Encor Book

Ace your homework & exams now with Quizwiz!

What is the SaltStack GUI called

SynDic

Etherchannel common setting issues

Type/mode/native vlan/allowed vlan/speed/duplex/mtu/load intereval/storm control

How to enable UDLD globally

UDLD enable

How to set the VTP Version

VTP Version ""

What type of quote is used around a key / value

"

What does RID stand for with OSPF

Router ID

Ebgp AD

20

What is the language associated with Chef?

Ruby

What is Chef written in

Ruby and Erlang

What is DSL based on

Ruby mostly

How to see NTP Seettings

Show ntp status

What does TCI stand for

Tag Control Information

What does TPID stand for

Tag protocol Identifier

TPID

Tag protocol identifier

How many AVF and AVG can you have in one GLBP?

4 AVF, 1 AVG, can colocate

System Priority

4 bit value - preference for a switch to be root

What is the code for Bad Request

400

What is the HTTP status code for Unauthorized?

401

What is the code for Unauthorized

401

What is the RFC for MGBP

4760

10. Which of the following UDP ports is the UDP port officially assigned by the IANA for VXLAN?

4789

How to verify adjacencies

Sh ip ospf neighbor

What is the major difference between eBGP and iBGP

One is for routing inside an AS, one is for routing with other AS

How often are keepalives sent

One third of the time of a Hold timer

Which of the following transmission methods is multicast known for?

One-to-many

Common Loop Causers

STP Disabled / Load Balancer Misconfigured / Bridged ports on vSwitch / Hubs

EIGRP uses a reference bandwidth of ________ with the default metrics.

10 Gbps

Downside of a QoS Policer

Causes retransmits, best for voice

What is a Protocol Independent Multicast

Multicast that works with any unicast protocol

Show OSPFV3 inteface status

Show ospf3 interface gigabitethernet 0/1

How to see OSPFV3 interface status

Show ospfv3 interface

Show PID/Cost/State

Show ospfv3 interface brief

How to show OSPFV3 Adjacency

Show ospfv3 ipv6 neighbor

How to see traffic between zone pairs

Show policy-map inspect zone-pair

Display STP Root Bridge and Cost

Show spanning-tree "vlan"

How to see MST info on an instance

Show spanning-tree mst "instance"

How to see instance / vlan MST config

Show spanning-tree mst configuration

How to see MST settings for in interface

Show spanning-tree mst interface gig ""

How to view status of HSRP

Show standby 10

How to show established BGP connections

Show tcp brief

Command to see tracking configured

Show track

How to show UDLD settings

Show udld

Command to see VRRP status

Show vrrp

How to show VTP Version and Domain Name an Mode and number of VLAN's

Show vtp status

What does BPDU guard do

Shuts down ports configured with Portfast when they receive a BPDU

How to calculate SNR

Signal - noise floor

AMP Cloud

Signature Based

Set MST Root with Script

Spanning-tree mst "instance" root {primary / secondary}

How to enable BPDU Guard Globally

Spanning-tree portfast bpduguard default

How to enable Portfast globally

Spanning-tree portfast default

How to set STP max age

Spanning-tree vlan "" max-age

How to verify an OSPF P2P interface

Show ip ospf interface s0/1| include type

OSPF Ethernet Cost

10

What does AFI stand for

Address Family

What RFC defines OSPF

ABR

Algorithm run by OSPF

Dijkstra / SPF

What are the two packet header types for IPSEC

Auth header / encap sec payload (ESP)

What are the two models of underlay

Automation / Manual

IPSec Encryptions

DES/3DES/AES/MD5/SHA/DH/RSA/PSK

What does DSSS stand for

Direct Swequence Spread Spectrum

802.1x components

EAP / EAP Method / EAPoL / Radius

2 color types of traffic

Exceed / Conform

How to manage Firepower FTD

FMC / FDM

Who assigns ASN's

IANA

Three kinds of Fabric Border Nodes

Internal Default (Outside) Internal and Default

Model best for Voice / Video

IntServ

OSPF V3 LSA Type 9

Intra-area prefix

What does LLQ stand for in QoS

Low-latency queuing

MSP stands for

Multiple Spanning-Tree Protocol

Link State Protocol

OSPF

What tests can you do under "Client Test"

Ping, Connection, Packet Capture, Event Log

What RFC defines global commnities

RFC 1997

What is SE-Connect

Spectrum Analysis with 3rd party

What is the Threat Grid?

The Cisco sandbox malware analysis solution

How are multiple metrics summarized in OSPF

The lowest Metric is taken

What does Drop Eligible Indicator mean

The packet can be dropped if needed

How to stop debugging globally

Undebug all

Versions of VRRP

Version 2 and Version 3 (ipv6)

Why the heck would you use SXP

Your shit doesn't support inline of course dummy

What is the advertised network for the loopback interface with IP address 10.123.4.1/30?

10.123.4.1/32

Examples of a Prefix Match

10.168.0.0/13 ge 24 10.0.0.0/8 ge 22 le 26

Which network prefixes match the prefix match pattern 10.168.0.0/13 ge 24? (Choose two.)

10.168.0.0/24

What seperates a Key from its Value

": " without the quotes

Which of the following is a YAML example?

# HR Employee record Employee1: Name: John Dough Title: Developer Nickname: Mr. DBug

What are some NFV's

(Cloud Service Router) CSR 1000V (Cloud System Platform) CSP 2100 ISRv NGFWv ASAv

Consider a scenario with a transmitter and a receiver that are separated by some distance. The transmitter uses an absolute power level of 20 dBm. A cable connects the transmitter to its antenna. The receiver also has a cable connecting it to its antenna. Each cable has a loss of 2 dB. The transmitting and receiving antennas each have a gain of 5 dBi. What is the resulting EIRP?

+23 dBm

What symbol ends a line with a key/value

,

Type 4 LSA

ASBR Summary - Summary LSA for a ASBR

When it is 1/10 the original power how many DB is it

-10

When the power is halved, what is the DB decrease

-3

OSPF automatically assigns a link cost to an interface based on a reference bandwidth of ___________.

100 Mbps

What is the longest prefix typically accepted by an ISP

/24

Connected AD

0

What is the instance number for an IST

0

How is Air Quality Rated

0 - 100, 100 being best

Three default priv levels

0 / 1 / 15

Two transmitters are each operating with a transmit power level of 100 mW. When you compare the two absolute power levels, what is the difference in dB?

0 dB

What range is RSSI

0 to 255, 255 is weakest

Types of Cisco Passwords

0,5,7,8,9

Which password types are not secure

0,7

Multicast MAC address starts with what address

01:00:5E

The first 24 bits of a multicast MAC address always start with ______.

01:00:5E

What is the MacSec ethernet type

0x88e5

How many ACL per interface on router

1

OSPF 10GigE Cost

1

OSPF FE Cost

1

OSPF GigE Cost

1

Static AD

1

What is the default TTL for eBGP

1

How much does a QoS token represent by default

1 byte or 8 bits

Allowed ACL numbers

1-199 / 2000 - 2699

What is the max recommended RTT for an AP and Controller

100ms

What is the default PIM-SM Hello time

105 seconds

OSPF AD

110

IS-IS AD

115

System ID Extension

12 bit value - VLAN that BPDU correlates to Switch Identification

RIP AD

120

What port is used by NTP

123

Using default settings, how long does a port stay in the listening state?

15 seconds

What is the recommended max latency for realltime traffic

150ms

How many MST instances can a cisco switch support

16

How many VLAN's can VXLAN have

16 Million

What fields does MacSec add

16 byte ICV

AS Numbers - How many bits

16 originally, then 32

EIGRP (External) AD

170

What port does BGP and MBGP use for session peering

176

What port does BGP use to communicate?

179

BGP Default Hold Time

180 Seconds

When does a router OSPF LSA age require a re-advertisement?

1800 Seconds

Port for Radius

1812 / 1813

RFC for VPN

1918

Cisco AP's can function in how many modes

2

How many tiers in OSPF

2

Is PFS Phase 1 or Phase 2

2

How many bits are TPID / TCI

2 and 2 bytes

What is the actual wavelength of 2.4

2.412 - 2.4835Ghz

None of these answers are correct; you need a calculator to fi gure this out. Transmitter A has a power level of 1 mW, and transmitter B is 100 mW. Compare transmitter B to A using dB, and then identify the correct answer from the following choices.

20 dB

What is the code for OK

200

iBGP AD

200

When was N released

2009

What is the code for Created

201

When was AC released

2013

OSPF Multicast IP Address

224.0.0.5

OSPF ALLDRouters Multicast

224.0.0.6

Which of the following multicast address ranges match the administratively scoped block? (Choose two.)

239.0.0.0 to 239.255.255.255 239.0.0.0/8

Default IKE phase 1 lifetime

24 hours

The IP translation table times out and clears dynamic TCP connection entries from the translation table after how long?

24 hours

Default setting from STP script for Primary/Secondary

24577/28673

RFC for Single-rate three-color poilcer

2697

A transmitter is configured to use a power level of 17 mW. One day it is reconfigured to transmit at a new power level of 34 mW. How much has the power level increased, in dB?

3 dB

How frequently does PIM-DIM prune

3 minutes

802.1W vs D Port Roles

3 vs 4

What is the default PIM-SM DR Hold Time

3.5 Seconds

How frequent do CAPWAP heartbeats get sent

30 sec

How many bits is the Area ID in OSPF

32

How many bits is the MED

32

A centralized wireless network is built with 1 WLC and 32 lightweight APs. Which one of the following best describes the resulting architecture?

32 CAPWAP tunnels—1 tunnel from the WLC to each AP, with no IP subnet restrictions

What RFC defines OSPF

3509

The original 802.1D specification assigns what value to a 1 Gbps interface?

4

What is the code for Forbidden

403

What is the code for Not Found

404

A switch's STP priority can be configured in increments of ______.

4096

What is the DHCP Option for WLC discovery

43

What is the destination UDP port used by the LISP data plane?

4341

Port for Tacacs

49 TCP

EIGRP Summary AD

5

Which password type can only be cracked by brute force

5

The default EIGRP hello timer for a high-speed interface is ______.

5 seconds

Port used by IKEv1

500 UDP

802.1D vs W port states

6 vs 3

Min messages for IKEv1 vs V2

6/9 vs 4

How often does a C-RP announce its willingness by default?

60 sec

OSPF T1 Cost

64

Which of the following autonomous systems are private? (Choose two.)

64,512-65,535 4,200,000,000-4,294,967,294

Private ASN numbers

64512 - 65535 (16 bit), 4200000000 - 4294967294 (32 bit)

What else does AX bring

6Ghz, ability to transmit during same window of airtime

How many levels of priority in a PCP field

7, which is the highest

What RFC for IKEv2

7296

What's the 801.whatver for Macsec?

802.1AE

Types of Spanning Tree

802.1D PVST PVST+ RSTP MST

What iEEE spec is for the PCP Field

802.1p

Etherchannel Protocol

802.3AD

EIGRP uses the protocol number _______ to identify its packets.

88

OSPF V3 LSA Protocol ID

89

OSPF uses the protocol number ___________ for its inter-router communication

89

EIGRP (internal) AD

90

What RFC introduced NTP

958

What's a Drother

A DR-Enabled segment that is not the DR or BDR

What is an OSPF Area

A Logical grouping of router interfaces

What is First-Hop redundancy protocol

A VIP for a gateway on a team of routers or switches

You can run the WLC where

A WLC, a Switch, an AP

What is an Autonomous System?

A collection of routers under an org control

Which static route should be used to avoid unintentional forwarding paths with an Ethernet link failure?

A fully specified static route

What's a collection

A group of API's

What is an atomic-aggregate in BGP

A loss of routes due to summarization

What is a QoS Trust Boundry

A place where QoS classification / marking takes place

What is a virtual machine?

A software emulation of a physical server with an operating system

What is a virtual switch (vSwitch)?

A software version of a physical Layer 2 switch

VTP Off

A switch does not participate in VTP advertisements and does not forward them out of any ports either. VLANs are configured only locally

What happens to a switch port when a BPDU is received on it when BPDU guard is enabled on that port?

A syslog message is generated, and the port is shut down.

What is a Token Bucket in QoS

A way of granting a certain amount of tokens of bandwidth

What is Object Tracking

A way to track objects on network and take certain actions when something changes

Why are IS-IS and IGP recommended for SD-Access

Agnostic treatment of IPV4 vs IPV6 / no IP-Dependency for neighbor adjacency

Which routers in an OSPF area maintain a copy of the LSDB?

