1.3.3 Building a Redundant Network
The network designer recommends using RSTP in the design of a new data center. There are multiple redundant Layer 2 switches and links contained in the new design. What is the benefit of using RSTP rather than STP in this situation?
Redundant links are not blocked.
Routing tables converge more quickly.
Spanning Tree convergence times are reduced.
Fewer redundant links are required to maintain connectivity.
1.2.1 What Happens at the Core Layer?
1.3.1 What Happens at the Distribution Layer?
1.4.1 What Happens at the Access Layer?
Which task would typically only require services located
at the access layer of the hierarchical design model?
connecting to the corporate web server to update sales figures
using a VPN from home to send data to the main office servers
printing a meeting agenda on a local departmental network printer
placing a VoIP call to a business associate in another country
responding to an e-mail from a co-worker in another department
6.2.1 Designing the Logical LAN IP Address Scheme
A large company plans to add several servers and
requires that the servers be reachable directly from the Internet. Which action will help the company accomplish this goal?
Assign to each server a static internal IP address that is mapped statically to a public IP address.
Place all servers in their own Class C private subnet.
Provide a private address to each server using DHCP.
Assign addresses from a pool of public Class B addresses using DHCP.
2.2.5 Explain the Role of the Account Manager
2.2.8 Explain the Role of the Post-Sales Field Engineer
A network engineer is at a customer site.
After resolving technical problems in the network, the engineer provides a training session for the support staff. Which job function best fits the activities of this network engineer?
network designer
account manager
pre-sales engineer
post-sales field engineer
8.3.3 Validate Choice of VPN Topology, Devices and Topologies
In order for the IT staff of a company to understand the basic operation of VPNs,
which two features or technologies must the network designer identify as training needs? (Choose two.)
IPv6 tunneling
QoS operation
tunneling protocols
VLAN configuration
encryption algorithms
8.3.2 Creating the Test Plan
What is the advantage of choosing EasyVPN for a new
VPN implementation?
to provide encryption algorithms unavailable in other systems
to ensure that remote workers actually use the VPN for connectivity
to allow a greater variety of network devices to be used for VPN connections
to simplify the configuration tasks for the device that is used as the VPN server
1.1.2 The Benefits of a Hierarchical Network Design
In the Cisco Enterprise Architecture, which module would include web
and e-commerce servers for access by users external to the organization?
campus core
enterprise edge
enterprise branch
enterprise campus
6.2.3 Designating the Routing Strategy
The network infrastructure of the main campus in an organization
consists of network devices from multiple vendors. The IT department has a network architecture upgrade project that will gradually upgrade the campus backbone to 10 Gb/s. The routing protocol also needs to be upgraded from RIP to support VLSM
and CIDR, with infrequent routing updates to reduce traffic. In phase one of the project, two high-end Cisco devices are purchased to replace two of the four current core routers made by another networking company. Which routing protocol should be selected for the network?
BGP
OSPF
RIPv2
EIGRP
5.2.2 Designing Distribution Layer Topology
What are two advantages of using Layer 3 devices instead of
Layer 2 switches at the distribution layer of a hierarchical network? (Choose two.)
allows connectivity between different VLANs
provides reliable connectivity to the end user
reduces the number of required redundant links
results in fewer IP subnets to configure and manage
enables traffic filtering that is based on subnet addresses
5.5.1 Placing Security Functions and Appliances
A small office with ten employees needs to provide external
customer access to an office Web server. It also requires filtered access to the Internet for its employees. What device would best serve their needs?
standalone access points with separate VLANs for customers and employees
core layer router with software based firewall set
dedicated firewall appliance with DMZ capabilities
SOHO router with IOS firewall feature set to filter traffic in and out of the company
3.2.4 Download and Install Cisco IOS Software
A network administrator has removed a router from the network for
maintenance. A new Cisco IOS software image has been successfully downloaded to a server and copied into the flash of the router. What should the administrator do before placing the router back into service?
