350-001 CCIE Routing and Switching Written Exam V4 - Examking

Number: 000-000 Passing Score: 800 Time Limit: 120 min File Version: 1.0 Cisco 350-001

350-001 CCIE Routing and Switching Written Exam V4 Practice Test Updated: Nov 30, 2009 Cisco 350-001: Practice Exam

Exam A QUESTION 1 What does the root guard feature provide in a bridged network? A. B. C. D. it ensures that the bridge is elected asRoot Bridge in the network. it enforces the root bridge placement in the network It ensures that BPDUs sent by the root bridge are forwarded in a timely manner. It ensures that all ports receiving BPDUs from the root bridge are in the forwarding state.

Answer: B Section: (none) Explanation/Reference: Explanation: Root Guard-Enabled per port; ignores any received superior BPDUs to prevent a switch connected to this port from becoming root. Upon receipt of superior BPDUs, this switch puts the port in a loop-inconsistent state, ceasing forwarding and receiving frames until the superior BPDUs cease. The STP topology can be changed based on one of these unexpected and undesired switches being added to the network. For instance, this newly added and unexpected switch might have the lowest bridge ID and become the root. To prevent such problems, BPDU Guard and Root Guard can be enabled on these access ports to monitor for incoming BPDUs.

QUESTION 2 Which two of these statements about WCCP version 2 are false? (Choose two.) A. B. C. D. E. F. It allows for the redirection of traffic other than HTTP, including a variety of UDP and TCP traffic. Only one router can redirect content requests. Multiple routers can redirect content requests. It works only with IP networks. The Cache Engine defines one central "home router" and stores it in its memory. The Cache Engine defines one central "home router," and stores it in its memory.

Answer: BF Section: (none) Explanation/Reference: Explanation: WCCP transparently redirects Hypertext Transfer Protocol (HTTP) requests going to the intended server to a Cache Engine. End users do not know that the page came from the Cache Engine rather than the originally requested web server. WCCP Version 2 now contains the following new features: Multiple router support Improved security Faster throughput Redirection of multiple TCP port-destined traffic Load distributing applications capability

Client IP addressing transparency Multirouter Support: WCCP Version 2 enables a series of Cache Engines, called a Cache Engine cluster , to connect to multiple routers. This feature provides redundancy and a more distributed architecture for instances when a Cache Engine needs to connect to a large number of interfaces. This strategy also has the benefit of keeping all the Cache Engines in a single cluster, avoiding unnecessary duplication of web pages across several clusters. Reference: http://www.cisco.com/en/US/products/sw/conntsw/ps547/products_user_guide_chapter09186a008 009f1ae. html

QUESTION 3 According to the exhibit provided, what will be the purpose of this route map when applied to traffic passing through a router?

A. take any packet sourced from any address in the 10.2.0.0/16 network or destined to 10.1.14.25 and set the next hop to 10.1.1.1 B. nothing; extended access lists are not allowed in route maps used for policy-based routing C. take any packet sourced from any address in the 10.2.0.0/16 network and destined to 10.1.14.25 and set the next hop to 10.1.1.1 D. drop any packet sourced from 10.2.0.0/16 Answer: A Section: (none) Explanation/Reference: Explanation: In this configuration example, any traffic matching access list 100 will have their next hop set to 10.1.1.1 overriding the normal behavior of the routing table. Access list 100 has two entries, so any traffic matching either will be policy routed.

QUESTION 4 Which two benefits are of applying WRED? (Choose two.) A. B. C. D. helps to avoid TCP synchronization allows a different drop profile to be manually enabled for each IP precedence or DSCP provides minimal bandwidth guarantees provides bounded low latency

Answer: AB Section: (none) Explanation/Reference: Explanation:

WRED and distributed WRED (DWRED)-both of which are the Cisco implementations of RED- combine the capabilities of the RED algorithm with the IP Precedence feature. Within the section on WRED, the following related features are discussed: -

Flow-based WRED. Flow-based WRED extends WRED to provide greater fairness to all flows on an interface in regard to how packets are dropped. -

DiffServ Compliant WRED-DiffServ Compliant WRED extends WRED to support Differentiated Services (DiffServ) and Assured Forwarding (AF) Per Hop Behavior (PHB). This feature enables customers to implement AF PHB by coloring packets according to differentiated services code point (DSCP) values and then assigning preferential drop probabilities to those packets. WRED avoids the globalization problems that occur when tail drop is used as the congestion avoidance mechanism on the router. Global TCP synchronization occurs as waves of congestion crest only to be followed by troughs during which the transmission link is not fully utilized. Global synchronization of TCP hosts, for example, can occur because packets are dropped all at once. Global synchronization manifests when multiple TCP hosts reduce their transmission rates in response to packet dropping, then increase their transmission rates once again when the congestion is reduced. Reference: http://www.google.com/search?hl=en&q=WRED%2C+A+different+drop+profile+can+be+manually +enabled +per+IP+Precedence+or+DSCP

QUESTION 5 Refer to the exhibit. The output of the show interface command for the link between R2 and R5 in this EIGRP network shows that the link load varies between 10 and 35. What K value setting could you use to ensure that this link is not used by EIGRP when the link load reaches 35, but can be used again when the link load drops below 20?