All

Two roles of GLBP

AVG / AVF

What amendment supported up to 1.2Gbps per spacial stream

AX

How to put in-place once added a AAA server

Aaa authorization exec Aaa authorization console

How to create an AAA group

Aaa group server tacacs+ Server name boom

Which Auth WPA modes support PSK and Enterprise?

All 3

Which of the following are features that can be disabled to improve the overall security posture of a router?

CDP LLDP

What is the name of an Area Router connected to the backbone

ABR

What's needed for COPP Policing

ACL / Policy Map / Class Map

Best Encryption Alt

AES

What comprises an address family

AFI + SAFI

Example of a QoS Markdown

AFx1 downgraded to AFx2

What is GTA

AKA CTA, or Cognitive Threat analytics, it analyzes web traffic and other data to identify sensitive data

What is the only tool useful throughout the entire attack continuum?

AMP

Some other IPS capabilities

API / Snort / ISE Integration / HA / Talos

OSPF V3 LSA Type 5

AS External - Redistribution

Type 5 LSA

AS External - Routes from outside OSPF that are being redistributed

BGP Path attributes

AS-Path, MED, Origin, Next Hop, Local Pref, Atomic Aggregate, Aggregator

What software is supported by Firepower appliances

ASA Image / NGIPS / FTD

Key Differentiator of TaCACS+ to Radius

Able to separate Auth and Authorization, can authorize repeatedly during a session

Heirarchical layers

Access / Distribution / Core

What is an ACE as it relates to an ACL

Access Control Entry

What two things does a Lightweight AP require

Access Layer switch access, WLC connectivity

Which of the following AAA functions can help log the commands executed by a user on a network device?

Accounting

Fifth BGP Step

Activate Address Fam for Neighbor - neighbor ip-address activate

What does AVF stand for

Active Virtual Forwarder

What does AVG stand for

Active Virtual Gateway

How to calculate connection score on WLC

Actual connection rate divided by potential

Where do you chain multiple VNF together in ENFV?

Add Services window

Well how do we get it to include that

Add encapsulation replicate to the end

OSPF V3 Step 4

Address-family "ipv6/ipv4

What 3 tables used by BGP

Adj-RIB-In / Loc-RIB / Adj-RIB-Out

What's the downside of staticly setting the RP?

Admin Overhead

After attack tools

Advanced Malware Protection / Behavior Analysis / Security Analytics

Before the attack tools

Advanced Malware Protection / NGFW / NAC

WTF is Puppet Bolt

Agentless version of Puppet

What does LISP address

Agg / routing / multi-homing

How to prevent loopbacks or other networks from being distributed via BGP

Aggregate address 192.168.0.0 255.255.0.0 summary only

How to do route summarization on BGP for IPV4 and IPV6

Aggregate-address 192.168.0.0 255.255.0.0

What is Yang format

All curly, but structured kind of like XML, but it is heirarchical

What is shown in the "Mobility State"?

All devices in chain, IP's, wifi type, Model Numbers, AP number, WLC

One main benefit of EEM

All in one device

Which of the four methods of BGP Route Policy Processing use an implicit deny?

All of them

What happens when the route map route-map QUESTION permit 20 does not contain a conditional match statement?

All routes are accepted.

When PSK authentication is used on a WLAN, without the use of an ISE server, which of the following devices must be configured with the key string? (Choose two.)

All wireless clients

QAM alters which of the following aspects of an RF signal? (Choose two.)

Amplitude Phase

Which one of the following has the shortest effective range in free space, assuming that the same transmit power level is used for each?

An 802.11a device

What is the safest way to configure SNMP

An ACL

What is a clean air interferer

An AP that is generating interference

What is the most resiliant design for MultiHoming

An IBGP between two internal routers in one AS, two external routers each with their own AS

Which of the following unique features is true in an embedded wireless network architecture?

An access layer switch can also function as a WLC.

What is a BGP Community

An additional capacity for tagging routes

What is unplanned internal transit connectivity

An internal router serving as a jump point for another internal router that was unexpected

What is a container?

An isolated environment where containerized applications run

A client roams from controller A to controller B. If it undergoes a Layer 3 roam, which one of the following best describes the role of controller A?

Anchor controller

What AP info can you see

CDP Data, IP, State, Connections, Status, Air Quality, Capabilities speed, Mac, Serial, Usage etc.

Which of these tools are agentless in operation? (Choose three.)

Ansible Puppet Bolt Salt SSH

What configuration management software is built on Python? (Choose two.)

Ansible SaltStack

Ansible CLI Commands

Ansible / Ansible-playbook / sansible-docs / ansible-pull / ansible-vault

Token Bucket Algorithms

CIR, TC, BCC, Token, Token Bucket

How to manage ASA

CLI/CSM/ASDM/CDO

What is in IKEv2 IKE_Auth

Certificates and Identities, established IKE SA, MM5-MM6 and QM1-QM2

What does Online mean in WLC Status for a client

Device has passed Layer 2 and Layer 3 shtufff

What is the authenticator

Device providing access

What is the Supplicant

Device requesting access

Common EAP methods

Challenge-based / TLS / Tunneled / Inner

Why would you clear BGP

Change in routes needs to be reset

What do the Tabs in Postman do

Each can be a different API call to a different device, or the same device

True or false: In a large Layer 2 switch topology that is running RSTP, the infrastructure must fully converge before any packets can be forwarded.

False

True or false: In a large Layer 2 switch topology, the infrastructure must fully converge before any packets can be forwarded.

False

True or false: OSPF is only enabled on a router interface by using the command network ip-address wildcard-mask area area-id under the OSPF router process.

False

True or false: OSPF uses the shortest total path metric to identify the best path for every internal OSPF route (intra-area and interarea).

False

True or false: OSPFv3 support for IPv4 networks only requires that an IPv4 address be assigned to the interface and that the OSPFv3 process be initialized for IPv4.

False

True or false: On a brand-new router installation, OSPFv3 requires only that an IPv6 link-local address be configured and that OSPFv3 be enabled on that interface to form an OSPFv3 neighborship with another router.

False

True or false: Only a single vSwitch is supported within a virtualized server.

False

True or false: Python is considered one of the most difficult programming languages to learn and adopt.

False

Where should traffic be classified

Close to the edge

What does the Web Security Appliance do during an attack

Cloud Access Security (broker) / Parallel AV Scanning / File Reputation / DLP

What can Ansible Do

Cloud Provisioning / Deployment of Apps / Config Management

What does Root Guard do

Configured at the port level, prevents a switch from becoming root

When does BGP do a 3-way handshake?

Connect

What does a Fabric Border Node do

Connect L3 networks to fabric

How are multiple radios used

Connect multiple users, or team-up on single users

True or false: SD-WAN only works over the Internet or MPLS networks.

False

True or false: SGT tags extend all the way down to the endpoints.

False

True or false: The DiffServ field is an 8-bit Differentiated Services Code Point (DSCP) field that allows for classification of up to 64 values (0 to 63).

False

What happens to existing passwords when you type service password encryption

Nada

True or false: The IPv4 address family must be initialized to establish a BGP session with a peer using IPv4 addressing.

False

True or false: The MST configuration version is locally significant

False

True or false: The MST root bridge advertises the VLAN-to-instance mappings to all other MST switches.

False

True or false: The OSPF process ID must match for routers to establish a neighbor adjacency

False

True or false: The VXLAN header used for SD-Access is exactly the same as the original VXLAN header.

False

True or false: The VXLAN specification defines a data plane and a control plane for VXLAN.

False

True or false: The advertised path cost includes the advertising link's port cost as part of the configuration BPDU advertisement.

False

How to use a route map on a neighbor

Neighbor 10.10.20.50 route-map filter5 in

True or false: The command aaa authorization exec default group ISE-TACACS+ if-authenticated enables authorization for all terminal lines on the router, including the console line.

False

How to enable Communities in BGP

Neighbor ip-address send-community standard

True or false: The router with the highest IP address is the designated router when using a serial point-to-point link.

False

What is Recursive Routing

OSPF advertising the tunnel endpoint address across the tunnel

True or false: The vSmart controller establishes permanent and IPsec connections to all SD-WAN routers in the SD-WAN fabric.

False

True or false: Traffic classification should always be performed in the core of the network.

False

True or false: When an ABR receives a network LSA, the ABR forwards the network LSA to the other connected areas.

False

field that allows for classification of up to 64 values (0 to 63).

False

Will Equal Cost Multipathing only LB across the same protocol?

False, beoch

802.11R does what

Fast Roaming, pre-authenticates with nearby AP's in prep for a roam

Benefit of PAgP Non-Silent Mode

Faster

Commands to enable VRRP

Fhrp version vrrp v3 Vrrp 57 ipv4 Address 192.168.1.1 Priority 110 (optional) Track 57 decrement (optional)

The 16-bit TCI field is composed of which fields? (Choose three.)

Priority Code Point (PCP) Drop Eligible Indicator (DEI) VLAN Identifi er (VLAN ID)

Steps for a GRE tunnel

Interface tunnel 10 Tunnel source ethernet 1/1 Tunnel destination 64.150.12.252 Ip address 120.20.102.124 255.255.255.255 Bandwidth 10000 Keepalive 10

RFP Interface

Interface with lowest metric cost

How to enable Loop Guard

Interface\Spanning-tree guard loop

How to set port priority MST

Interface\Spanning-tree mst 0 port-priority 64

How to assign an interface to a security zone

Interface\Zone-member security outside

Configure OSPF on IOS for a specific interface

Interface\gigabitethernet Ip address 10.0.0.1 255.255.255.0 Ip ospf 1 area 1

How to set interface priority

Interface\ip ospf priority 255

How to set LACP port priority

Interface\lacp port-priority 1

Can you combine CBWFQ and LLQ

Hell yeah brother

OSPF V2/V3 Packet Types

Hello / Database Description / Link-state Request / Link-state Update / Link-state Ack

PIM Messages

Hello / Register / Register Stop / Join/Prune / Bootstrap / Assert / Candidate RP / State Refresh / DF Election

How to set OSPFV3 to P2p

Interface\ospfv3 network point-to-point

How to configure PAT

Ip nat inside source list acl interface ethernet1/1 (overload)

5 Types of OSPF Packets

Hello, Database Description (DBD/DPD), Link-State Request (LSR), Link-State update (LSU), Link-State ack

EIGRP Packet Types

Hello, Request, Update, Query, Reply

Virtual routing and forwarding (VRF) is useful with _____ addresses.

IPv4 and IPv6

The OSPFv3 hello packet uses the ___________ for the destination address.

IPv6 address FF02::5

How to configure pooled nat

Ip nat pool nat-pool10 192.168.1.10 192.168.1.20 prefix-length 24

How to set OSPF Dead-interval

Ip ospf dead-interval (seconds)

Which of the following parameters is useful for computing a client device's location with respect to an AP?

RSS

Prefix List example

Ip prefix-list inbound-prefix 1 permit 10.0.0.0/8 ge 22 le 26 Ip prefix-list RFC1918 seq 5 permit 192.168.0.0/13 ge 32

How to setup IP-SLA

Ip sla 1 Icmp-echo 192.168.1.1 source-interface loopback 0 End

How to schedule ip-sla

Ip sla schedule 5 life 300 start-time 10:10:5

OSPF V3 Step 1-3

Ipv6 unicast-routing Router ospfv3 Router ID

What happens if you choose both WPA and WPA2

Backwards Compatible

3 Leading cuases of quality issues

Bandwidth Latency / jittter Packet loss

What was Talos comprised from

Ironport / Sourcefire VRT, Cisco Threat Research Analysis and Com TRAC

What are antenna compared with

Isotropic antenna

How do location services work

RSS (Received Signal Strength) and Fingerprinting

How to show Etherchannel running L3 Up

RU - Routing / Up

Script to simplify root bridge set

Spanning-tree vlan "" root "primary/secondary" diameter

BPDU

Bridge Protocol Data Unit

What attributes are used to elect a root bridge?

Bridge priority

What is the LSA age field in the LSDB used for?

To age out old LSAs by removing an LSA when it reaches 3600 seconds

How are L2 QOS Marked

COS bits

What does CRUD stand for?

CREATE, READ, UPDATE, DELETE

What is the DevNet Community page used for? (Choose two.)

To ask questions To access DevNet ambassadors and evangelists

Which of the following best describe the hierarchical LAN design model? (Choose all that apply.)

It allows for easier troubleshooting. It is highly scalable. It provides a simplifi ed design. It offers improved performance. It allows for faster problem isolation.

What happens to a Type 1 LSA when it crosses into another area

It gets converted into a Type 3 LSA

STP Convergance Time on a down link

Max Age timer 20, BPDU 2, Listening State 15, Learning State 15 - 52 sec total

Max Age

Max age before a bridge port saves its BPDU Default 20

What is the main function of the vBond orchestrator?