Delete the previous version of the Cisco IOS software from flash.
Copy the new IOS into NVRAM to create a backup copy.
Restart the router and verify that the new image starts successfully.
Verify the free space available on the router to store the new IOS image.
3.1.1 Creating a Network Diagram
Refer to the exhibit. What can be concluded from the output that is shown?
MDF_2811 has a MAC address of 2294:300F:0000.
Device C3750-24_IDF2 is running Cisco IOS Software Release 12.3(23)SEE2.
A Cisco 3750 switch is connected to the FastEthernet1/0/1 port on MDF_2811.
MDF_2811 is installed in the main distribution facility on floor 28 of building 11.
3.2.4 Download and Install Cisco IOS Software
If a router is unable to find a suitable IOS to load into RAM, in what mode does the boot process end?
setup mode
user mode
rommon mode
privileged mode
3.2.4 Download and Install Cisco IOS Software
A network administrator needs to transfer an IOS image to a router
using a TFTP server. What should be verified prior to beginning the transfer process?
The TFTP server must connect to the router via a serial connection.
Connectivity between the TFTP server and the router should have been established.
The TFTP server and the router must be on different networks for the transfer.
The TFTP server software must be the same version as the Cisco IOS software.
3.3.3 Installing a New Hardware Option
What best practice should be followed when installing a new
interface card into a Cisco 1841 router?
Leave the power on because the device supports hot-swappable interface cards.
Be sure the card faceplate does not touch the rear panel of the chassis.
Use pliers to push the card into the connecting socket.
Use a properly grounded antistatic wrist strap.
Leave the captive screws loose until the card is working properly, then tighten securely.
3.2.3 Choosing an Appropriate Cisco IOS Image
Refer to the exhibit. The network administrator has used the Cisco Feature Navigator to choose a Cisco IOS image to install on a router. Given the exhibited output of the show version command,
which statement is true about the capacity of the router to use this Cisco IOS image?
There is enough DRAM and flash.
There is not enough DRAM and flash.
There is enough DRAM but not enough flash.
There is not enough DRAM but enough flash.
3.2.2 Investigating the Installed Cisco IOS Software
Refer to the exhibit. In the Cisco IOS filename that is shown, what is signified by the underlined portion?
version
platform
file format
feature set
4.2.3 File Transfer and Email
Which IOS component can be used to classify and
monitor network traffic?
CDP
NBAR
CiscoWorks
Network Assistant
4.3.1 What Is Quality of Service and Why Is It Needed?
Which technology will prioritize traffic based upon the
technical requirements of IP telephony?
PoE
QoS
RPC
RTP
VPN
4.4.2 Requirements of an IP Telephony Solution
When implementing an IP telephony solution, why
should VLANs be used?
to allow the use of a single IP gateway
to separate voice from data traffic for ease of prioritization
to allow the PBX to use VLAN IDs to filter both voice and data traffic
to allow connectivity between traditional phone devices and IP-based telephony devices
4.1.2 Characteristics of Different Application Categories
Refer to the exhibit. Which type of application communication model best describes this network?
client-client
client-server farm
client-enterprise edge
client-enterprise server
6.1.2 Classful Subnets and Summarization
Refer to the exhibit. The routers are configured with RIPv2 and utilize the default configuration. When attempting to communicate with other networks, hosts from 172.31.1.0/24 are experiencing connectivity issues. What could be done to resolve this issue?
Change to a public IP address scheme.
Ensure that automatic route summarization has been disabled on all routers in the network.
Change the IP address for the Router3 LAN to be 192.168.7.0/24.
Change the subnet mask on the link between Router2 and Router3 to 255.255.255.0.
