Exam A

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

QUESTION 43 Which part of the PPPoE server configuration contains the information used to assign an IP address to a PPPoE client? A. virtual-template interface B. DHCP C. dialer interface D. AAA authentication

Correct Answer: A Explanation Explanation/Reference: From the ISP (server) prospective no dialer interface is configured. The ISP would create the interface virtual-template 1 and then configure a pool to assign IP addresses with. On the client (customer/enterprise) side the IP address is specified under the interface dialer 1 command.

QUESTION 82 Which type does a port become when it receives the best BPDU on a bridge? A. the backup port B. the root port C. the designated port D. the alternate port

Correct Answer: B

QUESTION 90 Which VLAN bridge priority value will make a switch as root for a given VLAN from the below options by the spanning-tree vlan vlan-id root command? A. 16384 B. 8192 C. 28672 D. 32768

Correct Answer: B

QUESTION 91 What is the default encapsulation type for Cisco WAN serial interfaces? A. Frame Relay B. HDLC C. PPP D. SDLC

Correct Answer: B

Question 4 Which type of interface can negotiate an IP address for a PPPoE client? A. Ethernet B. dialer C. serial D. Frame Relay

Correct Answer: B

QUESTION 29 Which type of topology is required by DMVPN? A. ring B. full mesh C. hub-and-spoke D. partial mesh

Correct Answer: C

QUESTION 78 Which feature can you use to restrict SNMP queries to a specific OID tree? A. a server group B. a view record C. a community D. an access group

Correct Answer: B

QUESTION 46 Which version of SNMP first allowed user-based access? A. SNMPv3 with RBAC B. SNMPv3 C. SNMPv1 D. SNMPv2

Correct Answer: B

QUESTION 56 Which IEEE standard does PVST+ use to tunnel information? A. 802.1x B. 802.1q C. 802.1w D. 802.1s

Correct Answer: B

QUESTION 65 Which configuration enables OSPF for network 192.168.1.0/24? A. router ospf router-id 192.168.1.0 B. router ospf 1 network 192.168.1.0 255.255.255.0 area 0 C. router ospf 1 neighbor 192.168.1.0 D. router ospf 1 area 0 virtual-link 192.168.1.0

Correct Answer: B

QUESTION 10 Which Cisco platform can verify ACLs? A. Cisco Prime Infrastructure B. Cisco Wireless LAN Controller C. Cisco APIC-EM D. Cisco IOS-XE

Correct Answer: A

QUESTION 134 A department decides to replace its hub with a Catalyst 2950 switch that is no longer needed by another department. To prepare the switch for installation, the network administrator has erased the startup configuration and reloaded the switch. However, PCs that are connected to the switch experience various connectivity problems. What is a possible cause of the problem? A. The VLAN database was not erased. B. The management VLAN is disabled. C. The running configuration should have been erased. D. The "mode" button was not pressed when the switch was reloaded. E. The switch was not configured with an IP address or a default gateway.

Correct Answer: A

QUESTION 57 After you configure a new router to connect to a host through the GigabitEthernet0/0 port of the router, you log in to the router and observe that the new link is down. Which action corrects the problem? A. Use a crossover cable between the host and R1. B. Use a straight through cable between the host and R1. C. Configure the host to use R1 as the default gateway. D. Use a rollover cable between the host and R1.

Correct Answer: A

QUESTION 62 Which VLAN bridge priority value is assigned by the set span tree root command? A. 8192 B. 16384 C. 28672 D. 32768

Correct Answer: A

QUESTION 63 Which purpose of the network command in OSPF configuration mode is true? A. It defines a wildcard mask to identify the size of the network. B. It defines the area ID. C. It defines the network by its classful entry. D. It defines which networks are used for virtual links.

Correct Answer: A

QUESTION 77 Which command can you enter to assign an interface to the default VLAN? A. Switch(config-if)# switchport access vlan 1 B. Switch(config-if)# switchport trunk native vlan 1 C. Switch(config-if)# vlan 1 D. Switch(config)# int vlan 1

Correct Answer: A

Question 2 What is a difference between TACACS+ and RADIUS in AAA? A. Only TACACS+ allows for separate authentication. B. Only RADIUS encrypts the entire access-request packet. C. Only RADIUS uses TCP. D. Only TACACS+ couples authentication and authorization.

Correct Answer: A Explanation Explanation/Reference: Authentication and Authorization RADIUS combines authentication and authorization. The access-accept packets sent by the RADIUS server to the client contain authorization information. This makes it difficult to decouple authentication and authorization. TACACS+ uses the AAA architecture, which separates AAA. This allows separate authentication solutions that can still use TACACS+ for authorization and accounting. For example, with TACACS+, it is possible to use Kerberos authentication and TACACS+ authorization and accounting. After a NAS authenticates on a Kerberos server, it requests authorization information from a TACACS+ server without having to re- authenticate. The NAS informs the TACACS+ server that it has successfully authenticated on a Kerberos server, and the server then provides authorization information. During a session, if additional authorization checking is needed, the access server checks with a TACACS+ server to determine if the user is granted permission to use a particular command. This provides greater control over the commands that can be executed on the access server while decoupling from the authentication mechanism.

QUESTION 105 Which encapsulation type is a Frame Relay encapsulation type that is supported by Cisco routers? A. IETF B. ANSI Annex D C. Q9333-A Annex A D. HDLC

Correct Answer: A Explanation Explanation/Reference: Cisco supports two Frame Relay encapsulation types: the Cisco encapsulation and the IETF Frame Relay encapsulation, which is in conformance with RFC 1490 and RFC 2427. The former is often used to connect two Cisco routers while the latter is used to connect a Cisco router to a non-Cisco router. You can test with your Cisco router when typing the command Router(config-if)#encapsulation frame-relay? on a WAN link. Note: Three LMI options are supported by Cisco routers are ansi, Cisco, and Q933a. They represent the ANSI Annex D, Cisco, and ITU Q933-A (Annex A) LMI types, respectively. HDLC is a WAN protocol same as Frame-Relay and PPP so it is not a Frame Relay encapsulation type.

QUESTION 54 Which statement about DTP is true? A. It uses the native VLAN. B. It negotiates a trunk link after DTP has been configured. C. It uses desirable mode by default. D. It sends data on VLAN 1.

Correct Answer: A Explanation Explanation/Reference: Disabling Dynamic Trunking Protocol (DTP) Cisco's Dynamic Trunking Protocol can facilitate the automatic creation of trunks between two switches. When two connected ports are configured in dynamic mode, and at least one of the ports is configured as desirable, the two switches will negotiate the formation of a trunk across the link. DTP isn't to be confused with VLAN Trunking Protocol (VTP), although the VTP domain does come into play

QUESTION 23 Which statement about switch access ports is true? A. They drop packets with 802.1Q tags B. A VLAN must be assigned to an access port before it is created. C. They can receive traffic from more than one VLAN with no voice support. D. By default, they carry traffic for VLAN 10.

Correct Answer: A Explanation Explanation/Reference: If an access port receives a packet with an 802.1Q tag in the header other than the access VLAN value, that port drops the packet without learning its MAC source address.

QUESTION 20 While you were troubleshooting a connection issue, a ping from one VLAN to another VLAN on the same switch failed. Which command verifies that IP routing is enabled on interfaces and the local VLANs are up? A. show ip interface brief B. show ip nat statistics C. show ip statistics D. show ip route

Correct Answer: A Explanation Explanation/Reference: Initiate a ping from an end device in one VLAN to the interface VLAN on another VLAN in order to verify that the switch routes between VLANs. If the ping fails, verify that IP routing is enabled and that the VLAN interfaces status is up with the show ip interface brief command.