To authenticate the vSmart controllers and the SD-WAN routers and orchestrate connectivity between them

Which are Cisco DNA Center components? (Choose three.)

Assurance Design Provision

In Python, why would you use three quotation marks in a row? (Choose two.)

To begin a multiple-line string To end a multiple-line string

How do you shortcut 0.0.0.0 255.255.255.255 in an ACL

Any

What does ASIC stand for in SD-Access

Application-specific Integration Circuits

How does IntServ work

Applications signal their requirements to the network

What is the last step in configuring Netflow

Apply it to an interface

How to do filtering with summarization

Area "area ID" range "network/mask" not-advertise

How to do Area Filtering

Area "area-id" filter-list prefix "prefix list name" in/out

Command to do interarea summarizaiton

Area "area-id" range network subnet-mask cost "metric"

What does ISE do for this whole shitshow

Aside from standard ISE stuff, group-based policy programming, Scallable group assignment, info to NCP/NDP

A Cisco WLC is configured for 802.1x authentication, using an external RADIUS server. The controller takes on which one of the following roles?

Authenticator

Which of the following is a group-to-RP mapping mechanism developed by Cisco?

Auto-RP

How to set a higher cost metric for OSPF

Auto-cost reference-bandwidth mbps

Ways that AP's can failover

Automatically Config secondary/tertiary (more controlled)

What is an Anchor in a WLC

Automatically chosen, it's the controller to which you associate, can be chosen i/e. for guest

Benefits of SD-Access

Automation, Network Assurance and Analysis, Host Mobility, Policy Enforcement, Secure Segmentation, Network Virtualization

What does AS stand for

Autonomous System

What is an EIGRP AS

Autonomous system

What 802.11 wifi standard supported up to 11mbps

B

Which of these commands are available to a user logged in with privilege level 0?

disable enable exit logout

Path Vector Algorithm

BGP

What protocol is typically used by ISP to route MPLS traffic

BGP

Which of the following routing protocols is classified as an EGP?

BGP

What is in an Open Message

BGP Version/ASN/Hold Time, BGP Id

Hello Time

BPDU advertise time, default is 2 Forward Delay

When a client moves its association from one autonomous AP to another, it is actually leaving and joining which one of the following?

BSS

What is special about Area 0

Backbone area, uplink

What frameworks are supported by Chef

Bash / Minitest / Rspec / Serverspec

When using the Cisco DNA Center Token API, what authentication method is used?

Basic authentication

What is the recommended QoS Bc value

Bc should be larger or equal to the largest IP packet

TxBF stands for what

Beamforming

What does 3 Quotation marks in Python indicate

Beginning and End to a Multi-Line string

Distance vector algorithms

Bellman Ford / Ford-Fulkerson

Three QoS smodles

Best Effort integrated services (InServ) differentiated services (DiffServ)

Which of the following is not a QoS PHB?

Best Effort (BE)

What does BFD stand for

Best Forwarding Direction - works with On-Ramp

Second (optional BGP step)

Bgp router-id ""

What does BPDU Filter do?

Blocks BPDU's from transmitting out of a port

How to remotely run a script in Bolt

Bolt Script Run

How to run a command in Puppet Bolt

Bolt command run

How to see bolt tasks running

Bolt task show

AP States

Boot / WLC Discovery / CAPWAP / WLC Join / Image / Config / Run

What is a QoS Shaper

Buffer and delay peaks

Sections of Postman

Builder / history / Collections / New Tab / URL Bar

Upon receipt of a configuration BPDU with the topology change flag set, how do the downstream switches react?

By fl ushing out all old MAC addresses from the MAC address table

How is the process of summarizing routes on an OSPF router accomplished?

By using the OSPF process confi guration command area area-id range network subnet-mask

Ways Cisco simplifies Auth during roam

CCKM / Key Caching / 802.11r

The _________ can be directly correlated to the MAC address table.

CAM

What are the current queuing algorithms for Rich-media networks

CBWFQ or LLQ

Which of the following is used to cache authentication key information to make roaming more efficient?

CCKM

What does CAC stand for

Call adminssion control

Benefit of Manual SD-Access Underlay

Can customize / specialize, i.e. use OSPF

Diff between two-rate three color and single-rate three-color

Can have two different drop rates on top of everything else. Buckets have different uses

Benefit of Flexible Netflow

Can monitor multiple flows Can reuse config

Benefit of PCI Passthrough vs SR-IOV

Can share pNIC's

What is Flex Auth

Can try to do multiple auth at a time vs. waiting sequentially

What is a C-RP

Candidate Rondezvous Point

Drawback of IntServ

Cannot scale well on large networks

What is ERSPAN for?

Capturing packets from one device and sending the capture across a Layer 3

Chapter 10

Chapter 10

Chapter 11

Chapter 11

Chapter 12

Chapter 12

Chapter 13

Chapter 13

Chapter 14

Chapter 14

Chapter 16

Chapter 16

Chapter 17

Chapter 17

Chapter 18

Chapter 18

Chapter 19

Chapter 19

Chapter 2

Chapter 2

Chapter 20

Chapter 20

Chapter 21

Chapter 21

Chapter 22

Chapter 22

Chapter 23

Chapter 23

Chapter 24

Chapter 24

Chapter 25

Chapter 25

Chapter 26

Chapter 26

Chapter 27

Chapter 27

Chapter 28

Chapter 28

Chapter 29

Chapter 29

Chapter 3

Chapter 3

Chapter 4

Chapter 4

Chapter 5

Chapter 5

Chapter 6

Chapter 6

Chapter 8

Chapter 8

Chapter 9

Chapter 9

Chapter 15

Chaptr 15

What are the SD-WAN Control Plane Policies

Chining, Traffic engineering, segmentation

What are the tiers

Choice / Leaf / Type / Enum

What does the LACP master get to do

Choose which member interface is active

Two Components of SD-Access

Cisco Campus Fabric Solution / Cisco DNA Center

What does CCKM stand for

Cisco Centralized Key Management

What does SD-Access build on

Cisco DNA

Which platform plays the role of the orchestrator in Cisco's Enterprise NFV solution?

Cisco DNA Center

What is CDO

Cisco Defense Orchestrator

The Cisco security architectural framework is known as ______.

Cisco SAFE

What is CSM

Cisco Security Manager

Which of the following relies on NetFlow data for security analysis?

Cisco Stealthwatch

Which of the following is the Cisco threat intelligence organization?

Cisco Talos

What's a CS

Class Selector

4 kinds of PHB

Class Selector (CS) Default Forwarding (DF) best effort Asssured Forwarding (AF)Guaranteed Expedited Forwarding (EF)Low Delay

What does CBWFQ stand for in QoS

Class-based weighted fair queuing

Which of the following are the recommended congestion management mechanisms for modern rich-media networks? (Choose two.)

Class-based weighted fair queuing (CBWFQ)

Which of the following three phases are defined by Cisco TrustSec?

Classifi cation Enforcement Propagation

How to clear BGP

Clear ip bgp 10.1.10.1 soft

How to force DR election process

Clear ip ospf process

How to clear PAGP counters

Clear pagp counters

What does Key Caching stand for

Client maintains keys and they are used to associate with other AP's

Architecture of AMP

Cloud/Connectors/endpoints/networks/email/web/meraki

Which technologies are used to deploy a simplified campus design?

Clustering technologies Stacking technologies Virtual switching systems (VSSs) StackWise

Which of the following features was developed specifically to protect the CPU of a router?

CoPP

Common uses for Netconf

Collect status of specific fields Change Configuration of certain fields Taking Admin Action Send Event Info Backup/Restore Config Testing Config before finalizing

What does StealthWatch do?

Collector/Aggregator/analysis/monitoring/analytics

Transform Set

Combination of protocols and algorithms

Root Path Cost

Combined cost for a specific path

What is Prefix Matching

Combining standard ACL with some Regular Expressions

What things does SaltStack listen for?

Command-Line Config / Disk memory processor util / Status of Services

What does Bc stand for in QoS

Commited Burst Size (bytes)

What does CIR stand for

Commited Information Rate

What does CIR Stand for in QoS

Commited Information Rate (bps)

What does Tc stand for in QoS

Commited Time Interval (Ms)

What does Tc stand for? (Choose two.)

Committed time interval Bc bucket token count

How to configure Inside Static NAT

Configure ip nat outside on outside interface, ip nat inside on inside interface and ip nat inside source static 192.168.1.1 192.168.10.1

What are the concepts behind Ansible

Consistent / Secure / Reliable / Easy

Components of vBond

Control Plane Connection / NAT Traversal / Load Balancing

5 roles of the Fabric Overlay

Control Plane Node / Fabric Border Node / Fabric Edge Node / Fabric WLAN Controller / Intermediate Nodes

What are the 3 planes of the SD-Access Fabric

Control Plane(LISP) / Data Plane(LAN/VXLAN) / Policy Plane (Trustsec)

What goes over IKE

Control plane and data plane traffic for IPSec

How to apply policy to Control Plane

Control-Plane \ service-policy input COPP Policy

Module is to Puppet as what is to Chef

Cookbook

Steps to ERSPAN

Create session Name session Define source Define destination

IGMP V3 Exclude does what?

Creates a list of those who do not want to be included in the multicast

What is in IKEv2 IKE_SA_INIT

Crypto / Alg / DH, MM1-MM4

Ways to encrypt traffic of VRE

Crypto Maps/Ipsec profiles

Commands for a VPN

Crypto isakmp policy 10 Auth pre-share Hash sha256 Enc aes Group 14

Things server auth supports that local does not

Customization / User Acceptance pages / VLAN assignment / DACL / Posture / Reg

What capabilities does ESA have

Threat Intel / Reputation / Spam / Phishing / Machine Learning / Domain Protection / Malware / Graymail / URL / URL Re-Write / Top Users / Top URL's / Encryption

Which of the following are encryption protocols that should be avoided? (Choose two.)

DES GCM

One possible issue with intercontroller roaming

DHCP

Based upon Classification

DIffServ

What controllers are required for SD-Access

DNA / ISE

What's on the Controller layer of SD-Access

DNA Center / ISE

What is on the Management Layer of SD-Access

DNA Center GUI / Base Automation

ENFV Architecture

DNA Center on top, VNF's below, Physical stuff on the bottom

OSPF Server Roles

DR / BDR / Drother

What is it called when devices adjust modulating and coding schemes based upon RSSI and SNR

DRS

How are L3 marked

DSCP / IPP

What language does Puppet use

DSL

Types of spread-spectrum categories

DSSS / OFDM

Enhanced distance vector algorithm

DUAL

For Netflow, what two things must be configured

Data Capture / Data Export

What does NDP do

Data analysis and provide input for changes to be made by NCP and ISE

Which of the following are Cisco SAFE's PINs in the network? (Choose all that apply.)

Data center Branch office Edge Campus Cloud WAN

Forwarding of network traffic from a Layer 2 perspective uses what information?

Destination MAC address

What is the command to debug OSPF Hello issues

Debug IP OSPF Hello

What is the command to debug OSPF Adjacency issues

Debug IP OSPF adj

How to troubleshoot events

Debug event manager all

How to debug an interface and IP

Debug interface loopback1 Debug ip packet 100

What is NBAR2

Deep packet inspection for L3 to L7

What is DF

Default Forwarding, for that which is not-applicable

PAGP Silent mode is to

Default, for connecting etherchannel and non-PAgP capable

How to do an OSPF Default Route

Default-information originate

How to RSPAn

Define RSPAN VLAN Monitor with the destintation being that vlan

How does BGP communicate with neighbors

Defined by IP Addresses

What is IP SLA used to monitor? (Choose four.)

Delay Jitter Packet loss Voice quality scores

4 workflows of SD-Access

Design / Provision / Policy / Assurance

All of the ports on a root bridge are assigned what role?

Designated port

Forwarding of network traffic from a Layer 3 perspective uses what information?

Destination IP address

Most popular

DiffServ

What model is more scalable

DiffServ

Which of the following is the most popular QoS implementation model?

DiffServ

Algorithm used by OSPF

Dijkstra

Types of Static Routes

Directly Connected / Recursive / Fully Specified

What can 0 do

Disable / enable / exit / help / logout

802.1D Port States

Disabled/Blocking/Listening/Learning/Forwarding/Broken

802.1W RSTP Port States

Discarding/Learning/Forwarding

What does a VTEP do

Discover VNI over the L3 network

Which one of the following comes first in a lightweight AP's state machine after it boots?

