAN segment

QUESTION 89According to the definitions of different services in various RFCs, traffic with Expedited Forwarding per-hopbehavior should be marked as which of these?

A. DSCP decimal 36

B. IPToSofOxEF

C. IP experimental ECN

D. DSCP decimal 5

E. binary value of 101110

Answer: E

Section: (none)

Explanation/Reference:Explanation:The table below lists the IP precedence and DSCP values, and their names, for review. Note that not all DSCPvalues are listed; only the DSCP values suggested by the DiffServ RFCs are listed in the table. QoS tools thatare capable of setting DSCP can set any of the actual 64 values.

Reference: http://www.ciscopress.com/articles/article.asp?p=101170&seqNum=2&rl=1

QUESTION 90Having multiple unknown unicast frames in a switch would most likely deplete which of these resources?

A. available MAC addresses in the system

B. available memory for frame buffering

C. available bandwidth

D. electrical power

E. TCAM entries

Answer: C

Section: (none)


QUESTION 91What is the purpose of an explicit "deny any" statement at the end of an ACL?

A. none, since it is implicit

B. to enable Cisco lOS IPS to work properly; however, it is the deny all traffic entry that is actually required

C. to enable Cisco lOS Firewall to work properly; however, it is the deny all traffic entry that is actually required

D. to allow the log option to be used to log any matches

E. to prevent sync flood attacks

F. to prevent half-opened TCP connections

Answer: D

Section: (none)

Explanation/Reference:Explanation:Although all ACLs contain an implicit deny statement, Cisco recommends use of an explicit deny statement, forexample, "deny ip any any". On most platforms, such statements maintain a count of the number of deniedpackets that can be displayed using the show access-list command. Using the explicit deny any command alsoallows for the use of the "log" keyword to log all traffic denied by the access list.

QUESTION 92A new router has been allocated a single /24 subnet (172.16.123.0/24). The interface between this new routerand the upstream router has already been configured from a different IP subnet. The four other interfaces onthis router require 56, 10, 72, and 24 IP addresses, respectively. The router always uses the first IP address onany subnet.

Which of these combinations of IP addresses will allow the router to meet the interface requirements?

A. 172.16.123.1 255.255.255.128172.16.123.129 255.255.255.224172.16.123.161 255.255.255.224172.16.123.193 255.255.255.224

B. 172.16.123.1 255.255.255.192172.16.123.65 255.255.255.192172.16.123.129 255.255.255.192172.16.123.193 255.255.255.192

C. 172.16.123.1 255.255.255.128172.16.123.129 255.255.255.192172.16.123.193 255.255.255.224172.16.123.225 255.255.255.248

D. 172.16.123.1 255.255.255.128172.16.123.129 255.255.255.192172.16.123.193 255.255.255.224172.16.123.225 255.255.255.240

Answer: D

Section: (none)

Explanation/Reference:Explanation:The subnet sizes needed to meet the address requirements are:56 = /26 = 255.255.255.19210 = /28 = 255.255.255.24072 = /25 = 255.255.255.12824 = /27 = 255.255.255.224Answer D most efficiently meets these requirements.

QUESTION 93What will be the results of enabling IP Source Guard on an untrusted switch port that does not have DHCPsnooping enabled?

A. The switch will run out of ACL hardware resources.

B. All DHCP requests will pass through the switch untested.

C. DHCP requests will be switched in the software, which may result in lengthy response times.

D. The DHCP server reply will be dropped and the client will not be able to obtain an IP address.

Answer: D

Section: (none)


Explanation:IP source guard prevents IP spoofing by allowing only the IP addresses that are obtained through DHCPsnooping on a particular port. Initially, all IP traffic on the port is blocked except for the DHCP packets that arecaptured by DHCP snooping. When a client receives a valid IP address from the DHCP server, a port accesscontrol list (PACL) is installed on the port that permits the traffic from the IP address. This process restricts theclient IP traffic to those source IP addresses that are obtained from the DHCP server; any IP traffic with asource IP address other than that in the PACLs permit list is filtered out. This filtering limits the ability of a hostto attack the network by claiming a neighbor host's IP address.IP source guard uses source IP address filtering, which filters the IP traffic that is based on its source IPaddress. Only the IP traffic with a source IP address that matches the IP source binding entry is permitted.A port's IP source address filter is changed when a new DHCP-snooping binding entry for a port is created ordeleted. The port PACL is modified and reapplied in the hardware to reflect the IP source binding change. Bydefault, if you enable IP source guard without any DHCP-snooping bindings on the port, a default PACL thatdenies all IP traffic is installed on the port. When you disable IP source guard, any IP source filter PACL isremoved from the port.Reference:http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008022f26c.html

QUESTION 94Refer to the exhibit. In this network, which EIGRP neighbor would R5 consider the successor for172.30.1.0/24?

A. R3 would be the successor for 172.30.1.0/24 atR5.

B. R2 would be the successor for 172.30.1.0/24 atR5.

C. R4 would be the successor for 172.30.1.0/24 atR5.

D. not enough information has been given to determine which EIGRP neighbor would be the successor at R5for 172.30.1.0/24.

Answer: A

Section: (none)


QUESTION 95

Which three of these are reasons to implement a DMVPN using both IPsec and GRE for remote siteconnectivity? (Choose three)

A. less configuration needed at the hub site

B. support for dynamically addressed (DHCP) spoke routers

C. support for dynamically addressed (DHCP) hub routers

D. dynamic spoke-to-spoke tunneling

E. support for Dynamic Spoke Control Protocol

F. less configuration needed at the spoke sites

Answer: ABD

Section: (none)

Explanation/Reference:Explanation:No GRE or IPsec information about a spoke is configured on the hub router in the DMVPN network . The spokerouter's GRE tunnel is configured (via NHRP commands) with information about the hub router. When thespoke router starts up, it automatically initiates the IPsec tunnel with the hub router as described above. It thenuses NHRP to notify the hub router of its current physical interface IP address. This is useful for three reasons:If the spoke router has its physical interface IP address assigned dynamically (such as with ADSL orCableModem via the use of DHCP), then the hub router cannot be configured with this information since eachtime the spoke router reloads it will get a new physical interface IP address. With DMVPN, spoke routers canstill connect dynamically even if they are dynamically addressed through DHCP. Configuration of the hub routeris shortened and simplified since it does not need to have any GRE or IPsec information about the peer routers.All of this information is learned dynamically via NHRP. When you add a new spoke router to the DMVPNnetwork, you do not need to change the configuration on the hub or on any of the current spoke routers. Thenew spoke router is configured with the hub information, and when it starts up, it dynamically registers with thehub router. The dynamic routing protocol propagates the routing information for this spoke to the hub. The hubpropagates this new routing information to the other spokes. It also propagates the routing information from theother spokes to this spoke.

With the DMVPN solution, one router is the hub, and all the other routers (spokes) are configured with tunnelsto the hub. The spoke-to-hub tunnels are up continuously, and spokes do not need configuration for directtunnels to any of the other spokes. Instead, when a spoke wants to transmit a packet to another spoke (such asthe subnet behind another spoke), it uses NHRP to dynamically determine the required destination address ofthe target spoke. The hub router acts as the NHRP server and handles this request for the source spoke. Thetwo spokes then dynamically create an IPsec tunnel between them (via the single mGRE interface) and datacan be directly transferred. This dynamic spoke-to-spoke tunnel will be automatically torn down after a(configurable) period of inactivity.Reference:http://www.cisco.com/en/US/tech/tk583/tk372/technologies_white_paper09186a008018983e.shtml

#solution

QUESTION 96A (*,G) multicast entry is associated with which three multicast types or features? (Choose three.)

A. shared tree

B. source tree

C. dense mode

D. sparse mode

E. bi-directional PIM

Answer: ADE

Section: (none)


QUESTION 97During the IPv6 address resolution, a node sends a neighbor solicitation message in order to discover which ofthese?

A. The Layer 2 multicast address of the destination node

B. The solicited node multicast address of the destination node

C. The Layer 2 address of the destination node based on the destination IPv6 address

D. The IPv6 address of the destination node based on the destination Layer 2 address

Answer: C

Section: (none)

Explanation/Reference:Explanation:Neighbor solicitation messages are sent on the local link when a node wants to determine the link- layeraddress of another node on the same local link. When a node wants to determine the link- layer address ofanother node, the source address in a neighbor solicitation message is the IPv6 address of the node sendingthe neighbor solicitation message. The destination address in the neighbor solicitation message is the solicited-node multicast address that corresponds to the IPv6 address ofthe destination node. The neighbor solicitation message also includes the link-layer address of the sourcenode.Reference:http://www.cisco.com/en/US/docs/storage/san_switches/mds9000/sw/rel_3_x/configuration/guides /cli_3_4_x/ipv6.html#wp1206008

QUESTION 98A network is composed of several VRFs. It is required that VRF users VRF_A and VRF_B be able to route toand from VRF_C, which hosts shared services. However, traffic must not be allowed to flow between VRF_Aand VRF_B. How can this be accomplished?

A. route redistribution

B. import and export using route descriptors

C. import and export using route targets

D. Cisco MPLS Traffic Engineering

Answer: C

Section: (none)

Explanation/Reference:Explanation:You can use VRF import and export route targets to configure a variety of VPN topologies, such as full-meshVPNs, hub-and-spoke VPNs, and overlapping VPNs. In an overlapping VPN, a site is a member of more thanone VPN. For example, in Figure76, the middle site is a member of both VPN A and VPN B. In other words,that site can communicate with all other VPN A sites and all other VPN B sites. An overlapping VPN is oftenused to provide centralized services. The central site might contain DNS servers or WWW servers ormanagement stations that need to be reachable from multiple VPNs. Overlapping IPv4 and IPv6 VPNs aresupported by the same route-target mechanism.

Reference: http://www.juniper.net/techpubs/software/erx/junose71/swconfig-bgp-mpls/html/bgp- mpls-apps-config10.html

QUESTION 99Which three of these statements correctly describe type 2 LSAs (network link advertisements)? (Choose three.)

A. Network LSAs are generated by the DR.

B. Network LSAs are flooded only in their originating areas.

C. A network LSA lists all attached routers including the DR.

D. Every router in an OSPF area generates type 2 LSAs, as well as type 1 LSAs.

E. The link-state ID of the type 2 LSA is the loop back address of the DR.

F. When a network LSA reaches an ABR it is converted to a type 5 LSA (AS external LSA) and then flooded toother areas.

Answer: ABC

Section: (none)

Explanation/Reference:Explanation:Type 2 LSAs represent a transit subnet for which a DR has been elected. The LSID is the RID of the DR on thatsubnet. Note that type 2 LSAs are not created for subnets on which no DR has been elected. The type 2 LSAincludes references to the RIDs of all routers that are currently neighbors of the DR on that subnet. Type 2LSAs, like Type 1 LSAs are flooded only in the area they are generated in.

Incorrect Answers:D: Only the DR on a multiaccess network generates Type 2 LSAs. On a non-multiaccess network, Type 2 LSAsare not required.E: The LSID of the Type 2 LSA is the RID of the DR for the segment. While the RID could be the loopbackaddress, it could also be manually configured or the address of another interface if no loopback address isconfigured.F: Type 5 LSAs are generated by the ABR from Type 7 LSAs in a NSSA.

QUESTION 100Auto-RP messages are forwarded via which of these?

A. IP multicast using lANA-registered groups 224.0.1.39 and 224.0.1.40.

B. unicast messages between candidate RPs and the mapping agent

C. hop-by-hop flooding of Auto-RP control packets via the 224.0.0.13 [PIM-ROUTERS] link-local multicastgroup

D. hop-by-hop flooding of Auto-RP control packets via the 224.0.0.2 [ALL-ROUTERS] link-local multicast group

Answer: A

Section: (none)

Explanation/Reference:Explanation:Auto-RP automates the distribution of group-to-RP mappings in a network supporting sparse mode PIM. Itsupports the use of multiple RPs within a network to serve different group ranges, and allows configurations ofredundant RPs for reliability purposes. In comparison, manual configuration of RP information is prone toinconsistency which can cause connectivity problems. In summary, the automatic distribution of Group-to-RPmappings simplifies configuration task, and guarantees consistency.In a nutshell, the Auto-RP mechanism operates on two basic components, the candidate RPs and the RP

mapping agents: All candidate RPs advertise their willingness to be an RP via "RP- announcement" messages.

These messages are periodically sent to a reserved well-known group 224.0.1.39 (CISCO-RP- ANNOUNCE ).The default interval is 60 seconds (tunable via CLI). The RP mapping agents join group 224.0.1.39 and selectconsistently an RP for each group address range. The pair (group range--> RP) is called an RP-mapping.The RP mapping agents advertise the authoritative RP-mappings to another well-known group address224.0.1.40 (CISCO-RP-DISCOVERY). All PIM routers join 224.0.1.40 and store the RP- mappings in theirprivate cache.With Auto-RP, Multiple RPs can be used to serve different group ranges, or as hot-backups of each other.Reference: ftp://ftpeng.cisco.com/ipmulticast/autorp.html

QUESTION 101If a host wants to join a multicast group, what will it do?

A. send an IGMPv2 membership report using unicast to the default router on the local subnet

B. send an IGMPv2 membership report using unicast to the rendezvous point for the group

C. send an IGMPv2 membership report-using multicast on the local subnet with the destination IP address setto the multicast group being joined

D. send an IGMPv2 membership report using multicast to the "All-PIM-Routers" multicast group, 224.0.0.2, onthe local subnet

Answer: C

Section: (none)

Explanation/Reference:Explanation:IGMP is designed to be used by hosts to inform routers that they wish to receive Multicast traffic on specificaddresses. In this way, routers can decide whether to forward Multicast traffic based on whether a host on agiven subnet has requested this or not. In addition, some vendors such as Cisco, extend this functionality byhaving routers share this information with switches so that the switches will only forward the Multicast traffic toports with hosts that have requested it. Without this feature, the traffic would effectively be broadcast traffic.When a host joins a Multicast session, it sends out an IGMPv2 packet to let any listening routers know that itwants to receive Multicast traffic sent to a particular address. This packet is addressed to the Multicast addressthat the host wants to join. This is called "Joining a Multicast Group". Similarly, when the session has ended,the host sends out another IGMP packet to "Leave the Multicast Group".

QUESTION 102Refer to the exhibit. R7 is redistributing routes that it learned from EIGRP into the OSPF process. What OSPFLSA type will be propagated by R3 from Area 0 into Area 3? FreeExamKing.com

A. a router LSA (type 1) with a route to 0.0.0.0/0 )

B. a network LSA (type 2) with a route to 0.0.0.0/0 )

C. a summary LSA (type 3) with a route to 0.0.0.0/0 )

D. an ASBR summary LSA (type 4) with a route to R7 )

E. an external LSA (type 5) with a route to 0.0.0.0/0

F. an NSSA external LSA (type 7) with a route to 0.0.0.0/0

Answer: C

Section: (none)

Explanation/Reference:Explanation:Stub area ABRs do not advertise any external LSAs into the stub area. The only LSA propagated into a stubarea is a Type 3 network summary LSA.

QUESTION 103In what way is the class selector in a DSCP used?

A. for backward compatibility with IP precedence

B. to reference the corresponding MQC class map ID

C. as a means of providing explicit congestion notification

D. Only for IPv6

E. to reference the corresponding Frame Relay class map ID

Answer: A

Section: (none)


QUESTION 104The classic Spanning Tree Protocol (802.1D 1998) uses which sequence of variables to determine the bestreceived BPDU?

A. 1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest port id, 4) lowest root path cost

B. 1) lowest root path cost, 2) lowest root bridge id, 3) lowest sender bridge id, 4) lowest sender port id

C. 1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest root path cost 4) lowest sender port id

D. 1) lowest root bridge id, 2) lowest root path cost, 3) lowest sender bridge id, 4) lowest sender port id

Answer: D

Section: (none)

Explanation/Reference:Explanation:1. The root bridge of the spanning tree is the bridge with the smallest bridge ID.2. After the root bridge has been chosen, each bridge determines the cost of each possible path from itself tothe root.3. When multiple paths from a bridge are least-cost paths, the chosen path uses the neighbor bridge with thelower bridge ID.4. In some cases, there may still be a tie, as when two bridges are connected by multiple cables. In this case,multiple ports on a single bridge are candidates for root port or designated port. In this case, the port with thelowest port priority is used.

QUESTION 105A user has no network connectivity. A check of the associated port reveals that the interface is up, the lineprotocol is down. What is the likely cause of the problem?

A. speed mismatch

B. MTU set too low

C. duplex mismatch

D. incorrect encapsulation

Answer: A

Section: (none)

Explanation/Reference:Explanation:A speed mismatch will result in the line protocol of the port to go down. Unlike with a speed mismatch, the twodevices will communicate with a duplex mismatch. However, devices with a duplex mismatch will suffer frompoor performance.

QUESTION 106

Refer to the exhibit. Which statement best describes an OSPF not-so-stubby area (NSSA)?

A. Type 5 external LSAs are not allowed in NSSA areas, so NSSA ASBRs generate type 7 NSSA externalLSAs instead, which remain within the NSSA.

B. An NSSA is a feature specific to Cisco that reduces the number of routes in the routing table

C. Type 5 external LSAs generated by the NSSA ABR are the only type of LSAs allowed in an NSSA.

D. A default route is required on the NSSA ABR to access external networks attached to Area 1

Answer: A

Section: (none)


QUESTION 107Which three of these statements about penultimate hop popping are true? (Choose three.)

A. It is used only for directly connected subnets or aggregate routes.

B. It can only be used with LDP.

C. It is only used when two or more labels are stacked.

D. It enables the Edge LSR to request a label pop operation from its upstream neighbors

E. It is requested through TDP using a special label value that is also called the implicit-null value.

F. It is requested through LDP using a special label value that is also called the implicit-null value.

Answer: ADF

Section: (none)

Explanation/Reference:Explanation:In order to implement penultimate hop popping, the edge LSR requests a label pop operation from its upstreamneighbor via LDP or TDP using a special implicit-null label. This label has a value of 3 for LDP and 1 for TDP.

QUESTION 108Refer to the exhibit. Which of these correctly describes the use of uRPF to protect this trusted network fromInternet-based IP spoofing?

A. it should be applied to s0 and it inspects inbound packets

B. it should be applied to s0 and it inspects outbound packets

C. it should be applied to s1 and it inspects inbound packets

D. it should be applied to s1 and it inspects outbound packets

Answer: A

Section: (none)


QUESTION 109Refer to the exhibit. In this network, the two directly connected routers R1 and R2 will not form an EIGRPneighbor relationship. What is the most likely cause of this problem?

A. The two routers are not on the same IP subnet.

B. The network statements under the EIGRP routing process are misconfigured.

C. The two routers are in different autonomous systems.

D. There is a partial link failure of some type.

Answer: A

Section: (none)

Explanation/Reference:Explanation:For two routers to form an EIGRP adjacency, each router must believe that the source IP address of a receivedHello is in that router's primary connected subnet on that interface. The primary subnet of an interface is thesubnet as implied by the "ip address" command that does not have the secondary keyword. An EIGRP routerlooks at the source IP address of a Hello; if the source IP address is a part of that router's primary subnet of theincoming interface, the Hello passes the IP address check. In the exhibit, the primary subnet on TK1 is thesecondary subnet on TK2 and vice versa, so an adjacency cannot form.

QUESTION 110If an LSR receives a labeled packet for which there is no label entry in the LFIB, which action does the routerperform?

A. It uses a default label for forwarding.

B. It strips the label and does a lookup in the FIB using the IP destination address.

C. It drops the packet.

D. It uses LDP to create an LSP and a new entry in the LFIB for that label.

Answer: C

Section: (none)

Explanation/Reference:Explanation:In normal operation, an LSR should receive only a labeled packet with a label at the top of the stack that isknown to the LSR, because the LSR should have previously advertised that label. However, it is possible forsomething to go wrong in the MPLS network and the LSR to start receiving labeled packets with a top label thatthe LSR does not find in its LFIB. The LSR can theoretically try two things: strip off the labels and try to forwardthe packet, or drop the packet. The Cisco LSR drops the packet. This is the right thing to do, because this LSRdid not assign the top label, and it does not know what kind of packet is behind the label stack Reference: http://www.ciscopress.com/articles/article.asp?p=680824

QUESTION 111Which description is true about the disabling of IP TTL propagation in an MPLS network?

A. TTL propagation cannot be disabled in an MPLS domain.

B. The TTL field from the IP packet is copied into the TTL field of the MPLS label header at the ingress edgeLSR.

C. The TTL field of the MPLS label header is set to 255.

D. TTL propagation is only disabled on the ingress edge LSR.

Answer: C

Section: (none)

Explanation/Reference:Explanation:Tunnel Ingress Processing (Push):

For each pushed Uniform model label, the TTL is copied from the label/IP-packet immediately underneath it.

For each pushed Pipe model label, the TTL field is set to a value configured by the network operator. In mostimplementations, this value is set to 255 by default.

Reference : "TTL Processing in MPLS Networks" February 2001http://quimby.gnus.org/internet-drafts/draft-agarwal-mpls-ttl-00.txt

QUESTION 112Which two of these best describe the operation of an OSPF totally stubby area? (Choose two.)

A. The ABR of a totally stubby area will block type 5 external LSAs

B. If a router has been configured as a totally stubby router, it will not advertise type 1 router LSAs, in order toconserve memory.

C. If the ABR for a totally stubby area has been configured as a totally stubby router it will not generate anytype 2 network LSAs.

D. Totally stubby areas use default routes not just to reach destinations external to the AS but also to reach alldestinations external to the area.

E. The ABR of a totally stubby area will block all type 5 external LSAs from being propagated into the totallystubby area unless a flag known as the "P-bit" in the LSA is set.

Answer: AD

Section: (none)

Explanation/Reference:Explanation:A totally stubby area blocks all LSAs external to the area. This includes Type 3, Type 4, Type 5 and Type 7.The ABR will typically inject a default route into the totally stubby area to enable area routers to reach externaldestinations. Type 1 and Type 2 LSAs are still generated within the totally stubby area and flooded locally withinthe area.

QUESTION 113Frame Relay traffic shaping is enabled on a WAN interface with the following settings:CIR = 768 kb/s, Bc = 2000 , Be = 7680. What is the time interval Tc?

A. 2.6 ms

B. 10 ms

C. 7.4 ms

D. 12.6 ms

Answer: A

Section: (none)

Explanation/Reference:Explanation:Time interval, measured in milliseconds, over which the committed burset (Bc) can be sent. With many shapingtools can be found by the formula: Tc=Bc/CIR.

QUESTION 114Network topology Exhibit:

On the basis of the exhibits presented. Packets from hosts attached toR3 and destined for network

10.100.2.0 are being sent to R4 via R1. Which option is a solution to this problem?

A. Set the update source on R3 to R5.

B. Set R3 to advertise its specific 24 bit 10.x.x.x routes to R1.

C. Enable EBGP multihop between R2 and R3.

D. Set the next-hop-self command on R2 for neighbor R3.

Answer: D

Section: (none)

Explanation/Reference:Explanation:For eBGP, the next hop is always the IP address of the neighbor that the neighbor command specifies. R2 willneed to either add the serial link network to the BGP routing process using the "network" command, or it willneed to use the "next-hop-self" command to advertise to router R3 that the next hop to the 10.100.2.0 networkshould be R2, and not R 5 on the 192.168.254.8/30 network.

QUESTION 115

When you see the key word "master" configured on the NTP line, what is the default stratum clock on a Ciscorouter?

A. 2

B. 4

C. 8

D. 1

Answer: C

Section: (none)


Explanation:To configure the Cisco IOS software as a Network Time Protocol (NTP) master clock to which peerssynchronize themselves when an external NTP source is not available, use the "ntp master" command in globalconfiguration mode.ntp master [ stratum ]Syntax DescriptionDefaultsWhen enabled, the default stratum is 8.Reference:http://www.cisco.com/en/US/docs/ios/12_2/configfun/command/reference/frf012.html#wp1123474

QUESTION 116Refer to the exhibit. Assume all link costs in this network are 10. R1 is redistributing 192.168.1.0/24 into area 1with a next hop of 10.1.1.2, which is its local address on the link between R1 and R2. R2 and R3, Area BorderRouters, are configured to advertise a summary, 10.1.0.0/16; R2 is advertising this summary with a cost of 20,while R3 is advertising this summary with a cost of 10.Will R4 choose R2 or R3 as its next hop towards 192.168.1.0/24?

A. choose the path through R2, because it will use the border router (type 4) LSA to calculate the shortest pathto the next hop (10.1.1.2), which is through R2

B. use the path through R3 to reach 192.168.1.0/24, because the shortest path it has to reach the next hop(10.1.1.2) is through the summary route advertised by R3, with a cost of 10.

C. use R3 to reach 192.168.1.0/24, because OSPF always chooses the closest path to the border with thearea in which an external route is injected.

D. not have a route to 192.168.1.0/24.

Answer: A

Section: (none)


QUESTION 117Which of these statements best describes OSPF neighbor adjacencies?

A. On broadcast networks, all routers become adjacent with all other neighbors.

B. Neighbors in point-to-point networks will always become adjacent and do not need to exchange hellopackets.

C. If a virtual link is being utilized, a router that is connecting to Area 0 will establish an adjacency with the Area0 DR and BDR.

D. On broadcast networks, a DR and BDR are elected and they establish adjacencies with all other routers.

E. In a point-to-point network, neither a DR nor a BDR is elected, but pairs of neighbors establish master-slaverelationships in which the router with the lower priority is the master.