QUESTION 14 Which statement about named ACLs is true? A. They support standard and extended ACLs. B. They are used to filter usernames and passwords for Telnet and SSH. C. They are used to filter Layer 7 traffic. D. They support standard ACLs only. E. They are used to rate limit traffic destined to targeted networks.

Correct Answer: A Explanation Explanation/Reference: Named Access Control Lists (ACLs) allows standard and extended ACLs to be given names instead of numbers. Unlike in numbered Access Control Lists (ACLs), we can edit Named Access Control Lists. Another benefit of using named access configuration mode is that you can add new statements to the access list, and insert them wherever you like. With the legacy syntax, you must delete the entire access list before reapplying it using the updated rules.

QUESTION 98 At which layer of the OSI model does PPP perform? A. Layer 2 B. Layer 3 C. Layer 4 D. Layer 5

Correct Answer: A Explanation Explanation/Reference: Point-to-Point Protocol (PPP) is a data link protocol commonly used in establishing a direct connection between two networking nodes. It can provide connection authentication, transmission encryption (using ECP, RFC 1968), and compression.

QUESTION 11 Which statement about QoS default behavior is true? A. Ports are untrusted by default. B. VoIP traffic is passed without being tagged. C. Video traffic is passed with a well-known DSCP value of 46. D. Packets are classified internally with an environment. E. Packets that arrive with a tag are untagged at the edge of an administrative domain.

Correct Answer: A Explanation Explanation/Reference: Trust means to accept as valid and use as the basis of the initial internal DSCP value. Ports are untrusted by default, which sets the initial internal DSCP value to zero.

QUESTION 159 What is the alert message generated by SNMP agents called? (Choose two.) A. TRAP B. INFORM C. GET D. SET

Correct Answer: AB

QUESTION 76 Which two actions must you take to configure a PAgP EthernetChannel between two switches, S1 and S2? (Choose two.) A. Configure the channel-group 1 mode auto command on S1. B. Configure the channel-group 1 mode desirable command on S2. C. Configure the channel-group 1 mode active command on S2. D. Configure the channel-gr oup 1 mode on command on S2. E. Configure the channel-group 1 mode active command on S1.

Correct Answer: AB

QUESTION 26 Which two states are the port states when RSTP has converged? (Choose two.) A. forwarding B. discarding C. listening D. disabled E. learning

Correct Answer: AB Explanation Explanation/Reference: Understanding Rapid Spanning Tree Protocol (802.1w) Port States There are only three port states left in RSTP that correspond to the three possible operational states. The 802.1D disabled, blocking, and listening states are merged into a unique 802.1w discarding state. RSTP only has 3 port states which are discarding, learning and forwarding. When RSTP has converged there are only 2 port states left: discarding and forwarding.

QUESTION 88 Which four options are the HSRP states for a router? (Choose four.) A. standby B. speak C. listen D. learn E. primary F. secondary

Correct Answer: ABCD

QUESTION 122 What information does a router running a link-state protocol use to build and maintain its topological database? (Choose two.) A. hello packets B. SAP messages sent by other routers C. LSAs from other routers D. beacons received on point-to-point links E. routing tables received from other link-state routers F. TTL packets from designated routers

Correct Answer: AC

QUESTION 18 Which two pieces of information are provided by the show controllers serial 0 command? (Choose two.) A. the type of cable that is connected to the interface B. the uptime of the interface C. the status of the physical layer of the interface D. the full configuration of the interface E. the interface's duplex settings

Correct Answer: AC

QUESTION 47 Which two circumstances can cause collision domain issues on VLAN domain? (Choose two.) A. duplex mismatches on Ethernet segments in the same VLAN B. multiple errors on switchport interfaces C. congestion on the switch inband path D. a failing NIC in an end device E. an overloaded shared segment

Correct Answer: AC Explanation Explanation/Reference: Collision Domains A collision domain is an area of a single LAN where end stations contend for access to the network because all end stations are connected to a shared physical medium. If two connected devices transmit onto the media at the same time, a collision occurs. When a collision occurs, a JAM signal is sent on the network, indicating that a collision has occurred and that devices should ignore any fragmented data associated with the collision. Both sending devices back off sending their data for a random amount and then try again if the medium is free for transmission. Therefore, collisions effectively delay transmission of data, lowering the effective throughput available to a device. The more devices that are attached to a collision domain, the greater the chances of collisions; this results in lower bandwidth and performance for each device attached to the collision domain. Bridges and switches terminate the physical signal path of a collision domain, allowing you to segment separate collision domains, breaking them up into multiple smaller pieces to provide more bandwidth per user within the new collision domains formed.

QUESTION 25 What are two enhancements that OSPFv3 supports over OSPFv2? (Choose two.) A. It can support multiple IPv6 subnets on a single link. B. It requires the use of ARP. C. It routes over links rather than over networks. D. It supports up to 2 instances of OSPFv3 over a common link.

Correct Answer: AC Explanation Explanation/Reference: Here is a list of the differences between OSPFv2 and OSPFv3: They use different address families (OSPFv2 is for IPv4-only, OSPFv3 can be used for IPv6-only or both protocols OSPFv3 introduces new LSA types OSPFv3 has different packet format OSPFv3 uses different flooding scope bits (U/S2/S1) OSPFv3 adjacencies are formed over link-local IPv6 communications OSPFv3 runs per-link rather than per-subnet OSPFv3 supports multiple instances on a single link, Interfaces can have multiple IPv6 addresses OSPFv3 uses multicast addresses FF02::5 (all OSPF routers), FF02::6 (all OSPF DRs) OSPFv3 Neighbor Authentication done with IPsec (AH) OSPFv2 Router ID (RID) must be manually configured, still a 32-bit number

QUESTION 113 Which two options are valid WAN connectivity methods? (Choose two.) A. PPP B. WAP C. DSL D. L2TPv3 E. Ethernet

Correct Answer: AC Explanation Explanation/Reference: On each WAN connection, data is encapsulated into frames before it crosses the WAN link. The following are typical WAN protocols:1. High-level Data Link Control (HDLC): The Cisco default encapsulation type on point-to-point connections, dedicated links, and circuit-switches connections.2. PPP: Provides router-to- router and host-to-network connections over synchronous and asynchronous circuits. PPP was designed to work with several network layer protocols, including IP.3. Frame-relay: A successor to X.25. This protocol is an industry-standard, switchesdata-link layer protocol that handles multiple virtual circuits.

QUESTION 112 Which three of these statements regarding 802.1Q trunking are correct? (Choose three.) A. 802.1Q native VLAN frames are untagged by default. B. 802.1Q trunking ports can also be secure ports. C. 802.1Q trunks can use 10 Mb/s Ethernet interfaces. D. 802.1Q trunks require full-duplex, point-to-point connectivity. E. 802.1Q trunks should have native VLANs that are the same at both ends.

Correct Answer: ACE Explanation Explanation/Reference: CCNA Self-Study (ICND Exam): Extending Switched Networks with Virtual LANs

QUESTION 136 Which two statements describe characteristics of IPv6 unicast addressing? (Choose two.) A. Global addresses start with 2000::/3. B. Link-local addresses start with FE00:/12. C. Link-local addresses start with FF00::/10. D. There is only one loopback address and it is ::1. E. If a global address is assigned to an interface, then that is the only allowable address for the interface.