Discovering WLCs

What antenna has the smallest degree of spread

Dish

Which of the following antennas would probably have the greatest gain?

Dish

EIGRP Reported Distance

Distance reported by a router to reach a prefix

What are the four methods of BGP Route Policy Processing

Distribute List, Prefix List, AS Path ACL/Filtering, Route maps

How to filter network prefixes by neighbor

Distribute list filtering

How to do Local Filtering

Distribute-list "acl-number|acl-name|prefix "prefix-list-name | route-map "route-map name

A ___________ forwarding architecture provides increased port density and

Distributed

What is the purpose of a Passive OSPF interface

Does not send advertisements

Shortcoming of Distance Vector

Does not take into account speed

Downside of Auth Header

Doesn't support encryption or NAT-T

What's DSL

Domain Spacific Language

Why do Crypto Maps suck

Don't support MPLS natively, complex,

OSPF Neighbor States

Down/Attempt/Init/2-Way/ExStart/Exchange/Loading/Full

What's DEI

Drop Eligible Indicator

What is a QoS Traffic Policer?

Drop or re-mark incoming or outgoing traffic beyond a rate

Etherchannel destination hashes

Dst-ip/dst-mac/dst-mixed-ip-port/dst-port

Requirements for an ASN

Dual ISP, Public IP's, Need

What is the Auth Sever

Duh

What does DRS stand for

Dynamic Rate Shifting

2 ways to classify sgt tags

Dynamically or statically

What is Talos

Threat Intel Org / team of security experts

Which one of the following is used as the authentication method when 802.1x is used on a WLAN?

EAP

What is eap chaining?

EAP FAST can auth both machine and user in one auth request

Which of the following EAP methods supports EAP chaining?

EAP-FAST

Enhanced Distance Vector Routing Protocol

EIGRP

Unequal-Cost Load Balancing

EIGRP can LB over unequal-cost links, uses ratio based on metric to determine split

How does an EIGRP router indicate that a path computation is required for a specific route?

EIGRP sends out an EIGRP query with the delay set to infinity.

Where can you host NFVIS?

ENCS / CCSP / Cisco 4000 ISR / UCS C-Series

What is Traffic Copy?

ERSpan for monitoring between two entities

Diff between VM and Containers

Each VM needs a Host OS, containers all share a host OS

What is in the Internet Edge block

Ecommerce, Remote Branches, VPN, Cloud Provider Connectivity

Diff between a Fabric Border Node and Fabric Edge Node

Edge Node is for Wired edge devices, Border Node is like an Aggregate or Distribution switch

802.1W Port Types

Edge/Root/P2P

What does EITP stand for

Effective isotropic radiated power

What does ETR / ITR stand for

Egress / Ingress Tunnel Router

What does RESTCONF use, XML or JSON?

Either

What must a Edge Node be

Either a switch or router in the Overlay

What is an EM

Element Manager

What is a Cisco ESA

Email Security Appliance

What is EEM

Embedded Event Manager

What is an EPC

Embedded Packet Capture

How can you avoid flooding of multicast frames in a Layer 2 network?

Enable IGMP snooping

What is IGMP snooping

Enabled on a switch to manage multicast traffic

Which of the following issues does MST solve? (Choose two.

Enables traffic load balancing for specific VLANs Reduces the CPU and memory resources needed for environments with large numbers of VLANs

Uplink MacSec vs Downlink

Endpoint to switch vs switch to switch

Two kinds of Stealthwatch

Enterprise / Cloud

What is ENFV

Enterprise Network Function Virtualization

Which types of network environments was SD-Access designed for?

Enterprise campus and branch

What protocol options are there

Eq / lt / gt

How to enable BPDU Guard Recovery

Errdisable recovery cause bpduguard

Diff between SNMP V1 and V2c

Error Handling

Difference between rspan and erspan

Erspan can route

What is SD-WAN vSmart Controller

Establish DTLS tunnels, establish OMP neighbors, calculate routes, Control Plane Policies

What does ECN stand for

Explicit Congestion Notification

What is ETSI

European Telecommunications Standards Institute

What does FMC do

Event and policy management

Two primary building blocks of EEM

Events and Actions

How frequent are AFI and SAFI packets sent

Every Advertisement

3 color types of traffic

Exceed / Conform / Violate

What does Be stand for in QoS

Excess burst

What can 1 do

Exec Mode only

Which of the following is not a QoS implementation model?

Expedited forwarding

True or false: For MED to be used as a selection criterion, the routes must come from different autonomous systems.

False

True or false: IGMPv3 was designed to work exclusively with SSM and is not backward compatible with PIM-SM.

False

Definition of EGP

Exterior Gateway Protocol

OSPF V3 Multicast AllSPFRouters

FF02::05:

OSPF V3 Multicast DR

FF02::06:

What do you call the first router after a Multicast source

FHR (First Hop Router)

Tech your Distribution layer should support

FHRP's

True or false: When PIM is configured in dense mode, it is mandatory to choose one or more routers to operate as rendezvous points (RPs).

FalsE

Ansible uses the TAML syntax, which starts with three dashes (---), in the creation of playbook files.

False

The traceroute command tries 20 hops by default before quitting.

False

True or false: A BGP session is always one hop away from a neighbor.

False

True or false: A default route advertised with the command default informationoriginate in OSPF will always appear as an OSPF inter-area route.

False

True or false: A member router contains a complete copy of the LSDBs for every area in the routing domain.

False

True or false: A router with an interface associated with Area 1 and Area 2 will be able to inject routes learned from one area into another area.

False

True or false: An NTP client can be configured with multiple NTP servers and can synchronize its local clock with all the servers.

False

True or false: BGP advertises all its paths for every prefix so that every neighbor can build its own topology table.

False

True or false: BGP supports dynamic neighbor discovery by both routers.

False

True or false: Cisco DNA Center Assurance can only manage routers and switches.

False

True or false: Configuring network components by using the CLI is considered the fastest approach when dealing with a large number of devices.

False

True or false: Containers do not need vSwitches to communicate with each other or with the outside world.

False

True or false: EIGRP summarization occurs for network prefixes as it crosses all network interfaces.

False

True or false: ETRs are the only devices responsible for responding to map requests originated by ITRs.

False

How do you enable OSPFv3 on an interface?

Use the command ospfv3 process-id ipv6 area area-id under the interface.

What is a FPGA in SD-Access

Field Programmable Gate Array

What does FDM stand for

Firepower Device Manager

What does FMC stand for

Firepower Management Center

What does FHRP stand for

First Hop Redundancy Protocol

What does FHRP stand for

First Hop Routing Protocol

EIGRP uses _______ packet types for inter-router communication.

Five

OSPF uses ___________ packet types for inter-router communication.

Five

Which of the following allows for matching key fields?

Flexible NetFlow

What happens when an OSPF Router adds or removes a directly connecte dnetwork link

Floods LSA out all activer OSPF interfaces

What are the optional Stealthwatch components

Flow Sensor UDP Director

What are the core components of Stealthwatch

Flow Sensor / Flow Rate License / Flow Collector / Management Console

Which of the following are required to configure Flexible NetFlow? (Choose three.)

Flow exporter Flow record Flow monitor

EIGRP Feasibility condition

For a route to be considered as a backup route, reported distance received must be < feasible disance

FIB

Forward information base

CEF is composed of which components? (Choose two.)

Forwarding Information Base/Adjacency table

What is FSPL?

Free Space Path Loss

If a lightweight AP needs to download a new software image, how does it get the image?

From a WLC

How to use IP-SLA to monitor a website

From the IP-SLA context type: Get http http://192.168.1.10

What amendments supported up to 54mbps

G and A

Which of the following FHRPs supports load balancing?

GLBP

What method does ICV use

GMAC

Which of the following is considered to be the best first step in troubleshooting a wireless problem?

Gather more information to fi nd the scope of the problem

NETCONF Operations

Get / get-config / edit-config / copy-config / delete-config

Commands to setup GLBP

Glbp 57 ip 192.168.1.1 Glbp 57 preempt (optional) Glbp 57 priority 10 (optional) Glbp 57 timers 10 (optional) Glbp 57 auth password10 (optional) Glbp 57 load-balancing "" (optional)

Steps for WLAN wizard

Go to WLAN and create new, then walk through general, secrity, qos, policy-mapping and advanced

What happens if CEF cant' handle it

Goes to CPU

Which field was added to the VXLAN header to allow it to carry SGT tags?

Group Policy ID

What does Anyconnect do besides VPN

HIP, Umbrella tunneling

Which of the following FHRPs are considered Cisco proprietary? (Choose two.)

HSRP

What are some FHRP's

HSRP, VRRP, GLBP

What are three types of FHRP's

HSRP, VRRP, GLBP

Which controller to join

Have I joined it before? If multiple that I have joined, which is less crowded

What is ASA

Old School

Does BGP Prioritize newer or older routes

Older

A receiver picks up an RF signal from a distant transmitter. Which one of the following represents the best signal quality received? Example values are given in parentheses.

High SNR (30 dB), high RSSI (−55 dBm)

How to show unequal cost load balancing ratios

Ho ip route x.x.x.x

How do you shortcut 192.168.1.1 0.0.0.0 in an ACL

Host 192.168.1.1

What is a Host Pool

Hosts assigned to an IP Pool, hosts have SVI and use EID's to map

What does the vBond Orchestrator do

Hosts the Public IP for connections, authenticates, orchestrates connectivity

What's a Scalable Group

Hosts with similar policies Host pools and Scalable Groups map up

What is the main difference between IGMPv2 and IGMPv3?

IGMPv3 introduced a new IGMP membership report with source fi ltering support.

What are the three BGP Origin types in order of preference

IGP / EGP / Incomplete

Other names for an RFP Interface

IIF (incoming interface) Upstream interface

IKEv2 Exchange 2

IKE_Auth

IkeV2 Exchange 1

IKE_SA_INIT

What does IPP stand for

IP Preference

Which of the following destination addresses does EIGRP use when feasible? (Choose two.)

IP address 224.0.0.10 MAC address 01:00:5E:00:00:0A

What destination addresses does OSPF use, when feasible? (Choose two.

IP address 224.0.0.5 / MAC address 01:00:5E:00:00:05

How to see top 10 talkers in netflow

IP flow-top-talkers Top 10

Set OSPF Hello Timer

IP ospf hello-interval (seconds)

IPV6 how to setup

IPV6 unicast routing Ipv6 route x:x:x::x:2930:fb9:13:30

What are the recommended routing protocols for the Underlay network

IS-IS / IGP

LISP Data Path

ITR sends map request to MR on Port 4342, request goes to MS, MS forwards to ETR, ETR talks to the ITR

Third BGP step

Identify a neighbor IP neighbor "ip-address" remote-as ""

What does IBNS stand for

Identity Based Network Services

BGP Neighbor States

Idle / Connect / Active / OpenSent / OpenConfirm / Established

BGP Order of Operation

Idle / Connect / Open Sent / Open Received / Open Confirm / Established / Updates

What's better for ensuring DR Placement, RID or Interface Priority

Interface Priority

Root Port

Interface associated with lowest path cost

Order of ACL operation Routed (across VLaN's)

Inbound PACL / Inbound VACL / Inbound ACL / Outbound ACL / Outbound VACL

Order of ACL Operation Bridged Traffic (same vlan)

Inbound PACL / Inbound VAcL / outbound VACL

IGMP V3 Modes

Include and Exclude

Fully Specified Static Route

Includes both Next Hop IP and Interface

TrustSec Phases

Ingress Classification / Propogation / Egress Enforcement

Con's of PACL

Ingress only / no L2 / Hardware only / no IPV6/ARP/MPLS

Fourth BGP step

Initialize the address family - address-family "afi / safi"

2 ways to propogate an SGT Tag

Inline / SXP

NAT address types

Inside local / inside global / outside local / outside global

When a type 3 LSA is received in a nonbackbone area, what does the ABR do?

Installs the type 3 LSA for only the area where it was received

With MST, VLANs are directly associated with ______

Instances

Which of the following is the QoS implementation model that requires a signaling protocol?

IntServ

What's an ICV? Insane Clown Vossie?

Integrity Check Value

OSPF V3 LSA Type 4

Interarea Router - AS Boundry Routers

OSPF V3 LSA Type 3

Interarea prefix - ABR Only

How to modify an STP cost

Interface "" \Spanning-tree cost ""

Definition of IGP

Interior Gateway Protocol

Typical traffic descriptors

Internal Layer 1 Layer 2 Mac 802.1q/p Layer 2.5 MPLS Layer 3 IP / DSCP / IPP Layer 4 Ports Layer 7Application

Types of Local Web Auth

Internal DB on WLC Exernal DB on Radius or LDAP server External redirect after auth External splash page

What does MST IST stand for

Internal Spanning Tree

Transit routing between a multihomed enterprise network and a service provider is generally not recommend in which scenarios? (Choose all that apply.)