Answer: D

Section: (none)

Explanation/Reference:Explanation:OSPF optimizes the LSA flooding process on multiaccess data links by using the concept of a designatedrouter (DR). The DR and BDR form full adjacencies with all other neighbors on the link, so they reach a fullstate once the database exchange process is complete. However, two neighbors that are both DROthers do notbecome fully adjacent.Incorrect answers:A. Routers only become adjacent with the DR and BDR.B. Neighbors on point to point links still exchange hellos. The default hello interval is 10 seconds. C. DRs andBDRs are associated with multiaccess networks, not specific areas. E. While it is true that a DR and BDR arenot elected on a point to point link, in the master-slave relationship, the higher priority router is elected asmaster.

QUESTION 118Refer to the exhibit. Which statement about this configuration is true?

A. ACL 101 needs to have at least one permit statement in it or it will not work properly.

B. The ip inspect test out command needs to be used instead of the ip inspect test in command to make theconfiguration work.

C. Ethernet 0 is the trusted interface and Ethernet 1 is the untrusted interface.

D. Ethernet 0 needs an inbound access list to make the configuration work.

E. Ethernet 0 needs an outbound access list to make the configuration work.

Answer: C

Section: (none)


QUESTION 119Which two of these are differences between traffic policing and traffic shaping? (Choose two.)

A. with traffic shaping, a router stores excess traffic in packet buffers until bandwidth is available again

B. with policing you can tune the buffer usage for traffic exceeding the specified CIR

C. with shaping you can tune the buffer usage for traffic exceeding the specified CIR

D. shaping should only be applied for ingress traffic, policing only for egress

E. policing uses a token bucket algorithm, shaping uses an SPD algorithm

Answer: AC

Section: (none)

Explanation/Reference:Explanation:With traffic shaping, when the excess burst (Be) is configured to a value different than 0, the shaper allowstokens to be stored in the bucket, up to Bc + Be. The largest value that the token bucket can ever reach is Bc +Be, and overflow tokens are dropped. The only way to have more than Bc tokens in the bucket is to not use allBc tokens during one or more Tc. Since the token bucket is replenished every Tc with Bc tokens, you can

accumulate unused tokens for later use up to Bc + Be.

In contrast, class-based policing and rate-limiting adds tokens continuously to the bucket.

Specifically, the token arrival rate is calculated as follows:

(time between packets<which is equal to t-t1>* policer rate)/8 bits per byte.

In other words, if the previous arrival of the packet was at t1 and the current time is t, the bucket is

updated with t-t1 worth of bytes based on the token arrival rate. Note that a traffic policer uses

burst values specified in bytes, and the above formula converts from bits to bytes.

Reference: "Comparing Traffic Policing and Traffic Shaping for Bandwidth Limiting "

http://www.cisco.com/warp/public/105/policevsshape.html

QUESTION 120Refer to the exhibit. In this network, R1 is redistributing 10.1.5.0/24 into OSPF, and R2 is originating 10.1.4.0/24as an internal route. R6 has received packets destined to 10.1.4.1 and 10.1.5.1. Which statement correctlydescribes the path or paths these two packets will take?

A. The packet destined to 10.1.5.1 will follow the optimum path through the network, R4 to R1, while thepacket destined to 10.1.4.1 will follow a suboptimal path through the network.

B. Both packets will follow optimal paths through the network to their destinations.

C. The packet destined to 10.1.4.1 will follow an optimal path through the network, while the packet destined to10.1.5.1 will follow a suboptimal path through the network.

D. There is not enough information provided to determine which packet will take an optimal or suboptimal paththrough the network.

Answer: A

Section: (none)


Since Area 2 is NSSA, no type 5 LSA's are allowed.R6 gets a default route from R4 and R5.Packets from R6 to 10.1.5.0 will travel via R4 by using the default route with the lower cost (10).So these packets take the optimal path.

Unlike with packets destined to 10.1.4.0.This network is internal. So advertized from the ABR as LSA type 3. The cost via R4 and R5 are equal.Loadbalancing over equal cost path will take place. This is not an optimal path, as the way over R4 is one hopmore.

QUESTION 121What is the mathematical relationship between the committed information rate (CIR), committed burst (Be), andcommitted rate measurement interval (Tc)?

A. CIR = Be/Tc

B. Tc = CIR/Bc

C. CIR = TC/Bc

D. Tc = Bc/CIR

Answer: D

Section: (none)

Explanation/Reference:Explanation:FRTS Non-Configurable Parameters:interval (Tc)The interval during which you send the Bc bits in order to maintain the average rate of the CIR in seconds.

Tc = Bc/CIR in seconds

The range for Tc is between 10 ms and 125 ms. The router internally calculates this value based on the CIR and Bc values in the map class. If Bc/CIR is more than or equal to 125 msec, it uses the internal Tcvalue. If Bc/CIR is less than 125 ms, it uses the Tc calculated from that equation.Reference:http://www.cisco.com/en/US/tech/tk713/tk237/technologies_configuration_example09186a008009 42f8.shtml

QUESTION 122Refer to the exhibit. In this network, R1 is redistributing 10.1.5.0/24 into Area 1. Which LSAs will R6 have thatcontain 10.1.5.0/24?

A. R6 will not have any LSAs containing 10.1.5.0/24

B. R6 will have an NSSA external (type 7) LSA in its local database for 10.1.5.0/24, since routes redistributedinto an OSPF NSSA are injected as type 7 LSAs.

C. R6 will have an external (type 5) LSA for 10.1.5.0/24 in its local database, because one of the two Area 1Area Border Routers (R2 or R3) will translate R1's external NSSF (type 7) LSA into a type 7 LSA.

D. R6 will have a border router (type 4) LSA in its local database for 10.1.5.0/24, generated by one of the twoArea 1 Area Border Routers.

Answer: A

Section: (none)

Explanation/Reference:Explanation:A totally NSSA area blocks LSA types 3, 4, and 5 from entering the area. Type 7 LSAs are allowed to becreated within the area. The ABRs for area 1 in the exhibit will be converting the Type 7 LSA created by R1 forthe subnet to a Type 5 LSA to advertise to the backbone area 0. The ABRs for Area 2 will not propogate thisLSA into area 2 as Type 5 LSAs are blocked by all stub areas. Therefore, no non-ABR routers within area 2 willhave an LSA containing 10.1.5.0/24.

QUESTION 123Refer to the exhibit. For this network, if you examined the local OSPF database on R3, what would becontained in the router (type 1) LSAfrom R1?

A. R3 would not have a router (type 1) LSAfrom R1 in its local database.

B. R1's router (type 1) LSA would contain a link to R2 and a connection to 10.1.1.0/31. ) C. R1's router (type 1)LSA would contain a link to R2, a connection to 10.1.1.0/31, and a link to 10.1.5.0/24.

C. R1's router (type 1) LSA would contain a link to R2, a connection to 10.1.1.0/31, and a link to 10.1.2.0/31.

Answer: A

Section: (none)


QUESTION 124Refer to the exhibit. Assuming EIGRP is the routing protocol, if the link between R3 and R5 failed, how manyqueries would R5 send out?

A. R5 would not send out any queries, but it would switch to using the path through R4.

B. R5 would send queries to R2 and R4.

C. R5 would send a query to R4, but not to R2.

D. R5 would send a query to R2, but not to R4.

Answer: A

Section: (none)

Explanation/Reference:Explanation:A router running EIGRP stores all its neighbors' routing tables so that it can quickly adapt to alternate routes. Ifno appropriate route exists, EIGRP queries its neighbors to discover an alternate route. These queriespropagate until an alternate route is found. However, in this case, the feasible successor is already known. Aslong as a feasible successor is known for an EIGRP router, a query is not need when the preferred path has afailure.

QUESTION 125Refer to the exhibit. Router A wants to redistribute all the routes from the RIP domain into the EGRP domainbut the 170.170.0.0/16 network is not being installed into Router A's routing table.How can this problem be fixed?

A. redistribute RIP into OSPF 30

B. redistribute OSPF into EIGRP 20

C. redistribute RIP into EIGRP 20 and filter route 170.170.0.0

D. filter route 170.170.0.0 from RIP

E. filter route 170.170.0.0 from OSPF

Answer: E

Section: (none)

Explanation/Reference:Explanation:Since OSPF has a lower administrative distance than RIP, Router A will install the 172.17.0.0/16 route learnedvia OSPF, and not RIP. Since router A is only redistributing RIP routes into EIGRP, this route will not beinstalled included. Filtering this 172.17.0.0/16 route from OSPF will force the router to accept the RIP learnedroute and then redistribute it into EIGRP.

QUESTION 126Refer to the exhibit. Two directly connected routers are configured for OSPF. On the console of one router, youare seeing the output in the exhibit. What is the most likely cause?

A. The maximum transmission unit on either side of the link is not the same.

B. This is normal for OSPF running over an FDDI ring.

C. OSPF has received a packet that will not fit in its local buffer, so the packet has been discarded.

D. This debug is wrong, OSPF does not exchange DBD packets.

Answer: A

Section: (none)


QUESTION 127What three types of NTP relationships form between two devices? (Choose three.)

A. client

B. server

C. broadcast

D. uncast

E. anycast

Answer: ABC

Section: (none)


QUESTION 128

Refer to the exhibit. In the diagram, the switches are running IEEE 802.1s MST. Which ports are in the MSTblocking state?

A. GE.1/2 and GE 2/1

B. GE.1/1 andGE.2/2

C. GE.3/2 and GE 4/1

D. No ports are in the blocking state

E. There is not enough information to determine which ports are in the blocking state.

Answer: D

Section: (none)

Explanation/Reference:Explanation:There are no layer 2 loops in the network as the connection between Dist-1 and Dist-2 is a layer 3 connection.Therefore, there are no ports blocking.

QUESTION 129What are the port roles described by 802.1w?

A. root port, designated port, alternate port, backup port, and disabled

B. standby port, designated port, backup port, and disabled

C. root port, designated port, alternate port, and standby port

D. standby port, alternate port, root port, and disabled

Answer: A

Section: (none)


RSTP and STP Port Roles

QUESTION 130Refer to the exhibit. Spanning tree protocol is running on all three switches. The switches are configured so thatLink A is the active link, and Link B is the standby link. There is a problem occurring where Switch B startsforwarding on Link B causing a routing loop. What is the likely cause of the problem?

A. Port Fast is not enabled.

B. There is a port duplex mismatch.

C. MISTP is enabled without RSTP.

D. A single instance of STP is enabled instead of PVST.

Answer: B

Section: (none)


QUESTION 131In Frame Relay, the Discard Eligible bit works in conjunction with which of these mechanisms as part ofcongestion control?

A. Type of service (TOS) settings

B. class of service (COS) settings

C. Frame Relay traffic shaping (FRTS) settings

D. forward explicit congestion notification (FECN) settings

E. differentiated services code point (DSCP) Settings

Answer: D

Section: (none)

Explanation/Reference:Explanation:Frame Relay reduces network overhead by implementing simple congestion-notification mechanisms ratherthan explicit, per-virtual-circuit flow control. Frame Relay typically is implemented on reliable network media, sodata integrity is not sacrificed because flow control can be left to higher-layer protocols. Frame Relayimplements two congestion-notification mechanisms:

Forward-explicit congestion notification (FECN)

Backward-explicit congestion notification (BECN)FECN and BECN each is controlled by a single bit contained in the Frame Relay frame header. The FrameRelay frame header also contains a Discard Eligibility (DE) bit, which is used to identify less important trafficthat can be dropped during periods of congestion. The FECN bit is part of the Address field in the Frame Relayframe header. The FECN mechanism is initiated when a DTE device sends Frame Relay frames into thenetwork. If the network is congested, DCE devices (switches) set the value of the frames' FECN bit to 1. Whenthe frames reach the destination DTE device, the Address field (with the FECN bit set) indicates that the frameexperienced congestion in the path from source to destination. The DTE device can relay this information to ahigher-layer protocol for processing. Depending on the implementation, flow control may be initiated, or theindication may be ignored.Reference:http://www.cisco.com/en/US/tech/tk1330/tsd_technology_support_technical_reference_chapter09 186a0080759833.html

QUESTION 132Which two of these best describe an OSPF stub area? (Choose two.)

A. All routers in a stub area must be configured as stub.

B. Each stub area always has an ASBR attached to it.

C. A stub area will not accept routes belonging to an external AS.

D. Only summary routes from an external AS can be injected into a stub area.

E. To reach outside networks, the routers in a stub area use a default route which is injected into the area bythe ASBR.

Answer: AC

Section: (none)

Explanation/Reference:Explanation:A stub area does not allow for any LSAs that define AS-external traffic. To configure an OSPF stub area, allrouters within the area must include the command "area x stub" Incorrect answers:B. ASBRs are not allowed in stub areas. If an ASBR is required, the area must be a NSSA.D. No external routes are injected into a stub areaE. There are no ASBRs in a stub area.

QUESTION 133Which three statements accurately describe a link-state routing protocol? (Choose three.)

A. Each router sends routing information to all nodes in the flooding domain.

B. Each router sends all or some portion of its routing table to neighboring routers.

C. Each router individually builds a picture of the entire flooding domain.

D. Each router has knowledge of all other routers in the flooding domain.

E. Each router is only aware of neighboring routers.

F. Each router installs routes directly from the routing updates into the routing table.

Answer: ACD

Section: (none)

Explanation/Reference:Explanation:Link-State Versus Distance Vector Link-state algorithms (also known as shortest path first algorithms) floodrouting information to all nodes in the internetwork. Each router, however, sends only the portion of the routingtable that describes the state of its own links. In link-state algorithms, each router builds a picture of the entirenetwork in its routing tables. Distance vector algorithms (also known as Bellman-Ford algorithms) call for eachrouter to send all or some portion of its routing table, but only to its neighbors. In essence, link-state algorithms send small updateseverywhere, while distance vector algorithms send larger updates only to neighboring routers. Distance vectoralgorithms know only about their neighbors.

Because they converge more quickly, link-state algorithms are somewhat less prone to routing loops thandistance vector algorithms. On the other hand, link-state algorithms require more CPU power and memory thandistance vector algorithms. Link-state algorithms, therefore, can be more expensive to implement and support.

QUESTION 134You are configuring the Cisco IOS DHCP Server to handle DHCP in a LAN. Which two of these configurationsare required in order for DHCP to work? (Choose two.)

A. configure manual bindings

B. configure a DHCP address pool

C. configure a DHCP server boot file

D. exclude those IP addresses that will not be used in DHCP

E. configure the timeout value for ping packets

Answer: BD

Section: (none)

Explanation/Reference:Explanation:To configure the Cisco IOS DHCP Server feature, first configure a database agent or disable conflict logging,then configure IP addresses that the DHCP server should not assign (excluded addresses) and should assign(a pool of available IP addresses) to requesting clients. These configuration tasks are explained in the followingsections. Each task in the following list is identified as required or optional.

Configuring a DHCP Database Agent or Disabling DHCP Conflict Logging (Required) Excluding IP Addresses(Required)Configuring a DHCP Address Pool (Required)Configuring Manual Bindings (Optional)Configuring a DHCP Server Boot File (Optional)Configuring the Number of Ping Packets (Optional)Configuring the Timeout Value for Ping Packets (Optional)Enabling the Cisco IOS DHCP Server Feature (Optional)

Reference:http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a0080087 43b.html

QUESTION 135Which two of these parameters are used to determine a forwarding equivalence class? (Choose two.)

A. IP prefix

B. Layer 2 circuit

C. RSVP request from CE for bandwidth reservation

D. BGP MED value

Answer: AB

Section: (none)

Explanation/Reference:Explanation:Forwarding Equivalency Class (FEC) is a set of packets which will be forwarded in the same manner (e.g., overthe same path with the same forwarding treatment). Typically packets belonging to the same FEC will follow thesame path in the MPLS domain. While assigning a packet to an FEC the ingress LSR may look at the IPheader and also some other information such as the interface on which this packet arrived. The FEC to which apacket is assigned is identified by a label.One example of an FEC is a set of unicast packets whose network layer destination address matches aparticular IP address prefix. A set of multicast packets with the same source and destination network layeraddresses is another example of an FEC. Yet another example is a set of unicast packets whose destinationaddresses match a particular IP address prefix and whose Type of Service bits are the same. Layer 2 circuitscan also be used, as in layer 2 MPLS VPN's such as those defined by the Martini draft or through the notion of"pseudo-wire" networks.Reference: http://www.mplsrc.com/faq2.shtml

QUESTION 136Examine the following items, what is the difference between BPDU guard and root guard?

A. BPDU guard ignores BPDUs received on a port if PortFast is enabled on the port; root guard is used duringconfiguration to force a switch to be the root bridge.

B. BPDU guard disables the port upon the reception of a BPDU if PortFast is enabled on the port; root guardallows for the reception of BPDUs as long as a device does not try to become the root.

C. BPDU guard blocks BPDUs from being transmitted; root guard does not let other devices become the rootbridge.

D. BPDU guard disables a port upon receiving a BPDU if PortFast is enabled on the port; root guard protectsagainst root bridge flapping between devices

E. BPDU guard ignores BPDUs received on a port if PortFast is enabled on the port; root guard allows for thereception of BPDUs as long as a device does not try to become the root.

Answer: B

Section: (none)

Explanation/Reference:Explanation:BPDU guard and root guard are similar, but their impact is different. BPDU guard disables the port upon BPDUreception if PortFast is enabled on the port. The disablement effectively denies devices behind such ports fromparticipation in STP. You must manually reenable the port that is put into errdisable state or configureerrdisable-timeout .

Root guard allows the device to participate in STP as long as the device does not try to become the root. If rootguard blocks the port, subsequent recovery is automatic. Recovery occurs as soon as the offending deviceceases to send superior BPDUs.Reference:

http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96b.shtml

QUESTION 137All of these are Spanning Tree Protocol IEEE 802.1w port states except which one?

A. Discarding

B. Learning

C. Forwarding

D. Blocking

Answer: D

Section: (none)

Explanation/Reference:Explanation:RSTP and STP port states:

QUESTION 138You work as a network technician. Study the exhibit provided. You are implementing this QoS configuration toimprove the bandwidth guarantees for traffic towards two servers, one with the IP address 5.5.5.5 and the otherwith the IP address 5.5.5.4. Even after the configuration is applied, performance does not seem to improve.Which will be the most likely cause of this problem?

A. The class maps are wrongly configured

B. The policy map mark has been applied on a half-duplex Ethernet interface; this is not supported.

C. The policy map queue is configured on the wrong interface; it is applied on the serial interface whereastraffic is going over the tunnel interface.

D. The ip nbar protocol-discover command cannot be configured together with a service policy output on theserial interface.

E. This is probably a software bug

Answer: A

Section: (none)


QUESTION 139Refer to the exhibit. In this network, R1 is configured not to perform auto summarization within EIGRP. Whatroutes will R3 learn from R2 through EIGRP?

A. 172.30.1.0/24 and 10.1.2.0/24; EIGRP only performs auto summarization at the edge between two majornetworks.

B. 172.30.0.0/16 and 10.1.2.0/24; R2 will perform auto summarization, although R1 will not.

C. Since R2 is configured without auto summarization, it will not propagate the 172.30.1.0/24 route.

D. 172.30.0.0/8 and 10.0.0.0/8.

Answer: A

Section: (none)

Explanation/Reference:Explanation:With EIGRP, routing information advertised out an interface is often automatically summarized at major network number boundaries. Specifically, this automatic summarization occurs for those routes whosemajor network number differs from the major network number of the interface to which the advertisement isbeing sent. The remaining routes, which are part of the major network number of the interface, are advertisedwithout summarization. Reference: http://www.cisco.com/en/US/docs/internetworking/design/guide/nd2017.html

QUESTION 140Which statement is true about the actions taken when a VTP message is received on a switch configured withthe VTP mode "transparent"?

A. VTP updates are ignored and are not forwarded.

B. VTP updates are ignored and forwarded out all ports.

C. VTP updates are made to the VLAN database and are forwarded out trunks only.

D. VTP updates are ignored and forwarded out trunks only.

Answer: D

Section: (none)


VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLANconfiguration and does not synchronize its VLAN configuration based on received advertisements, buttransparent switches do forward VTP advertisements that they receive out their trunk ports only.Reference: Understanding VLAN Trunk Protocol (VTP)http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml#v tp_modes

QUESTION 141Via which item are Auto-RP messages forwarded?

A. IP multicast using IANA-registered groups 224.0.1.39 and 224.0.1.40.

B. hop-by-hop flooding of Auto-RP control packets via the 224.0.0.13 [PIM-ROUTERS] link-local multicastgroup

C. hop-by-hop flooding of Auto-RP control packets via the 224.0.0.2 [ALL-ROUTERS] link-local multicast group

D. unicast messages between candidate RPs and the mapping agent

Answer: A

Section: (none)

Explanation/Reference:Explanation:Auto-RP automates the distribution of group-to-RP mappings in a network supporting sparse mode PIM. Itsupports the use of multiple RPs within a network to serve different group ranges, and allows configurations of redundant RPs for reliability purposes. In comparison, manual configuration of RPinformation is prone to inconsistency, which can cause connectivity problems. In summary, the automaticdistribution of Group-to-RP mappings simplifies configuration task, and guarantees consistency.In a nutshell, the Auto-RP mechanism operates on two basic components, the candidate RPs and the RPmapping agents: All candidate RPs advertise their willingness to be an RP via "RP- announcement" messages.These messages are periodically sent to a reserved well-known group 224.0.1.39 (CISCO-RP- ANNOUNCE ).The default interval is 60 seconds (tunable via CLI). The RP mapping agents join group 224.0.1.39 and selectconsistently an RP for each group address range. The pair (group range--> RP) is called an RP-mapping.

The RP mapping agents advertise the authoritative RP-mappings to another well-known group address224.0.1.40 (CISCO-RP-DISCOVERY). All PIM routers join 224.0.1.40 and store the RP- mappings in theirprivate cache.With Auto-RP, Multiple RPs can be used to serve different group ranges, or as hot-backups of each other.Reference: ftp://ftpeng.cisco.com/ipmulticast/autorp.html

QUESTION 142For an MPLS label, if the stack bit is set to 1 which of these is correct?

A. The stack bit is reserved for future use.

B. The label is the last entry in the label stack.

C. The stack bit will only be used when LDP is the label distribution protocol.

D. The stack bit is for Cisco implementations exclusively and will only be used when TDP is the labeldistribution protocol.

E. The label is the top entry in the label stack and will remain set to 1 until the last entry, the bottom label, isreached.

Answer: B

Section: (none)

Explanation/Reference:Explanation:The label stack is represented as a sequence of "label stack entries". Each label stack entry is represented by 4

octets. This is shown in Figure 1.

0 1 2 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Label | Label | CoS |S| TTL | Stack+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Entry

Label: Label Value, 20 bitsCoS : Class of Service, 3 bitsS: Bottom of Stack, 1 bitTTL: Time to Live, 8 bits

Figure 1

The label stack entries appear AFTER the data link layer headers, but BEFORE any network layer headers.The top of the label stack appears earliest in the packet, and the bottom appears latest. The network layerpacket immediately follows the label stack entry which has the S bit set. Each label stack entry is broken downinto the following fields:

1. Bottom of Stack (S)

This bit is set to one for the last entry in the label stack (i.e., for the bottom of the stack), and zero for all otherlabel stack entries.Reference: http://www3.ietf.org/proceedings/98aug/I-D/draft-ietf-mpls-label-encaps-02.txt

QUESTION 143Refer to the exhibit. In this network, R1 R2, and R3 are all configured to run EIGRP on all their connectedinterfaces. R2 is also configured as an EIGRP stub. At R3, what EIGRP routes are in the local topology table?

A. 172.30.0.0/16

B. 172.30.2.0/24

C. 72.20.1.0/24 and 172.30.2.0/24

D. Not enough information has been provided to know what would be in the topology table at R3.

Answer: B

Section: (none)


QUESTION 144

Based on the output provided in the exhibit, to which address or location will the router forward a packet sent to192.168.32.1?

Exhibit:

A. 10.1.1.1

B. 10.1.1.3

C. the default gateway

D. 10.1.1.2

Answer: A

Section: (none)

Explanation/Reference:Explanation:Refer to the following example from Cisco:Let's look at three routes that have just been installed in the routing table, and see how they look on the router.router# show ip route....D 192.168.32.0/26 [90/25789217] via 10.1.1.1R 192.168.32.0/24 [120/4] via 10.1.1.2O 192.168.32.0/19 [110/229840] via 10.1.1.3....If a packet arrives on a router interface destined for 192.168.32.1, which route would the router choose? Itdepends on the prefix length, or the number of bits set in the subnet mask. Longer prefixes are alwayspreferred over shorter ones when forwarding a packet. In this case, a packet destined to 192.168.32.1 isdirected toward 10.1.1.1, because 192.168.32.1 falls within the 192.168.32.0/26 network (192.168.32.0 to192.168.32.63). It is chosen based on the longest match, not the fact that it has a lower AD. It also falls withinthe other two routes available, but the 192.168.32.0/26 has the longest prefix within the routing table (26 bitsverses 24 or 19 bits).Likewise, if a packet destined for 192.168.32.100 arrives on one of the router's interfaces, it's forwarded to10.1.1.2, because 192.168.32.100 doesn't fall within 192.168.32.0/26 (192.168.32.0 through 192.168.32.63),but it does fall within the 192.168.32.0/24 destination (192.168.32.0 through 192.168.32.255). Again, it also fallsinto the range covered by 192.168.32.0/19, but 192.168.32.0/24 has a longer prefix length.Reference: www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094823.shtml

QUESTION 145When using OSPF Graceful Restart, which mechanism is used to continue forwarding packets during aswitchover?