Correct Answer: AD

QUESTION 99 The command show frame-relay map gives the following output: Serial 0 (up): ip 192.168.151.4 dlci 122, dynamic, broadcast, status defined, active Which statements represent what is shown? (Choose three.) A. 192.168.151.4 represents the IP address of the remote router B. 192.168.151.4 represents the IP address of the local serial interface C. DLCI 122 represents the interface of the remote serial interface D. DLCI 122 represents the local number used to connect to the remote address E. broadcast indicates that a dynamic routing protocol such as RIP v1 can send packets across this PVC F. active indicates that the ARP process is working

Correct Answer: ADE

QUESTION 101 What are three reasons that an organization with multiple branch offices and roaming users might implement a Cisco VPN solution instead of point-to-point WAN links? (Choose three.) A. reduced cost B. better throughput C. broadband incompatibility D. increased security E. scalability F. reduced latency

Correct Answer: ADE Explanation Explanation/Reference: Enhance Productivity and Cut Costs Cisco VPN solutions provide exceptional security through encryption and authentication technologies that protect data in transit from unauthorized access and attacks. A Cisco VPN helps you: Use highly secure communications, with access rights tailored to individual users Quickly add new sites or users, without significantly expanding your existing infrastructure Improve productivity by extending corporate networks, applications, and collaboration tools Reduce communications costs while increasing flexibility

QUESTION 68 Which three checks must you perform when troubleshooting EIGRPv6 adjacencies? (Choose three.) A. Verify that IPv6 enabled. B. Verify that the network command has been configured. C. Verify that auto summary is enabled. D. Verify that the interface is up. E. Verify that an IPv4 address has been configured. F. Verify that the router ID has been configured.

Correct Answer: ADF

QUESTION 59 Which two statements about the spanning-tree bridge ID are true? (Choose two.) A. It is composed of a 4-bit bridge priority and a 12-bit system ID extension. B. The bridge ID is transmitted in the IP header to elect the root bridge. C. The system ID extension is a value between 1 and 4095. D. It is composed of an 8-bit bridge priority and a 16-bit system ID extension. E. The bridge priority must be incremented in blocks of 4096.

Correct Answer: AE

QUESTION 48 Which two components are used to identify a neighbor in a BGP configuration? (Choose two.) A. autonomous system number B. version number C. router ID D. subnet mask E. IP address

Correct Answer: AE Explanation Explanation/Reference: Use the show ip bgp neighbors (registered customers only) command to display information about the TCP and Border Gateway Protocol (BGP) connections and verify if the BGP peer is established. The output of the show ip bgp neighbors command below shows the BGP state as 'Established', which indicates that the BGP peer relationship has been established successfully. R1-AGS# show ip bgp neighbors | include BGP BGP neighbor is 10.10.10.2, remote AS 400, internal link BGP version 4, remote router ID 2.2.2.2 BGP state = Established, up for 00:04:20 BGP table version 1, neighbor version 1 R1-AGS# The show ip bgp neighbors command has been used above with the modifier | include BGP. This makes the output more readable by filtering the the command output and displaying the relevant parts only. In addition, the show ip bgp summary (registered customers only) command can also be used to display the status of all BGP connections, as shown below. R1-AGS(9)# show ip bgp summary BGP router identifier 10.1.1.2, local AS number 400 BGP table version is 1, main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.10.10.2 4 400 3 3 1 0 0 00:00:26 0

QUESTION 73 Which three options are types of slow VLAN connectivity? (Choose three.) A. slow broadcast domain connectivity B. slow routing domain connectivity C. slow default gateway connectivity D. slow application domain connectivity E. slow collision domain connectivity F. slow inter-VLAN connectivity

Correct Answer: AEF

QUESTION 106 Which purpose of the network command in the BGP configuration of a router is true? A. It advertises a valid network as local to the autonomous system of a router B. It enables router advertisement in the BGP routing process on the router C. It indicates whether a neighbor supports route refresh D. It advertisers any route in BGP with no additional configuration

Correct Answer: B

QUESTION 141 Select the action that results from executing these commands. Switch(config-if)# switchport port-security Switch(config-if)# switchport port-security mac-address sticky A. A dynamically learned MAC address is saved in the startup-configuration file. B. A dynamically learned MAC address is saved in the running-configuration file. C. A dynamically learned MAC address is saved in the VLAN database. D. Statically configured MAC addresses are saved in the startup-configuration file if frames from that address are received. E. Statically configured MAC addresses are saved in the running-configuration file if frames from that address are received.

Correct Answer: B

QUESTION 24 What is the default VLAN on an access port? A. 0 B. 1 C. 10 D. 1024

Correct Answer: B

QUESTION 104 Which Layer 2 protocol encapsulation type supports synchronous and asynchronous circuits and has built- in security mechanisms? A. HDLC B. PPP C. X.25 D. Frame Relay

Correct Answer: B Explanation Explanation/Reference: High-Level Data Link Control (HDLC) -HDLC is the default encapsulation type on point-to-point, dedicated links, and circuit-switched connections. It is used typically when communicating between two Cisco devices. It is a bit-oriented synchronous data link layer protocol. Point-to-Point Protocol (PPP) -Provides router-to-router and host-to network connections over synchronous and asynchronous circuits. PPP was designed to work with several network layer protocols, such as IP, and IPX. PPP also has built in security mechanisms such as PAP and CHAP X.25/Link Access Procedure, Balanced (LAPB) -ITU-T standard that defines how connections between DTE and DCE are maintained for remote terminal access and computer communications in public data networks. X.25 specifies LAPB, a data line layer protocol. X.25 is a predecessor to Frame Relay. Frame Relay -Industry standard, switched data link layer protocol that handles multiple virtual circuits. It is a next-generation to X.25 that is streamlined to eliminate some of the time-consuming processes (such as error correction and flow control) that were employed in X.25

QUESTION 13 Which statement about MPLS is true? A. It operates in Layer 1. B. It operates between Layer 2 and Layer 3. C. It operates in Layer 3. D. It operates in Layer 2.

Correct Answer: B Explanation Explanation/Reference: MPLS belongs to the family of packet-switched networks. MPLS operates at a layer that is generally considered to lie between traditional definitions of OSI Layer 2 (data link layer) and Layer 3 (network layer), and thus is often referred to as a layer 2.5 protocol.

QUESTION 7 Which spanning-tree feature places a port immediately into a forwarding state? A. BPDU guard B. PortFast C. loop guard D. UDLD E. UplinkFast

Correct Answer: B Explanation Explanation/Reference: PortFast causes a switch or trunk port to enter the spanning tree forwarding state immediately, bypassing the listening and learning states. You can use PortFast on switch or trunk ports that are connected to a single workstation, switch, or server to allow those devices to connect to the network immediately, instead of waiting for the port to transition from the listening and learning states to the forwarding state.

QUESTION 52 Which option describes a difference between EIGRP for IPv4 and IPv6? A. Only EIGRP for IPv6 advertises all connected networks. B. Only EIGRP for IPv6 requires a router ID to be configured under the routing process. C. AS numbers are configured in EIGRP but not in EIGRPv3. D. Only EIGRP for IPv6 is enabled in the global configuration mode.

Correct Answer: B Explanation Explanation/Reference: Router ID -Both EIGRP for IPv4 and EIGRP for IPv6 use a 32-bit number for the EIGRP router ID. The 32- bit router ID is represented in dotted-decimal notation and is commonly referred to as an IPv4 address. If the EIGRP for IPv6 router has not been configured with an IPv4 address, the eigrp router-id command must be used to configure a 32-bit router ID. The process for determining the router ID is the same for both EIGRP for IPv4 and IPv6.