Internet connections at data centers Internet connections at branch locations MPLS branch locations

What are some well known BGP Communities

Internet, No_Advertise, No_Export

OSPF Route Types

Intra-Area "O", interarea "O IA"

Ten lightweight APs are joined to a wireless LAN controller. If a client roams from one of the APs to another, which one of the following correctly describes the roam?

Intracontroller roaming

Which of the following provides the most efficient means for roaming, as measured by the time to complete the roam?

Intracontroller roaming

What's a Wildcard mask

Inverted, 255.255.255.0 = 0.0.0.255

How to define an extended ACL

Ip access-list extended 28 outbound-list 1 permit ip host 192.168.1.4 host 255.240.0.0 2 permit ip 10.0.0.0 0.0.255.0 255.255.255.0 0.0.0.0

How to do PACL

Ip access-list extended PACL Interface\ip access-group PACL in

How to define a standard ACL

Ip access-list standard 27 inbound-list 1 permit 192.168.1.4 255.255.255.255 2 deny 192.168.1.0 255.255.255.0

How to show communities in new format

Ip bgp-community new-format

How to create a community list

Ip community list 57 standard inbound_list permit 333:333

How to configure netflow

Ip flow-export version 9 Ip flow-export destination 192.168.1.1 Interface ethernet1/1 Ip flow ingress

If an AP tries every available method to discover a controller but fails to do so, what happens next?

It reboots or starts discovering again.

What does an FHR do when an attached source becomes active and there are no interested receivers?

It unicasts encapsulated register messages to the RP and stops after a register stop from the RP.

What does JSON stand for

Java Script Object Notation

What does JSESSIONID stand for

Java Session ID

What kind of Virtualization does NFVIS support

KVM

What's one reason to run conditional Debug

Keep older devices from crashing

What are some of the benefits of Puppet Forge and GitHub? (Choose all that apply.)

Keeping track of various versions of code Knowing which developers are involved with code revisions Collaborating with other developers and sharing code Increasing the speed in working on software projects

How does JSON annotate an object and its attribute?

Key / Value

What command uploads from a workstation to a Chef server

Knife

What is a vSwitch

L2 switch

Where are root switches normally placed

L2/L3 Boundries

How to set LACP system prioirty

LACP System-Priority 1

What do you call the last router before and endpoing

LHR (Last Hop Router)

Which is the control plane used by SD-Access?

LISP control plane

OSPF Advertisement called what

LSA

What happens if an LSA Sequence number received is greater than one in the LSDB

LSA gets processed

OSPF Database is called

LSDB

Which of the following are the leading causes of quality of service issues?

Lack of bandwidth Latency and jitter Packet loss

lACP how to set Max bundles

Lacp max-bundle ""

How to enable fast LACP Packets

Lacp rate fast

Which of the following are part of the YANG model?

Leaf Container

Benefit of QoS 3 color

Less retransmits, more efficient use of AFx1, AFx2, AFx3 etc

What are they

Lightweight / autonomous

What are the PPDIOO lifecycle components?

Prepare, Plan, Design, Implement, Operate, Optimize

How does BGP prevent loops

Prepending ASN then checking for it again

How to apply an ACL to a VTY

Line vty 0 4 Access-class 1 in

How to configure just SSH on a VTY

Line vty 4 \ Transport input ssh

OSPF V3 LSA Type 8

Link

OSPF is what kind of routing protocol

Link State / IGP

What does LSR stand for

Link State Request

Etherchannel common issues

Link has only two devices/ports all active/staticaly set to on, one active/consistancy/receipt on both sides

What does LACP Passive do

Link only responds to an LACP initiation, does not initiate

What is service chaining

Linking a few NFV's into a logical group

. Which of the following is not an RSTP port state?

Listening

Benefit of Auto-RP

Load-spligging across diff RP's Eawsy to use multiple RP's Prevents inconsistancies

What is the name of the BGP RIB table

Loc-RIB

2 kinsa of webauth

Local / server

Which of the following techniques is the second selection criterion for the BGP best path?

Local preference

Cisco AP modes

Local/Monitor/FlexConnect/Sniffer/Rogue Detector/Bridge/Flex+Bridge/SE-Connect

What does LISP stand for?

Location/ID Separation Protocol

How to set logging buffer size

Logging buffer 10000

How to ship logs

Logging host 192.168.1.1 Logging trap 7

Another issue that can cause reservation delays

Long distances

What is Multi-Hop technology

Looks up one routing table, then the next, then the next

Common use of Static Null Route

Loop Prevention

What is an OSPF Discard route for

Loop prevention

How to set Router ID

Loopback ID

Drawback of COS Markings

Lost when they leave an 802.1q link

What does the NCP do?

Lots, overlay, underlay, orchestration, status

An omnidirectional antenna usually has which of the following characteristics?

Low gain Large beamwidth

As a tiebreaker, does BGP prefer the lower or higher IP address of a peer

Lower

What is IPV6 BGP

MBGP

What is Type 5

MD5 Hash

Where is Multicast forwarding information stored

MFIB (Multicast Forwarding Information Base)

How many Main Mode messages

MM1-MM6

How are L2.5 marked

MPLS EXP bits

What does DNA Center do

Machine Learning to find issues, can go back to issues that occurred in the past

And MKA

Macsek Key Agreement

How to search a user in DNA

Magnifine Glass

Which of the following is the message exchange mode used to establish an IKEv1 IPsec SA?

Main mode

What does an Elemenet Manager do

Manage one or more VMF's, or be a VMF

4 layers of SD-Access

Management / Controller / Network / Physical

Cisco SAFE Areas

Management / Security Intel / Compliance / Segmentation / Threat Defense / Secure Services

What is the difference between well known discretionary and mandatory

Mandatory means if the attribute does not exist the peering will be torn down

What components do Puppet Modules have

Manifests / Templates / Files

What can you do with Puppet Bolt

Manual or Orchestrated tasks

What does a Fabric Control Plane do

Maps EID of the current fabric LISP map/server resolver

Policer options

Markdown or Drop traffic

What is a markdown

Marks traffic as a lower priority

What is the main server of SaltStack called

Master

How does Puppet work

Master / Agent

What is a Pupper MoM

Master of masters, for huge deployments

Differences between HSRP and VRRP

Master/backup, preemption on by default, diff multicast

Example of a Route Map

Match ip address ACL-One Set metric 20

Example of a advanced conditional match

Match ip address ACL-One | ACL-Two Match metric {1-4294967295 | external 1-4294967295}[+- deviation] Match tag 0 to 60000

What is one interface in an etherchannel bundle called

Member Interface

What is FTD

Merged ASA and Firepower services

EIGRP Feasible Distance

Metric value for the lowest metric path to a destination

Saltstack grains are run on what

Minions

How is SaltStack Architected

Minions on systems have Beacons / Returners / Trains that feed up to the Master

Steps for MST

Mode Set / Root set / Name / Revision / Instance and VLAN

How is that configured on the switch where monitoring will occur

Monitor session 57 remote vlan 99 Monitor session 57 destination interface ethernet 1/10

How to specify source ports in span

Monitor session 57 source intrface ethernet1/1 vlan 5 rx

How to Erspan

Monitor session 57 span type erspan

How to filter an existing Monitor session to just a vlan

Monitor session 57 vlan 1

How to monitor Destination port

Monitor session 58 destination interface ethernet 1/2

Two presentations in a WLC User interface

Monitoring / Configuration

What kind of deployment do you need for 4-20k

Monolithic with Compile Master

For 20k+

Monolithic with compile masters and PE-PostgreSQL

What kind of deployment do you need for 4k or under

Monollithic

VXLAN purpose

More VLAN's Large Mac Address Tables

What is DPDK

Moves OVS into the User Space from the Kernel Space, i.e. NIC talks directly to VMF not translating

What does MBGP stand for

Multi-Protocal Border Gateway Protocol

What is in a BSR message

Multicast Group Range / RP Priority / RP Address / Hash / Bidir Flag

What is SAFI for

Multicast or unicast

One large reason for a three-tier

Multiple buildings (Campus) Density of WAN routers Geo Dispersed

What does BGP MED stand for?

Multiple-exit discriminator

What comprises the DNA Center

NCP / NDP

What 3 SD-Access subsystems all talk through API

NDP/ISE/NCP

Which of the following is an architectural framework created by ETSI that defines standards to decouple network functions from proprietary hardware-based appliances and have them run in software on standard x86 servers?

NFV

How to manage it all?

NFVI

During the attack tools

NGIPS / Web Security with AMP / Email Security with AMP

What additional info does MBGP carry

NLRI info for Multiple Protocols such as IPPV6

Diff between adj-rib and loc-rib

NLRI's in original form, LOC-RIB Local or remote routes

Components of SD-WAN

NMS / vSmart Controller / SD-WAN routers / vBond orchestrator / vAnalytics

OSPF V3 LSA Type 7

NSSA Autonomous Stub

Type 7 LSA

NSSA External - Redistributed routes in NSSAs

Where the **** do you use Yang

Netconf

OSPF V3 LSA Type 2

Network

How do you advertise OSPF

Network "IP" "Mask" area "Area ID"

Type 2 LSA

Network - Multi-access network segment attached to a DR

How to configure OSPF for a large network

Network 10.0.0.10 255.255.255.0 Ara 0

How to configure a network to be OSPF

Network 10.0.0.10 0.0.0.0 Area 0 Or Network 10.0.0.10 0.0.0.255

What is NCP

Network Control Platform

What is NDP

Network Data Platform

What can AAA be used for

Network Device Access Control / Secure Network Access Control

What does NFVIS stand for

Network Function Virtualization Infrastructure Server

What does NFVI stand for

Network Function Virtualized Infrastructure

What is an NLRI

Network Layer Reachability Information

What is in the EIGRP Topology Table

Network Prefix/EIGRP Neighbors/Metric for each Neighbor/Load, reliability, delay, bandwidth

What does NFV stand for

Network function virtualization

What is a recursive route

Next hop is an IP Address

What is a directly connected route

Next hop is an interface

Does a SPAN typically include L2 info like STP or VLAN tagging

No

IS AF1 treated differently from AF4?

No

Downfall of static etherchannel

No down link detection on transit switches

Advantages of Routed Access-to-distribution block design

No first-hop redundancy protocol required No STP required Increased uplink util Easier Troubleshooting Faster Convergence

OSPF V3 Dijkstra differences

No longer has to calculate entire tree on a change

CBWFQ is only suited for what

Non real time data traffic

Open Authentication requires the use of which one of the following?

None of the above

In a Layer 2 roam, what mechanism is used to tunnel client data between the two controllers?

None of these answers

Does IKEV1 support SHA-512?

Nope

Does OSPF DR Election support preemption?

Nope

Is Ansible Agent Based?

Nope

Is Multicast supported on Site to Site?

Nope

Command to make NTP Peers

Ntp peer 192.168.1.1

How to configure NTP

Ntp server 192.168.1.1

What does the BGP route table look like when summary only is enabled

Null

What is an AS Path number

Number of hops

Types of ACL

Numbered / Numbered Extended / Named Standard / Named Extended / Port / VLAN

Traceroute Options

Numeric / Port / Probe / Source / Timeout / TTL / Timestamp / Verbose

Is DSSS or OFDM used for 5Ghz

OFDM

What are the common HTTP Status codes

OK / Created / Bad Request / Unauthorized / Forbidden / Not Found

What does SPT stand for

OSPF Term - Shortest Path Tree

Where to configure Root Guard

On designated ports that should not become root

When WPA2 enterprise mode is used on a WLAN, where is the supplicant role located?

On the wireless client

Downside of pooled nat

Once pool is exhausted pool is exhausted

How many areas can an interface be a member of

One

What is a discontguous network

One where Area 0 is split into multiple Area 0's

According to the Connectivity chart on the WLC's Client View screen, which one of the following states indicates that a wireless client has met all of the requirements to begin using a wireless network?

Online

Types of BGP Messages

Open / Update / Notification / Keepalive

How to establish a BGP Adjacency?

Open Message sent

Is Ansible Proprietary or Open Source

Open Source

Major diff between OSPF and EIGRP

Open Source vs. Proprietary

What is OVS

Operating System and Kernel Space Virtualiztion

What's an OSS

Operations Support System

vAnalytics

Optional / Analytics / Forecasting / Recommendations

What does OFDM stand for

Orthoginal Frequncy division multiplexing

How to enable OSPFV3 for IPV4

Ospfv3 process-id ipv4 area area-id

OSPF V3 Step 5

Ospfv3 process-id ipv6 area "area-id"

How do you prevent Transit Routing

Outbound BGP Route policies

What is an OIF

Outgoing interface

Which of the following is not a valid way that an AP can learn of WLCs that it might join?