A. Layer 2 Forwarding

B. hardware based forwarding

C. Reverse Path Forwarding

D. UDP forwarding

E. forwarding address

Answer: B

Section: (none)

Explanation/Reference:Explanation:Nonstop Forwarding (NSF) for OSPFv2 in Cisco IOS software uses the IETF standardized graceful restartfunctionality that is described in RFC 3623. Under very specific situations, a router may undergo certain well-known failure conditions that should not affect packet forwarding across the switching platform. NSF capabilityallows for the forwarding of data packets to continue along routes that are already known, while the routingprotocol information is being restored. This capability is useful in cases in which there is a component failure(for example, a Route Processor [RP] crash with a backup RP taking over) or in which there is a scheduledhitless software upgrade.A key element of NSF is packet forwarding. The OSPF protocol depends on CEF to continue forwardingpackets during switchover while the routing protocols rebuild the Routing Information Base (RIB) tables. OnceOSPF has converged, CEF updates the Forwarding Information Base (FIB) table and removes stale routeentries. CEF then updates the line cards with the new FIB information. CEF maintains the FIB and uses the FIBinformation that was current at the time of a switchover to continue forwarding packets during the switchover.This feature reduces traffic interruption during the switchover.Reference:http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a00805e8 fbd.html

QUESTION 146What is the destination IP address of the IGMPv2 membership report packet that a receiver sends to join group239.1.1.1?

A. 224.0.0.1

B. 224.0.0.2

C. 239.1.1.1

D. the IP address of the host sending the membership report

Answer: C

Section: (none)

Explanation/Reference:Explanation:Multicast hosts use IGMPv2 Host Membership Report messages to communicate to a local router for whichmulticast groups they want to receive traffic.IGMP v2 Message Types

QUESTION 147Which information is carried in an OSPFv3 intra-area-prefix LSA?

A. IPv6 prefixes

B. link-local addresses

C. solicited node multicast addresses

D. IPv6 prefixes and topology information

Answer: A

Section: (none)

Explanation/Reference:Explanation:The OSPFv3 LSA types and their OSPFv2 counterparts:

OSPFv3 removes the prefix advertisement function from Router and Network LSAs, and puts it in the newIntra-Area Prefix LSA. Now Router and Network LSAs only represent the router's node information for SPF andare only flooded if information pertinent to the SPF algorithm changes. Reference: http://www.networkworld.com/subnets/cisco/050107-ch9-ospfv3.html?page=3

QUESTION 148Which table contains a mirror image of the forwarding information in the IP routing table used in CEFswitching?

A. Field Information Base

B. Forwarding Information Base

C. Field Information Based

D. Forwarding Information Based

Answer: B

Section: (none)

Explanation/Reference:Explanation:Forwarding Information Base:

CEF uses a Forwarding Information Base (FIB) to make IP destination prefix-based switching decisions. TheFIB is conceptually similar to a routing table or information base. It maintains a mirror image of the forwardinginformation contained in the IP routing table. When routing or topology changes occur in the network, the IProuting table is updated, and those changes are reflected in the FIB. The FIB maintains next-hop addressinformation based on the information in the IP routing table.Because there is a one-to-one correlation between FIB entries and routing table entries, the FIB contains allknown routes and eliminates the need for route cache maintenance that is associated with switching pathssuch as fast switching and optimum switching. Reference: http://www.cisco.com/en/US/docs/ios/12_1/switch/configuration/guide/xcdcef.html

QUESTION 149Refer to the exhibit. In this network, all routers are configured to run OSPF on all interfaces in these two areas.If you examine the OSPF database on R4, what type of LSA will contain 10.1.5.0/24, and which router will haveoriginated it?

A. 10.1.5.0/24 be in a summary (type 3) LSA originated by R3

B. 10.1.5.0/24 be in a network (type 2) LSA originated by R3.

C. 10.1.5.0/24 not be in any LSA in the OSPF database at R4, because R4 and R3 are in different areas.

D. 10.1.5.0/24 be in a router (type 1) LSA generated by R3.

Answer: A

Section: (none)


Explanation:There is a special IOS feature that prevents the sending of LSA type 3 (network summaries) at the ABR. It iscalled the "OSPF ABR Type 3 LSA Filtering Feature:

The OSPF ABR Type 3 LSA Filtering feature extends the ability of an ABR that is running the OSPF protocol tofilter type 3 link-state advertisements (LSAs) that are sent between different OSPF areas. This feature allowsonly packets with specified prefixes to be sent from one area to another area and restricts all packets with otherprefixes. This type of area filtering can be applied out of a specific OSPF area, into a specific OSPF area, orinto and out of the same OSPF areas at the same time.

Not A: Routers use the Type-1 LSA to advertise the networks and other routers to which they are directlyconnected in an area, which is flooded within the same area. So, all the routers within the same area have thecomplete topology information for their own area. As a result, ABRs maintain complete topology informationabout all areas to which they are directly attached. However, when ABRs advertise a network that belongs toone area into a second area, they advertise only the prefix and mask of the network by using the Type-3 LSA.The routers in the second area do not know about the topology information of other areas, but they havereachability information for the networks in other areas.The ABR sends it out as LSA type 3.

Q164: Refer to the exhibit. In this network R1 and R2 are both configured as EIGRP stub routers. If the linkbetween R1 and R3 failed, would R3 still be able to reach 192.168.1.0/24, and why or why not?

A. No. R3 would remove its route to 192.168.1.0/24 through R1 , but would not query R2 for an alternate route,since R2 is a stub.B. Yes. When a directly connected link fails, a router is allowed to query all neighbors, including stub neighbors,for an alternate route.C. Yes, because R3 would know about both routes, through R1 and R2, before the link between R1 and R3failed.

D. No. The path through R2 would always be considered a loop at R3.

There is a special IOS feature that prevents the sending of LSA type 3 (network summaries) at the ABR.

Its called "OSPF ABR Type 3 LSA Filtering Feature:

The OSPF ABR Type 3 LSA Filtering feature extends the ability of an ABR that is running the OSPF protocol tofilter type 3 link-state advertisements (LSAs) that are sent between different OSPF areas. This feature allowsonly packets with specified prefixes to be sent from one area to another area and restricts all packets with otherprefixes. This type of area filtering can be applied out of a specific OSPF area, into a specific OSPF area, orinto and out of the same OSPF areas at the same time.

Not A: Routers use the TypE.1 LSA to advertise the networks and other routers to which they are directlyconnected in a area, which is flooded within the same area. So, all the routers within the same area have thecomplete topology information for their own area. As a result, ABRs maintain complete topology informationabout all areas to which they are directly attached. However, when ABRs advertise a network that belongs toone area into a second area, they advertise only the prefix and mask of the network by using the TypE.3 LSA.The routers in the second area do not know about the topology information of other areas, but they havereachability information for the networks in other areas.The ABR sends it out as LSA type 3.

QUESTION 150The IPv6 address of 2031:0000:130F:0000:0000:09C0:876A:130B can be expressed most efficiently in whatway?

A. 2031:0:130F:0:0:9C0:876A:130B

B. 2031:0:130F:0:0:09C0:876A:130B

C. 2031:0:130F::9C0:876A:130B

D. 2031::130F::9C0:876A:130B O

E. 231::13F::9C:876A:13B

Answer: C

Section: (none)

Explanation/Reference:Explanation:IPv6 addresses are written as eight sets of four hexadecimal digits:FEDC:BA98:0000:0000:0000:0000.7654.3210

To make writing the addresses easier, groups of zeros that appear in the address may be replaced with doublecolons:FEDC:BA98::7654:3210Only one group of contiguous zeros may be condensed within an address.Reference: http://www.netcordia.com/tnm/tnm34/ipv6.html

QUESTION 151Refer to the exhibit. Assuming that EIGRP is the routing protocol, then at R5, what would be the status of eachpath to 172.30.1.0/24?

A. the path through R3 would be the successor, the path through R1 would be a feasible successor, and thepath through R4 would be neither a successor nor a feasible successor

B. the path through R3 would be the successor, and the paths through R1 and R4 would be feasiblesuccessors

C. the path through R1 would be the successor, the path through R3 would be a feasible successor, and thepath through R4 would be neither a successor nor feasible successor

D. not enough information has been given to figure out what the status of each route would be

Answer: A

Section: (none)


QUESTION 152Though many options are supported in EIGRPv6, select two options from the below list that are supported.(Choose two.)

A. VRF

B. auto-summary

C. per-interface configuration

D. prefix-list support via routE.map

E. prefix-list support via distribute-list

Answer: CE

Section: (none)

Explanation/Reference:Explanation:In a nutshell, the overall operation and features of EIGRPv6 are still the same as they are in EIGRPv4. But,EIGRPv6 does differ from EIGRPv4 in the following ways: EIGRPv6 is configured (enabled) directly on Ciscorouter's interfaces; this means EIGRPv6 can be configured (enabled) on a router's interface, without having toconfigure (assign) a Global IPv6 address on the interface and without using the "network" command while therouter is in router configuration mode. Also, when configuring (enabling) EIGRPv6 on a Cisco router, the EIGRProuting process must be configured (assigned) with a "router-id" (by using the router configuration command"router-id"); if a "router-id" is not configured (assigned) the EIGRPv6 routing process will not start. TheEIGRPv6 routing process also uses a "shutdown" feature; meaning an EIGRPv6 routing process will not startuntil the routing process has been placed into "no shutdown" mode. (by, typing the "no shutdown" commandwhile the router is in router configuration mode) Also, on Passive Interfaces; EIGRPv6 is not required to beconfigured. Lastly, EIGRPv6 use the router configuration command "distribute-list prefix-list" to perform routefiltering; and when configuring route filtering the "route-map" command is not supported.Reference: http://www.articledashboard.com/Article/IPv6-Cisco-Training--How-is-EIGRPv6- different-from-EIGRPv4-/484934

QUESTION 153An expanding company is deploying leased lines between its main site and two remote sites. The bandwidth ofthe leased lines is 128kb/s each, terminated on different serial interfaces on the main router. These links areused for combined VOIP and data traffic. The network administrator has implemented a VOIP solution toreduce costs, and has therefore reserved sufficient bandwidth in a low latency queue on each interface for theVOIP traffic. Users now complain about bad voice quality although no drops are observed in the low latencyqueue.What action will likely fix this problem?

A. mark VOIP traffic with IP precedence 6 and configure only 'fair-queue' on the links

B. configure the scheduler allocate 3000 1000 command to allow the QoS code to have enough CPU cycles

C. enable class-based traffic shaping on the VoIP traffic class

D. enable Layer 2 fragmentation and interleaving on the links

E. enable Frame Relay on the links and send voice and data on different Frame Relay PVCs

Answer: D

Section: (none)

Explanation/Reference:Explanation:Link fragmentation and interleaving (LFI) is a method used to reduce serialization delay for time- sensitive applications, such as VoIP. Consider a 1500-byte FTP packet traversing a 128k serial link. The packetwould take 94ms to be serialized.A VoIP packet that arrived after the FTP packet could then be forced to wait in the queue for up to 94ms.Considering that overall end-to end delay for a VoIP packet should not exceed 150ms (G.114), you can see thatthe delay induced by waiting for the larger packet can have a significant impact on voice quality. LFI resolvesthis issue by fragmenting large packets so that smaller time- sensitive packets can be interleaved with the largeones, reducing delay.Reference: "Configuring Cisco VOIP" By Syngress, page 299.

QUESTION 154When STP Uplink Fast is enabled on a switch utilizing the default bridge priority, what will the new bridgepriority be changed to?

A. 8192

B. 16384

C. 49152

D. 65535

Answer: C

Section: (none)

Explanation/Reference:Explanation:Upon enabling UplinkFast globally in a switch, the switch takes three actions:? Increases the root priority to 49,152? Sets the post costs to 3000? Tracks alternate RPs, which are ports in which root Hellos are being received

QUESTION 155Which three statements best describe Cisco IOS Firewall configurations? (Choose three.)

A. An ACL that is applied in the inbound direction on an unsecured interface must be an extended ACL.

B. An IP inspection rule can be applied in the outbound direction on an unsecured interface.

C. An ACL that is applied in the outbound direction on an unsecured interface must be an extended ACL.

D. An IP inspection rule can be applied in the inbound direction on a secured interface.

Answer: ABD

Section: (none)


The below excerpt is from the Cisco Press book " The Cisco IOS Firewall Feature Set" By Anupam Tewari.Note the places in italics where the correct answers can be found:

For CBAC (IOS Firewall) to function properly, it is essential that the access list be configured appropriately onthe interfaces . An extended access list must be used for the creation of temporary openings.The five steps involved in configuring CBAC are as follows: Choose an interface. CBAC can identify anyinterface as an internal or external interface. Unlike Firewall, CBAC has no concept of inside or outside;instead, it is concerned with the direction of the first packet initiating the conversation. Sessions originating fromthe external side are not permitted. For example, when user X in ABC Company tries to connect to the Internet,the direction of the conversation is from the ABC Company to the Internet. The router interface that connects touser X is considered internal , and the interface connected to the Internet is considered external . Configure IPaccess list at the interface. CBAC permits less traffic than necessary to get similar functionality with staticaccess lists. When configuring an access list on the internal interface, the inbound access list (at the internalinterface) or outbound (at the external interface) can be standard or extended. These access lists permit theCBAC to inspect the traffic. The outbound access list (on internal interface) and the inbound access list (at theexternal interface), on the other hand, should always be extended.On the external interface, the outbound access list can be standard or extended, but the inbound access listmust be an extended list. The inbound access list will deny the traffic to be inspected by CBAC. This denied

traffic would be permitted in by the temporary openings created by the CBAC. Configure global timeouts andthresholds. Global timeouts are used to configure the duration for which a hole in the firewall is maintained toallow in the return traffic. Thresholds are configured to shield the network from denial-of-service (DoS) attacks.The sessions that are not established under the configured parameters are dropped.For example, the ip inspect tcp synwait-time 30 command says to drop all the TCP sessions that are notestablished in 30 seconds. Similar timeouts can be set up for FIN-exchange, TCP or UDP idle timeouts, andDNS timeouts. Define an inspection rule. An inspection rule defines which application-layer protocol will beinspected by the CBAC. After configuring the inspection rule for an application-layer protocol, all the packets forthat protocol are permitted out and are allowed back in. Each protocol packet is inspected to maintain thesession information; the same session information is used to determine whether the packet is the part of validsession. ip inspect name inspection-name protocol [timeout seconds ] is a global command used to configurethe inspection rule. Protocol keywords can be tcp, udp, ftp-cmd, or http. timeout refers to the period of protocolinactivity before dropping the connection. Apply the inspection rule to the interface. The ip inspect inspection-name {in | out} command is used to apply the inspection rule to an interface. The keyword in is used forinbound traffic when the CBAC is applied on the internal (trusted, or secure) interface. The keyword out is usedfor outbound traffic when the CBAC is applied on the external, unsecured interface.Reference: http://www.ciscopress.com/articles/article.asp?p=26533&seqNum=5&rl=1

QUESTION 156You are designing your network to be able to use trunks. As part of this process you are comparing the ISL and802.1Q encapsulation options. All of these statements about the two encapsulation options are correct exceptwhich one?

A. Both support normal and extended VLAN ranges.

B. ISL is a Cisco proprietary encapsulation method and 802.10 is an IEEE standard.

C. ISL encapsulates the original frame.

D. Both support native VLANs.

E. 802.10 does not encapsulate the original frame.

Answer: D

Section: (none)

Explanation/Reference:Explanation:Comparing ISL and 802.1Q

QUESTION 157Refer to the exhibit. Your network is primarily an OSPF network, but there are points of redistribution from otherrouting protocols into your network. No route filtering has been implemented. Taking into account the outputfrom the show ip ospf database command in the exhibit, which of these statements is true?

Exhibit:

A. R101 is in Area 1, and Area 1 is an OSPF stub area

B. R101 is an ABR for Area 0 and Area 1

C. R101 is in Area 1, and Area 1 is a standard OSPF area

D. R101 is in Area 1, and Area 1 is an OSPF not-so-stubby area

Answer: C

Section: (none)


Router R101 is configured for OSPF area 1, as it is showing Net Link States for (Area 1). This rules out AnswerA. Area 1 cannot be a stub area or a NSSA because there are Type-5 AS External Link States in the OSPFdatabase and all stub area ABRs block Type-5 LSAs. Also, there are no Type-7 LSAs to match the Type-5LSAs so area 1 cannot be a NSSA. So these conditions rule out answers B and C. The router also is not anABR, as there are only LSAs for area 1 in the database, none for area 0. This rules out answer D.Router R101 must be an ASBR in standard OSPF area 1 based on the LSAs that are present in the database.

QUESTION 158Examine the following options ,which type of prefixes will a router running BGP most likely advertise to an IBGPpeer, assuming it is not configured as a route reflector?

A. prefixes received from EBGP peers and prefixes received from route reflectors

B. all prefixes in its routing table

C. prefixes received from any other BGP peer and prefixes locally originated via network statements orredistributed

D. prefixes received from EBGP peers and prefixes locally originated via network statements or redistributed

Answer: D

Section: (none)

Explanation/Reference:Explanation:By default, a BGP router will advertise routes that were received form other BGP peers (both IBGP and EBGPpeers) as well as any locally generated routes via the network command or via redistribution. The defaultconfiguration of BGP on a circuit does not advertise any routes or allow any learned routes into the IGP routingtable, these have to be manually entered as Network statements or be redistributed into the IGP.The network command controls what networks are originated by this box. This is a different concept from whatyou are used to configuring with IGRP and RIP. With this command we are not trying to run BGP on a certain interface, rather we are trying to indicate to BGP what networks it shouldoriginate from this box.The network command is one way to advertise your networks via BGP. Another way is to redistribute your IGP(IGRP, OSPF, RIP, EIGRP, etc.) into BGP. Careful filtering should be applied to make sure you are sending tothe internet only routes that you want to advertise and not everything you have.

QUESTION 159If a port configured with STP loop guard stops receiving BPDUs, the port will be put into which state?

A. learning state

B. listening state

C. forwarding state

D. root-inconsistent state

Answer: D

Section: (none)

Explanation/Reference:Explanation:Loop Guard-When normal BPDUs are no longer received, the port does not go through normal STPconvergence, but rather falls into an STP loop-inconsistent state.

QUESTION 160Two routers configured to run BGP have been connected to a firewall, one on the inside interface and one onthe outside interface. BGP has been configured so the two routers should peer, including the correct BGPsession endpoint addresses and the correct BGP session hop-count limit (EBGP multihop). What is a good firsttest to see if BGP will work across the firewall?

A. Attempt to telnet from the router connected to the inside of the firewall to the router connected to the outsideof the firewall. If telnet works, BGP will work, since telnet and BGP both use TCP to transport data.

B. Ping from the router connected to the inside interface of the firewall to the router connected to the outsideinterface of the firewall. If you can ping between them, BGP should work, since BGP uses IP to transportpackets.

C. There is no way to make BGP work across a firewall without special configuration, so there is no simple testthat will show you if BGP will work or not, other than trying to start the peering session.

D. There is no way to make BGP work across a firewall.

Answer: A

Section: (none)


Because BGP uses unicast TCP packets on port 179 to communicate with its peers, you can configure thefirewall to allow unicast traffic on TCP port 179. This way, BGP peering can be established between the routersthat are connected through the firewall. For an example configuration of BGP through PIX firewalls, see thereference link below.Reference:http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009487d.s html

QUESTION 161

An OSPF router is becoming active in a multi-access network and discovers its neighbors. Which

description is true?

A. If a DR and a BDR already exist and the router becoming active has the same priority and a higherloopback address than either of them, it will force a new election.

B. If the router becoming active has a higher priority than some elected routers, it may influence an election butwill not force an election to override an active DR or BDR.

C. If a DR and a BDR already exist and the router becoming active has a lower router ID than either of them, itwill force a new election.

D. If there is a DR but not a BDR, and the router becoming active has the same priority as an already activerouter, the router with the lowest router ID will become the BDR.

Answer: B

Section: (none)

Explanation/Reference:Explanation:The following rules govern the DR/BDR election process:? Any router with its OSPF priority set to between 1-255 inclusive can try to become DR by putting its own RIDinto the DR field of its sent Hellos.? Routers examine received Hellos, looking at other routers' priority settings, RIDs, and whether each neighborclaims to want to become the DR.? If a received Hello implies a "better" potential DR, the router stops claiming to want to be DR and asserts thatthe better candidate should be the DR.? The first criteria for "better" is the router with the highest priority. ? If the priorities tie, the router with the higherRID is better. ? The router not claiming to be the DR, but with he higher priority (or higher RID, in case priority isa tie) becomes the BDR? If a new router arrives after the election, or an existing router improves its priority, it cannot preempt theexisting DR and take over as DR (or as BDR).? Once a DR is elected, and the DR fails, the BDR becomes DR, and a new election is held for a new BDR.

Reference: CCIE Routing and Switching Official Exam Certification Guide, Second Edition by Wendell Odom, page 268.

QUESTION 162Refer to the exhibit. In this network, all routers are configured to run EIGRP on all links. If the link between R1and R2 fails, what is the maximum number of queries R3 will receive for 192.168.1.0/24, assuming that all the

packets transmitted during convergence are transmitted once (there are no dropped or retransmitted packets)?

A. R3 receive up to four queries for 192.168.1.0/24, one each from R2, R4, R5, and R6.

B. R3 receive up eight queries for 192.168.1.0/24, one from R2, two from R4, three from R5, and four from R6.

C. R3 receive one query for 192.168.1.0/24, since the remote routers, R4, R5, and R6, are natural stubs inEIGRP.

D. R3 not receive any queries from R2, because there are no alternate paths for 192.168.1.0/24.

Answer: A

Section: (none)

Explanation/Reference:Explanation:Queries and replies are sent when destinations go into Active state. Queries are always multicast unless theyare sent in response to a received query. In this case, it is unicast back to the successor that originated the query. Replies are always sent in response to queries to indicate to the originatorthat it does not need to go into Active state because it has feasible successors. Replies are unicast to theoriginator of the query. Both queries and replies are transmitted reliably.Reference:http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f07.shtml

QUESTION 163Unicast Reverse Path Forwarding can perform all of these actions except which one?

A. examine all packets received to make sure that the source addresses and source interfaces appear in therouting table and match the interfaces where the packets were received

B. check to see if any packet received at a router interface arrives on the best return path

C. combine with a configured ACL

D. log its events, if you specify the logging options for the ACL entries used by the unicast rpf command

E. Inspect IP packets encapsulated in tunnels, such as GRE

Answer: E

Section: (none)

Explanation/Reference:Explanation:Consider the following points in determining your policy for deploying Unicast RPF:

Unicast RPF must be applied at the interface downstream from the larger portion of the network, preferably atthe edges of your network.

The further downstream you apply Unicast RPF, the finer the granularity you have in mitigating addressspoofing and in identifying the sources of spoofed addresses. For example, applying Unicast RPF on anaggregation router helps mitigate attacks from many downstream networks or clients and is simple toadminister, but it does not help identify the source of the attack. Applying Unicast RPF at the network accessserver helps limit the scope of the attack and trace the source of the attack; however, deploying Unicast RPFacross many sites does add to the administration cost of operating the network.

The more entities that deploy Unicast RPF across Internet, intranet, and extranet resources, the better thechances of mitigating large-scale network disruptions throughout the Internet community, and the better thechances of tracing the source of an attack.

Unicast RPF will not inspect IP packets encapsulated in tunnels, such as GRE, LT2P, or PPTP.

Unicast RPF must be configured at a home gateway so that Unicast RPF processes network traffic only afterthe tunneling and encryption layers have been stripped off the packets.Reference:http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00804 fdef9.html

QUESTION 164Which statement correctly describes the Designated Forwarder in bidirectional PIM?

A. It has the best route to the rendezvous point and is the only router on the local subnet that may forwardmulticast traffic down the shared tree

B. It is responsible for forwarding all multicast traffic on to and off of the local subnet.

C. It is elected based on the highest IP address of all PIM routers on the local subnet and is the only router onthe local subnet that may forward multicast traffic up the shared tree.

D. It has the best route to the rendezvous point and is the only router on the local subnet that may forwardmulticast traffic up the shared tree.

Answer: D

Section: (none)

Explanation/Reference:Explanation:To avoid multicast packet looping, bidir-PIM introduces a new mechanism called the designated forwarder (DF)election, which establishes a loop-free SPT rooted at the RP.DF ElectionOn every network segment and point-to-point link, all PIM routers participate in a procedure called DF election.The procedure selects one router as the DF for every RP of bidirectional groups. This router is responsible for

forwarding multicast packets received on that network upstream to the RP.The DF election is based on unicast routing metrics and uses the same tie-break rules employed by PIM assertprocesses. The router with the most preferred unicast routing metric to the RP becomes the DF. Use of thismethod ensures that only one copy of every packet will be sent to the RP, even if there are parallel equal costpaths to the RP.A DF is selected for every RP of bidirectional groups. As a result, multiple routers may be elected as DF on anynetwork segment, one for each RP. In addition, any particular router may be elected as DF on more than oneinterface.Reference:http://www.cisco.com/en/US/products/sw/iosswrel/ps1834/products_feature_guide09186a0080080 0d6.html

QUESTION 165

Refer to the exhibit. Which protocol would allow you to implement a first-hop redundancy connection and makethis a multi-vendor solution?

A. Gateway Load Balancing Protocol (GLBP)

B. Hot Standby Router Protocol (HSRP)

C. Multi-group Hot Standby Router Protocol (MSHRP)

D. Virtual Router Redundancy Protocol (VRRP)

Answer: D

Section: (none)

Explanation/Reference:Explanation:Figure1 below shows a LAN topology in which VRRP is configured. In this example, RoutersA, B, and C areVRRP routers (routers running VRRP) that comprise a virtual router. The IP address of the virtual router is thesame as that configured for the Ethernet interface of Router A (10.0.0.1).