QUESTION 102 Which command is used to enable CHAP authentication, with PAP as the fallback method, on a serial interface? A. Router(config-if)# ppp authentication chap fallback ppp B. Router(config-if)# ppp authentication chap pap C. Router(config-if)# authentication ppp chap fallback ppp D. Router(config-if)# authentication ppp chap pap

Correct Answer: B Explanation Explanation/Reference: The command "ppp authentication chap pap" command indicates the CHAP authentication is used first. If it fails or is rejected by other side then uses PAP instead. If you want to use PAP first (then CHAP) you can use the "ppp authentication pap chap" command

QUESTION 27 Which process is associated with spanning-tree convergence? A. determining the path cost B. electing designated ports C. learning the sender bridge ID D. assigning the port ID

Correct Answer: B Explanation Explanation/Reference: The three steps of STP convergence is: 1. Root Bridge election 2. Root port election 3. Designated port election.

Question 3 Which statement about the IP SLAs ICMP Echo operation is true? A. The frequency of the operation is specified in milliseconds. B. It is used to identify the best source interface from which to send traffic to a destination. C. It is configured in enable mode. D. It is used to determine the one-way delay between devices.

Correct Answer: B Explanation Explanation/Reference: This module describes how to configure an IP Service Level Agreements (SLAs) Internet Control Message Protocol (ICMP) Echo operation to monitor end-to-end response time between a Cisco router and devices using IPv4 or IPv6. ICMP Echo is useful for troubleshooting network connectivity issues. This module also demonstrates how the results of the ICMP Echo operation can be displayed and analyzed to determine how the network IP connections are performing. ICMP Echo Operation The ICMP Echo operation measures end-to-end response time between a Cisco router and any devices using IP. Response time is computed by measuring the time taken between sending an ICMP Echo request message to the destination and receiving an ICMP Echo reply. In the figure below ping is used by the ICMP Echo operation to measure the response time between the source IP SLAs device and the destination IP device. Many customers use IP SLAs ICMP-based operations, in-house ping testing, or ping-based dedicated probes for response time measurements.

QUESTION 6 What is the first step you perform to configure an SNMPv3 user? A. Configure server traps. B. Configure the server group. C. Configure the server host. D. Configure the remote engine ID.

Correct Answer: B Explanation Explanation/Reference: To configure an SNMP server user, specify an SNMP group or a table that maps SNMP users to SNMP views. Then, specify the IP address or port number for the remote SNMP agent of the device where the user resides. Also, before you configure remote users for a particular agent, configure the SNMP engine ID by using the snmp-server engineID command for the remote agent. The SNMP engine ID of the remote agent is required to compute the authentication or privacy digests for the SNMP password. If the remote engine ID is not configured first, the configuration command will fail. SUMMARY STEPS 1. enable 2. configure terminal 3. snmp-server group [group-name {v1 | v2c | v3 [auth | noauth | priv]}] [read read-view] [writewrite-view] [notify notify-view] [access access-list] 4. snmp-server engineID {local engine-id | remote ip-address [udp-port udp-port-number] [vrfvrf-name] engine-id-string} 5. snmp-server user user-name group-name [remote ip-address [udp-port port]] {v1 | v2c | v3[encrypted] [auth {md5 | sha} auth-password]} [access access-list] 6. end

QUESTION 70 From which PPPoE server configuration does a PPPoE client get an IP address? A. AAA authentication B. DHCP C. dialer interface D. virtual-template interface

Correct Answer: D

QUESTION 95 What is the advantage of using a multipoint interface instead of point-to-point subinterfaces when configuring a Frame Relay hub in a hub-and-spoke topology? A. It avoids split-horizon issues with distance vector routing protocols. B. IP addresses can be conserved if VLSM is not being used for subnetting. C. A multipoint interface offers greater security compared to point-to-point subinterface configurations. D. The multiple IP network addresses required for a multipoint interface provide greater addressing flexibility over point-to-point configurations.

Correct Answer: B Explanation Explanation/Reference: You do not have to assign a separate subnet per sub-interface. If you're using a Class A network (10.x.x.x/8), you blow the whole network on a few connections (if you used VLSM, you could use a better mask, limit the addresses used). if you used 10.0.0.0/8, you would not be assigning the entire /8 to a single network. You would select a subnet mask for the network and then, you would have to use that mask with all subnets of the network. So if you chose a /24 mask, that would mean that you would have to use a /24 mask for even point-to-point links.

QUESTION 118 Which command allows you to verify the encapsulation type (CISCO or IETF) for a Frame Relay link? A. show frame-relay lmi B. show frame-relay map C. show frame-relay pvc D. show interfaces serial

Correct Answer: B Explanation Explanation/Reference: map will show frame relay encapsulation (cisco or ietf) show frame-relay map" will show frame relay encapsulation type (CISCO or IETF)

QUESTION 89 What are two enhancements that OSPFv3 supports over OSPFv2? (Choose two.) A. It supports up to 2 instances of OSPFv3 over a common link. B. It can support multiple IPv6 subnets on a single link. C. It routes over links rather than over networks. D. It requires the use of ARP. E. It supports IPv6 with MD5 authentication.

Correct Answer: BC

QUESTION 116 What are two characteristics of Frame Relay point-to-point subinterfaces? (Choose two.) A. They create split-horizon issues. B. They require a unique subnet within a routing domain. C. They emulate leased lines. D. They are ideal for full-mesh topologies. E. They require the use of NBMA options when using OSPF.

Correct Answer: BC Explanation Explanation/Reference: Configuring Frame Relay Subinterfaces On partially meshed Frame Relay networks, the problem of split horizon can be overcome by using Frame Relay subinterfaces. Frame Relay provides a mechanism to allow a physical interface to be partitioned into multiple virtual interfaces. In a similar way, using subinterfaces allows a partially meshed network to be divided into a number of smaller, fully meshed point-to-point networks. Generally, each point-to-point subnetwork is assigned a unique network address. This allows packets received on one physical interface to be sent out from the same physical interface, albeit forwarded on VCs in different subinterfaces. There are two types of subinterfaces supported by Cisco routers: point-to-point and multipoint subinterfaces.

QUESTION 117 Which two statements about using the CHAP authentication mechanism in a PPP link are true? (Choose two.) A. CHAP uses a two-way handshake. B. CHAP uses a three-way handshake. C. CHAP authentication periodically occurs after link establishment. D. CHAP authentication passwords are sent in plaintext. E. CHAP authentication is performed only upon link establishment. F. CHAP has no protection from playback attacks.

Correct Answer: BC Explanation Explanation/Reference: Understanding and Configuring PPP CHAP Authentication One-Way and Two-Way AuthenticationCHAP is defined as a one-way authentication method. However, you use CHAP in both directions to create a two-way authentication. Hence, with two-wayCHAP, a separate three-way handshake is initiated by each side. In the Cisco CHAP implementation, by default, the called party must authenticate the calling party (unless authentication is completely turned off). Therefore, a one-way authentication initiated by the called party is the minimum possible authentication. However, the calling party can also verify the identity of the called party, and this results in a two-way authentication. One-way authentication is often required when you connect to non-Cisco devices.