Over-the-air neighbor message from another AP

What is OMP

Overlay Management Protocol

Static Route Benefit

Override Dynamic, availability on system

EtherChannel Member Interface Status'

P(articipating), H(Maximum Interfaces), I(ndividual), w(aiting for a packet), s(suspended), r(emoved)

What's a PACL vs VACL

PACL is applied to a port, VACL applied to a VLAN

What's in the TCI

PCP/DEI/Vlan ID

What is the Oakley key exchange

PFS / DH

What are the 5 PIM Operating Modes

PIM Dense (PIM-DM) Pim Sparser (PIM-SM) PIM Sparse Dense PIM Source Specific (PIM-SSM) PIM Bidirectional (Bidir-PIM)

What does (S,G) stand for in Multicast?

PIM Join

What multicast is better for small networks

PIM-DM

What Multicast is better for large networks

PIM-Sparse (SM)

What is the name of the two-rate three color drop rates

PIR and CIR

To authenticate with Cisco's DNA Center, which type of HTTP request method must be used?

POST

PCP

Priority Code Point

What is a Sniffer

Packet capture

Why is Salt Stack so fast

Parallel run

When a path has been identified using EIGRP and in a stable fashion, the route is considered ______.

Passive

How to set passive OSPF interface

Passive interface-id

How to set all passive OSPF Interface

Passive interface-id default

What is a type 8 password

Password Based Sha-256

What does PA stand for in BGP

Path Attributes

What is AIGP for

Path attributes between AS, optional, can affect routing

OID is to SNMP as What is to Yang

Paths

What does PIR stand for

Peak Information Rate (Larger than CIR)

What does PHB stand for

Per Hop Behaviors

What should the Underlay network have as characteristics

Performance / Scalability / High availability

Which ipsec phase is bi-directional

Phase 1

What's PCP

Priority Code Point

What is an Ansible set of instructions called

Playbook

Which of the following are features of Ansible? (Choose two.)

Playbooks Tasks

How does a Task relate to a Playbook

Playbooks are made up of Plays, Plays are made up of Tasks

Which traffic conditioning tool can be used to drop or mark down traffic that goes beyond a desired traffic rate?

Policers

How is Network Policy applied through the SD-Access Fabric Policy Plane

Policy (QoS / ACL etc) are applied through SGT tags

What does a Policy map for COPP look like

Policy Mapp COPP Policy Class COPP IPSEC Police 8000 conform-action transmit exceed action transmit Violate-action drop

How to create a ZBFW inspection policy map

Policy-map type inspect POLICY-NAME Inspect

How to set etherchannel load-balance

Port-channel load-balance

How to require minimum Port-Channel links

Port-channel min-links ""

What are some downsides to unplanned internal transit connectivity

Possibility of asynchronous routing Unplanned added capacity

What HTTP function is used to send the ApI

Post

What is the automation methodology

Ppdioo

Which of the following authentication methods does WPA2 personal mode use?

Pre-Shared Key

How does an AP discover a WLC

Pre-config DHCP/DNS Broadcast

Router Path Selection

Prefix Length, Administrative Distance, Metrics

What does ppdioo stand for

Prepare Plan Deisgn Impliment Observe Optimize

Inside Local vs outside global

Private internal IP vs Public assigned IP

Which of the following is not a well-known BGP community?

Private_Route

How to make a custom priv level that can shut a terminal

Privilege exec level 5 configure terminal Privilege configure level 5 interface Privilege interface level 5 shutdown

Network latency can be broken down into which of the following types?

Propagation delay (fixed) Serialization delay (fixed) Processing delay (fixed) Delay variation (variable)

Types of delay

Propogation - Distance-based Serialization - Time to convert to medium Processing - CPU / Software Delay variation - Queing / packet delay creates Jitter

NBAR2 Modes

Protocol Discovery Modular QoS CLI

Which protocols are essential to multicast operation? (Choose two.)

Protocol Independent Multicast (PIM)

Things you can do with an extended ping

Protocol i.e. IP / Appletalk Datagram Size Source Address DF Bit Data Pattern Verbose Loose / Strict routing

What is an Anycast Gateway

Provides a pervasive L3 network, spanning buildings, campus' anywhere

When using GitHub, what is the purpose of a repository? (Choose three.)

Provides a place to store a developer's code Gives the option to share a developer's code with other users Provides documentation on code examples

What is Skeme

Provides anonymity, key refresh etc.

Which of the following options describe ZBFW? (Choose two.)

Provides stateful fi rewall functionality Is an integrated IOS solution

What is BGP Multihoming used for

Providing redundant ISP typically

What is PETR

Proxy ETR

What are the two stealthwatch cloud offerings

Public / private cloud

Inside Global vs Outside Local

Public IP mapped to a Local IP, Public IP as it appears from inside

Which of these tools are agent-based in operation? (Choose two.)

Puppet Bolt SaltStack

Where are Puppet tasks stored

PuppetDB

What are the two Chef modules

Push/Pull

What is Salt Stack written in

Python

How many messagesin Aggressive Mode

QM1-QM3

How is Internal QoS marked

QoS Groups

RFC for OSPF V2

RFC 2328

RFC for two-rate three-coor

RFC 2698

What RFC amended BGP to MBGP

RFC 2858

RFC for OSPF V3

RFC 5340

What is the flow of routes in BGP

RIB-IN - Loc-RIB, Global RIB, RIB-Out

Neighbor Adjacenty Requirements

RID Unique/Interface Subnet/Mask/MTU Match/Area ID Match/DR Enablement Match/OSPF Hello and Dead Timers Match/Auth Type and Credentials match / Area Type Flags Match

Distance Vector protocols

RIP

Which of the following routing protocols are classified as IGPs? (Choose all that apply.)

RIP/EIGRP/OSPF/IS-IS

LISP separates IP addresses into which of the following? (Choose two.)

RLOCs EIDs

How does Auto-RP keep all the RP's straight?

RP Mapping Agent or a PIM Bootstrap Router (BSR)

How does PIM Shared and Source create the tree?

RP talks to LHR then FHR then established communication between the 2, like a matchmaker

Which Radius or TACACS supports EAP

Radius

EIGRP Benefits

Rapid Convergence/Network Change delta/hellos,neighbors,bandwidth,delay,load,reliability,MTU/Load Balancing

How does SaltStack listen to the environment

Reactors and Beacons

NGIPS Capabilities

Real-time contextual awareness / ATP / Automation / Performance and Scalability / AVC / URL Filtering

BGP Route steps

Receive Adj-RIB-In / Update Loc-RIB, Validate / Identify best-path / Install best-path on global / Store / Advertise

DB loss calculation

Received power / Original power

What is RSSI

Received signal strength indicator

Manifest is to Puppet as what is to Chef

Recipe

Steps to configure flexible netflow

Record Name / Description / Match Criteria / Non-Key words

Cisco SAFE includes which of the following secure domains? (Choose all that apply.)

Threat defense Segmentation Compliance

802.1D Port Types

Root Port/Designated Port/Blocking Port/

802.1W Port Roles

Root/Designated/Alternate/Backup

Default LB method for GLBP

Round Robin

How many tables does BGP use for storing prefixes?

Three

How to divide up MSP STP?

Regions

What is the Wan Edge Block

Remote Datacenters/branches/Cloud

What does RP stand for

Rendezcvous Point

What does RSVP stand for

Resource Reservation Protocol

What does PortFast do

Restricts TCN on access ports, speed up enabling

What does RFP stand for

Reverse Path Forwarding

Which of the following are container engines? (Choose all that apply.)

Rkt Docker LXD

Some types of Container Engines

Rkt / Open Container Initiative / LXD / Linux-Vserver / Windows Containers

A network consists of four controllers: A, B, C, and D. Mobility group 1 consists of controllers A and B, while mobility group 2 consists of controllers C and D; the mobility list on each controller contains both mobility group definitions. Which one of the following answers describes what happens when a client tries to roam between controllers B and C?

Roaming is possible, but CCKM and key caching do not work.Which

What do AS restrict

Route distribution, metric calculations

EIGRP Feasible Successor

Route that satisfies the feasibility condition, backup route

EIGRP Successor Route

Route wit hlowest path metric

OSPF V3 LSA Type 1

Router

What type of network device helps reduce the size of a broadcast domain?

Router

Which LSA type exists in all OSPF areas?

Router

Type 1 LSA

Router - LSA's from within an area

Configure OSPF on all interfaces

Router 1

What's a RACL

Router ACL

What is in an OSPF Hello

Router ID, Auth options, Area ID, dead interval, hello interval etc...

How to define / initialize OSPF

Router OSPF

First step in setting up

Router bgp as-number

OSPF on Log Subnet

Router ccc

How to set an OSPFV3 interface as passive

Router ospfv3 Passive-interface gigabitethernet01

Statically set Router ID

Router-id "router-id" Clear ip ospf process

What are OSPF External Routes

Routes learned from outside the OSPF Domain via Redistribution

RIB

Routing Information Base

How to prevent unplanned internal transit connectivity

Routing design Bandwidth sizing Routing pattern

What is the model of LISP

Routing with a central database instead of multiple synchronized routing tables

What is Puppet Bolt written on

Ruby

LACP code for slow LACPDU Active Mode

SA

Why is WPA3 not succeptible to easvedropping

SAE

Two MacSec keying mechanisms

SAP / MKA

LACP code for Slow Hello Consistent State

SC

What is a type 9

SCRYPT hash

How to show Etherchannel running L2 Down

SD - Switching / Down

What is a switch that is not part of the DNA platform but still participates via Automation

SD-Access extension node

Two ways to do egress enforcement

SGACL / SGFW

What the heck is SXP

SGT Exchange Protocol

What was added to VXLAN for it to work with SD-Access

SGT Tag (4 bytes)

Show Port to VLAN Mapping

SH VLAN Brief

Count of VLAN's, VTP VLAN's, Excluded VLAN's

SH VLAN Sum

How to enable traps

SNMP-Server enable traps

Downsides of a large OSPF Area

SPF Calculations run throughout when a link flaps LSDB becomes too big Large LSDB consumes memory No route summarization occurs

Which of the following best describe SPT and RPT? (Choose two.)

SPT is a source tree where the source is the root of the tree. RPT is a shared tree where the rendezvous point is the root of the tree.

Which of the following is the I/O technology that uses VFs and PFs?

SR-IOV

What does NetConf run over

SSH / TLS / SOAP

What ways can it communicate with nodes

SSH / WinRM, and others

Requirements for SaltStack SSH

SSH and Python

Info found on the Client screen

SSID, Mac Address, SNR, Signal Strength, connection time etc.

How can you make WLC's redundnat

SSO

What is SD-Wan On-Ramp

SaaS Optimization across circuits / Public Cloud connection

How to list all network interfaces

Salt '*' network.interfaces

How to do outside static nat

Same interface steps, then ip nat outside source static 192.168.1.1 192.168.1.222

What is Cisco Threat Grid

Sandbox

What does the Web Security Appliance do After an attack

Sandboxing / File Retrospection / Cognitive Threat Analytics

What does SGT stand for in SD-Access

Scalabale Group Tagbs

What is a SGT

Scalable Group Tag

What is lower in precedence? Best Effort or Scavenger?

Scavenger

Suppose that you have a large wireless network with several controllers, many APs, a RADIUS server, and a syslog server. A user has reported connectivity problems in a specific building location but has provided no details about the AP or controller he tried to join. Which one of the following is the most efficient troubleshooting method you can use to find information about the client?

Search for the client's MAC address on each controller

What does SAFE stand for

Security Architectural Framework

What does MacSec SAP stand for

Security Association Protocol (proprietary)

SGFW is obviously a Security Group firewall, what the deuce is a SGACL

Security Group ACL

What is the diff between ACL and SGACL?

Security Groups

One benefit of OSPF areas

Segmentation creates simpler routing maps, reduces OSPF traffic, size of DB

What are the two system-built zones for ZBFW? (Choose two.)

Self zone Default zone

What does a host need to do to start receiving multicast traffic?