Figure1 Basic VRRP Topology

Because the virtual router uses the IP address of the physical Ethernet interface of Router A, Router Aassumes the role of the virtual router master and is also known as the IP address owner. As the virtual routermaster, Router A controls the IP address of the virtual router and is responsible for forwarding packets sent tothis IP address. Clients 1 through 3 are configured with the default gateway IP address of 10.0.0.1.

Routers B and C function as virtual router backups . If the virtual router master fails, the router configured withthe higher priority will become the virtual router master and provide uninterrupted service for the LAN hosts.When Router A recovers, it becomes the virtual router master again.Reference:http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00804 2fbd9.html

QUESTION 166A router is connected to an HDLC circuit via a T1 physical interface. The SLA for this link only allows for asustained rate of 768 kb/s. Bursts are allowed for up to 30 seconds at up to line rate, with a window Tc of 125ms. What should the Bc and Be setting be when using generic traffic shaping?

A. Be = 46320000 , Bc = 96000

B. Be = ,768000 Bc = 32000

C. Be = ,128000 Bc = 7680

D. Be = ,0 Bc = 96000

Answer: A

Section: (none)

Explanation/Reference:Explanation:Be: The amount of excess data allowed to be sent during first Tc interval in bits once credit is built up. The T1line rate is 1544kbps. In this case the burst is allowed at line rate up to 30 sec so Be = 1544000 * 30 =46320000Bc: The amount of data to send per each Tc interval in bits. Ideally for data PVCs Bc = CIR/8 so that Tc =125msec. In this case 768000/8=96000Reference:http://www.cisco.com/en/US/tech/tk713/tk237/technologies_configuration_example09186a008009 42f8.shtml

QUESTION 167Which two types of QoS functionality does Network-Based Application Recognition provide? (Choose two.)

A. NBAR provides scheduling in an MQC policy map using an advanced algorithm.

B. NBAR provides deep packet inspection and is used for advanced packet classification.

C. NBAR provides per-protocol packet and byte accounting functionality; it is used to track bandwidth utilizationfor all protocols described in the loaded PDLMs.

D. NBAR provides the ability to configure MCQ; it is a mandatory MCQ component.

E. NBAR can be configured using an application policy.

Answer: BC

Section: (none)

Explanation/Reference:Explanation:The Network-Based Application Recognition (NBAR) feature adds intelligent network classification to networkinfrastructures. NBAR is a classification engine that recognizes a wide variety of applications, including web-based and other difficult-to-classify protocols that utilize dynamic TCP/User Datagram Ports (UDP) portassignments. When an application is recognized and classified by NBAR, a network can invoke services forthat specific application.Reference:http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800c75d1.html#54116

QUESTION 168Which statement is true of a source that wants to transmit multicast traffic to group 239.1.1.1?

A. It may begin transmitting multicast traffic to the group only when there is no other host transmitting to thegroup on the local subnet.

B. It may transmit multicast traffic to the group at any time.

C. Before sending traffic, it must first join multicast group 239.1.1.1 by sending an IGMPv2 membership reportto the default router on the local subnet.

D. It must send an IGMPv2 Request to Send packet and then wait for an IGMPv2 Clear to Send packet fromthe IGMPv2 querier router on the local subnet

Answer: B

Section: (none)

Explanation/Reference:Explanation:Although hosts that want to receive IP multicast traffic are required to use IGMP first, senders of multicasttraffic can transmit to the destination multicast IP address at any time.

QUESTION 169Which three LMI types can be configured for use with Frame Relay on a Cisco router? (Choose three).

A. Cisco

B. ANSI-Annex D

C. Q.931 - Annex B

D. Q.933- Annex A

Answer: ABD

Section: (none)

Explanation/Reference:Explanation:The three LMI types for use with Frame Relay on a CISCO Router are: CISCO ANSI Q.933

QUESTION 170In order to create a fully meshed Frame Relay network with point-to-point links between 10 sites, how manylinks would be needed?

A. 10

B. 20

C. 35

D. 45

E. 60

Answer: D

Section: (none)

Explanation/Reference:Explanation:The number of links (connections) needed for any fully meshed configuration can be found by the formula: N(N-1)/2. For 10 links we have: 10(10-1)/2=45

QUESTION 171If two bridges are competing to become the root bridge of an IEEE 802.1 D spanning tree and both have thesame bridge priority configured, what parameter determines the winner?

A. root port cost

B. MAC address

C. highest-numbered IP interface

D. device uptime

E. OS revision

Answer: B

Section: (none)

Explanation/Reference:Explanation:A Spanning-Tree Bridge-ID contains two pieces of information, a Bridge Priority value and a MAC Address.These two values put together are called the Bridge-ID. The root bridge of the spanning tree is the bridge withthe smallest bridge ID. To compare two bridge IDs, the priority is compared first. If two bridges have equalpriority, then the MAC addresses are compared.

QUESTION 172By using a unique route distinguisher per VRF, an RFC 4364 Layer 3 VPN allows for which of these?

A. overlapping IP address spaces

B. multi-homed access

C. a unique IGP per VRF

D. traffic engineering

Answer: A

Section: (none)

Explanation/Reference:Explanation:RFC 4364 describes a method by which a Service Provider may use an IP backbone to provide IP VirtualPrivate Networks (VPNs) for its customers. This method uses a "peer model", in which the customers' edgerouters (CE routers) send their routes to the Service Provider's edge routers (PE routers). Border GatewayProtocol (BGP) [BGP, BGP-MP] is then used by the Service Provider to exchange the routes of a particularVPN among the PE routers that are attached to that VPN. This is done in a way that ensures that routes fromdifferent VPNs remain distinct and separate, even if two VPNs have an overlapping address space. The BGPMultiprotocol Extensions [BGP-MP] allow BGP to carry routes from multiple "address families". We introducethe notion of the "VPN-IPv4 address family". A VPN-IPv4 address is a 12-byte quantity, beginning with an 8-byte Route Distinguisher (RD) and ending with a 4-byte IPv4 address. If several VPNs use the same IPv4address prefix, the PEs translate these into unique VPN-IPv4 address prefixes (route distinguisher). Thisensures that if the same address is used in several different VPNs, it is possible for BGP to carry severalcompletely different routes to that address, one for each VPN.Reference: http://www.networksorcery.com/enp/rfc/rfc4364.txt

QUESTION 173

Refer to the exhibit. All routers in this network are configured to run OSPF on all their connected links. R1 isredistributing 192.168.1.0/24 into Area 1. When the 192.168.1.0/24 network is disconnected from R1 thenetwork administrator notes that R4 and R3 both receive two OSPF updates. Since 192.168.1.0/24 is withinArea 1, the network administrator thinks this may indicate incorrect operation and calls technical support.Is this incorrect OSPF operation, and why or why not?

Exhibit:

A. This is correct operation; R3 should receive new LSAs from R1. and R4 should receive one updated LSAfrom R1 and another from R2.

B. This is correct operation; R4 will receive and updated router (type 1) LSA from R1 and an OSPF updateremoving the external (type 5) LSA from the OSPF database.

C. This is incorrect operation; R4 should only receive one LSA when 192.168.1.0/24 is disconnected from R1.

D. This is incorrect operation; R4 should not receive any LSAs when 192.168.1.0/24 is disconnected from R1.

Answer: A

Section: (none)

Explanation/Reference:Explanation:Router R1 will send out a Type 1 LSA locally to area 1 to describe the updated interface state on itself. This isone LSA received by R3. This LSA will not be transmitted into area 0. R1 will also send out a Type 5 LSA towithdraw the external route. This is the 2nd LSA received by R3. Both R3 and R2 will forward this LSA to R4 asABRs between areas 0 and 1. This accounts for the two LSAs received by R4

QUESTION 174Refer to the exhibit. A network engineer has connected a packet-capturing device to the common broadcastsegment in this network, on which all the routers are configured to run OSPF. By examining various showcommands on the routers, the engineer discovers that the designated router is R1. By examining the capturedpackets, the engineer also discovers that every new LSA that R3 sends to the link. R1 resends to the link a fewmoments later.

Is this correct OSPF operation, and why or why not?

Exhibit:

A. This is incorrect operation; each new LSA should only be flooded onto a given broadcast link once.

B. This is correct operation; OSPF uses a scheme whereby each LSA flooded onto a link is acknowledged bythe receiving router through a reflood back onto the link of the same information.

C. This is incorrect operation; it indicates that while R3 can send packets to R1, R1 cannot send packets to R3.

D. This is correct operation; flooding new LSA information to the other routers is a function of the designatedrouter.

Answer: D

Section: (none)

Explanation/Reference:Explanation:OSPF optimizes the LSA flooding process on multiaccess data links by using the concept of a designatedrouter (DR). Without the concept of a DR, each pair of routers that share a data link would become fullyadjacent neighbors. Each pair of routers would directly exchange their LSDBs with each. On a LAN with only sixrouters, without a DR, 15 different pairs of routers would exist, and 15 different instances of full databaseflooding would occur. OSPF uses a DR (and backup DR, or BDR) on a LAN or other multiaccess network. Theflooding occurs through the DR, significantly reducing the unnecessary exchange of redundant LSAs. If R1 is the designated router, the firsttime the LSA is seen is when R3 sends the LSA to its neighbor, R1 which is the DR. The second time the LSAis seen, is R1 flooding the LSA to all of the routers on the segment.

QUESTION 175When receiving information from redistributed routes, a router will use all of these factors when building itsrouting table except for which one?

A. Routing protocol process ID

B. Administrative distance

C. IP prefix lists

D. The route metric

E. Prefix length

Answer: A

Section: (none)

Explanation/Reference:Explanation:Process id is never factored in.Building the Routing Table :The main considerations while building the routing table are: Administrative distance - This is the measure oftrustworthiness of the source of the route. If a router learns about a destination from more than one routingprotocol, administrative distance is compared and the preference is given to the routes with lower administrativedistance. In other words, it is the believability of the source of the route. Metrics - This is a measure used by therouting protocol to calculate the best path to a given destination, if it learns multiple paths to the samedestination. Each routing protocol uses a different metric. Prefix lengthAs each routing process receives updates and other information, it chooses the best path to any givendestination and attempts to install this path into the routing table. For instance, if EIGRP learns of a path toward10.1.1.0/24, and decides this particular path is the best EIGRP path to this destination, it tries to install the pathit has learned into the routing table. The router decides whether or not to install the routes presented by therouting processes based on the administrative distance of the route in question. If this path has the lowestadministrative distance to this destination (when compared to the other routes in the table), it's installed in therouting table. If this route isn't the route with the best administrative distance, then the route is rejected. TheRouting protocol process ID is not used in building the routing table for redistributed routes.Reference: www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094823.shtml

QUESTION 176You work as a network engineer for the company, you want to configure two BGP speakers to form an EBGPsession across a firewall. On the engineer's network, the firewall always permits TCP sessions that are initiatedfrom the inside network (the network attached to the inside interface of the firewall). What prerequisite is therefor enabling BGP to run on this network?

A. EBGP multihop will need to be configured for this to work.

B. This should work with normal BGP peering, with no additional configuration on the BGP speakers or thefirewall.

C. The BGP protocol port must be opened on the firewall.


Answer: C

Section: (none)

Explanation/Reference:Explanation:Because BGP uses unicast TCP packets on port 179 to communicate with its peers, you must allow unicasttraffic on TCP port 179 on the firewalls. You will need to allow incoming as well as outgoing TCP port 179. Thisway, BGP peering can be established between the routers that are connected through the firewall. Aconfiguration example of how to do this is found at the reference link below.Reference: ASA/PIX: BGP through ASA Configuration Examplehttp://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009487d.s html

QUESTION 177Which of these statements about PIM-join messages in classic PIM-SM is correct?

A. PIM-join messages are sent every 60 seconds to refresh the upstream router's mroute state for themulticast tree.

B. Routers send a PIM-join acknowledgement in response to each PIM-join message received from adownstream router.

C. PIM-join messages are only sent when the multicast distribution tree is first being established.

D. PIM-join messages are sent every three minutes to refresh the upstream router's mroute state for themulticast tree.

Answer: A

Section: (none)

Explanation/Reference:Explanation:In a typical PIM-SM implementation, each neighboring router that supports a downstream multicast groupmember sends a PIM Join/Prune Message every 60 seconds, so it can take up to 60 second for a rebootedrouter to learn the forwarding states for any downstream multicast group members after learning the identity of the multicast group RP router. Reference: http://www.patentstorm.us/patents/6631420-description.html

QUESTION 178Refer to the exhibit. The network administrator for this small EIGRP network would like to change the primarypath from R5 to 172.30.1.0/24 so that it passes through R2. Which of these changes allow the networkadministrator to achieve this goal?

A. Increase the delay on the link between R5 and R4 to 30, and increase the delay on the link between R5 andR3 to 25.

B. Increase the delay on the link between R5 and R3 to 25.

C. Decrease the delay on the link between R5 and R2 by 5.

D. Do nothing; the traffic from R5 to 172.30.1.0/24 already passes through R2.

Answer: A

Section: (none)


QUESTION 179Which four commands are required when implementing DMVPN? (Choose four.)

A. crypto ipsec transform

B. crypto isakmp policy

C. crypto acl

D. easy vpn

E. gre tunnel interface

F. crypto ipsec profile

Answer: ABEF

Section: (none)


QUESTION 180What protocol provides a mechanism to tranparently intercepts and redirects CIFS traffic from a client to a localCisco Wide Area Application engine?

A. File Transport Protocol (FTP)

B. Hot Standby Routing Protocol (HSRP)

C. Virtual Router Redundancy Protocol (VRRP)

D. Web Cache Communication Protocol (WCCP)

Answer: D

Section: (none)

Explanation/Reference:Explanation:Clients in a WAFS network use the Common Internet File System (CIFS) cache service to request file and printservices from servers over a network. WCCP provides the mechanism to transparently redirect CIFS traffic toyour WAE for processing. To configure basic WCCP, you must enable the WCCP service on at least one routerin your network and on your WAE. It is not necessary to configure all of the available WCCP features orservices to get your WAE up and running.

QUESTION 181Which three of these major functionality changes were made between IGMPv2 and IGMPv3? (Choose three.)

A. IGMPv3 added the ability for a host to specify which sources in a multicast group it wishes to receive.

B. IGMPv3 added the ability for a host to specify which sources in a multicast group it does not wish to receive.

C. IGMPv3 removed the ability to perform a wildcard join of all sources in a multicast group.

D. IGMPv3 removed the report-suppression feature for IGMP membership reports

E. IGMPv3 added Request to Send and Clear to Send signaling between sources and local IGMP queriers.

Answer: ABD

Section: (none)

Explanation/Reference:Explanation:Tableof IGMP Versions

Note:

IGMP report suppression is supported only when the multicast query has IGMPv1 and IGMPv2 reports. Thisfeature is not supported when the query includes IGMPv3 reports.References:http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00805 a344c.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst2970/software/release/12.2_25_se/configur ation/guide/swigmp.html#wp1117101

QUESTION 182The ip pim autorp listener command is used to do which of these?

A. enable the use of Auto-RP on a router

B. enable a Cisco router to "passively" listen to Auto-RP packets without the router actively sending orforwarding any of the packets

C. configure the router as an Auto-RP mapping agent

D. allow Auto-RP packets in groups 224.0.1.39 and 224.0.1.40 to be flooded in dense mode out interfacesconfigured with the ip pim sparse-mode command

Answer: D

Section: (none)

Explanation/Reference:Explanation:To cause IP multicast traffic for the two Auto-RP groups 224.0.1.39 and 224.0.1.40 to be Protocol IndependentMulticast (PIM) dense mode flooded across interfaces operating in PIM sparse mode, use the ip pim autorplistener command in global configuration mode. Use the ip pim autorp listener command with interfacesconfigured for PIM sparse mode operation in order to establish a network configuration where Auto-RPoperates in PIM dense mode and multicast traffic can operate in sparse mode, bidirectional mode, or sourcespecific multicast (SSM) mode.

Example:The following example enables IP multicast routing and the Auto-RP listener feature on a router. It alsoconfigures the router as a Candidate RP for the multicast groups 239.254.2.0 through 239.254.2.255.ip multicast-routingip pim autorp listener

ip pim send-rp-announce Loopback0 scope 16 group-list 1ip pim send-.rp-discovery Loopback1 scope 16access-list 1 permit 239.254.2.0 0.0.0.255

Reference:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fiprmc_r/mult/1rfmult2.htm#wp1090395

QUESTION 183Multicast addresses in which range are reserved by the IANA for administratively scoped multicast?

A. 232.0.0.0-232.0.0.255

B. 233.0.0.0-233.255.255.255

C. 232.0.0.0-232.255.255.255

D. 239.0.0.0-239.255.255.255

Answer: A

Section: (none)

Explanation/Reference:Explanation:IANA Assigned Multicast Address BlocksThe IETF has provided the IANA with guidance on how IP Multicast address space should be allocated in RFC3171bis, "IANA Guidelines for IPv4 Multicast Address Assignments." Table 1 below lists the current

assignments blocks documented in RFC 3171bis.

Reference:http://www.cisco.com/en/US/tech/tk828/technologies_white_paper09186a00802d4643.shtml

QUESTION 184Which three of these are good reasons to use summarization or route aggregation? (Choose three.)

A. Aggregation reduces the amount of memory required to store the routing table.

B. Summarization adds the amount of memory that is required to routes when calculating the routing paths.

C. Summarization is used to minimize the exchange and processing of routing information.

D. Aggregation eliminates routes to be installed on the routing table.

E. Summarization optimizes the routing information advertisement during route redistribution.

Answer: ACE

Section: (none)

Explanation/Reference:Explanation:Route summarization means summarizing a group of routes into a single route advertisement. The net result ofroute summarization and its most obvious benefit is a reduction is the size of routing tables on the network.This in turn reduces the latency associated with each router hop since the average speed for routing tablelookup will be increased due to the reduced number of entries. The routing protocol overhead can also besignificantly reduced since fewer routing entries are being advertised. This can become critical as the overallnetwork (and hence the number of subnets) grows.Apart from reducing routing table sizes route summarization can also improve the stability of the network bycontaining the propagation of routing traffic after a network link goes down. If a router is only advertising asummary route to the next downstream router, then it will not advertise changes relating to specific subnetscontained within the summarized range.

QUESTION 185Spanning Tree Protocol IEEE 802.1s defines the ability to deploy which of these?

A. One global STP instance for all VLANs

B. one STP instance for each VLAN

C. one STP instance per set of VLANs

D. one STP instance per set of bridges

Answer: C

Section: (none)

Explanation/Reference:Explanation:802.1s for MST is an amendment to 802.1Q. MST extends the IEEE 802.1w rapid spanning tree (RST)algorithm to multiple spanning trees. This extension provides both rapid convergence and load balancing in aVLAN environment. MST converges faster than PVST+. MST is backward compatible with 802.1D STP, 802.1w(rapid spanning tree protocol [RSTP]), and the Cisco PVST+ architecture.MST allows you to build multiple spanning trees over trunks. You can group and associate VLANs to spanningtree instances. Each instance can have a topology independent of other spanning tree instances. This newarchitecture provides multiple forwarding paths for data traffic and enables load balancing. Network faulttolerance is improved because a failure in one instance (forwarding path) does not affect other instances (forwarding paths).Reference:http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/s pantree.html#wp1050594

QUESTION 186Two routers are connected over a serial link, and are configured to run EIGRP on all interfaces. You examinethe EIGRP neighbor table on both routers (using the show ip eigrp neighbor command) and see that the routerconnected over the serial link is listed as a neighbor for a certain amount of time, but is periodically removedfrom the neighbor table. None of the routes from the neighbor ever seem to be learned, and the neighbortransmission statistics (SRTT, RTO, and Q Count) seem to indicate that no packets are being transmittedbetween the neighbors. What is the most likely cause of this problem?

A. While multicast packets are being successfully sent over the link, unicast packets are not.

B. This is correct behavior for the first few minutes of EIGRP neighbor formation. After four or five cycles, itshould straighten itself out and the neighbor relationship should work.

C. The hello or hold intervals are set differently on the two routers.

D. There is a bug in the EIGRP code that needs to be fixed.

Answer: A

Section: (none)

Explanation/Reference:Explanation:EIGRP uses multicast to establish a neighbor relationship and to send EIGRP update messages which includerouting updates. EIGRP uses the Reliable Transport Protocol (RTP) to send the multicast EIGRP updates.EIGRP sends updates, waiting on a unicast EIGRP ACK message from each recipient. If any neighbors fail toacknowledge receipt of the multicasted update, RTP resends Updates as unicasts just to those neighbors.Incorrect Answers:B: This is not normal behavior

C: The hello and hold timers do not need to match in EIGRP. Each router uses its neighbor's timers to monitorthe relationshipD: While it is possible that a bug in the EIGRP code could cause these symptoms, Answer A is morespecifically correct.

QUESTION 187If a Cisco switch is configured with VTP v1 in transparent mode, what is done with received VTPadvertisements?

A. They are discarded.

B. The changes within the advertisements are made to the switch's VTP database.

C. The contents are ignored and they are forwarded out all trunking ports.

D. The contents are altered to reflect the switch's own VTP database and then they are forward out all trunkingports.

Answer: C

Section: (none)

Explanation/Reference:Explanation:From the CCIE R&S Exam Certification Guide:VTP Modes and Features

QUESTION 188Two islands of IPv6 networks running IS-IS (IPv6 IGP) need to connect via a tunnel over an IPv4 network.Which of these tunneling methods could be used to achieve this goal?

A. manual tunnels (RFC 2893)

B. 6to4 tunnels

C. ISATAP tunnels

D. GRE tunnels

Answer: D

Section: (none)

Explanation/Reference:Explanation:IPv6 traffic can be carried over IPv4 GRE tunnels using the standard GRE tunneling technique that is designed to provide the services necessary to implement any standard point-to-point encapsulationscheme. As in IPv6 manually configured tunnels, GRE tunnels are links between two points, with a separatetunnel for each link. The tunnels are not tied to a specific passenger or transport protocol, but in this case carryIPv6 as the passenger protocol with the GRE as the carrier protocol and IPv4 or IPv6 as the transport protocol.The primary use of GRE tunnels is for stable connections that require regular secure communication betweentwo edge routers or between an edge router and an end system. The edge routers and the end systems mustbe dual-stack implementations. GRE has a protocol field that identifies the passenger protocol. GRE tunnelsallow Intermediate System-to-Intermediate System (IS-IS) or IPv6 to be specified as a passenger protocol,which allows both IS-IS and IPv6 traffic to run over the same tunnel. If GRE did not have a protocol field, itwould be impossible to distinguish whether the tunnel was carrying IS-IS or IPv6 packets. The GRE protocol

field is why it is desirable that you tunnel IS-IS and IPv6 inside GRE. http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_configuration_guide_chapter0 9186a00801d6604.html#wp1027187

QUESTION 189If you have multiple DHCP pools configured on the same router, what IOS command has to be entered in theDHCP configuration to be processed be using the other DHCP pool configuration?

A. host

B. network

C. ip helper

D. default-gateway

Answer: A

Section: (none)

Explanation/Reference:Explanation:If you want to use the other DHCP pools you should do it statically.

Not C: The question is: << If you have multiple DHCP pools configured in the same Router>> That's mean youdon't need the network to configure pools, because they are already configured

QUESTION 190Refer to the exhibit. R10 is redistributing routes learned form BGP into the OSPF process. R5 receives apacket destined for a network learned via BGP. Information received by means of which LSA enables R5 toproperly route the packet?

A. a type 7 (NSSA external) LSA generated by R10

B. a type 7 (NSSA external) LSA generated by R2

C. a type 7 (NSSA external) LSA generated by R1

D. a type 5 (AS external) LSA generated by R10

E. a type 5 (AS external) LSA generated by R2

F. a type 5 (AS external) LSA generated by R1

Answer: E

Section: (none)


QUESTION 191You have attempted to configure OSPFv3 between two routers over Frame Relay and cannot establishadjacency. What have you failed to map?

A. the multicast address for all routers to the DLCI

B. the solicited node multicast address to the DLCI

C. the neighbor's link local address to the DLCI

D. the broadcast address for all routers to the DLCI

Answer: C

Section: (none)

Explanation/Reference:Explanation:From the CCIE R&S Exam Certification Guide:In IPv4 Frame Relay networks, you are likely to be familiar with mapping IP addresses to DLCI numbers. Theconfiguration of frame-relay map statements is much the same in IPv6, but there is a twist: It requires two mapstatements instead of just one. One map statement points to the link- local address, and the other points to theunicast address of the next-hop interface.

QUESTION 192Refer to the exhibit. Both multicast sources are sending to the same multicast address. How does a userspecify which multicast stream they would like to receive?

A. The user must know the source address and group address of the desired multicast stream and explicitlyjoin that stream.

B. Dense mode is used to forward the multicast streams to the end users allowing them to pick the desiredstream when it arrives.

C. The multicast streams must be separated from each other by specifying a scope for each. This means thateach user can only get multicast traffic from one of the sources.

D. Routers A and B are set up as rendezvous points. The user joins a multicast group by sending an IGMPrequest to their local router. The local router then connects to the correct RP and receives the desiredmulticast stream.

Answer: A

Section: (none)

Explanation/Reference:FreeExamKing.comExplanation:The user must know the source address and group address of the desired stream and explicitly join it.This is a feature of igmpv3. the group add is 232.1.1.1 and this is in the ssm range specified for igmpv3. this isa security behaviour incorporated to mitigate dos that can be caused whn rogue multicast group add divertsstream from clients. this is the case with version 1 and 2.