A. Link load is not read in real-time, so there is no way to set the K values to make EIGRP choose to use or not use a link based on the link load. B. Use the K5 setting to include load in EIGRP's metric calculations. C. Use theK2 setting to include load in EIGRP's metric calculations. D. There is not enough information in the question to determine the correct answer.

Answer: A Section: (none) Explanation/Reference: Explanation: EIGRP computes its composite metric from five parameters, one of them being interface load, therefore raising the theoretical possibility of having route metrics that include interface load. However, tweaking EIGRP Kvalues with the "metric weights" command to include interface load in metric calculations is highly discouraged - every change in interface load could lead to network instability. Even worse, whenever an interface load would increase, the increased composite metric of the affected routes in EIGRP topology table would cause them to enter active state (and the router to start the DUAL algorithm trying to find more optimum paths toward the destination). To make the whole idea even more impractical, EIGRP does not scan the interface load (and other parameters influencing the metric) on periodical basis, but only when triggered by a change in network topology (for example, interface or neighbor up/down even).

QUESTION 6 NBAR is used to provide which QoS function? A. B. C. D. classification policing CBWFQ bandwidth guarantees shaping

Answer: A Section: (none) Explanation/Reference: Explanation: NBAR addresses IP QoS classification requirements by classifying application-level protocols so that QoS policies can be applied to the classified traffic. NBAR addresses the ongoing need to extend the classification engine for the many existing and emerging application protocols by providing an extensible Packet Description Language (PDL). NBAR can determine which protocols and applications are currently running on a network so that an appropriate QoS policy can be created based upon the current traffic mix and application requirements. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter0 9186a00800c75d1.html#54116

QUESTION 7 You work as a network technician at Pas4sure.com, study the exhibit carefully. Upon examining the EIGRP topology table, you see that ROUTER1 has routes to 10.1.3.0/24 and 10.1.4.0/24, but not to 192.168.2.0/24. ROUTER3 has routes to 10.1.1.0/24 and 10.1.2.0/24, but not to 192.168.1.0/24. Which would most likely cause this problem?

A. ROUTER2 is most likely filtering EIGRP externals, but you cannot be certain without examining its configuration B. ROUTER1 and ROUTER3 have the same router ID, so they will reject each other's redistributed (external) EIGRP routes. C. Autosummarization is removing the routes to 192.168.1.0/24 and 192.168.2.0/24. ROUTER1 and ROUTER3 should have routes to 192.168.0.0/16 instead. D. The redistribution at ROUTER1 and ROUTER3 is configured incorrectly. Answer: B Section: (none) Explanation/Reference: Explanation: Many times, EIGRP will not install routes because of a duplicate router ID problem. EIGRP does not use router ID as extensively as OSPF. EIGRP uses the notion of router ID only on external routes to prevent loops. EIGRP chooses the router ID based on the highest IP address of the loopback interfaces on the router. If the router doesn't have any loopback interfaces, the highest active IP address of all the interfaces is chosen as the router ID for EIGRP. In this case, the loopback addresses are both 10.1.5.1 so the redistributed routes will be rejected as Router1 and Router3 will assume that there is a routing loop. Reference: Troubleshooting EIGRP by Zaheer Aziz, Johnson Lui, Abe Martey, Faraz Shamim, Cisco Press.

QUESTION 8 Which of these potential issues is eliminated by the use of split horizon? A. B. C. D. asymmetric routing throughout the network packet forwarding loops joined horizons Cisco Express Forwarding load-balancing inconsistency

Answer: B Section: (none) Explanation/Reference: Explanation: Distance-vector routing protocols employ the split horizon rule which prohibits a router from advertising a route back out the interface from which it was learned. Split horizon is one of the methods used to prevent routing loops due to the slow convergence times of distance-vector routing protocols.