QUESTION 137 What are three features of the IPv6 protocol? (Choose three.) A. optional IPsec B. autoconfiguration C. no broadcasts D. complicated header E. plug-and-play F. checksums

Correct Answer: BCE

QUESTION 96 Which two statistics appear in show frame-relay map output? (Choose two.) A. the number of BECN packets that are received by the router B. the value of the local DLCI C. the number of FECN packets that are received by the router D. the status of the PVC that is configured on the router E. the IP address of the local router

Correct Answer: BD Explanation Explanation/Reference: Frame Relay Commands (map-class frame-relay through threshold ecn) Examples The following is sample output from the show frame-relay map command: Router#show frame-relay map Serial 1 (administratively down): ip 10.108.177.177 dlci 177 (0xB1,0x2C10), static, broadcast, CISCO TCP/IP Header Compression (inherited), passive (inherited)

QUESTION 100 What can be done to Frame Relay to resolve split-horizon issues? (Choose two.) A. Disable Inverse ARP. B. Create a full-mesh topology. C. Develop multipoint subinterfaces. D. Configure point-to-point subinterfaces. E. Remove the broadcast keyword from the frame-relay map command.

Correct Answer: BD Explanation Explanation/Reference: IP split horizon checking is disabled by default for Frame Relay encapsulation to allow routing updates to go in and out of the same interface. An exception is the Enhanced Interior Gateway Routing Protocol (EIGRP) for which split horizon must be explicitly disabled. Certain protocols such as AppleTalk, transparent bridging, and Internetwork Packet Exchange (IPX) cannot be supported on partially meshed networks because they require split horizon to be enabled (a packet received on an interface cannot be transmitted over the same interface, even if the packet is received and transmitted on different virtual circuits). Configuring Frame Relay subinterfaces ensures that a single physical interface is treated as multiple virtual interfaces. This capability allows you to overcome split horizon rules so packets received on one virtual interface can be forwarded to another virtual interface, even if they are configured on the same physical interface.

QUESTION 19 Which three options are the HSRP states for a router? (Choose three.) A. initialize B. learn C. secondary D. listen E. speak F. primary

Correct Answer: BDE

QUESTION 72 Which command do you enter to enable an interface to support PPPoE on a client? A. Dev1(config)# bba-group pppoe bba1 B. Dev1(config-if)# pppoe-client dial-pool-number 1 C. Dev1(config-if)# pppoe enable group bba1 D. Dev1(config-if)# pppoe enable

Correct Answer: D

QUESTION 71 Routers R1 and R2 are on the same network segment, and both routers use interface GigabitEthernet0/0. If R1 loses communication to R2, which two items should you check as you begin troubleshooting? (Choose two.) A. Verify that R2 is using 802.1q encapsulation. B. Verify that the GigabitEthernet0/0 interfaces on R1 and R2 are configured with the same subnet mask. C. Verify that the R1 GigabitEthernet0/0 interface is up and the line protocol is down. D. Verify that R1 and R2 both are using HDLC encapsulation. E. Verify that the R1 GigabitEthernet0/0 interface is up and the line protocol is up.

Correct Answer: BE

QUESTION 123 Which commands are required to properly configure a router to run OSPF and to add network 192.168.16.0/24 to OSPF area 0? (Choose two.) A. Router(config)# router ospf 0 B. Router(config)# router ospf 1 C. Router(config)# router ospf area 0 D. Router(config-router)# network 192.168.16.0 0.0.0.255 0 E. Router(config-router)# network 192.168.16.0 0.0.0.255 area 0 F. Router(config-router)# network 192.168.16.0 255.255.255.0 area 0

Correct Answer: BE Explanation Explanation/Reference: In the router ospf command, the ranges from 1 to 65535 so o is an invalid number -B is correct but A is not correct. To configure OSPF, we need a wildcard in the "network" statement, not a subnet mask. We also need to assign an area to this process -E is correct.

QUESTION 49 Which EIGRP for IPv6 command can you enter to view the link-local addresses of the neighbors of a device? A. show ipv6 eigrp 20 interfaces B. show ipv6 route eigrp C. show ipv6 eigrp neighbors D. show ip eigrp traffic

Correct Answer: C

QUESTION 64 Which feature can validate address requests and filter out invalid messages? A. IP Source Guard B. port security C. DHCP snooping D. dynamic ARP inspection

Correct Answer: C

QUESTION 66 Which command do you enter to view EIGRPv6 adjacencies? A. show ipv6 eigrp 1 interface B. show ipv6 route eigrp C. show ipv6 eigrp neighbors D. show running-configuration eigrp

Correct Answer: C

QUESTION 74 Which value can you modify to configure a specific interface as the preferred forwarding interface? A. the VLAN priority B. the hello time C. the port priority D. the interface number

Correct Answer: C

QUESTION 75 Which WAN technology uses labels to make decisions about data forwarding? A. Metro Ethernet B. Frame Relay C. MPLS D. ISDN E. VSAT

Correct Answer: C

QUESTION 9 If host Z needs to send data through router R1 to a storage server, which destination MAC address does host Z use to transmit packets? A. the host Z MAC address B. the MAC address of the interface on R1 that connects to the storage server C. the MAC address of the interface on R1 that connects to host Z. D. the MAC address of the storage server interface.

Correct Answer: C Explanation

QUESTION 53 Which component of the Cisco SDN solution serves as the centralized management system? A. Cisco OpenDaylight B. Cisco ACI C. Cisco APIC D. Cisco IWAN

Correct Answer: C Explanation Explanation/Reference: ACI is the name of Cisco's SDN solution. The component of ACI that is the centralized controller (manager) is Cisco APIC.

QUESTION 124 Which type of EIGRP route entry describes a feasible successor? A. a backup route, stored in the routing table B. a primary route, stored in the routing table C. a backup route, stored in the topology table D. a primary route, stored in the topology table

Correct Answer: C Explanation Explanation/Reference: Feasible Successors A destination entry is moved from the topology table to the routing table when there is a feasible successor. All minimum cost paths to the destination form a set. From this set, the neighbors that have an advertised metric less than the current routing table metric are considered feasible successors. Feasible successors are viewed by a router as neighbors that are downstream with respect to the destination. These neighbors and the associated metrics are placed in the forwarding table. When a neighbor changes the metric it has been advertising or a topology change occurs in the network, the set of feasible successors may have to be re-evaluated. However, this is not categorized as a route recomputation. Feasible successor is a route whose Advertised Distance (AD) is less than the Feasible Distance (FD) of the current best path. A feasible successor is a backup route, which is not stored in the routing table but, stored in the topology table.

QUESTION 97 Which protocol is an open standard protocol framework that is commonly used in VPNs, to provide secure end-to-end communications? A. RSA B. L2TP C. IPsec D. PPTP

Correct Answer: C Explanation Explanation/Reference: Internet Protocol Security (IPsec) is a technology protocol suite for securing Internet Protocol (IP) communications by authenticating and/or encrypting each IP packet of a communication session. IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session.

QUESTION 28 Which option describes the purpose of traffic policing? A. It prioritizes routing protocol traffic. B. It remarks traffic that is below the CIR. C. It drops traffic that exceeds the CIR. D. It queues and then transmits traffic that exceeds the CIR.

Correct Answer: C Explanation Explanation/Reference: Traffic policing allows you to control the maximum rate of traffic transmitted or received on an interface. Traffic policing is often configured on interfaces at the edge of a network to limit traffic into or out of the network. In most Traffic Policing configurations, traffic that falls within the rate parameters is transmitted, whereas traffic that exceeds the parameters is dropped or transmitted with a different priority.