7.2.5 Validating the IP Addressing Scheme
A network engineer is prototyping a new IP addressing and summarization
strategy for a new network that will be integrated into the existing infrastructure. Which method is appropriate for testing the addressing scheme?
using the production network of the customer
using actual network equipment in a lab
using the Cisco Network Assistant
using a network simulation tool
6.3.2 Migrating from IPv4 to IPv6
A network administrator is integrating IPv6 into an IPv4 network by
encapsulating an IPV6 packet within an IPv4 protocol. Which transition method is being used?
tunneling
dual stack
proxying and translation
NAT with Protocol Translator
6.2.5 Designing the Addressing Scheme
25
A school district decides to use the 172.30.0.0/16 network for
its LAN networks. The network administrator must create an addressing scheme to support 500 users in the admin office, 200 at the high school, 60 at the elementary school and 28 at the district office. Which VLSM addressing scheme will correctly address the network with minimal waste?
172.30.0.0/20 admin 172.30.1.0/21 high school 172.30.1.8/22 elementary 172.30.1.12/26 district
172.30.0.0/22 admin 172.30.4.0/23 high school 172.30.5.0/24 elementary 172.30.6.0/26 district
172.30.0.0/23 admin 172.30.2.0/24 high school 172.30.3.0/26 elementary 172.30.3.64/27 district
172.30.0.0/23 admin 172.30.2.0/24 high school 172.30.3.0/25 elementary 172.30.3.127/26 district
6.1.4 Using CIDR Routing and Summarization
Refer to the exhibit. A network administrator is validating the routing for the new network design. Which command should be used to configure the s0/0/0 interface of the SALES router to advertise the Sales Department networks as one route?
SALES(config-if)# ip summary-address eigrp 100 172.16.0.0 255.255.0.0
SALES(config-if)# ip summary-address eigrp 100 172.16.8.0 255.255.240.0
SALES(config-if)# ip summary-address eigrp 100 172.16.16.0 255.255.240.0
SALES(config-if)# ip summary-address eigrp 100 172.16.31.0 255.255.248.0
6.3.3 Implementing IPv6 on a Cisco Device
A network administrator is configuring a router interface with the
command R1(config-if)# ipv6 address 2001:DB8:C18:1::/64 eui-64. If the MAC address of this Ethernet interface is 01-1C-70-CF-
B4-30, what is the host identifier for this interface under EUI-64 format?
11C:7000:00CF:B430
11C:70FE:FECF:B430
11C:70FF:FECF:B430
11C:70FF:FFCF:B430
6.3.1 Contrasting IPv4 and IPv6 Addressing
What are three advantages of IPv6 over IPv4? (Choose
three.)
increased IP security
fewer reserved IP addresses
simplified header information
integrated IP mobility support
easier implementation and configuration
more efficient handling of broadcasts
7.3.3 Validating Device and Topology Selection
Refer to the exhibit. A network associate is configuring a new router to provide routing between VLANs. The associate removes the router from the box and connects the Fa0/0 interface to a trunking port on the switch. After the configuration is applied to the router, the traffic between VLANs still fails. What is causing this to occur?
The NWRnStick router needs a routing protocol configured.
The NWRnStick router needs additional Fast Ethernet interfaces installed.
The subinterfaces of the NWRnStick router should have IP addresses applied.
All the subinterfaces of the NWRnStick router should be configured in the same VLAN.
1.3.4 Traffic Filtering at the Distribution Layer
Refer to the exhibit. The named ACL "Managers" already exists on the router. What will happen when the network administrator issues the commands that are shown in the exhibit?
The commands overwrite the existing Managers ACL.
The commands are added at the end of the existing Managers ACL.
The commands are added at the beginning of the existing Managers ACL.
The network administrator receives an error that states that the ACL already exists.
1.4.2 Network Topologies at the Access Layer
On a Monday morning the help desk at a large company
receives an unusually high number of calls reporting no connectivity to the Internet or to any other network resources. Otherwise the PCs are functioning normally. Help desk technicians note that all the calls are from a single department, and all affected users are on the same floor of a single building. Where should the help desk technicians suspect that the problem lies?
workgroup switch
PC power supplies
patch cords from PCs to network jacks
cabling from the network jack to the wiring closet
7.1.6 Identify Risks or Weaknesses in the Design
Refer to the exhibit. A NetworkingCompany designer is reviewing a diagram of a customer network. What two risks or issues can be identified in the topology that is shown? (Choose two.)