QUESTION 9 The 802.1w protocol is seen as the next evolution beyond the 802.1 D standard protocol. Which of these statements regarding port states is true of both 802.1 D and 802.1w? A. All 802.1 D port states (Disabled, Blocking, Listening, Learning, and Forwarding) are identical in 802.1w.

B. The 802.1 D port states Disabled and Blocking have become the 802.1w port state Discarding, and all other 802.1D port states remain the same in 802.1w. C. The 802.1 D port states Disabled, Blocking, and Listening have become the 802.1w port state Discarding, and all other 802.1D port states remain the same in 802.1w. D. The 802.1 D port states Disabled, Blocking, and Listening have been removed completely from 802.1w (there is no corresponding port state), and all other 802.1 D port states remain the same in 802.1w. ) E. The 802.1 D port state Disabled has been removed from 802.1w, and the 802.1 D port states Blocking and Listening have become the 802.1w port state Discarding; all other 802.1D port states remain the same in 802.1w. Answer: C Section: (none) Explanation/Reference: Explanation:

QUESTION 10 When a router makes a forwarding decision, which of these routes in the routing table always wins? A. administrative distance B. router ID C. longest prefix match D. routing process ID Answer: C Section: (none) Explanation/Reference: Explanation: Making a forwarding decision actually consists of three sets of processes: the routing protocols, the routing table, and the actual process, which makes a forwarding decision and switches packets. These three sets of processes are illustrated, along with their relationship, below:

The longest prefix match always wins among the routes actually installed in the routing table, while the routing protocol with the lowest administrative distance always wins when installing routes into the routing table. Reference: www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094823.shtml

QUESTION 11 On what type of ports would STP Port Fast BPDU guard be most appropriate? A. B. C. D. root ports Designated ports Host ports alternate ports

Answer: C Section: (none) Explanation/Reference:

QUESTION 12 Which of these statements best describes how neighbor adjacencies are formed in a multi-access OSPF network? A. The router with the highest priority will become the DR B. Only those routers with the Cisco default priority of 0 are eligible to become the DR or BDR. C. The router with the highest loop-back address will become the DR if two or more routers have the same priority. D. The router with the lowest Router ID will become the DR and the router with the next lowest Router ID will become the BDR. E. Election of the DR and BDR begins only after a router that wants to become either the DR or BDR enters the ExStart state. Answer: A Section: (none) Explanation/Reference: Explanation: The router with the highest priority is elected the DR on a multiaccess network. A router with a priority of 0 is ineligible to become a DR or BDR. In the event of a tie in priority, the router with the highest router ID is elected the DR. If no router ID has been manually configured on a router, the router uses its numerically highest

loopback address as its router ID. If no loopback interfaces have been configured, the router uses its numerically highest IP address of any physical interface.

QUESTION 13 Which two fundamental modifications, related to traffic forwarding, does MPLS introduce? (Choose two.) A. B. C. D. IP lookup is performed on every hop within the MPLS core. IP destination routing is reduced to label lookup within the MPLS network. For unicast routing, labels are assigned to FECs (in other words, IP prefixes). For multicast routing, labels are assigned to IP multicast groups.

Answer: BC Section: (none) Explanation/Reference: Explanation: MPLS works by tagging packets with an identifier (a label) to distinguish the LSPs. When a packet is received, the router uses this label (and sometimes also the link over which it was received) to identify the LSP. It then looks up the LSP in its own forwarding table to determine the best link over which to forward the packet, and the label to use on this next hop. A different label is used for each hop, and it is chosen by the router or switch performing the forwarding operation. This allows the use of very fast and simple forwarding engines, as the router can select the label to minimize processing. Ingress routers at the edge of the MPLS network use the packet's destination address to determine which LSP to use. Inside the network, the MPLS routers use only the LSP labels to forward the packet to the egress router.

In the diagram above, LSR (Label Switched Router) A uses the destination IP address on each packet to select the LSP, which determines the next hop and initial label for each packet (21 and 17). When LSR B receives the packets, it uses these labels to identify the LSPs, from which it determines the next hops (LSRs D and C) and labels (47 and 11). The egress routers (LSRs D and C) strip off the final label and route the packet out of the network. As MPLS uses only the label to forward packets, it is protocolindependent, hence the term "Multi- Protocol" in MPLS. Packet forwarding has been defined for all types of layer-2 link technologies, with a different label encoding used in each case.