QUESTION 31 Which protocol supports sharing the VLAN configuration between two or more switches? A. multicast B. SIP C. VTP D. split-horizon

Correct Answer: C Explanation Explanation/Reference: VTP allows a network manager to configure a switch so that it will propagate VLAN configurations to other switches in the network VTP minimizes misconfigurations and configuration inconsistencies that can cause problems, such as duplicate VLAN names or incorrect VLAN-type specifications. VTP helps you simplify management of the VLAN database across multiple switches. VTP is a Cisco-proprietary protocol and is available on most of the Cisco switches.

QUESTION 50 What are two drawbacks of implementing a link-state routing protocol? (Choose two.) A. the sequencing and acknowledgment of link-state packets B. the high volume of link-state advertisements in a converged network C. the requirement for a hierarchical IP addressing scheme for optimal functionality D. the high demand on router resources to run the link-state routing algorithm E. the large size of the topology table listing all advertised routes in the converged network

Correct Answer: CD Explanation Explanation/Reference: Link State routing protocols, such as OSPF and IS-IS, converge more quickly than their distance vector routing protocols such as RIPv1, RIPv2, EIGRP and so on, through the use of flooding and triggered updates. In link state protocols, changes are flooded immediately and computed in parallel. Triggered updates improve convergence time by requiring routers to send an update message immediately upon learning of a route change. These updates are triggered by some event, such as a new link becoming available or an existing link failing. The main drawbacks to link state routing protocols are the amount of CPU overhead involved in calculating route changes and memory resources that are required to store neighbor tables, route tables and a complete topology table.

QUESTION 110 Which two statements describe the process identifier that is used in the command to configure OSPF on a router? (Choose two.) Router(config)# router ospf 1 A. All OSPF routers in an area must have the same process ID. B. Only one process number can be used on the same router. C. Different process identifiers can be used to run multiple OSPF processes D. The process number can be any number from 1 to 65,535. E. Hello packets are sent to each neighbor to determine the processor identifier.

Correct Answer: CD Explanation Explanation/Reference: We all know that the areas can be any number from 0 to 4.2 billion and 1 to 65,535 for the Process ID. The process ID is the ID of the OSPF process to which the interface belongs. The process ID is local to the router, and two OSPF neighboring routers can have different OSPF process IDs. (This is not true of Enhanced Interior Gateway Routing Protocol [EIGRP], in which the routers need to be in the same autonomous system). Cisco IOS Software can run multiple OSPF processes on the same router, and the process ID merely distinguishes one process from the another. The process ID should be a positive integer.

QUESTION 44 Which three statements are typical characteristics of VLAN arrangements? (Choose three.) A. VLANs cannot span multiple switches. B. VLANs typically decrease the number of collision domains. C. Connectivity between VLANs requires a Layer 3 device. D. Each VLAN uses a separate address space. E. A new switch has no VLANs configured. F. A switch maintains a separate bridging table for each VLAN.

Correct Answer: CDF Explanation Explanation/Reference: By default, all ports on a new switch belong to VLAN 1 (default & native VLAN). There are also some well- known VLANs (for example: VLAN 1002 for fddi-default; VLAN 1003 for token-ring...) configured by default -> A is not correct. To communicate between two different VLANs we need to use a Layer 3 device like router or Layer3 switch. VLANs don't affect the number of collision domains, they are the same Typically, VLANs increase the number of broadcast domains. We must use a different network (orsub- network) for each VLAN. For example, we can use 192.168.1.0/24 for VLAN 1, 192.168.2.0/24 for VLAN 2 A switch maintains a separate bridging table for each VLAN so that it can send frame to ports on the same VLAN only. For example, if a PC in VLAN 2 sends a frame then the switch look-ups its bridging table and only sends frame out of its ports which belong to VLAN 2 (it also sends this frame on trunk ports) We can use multiple switches to expand VLAN.

QUESTION 61 Which three statements about HSRP operation are true? (Choose three.) A. HSRP supports only clear-text authentication. B. The HSRP virtual IP address must be on a different subnet than the routers' interfaces on the same LAN. C. The HSRP default timers are 3 second hello interval and a 10 second dead interval. D. The HSRP virtual IP address must be the same as one of the router's interface addresses on the LAN. E. The virtual IP address and virtual MAC address are active on the HSRP Master router. F. HSRP supports up to 255 groups per interface, enabling an administrative form of load balancing.

Correct Answer: CEF Explanation Explanation/Reference: The virtual MAC address of HSRP version 1 is 0000.0C07.ACxx, where xx is the HSRP group number in hexadecimal based on the respective interface. For example, HSRP group 10 uses the HSRP virtual MAC address of 0000.0C07.AC0A. HSRP version 2 uses a virtual MAC address of 0000.0C9F.FXXX (XXX:HSRP group in hexadecimal) All routers in a HSRP group send hello packets. By default, the hello timer is set to 3 seconds and the dead interval is 10 seconds. The range for HSRP version 1 is from 0 to 255. The range is for HSRP version 2 is from 0 to 4095. The default value is 0. For this question, it is assumed that Cisco is referring to HSRP version 1 as the other options are not correct.

QUESTION 133 Which command displays the CHAP authentication process as it occurs between two routers? A. debug chap authentication B. debug authentication C. debug chap ppp D. debug ppp authentication

Correct Answer: D

QUESTION 138 A router has two Fast Ethernet interfaces and needs to connect to four VLANs in the local network. How can you accomplish this task, using the fewest physical interfaces and without decreasing network performance? A. Use a hub to connect the four VLANS with a Fast Ethernet interface on the router. B. Add a second router to handle the VLAN traffic. C. Add two more Fast Ethernet interfaces. D. Implement a router-on-a-stick configuration.

Correct Answer: D

QUESTION 17 Which identification number is valid for an extended ACL? A. 1 B. 64 C. 99 D. 100 E. 299 F. 1099

Correct Answer: D

QUESTION 41 You enter the show ipv6 route command on an OSPF device and the device displays a remote route. Which conclusion can you draw about the environment? A. OSPF is distributing IPv6 routes to BGP. B. The router is designated as an ABR. C. The router is designated as totally stubby. D. OSPFv3 is in use.

Correct Answer: D

QUESTION 42 Which configuration can you apply to enable encapsulation on a subinterface? A. interface FastEthernet 0/0 encapsulation dot1Q 30 ip address 10.1.1.30 255.255.255.0 B. interface FastEthernet 0/0.30 ip address 10.1.1.30 255.255.255.0 C. interface FastEthernet 0/0.30 description subinterface vlan 30 D. interface FastEthernet 0/0.30 encapsulation dot1Q 30 ip address 10.1.1.30 255.255.255.0

Correct Answer: D

QUESTION 69 Which statement about VLAN configuration is true? A. The switch must be in config-vlan mode before you configure an extended VLAN. B. Dynamic inter-VLAN routing is supported on VLAN 2 through VLAN 4064. C. A switch in VTP transparent mode saves the VLAN database to the running configuration only. D. The switch must be in VTP server or transparent mode before you configure a VLAN.

Correct Answer: D

QUESTION 36 Which option describes how a switch in rapid PVST+ mode responds to a topology change? A. It immediately deletes dynamic MAC addresses that were learned by all ports on the switch. B. It sets a timer to delete all MAC addresses that were learned dynamically by ports in the same STP instance. C. It sets a timer to delete dynamic MAC addresses that were learned by all ports on the switch. D. It immediately deletes all MAC addresses that were learned dynamically by ports in the same STP instance.