QUESTION 193Refer to the exhibit. In this network, all routers are configured to run EIGRP on all links. R2 is configured tosend a summary route only to R4, R5, and R6. If the link between R1 and R2 fails, Page 144 of 251 "Pass AnyExam. Any Time." - www.actualtests.com 144Cisco 350-001: Practice Exam

what is the maximum number of queries R3, R4, R5, and R6 will receive for 192.168.1.0/24, assuming that allthe packets transmitted during convergence are transmitted once (there are no dropped or retransmittedpackets)?

A. R3 will receive one query for 192.168.1.0/24 .from R2. R4, R5, and R6 will each receive, and reply to, onequery.

B. R3 will receive four queries for 192.168.1.0/24, one each from R2, R4, R5, and R6. R4, R5, and R6 willeach receive, and reply to, one query.

C. R3, R4, R5, and R6 will not receive any queries for 192.168.1.0/24, since there is no alternate path to thisdestination within the network

D. R3 will receive one query for 192.168.1.0/24. R4, R5, and R6 will not receive any queries for thisdestination, because R2 is not advertising this network towards them.

Answer: A

Section: (none)

Explanation/Reference:Explanation:There is not something like a natural stub router. Stub needs to be configured.

QUESTION 194Which three port states are used by RSTP 802.1w? (Choose three.)

A. Listening

B. Learning

C. Forwarding

D. Blocking

E. Discarding

F. Disabled

Answer: BCE

Section: (none)


Explanation:Discarding, learning and forwarding are the 3 port states in RSTP. In RSTP, a discarding state means that theport does not forward frames, receive frames, or learn source MAC addresses, regardless of whether the portwas shut down, failed, or simply does not have a reason to forward. Once RSTP decides to transition fromdiscarding to forwarding state (for example, a newly selected RP), it goes immediately to the learning state.From that point on, the process continues just as it does with 802.1d. RSTP no longer needs the listening statebecause of its active querying to neighbors, which guarantees no loops during convergence.

QUESTION 195What is the reason that you avoid having multicast applications use the multicast address 255.0.0.11 wheneverpossible?

A. This address is reserved by the IANA for the Multicast Address Dynamic Client Allocation Protocol.

B. This Layer 3 IP multicast address maps to a Layer 2 MAC address that will always be flooded to all ports ofa Cisco Layer 2 switch.

C. This is a link-local multicast address which is never forwarded beyond the local subnet

D. This address is reserved by the IANA for the Session Announcement Protocol.

Answer: B

Section: (none)


Explanation:IGMP Snooping normally is used by Layer 2 switches to constrain multicast traffic only to those ports that havehosts attached and that have signaled their desire to join the multicast group by sending IGMP MembershipReports. However, it is important to note that most Layer 2 switches flood all multicast traffic that falls within theMAC address range of 0x0100.5E00.00xx (which corresponds to Layer 3 addresses in the Link-Local block) toall ports on the switch even if IGMP Snooping is enabled. This is true for the current suite of Cisco switches.The reason that this Link- Local multicast traffic is always flooded is that IGMP Membership Reports normallyare never sent for multicast traffic in the Link-Local block. For example, routers do not send IGMP MembershipReports for the ALL-OSPF-ROUTERS group (255.0.0.5) when OSPF is enabled. Therefore, if Layer 2 switcheswere to constrain (that is, not flood) Link-Local packets in the 255.0.0.0/24

(0x0100.5E00.00xx) range to only those ports where IGMP Membership reports were received, Link-Localprotocols such as OSPF would break.The impact of this Link-Local flooding in combination with the 32:1 ambiguity that arises when Layer 3 multicastaddresses are mapped to Layer 2 MAC addresses means that there are several multicast group rangesbesides the 255.0.0.0/24 that will map to the 0x0100.5E00.00xx MAC address range and hence also will beflooded by most Layer 2 switches. It is recommended that multicast addresses that map to the0x0100.5E00.00xx MAC address range be avoided .Reference:http://www.cisco.com/en/US/tech/tk828/technologies_white_paper09186a00802d4643.shtml#wp1 002391

QUESTION 196Prior to 802.1w, Cisco implemented a number of proprietary enhancements to 802.1 D to improve convergencein a Layer 2 network. Which of these statements is true?

A. Only Port Fast and UplinkFast are specified in 802.1w; BackboneFast must be manually configured.

B. Only UplinkFast and BackboneFast are specified in 802.1w; Port Fast must be manually configured.

C. Only Port Fast is specified in 802.1w; UplinkFast and BackboneFast must be manually configured.

D. None of the proprietary Cisco enhancements are specified in 802.1w.

E. Port Fast, Uplink Fast, and Backbone Fast are specified in 802.1w.

Answer: E

Section: (none)


QUESTION 197Refer to the exhibit. In this network, what will be the impact at R4 if the link between R1 and R2 fails?

Exhibit:

A. R2 will generate a new network (type 2) LSA, since it has lost its connection to 10.1.1.4/30.When R4 receives this LSA, it will run SPF to recalculate the shortest path three.

B. R4 will receive a router (type 1) LSA from R2, since it has lost its connection to R2. When R4 receives thisLSA, it will run SPF to recalculate the shortest path tree.

C. R4 will not receive any new LSAs of any type, nor will it run SPF.

D. R3 will generate a new summary (type 3) LSA when the link between R1 and R2 fails. When R4 receivesthis new summary LSA, it will run SPF, recalculating its shortest path tree.

Answer: C

Section: (none)


QUESTION 198What is the STP root guard feature designed to prevent?

A. a root port being transitioned to the forwarding state

B. a port being assigned as a root port

C. a root port being transitioned to the blocking state

D. a port being assigned as an alternate port

Answer: B

Section: (none)


Explanation:Root Guard-Enabled per port; ignores any received superior BPDUs to prevent a switch connected to this portfrom becoming root. Upon receipt of superior BPDUs, this switch puts the port in a loop-inconsistent state,ceasing forwarding and receiving frames until the superior BPDUs cease.

QUESTION 199

Refer to the exhibit. In this network, OSPF has been configured on R2 and R3 to run on all 10.0.0/8 links.EBGP and IBGP sessions are configured as shown. BGP is advertising all OSPF learned routes on R2, and192.168.1.0/24 on R1. The user at H1 calls and states that H1 cannot reach a server located on192.168.1.0/24, although it can reach R1's address on the 192.168.2.0/24 network.

A. The next hop to 192.168.1.0/24 is on the 192.168.2.0/24 network. R3 does not have a route to192.168.2.0/24, so it will not install the route to 192.168.1.0/24.

B. The next hop to 192.168.1.0/24 at R3 is R2; IBGP will not install a route with a directly connected next hop.

C. The next hop to 10.1.2.0/24 is R3 (on the 10.1.1.0/24 network). R1 does not have a route to the 10.1.1.0/24network, so it will not install 10.1.2.0/24.

D. H1's default gateway is probably misconfigured.

Answer: A

Section: (none)

Explanation/Reference:Explanation:If the router doesn't know how to reach a route's next hop, a recursive lookup will fail, and the route can't beadded to BGP. For example, if a BGP router receives a route for 10.0.0.0/8 with a NEXT_HOP attribute of192.168.0.1, but doesn't have an entry in its routing table for a subnet containing 192.168.0.1, the receivedroute for 10.0.0.0/8 is useless and won't be installed in the routing table.

QUESTION 200Into which two types of areas would an area border router (ABR) inject a default route? (Choose two.)

A. the autonomous system of a different interior gateway protocol (IGP)

B. area 0

C. totally stubby

D. NSSA

E. stub

F. the autonomous system of an exterior gateway protocol (EGP)

Answer: CE

Section: (none)


QUESTION 201Refer to the exhibit. If VLAN 21 does not exist before typing the commands, what is the result of theconfiguration applied on switch SW1?

A. A new VLAN 21 is created and port 0/8 is assigned to that VLAN.

B. A new VLAN 21 is created, but no ports are assigned to that VLAN.

C. No VLAN 21 is created and no ports are assigned to that VLAN.

D. Configuration commandvlan database should be used first to create the VLAN 21.

Answer: A

Section: (none)


QUESTION 202Which of these is mandatory when configuring Cisco IOS Firewall?

A. Cisco IOS IPS enabled on theuntrusted interface

B. NBAR enabled to perform protocol discovery and deep packet inspection

C. a route map to define the trusted outgoing traffic

D. a route map to define the application inspection rules

E. an inbound extended ACL applied to theuntrusted interface

Answer: E

Section: (none)


QUESTION 203Which of these statements is true regarding BPDU generation for both 802.1D and 802.1w?

A. In 802.1D, only the root switch generates BPDUs every "hello time" second.

B. For both 802.1D and 802.1w, only the root switch generates BPDUs every "hello-time" second.

C. For both 802.1D and 802.1w, all switches generate BPDUs every "hello-time" second.

D. In 802.1D, all switches generate BPDUs every "hello-time" second.

E. In 802.1w, only the root switch generates BPDUs every "hello-time" second.

F. In 802.1w, all switches generate BPDUs every "hello-time" second.

Answer: A

Section: (none)


QUESTION 204Refer to the exhibit. In this network, if the link between R1 and R2 fails, what will be the impact on R4?

A. R4 will receive a new summary (type 3) LSA from R3 when the link between R1 and R2 fails.This will cause R4 to run SPF.

B. R4 will not notice any changes if the link between R1 and R2 fails, since R3 will be generating a summary(type 3) LSA between Area 1, where the link between R1 and R2 is located, and Area 0, whereR4 is connected.

C. R4 will receive a new router (type 1) LSA from R2, since R2 has lost its connection with R1.When R4 receives this new router LSA, it will run SPF.

D. R4 will receive a new network (type 2) LSA from R2, since R2 has lost connectivity to the 10.1.1.4/31network. When R4 receives this new LSA, it will run SPF to recalculate its tree.

Answer: A

Section: (none)


QUESTION 205Refer to the exhibit. In this network, what path will traffic destined to 10.1.3.1 and arriving at R1 prefer?

A. through R3, since that is the lowest cost path (10+10 = 20, which is lower than 100)

B. through R2, since it is the path through Area 0

C. through R2; this is the only path available for R1 to reach 10.1.3.0/24, since R3 is in a different autonomoussystem than R1 and R2

D. through R3, because R1 will only have a summary (type 3) LSA from R2

Answer: B

Section: (none)


QUESTION 206Refer to the exhibit. In this network, what path will traffic destined to 10.1.3.1 take when it arrives at R5?

A. R5 will not have a path to 10.1.3.0/24, because the summary (type 3) LSA advertised by R1 into Area 1 willnot bereadvertised back into Area 0 by R3.

B. R5 will not have a path to 10.1.3.0/24, because R2 is in a different autonomous system than R1 or R3.

C. The traffic will take the path R4, R3, R2, R1 because this is the lowest cost path from R5 to 10.1.3.0/24.

D. The traffic will take the path R5, R3, R2, R1, because OSPF always prefers paths within areas to paths thatpass through other areas.

Answer: A

Section: (none)


QUESTION 207Refer to the exhibit. In this network, what path will traffic arriving at R4 and destined to 10.1.5.1 take?

A. It will follow the default route with the lowest metric, through R2.

B. It will choose the path through R3, because that is the shortest path to the destination (10+20 = 30 versus15+20 = 35), based on the border router (type 4) LSAs generated by R2 and R3.

C. R4 will not have a route to 10.1.5.0/24, so it will drop the traffic.

D. It will load-share between the two paths, because the two default routes injected into Area 1 are of equalcost.

Answer: B

Section: (none)


QUESTION 208Refer to the exhibit. In this network, what result will there be if the link between R1 and R3 fails, in relation toR4's route to 10.1.5.0/24?

A. R1 will not be originating a route for 10.1.5.0/24 into the network.

B. R4 will receive a new network LSA from R3 noting that R3 has lost its connection to 10.1.1.0/24. Based onthis information, R4 will run SPF and find an alternate path to 10.1.5.0/24 through R2.

C. R4 will receive new router LSAs from both R3 and R1, noting that they no longer connect to each other.Based on these LSAs, R4 will run SPF and find an alternate path to 10.1.5.0/24 through R2.

D. R4 will continue forwarding traffic for 10.1.5.0/24 to R3, since that is the ABR connecting it to Area 1, thearea within which 10.1.5.0/24 is located.

Answer: A

Section: (none)


QUESTION 209

Refer to the exhibit. Assume all the links in this network are internal OSPF links. What will the result beif the link between R1 and R3 fails, in regards to R4's path to 10.1.5.0/24?

A. R3 will generate a new summary (type 3) LSA and flood it into Area 1. R4, on receiving this LSA, will runSPF and find an alternate path to 10.1.5.0/24 through R2.

B. R4's OSPF database and routing table will not be affected, since R4 will not have a route to 10.1.5.0/24.It will only have default routes originated by the ABRs, R2, and R3.

C. R3 will generate a new summary (type 3) LSA, and flood it into Area 1. R4's route to 10.1.5.0/24 will not beaffected by this new information, since it will be using the path through R2 whether or not the link betweenR1 and R3 is up.

D. R1 and R3 will each originate a new router (type 1) LSA, indicating they are no longer connected. When R4receives these two LSAs, it will run SPF and find the alternate path through R2.

Answer: B

Section: (none)


QUESTION 210Refer to the exhibit. In this network, traffic destined to 10.1.5.1 and arriving at R4 will take which path?

A. It will take the path through R2.

B. R4 will load-share the traffic arriving for 10.1.5.1 across the two paths, through R2 and R3, since both pathshave a cost of 30.

C. R4 will not have a path to 10.1.5.0/24, so the traffic will be dropped.

D. It will take the path through R3.

Answer: A

Section: (none)


QUESTION 211Refer to the exhibit. In this network, R1 is injecting 10.1.5.0/24 using a network statement as a network(type 2) LSA. What LSAs will R6 have in its local database for 10.1.5.0/24?

A. R6 will not have any LSAs containing 10.1.5.0/24.

B. R6 will have the network (type 2) LSA generated by R1 in Area 1 containing 10.1.5.0/24.

C. R6 will have a summary (type 3) LSA containing 10.1.5.0/24, generated by either R2 or R3, the AreaBorder Routers for area 1.

D. R6 will have a summary (type 3) LSA containing 10.1.5.0/24, generated by R4 or R5, the Area BorderRouters for Area 2, its local area.

Answer: A

Section: (none)


QUESTION 212Refer to the exhibit. In this network, each router has a router ID as shown next to the router. While working on asoftware upgrade on R1 and R2, the network administrator notices that when the upgrade is finished, R4 is thedesignated router on the link. Is OSPF working correctly on this link, and why or why not?

v

A. Yes, OSPF will never allow an existing DR to be replaced when a new router is connected to a broadcastnetwork. In this case, the administrator has recently reloaded R1 and R2, so it would be expected that eitherR3 or R4 would be the DR on the link.

B. No, OSPF should always elect the router with the highest router ID as the designated router on the link. Theadministrator should call for technical support.

C. Yes, OSPF is operating correctly, because the router with the lowest router ID should always be electeddesignated router on a broadcast link.

D. There is not enough information provided in the question to answer accurately.

Answer: A

Section: (none)


QUESTION 213Which two of these are used in the selection of a root bridge in a network utilizing Spanning Tree Protocol IEEE802.1D? (Choose two.)

A. Designated Root Cost

B. bridge ID priority

C. max age

D. bridge ID MAC address

E. Designated Root Priority

F. forward delay

Answer: BD

Section: (none)


QUESTION 214What is the purpose of the STP PortFast BPDU guard feature?

A. enforce the placement of the root bridge in the network

B. ensure that a port is transitioned to a forwarding state quickly if a BPDU is received

C. enforce the borders of an STP domain

D. ensure that any BPDUs received are forwarded into the STP domain

Answer: C

Section: (none)


QUESTION 215If a Cisco switch is configured with VTPv2 in transparent mode, what is done with received VTPadvertisements?

A. They are discarded.

B. The contents of each VTP advertisement are altered to match the switch's VTP database and then theadvertisements are forward out alltrunking ports.

C. The contents of each VTP advertisement are ignored and the advertisements are forwarded out alltrunkingports.

D. The VTP database is altered according to the contents of each advertisement and then the advertisementsare forward out alltrunking ports.

Answer: C

Section: (none)


QUESTION 216In Frame Relay, FECN messages indicating congestion are sent or received by which of these?

A. received by the sender

B. sent by the sender

C. received by the destination

D. sent by the destination

Answer: C

Section: (none)


QUESTION 217Refer to the exhibit. In this network, BGP is configured to run as shown, with an autonomous systemboundary between R1 and R2. OSPF is running between R2, R3, and R4, advertising all connected links.The user at H1 calls and states that H1 cannot reach a server attached to 191.168.1.0/24.What is the most likely cause of the problem?

A. When R4 receives traffic for 192.168.1.0/24, it forwards the packets to R3. However, R3 does not have aroute to 192.168.1.0/24, so it is dropping the packets.

B. The next hop to 192.168.1.0/24 is on the 192.168.2.0/24 network. R3 does not have a route to192.168.2.0/24, so it will not install the route to 192.168.2.0/24.

C. The next hop to 10.1.2.0/24 is R3 (on the 10.1.1.0/24 network). R1 does not have a route to the 10.1.1.0/24network, so it will not install 10.1.2.0/24.

D. H1's default gateway is probablymisconfigured.

Answer: A

Section: (none)


QUESTION 218Refer to the exhibit. All the routers in this network are configured to advertise every link they are connected tousing BGP. BGP is configured as shown, with basic configurations (normal BGP peering for each session). Theuser at H1 calls and states that H1 cannot reach a server attached to 191.168.1.0/24, although it can contactaddresses on the 192.168.2.0/24 link.What is the most probable cause of the problem?

A. R3 will not install a route to 192.168.1.0/24 with a R1 as the next hop, because BGP speakers will not install a route where the next hop is learned through IBGP.

B. H1's default gateway is probablymisconfigured.

C. The next hop to 192.168.1.0/24 is on the 192.168.2.0/24 network. R3 does not have a route to192.168.2.0/24, so it will not install the route to 192.168.2.0/24.

D. The next hop to 192.168.1.0/24 is R2, but IBGP will not install a route with a directly-connected next hop.

Answer: A

Section: (none)


QUESTION 219Which of these is the best definition of Rapid Spanning Tree Protocol?

A. RSTP is the 802.1w standard that provides faster spanning tree convergence over 802.1D- 1998 after atopology change, and also includes features equivalent to STP BPDU guard, root guard, and loop guard.

B. RSTP is the 802.1w standard version of Cisco PVST+.

C. RSTP is the 802.1w standard that provides faster spanning-tree convergence over 802.1D- 1998 after atopology change, and includes features equivalent to CiscoPortFast, UplinkFast, and BackboneFast.

D. RSTP is the 802.1s and 802.1w standard that provides faster spanning-tree convergence over 802.1D-1998after a topology change.

Answer: C

Section: (none)


QUESTION 220Which three statements correctly describe Cisco spanning-tree features? (Choose three.)

A. RSTP edge ports operate identically to PVST+ host ports.

B. STP BPDUs are relayed by all non-root bridges and RSTP BPDUs are generated by each bridge.

C. RSTP and PVST+ both have root ports, designated ports, and backup ports.

D. RPVST+ converges faster than RSTP during a topology change.

E. RSTPcan only achieve rapid transition to Forwarding on edge ports and on point-to-point links.

F. RPVST+ and RSTP are both based upon the IEEE 802.1w specification.

Answer: BEF

Section: (none)


QUESTION 221Refer to the exhibit. Your network is primarily an OSPF network, but there are points of redistribution fromother routing protocols into your network. No route filtering has been implemented. Taking into account theoutput from the show ip ospf database command in the exhibit, which of these statements is true?

v

A. R101 is in Area 1, and Area 1 is a standard OSPF area

B. R101 is in Area 1, and Area 1 is an OSPF stub area

C. R101 is in Area 1, and Area 1 is an OSPF totally stubby area


E. R101is an ABR for Area 0 and Area 1

Answer: B

Section: (none)


QUESTION 222Refer to the exhibit. Your network is primarily an OSPF network, but there are points of redistribution from otherrouting protocols into your network. No route filtering has been implemented. Taking into account the outputfrom the show ip ospf database command in the exhibit, which of these statements is true?



C. R101 is in Area 1, and Area 1 is an OSPF totally stubby area


E. R101is an ABR for Area 0 and Area 1

Answer: C

Section: (none)


QUESTION 223Refer to the exhibit. Your network is primarily an OSPF network, but there are points of redistribution from otherrouting protocols into your network. No route filtering has been implemented. Taking into account the outputfrom the show ip ospf database command in the exhibit, which two of these statements are true? (Choose two.)

v


B. R106 is in Area 2, and Area 2 is an OSPF totally stubby area

C. R106 is in Area 2, and Area 2 is an OSPF not-so-stubby area

D. R106 is an ABR for Area 0 and Area 2

E. R106is an ASBR

Answer: CE

Section: (none)


QUESTION 224Your network is primarily an OSPF network, but there are points of redistribution from other routing protocolsinto your network. No route filtering has been implemented. Taking into account the output fromthe show ip ospf database command in the exhibit, which two of these statements are true? (Choose two.)



C. R106 is in Area 2, and Area 2 is an OSPF not-so-stubby area

D. R106 is an ABR for Area 0 and Area 2

E. R106is an ASBR

Answer: AE

Section: (none)


QUESTION 225Which three statements about class-maps are correct? (Choose three.)

A. The same class map can be referenced by different policy maps

B. The default matching strategy is "match-any."

C. Class map names are case-sensitive.

D. A class map can be referenced from within another class map.

E. Class maps only support named access lists.

F. Each class map can contain only one match statement.

Answer: ACD

Section: (none)


QUESTION 226Refer to the exhibit. In the diagram, the switches are running IEEE 802.1w RSPT. On which ports should rootguard be enabled in order to facilitate deterministic root bridge election under normal and failure scenarios?

A. GE-3/1, GE-3/2

B. FE-2/1, FE-3/2

C. GE-1/1, GE-1/2

D. GE-4/1, GE-4/2

E. GE-2/1, GE-2/2

F. GE-3/1, GE-3/2, GE-4/1, GE-4/2, FE-2/1, FE-3/2

Answer: F

Section: (none)


QUESTION 227Refer to the exhibit. R11 receives a packet destined for a network in Area 1. What routing table entry will R11have that will enable it to forward the packet?

A. a summary address generated by R1 and propagated through the OSPF domain

B. a default address generated by R1 and propagated through the OSPF domain

C. a summary address generated by R3 and propagated to R11

D. a default address generated by R3 and propagated to R11

Answer: A

Section: (none)


QUESTION 228Refer to the exhibit. R7 is redistributing routes that it learned from EIGRP into the OSPF process. R11 receivesa packet destined for a network in the EIGRP domain. What routing table entry will R11 have that will enable itto forward the packet?

A. the specific network entry redistributed by R7 and propagated through the OSPF domain

B. a summary route generated by R7 and propagated through the OSPF domain

C. a default route generated by R7 and propagated through the OSPF domain

D. a summary route generated by R1 and propagated through the OSPF domain

E. a summary route generated by R3 and propagated to R11

F. a default route generated by R3 and propagated to R11

Answer: F

Section: (none)


QUESTION 229Refer to the exhibit. R7 (in Area 1) is redistributing routes that it learned from EIGRP into the OSPF process.R12 (in Area 4) receives a packet destined for a network in the EIGRP domain. What routing table entry willR12 have that will enable it to forward the packet?

A. the specific network entry redistributed by R7 and propagated through the OSPF domain

B. a summary route generated by R7 and propagated through the OSPF domain

C. a default rout e generated by R7 and propagated through the OSPF domain

D. a summary route generated by R4 and propagated to R12

E. a default route generated by R4 and propagated to R12

Answer: E

Section: (none)


QUESTION 230Refer to the exhibit. Packets from hosts attached to R3 and destined to network 10.100.2.0 are being dropped.Which two of these are possible solutions to this problem? (Choose two.)

A. Disable BGP synchronization on R2.

B. Disable BGP synchronization on R3.

C. Set the next-hop-self command on R2 for neighbor R3.

D. Enable EBGPmultihop between R2 and R3.

E. Redistribute the serial link network between R2 and R5 into R2's IGP.

Answer: CE

Section: (none)


QUESTION 231What is the most significant feature added to IGMPv2 that was lacking in IGMPv1?

A. Hosts can request to join multicast groups instead of waiting until queried by routers.

B. Hosts can send leave messages to routers instead of just silently leaving multicast groups.

C. Routers can send out queries on subnets to discover which multicast groups are active or inactive.

D. Routers can inform switch when hosts joins multicast groups so the switches can track group membersand forward only to members of each group.

Answer: B

Section: (none)


QUESTION 232Refer to the exhibit. Voice traffic is marked "precedence 5." How much bandwidth is allocated for voice trafficduring periods of congestion?

A. a minimum of 48 kb/s

B. a maximum of 48 kb/s

C. a minimum of 48% of the available bandwidth

D. a maximum of 48% of the available bandwidth

Answer: B

Section: (none)


QUESTION 233Refer to the exhibit. What is the overall type of queuing being used on the outgoing data for interfaceEthernet0/1?

A. LLQ

B. FIFO

C. CBWFQ

D. priority queuing

E. weighted fair queuing

F. IP RTP priority queuing

Answer: A

Section: (none)


QUESTION 234Which of these is true concerning the configuration of the bandwidth parameter within a class map

in a policy map?

A. a maximum bandwidth guarantee is provided for this class

B. a minimum bandwidth guarantee is provided for the entire policy map

C. a maximum bandwidth guarantee is provided for the entire policy map

D. a minimum bandwidth guarantee is provided for this class

E. no bandwidth guarantee is provided; this is only used for calculating routing protocol metrics

Answer: D

Section: (none)


QUESTION 235The election of the IGMP querier router on a subnet is based upon which of these?