QUESTION 14 You are using IPv6, and would like to configure EIGRPv3. Which three of these correctly describe how you can

perform this configuration? (Choose three.) A. EIGRP for IPv6 is directly configured on the interfaces over which it runs. B. EIGRP for IPv6 is not configured on the interfaces over which it runs, but if a user uses passive- interface configuration, EIGRP for IPv6 needs to be configured on the interface that is made passive. C. There is a network statement configuration in EIGRP for IPv6, the same as for IPv4. D. There is no network statement configuration in EIGRP for IPv6. E. When a user uses a passive-interface configuration, EIGRP for IPv6 does not need to be configured on the interface that is made passive. F. When a user uses a non-passive-interface configuration, EIGRP for IPv6 does not need to be configured on the interface that is made passive Answer: ADE Section: (none) Explanation/Reference: Explanation: Restrictions for Implementing EIGRP for IPv6: This section lists ways in which EIGRP for IPv6 differs from EIGRP IPv4 as well as EIGRP for IPv6 restrictions.

EIGRP for IPv6 is directly configured on the interfaces over which it runs. This feature allows EIGRP for IPv6 to be configured without the use of a global IPv6 address. There is no network statement in EIGRP for IPv6. In per-interface configuration at system startup, if EIGRP has been configured on an interface, then the EIGRP protocol may start running before any EIGRP router mode commands have been executed.

An EIGRP for IPv6 protocol instance requires a router ID before it can start running.

EIGRP for IPv6 has a shutdown feature. The routing process should be in "no shutdown" mode in order to start running.

When a user uses passive-interface configuration, EIGRP for IPv6 does not need to be configured on the interface that is made passive.

EIGRP for IPv6 provides route filtering using the distribute-list prefix-list command. Use of the routE.map command is not supported for route filtering with a distribute list. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_configuration_guide_chapter0 9186a00805fc867.html

QUESTION 15 Refer to the exhibit. Which switching feature is being tested?

A. B. C. D.

Loop guard Port Fast root guard BDPU guard

Answer: A Section: (none) Explanation/Reference: Explanation: Loop guard checks if a root port or an alternate/backup root port receives BPDUs. If the port does not receive BPDUs, loop guard puts the port into an inconsistent state (blocking) until it starts to receive BPDUs again. A port in the inconsistent state does not transmit BPDUs. If such a port receives BPDUs again, the port (and link) is deemed viable again. The loop-inconsistent condition is removed from the port, and STP determines the port state. In this way, recovery is automatic. Loop guard isolates the failure and lets spanning tree converge to a stable topology without the failed link or bridge. Loop guard prevents STP loops with the speed of the STP version that is in use. There is no dependency on STP itself (802.1D or 802.1w) or when tuning the STP timers. For these reasons, Cisco recommends that you implement loop guard in conjunction with UDLD in topologies that rely on STP and where the software supports the features. When loop guard blocks an inconsistent port, this message is logged: %SPANTREE-SP-2-LOOPGUARD_BLOCK: Loop guard blocking port GigabitEthernet2/1 on VLAN0010 Reference: http://www.cisco.com/en/US/products/hw/switches/ps700/products_white_paper09186a00801b49 a4.shtml

QUESTION 16 Refer to the exhibit. In this network, when R6 runs SPF, what

A. R6 not have an entry to 10.1.5.0/24 on its shortest path tree B. R6 have an entry to 10.1.5.0/24 through R4 on its shortest path tree, since R4 is the closest exit point out of Area 2 C. R6 choose the path through R5, R2, R1 because this is the shortest path through the network, D. R6 choose the path through R5, R3, R1 because this is the shortest path through the network. Answer: A Section: (none) Explanation/Reference: Explanation: Router R6 in area 2 is in a totally stubby area. So there are only Type 1 and 2 LSA's allowed. So inter-area routes (which require Type 3 LSA's) are not in the database of R6. All that will be seen is a default route outside the area. Since the 2 exists (R4+R5= do not have equal cost path, the way over R4 (cost 10) will be preferred. So all answers who claim that packets will go via R5, are wrong. Also answer D is wrong, since R6 won't have an entry for 10.1.5.0/24.

QUESTION 17 A new router has been allocated a single /24 subnet (172.16.123.0/24). The interface between this new router and the upstream router has already been configured from a different IP subnet. The four other interfaces on this router require 56,10, 72, and 24 IP addresses, respectively. The router always uses the first IP address on any subnet. Which one of these combinations of IP addresses allow the router to meet the interface requirements? Which of these combinations of IP addresses allow the router to meet the interface requirements?