The firewall router and ISP connection represent a single point of failure.
A failure of the switch that connects the Cisco Call Manager to the network will cause the entire IP telephony system to fail.
Using Layer 3 switches to interconnect the data center servers to the IP phones introduces too much delay.
The IP phones need to be redundantly connected to the switches to prevent single points of failure at the access layer.
If one of the Layer 3 switches fails, the Cisco Call Manager will be unreachable.
7.2.5 Validating the IP Addressing Scheme
7.3.3 Validating Device and Topology Selection
Refer to the exhibit. What is the spanning-tree role of all the enabled interfaces of SW11?
alternate
backup
designated
root
7.2.4 Validating the Choice of Routing Protocol
A network administrator is asked to upgrade the enterprise network devices and
to modify the addressing scheme to support VLSM and route summarization. The current network infrastructure contains both Cisco and non-Cisco routers. The plan is to replace old routers gradually with the latest Cisco routers. Which two routing protocols can the administrator use to support both upgrading requirements? (Choose two.)
BGP
OSPF
RIPv1
RIPv2
EIGRP
7.1.1 Purpose of a Prototype
Refer to the exhibit. Following a test plan, the network systems engineer completes the configuration of an access layer switch and connects three PCs to test the configuration. The engineer attempts to ping from each PC to the other connected PCs. Which three statements describe the expected results of pinging from one host to another? (Choose three.)
Host1 can ping Host2.
Host1 cannot ping Host2.
Host1 can ping Host3.
Host1 cannot ping Host3.
Host2 can ping Host3.
Host2 cannot ping Host3.
8.1.3 Simulating WAN Connectivity in a Lab Environment
Refer to the exhibit. A technician at the ISP site asks the network administrator at the client site to change the CHAP password as part of the routing security maintenance. After the administrator makes the change and reboots the router, the technician issues a show interfaces serial 0/0/0 command.
According to the output, what can be concluded about the serial connection between the client site and ISP site?
The router at the client site is still in the process of rebooting.
The administrator probably configured the wrong password.
The administrator has not issued a no shut command on the serial interface.
The administrator probably configured the wrong IP address for the serial interface.
7.3.4 Validating the Security Plan
Refer to the exhibit. The users on the 192.168.10.128/26 network are not allowed Internet access. Where is the most efficient location to place an extended ACL?
inbound on S0/0/0 of R1
outbound on S0/0/1 of R1
inbound on Fa0/0 of R2
outbound on Fa0/0 of R2
inbound on S0/0/1 of R2
5.5.2 Implementing Access Control Lists and Filtering
Refer to the exhibit. Based on the configuration of router R2, which statement is true if the four listed objectives are requirements of an active security policy?
Objectives (1) All traffic from the Internet into the DMZ is to be logged. (2) Web traffic from the Internet is to be allowed into the DMZ. (3) TCP traffic from established sessions is to be allowed into the internal network. (4) Incoming e-mail from the Internet is to be handled by the DMZ e-mail server first.
Only objective 1 is met.
All four objectives are met.
Objectives 1, 2, and 4 are met.
Only objectives 2 and 4 are met.
Only objectives 2 and 3 are met.
7.1.1 Purpose of a Prototype
What are two reasons to choose a pilot network instead of a prototype network
during proof-of-concept testing of a network design? (Choose two.)
Changes can be made at any time.
The customer desires testing in a real-world environment.
A highly controlled simulated environment is easier to manage.
The test network must be independent from the production network.
Network response to unplanned and unpredictable events must be assessed.