A. the lowest IP address

B. the highest IP address

C. the Designated Router Priority field in the IGMP query packet

D. the highest MAC address

Answer: A

Section: (none)


QUESTION 236If a host leaving multicast group 239.1.1.1 sends an IGMP Leave message, how will the IGMP querier routerrespond?

A. by immediately shutting off the flow of all 239.1.1.1 multicast traffic to the subnet

B. by sending an IGMP group-specific query on the subnet with a destination IP address of 239.1.1.1, tosee if any other host is still joined to the group

C. by shutting off the flow of all 239.1.1.1 multicast traffic to the subnet, but only after waiting for a period of 10seconds to see if another host sends an IGMP "Leave Override" message to override the other host's Leavemessage

D. by sending an IGMP group-specific query on the subnet with a destination IP address of the "All-Multicast-Hosts" address of 224.0.0.1, to see if any other host is still joined to the group

E. by sending an IGMP general query on the subnet with a destination IP address of the "All-Multicast-Hosts"address of 224.0.0.1 to see if any other host is still joined to the group

Answer: B

Section: (none)


QUESTION 237An IGMPv3 host that wishes to join multicast group 239.1.1.1 should send an unsolicited IGMPv3 membership

report with the destination IP address set to which of these?

A. the link-local multicast group address of 224.0.0.13

B. the multicast group address of the group being joined

C. the link-local multicast group address of 224.0.0.22

D. the address of the IGMPquerier router on the local subnet

Answer: C

Section: (none)


QUESTION 238You are the network administrator of an enterprise with a main site and multiple remote sites. Your networkcarries both VOIP and data traffic. You agree with your service provider to classify VOIP and data trafficaccording to the different service RFCs. How can your data and VOIP traffic be marked?

A. data marked with DSCP AF21, VOIP marked with DSCP EF

B. data marked with DSCP AF51, VOIP marked with DSCP EF

C. data marked with the DE-bit, VOIP marked with the CLP-bit

D. data marked with DSCP EF, VOIP marked with DSCP AF31

E. data marked with IP precedence 5, VOIP marked with DSCP EF

Answer: A

Section: (none)


QUESTION 239Refer to the exhibit. When applying this hierarchical policy map on the on the tunnel1 interface, you measurehigh jitter for traffic going through class 1234. What is the most likely cause of this jitter?

A. The configuration of a hierarchical policy map on a tunnel interface is not supported.

B. Class 5555 and class 5554 are both taking up 100% of the bandwidth, leaving nothing for class 1234.

C. The burst size for the traffic shaping is wrongly configured to 15000; this would require an interfacecapable of sending at 150Mb/s.

D. The burst size for the traffic shaping has been wrongly configured; it should be set as low as possible.

E. The burst size for the traffic shaping has been wrongly configured; it should be set as high as possible.

Answer: D

Section: (none)


QUESTION 240Refer to the exhibit. When applying this policy map on the tunnel1 interface, you see packet loss for the TCPclass starting at around 100000 b/s, instead of the configured 150000 b/s. What is the most likely cause of thediscrepancy?

A. The violate-action command should not be configured.

B. The current configuration of the load-interval command on the tunnel interface is preventing proper policingcalculations.

C. The burst size is too low.

D. Policing on tunnel interfaces is not supported.

E. The CIR keyword is missing in thepolicer.

Answer: C

Section: (none)


QUESTION 241Refer to the exhibit. As a network administrator, you have configured a dual-rate, dual-bucket policer inaccordance with RFC 2698 on the serial interface of you router, connecting to your provider. The SLA with yourprovider states that you should only send AF31 (limited to 150 kb/s), AF32 (limited to 50 kb/s) and AF33 (besteffort). Your service provider claims you are not conforming to the SLA.Which two things are wrong with this configuration? (Choose two.)

A. The configuration of a service policy on half-duplex Ethernet interfaces is not supported.

B. The class class-default sub-command of the policy-map limit command should be set to the DSCP default.

C. The violate action is wrong.

D. Thispolicer configuration is not implementing RFC 2698 dual-bucket, dual-rate.

E. Thepolicer is configured in the wrong class.

Answer: CE

Section: (none)


QUESTION 242Refer to the exhibit. You have noticed that several users in the network are consuming a great deal ofbandwidth for the peer-to-peer application Kazaa2. You would like to limit this traffic, and at the same timeprovide a guaranteed 100 kb/s bandwidth for one of your servers. After applying the configuration in the exhibit,you notice no change in the bandwidth utilization on the serial link; it is still heavily oversubscribing the interface.What is the cause of this problem?

A. CEF needs to be enabled for NBAR.

B. In class Kazaa2, you should configure apolicer instead of a drop command.

C. The server class should have a priority of 100.

D. The bandwidth parameter on serial 0/0 is wrong.

E. Kazaa2is not a valid protocol.

Answer: A

Section: (none)


QUESTION 243All of these are fundamental building blocks of a differentiated services Traffic Conditioner Block except whichone?

A. dropper

B. classifier

C. marker

D. querier

E. meter

F. shaper

Answer: D

Section: (none)


QUESTION 244

You would like to provide guaranteed bandwidth for some applications across various tunnel interfaces.

These tunnels exit the router at the same physical interface. However, when you execute the show policy-mapinterface serial0/0 command, you do not see any matches for the FTP class. What is wrong?

A. The policy map mark should be configured on the tunnel interface.

B. Traffic should be policed first.

C. Theqos pre-classify command should be configured on the tunnel.

D. TheQoS tunnel should be specified in the policy map.

E. The default class has not been defined.

Answer: C

Section: (none)


QUESTION 245Refer to the exhibit. You would like to guarantee 7 Mb/s for FTP traffic in your LAN, as it seems that peer-to-peer traffic is taking up a large amount of bandwidth. When testing the configuration, you notice that FTP trafficdoesn't reach 7 Mb/s. What is the problem?

A. The Ethernet interface should havekeepalives enabled.

B. The duplex settings are wrong on the Ethernet interface.

C. Theqos pre-classify command should be removed from the tunnel interfaces.

D. the priority queue for the voice class is probably taking all the bandwidth

E. there are probably not enough interface buffers; they should be tuned.

Answer: B

Section: (none)


QUESTION 246You have two EBGP peers connected via two parallel serial lines. What should you do to be able to load-balance between two EBGP speakers over the parallel serial lines in both directions?

A. nothing, BGP automatically load-balances the traffic between different autonomous systems on all availablelinks

B. peer between theeBGP speaker's loopbacks, configuring eBGP multihop as required, and use an IGP toload-share between the two equal-cost paths between the loopback addresses

C. configure a loopback as update source for both EBGP peers and have on each AS an IGP to introduce twoequal-cost paths to reach the EBGP peer loopback address; it is also necessary to use the next-hop-selfcommand

D. use theebgp-load-balance command on the neighbor statement on both sides

E. configure a loopback as update source for both EBGP peers and have on each AS an IGP to introduce twoequal-cost paths to reach the peer loopback address; it is also necessary to use theebgp-multihop and next-hop-self commands

Answer: B

Section: (none)


QUESTION 247Spanning Tree Protocol calculates path cost based on which of these?

A. interface bandwidth

B. interface delay

C. interface bandwidth and delay

D. hop count

E. bridge priority

Answer: A

Section: (none)


QUESTION 248Refer to the exhibit. What type of issue does this error log indicate if the IP address in the error log is located offof the Router A WAN?

Page 179 of 251179

A. HSRP standby configuration error

B. HSRP burned-in address error

C. HSRP secondary address configuration error

D. this is not an HSRP problem, but rather an STP error or router or switch configuration issue

Answer: D

Section: (none)


QUESTION 249What two features in Cisco switches help prevent Layer 2 loops? (Choose two.)

A. UniDirectional Link Detection

B. Hot Standby Router Protocol


D. PortFast

E. root guard

F. loop guard

Answer: AF

Section: (none)


QUESTION 250IPv4 multicast addresses in which range are considered link-local multicast addresses?

A. 239.0.0.0239.255.255.255

B. 224.0.1.0224.0.1.255

C. 224.0.0.0224.0.0.255

D. 224.0.0.0239.255.255.255

Answer: C

Section: (none)


QUESTION 251IP multicast addresses in which range are reserved by the IANA for Source Specific Multicast?

A. 239.0.0.0239.255.255.255

B. 232.0.0.0232.0.0.255

C. 233.0.0.0233.255.255.255

D. 232.0.0.0232.255.255.255

Answer: D

Section: (none)


QUESTION 252A multicast application is being deployed within the enterprise network. The scope of the application's multicasttraffic is to remain entirely within the enterprise network. From which address range should the multicastaddress be assigned for this application?

A. The enterprise should apply to IANA to have an address permanently assigned to this application.

B. The network administrator should assign an address in the address range 232.0.0.0232.255.255.255 to theapplication.

C. The network administrator can pick any IP multicast address for use by the application since the applicationscope is entirely within the enterprise network and will not conflict with global Internet multicast.

D. The network administrator should assign an address from the administratively scoped address range(239.0.0.0239.255.255.255) to the application.

Answer: D

Section: (none)


QUESTION 253In PIM-SM what control plane signaling must a multicast source perform before it begins to send multicasttraffic to a group?

A. The source must send a PIM Register message to the rendezvous point (RP).

B. The source must first join the multicast group using IGMP before sending.

C. The source must perform a Request to Send (RTS) and Clear to Send (CTS) handshake with the PIMdesignated router (DR).

D. No control plane signaling needs to be performed; the source can simply begin sending on the local subnet.

Answer: D

Section: (none)


QUESTION 254Which two of these statements correctly describe classic PIM-SM? (Choose two.)

A. The IOS default is for a last-hop router to trigger a switch to the shortest path tree as soon as a new sourceis detected on the shared tree.

B. The IOS default is for every one of the routers on the shared tree to trigger a switch to the shortest path treeas soon as a new source is detected on the shared tree. Page 181 of 251 181

C. The default behavior of switching to the shortest path tree as soon as a new source is detected on theshared tree can be disabled by setting the value in theip pim spt-threshold command to "infinity."

D. The default behavior of switching to the shortest path tree as soon as a new source is detected on theshared tree can be disabled by setting the value in theip pim spt-threshold command to "zero."

Answer: AC

Section: (none)


QUESTION 255Under which two circumstances would an RSTP bridge flush its CAM table? (Choose two.)

A. upon a port state change

B. upon receiving a topology change notification

C. when transitioning from discarding to forwarding

D. when transitioning from forwarding to discarding

E. only when changing from listening to discarding

F. whenCAM resources have been completely used up

Answer: BC

Section: (none)


QUESTION 256Which of these correctly identifies a difference between the way BPDUs are handled by 802.1w and802.1D?

A. 802.1D bridges do not relay BPDUs.

B. 802.1w bridges do not relay BPDUs.

C. 802.1D bridges only relay BPDUs received from the root.

D. 802.1w bridges only relay BPDUs received from the root.

Answer: C

Section: (none)


QUESTION 257NBAR supports all of these with the exception of which one?

A. HTTP

B. IP multicastPage 182 of 251182

C. TCP flows with dynamically assigned port numbers

D. non-UDP protocols

Answer: B

Section: (none)


QUESTION 258Modified deficit round robin supports which of these functionalities?

A. priority queue

B. weighted fair queues

C. round-robin service of output queues

D. LLQ

Answer: AC

Section: (none)


QUESTION 259Modified deficit round robin supports how many queues, including the priority queue?

A. 4

B. 8

C. 32

D. 64

Answer: B

Section: (none)


QUESTION 260QPPB allows which of these marking behaviors?

A. the use of NBAR to associate an IP Precedence to a packet

B. the assigning of a specific BGP attribute based on the IP precedence and DSCP of the inbound packet

C. the assigning of only a specific BGP community based on the ingress packet DSCP marking

D. QPPB provides no marking or classification behaviors.

Answer: B

Section: (none)


QUESTION 261WRED has which two of these characteristics? (Choose two.)

A. non-IP traffic is given the lowest priority and is more likely to be dropped

B. when the minimum threshold is crossed, WRED begins dropping all incoming packets (tail- drop)

C. global synchronization is avoided by selectively dropping packets from multiple TCP flows

D. low-bandwidth flows experience packet drop at a higher rate than higher bandwidth flows

Answer: AC

Section: (none)


QUESTION 262Which IPv6 address would you ping to determine if OSPFv3 is able to send and receive unicast packets acrossa link?

A. anycast address

B. site-local multicast

C. global address of the link

D. unique local address

E. link-local address

Answer: E

Section: (none)


QUESTION 263You are seeing a Denial of Service (DoS) attack against an edge router connected to another network.Deploying which of these will do the most to protect the router?

A. Netflow

B. CoPP (Control Plane Policing)

C. Cisco IOS IPS

D. AutoSecure

E. CBAC (Context-Based Access Control)

F. AAA

Answer: B

Section: (none)


QUESTION 264When configuring EIGRP routing over DMVPN (mGRE tunnel), which two actions need to be performed on thehub router? (Choose two.)

A. add the enableeigrp stub command

B. enable NHRP multicast and broadcast static map entry

C. add the disableeigrp as-member split-horizon command

D. add the disableeigrp as-member next-hop-self command

E. set the NHRP hold time to match the EIGRP hold time

Answer: CD

Section: (none)


QUESTION 265Which of these statements accurately identifies how Unicast Reverse Path Forwarding can be employed toprevent the use of malformed or forged IP sources addresses?

A. It is applied only on the input interface of a router.

B. It is applied only on the output interface of a router.

C. It can be configured either on the input or output interface of a router.

D. It cannot be configured on a router interface.

E. It is configured under any routing protocol process.

Answer: A

Section: (none)


QUESTION 266All of these port states are used by RSTP+ with the exception of which one?

A. Listening

B. Forwarding

C. Discarding

D. Blocking

E. Learning

F. Backup

Answer: C

Section: (none)


QUESTION 267Based on the information in the exhibit, which statement is true?

A. RTC will be able to access the 10.0.0.0 network.

B. RTC will not have the 10.0.0.0 network in its routing table.

C. RTC will not have the 192.168.10.0 network in its routing table.

D. RTB will not have the 10.0.0.0 network in its routing table.

E. RTBand RTC will not have the 10.0.0.0 network in their routing tables.

Answer: B

Section: (none)


QUESTION 268What is IPv6 router solicitation?

A. a request made by a node for the IP address of the local router

B. a request made by a node for a DHCP provided IP address

C. a request made by a node for the IP address of the DHCP server

D. a request made by a node to join a specified multicast group

Answer: A

Section: (none)


QUESTION 269What is the purpose of an explicit "deny any" statement at the end of an ACL?

A. none, since it is implicit

B. to enable Cisco lOS IPS to work properly; however, it is the deny all traffic entry that is actually required

C. to enable Cisco lOS Firewall to work properly; however, it is the deny all traffic entry that is actually required

D. to allow the log option to be used to log any matches

E. to prevent sync flood attacks

F. to prevent half-opened TCP connections

Answer: D

Section: (none)


QUESTION 270Which of these is mandatory when configuring Cisco IOS Firewall?

A. Cisco IOS IPS enabled on the untrusted interface

B. NBAR enabled to perform protocol discovery and deep packet inspection

C. a route map to define the trusted outgoing traffic

D. a route map to define the application inspection rules

E. an inbound extended ACL applied to the untrusted interface

Answer: E

Section: (none)


QUESTION 271Which statement correctly describes the disabling of IP TTL propagation in an MPLS network?

A. The TTL field from the IP packet is copied into the TTL field of the MPLS label header at the ingress edgeLSR.

B. TTL propagation cannot be disabled in an MPLS domain.

C. TTL propagation is only disabled on the ingress edge LSR,

D. The TTL field of the MPLS label header is set to 255.

E. The TTL field of the IP packet is set to 0.

Answer: D

Section: (none)


QUESTION 272

Two routers configured to run BGP have been connected to a firewall, one on the inside interface and one onthe outside interface. BGP has been configured so the two routers should peer, including the correct BGPsession endpoint addresses and the correct BGP session hop-count limit (EBGP multihop). What is a good firsttest to see if BGP will work across the firewall?

A. Attempt to TELNET from the router connected to the inside of the firewall to the router connected to theoutside of the firewall. If telnet works, BGP will work, since telnet and BGP both use TCP to transport data.

B. Ping from the router connected to the inside interface of the firewall to the router connected to the outsideinterface of the firewall. If you can ping between them, BGP should work, since BGP uses IP to transportpackets.

C. There is no way to make BGP work across a firewall without special configuration, so there is no simple testthat will show you if BGP will work or not, other than trying to start the peering session.


Answer: A

Section: (none)


QUESTION 273Spanning Tree Protocol IEEE 802.1 s defines the ability to deploy which of these?

A. one global STP instance for all VLANs

B. one STP instance for each VLAN

C. one STP instance per set of VLANs

D. one STP instance per set of bridges

Answer: C

Section: (none)


QUESTION 274a root bridge in a network utilizing Spanning Tree Protocol IEEE 802.1 D? (Choose two.

A. Designated Root Cost

B. bridge ID priority

C. max age

D. bridge ID MAC address

E. Designated Root Priority

F. forward delay

Answer: BD

Section: (none)


QUESTION 275

If a port configured with STP loop guard stops receiving BPDUs, the port will be put into which state?

A. learning state

B. listening state

C. forwarding state

D. root-inconsistent state

Answer: D

Section: (none)


QUESTION 276What is the purpose of the STP PortFast BPDU guard feature?

A. enforce the placement of the root bridge in the network

B. ensure that a port is transitioned to a forwarding state quickly if a BPDU is received

C. enforce the borders of an STP domain

D. ensure that any BPDUs received are forwarded into the STP domain

Answer: C

Section: (none)


QUESTION 277When STP UplinkFast is enabled on a switch utilizing the default bridge priority, what will the new bridge prioritybe changed to?

A. 8192

B. 16384

C. 49152

D. 65535

Answer: C

Section: (none)


QUESTION 278Which of these best describes the actions taken when a VTP message is received on a switch configured withthe VTP mode "transparent"?

A. VTP updates are ignored and forwarded out all ports.

B. VTP updates are ignored and forwarded out trunks only.

C. VTP updates are made to the VLAN database and are forwarded out trunks only.

D. VTP updates are ignored and are not forwarded.

Answer: B

Section: (none)


QUESTION 279Refer to the exhibit. In this network, R1 has been configured to advertise a summary route, 192.168.0.0/22, toR2. R2 has been configured to advertise a summary route, 192.168.0.0/21, to R1. Both routers have beenconfigured to remove the discard route (the route to null created when

a summary route is configured) by setting the administrative distance of the discard route to 255.

What will happen if R1 receives a packet destined to 192.168.3.1 ?

A. The packet will loop between R1 and R2.

B. It is not possible to set the administrative distance on a summary to 255.

C. The packet will be forwarded to R2, where it will be routed to nullO.

D. The packet will be dropped by R1, since there is no route to 192.168.3.1.

Answer: A

Section: (none)


QUESTION 280Refer to the exhibit. In this network, R1 is configured not to perform autosummarization within EIGRP. Whatroutes will R3 learn from R2 through EIGRP?

A. 172.30.1.0/24 and 10.1.2.0/24; EIGRP only performs autosummarization at the edqe between two majornetworks.

B. 172.30.0.0/16 and 10.1.2.0/24; R2 will perform autosummarization, although R1 will not.

C. Since R2 is configured without autosummarization, it will not propagate the 172.30.1.0/24 route.

D. 172.30.0.0/8 and 10.0.0.0/8.

Answer: A

Section: (none)


QUESTION 281The classic Spanning Tree Protocol (802.1 D 1998) uses which sequence of variables to determine the bestreceived BPDU?

A. 1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest port id, 4) lowest root path cost Page 190 of251190

B. 1) lowest root path cost, 2) lowest root bridge id, 3) lowest sender bridge id, 4) lowest sender port id

C. 1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest root path cost 4) lowest sender port id

D. 1) lowest root bridge id, 2) lowest root path cost, 3) lowest sender bridge id, 4) lowest sender port id

Answer: D

Section: (none)


QUESTION 282Which three port states are used by RSTP 802.1w? (Choose three.)

A. Listening

B. Learning

C. Forwarding

D. Blocking

E. Discarding

F. Disabled

Answer: BCE

Section: (none)


QUESTION 283Refer to the exhibit. Catalyst R is the root bridge for both VLAN 1 and VLAN 2. What is the easiest way to load-share traffic across both trunks and maintain redundancy in case a link fails, without using any type ofEtherChannel link-bundling?

A. Increase the root bridge priority (increasing the numerical priority number) for VLAN 2 on Catalyst D so thatport D2 becomes the root port on Catalyst D for VLAN 2.

B. Decrease the port priority on R2 for VLAN 2 on Catalyst R so that port D1 will be blocked for VLAN 2 andport D2 will remain blocked for VLAN 1.

C. Decrease the path cost on R2 on Catalyst R for VLAN 2 so that port D1 will be blocked for VLAN 2 and portD2 will remain blocked for VLAN 1.

D. Increase the root bridge priority (decreasing the numerical priority number) for VLAN 2 on Catalyst R so thatR2 becomes the root port on Catalyst D for VLAN 2.

Answer: B

Section: (none)


QUESTION 284Refer to the exhibit. In the diagram, the switches are running IEEE 802.1s MST. Which ports are in the MSTblocking state?

A. GE-1/2andGE2/1

B. GE-1/1 and GE-2/2

C. GE-3/2 and GE 4/1

D. no ports are in the blocking state

E. There is not enough information to determine which ports are in the blocking state.

Answer: D

Section: (none)


QUESTION 285

Refer to the exhibit. In the diagram, the switches are running IEEE 802.1 w RSPT. On which ports should rootguard be enabled in order to facilitate deterministic root bridge election under normal and failure scenarios?

A. GE-3/1, GE-3/2

B. FE-2/1, FE-3/2

C. GE-1/1.GE-1/2

D. GE-4/1, GE-4/2

E. GE-2/1, GE-2/2

F. GE-3/1, GE-3/2, GE-4/1, GE-4/2, FE-2/1, FE-3/2

Answer: F

Section: (none)


QUESTION 286Loop guard and UniDireclional Link Detection both protect against Layer 2 STP loops. In which two ways doesloop guard differ from UDLD in loop detection and prevention? (Choose two.

A. Loop guard can be used with root guard simultaneously on the same port on the same VLAN while UDLDcannot.

B. UDLD protects against STP failures caused by cabling problems that create one-way links.

C. Loop guard detects and protects against duplicate packets being received and transmitted on differentports.

D. UDLD protects against unidirectional cabling problems on copper and fiber media.

E. Loop guard protects against STP failures caused by problems that result in the loss of BPDUs from adesignated switch port.

Answer: BE

Section: (none)


QUESTION 287Refer to the exhibit. Voice traffic is marked "precedence 5." How much bandwidth is allocated for voice trafficduring periods of congestion?

A. a minimum of 48 kb/s

B. a maximum of 48 kb/s

C. a minimum of 48% of the available bandwidth

D. a maximum of 48% of the available bandwidth

Answer: B

Section: (none)


QUESTION 288

Refer to the exhibit. Which of these is applied to the Bearer class?

A. wred

B. traffic shaping

C. packet marking

D. packet classification

E. FIFO queuing within the class

Answer: E

Section: (none)


QUESTION 289Refer to the exhibit. What is the overall type of queuing being used on the outgoing data for interfaceEthernetO/1?

A. LLQ

B. FIFO

C. CBWFQ

D. priority queuing

E. weighted fair queuing

Answer: A

Section: (none)


QUESTION 290Which two of these are differences between traffic policing and traffic shaping? (Choose two.)

A. with traffic shaping, a router stores excess traffic in packet buffers until bandwidth is available again

B. with policing you can tune the buffer usage for traffic exceeding the specified CIR

C. with shaping you can tune the buffer usage for traffic exceeding the specified CIR

D. shaping should only be applied for ingress traffic, policing only for egress

E. policing uses a token bucket algorithm, shaping uses an SPD algorithm

Answer: AC

Section: (none)


QUESTION 291Which of these is a valid differentiated services PHB?

A. Guaranteed PHB

B. Class-Selector PHB

C. Reserved Forwarding PHB

D. Discard Eligible PHB

E. Priority PHB

Answer: B

Section: (none)


QUESTION 292An expanding company is deploying leased lines between its main site and two remote sites. The bandwidth ofthe leased lines is 128kb/s each, terminated on different serial interfaces on the main router. These links areused for combined VOIP and data traffic. The network administrator has implemented a VOIP solution toreduce costs, and has therefore reserved sufficient bandwidth in a low latency queue on each interface for theVOIP traffic. Users now complain about bad voice quality although no drops are observed in the low latencyqueue. What action will likely fix this problem?

A. mark VOIP traffic with IP precedence 6 and configure only fair-queue' on the links

B. configure the scheduler allocate 3000 1000 command to allow the OoS code to have enough CPU cycles

C. enable class-based traffic shaping on the VOIP traffic class

D. enable Layer 2 fragmentation and interleaving on the links

E. enable Frame Relay on the links and send voice and data on different Frame Relay PVCs

Answer: D

Section: (none)


QUESTION 293You are the network administrator of an enterprise with a main site and multiple remote sites. Your networkcarries both VOIP and data traffic. You agree with your service provider to classify VOIP and data trafficaccording to the different service RFCs. How can your data and VOIP traffic be marked?

A. data marked with DSCP AF21, VOIP marked with DSCP EF

B. data marked with DSCP AF51, VOIP marked with DSCP EF

C. data marked with the DE-bit. VOIP marked with the CLP-bit

D. data marked with DSCP EF, VOIP marked with DSCP AF31

E. data marked with IP precedence 5, VOIP marked with DSCP EF

Answer: A

Section: (none)


QUESTION 294Refer to the exhibit. When applying this hierarchical policy map on the on the tunnell interface, you measurehigh jitter for traffic going through class 1234. What is the most likely cause of this jitter?