Correct Answer: D Explanation Explanation/Reference: Rapid PVST+This spanning-tree mode is the same as PVST+ except that is uses a rapid convergence based on the IEEE 802.1w standard. To provide rapid convergence, the rapid PVST+ immediately deletes dynamically learned MAC address entries on a per-port basis upon receiving a topology change. By contrast, PVST+ uses a short aging time for dynamically learned MAC address entries. The rapid PVST+ uses the same configuration as PVST+ (except where noted), and the switch needs only minimal extra configuration. The benefit of rapid PVST+ is that you can migrate a large PVST+ install base to rapid PVST + without having to learn the complexities of the MSTP configuration and without having to reprovision your network. In rapid-PVST+ mode, each VLAN runs its own spanning-tree instance up to the maximum supported.

QUESTION 21 Which feature can you use to monitor traffic on a switch by replicating it to another port or ports on the same switch? A. copy run start B. traceroute C. the ICMP Echo IP SLA D. SPAN

Correct Answer: D Explanation Explanation/Reference: A source port, also called a monitored port, is a switched or routed port that you monitor for network traffic analysis. In a single local SPAN session or RSPAN source session, you can monitor source port traffic, such as received (Rx), transmitted (Tx), or bidirectional (both). The switch supports any number of source ports (up to the maximum number of available ports on the switch) and any number of source VLANs. A source port has these characteristics: It can be any port type, such as EtherChannel, Fast Ethernet, Gigabit Ethernet, and so forth. It can be monitored in multiple SPAN sessions. It cannot be a destination port. Each source port can be configured with a direction (ingress, egress, or both) to monitor. For EtherChannel sources, the monitored direction applies to all physical ports in the group. Source ports can be in the same or different VLANs. For VLAN SPAN sources, all active ports in the source VLAN are included as source ports.

QUESTION 103 What is the result of issuing the frame-relay map ip 192.168.1.2 202 broadcast command? A. defines the destination IP address that is used in all broadcast packets on DCLI 202 B. defines the source IP address that is used in all broadcast packets on DCLI 202 C. defines the DLCI on which packets from the 192.168.1.2 IP address are received D. defines the DLCI that is used for all packets that are sent to the 192.168.1.2 IP address

Correct Answer: D Explanation Explanation/Reference: Frame-relay map ip 192.168.1.2 202 command statically defines a mapping between a network layer address and a DLCI. The broadcast option allows multicast and broadcast packets to flow across the link. The command frame-relay map ip 192.168.1.2 202 broadcast means to mapping the distal IP 192.168.1.2 202 to the local DLCI. When the "broadcast" keyword is included, it turns Frame Relay network as a broadcast network, which can forward broadcasts.

QUESTION 1 Which protocol authenticates connected devices before allowing them to access the LAN? A. 802.1d B. 802.11 C. 802.1w D. 802.1x

Correct Answer: D Explanation Explanation/Reference: 802.1X authentication involves three parties: a supplicant, an authenticator, and an authentication server. The supplicant is a client device (such as a laptop) that wishes to attach to the LAN/WLAN. The term 'supplicant' is also used interchangeably to refer to the software running on the client that provides credentials to the authenticator. The authenticator is a network device, such as an Ethernet switch or wireless access point; and the authentication server is typically a host running software supporting the RADIUS and EAP protocols. The authenticator acts like a security guard to a protected network. The supplicant (i.e., client device) is not allowed access through the authenticator to the protected side of the network until the supplicant's identity has been validated and authorized. An analogy to this is providing a valid visa at the airport's arrival immigration before being allowed to enter the country. With 802.1X port-based authentication, the supplicant provides credentials, such as user name/password or digital certificate, to the authenticator, and the authenticator forwards the credentials to the authentication server for verification. If the authentication server determines the credentials are valid, the supplicant (client device) is allowed to access resources located on the protected side of the network.

QUESTION 108 Which PPP subprotocol negotiates authentication options? A. NCP B. ISDN C. SLIP D. LCP E. DLCI

Correct Answer: D Explanation Explanation/Reference: A protocol that establishes, configures, and tests data link connections used by the PPP Link Control Protocol offers PPP encapsulation different options, including the following: Authentication -options includes PAP and CHAP Compression -Data compression increases the throughput on a network link, by reducing the amount of data that must be transmitted. Error Detection -Quality and Magic numbers are used by PPP to ensure a reliable, loop-free data link. Multilink -Supported in IOS 11.1 and later, multilink is supported on PPP links between Cisco routers. This splits the load for PPP over two or more parallel circuits and is called a bundle.

Question 5 Which option is a benefit of switch stacking? A. It provides redundancy with no impact on resource usage. B. It simplifies adding and removing hosts. C. It supports better performance of high-needs applications. D. It provides higher port density with better resource usage.

Correct Answer: D Explanation Explanation/Reference: A stackable switch is a network switch that is fully functional operating standalone but which can also be set up to operate together with one or more other network switches, with this group of switches showing the characteristics of a single switch but having the port capacity of the sum of the combined switches.

QUESTION 115 What occurs on a Frame Relay network when the CIR is exceeded? A. All TCP traffic is marked discard eligible. B. All UDP traffic is marked discard eligible and a BECN is sent. C. All TCP traffic is marked discard eligible and a BECN is sent. D. All traffic exceeding the CIR is marked discard eligible.

Correct Answer: D Explanation Explanation/Reference: Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by the Frame Relay switch. Frames that are sent in excess of the CIR are marked as discard eligible (DE) which means they can be dropped if the congestion occurs within the Frame Relay network. Note: In the Frame Relay frame format, there is a bit called Discard eligible (DE) bit that is used to identify frames that are first to be dropped when the CIR is exceeded.

QUESTION 119 What is the purpose of Inverse ARP? A. to map a known IP address to a MAC address B. to map a known DLCI to a MAC address C. to map a known MAC address to an IP address D. to map a known DLCI to an IP address E. to map a known IP address to a SPID F. to map a known SPID to a MAC address

Correct Answer: D Explanation Explanation/Reference: Frame-Relay (a Layer 2 protocol) uses Inverse-Arp to map know Layer 2 Address (DLCI) to unknown Layer 3 Address. Dynamic Mapping Dynamic address mapping relies on the Frame Relay Inverse Address Resolution Protocol (Inverse ARP), defined by RFC 1293, to resolve a next hop network protocol address to a local DLCI value. The Frame Relay router sends out Inverse ARP requests on its Frame Relay PVC to discover the protocol address of the remote device connected to the Frame Relay network. The responses to the Inverse ARP requests are used to populate an address-to-DLCI mapping table on the Frame Relay router or access server. The router builds and maintains this address-to-DLCImapping table, which contains all resolved Inverse ARP requests, including both dynamic and static mapping entries. When data needs to be transmitted to a remote destination address, the router performs a lookup on its routing table to determine whether a route to that destination address exists and the next hop address or directly connected interface to use in order to reach that destination. Subsequently, the router consults its address-to-DLCI mapping table for the local DLCI that corresponds to the next hop address. Finally, the router places the frames targeted to the remote destination on its identified outgoing local DLCI. On Cisco routers, dynamic Inverse ARP is enabled by default for all network layer protocols enabled on the physical interface. Packets are not sent out for network layer protocols that are not enabled on the physical interface. For example, no dynamic Inverse ARP resolution is performed for IPX if ipx routing is not enabled globally and there is no active IPX address assigned to the interface. Because dynamic Inverse ARP is enabled by default, no additional Cisco IOS command is required to enable it on an interface. Example 4-16 shows the output of the show frame-relay map privileged EXEC mode command. The address to-DLCI mapping table displays useful information. The output of the command shows that the next hop address 172.16.1.2 is dynamically mapped to the local DLCI 102, broadcast is enabled on the interface, and the interface's status is currently active. NOTE After enabling Frame Relay on the interface, the Cisco router does not perform Inverse ARP until IP routing is enabled on the router. By default, IP routing is enabled on a Cisco router. If IP routing has been turned off, enable IP routing with the ip routing command in the global configuration mode. After IP routing is enabled, the router performs Inverse ARP and begins populating the address-to-DLCI mapping table with resolved entries.