Send an unsolicited membership report

What's the diff between a flow sensor and a flow collector

Sensor is like a span port, collector like a siem

Route Map order of eval

Sequence, conditional match, process action, optional action

What is in the Data Center / Server Room block

Servers for Websites, email, apps, storage, backups

What's OHAI

Service installed that checks in with the server

BGP router config components

Session Param / Address Fam Init / Activate Address

How to enable SSH

Set Hostname / Create User / Set Domain Name / Crypto key generate RSA

How to set STP priority

Set spanning-tree vlan "" priority, up to 4096, lower is better

How to verify a BGP Session

Sh Bgp "afi / safi" sum Sh bgp ipv4 unicast sum

Show vlan's assigned to a trunk

Sh Run VLAN Int

Last TCN

Sh Spanning-Tree "vlan" detail

How to verify netflow

Sh ip flow interface

How to show Type 1 LSA's

Sh ip ospf database

How to show Type 2 LSA information

Sh ip ospf database network

Display the OSPF neighbors and their current states

Sh ip ospf neighbor

Display the OSPF routes that are installed in the RIB

Sh ip route ospf

Show all VRF routes

Sh ip route vrf mgmt

Show IPV6 Routing Table

Sh ipv6 route

What is a condensed version of show ntp status

Sh ntp associations

Show all interfaces that participate in a vlan

Sh span-tree vlan

How to see what switch is root

Sh spanning-tree vlan 1

Types of PIM Distribution Trees

Shared - Rendezvous Point Source - aka Shortest Path Tree

What does ENFV do

Simplicity / Centralized / Snapshots / Third-party VNF / SD-WAN and Edge / Reduced Power/Space/Engineering

What is SAE as it relates to WPA3

Simultaneous auth of equals

How to view SDM Template

Show SDM Prefer

How to show BGP Routes

Show bgp "afi / safi"

Show all routes advertised to a peer

Show bgp "afi / safi" neighbor "ip address" advertised routes

How to show all routes to a network

Show bgp ipv4 unicast 10.12.1.0

How to view BGP info for a particular neighbor

Show bgp ipv4 unicast neighbors 10.12.1.1

How to verify an IPV6 BGP Session

Show bgp ipv6 unicast sum

How to verify in BGP that NLRI's between nodes

Show bgp pv4 unicast sum

How to see ipsec info

Show crypto ipsec sa

How to show crypto info

Show crypto isakmp sa

How to see etherchannel load balance

Show etherchannel load-balance

Show etherChannel neighbors

Show etherchannel port

How to check Port-Channel status

Show etherchannel sum

Commands to show GLBP status

Show glbp (brief)

Etherchannel interface show details

Show interface port-channel ""

How to show aggregated bandwidth or members on an Etherchannel

Show interface port-channel ""

How to verify tunnel config

Show interface tunnel 100

Port Status, VLAN, Enabled, Mode

Show interfaces switchport

How to check DTP status

Show interfaces trunk

How to see tunnel info

Show intrface tunnel100

How to show EIGRP environment

Show ip eigrp topology

How to see translations

Show ip nat translations

How to see type 3 LSA info

Show ip ospf database summary

Verify OSPF timer

Show ip ospf interface

Show what interfaces are running OSPF

Show ip ospf interface Show ip ospf interface brief

How to see Interface Role OSPF

Show ip ospf interface brief

How to verify an OSPF Loopback Interface

Show ip ospf interface loopback 0 | include type

How to show unequal cost load balancing metrics

Show ip route eigrp

How to verify routes

Show ip route ospf

How to check ip sla config

Show ip sla configuration

Show ospf routes for IPV6

Show ipv6 route ospfv3

How to see LACP counters

Show lacp counters

Show LACP neighbors, priority, siystem ID

Show lacp neighbor detail

How to show LACP System Priority

Show lacp sys-id

How to verify sessions

Show line

How to see logging settings

Show logging

How to check the monitor

Show monitor session local

How to check settings rspan

Show monitor session remote

What is SD-WAN NMS

Single Pane of Glass, provisioning and changes

What is Network Virtualization

Single infrastructure with multiple VRF and VN

Types of Policers

Single-rate two-color Single-rate three-color (second bucket for burst) Two-rate three-color

How many OSPF link-state announcement (LSA) types are used for routing traditional IPv4 packets?

Six

Chef Deployments

Solo / Client and Server / Hosted / Private

What's bad about WPA and WPA2 personal

Someone could easdrop

Once you are in the erspan dialog how to set the source

Source interface ethernet 1/1

But what does that look like dude, the rspan vlan command

Source session 57 destionation remote vlan 99

How to see inconsistent ports

Spamming-tree inconsistent-ports

Set STP Forwarding Delay

Spanning-Tree vlan "" forward-time ""

How to setup MST

Spanning-tree mode mst

Which of the following is the most deterministic strategy you can use to push a specific AP to join a specific controller?

Specify the primary controller

What shows on the "Connection Score" tab

Speed stats, spatial streams, Channel Width, Client max for each

Which one of the following is the primary cause of free space path loss?

Spreading

Etherchannel Source hashes

Src-dst-ip/src-dest-ip-only/src-dst-mac/src-dst-mixed-ip-port

Commands to configure HSRP

Standby 10 ip 192.168.1.1 priority 10 (priority Optional) Standby 10 mac-address (optional) Standby 10 timers 10 (optional) Standby 10 Auth password10

Root bridge election

Start out as root then listen to neighbors

What does "Inspect" do

State-based control, stateful

What is SSO

Stateful Switchover

Three types of NAT

Static / Pooled / PAT

In a resilient network topology, first-hop redundancy protocols (FHRP) overcome the limitations of which of the following? (Choose two.)

Static default routes

What's a SMC

Stealthwatch Management Console

Layer 3 persistent marker

TOS

What is the Layer 2 2-byte field for qoS

TPID

How to add a TACACS server

Tacacs server host 192.168.1.10 key asdfasdf

What does SAFI stand for

Subsequent Address Family Identifier

Study the comparison chart

Sucka

Types of OSPF Route Filtering

Summarization / Area Filtering / Local OSPF Filtering

OSPF supports filtering of routes using which of the following techniques? (Choose two.)

Summarization, using the no-advertise option Area filtering, which prevents type 1 LSAs from being generated into a type 3 LSA

Type 3 LSA

Summary - Advertises a network prefix from a different area

VTP Advertisement Types

Summary / Subset / Client

802.1x Roles

Supplicant (endpoint) / Authenticator / Authentication Server

MD5 Weakness

Supplicant does not require cert from Auth Server

Major diff between OSPF V2 and V3

Support for IPV6

IKEV2 over IKEV1 features

Supports EAP (Certificate-based), anti DoS, less messages, asymetric encryption

OSPFV3 is different because

Supports IPV4/6 New LSA types No more IP Prefix Able to determine flooding scope Packet Format Router ID required Auth Multiple Instances

What type of network device helps reduce the size of a collision domain?

Switch

Suppose that an 802.11a device moves away from a transmitter. As the signal strength decreases, which one of the following might the device or the transmitter do to improve the signal quality along the way?

Switch to a less complex modulation schem

What is an SDM Template

Switching Database Manager

How to disable DTP

Switchport nonegotiate

In a ZBFW what is the Self Zone

System level zone with all router IP Address

What is the protocol of choice for network device access control?

TACACS+

What does the SaltStack command structure include

Targets / Commands / Arguments

What happens in the Chef Kitchen

Testing before production

Suppose that you have just received news that no users can connect with a newly installed AP. Which one of the following bits of information would be important when you search for the AP's name from the WLC? (Choose all that apply.)

The AP has a valid IP address. The AP is not found. The AP has no channel numbers listed for the 2.4 and 5 GHz bands.

Suppose you access a WLC and search for the name of a specific AP for which users have complained about problems. When you look at the 5 GHz information about the AP, you notice that it is using channel 60 and has 5 dBm transmit power, 65 clients, −90 noise level, 1% channel utilization, and the Air Quality value 10. Which of the following conclusions would be most accurate?

The Air Quality value indicates a severe problem with interference on the channel.

Why is using the command-line interface (CLI) to configure a large number of devices considered difficult to scale?

The CLI is prone to human error and misconfi guration. The command line is used on a device-by-device basis.

Which router always advertises the Type 2 LSA?

The DR

Which of the following should not be dynamically advertised via an IGP into a GRE tunnel?

The GRE tunnel source interface or source IP address

MST regions can interact with PVST+/RSTP in which of the following ways? (Choose two.)

The MST region is the root bridge for all VLANs. The PVST+/RSTP topology is the root bridge for all VLANs

How to define if EtherChannel operates at L2 or L3

The Member interfaces

EIGRP Successor

The first next hop router for the successor route

Where do you configure the interface settings of a Port-Channel

The Port-Channel interface

What is TrustSec

The ability to apply ACL to a SGT tag that is assigned

Which one of the following makes the decision for a device to roam from one AP to another?

The client device

Suppose you have accessed a WLC to search for a client's MAC address. Information about the client is displayed, along with a sequence of dots indicating connectivity. The last green dot in the sequence is labeled Online. Which one of the following statements is the most correct?

The client device has successfully joined the wireless network.

Suppose an end user tried to join a wireless network several minutes ago. The WLC Client View screen shows the client to be in the Association state but not the Authentication state. Which one of the following best describes the client's current condition?

The client has an incorrect pre-shared key.

Suppose you search a WLC for a client device's MAC address. The results show a Connection Score value of 10%. Which one of the following correctly describes the scenario?

The client is currently using a data rate that is 10% of its maximum capability.

VTP Client Mode

The client switch receives VTP advertisements and modifies the VLANs on that switch. VLANs cannot be configured locally on a VTP client.

Suppose that a lightweight AP in default local mode is used to support wireless clients. Which one of the following paths would traffic usually take when passing from one wireless client to another?

Through the AP and its controller

What command is configured to prevent a router from becoming the designated router for a network segment?

The interface command ip ospf priority 0

What is the difference between the line configuration command login and the line configuration command login local?

The login command is used to enable line password authentication. The login local command is used to enable username-based authentication.

What is an EIGRP successor?

The next-hop router for the path with the lowest path metric for a destination prefi x

Suppose you search for an AP on a WLC and notice that Noise is −20 on the 2.4 GHz band. Which of the following statements is correct?

The noise is at a very high level, which is bad for wireless performance.

What is a Stratum in NTP

The number of hops

Which router manages the connection

The one with the Higher IP

What will show ntp status show you

Time/offset/server/polling interval/stratum etc

What happens to a route that does not match the PrefixRFC1918 prefix list when using the following route map? route-map QUESTION deny 10 match ip address prefix-list PrefixRFC1918 route-map QUESTION permit 20 set metric 200

The route is allowed, and the metric is set to 200.

VTP Server Mode

The server switch is responsible for the creation, modification, and deletion of VLANs within the VTP domain

What does the Connectivity section in a WLC show?

The steps to connect from Associate to Online

To troubleshoot a single wireless client, which one of the following bits of information would be most helpful in finding the client device in a wireless LAN controller?

The wireless MAC address of the client device

What are EAP Inner methods

They are tunneled inside the other methods

What happens if a Multicast message is received on an Outgoing Interface in PIM-DM / SM

They re-send their AD back upstream to re-calculate the SPT

What do CST and 802.1D have in common?

They support only one topology.

What is Postman

Tool to interact with API's

TCN

Topology Change Notification

What makes EIGRP a true distance vector routing protocol?

Topology Table

How to do traceroute

Trace ip source intterface number

Command to perform Object Traking

Track 57 ip route 192.168.1.1/32 reachability

What is the difference between optional non-transitive and transitive

Transitive option means the device needs to pass on the path attribute to the next neighbor

Inside Static NAT is best for what

Translating internally, not publicly

How to set the protocol and port of a netflow

Transport UDP 99999

What is a Shared Tree

Trees between the RP and LHR

What are some reasons that debugging is used in OSPF? (Choose three.)

Troubleshooting MTU issues Troubleshooting mismatched hello timers Troubleshooting mismatched network masks

Routers closer to the OSPF backbone can see routes from routers farther from backbone true/false

True

True or false: A BGP AS_Path ACL and a prefix list can be applied to a neighbor at the same time.

True

True or false: An extended ACL used to match routes changes behavior if the routing protocol is an IGP rather than BGP.

True

True or false: Breaking a large OSPF topology into smaller OSPF areas can be considered a form of summarization.

True

True or false: CoPP supports input and output policies to control inbound and outbound traffic.

True

True or false: GRE was originally created to provide transport for non-routable legacy protocols.

True

True or false: NFVIS is based on a standard version of Linux packaged with additional functions for virtualization, VNF lifecycle management, monitoring, device programmability, and hardware acceleration.

True

True or false: The IPv6 address family must be initialized to establish a BGP session with a peer using IPv6 addressing.