A. The configuration of a hierarchical policy map on a tunnel interface is not supported.

B. Class 5555 and class 5554 are both taking up 100% of the bandwidth, leaving nothing for class 1234.

C. The burst size for the traffic shaping is wrongly configured to 15000; this would require an interface capableof sending at 150Mb/s.

D. The burst size for the traffic shaping has been wrongly configured; it should be set as low as possible.

E. The burst size for the traffic shaping has been wrongly configured; it should be set as high as possible.

Answer: D

Section: (none)


QUESTION 295Refer to the exhibit. When applying this policy map on the tunneM interface, you see packet loss for the TCPclass starting at around 100000 b/s. instead of the configured 150000 b/s. What is the most likely cause of thediscrepancy?

A. The violate-action command should not be configured.

B. The current configuration of the load-interval command on the tunnel interface is preventing proper policingcalculations.

C. The burst size is too low.

D. Policing on tunnel interfaces is not supported.

E. The CIR keyword is missing in the policer.

Answer: C

Section: (none)


QUESTION 296Refer to the exhibit. As a network administrator, you have configured a dual-rate, dual-bucket policer inaccordance with RFC 2698 on the serial interface of you router, connecting to your provider. The SLA with yourprovider states that you should only send AF31 (limited to 150 kb/s), AF32 (limited to 50 kb/s)and AF33 (besteffort). Your service provider claims you are not conforming to the SLA. Which two things are wrong with thisconfiguration? (Choose two.)

A. The configuration of a service policy on half-duplex Ethernet interfaces is not supported.

B. The class class-default sub-command of the policy-map limit command should be set to the DSCP default.

C. The violate action is wrong.

D. This policer configuration is not implementing RFC 2698 dual-bucket, dual-rate.

E. Thepolicer is configured in the wrong class.

Answer: CE

Section: (none)


QUESTION 297Refer to the exhibit. You have noticed that several users in the network are consuming a great deal ofbandwidth for the peer-to-peer application Kazaa2. You would like to limit this traffic, and at the same timeprovide a guaranteed 100 kb/s bandwidth for one of your servers. After applying the configuration in the exhibit,you notice no change in the bandwidth utilization on the serial link; it is still heavily oversubscribing the interface.What is the cause of this problem?

A. CEF needs to be enabled for NBAR.

B. In class Kazaa2, you should configure a policer instead of a drop command.

C. The server class should have a priority of 100.

D. The bandwidth parameter on serial 0/0 is wrong.

E. Kazaa2 is not a valid protocol.

Answer: A

Section: (none)


QUESTION 298All of these are fundamental building blocks of a differentiated services Traffic Conditioner Block except whichone?

A. dropper

B. classifier

C. marker

D. querier

E. meter

F. shaper

Answer: D

Section: (none)


QUESTION 299Refer to the exhibit. You would like to guarantee 7 Mb/s for FTP traffic in your LAN, as it seems that peer-to-peer traffic is taking up a large amount of bandwidth. When testing the configuration, you notice that FTP trafficdoesnl reach 7 Mb/ s. What is the problem?

A. The Ethernet interface should have keepalives enabled.

B. The duplex settings are wrong on the Ethernet interface.

C. The qos pre-classify command should be removed from the tunnel interfaces.

D. the priority queue for the voice class is probably taking all the bandwidth

E. there are probably not enough interface buffers; they should be tuned.

Answer: B

Section: (none)


QUESTION 300Which types of prefixes will a router running BGP most likely advertise to an IBGP peer, assuming it is notconfigured as a route reflector?

A. prefixes received from any other BGP peer and prefixes locally originated via network statements orredistributed

B. all prefixes in its routing table

C. prefixes received from EBGP peers and prefixes locally originated via network statements or redistributed

D. prefixes received from EBGP peers and prefixes received from route reflectors

E. prefixes received from other IBGP peers, prefixes received from EBGP peers, and prefixes redistributed toBGP

F. prefixes received from other IBGP peers and prefixes received from route reflectors

Answer: C

Section: (none)


QUESTION 301You have two EBGP peers connected via two parallel serial lines. What should you do to be able to load-balance between two EBGP speakers over the parallel serial lines in both directions?

A. nothing, BGP automatically load-balances the traffic between different autonomous systems on all availablelinks

B. peer between the eBGP speaker's loopbacks, configuring eBGP multihop as required, and use an IGP toload-share between the two equal-cost paths between the loopback addresses

C. configure a loopback as update source for both EBGP peers and have on each AS an IGP to introduce twoequal-cost paths to reach the EBGP peer loopback address; it is also necessary to use the next-hop-selfcommand

D. use the ebgp-load-balance command on the neighbor statement on both sides

E. configure a loopback as update source for both EBGP peers and have on each AS an IGP to introduce twoequal-cost paths to reach the peer loopback address; it is also necessary to use the ebgp-multihop andnext-hop-self commands

Answer: B

Section: (none)


QUESTION 302

Which three of these statements about penultimate hop popping are true? (Choose three.)

A. It is used only for directly connected subnets or aggregate routes.

B. It can only be used with LDP.

C. It is only used when two or more labels are stacked.

D. It enables the Edge LSR to request a label pop operation from its upstream neighbors.

E. It is requested through TDP using a special label value that is also called the implicit-null value.

F. It is requested through LDP using a special label value that is also called the implicit-null value.

Answer: ADF

Section: (none)

Explanation/Reference:Page 203 of 251203

QUESTION 303Which of these best identifies the types of prefixes a router running BGP will advertise to an EBGP peer?

A. prefixes received from any other BGP peer and prefixes locally originated via network statements orredistributed to BGP

B. all prefixes in its IP routing table.

C. only prefixes received from EBGP peers and prefixes locally originated via network statements orredistributed.

D. only prefixes received from EBGP peers and prefixes received from route reflectors.

E. all prefixes in its routing table except the prefixes received from other EBGP peers.

F. all prefixes in its routing table except the prefixes received from other IBGP peers.

Answer: A

Section: (none)


QUESTION 304Which standard supports multiple instances of spanning tree?

A. 802.1 D

B. 802.1s

C. 802.1w

D. 802.1 z

Answer: B

Section: (none)


QUESTION 305

Spanning Tree Protocol calculates path cost based on which of these:

A. interface bandwidth

B. interface delay

C. interface bandwidth and delay

D. hop count

E. bridge priority

Answer: A

Section: (none)


QUESTION 306Refer to the exhibit. What type of issue does this error log indicate if the IP address in the error log is located offof the Router A WAN?

A. HSRP standby configuration error

B. HSRP burned-in address error

C. HSRP secondary address configuration error

D. this is not an HSRP problem, but rather an STP error or router or switch configuration issue

Answer: D

Section: (none)


QUESTION 307What two features in Cisco switches help prevent Layer 2 loops? (Choose two.

A. Unidirectional Link Detection

B. Hot Standby Router Protocol


D. PortFast

E. root guard

F. loop guard

Answer: AF

Section: (none)


QUESTION 308Refer to the exhibit. Which switching feature is being tested?

A. loop guard

B. PortFast

C. root guard

D. BDPU guard

Answer: A

Section: (none)


QUESTION 309Refer to the exhibit. This exhibit shows the NAT configuration for Router A and the output for a ping issued fromdevice 171.68.200.48 and destined to 172.16.47.142. Based on this information, what change must be made to Router A in order for the ping to work?

A. reload the router

B. clear the route cache

C. add a static route

D. configure IP as classless

E. load a newer IOS image

Answer: D

Section: (none)


QUESTION 310In PIM-SM what control plane signaling must a multicast source perform before it begins to send multicasttraffic to a group?

A. The source must send a PIM Register message to the rendezvous point (RP).

B. The source must first join the multicast group using IGMP before sending.

C. The source must perform a Request to Send (RTS) and Clear to Send (CTS) handshake with the PIMdesignated router (DR).

D. No control plane signaling needs to be performed; the source can simply begin sending on the local subnet.

Answer: D

Section: (none)


QUESTION 311Which of these statements about PIM join messages in classic PIM-SM is correct?

A. PIM join messages are sent every 60 seconds to refresh the upstream router's mroute state for themulticast tree.

B. Routers send a PIM join acknowledgement in response to each PIM join message received from adownstream router.

C. PIM join messages are only sent when the multicast distribution tree is first being established.

D. PIM join messages are sent every three minutes to refresh the upstream router's mroute state for themulticast tree.

Answer: A

Section: (none)


QUESTION 312The ip pim autorp listener command is used to do which of these?

A. enable a Cisco router to "passively" listen to Auto-RP packets without the router actively sending orforwarding any of the packets

B. allow Auto-RP packets in groups 224.0.1.39 and 224.0.1.40 to be flooded in dense mode out interfacesconfigured with the ip pim sparse-mode command

C. enable the use of Auto-RP on a router

D. configure the router as an Auto-RP mapping agent

Answer: B

Section: (none)


QUESTION 313In order to configure two routers as anycast RPs, which of these requirements, af a minimum, must besatisfied?

A. Multicast Source Discovery Protocol mesh-groups must be configured between the two anycast RPs.

B. The RPs must be within the same IGP domain.

C. Multicast Source Discovery Protocol must be configured between the two anycast RPs.

D. The two anycast RPs must be IBGP peers.

Answer: C

Section: (none)


QUESTION 314Which two of these statements correctly describe classic PIM-SM? (Choose two.)

A. The lOS default is for a last-hop router to trigger a switch to the shortest path tree as soon as a new sourceis detected on the shared tree.

B. The lOS default is for every one of the routers on the shared tree to trigger a switch to the shortest path treeas soon as a new source is detected on the shared tree.

C. The default behavior of switching to the shortest path tree as soon as a new source is detected on theshared tree can be disabled by setting the value in the ip pirn spt-threshold command to "infinity.

D. The default behavior of switching to the shortest path tree as soon as a new source is detected on theshared tree can be disabled by setting the value in the ip pirn spt-threshold command to "zero."

Answer: AC

Section: (none)


QUESTION 315In Layer 2 topologies, spanning-tree failures can cause loops in the network. These unblocked loops can causenetwork failures because of excessive traffic. Which two Catalyst 6500 features can be used to limit excessivetraffic during spanning-tree loop conditions? (Choose two.)

A. loop guard

B. storm control

C. storm suppression

D. broadcast suppression

E. BPDU guard

Answer: BD

Section: (none)


QUESTION 316

Why does RSTP have a better convergence time than 802.1 D?

A. it is newer

B. it has smaller timers

C. it has less overhead

D. it is not timer-based

Answer: D

Section: (none)


QUESTION 317Under which two circumstances would an RSTP bridge flush its CAM table? (Choose two.)

A. upon a port state change

B. upon receiving a topology change notification

C. when transitioning from discarding to forwarding

D. when transitioning from forwarding to discardingE, only when changing from listening to discarding

E. when CAM resources have been completely used up

Answer: BC

Section: (none)


QUESTION 318Which of these correctly identifies a difference between the way BPDUs are handled by 802.1w and 802.1 D?

A. 802.1 D bridges do not relay

B. 802.1w bridges do not relay BPDUs

C. 802.1 D bridges only relay BPDUs receive d from the rootm the roi

D. 802.1w bridges only relay BPDUs received from the root.

Answer: C

Section: (none)


QUESTION 319NBAR supports all of these with the exception of which one?

A. HTTP

B. IP multicast

C. TCP flows with dynamically assigned port numbers

D. non-UDP protocols

Answer: B

Section: (none)


QUESTION 320Modified deficit round robin supports which of these functionalities?

A. priority queue

B. weighted fair queues

C. round-robin service of output queues

D. LLQ

Answer: AC

Section: (none)


QUESTION 321A router is connected to an HDLC circuit via a T1 physical interface. The SLA for this link only allows for asustained rate of 768 kb/s. Bursts are allowed for up to 30 seconds at up to line rate, with a window Tc of 125ms. What should the Be and Be setting be when using generic traffic shaping?

A. Be = 46320000 , Be = 96000

B. Be = ,768000 Be = 32000

C. Be = ,128000 Be = 7680

D. Be = ,0 Be = 96000

Answer: A

Section: (none)


QUESTION 322Which of these tables is used by an LSR to perform a forwarding lookup for a packet destined to an addresswithin an RFC 4364 VPN?

A. CEF

B. FIB

C. LFIB

D. IGP

Answer: C

Section: (none)


QUESTION 323Which two of these parameters are used to determine a forwarding equivalence class? (Choose two.

A. IP prefix

B. Layer 2 circuit

C. RSVP request from CE for bandwidth reservation

D. BGP MED value

Answer: AB

Section: (none)


QUESTION 324A network is composed of several VRFs. It is required that VRF users VRF_A and VRF_B be able to route toand from VRF_C, which hosts shared services. However, traffic must not be allowed to flow between VRF_Aand VRF_B. How can this be accomplished?

A. route redistribution

B. import and export using route descriptors

C. import and export using route targets

D. Cisco MPLS Traffic Engineering

Answer: C

Section: (none)


QUESTION 325Which of these statements best describes the major difference between an IPv4-compatible tunnel and a 6to4tunnel?

A. An IPv4-compatible tunnel is a static tunnel, but an 6to4 tunnel is a semiautomatic tunnel.

B. The deployment of a IPv4-compatible tunnel requires a special code on the edge routers, but a 6to4 tunneldoes not require any special code.

C. An IPv4-compatible tunnel is typically used only between two IPv6 domains, but a 6to4 tunnel is used toconnect to connect two or more IPv6 domains.

D. For an IPv4-compatible tunnel, the ISP assigns only IPv4 addresses for each domain, but for a 6to4 tunnel,the ISP assigns only IPv6 addresses for each domain.

Answer: C

Section: (none)


QUESTION 326Which information is carried in an OSPFv3 intra-a re a-prefix LSA?

A. IPv6 prefixes

B. link-local addresses

C. solicited node multicast addresses

D. IPv6 prefixes and topology information

Answer: A

Section: (none)


QUESTION 327Which IPv6 address would you ping to determine if OSPFv3 is able to send and receive unicast packets acrossa link?

A. anycast address

B. site-local multicast

C. global address ofthe link

D. unique local address

E. link-local address

Answer: E

Section: (none)


QUESTION 328You are using IPv6, and would like to configure EIGRPv3. Which three of these correctly describe how you canperform this configuration? (Choose three.)

A. EIGRP for IPv6 is directly configured on the interfaces over which it runs.

B. EIGRP for IPv6 is not configured on the interfaces over which it runs, but if a user uses passive- interfaceconfiguration, EIGRP for IPv6 needs to be configured on the interface that is made passive.

C. There is a network statement configuration in EIGRP for IPv6, the same as for IPv4.

D. There is no network statement configuration in EIGRP for IPv6.

E. When a user uses a passive-interface configuration, EIGRP for IPv6 does not need to be configured on theinterface that is made passive.

F. When a user uses a non-passive-interface configuration, EIGRP for IPv6 does not need to be configured onthe interface that is made passive

Answer: ADE

Section: (none)


QUESTION 329Which of these statements accurately identifies how Unicast Reverse Path Forwarding can be employed toprevent the use of malformed or forged IP sources addresses?

A. It is applied only on the input interface of a router. ~

B. It is applied only on the output interface of a router.

C. It can be configured either on the input or output interface of a router.

D. It cannot be configured on a router interface.

E. It is configured under any routing protocol process.

Answer: A

Section: (none)


QUESTION 330UnicastReverse Path Forwarding can perform all of these actions except which one?

A. examine all packets received to make sure that the source addresses and source interfaces appear in therouting table and match the interfaces where the packets were received

B. check to see if any packet received at a router interface arrives on the best return path

C. combine with a configured ACL

D. log its events, if you specify the logging options for the ACL entries used by the unicast rpf command

E. inspect IP packets encapsulated in tunnels, such as GRE

Answer: E

Section: (none)


QUESTION 331Which three of these statements about Dynamic Trunking Protocol are correct? (Choose three

A. It supports autonegotiation for both ISL and IEEE 802.1 Q trunks.

B. It must be disabled on an interface if you do not want the interface to work as a trunk or start negotiation tobecome a trunk.

C. It is a point-to-multipoint protocol.

D. It is a point-to-point protocol.

E. It is not supported on private VLAN ports or tunneling ports

Answer: ABD

Section: (none)


QUESTION 332You are designing your network to be able to use trunks. As part of this process you are comparing the ISL and802.1 Q encapsulation options. All of these statements about the two encapsulation options are correct exceptwhich one?

A. Both support normal and extended VLAN ranges.

B. ISL is a Cisco proprietary encapsulation method and 802.1 Q is an IEEE standard.

C. ISL encapsulates the original frame

D. Both support native VLANs.

E. 802.1 Q does not encapsulate the original frame.

Answer: D

Section: (none)


QUESTION 333What s the default stratum clock on a Cisco router, when you see the key word "master" configured on the NTPline?

A. 1

B. 2

C. 4

D. 6

E. 8

Answer: E

Section: (none)


QUESTION 334Though many options are supported in EIGRPvS, select two options from the below list that are supported.Choose 2

A. VRF

B. auto-summary

C. per-interface configuration

D. prefix-list support via route-map

E. prefix-list support via distribute-list

Answer: CE

Section: (none)


QUESTION 335

During the IPv6 address resolution, a node sends a neighbor solicitation message in order to discover which ofthese?

A. The Layer 2 multicast address of the destination node

B. The solicited node multicast address of the destination node

C. The Layer 2 address of the destination node based on the destination IPv6 address

D. The IPv6 address of the destination node based on the destination Layer 2 address

Answer: C

Section: (none)


QUESTION 336Which one of these statements is true of OSPF type 5 LSAs?

A. They are used to summarize area routes to other areas.

B. They are used in not-so-stubby areas to propagate external routes.

C. They are used to notify areas of the ASBR.

D. They are flooded to all areas except stub areas (external route).

Answer: D

Section: (none)


QUESTION 337Which OSPF LSAtype does an ASBR use to originate a default route into an area?

A. LSA1

B. LSA3

C. LSA4

D. LSA5

E. LSA7

Answer: D

Section: (none)


QUESTION 338Refer to the exhibit. Routers A and B are directly connected. Given the configuration, how many EIGRP routeswill router B see in its routing table?

A. 0

B. 1

C. 2

D. 3

E. 4

Answer: A

Section: (none)


QUESTION 339Refer to the exhibit. Routers A and B are directly connected and running EIGRP, but they are unable to form aneighbor relationship. What is the most likely cause?

A. The network statements are misconfigured.

B. The IP address statements are misconfigured

C. The autonomous system is misconfigured.

D. There is a physical issue with the cable.

Answer: B

Section: (none)


QUESTION 340Refer to the exhibit. Routers A and B are directly connected and running OSPF, but they are unable to form aneighbor relationship. What is the most likely cause?

A. The routers are not on the same network.

B. The network statements do not match.

C. The process number does not match.

D. The MTU does not match.

E. The OSPF cost does not match.

F. There is a physical issue with the cable.

Answer: D

Section: (none)


QUESTION 341FreeExamKing.comRefer to the exhibit. Users on the 199.155.24.0 network are unable to reach the 172.16.10.0 network. What isthe most likely solution?

A. Router ISP1 should be configured to peer with router B.

B. Router ISP2 should be configured with no synchronization.

C. Router ISP1 should be configured with no synchronization.

D. Router ISP2 should be configured with no auto-summary.

E. Router ISP1 or IPS2 should be configured with network 176.16.10.0 mask 255.255.255.0.

Answer: E

Section: (none)


QUESTION 342Two BGP peers connected through a routed firewall are unable to establish a peering relationship.What could be the most likely cause?

A. BGP peers must be Layer 2-adjacent.

B. EBGP multihop is not configured.

C. The firewall is not configured to allow IP protocol 89.

D. The firewall is not configured to allow UDP 179.

Answer: B

Section: (none)


QUESTION 343Which two of these steps are minimum requirements to configure OSPFv3 under IPv6? (Choose two.

A. Configure a routing process using the command ipv6 router ospf [process-id].

B. Add the network statement for the interfaces on which OSPF will run.

C. Configure OSPF on the interface that it will run on.

D. Use the passive-interface command on the interfaces on which OSPF should not run.

E. Enable routing.

Answer: CE

Section: (none)


QUESTION 344You add the following commands into a routed topology: router eigrp 1 variance 3 traffic-share min across-interfaces. Users now complain about voice quality in your VoIP system. What should be done?

A. Add the command: router eigrp 1 traffic-share voice interface fast 0/0.

B. Reconfigure EIGRP to recognize voice packets.

C. Remove the variance from the configuration.

D. Reconfigure the VoIP system to use RTP sequence number headers.

E. Use an H.323 gatekeeper for your VoIP system to negotiate an H.245 uneven packet buffer.

F. Reconfigure EIGRP to version 2.

Answer: C

Section: (none)


QUESTION 345Refer to the exhibit. How would you get the 1.1.1.1 network into the OSPF database?

A. Configure RTA as an ASBR.

B. Redistribute connected routes on RTA into OSPF.

C. Set up a virtual link between area 1 and area 0.

D. Set up a virtual link between area 1 and area 2.

E. Add a static route into RTB and enter it into OSPF.

F. Place a network 1.1.1.0 0.0.0.0 command into RTB.

G. Set up a unique router ID on RTA using an RFC 1918 address

H. Change area 0 on RTB to area 1

Answer: C

Section: (none)


QUESTION 346Refer to the exhibit. Router E learned about the PIM RP (designated as 7.7.7.7) from four different sources.Routers A and D advertised the 7.0.0.0 network via EIGRP. Routers B and C advertised the 7.0.0.0 network viaOSPF. Considering that all four Ethernet interfaces on router E could potentially lead back to the PIM-RP, whenrouter E receives the first multicast packet down the shared tree, which incoming interface will be used tosuccessfully pass the RPF check?

A. E0

B. E1

C. E2

D. E3

E. None of these interfaces will be used to successfully pass the RPF check.

F. All of these interfaces would successfully pass the RPF check.

Answer: A

Section: (none)


QUESTION 347

Refer to the exhibit. From the MAC addresses shown in the command output, to which two ports is themulticast stream 225.230.57.199 being forwarded on this switch? (Choose two.) Switch#show mac-address-table multicast

A. Fa6/28

B. Fa7/20

C. Gi3/7

D. Fa4/2

E. Fa4/14

F. Fa4/38

G. Fa6/28

H. Fa5/7

Answer: CE

Section: (none)


QUESTION 348Refer to the exhibit. Two ISPs have decided to use MSDP and configured routers X and Y (both are PIM RPs)as MSDP peers. In the domain of ISP B, PC A has sent an IGMP membership report for the group 224.1.1.1and PC B has sent an IGMP membership report for the group 224.5.5.5. Assuming that the MSDP peeringrelationship between routers X and Y is functional, and given the partial configuration output shown from routerX, which two of these statements are true? Choose two.)

A. Router X will contain an entry for 224.1.1.1 in its SA cache and will also have an installed (S.G) entry for thisin its mroute table.

B. Router X will not contain an entry for 224.1.1.1 in its SA cache but will have an installed (*,G) entry for this initsmroutetable.

C. Router X will not contain an entry for 224.5.5.5 in its SA cache but will have an installed (S,G) entry for thisin its mroute table.

D. Router X will not contain an entry for 224.5.5.5 in its SA cache but will have an installed (*,G) entry for this inits mroute table.

E. Router X will have no entries for 224.5.5.5 in neither its SA cache nor in its mroute table. ^F.Router F. X will have no entries for 224.1.1.1 in neither its SA cache nor in its mroute table.

Answer: AD

Section: (none)


QUESTION 349You are about to migrate a customer network to use a VSS. Which of these statements is true about a VSS?

A. The VSS switch must be the root bridge for all VLANs and is automatically designated.

B. The VSS switch is defined in RFC 4318 as a managed object.

C. The PAgP+ or LACP protocols are used to maintain the operational state of the VSS devices.

D. A VSS interoperates with a virtual port channel.

E. The 802.1 Q or ISL protocols are used to maintain the operational state of the VSS devices.

F. A VSS increases the size of the spanning-tree domain.

Answer: C

Section: (none)


QUESTION 350

You have done a partial migration from 802.1 D STP to 802.1w STP. Which of the following is true?

A. 802.1 D and 802.1w intemperate only when the 802.1 D STP domain supports rapid convergence.

B. Ports leading to 802.1 D devices will run in compatibility mode, while the rest of the ports will run in 802.1wmode.

C. This is an invalid configuration and a partial migration cannot be done.

D. The bridge timers will be set to match the 802.1 D devices.

E. A secondary root bridge will always be populated within the 802.1 D domain.

F. If the root bridge is selected within the 802.1 D domain, the whole STP domain will run in 802.1 Dcompatibility mode.

G. In partially migrated 802.1w networks, it is recommended to keep the STP diameter below 4.

Answer: B

Section: (none)


QUESTION 351The network administrator is trying to add Switch1 to the network, but the 802.1 Q trunk is not coming up.Switch1 was previously tested in the laboratory and its trunk configuration worked fine. What are three possiblecauses of this problem? (Choose three.)

A. The trunking configuration mode on Switch1 is set to Off.

B. The trunking configuration mode on the other end is set to On.

C. The trunking configuration mode on the other end is set to Desirable.

D. Cisco Discovery Protocol is not running on the other end.

E. There is a VTP domain name mismatch.

F. Switch1 does not support 802.1Q.

Answer: BCE

Section: (none)


QUESTION 352The core of a network has four routers connected in a square design with Gigabit Ethernet links using /30subnets. The network is used to carry voice traffic and other applications. Convergence time is taking morethan expected. Which three actions would you take to improve OSPF convergence time? (Choose three.)