8.2.4 Prototype the WAN
The main office of a NetworkingCompany
customer currently connects to three branch
offices via three separate point-to-point T1 circuits. The customer network uses RIPv2 as the routing protocol within both the LAN and the WAN. The account manager proposes a change to a Frame Relay network because the costs are lower. A single local loop connection can be installed at the main office with three separate PVCs to connect the branch offices. How can the main office edge router be configured to enable the customer to continue to use RIP as the WAN routing protocol?
Enable Inverse ARP on the serial interface in order to learn the routes to the IP addresses of the remote routers.
To prevent the Frame Relay network from causing a routing loop, disable split horizon on the serial interface.
Create three separate point-to-point subinterfaces on the serial interface and assign a different subnet IP address to each one.
Configure the serial interface with a single interface DLCI number and create frame-relay map statements for
each remote site address.
8.3.3 Validate Choice of VPN Topology, Devices and Topologies
A company has branch offices at several locations across the country.
Which security implementation would provide a cost-effective, secure, and authenticated connection to centralized internal resources that are located at company headquarters, without requiring configuration for individual employees at the branch offices?
leased line with PPP authentication
site-to-site VPN
access control list
remote-access VPN
6.2.3 Designating the Routing Strategy
A technician adds the command Router(config-router)# variance 5 to
a router using EIGRP as the routing protocol. What is the result of entering this command?
enables unequal cost load balancing
adjusts the metric of all EIGRP routes to 5
restricts the number of EIGRP feasible successor routes to 5
activates the use of all K values in the composite metric calculation
enables EIGRP equal cost load balancing over a maximum of 5 routes
6.2.3 Designating the Routing Strategy
Refer to the exhibit. Based on the EIGRP configuration that is shown, what can the field engineer conclude about the EIGRP authentication between RouterA and RouterB?
Authentication will fail because only one key is configured.
Authentication will fail because the key chain names do not match.
Authentication will succeed and EIGRP updates can be exchanged.
Authentication will fail because the key chain names must match the router names.
8.2.4 Prototype the WAN
What type of Frame Relay subinterface must be used to
connect remote sites without having to disable split horizon?
multipoint
multiaccess
point-to-point
nonbroadcast multiaccess
5.3.1 Determining Connectivity for Remote Sites
Company XYZ requires a WAN solution that provides flexible
bandwidth options and supports one physical interface at the head office that would provide simultaneous connectivity to various remote sites. The distance from each site should not make the solution more expensive. Which WAN technology meets the requirements of the company?
DSL
cable
Frame Relay
T1 leased line
5.5.1 Placing Security Functions and Appliances
When implementing a security policy, which two actions should
be included as part of the security checklist? (Choose two.)
Disable all logging.
Enable Telnet on TCP port 23.
Use HTTP for web administration.
Set timeouts and ACLs on VTY lines.
Shut down any unused ports and interfaces.
8.2.5 Troubleshooting Frame Relay Operation
Refer to the exhibit. A NetworkingCompany engineer is characterizing an existing network for a new customer. The engineer issues a show running-config command on the branch router to
gather configuration information. What is the engineer able to determine as a result of viewing the output of this command?
The branch office router has two routes to the main office LANs in the routing table.
The default route for the branch office traffic is the serial link to the Edge2 router.
A connection through ISP-A will be used to reach the main office LANs if the Frame Relay network is unavailable.
By using both the DSL and the Frame Relay connection, the branch office router will load balance traffic that is destined for the main office LANs.
8.1.3 Simulating WAN Connectivity in a Lab Environment
Refer to the exhibit. A network administrator configures two routers to test the WAN connection. The serial connection requires PPP encapsulation and authentication with CHAP. However, the connection cannot be established. According to the partial output of the show running-config command, what is the cause of the problem?
The password should be all lowercase.
The password should contain fewer than 8 characters.
The usernames must be the same as the sending router hostnames.
The usernames must be the same as the destination router hostnames.
8.3.2 Creating the Test Plan
What Cisco VPN solution allows for simple configuration of VPNs on the laptops of remote and mobile employees?
EasyVPN Server
EasyVPN Remote
EasyVPN Client
EasyVPN Remote-Access