True

True or false: The MST topology can be tuned for root bridge placement, just like PVST+ and RSTP

True

True or false: The switch port with the lower STP port priority is more preferred.

True

True or false: Without Cisco ISE, it would not be possible to implement pxGrid.

True

DTP Modes

Trunk Dynamic Desireable Dynamic auto

What is SGT for

TrustSec data

What does Diameter setting do in script

Tunes stp convergence / timers

Two transport modes of IPSec

Tunnel Mode (encrypts entire packet not just payload) Transport Mode (no overlay)

What happens between controllers on an intercontroller roam

Tunnel built

Which of the following are modes of packet transport supported by IPsec?

Tunnel mode Transport mode

How many different BPDU types are there?

Two

What is the maximum number of distribution switches that can be deployed within a hierarchical LAN design building block?

Two

What is NGIPS

Two software, one firewall

Floating Static Route

Two static routes with prioritization, only the favored one appears in route table

Enterprise Architecture Options

Two-Tier (Collapsed Core) Three-Tier Layer 2 access layer (STP Based) Layer 3 access layer (routed access) Simplified Campus Software Defined (SD-Access)

Which of the following enterprise network architectures is also known as the collapsed core?

Two-tier design

Diff between type 1 and type 2 hypervisor

Type 1 runs direct on physical machine, type 2 runs on an Operating System

Which of the following password types is the weakest?

Type 7

What type of encryption does the command service password encryption provide?

Type 7 encryption

How to set an erspan destionation

Type destination and go into the context Set the destination IP and the origin IP

Is NTP UDP or TCP based

UDP

Port for VXLAN

UDP 4798

What is the port/protocol for a CAPWAP discovery packet

UDP 5246

How to remove debug from just the interface

Undebug interface loopback1

What's on the Network SD-Access layer

Underlay network / Overlay Network

RIP vs EIGRP

Unequal-Cost LB, networks 255 hops away, rapid convergence, DUAL

Is "Pass" uni-directional or bi-directional

Uni

What does UDLD stand for

Uni-Directional Link Detection

How many AP's can Mobility express support

Up to 100

How much can a de-jitter buffer often fix

Up to 30ms

What is the difference between a BGP update and a BGP notification

Update has route changes, notification has errors

Enabling root guard on a switch port does what?

Upon receipt of a superior BPDU, the port is shut down

What does an Edge Node do?

Use LISP to Enrol / authenticate / Assign a device / EID

DevNet is for what

Use it for studying genius

Three ways to configure a username

Username password / username secret / username algorighm-type secret

Eap fast vs. peap

Uses PAC for faster auth, good for wifi

What is FlexConnn

Uses WLC or mobility controller

How does Cisco DNA Center Assurance simplify troubleshooting and diagnostics?

Using streaming telemetry to gain insight from devices Using open APIs to integrate with other platforms to provide contextual information

What is Globbing

Using wildcards combined with words to search for strings

VTP 1 and 2 vs. 3

V1/2 only go to 1005, 3 to 4094

Major difference between HRSP V1 and V2?

V2 supports millisecond timer values

Two kinds of Cisco SD-Wan

VIPTella Meraki

Default VLAN, un-assignable

VLAN 1

Reserved VLans

VLAN 1002 to 1005

Extended VLAN range

VLAN 1006 - 4094

Normal VLAN's

VLAN 2-1001

Which of the following is the virtual or software version of a network function and typically runs on a hypervisor as a VM?

VNF

What do VN use

VRF Instances

Different approach to tiered method

VSS

How to set VTP Domain

VTP Domain "name"

Transparent

VTP transparent switches receive and forward VTP advertisements but do not modify the local VLAN database. VLANs are configured only locally.

LISP vs VXLAN benefit

VXLAN supports L2 or L3

What is the main reason SD-Access uses VXLAN data encapsulation instead of LISP data encapsulation?

VXLAN supports Layer 2 networks.

What is the modified VXLAN called for SD-Access

VXLAN-GPO

What does VNI stand for

VXLan Network Identifier (like a vlan)

Which of the following WPA versions is considered to have the most secure personal mode?

WPA3

What is the latest version of NetFlow?

Version 9

How are Cisco Antenna's polarized

Vertically

Is -90Db a low noise amount or high

Very low

What is Type 7

Vigenere

What is a VN

Virtual Network

What is a VRF

Virtual Routing and Forwarding

What does VSS stand for

Virtual Switching System

What does VTEP stand for

Virtual tunnel Endpoint

ISE Features

Visibility / NAC / DNA Integration / TACACS / TrusteSec / Guest / onboarding / CA / profiling / posturing / pxgrid

What is Path Trace

Visual Traceroute

How to make a VRF

Vrf definition "" Address family ipv4/6 Vrf forwarding ""

VTP Switch mode how to

Vtp mode server/client/transparent

Set VTP Password

Vtp password

How to set a VTP V3 Primary

Vtp primary

How to set a timeout on a port for 2:30

Vty\exec-timeout 2 30

Which network blocks can provide access to cloud providers for end users?

WAN edge

What is Lightweight

WLC

Difference between Fabric WLC vs WLC

WLC always follows data flow to central server, Fabric can have central server but data can flow out less hops

Which of the following components are part of the SD-Access fabric architecture?

WLCs Cisco routers Cisco switches Access points Cisco ISE Cisco DNA Center

Pre-Shared Key is used in which of the following wireless security configurations? (Choose all that apply.)

WPA personal mode WPA2 personal mode WPA3 personal mode

Between Tail, RED and WRED what is the best congestion avoidance tool

WRED, Randomly drops, but weighted

What is RF Fingerprinting

Walking a mapped area and allowing the AP's to record actual signal strength in an area

What does the Web Security Appliance do Before an attack

Web Reputation / Web Filtering / App Visibility and Control

Open Authentication can be used in combination with which one of the following?

WebAuth

Suppose an enterprise offers a wireless network that guests can use but only after they read and accept an acceptable use policy document. Which one of the following methods can inherently handle this process?

WebAuth

Alternative LB methods for GLBP

Weighted / Host Dependent

Which of the following is a recommended congestion-avoidance mechanism for modern rich-media networks?

Weighted RED (WRED)

Which of the following is a Python dictionary?

dnac = { "host": "sandboxdnac.cisco.com", "port": 443, "username": "devnetuser", "password": "Cisco123!"

What does DBD stand for

What does DBD stand for Database Description

What does NFVIS do

What doesn't it do is the better question

Which type of BGP is used in the internet

eBGP

What is Transit Routing

When Internet traffic flows through your AS

What is the preferance for BGP Route Types

eBGP Confederation Member iBGP

What are some items supported by ENFV that were not supported in EM

vWaaS / cEdge / vWLC / Viptella

How does it connect to devices

WinRM or SSH

What is in the Network Services Edge block

Wireless Lan, ISE, Telepresence, UCM

Three steps to a successful connection to Wifi

Within range and asked to associate / authenticates / Gets IP

What are Ansible Playbooks written in

YAML

Top 3 Data Models

Yang / NETCONF / RESTCONF

What is RESTCONF

Yang for API's

WTF PIM-SM has a DR?

Yeah a desginated router

Can a router be part of two AS?

Yes

Can you staticly set the RP?

Yes

Does EIGRP support route summarization

Yes

Does Stealthwatch do Forensics?

Yes

Does Stealthwatch do IR

Yes

Is MBGP backwards compatible

Yes

What does YANG stand for

Yet another Next Generation Modeling Language

For a COPP how can you determine how much your rate should be

You could use an EPC

What Distributed Messaging Platform does SaltStack use

ZeroMQ

How to create a zone

Zone security outside

Common BGP Regular Expressions

^$ - Local Originating routes - Good to restrict all internet traffic out Permit ^200_ only routes from neighbor AS200 Permit _200$ only routes originating from AS 200 Permit _200_ only routes that passs through AS200 Permit ^[0-9]+[0-9]+[0-9]+? Routes with three or fewer AS-Path Entries

What is the correct regular expression syntax for matching a route that originated in AS 300

_300$

UDLD solves the problem of ______.

a cable sending traffi c in only one direction

Give an example of an ACL applied to a debug

access-list 100 permit ip any 192.168.14.0 0.0.0.255 debug ip packet 100

A router uses _________ as the second criterion for forwarding packets

administrative distance

Which BGP command advertises a summary route to prevent link-flap processing by downstream BGP routers?

aggregate-address network subnet-mask summary-only

What is the proper command to execute a playbook using Ansible?

ansible-playbook Confi gureInterface.yaml

Which of the following attributes does the EIGRP topology table contain? (Choose all that apply.)

destination network prefix hop count total path delay list of EIGRP neighbors

Local bridge Identifier

combination of Local Switch bridge system MAC, system iD and system priority

Which of the following are Python functions? (Choose two.)

def dnac_login(host, username, password): url = "https://{}/api/system/v1/auth/token". format(host) response = requests.request("POST", url, auth=HTTPBasicAuth(username, password), headers=headers, verify=False) return response.json()["Token"] print(dnac_devices)

The ability to install multiple paths from the same routing protocol with the same path metric into the RIB is known as ______.

equal-cost multipathing

OSPFv3 uses ___________ packet types for inter-router communication.

five

What is a FIB and what Technology is it used

forwarding Information Base, CEF

A distance vector routing protocol finds the best loop-free path by using ______.

hop count

Two types of BGP

iBGP and eBGP

A router connects multiple private networks in the 10.0.0.0/8 network range to the Internet. A user's IP address of 10.1.1.1 is considered the __________ IP address.

inside local

A link-state routing protocol finds the best loop free path by using ______.

interface cost

Which value can be modified on a router to manipulate the path taken by EIGRP but avoid having impacts on other routing protocols, such as OSPF?

interface delay

How to set cost for MST

interface\spanning-tree mst "0" cost "1"

Which command is used to apply an ACL to an interface?

ip access-group {access-list-number | name} {in|out}

What does an LHR do after it receives an IGMP join from a receiver?

it sends a PIM join toward the RP.

Which of the following options can be used to only allow inbound SSH access to the vty lines of a router?

line vty 0 4 transport input ssh ip access-list extended SSH permit tcp any any eq 22 line vty 0 4 access-class SSH in

A router uses _________ as the first criterion for forwarding packets

longest match

The access layer is also commonly referred to as the _____.

network edge

How to apply an ACL to a SNMP string

snmp-server community READONLY ro 99

A path vector routing protocol finds the best loop-free path by using ______.

path attributes

What is an example of a Distribute List

permit ip 100.64.0.0 0.0.255.0 host 255.255.255.128 - Networks with 10.64.x.0 /25 are distributed

Connecting VNFs together to provide an NFV service or solution is known as ______.

service chaining

Which command is used to view the BGP neighbors and their hello intervals?

show bgp afi safi neighbors

Which command displays the translation table on a router?

show ip nat translations

Etherchannel Port Hashes

src-dst-port/src-ip/src-mac/src-mixed-ip-port/src-port

Which of the following commands defines the HSRP instance 1 VIP gateway instance 10.1.1.1?

standby 1 ip 10.1.1.1

NTP uses the concept of ________ to calculate the accuracy of the time source.

stratum

Which of the following commands are optional for GRE configuration? (Choose two.)

tunnel mode gre {ip | ipv6} keepalive

What's the difference between vEdge and cEdge

vEdge is the OG, cEdge is the integrated Cisco variant, cEdge also supports advanced security options

Two types of Viptella

vEdge, cEdge

Which of the following is the single pane of glass for the SD-WAN solution?

vManage

What are the main components of the Cisco SD-WAN solution? (Choose four.)

vManage network management system (NMS) vSmart controller SD-WAN routers vBond orchestrator

When using the Cisco vManage Authentication API, what is the Headers ContentType that is used?

x-www-form-urlencoded

Which of the following is in JSON data format?

{ "user": "root", "father": "Jason", "mother": "Jamie", "friend": "Luke" }

What does every JSON start and end with

{}

A transmitter normally uses an absolute power level of 100 mW. Through the course of needed changes, its power level is reduced to 40 mW. What is the power-level change in dB?

−4 dB


Related study sets

ISM4011- Lesson 10- Extending the Organization - Supply Chain Management

View Set

Aging exam 1 (quiz questions and models)

View Set

INSY 3300 - Chapter 7 Lists & Tuples

View Set

MS-102 Microsoft 365 Administrator Certification

View Set

CPSC 471 Chapter 2 Exam Study Set

View Set

DATA 630: Applied Database Management Week 1-5 Quizes

View Set

26 Quiz 8 - The Nursing Process - Implementing

View Set

Which statement best describes a project?

View Set

Vocabulary Workshop Level H (Units 10-12)

View Set