A. Increase MTU of the interfaces to accommodate larger OSPF packets

B. Change the network type to point-to-point on those links.

C. Reduce SPF initial timer.

D. Increase hello interval to avoid adjacency flapping.

E. Enable OSPF.

Answer: BCE

Section: (none)


QUESTION 353Refer to the exhibit. BGP-4 routing to the Internet, in normal behavior, may create asymmetrical routing fordifferent prefixes. The BGP routing table indicates that traffic should follow the paths indicated in the exhibit, butpackets are not going further than the border router in AS 4. What could be the cause of this problem?

A. TCP Intercept is configured in AS 4.

B. Unicast Reverse Path Forwarding is configured in loose mode in this router.

C. Packets may be leaving AS 1 without the BGP routing flag set to 1.

D. Unicast Reverse Path Forwarding is configured in strict mode in this router.

E. There is a missing Unicast Reverse Path Forwarding configuration.

Answer: D

Section: (none)


QUESTION 354

You replaced your Layer 3 switch, which is the default gateway of the end users. Many users cannot accessanything now, including email, Internet, and other applications, although other users do not have any issues. All of the applications are hosted in an outsourced data center. In order to fix theproblem, which one of these actions should you take?

A. Clear the MAC address table in the switch.

B. Clear the ARP cache in the switch.

C. Clear the ARP cache in the end devices.

D. Clear the ARP cache in the application servers.

Answer: C

Section: (none)


QUESTION 355An 802.1 Q trunk is not coming up between two switches. The ports on both switches are configured as"switchport mode desirable." Assuming that there is no physical issue, choose two possible causes. (Choosetwo.)

A. Incorrect VTP domain

B. Incorrect VTP password

C. Incorrect VTP mode

D. Incorrect VTP configuration revision

Answer: AB

Section: (none)


QUESTION 356Refer to the exhibit. Look at the command output. What would be the most probable reason for this port-IDmismatch?

A. spanning-tree misconfiguration

B. speed mismatch configuration

C. cabling problem

D. configuration problem

Answer: C

Section: (none)


QUESTION 357Refer to the exhibit. Look at the command output. Assume that there is no other path, and the configuration iscorrect. What would be the consequences of this situation?

v

A. Users in SW1 can ping SW2 but not vice versa.

B. Users in SW2 can ping SW1 but not vice versa.

C. Users in SW1 and SW2 can ping each other.

D. Users in SW1 and SW2 cannot ping each other.

Answer: D

Section: (none)


QUESTION 358Refer to the exhibit. Look at the command output. What can you use to prevent this behavior?

A. udld

B. spanning-tree loopguard

C. VTP mode transparent

D. switchport mode desirable

Answer: A

Section: (none)


QUESTION 359When using IP SLA FTP operation, which two FTP modes are supported? (Choose two.

A. Only the FTP PUT operation type is supported.

B. Active mode is supported.

C. Passive FTP transfer modes" are supported.

D. FTP URL specified for the FTP GET operation is not supported.

Answer: BC

Section: (none)


QUESTION 360If a certificate authority trustpoint is not configured when enabling HTTPS and the remote HTTPS serverrequires client authentication, connections to the secure HTTP client will fail. Which command must be enabledfor correct operation?

A. ip http client secure-ciphersuite 3des-ede-cbc-sha

B. ip https max-connections 10

C. ip http timeout-policy idle 30 life_120 requests 100

D. ip http client secure-trustpoint trustpoint-name

Answer: D

Section: (none)


QUESTION 361Refer to the exhibit. The Layer 2 network uses VTP to manage its VLAN database. A network designer createdall VLANs on the VTP server (switch 1) and it has been advertised through VTP to all other VTP clients(switches 2 through 4). Due to network growth, a network operator decided to add a new switch between switch1 and switch 3. The network operator has been instructed to use a refurbished switch and use a VTP client.Which three of these factors should the network operator consider to minimize the impact of adding a newswitch? (Choose three.)

A. Pay special attention to the VTP revision number, because the higher value takes the priority.

B. Configure all VLANs manually on the new switch in order to avoid connectivity issues.

C. A trunk should be established between the new switch and switches 1 and 3 as VTP only runs over trunklinks.

D. Set at least the VTP domain name and password to get the new switch synchronized.

E. An ISL trunk should be established between the new switch and switches 1 and 3, because VTP only runsover ISL.

F. Pay special attention to the VTP revision number, because the lower value takes the priority.

Answer: ACD

Section: (none)


QUESTION 362A request arrived on your MPLS-vpn-bgp group. Due to a security breach, your customer is experiencing DoSattacks coming from specific subnets (200.0.10.0/24,200.0.12.0/24). You have checked all MPLS-EBGP routesbeing advertised to BHKfrom other VPN sites and found four subnets listed:200.0.10.0/24,200.0.11.0/24,200.0.12.0/24,200.0.13.0/24. You immediately apply an outbound ACL filter usingthe appropriate MPLS-EBGP tool: access-list 1 deny 0.0.0.0 255.255.254.255 access-list 1 permit any Whathappens when you apply this ACL on the MPLS-EBGP connection to BHK?

A. It blocks all routes.

B. It blocks the routes 200.0.12.0/24,200.0.10.0/24 only.

C. It blocks the routes 200.0.12.0/24,200.0.13.0/24 only.

D. It blocks the routes 200.0.10.0/24,200.0.13.0/24 only.

E. Nothing happens, no routes are blocked.

Answer: B

Section: (none)


QUESTION 363Half of your network uses RIPv2 and the other half runs OSPF. The networks do not communicate with eachother. Which two of these factors describe the impact of activating EIGRP over each separate part? (Choosetwo.)

A. EIGRP will not be accepted when configured on the actual RIPv2 routers.

B. OSPF will no longer be used in the routing table, because you only have EIGRP internal routes running.

C. OSPF will no longer be used in the routing table, because you only have EIGRP external routes running.

D. RIPv2 will populate its RIP database but not its routing table, because you only have EIGRP external routesrunning.

E. RIPv2 will populate its RIP database but not its routing table, because you only have EIGRP internal routesrunning.

F. OSPF database will have RIPv2 routes.

Answer: BE

Section: (none)


QUESTION 364Your company is researching a new application that runs over IPv6, but part of it must still have IPv4 support.Your company uses a traditional IPv4 network. Your plan is not to run IPv6 over the whole network, but tosegment parts of the network or even to operate simultaneously with IPv6 and IPv4. You must make a briefpresentation about IPv6 technology to the board of technical directors. Which three of these items could be part

of your presentation? (Choose three.)

A. Tunnel IPv6 over IPv4 to connect far-end IPv6 networks.

B. Explain why configuring IPv4 and IPv6 at the same time over the same LAN interface is not possible.

C. Explain why configuring IPv4 and IPv6 at the same time over the same LAN interface is possible.

D. What is the meaning of EUI-64 and how does it work?

E. Tunnel IPv4 over IPv6 to connect far-end IPv4 networks.

Answer: ACD

Section: (none)


QUESTION 365Refer to exhibits 1 and 2. In exhibit 1, all users on the LAN segment use router A as the active HSRP router.Router B is the standby router for the HSRP. In exhibit 2, the network management team reported that there isno utilization on the WAN link B. To solve this problem, you decide to change the logical topology of your LAN,but you are not sure about what changes must be made. You must manage HSRP or change it to anotherprotocol in order to provide the most scalable design, automatic redundancy, and load balancing. Which one ofthese actions would be the best choice?

A. Use MHSRP, with three users using router A as the default gateway and three users using router B as thedefault gateway.

B. Keep HSRP and activate PBR to redirect half of the traffic to the other WAN link.

C. Use the backup interface on the WAN link B to provide load balancing for all users.

D. Use GLBP instead, because it provides you with up to three MAC addresses for the same default gatewayvirtual IP address.

E. Use GLBP instead, because it provides you with up to four MAC addresses for the same default gatewayvirtual IP address.

Answer: E

Section: (none)


QUESTION 366Refer to exhibits 1 and 2. A company uses a Metro Ethernet (Gigabit Ethernet) dedicated circuit tocommunicate between users (subnet B) and servers (subnet A) as shown in Exhibit 1. Both routers use OSPFto advertise the subnets. During a weekly management meeting, they realize that the WAN link is oversize.They have been using only 2 Mb/s in the worst-case scenario. So they propose a new, cheaper WANconnection using a 2-Mb/s Frame-Relay point-to-point link to interconnect both sites (Exhibit 2). The FrameRelay service provider informs them that multicast traffic is not allowed to run over the service provider network.Which one of these options is best to enable the company to establish the OSPF neighbor adjacency?

A. Use OSPF network broadcast, because it uses unicast to establish a neighbor relationship.

B. Use OSPF network point-to-multipoint, because it uses unicast to establish a neighbor relationship.

C. Use OSPF network point-to-point, because it uses unicast to establish a neighbor relationship.

D. Use OSPF network point-to-multipoint nonbroadcast, because it establishes a neighbor relationship usingunicast packets.

E. Use OSPF network nonbroadcast, because it establishes a neighbor relationship using multicast.

Answer: D

Section: (none)


QUESTION 367Refer to the exhibit. Users from the Engineering VLAN complain that every time Business VLAN users have anetwork connectivity issue, the Engineering VLAN users usually have problems experiencing slow response ornetwork connectivity problems. After troubleshooting, an unauthorized switch 2 was found. This unauthorizedswitch has been a regular problem, assuming the root bridge function under the spanning-tree domain andcausing the Engineering VLAN to be unstable. Which three of these actions could be suggested to fix theproblem?

A. Upgrade Spanning Tree Protocol to Rapid Spanning Tree Protocol.

B. Change Business VLAN PCs to switch 1 and switch 4.

C. Force the root bridge to be switch 2, instead.

D. Adjust spanning-tree timers (max-age and forward-delay).

E. Shut down all unused ports.

F. Use MSTP to separate the Engineering VLAN from the Business VLAN to optimize spanning- treeconvergence time within each VLAN

Answer: AEF

Section: (none)


QUESTION 368When running IP SLA, which application type should be used if you want to know round-trip delay, jitter, andpacket loss for the full path?

A. ICMP path echo

B. UDP echo

C. ICMP path jitter

D. Application Performance Monitor

E. TCP connect

Answer: C

Section: (none)


QUESTION 369Which option is true when calculating round-trip delay in IP SLA operations?

A. The processing time on the end routers is only assessed for operations that involve the responder.

B. The processing time on the end routers is only assessed for operations that involve the transmitter.

C. The processing time on the end routers is only assessed for operations that involve both the respondi

D. The processing time on the end routers is not assessed for neither the responder nor the transmitter.

Answer: A

Section: (none)


QUESTION 370Refer to the exhibit. You are asked to enable redirection for a network optimization engine that will beconnected directly to your company CPE. What is the correct configuration to enable redirection for trafficoptimization?

A. (config)#interface s0/0(config-if)#ip wccp 61 out(config)#interface e0/0(config-if)#ip wccp 62 out

B. (config)#intetface s0/0(config-if)#ip wccp 62 in(config)#interface e0/0

(config-if)#ip wccp 61 in

C. (config)#interface s0/0(config-if)#ip wccp 61 in(config-if)#ip wccp 62 out

D. (config)#interface e0/0(config-if)#ip wccp 61 in(config-if)#ip wccp 62 out

Answer: D

Section: (none)


QUESTION 371The EtherChannel between your LAN switch and the Internet router is not load-balancing efficiently. On theswitch, there are several workstations with valid IP ranges. Which load-balance algorithms can you use in theswitch in order to optimize this load balancing? (Choose four.)

A. source IP address

B. destination IP address

C. per-packet load balance

D. destination MAC address

E. source MAC address

Answer: ABDE

Section: (none)


QUESTION 372Before inserting a new switch in the network, the network administrator checks that the VTP domain name iscorrect, the VTP mode is set to server, and revision is lower than the switches in the network. The administratorthen configures interfaces and trunks, erases existing VLANs, and connects the switch to the network.Following that procedure, there is no connectivity in the network. What is a possible cause of this problem?

A. Because the configuration revision of the new switches is lower than the rest of the network, it can changethe VLAN database of the other switches.

B. As a VTP server, the new switch deleted all VLANs of the network.

C. Erasing VLANs increases the VTP configuration revision.

D. Since the configuration revision of the network is higher than the new switch, the VLAN database wasautomatically synchronized.

Answer: C

Section: (none)


QUESTION 373The network administrator wants to enable an EtherChannel between two switches in "on" mode. Theadministrator connects the cables and enables the interfaces, but while configuring the EtherChannel in the firstswitch, a spanning-tree loop was detected. Which two of these procedures can avoid this problem? (Choosetwo.)

A. Configure the EtherChannel as "desirable" first.

B. Assign all interfaces to the same VLAN.

C. Disable PortFast on the interfaces in the EtherChannels.

D. Disable all interfaces first.

E. Fast Ethernet and Gigabit Ethernet ports cannot be assigned to the same EtherChannel.

F. Fix cabling problems.

Answer: AD

Section: (none)


QUESTION 374

Customer X has a hub-and-spoke Frame Relay network, with a central office and two branch offices (RemoteAand RemoteB). Each location has only one physical link to the Frame Relay cloud and RemoteB has a routerthat is not a Cisco router. Since the installation, there is no connectivity between RemoteB and the centraloffice. What is a possible solution to this issue?

A. Because Frame Relay IETF encapsulation is only configurable at interface level, you must use IETFencapsulation on all routers.

B. This is not a possible scenario. A dedicated Frame Relay link to RemoteB is mandatory at the central office.

C. The router at RemoteB must be replaced by a Cisco router.

D. Use Frame Relay IETF encapsulation on a per-VC basis on the central office router..

E. There is a problem in the Frame Relay cloud, because Cisco routers are compatible with IETF FrameRelay.

Answer: D

Section: (none)


QUESTION 375You are deploying two core switches, one in each building, 50 km away from each other. The cross-connectionbetween them will be a Layer 2 2-gigabit EtherChannel with an 802.1 Q trunk. You configured it correctly butthe link does not come up. The port is in the "admin up" state, and the line protocol is in the "down" state. Thefiber link is OK. What would be the most likely reason for the link not to come up?

A. The switches are not the same model.

B. You are not using the correct SFP.

C. You are not using correct optical media converters.

D. Configuration should be modified, because the distance is longer.

Answer: B

Section: (none)


QUESTION 376You are configuring an 802.1 Q trunk between a Layer 2 switch and a firewall. You read in the documentationthat the best way to set up a trunk is to set the port as dynamic desirable. The trunk is not coming up. Whichone of these options would be a valid explanation?

A. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode ON.

B. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode to OFF.

C. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode as auto.

D. The firewall does not support DTP. You should set the switchport trunk mode to ON.

Answer: D

Section: (none)


QUESTION 377Refer to the exhibit. You are setting up a 2-gigabit EtherChannel. Following IEEE standards, the exhibit showsyour configuration in a local switchl. However, EtherChannel is not coming up.Which one of these statements could be a possible reason?

A. EtherChannel is only available in Cisco equipment.

B. The customer side is supposed to be running PAgP, which is a Cisco standard.

C. PAgP is not an IEEE standard. VRRP should be used.

D. The configuration on switchl needs to be modified to use LACP.

Answer: D

Section: (none)


QUESTION 378Refer to the exhibit. R2 and R3 are routers connected using Ethernet services from a service provider and canreceive pings from each other. OSPF is configured as the routing protocol but adjacency is not happening.According to the output of the show commands in the exhibit, what could be the most likely cause of theproblem?

A. Ethernet interfaces were configured as point-to-point.

B. Process IDs are not matching.

C. Configured bandwidths do not match on both interfaces.

D. Broadcasts and multicast are not being propagated over the Ethernet services.

E. OSPF cost does not match on both interfaces.

Answer: D

Section: (none)


QUESTION 379Which mechanism can you use to achieve sub-second failover for link failure detection when a switchedEthernet media is used and loss of signal is not supported by the link provider?

A. OSPF standard hellos

B. Cisco Discovery Protocol link detection

C. Bidirectional Forwarding Detection

D. Fast Link Pulse

E. autonegotiation

Answer: C

Section: (none)


QUESTION 380While troubleshooting a network, you need to verify the liveness of hosts in the subnet 192.168.1.64/26. All ofthe hosts are able to reply to ping requests. How wou you confirm the existing nodes using one singlecommand?

A. ping 192.168.1.255

B. ping with sweep option

C. ping 192.168.1.127

D. ping 192.168.1.64

E. Ping with broadcast option

Answer: C

Section: (none)


QUESTION 381Refer to the exhibit. There are two sites connected across WAN links. All intersite and intrasite links alwayshave the same routing metric. The network administrator sees only the top routers and links being used byhosts at both LAN A and LAN B. What would be two suggestions to load- balance the traffic across both WANlinks? Choose two.

A. Make HSRP track interfaces between the edge and core routers.

B. Replace HSRP with GLBP.

C. Add crossed intrasite links: R1-R4, R2-R3, R5-R8, and R6-R7.

D. Make R3 and R8 have lower HSRP priority than R1 and R7.

E. Replace HSRP with VRRP.

Answer: BC

Section: (none)


QUESTION 382Refer to the exhibit. According to the output of the command show tag-switching forwarding-table, which four ofthese statements are true? (Choose four.

A. Packets to the IP address 10.10.10.5/32 will be tagged with "17" toward the next hop.

B. Label "19" will be advertised to MPLS neighbors so that they can use this label to reach the IP address10.10.10.6/32.

C. IP address 10.10.10.4/32 is directly connected to the neighbor router on serial 3/0.

D. Packets arriving with label "17" will be forwarded without any label toward serial 4/0.

E. Packets arriving with label "20" will be forwarded with label "21" after label-swapping.

F. Label "20" is advertised to MPLS neighbors so that they can use this information to reach the prefix10.10.10.8/32.

Answer: CDEF

Section: (none)


QUESTION 383When troubleshooting a network, the output of the command show interfaces indicates a large number of runts.What is a runt?

A. the number of packets that are discarded because they exceed the maximum packet size of the medium

B. errors created when the CRC generated by the originating LAN station or far-end device does not match thechecksum calculated from the data received.

C. the number of packets that are discarded because they are smaller than the minimum packet size of themedium

D. the number of received packets that were iqnored bv the interface because the interface hardware ran lowon internal buffers

E. the number of times that the interface requested another interface within the router to slow down

Answer: C

Section: (none)


QUESTION 384Which two of these elements need to be configured prior to enabling SSH? (Choose two.)

A. hostname

B. loopback address

C. default gateway

D. domain name

E. SSH peer address

Answer: AD

Section: (none)


QUESTION 385Refer to the exhibit. Based on this configuration, what type of marker is achieved?

A. Single-rate, two-color marker V

B. Three-rate, two-color marker

C. Two-rate, three-color marker

D. Single-rate, three-color marker

Answer: C

Section: (none)


QUESTION 386Refer to the exhibit. A network engineer received a sudden request to prioritize voice over his Cisco networkand he has decided to leverage the AutoQoS feature. Based on the output shown, which two tasks need to beperformed prior to issuing the autoqos voip command in this router?

(Choose two.)

A. Enable Cisco Express Forwarding.

B. Enable fast switching.

C. Delete all policy maps.

D. Remove service-policy commands from interface serial1/0.

E. Delete all the currently configured class maps.

Answer: AD

Section: (none)


QUESTION 387What is an important consideration that should be taken into account when configuring shap

A. It enables policing.

B. Strict priority is not supported.

C. WRED must be previously enabled.

D. It enables WRR.

Answer: B

Section: (none)


QUESTION 388Refer to the exhibit. Based on the configuration shown, which queuing mechanism has been configured oninterface serial./0?

A. PQ

B. CQ

C. WFQ

D. LLQ

E. CBWFQ

Answer: E

Section: (none)


QUESTION 389Which of the following is the encryption algorithm used for priv option when using SNMPv3?

A. HMAC-SHA

B. HMAC-MD5

C. CBC-DES

D. AES

E. 3DES

Answer: C

Section: (none)


QUESTION 390Which RMON group stores statistics for conversations between sets of two addresses?

A. hostTopN

B. matrix

C. statistics

D. history

E. packet capture

F. host

Answer: B

Section: (none)


QUESTION 391Which of the following describes the appropriate port assignment and message exchange in a standard TFTP transaction?

A. Server: 10.0.0.1:69 RRQ/WRQ SentClient: 10.0.0.2:1888 RRQ/WRQ Received

B. Server: 10.0.0.1:1888 RRQ/WRQ Received Client: 10.0.0.2:69 RRQ/WRQ Received

C. Server: 10.0.0.1:69 RRQ/WRQ Received Client: 10.0.0.2:69 RRQ/WRQ Sent

D. Server: 10.0.0.1:69 RRQ/WRQ Received Client: 10.0.0.2:1888 RRQ/WRQ Sent

E. Server: 10.0.0.1:1888 RRQ/WRQ Sent Client: 10.0.0.2:69 RRQ/WRQ Sent

F. Server: 10.0.0.1:1888 RRQ/WRQ Received Client: 10.0.0.2:69 RRQ/WRQ Sent

Answer: D

Section: (none)


QUESTION 392You are responsible for network monitoring and need to monitor traffic over a routed network from a remotesource to an IDS or IPS located in the headquarters site. What would you use in order to accomplish this?

A. VACLs and VSPAN

B. RSPAN

C. ERSPAN

D. NetFlow

Answer: C

Section: (none)


QUESTION 393What is the default maximum reservable bandwidth (percentage) by any single flow on an interface afterenabling RSVP?

A. 75 percent

B. 60 percent

C. 56 percent

D. 50 percent

E. 25 percent

Answer: A

Section: (none)


QUESTION 394Which two protocols can have their headers compressed through MQC? (Choose two.

A. RTP

B. RTSP

C. HTTP

D. TCP

E. UDP

Answer: AD

Section: (none)


QUESTION 395You have a router running BGP for the MPLS network and OSPF for the local LAN network at the

sales office. A route is being learned from the MPLS network that also exists on the OSPF local

network. It is important that the router chooses the local LAN route being learned from the

downstream switch running OSPF rather than the upstream BGP neighbor. Also, if the local OSPF

route goes away, the BGP route needs to be used. What should be configured to make sure that

the router will choose the LAN network as the preferred path?

A. static route needs to be added

B. floating static route needs to be added

C. bgp backdoor command

D. ospf backdoor command

Answer: C

Section: (none)


QUESTION 396In BGP routine, what does the rule of synchronization mean?

A. A BGP router can only advertise an EBGP learned route, provided that the route is an IGP route in therouting table.

B. A BGP router can only advertise an IBGP learned route, provided that the route is an IGP route in therouting table.

C. A BGP router can only advertise an IBGP learned route, provided that the route is an IGP route that is not inthe routing table.

D. A BGP router can only advertise an EBGP learned route, provided that the route is a metric of 0 in the BGPtable.

Answer: B

Section: (none)


QUESTION 397

Router 1 is configured for BGP as dual-homed on the Cisco network. Which three BGP attributes are carried inevery BGP update on this router (both IBGP and EBGP)? (Choose three.)

A. origin

B. router-ID

C. AS-path

D. local-preference

E. next-hop

Answer: ACE

Section: (none)


QUESTION 398In your Cisco EIGRP network, you notice that the neighbor relationship between two of your routers wasrecently restarted. Which two of these choices could have made this occur? (Choose two.)

A. An update packet with init flag set from a known, already established neighbor relationship was received byone of the routers.

B. The ARP cache was cleared.

C. The counters were cleared.

D. The IP EIGRP neighbor relationship was cleared manually.

Answer: AD

Section: (none)


QUESTION 399Your Cisco network currently runs OSPF and you have a need to policy-route some specific traffic, regardlessof what the routing table shows. Which one of these options would enable you to policy-route the traffic?

A. source IP address and the protocol (such as SSL, HTTPS, SSH)

B. the packet Time to Live and the source IP address

C. type of service header and DSCP value

D. destination IP address

Answer: A

Section: (none)


QUESTION 400You use OSPF as your network routing protocol. You use the command show ip route and you see severalroutes described as 0, 0 IA, 0 E1, and 0 E2. What routes are in your area?

A. OIA

B. OE1

C. OE2

D. 0

Answer: D

Section: (none)


QUESTION 401What are the mandatory, well-known BGP attributes?

A. origin, AS-path, next-hop

B. AS-path, origin, MED

C. AS-path, origin, weight

D. AS-path, weight, MED

Answer: A

Section: (none)


QUESTION 402Network A has a spanning-tree problem in which the traffic is selecting a longer path. How is the path costcalculated?

A. number of hops

B. priority of the bridge

C. interface bandwidth

D. interface delay

E. None of the above

Answer: C

Section: (none)


QUESTION 403You deployed new fibers in your network to replace copper spans that were too long. While reconnecting thenetwork, you experienced network problems because you reconnected wrong fibers to wrong ports. What couldyou do to prevent this type of problem in the future, particularly when connecting and reconnecting fiber pairs?

A. Only use fiber in pairs.

B. Configure root guard on your switches.

C. Do not use fiber but use copper.

D. Configure UDLD to prevent one-way link conditions.

Answer: D

Section: (none)


QUESTION 404While deploying a new switch, you accidentally connect ports 3/12 and 3/18 together, creating a loop. STPdetected it and placed port 3/18 in blocking mode. Why did STP not place port 3/12 in blocking mode instead?

A. Port 3/12 was already up and forwarding before the loop was created.

B. Port priority is based on lowest priority and lowest port number.

C. You connected the wire on port 3/18 last.

D. None of the above, it is purely random.

Answer: B

Section: (none)


Date post:	03-Sep-2014
Category:	Documents
Upload:	ryanshin10
View:	401 times
Download:	2 times

350-001-V4

Documents