QUESTION 22 What is a valid HSRP virtual MAC address? A. 0007.B400.AE01 B. 0000.5E00.01A3 C. 0007.5E00.B301 D. 0000.0C07.AC15

Correct Answer: D Explanation Explanation/Reference: Hot Standby Router Protocol Features and Functionality HSRP Addressing In most cases when you configure routers to be part of an HSRP group, they listen for the HSRP MAC address for that group as well as their own burned-in MAC address. The exception is routers whose Ethernet controllers only recognize a single MAC address (for example, the Lance controller on the Cisco 2500 and Cisco 4500 routers). These routers use the HSRP MAC address when they are the Active router, and their burned in address when they are not. HSRP uses the following MAC address on all media except Token Ring: 0000.0c07.ac** (where ** is the HSRP group number)

QUESTION 30 What is the best way to verify that a host has a path to other hosts in different networks? A. Ping the loopback address. B. Ping the default gateway. C. Ping the local interface address. D. Ping the remote network.

Correct Answer: D Explanation Explanation/Reference: Ping is a tool that helps to verify IP-level connectivity; PathPing is a tool that detects packet loss over multiple-hop trips. When troubleshooting, the ping command is used to send an ICMP Echo Request to a target host name or IP address. Use Ping whenever you want to verify that a host computer can send IP packets to a destination host. You can also use the Ping tool to isolate network hardware problems and incompatible configurations. If you call ipconfig /all and receive a response, there is no need to ping the loopback address and your own IP address --Ipconfig has already done so in order to generate the report. It is best to verify that a route exists between the local computer and a network host by first using ping and the IP address of the network host to which you want to connect. The command syntax is: ping < IP address > Perform the following steps when using Ping: Ping the loopback address to verify that TCP/IP is installed and configured correctly on the local computer. ping 127.0.0.1 If the loopback step fails, the IP stack is not responding. This might be because the TCP drivers are corrupted, the network adapter might not be working, or another service is interfering with IP. Ping the IP address of the local computer to verify that it was added to the network correctly. Note that if the routing table is correct, this simply forwards the packet to the loopback address of 127.0.0.1. ping < IP address of local host > Ping the IP address of the default gateway to verify that the default gateway is functioning and that you can communicate with a local host on the local network. ping < IP address of default gateway > Ping the IP address of a remote host to verify that you can communicate through a router. ping < IP address of remote host > Ping the host name of a remote host to verify that you can resolve a remote host name. ping < Host name of remote host > Run a PathPing analysis to a remote host to verify that the routers on the way to the destination are operating correctly. pathping < IP address of remote host >

QUESTION 8 How can you disable DTP on a switch port? A. Configure the switch port as a trunk. B. Add an interface on the switch to a channel group. C. Change the operational mode to static access. D. Change the administrative mode to access.

Correct Answer: D Explanation Explanation/Reference: Switchport Mode Access: This puts the interface (ACCESS PORT) into a PERMANENT NON-TRUNKING mode and negotiates to convert the link into a NON-TRUNK link. The port would be a dedicated Layer 2 access port! Switchport Nonegotiates: Prevents the interface from generating DTP Frames. You can use this command only when the interface switchport mode is (ACCESS/TRUNK).

QUESTION 15 Which two switch states are valid for 802.1w? (Choose two.) A. listening B. backup C. disabled D. learning E. discarding

Correct Answer: DE Explanation Explanation/Reference: Port States There are only three port states left in RSTP that correspond to the three possible operational states. The 802.1D disabled, blocking, and listening states are merged into a unique 802.1w discarding state.

QUESTION 67 What is the default encapsulation type for Cisco WAN serial interfaces? A. GRE B. PPP C. Frame Relay D. IEEE 802.1Q E. HDLC

Correct Answer: E

QUESTION 45 Which statement about slow inter-VLAN forwarding is true? A. The VLAN is experiencing slowness in the point-to-point collisionless connection. B. The VLANs are experiencing slowness because multiple devices are connected to the same hub. C. The local VLAN is working normally, but traffic to the alternate VLAN is forwarded slower than expected. D. The entire VLAN is experiencing slowness. E. The VLANs are experiencing slowness due to a duplex mismatch.

Correct Answer: E Explanation Explanation/Reference: Common Causes of Slow IntraVLAN and InterVLAN Connectivity The symptoms of slow connectivity on a VLAN can be caused by multiple factors on different network layers. Commonly the network speed issue may be occurring on a lower level, but symptoms can be observed on a higher level as the problem masks itself under the term "slow VLAN". To clarify, this document defines the following new terms: "slow collision domain", "slow broadcast domain" (in other words, slow VLAN), and "slow interVLAN forwarding". These are defined in the section Three Categories of Causes, below. In the following scenario (illustrated in the network diagram below), there is a Layer 3 (L3) switch performing interVLAN routing between the server and client VLANs. In this failure scenario, one server is connected to a switch, and the port duplex mode is configured half-duplex on the server side and full- duplex on the switch side. This misconfiguration results in a packet loss and slowness, with increased packet loss when higher traffic rates occur on the link where the server is connected. For the clients who communicate with this server, the problem looks like slow interVLAN forwarding because they do not have a problem communicating to other devices or clients on the same VLAN. The problem occurs only when communicating to the server on a different VLAN.Thus, the problem occurred on a single collision domain, but is seen as slow interVLAN forwarding. Three Categories of Causes The causes of slowness can be divided into three categories, as follows: Slow Collision Domain Connectivity Collision domain is defined as connected devices configured in a half-duplex port configuration, connected to each other or a hub. If a device is connected to a switch port and full-duplex mode is configured, such a point-to-point connection is collisionless. Slowness on such a segment still can occur for different reasons. Slow Broadcast Domain Connectivity (Slow VLAN) Slow broadcast domain connectivity occurs when the whole VLAN (that is, all devices on the same VLAN) experiences slowness. Slow InterVLAN Connectivity (Slow Forwarding Between VLANs) Slow interVLAN connectivity (slow forwarding between VLANs) occurs when there is no slowness on the local VLAN, but traffic needs to be forwarded to an alternate VLAN, and it is not forwarded at the expected rate. Causes for Network Slowness Packet Loss In most cases, a network is considered slow when higher-layer protocols (applications) require extended time to complete an operation that typically runs faster. That slowness is caused by the loss of some packets on the network, which causes higher-level protocols like TCP or applications to time out and initiate retransmission. Hardware Forwarding Issues With another type of slowness, caused by network equipment, forwarding (whether Layer 2 [L2] or L3) is performed slowly. This is due to a deviation from normal (designed) operation and switching to slow path forwarding. An example of this is when Multilayer Switching (MLS) on the switch forwards L3 packets between VLANs in the hardware, but due to misconfiguration, MLS is not functioning properly and forwarding is done by the router in the software (which drops the interVLAN forwarding rate significantly).


Set pelajaran terkait

Quiz 2 in Capsim Capstone MAN4900

View Set

Ch. 70 Test Q's: degenerative disc dz and herniation of cervical and lumbar spine

View Set

Chapter VII Insurance Regulations (22 Exam Questions)

View Set