A. 172.16.123.1 255.255.255.128 172.16.123.129 255.255.255.192 172.16.123.193 255.255.255.224 172.16.123.225 255.255.255.240 B. 172.16.123.1 255.255.255.192 172.16.123.65 255.255.255.192 172.16.123.129 255.255.255.192 172.16.123.193 255.255.255.192 C. 172.16.123.1 255.255.255.128 172.16.123.129 255.255.255.192 172.16.123.193 255.255.255.224 172.16.123.225 255.255.255.248 D. 172.16.123.1 255.255.255.128 172.16.123.129 255.255.255.224 172.16.123.161 255.255.255.224 172.16.123.193 255.255.255.224 E. 172.16.123.1 255.255.255.128 172.16.123.129 255.255.255.192 172.16.123.193 255.255.255.240 172.16.123.209 255.255.255.240 Answer: A Section: (none) Explanation/Reference: Explanation: The subnet sizes needed to meet the address requirements are: FreeExamKing.com 56 = /26 = 255.255.255.192 10 = /28 = 255.255.255.240 72 = /25 = 255.255.255.128 24 = /27 = 255.255.255.224 Answer A most efficiently meets these requirements.

QUESTION 18 Exhibit:

Refer to the exhibits. At R1 in this network, there is no route to 10.1.4.0/24 in the local routing table. Based on the output for R1 in the exhibit, what is the most likely reason 10.1.4.0/24 is not in R1's routing table?

A. The forwarding address, 10.1.3.2, is also redistributed into OSPF, and an OSPF external route cannot use another OSPF external as its next hop. B. R2 is not properly configured as an Area Border Router. C. Area 1 is a stub area, and external routes cannot be originated in a stub area. D. R3 is not redistributing 10.1.4.0/24 properly. Answer: A Section: (none) Explanation/Reference: FreeExamKing.com Explanation: The forwarding address, 10.1.3.2, is also redistributed into OSPF, and an OSPF external route cannot use another OSPF external as its next hop.

QUESTION 19 Which bits are copied to the EXP bits in an MPLS label by default? A. B. C. D. TOS CoS IP precedence DSCP

Answer: C Section: (none) Explanation/Reference: Explanation: MPLS has 3 EXP bits in the label header that are used in much the same way as IP Precedence bits or the DSCP CS bits. By default, when Cisco IOS Software pushes labels onto an IP packet, the most significant bits in the DiffServ field (the IP Precedence bits) are copied to the EXP field of all imposed labels. Reference: "Traffic Engineering with MPLS" By Eric Osborne, Ajay Simha, Cisco Press. http://www.ciscopress. com/articles/article.asp?p=28688&seqNum=5

QUESTION 20 You work as a network technician. Study the exhibit carefully. ROUTER1 is the root bridge for both VLAN 1 and VLAN 2. Which way is the easiest to load-share traffic across both trunks and maintain redundancy in case a link fails, without using any type of EtherChannel link-bundling?

A. Increase the root bridge priority (increasing the numerical priority number) for VLAN 2 on ROUTER2 so that port B2 becomes the root port on ROUTER2 for VLAN 2. B. Increase the root bridge priority (decreasing the numerical priority number) for VLAN 2 on ROUTER1 so that A2 becomes the root port on ROUTER2 for VLAN 2. C. Decrease the path cost on A2 on ROUTER1 for VLAN 2 so that port B1 will be blocked for VLAN 2 and port B2 will remain blocked for VLAN 1. D. Decrease the port priority on A2 for VLAN 2 on ROUTER1 so that port B1 will be blocked for VLAN 2 and port B2 will remain blocked for VLAN 1. Answer: D Section: (none) Explanation/Reference: Explanation: To achieve VLAN load sharing you will need to decrease the port priority value for VLAN 2 on port A2. This way, the corresponding port B2 on Router2 receives better BPDUs than the ones that are sent on port A2 (that still has a port priority default value of 32). Router1> (enable) set spantree portvlanpri 2/2 16 1 Port 3/2 vlans 1 using portpri 16. Port 3/2 vlans 2-1004 using portpri 32. Port 3/2 vlans 1005 using portpri 4. Router1> (enable) The exact same scenario as this question is documented on the Cisco site at the reference link listed below. Reference: VLAN Load Balancing Between Trunks Using the Spanning-Tree Protocol Port Priority http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96a.shtml

QUESTION 21

On the basis of the network provided in the exhibit, R3 and R4 are configured to run all connected links in OSPF Area 1. The network administrator is complaining that traffic destined to 192.168.1.0/24 is being routed to R2, even if R2 is not running OSPF. Which would be the cause of this problem?

A. The next hop towards 192.168.1.0/24 at R4 should be 10.1.1.1, since R1 is redistributing the route from EIGRP into OSPF. R3 is forwarding traffic incorrectly B. R4 would not have a route towards 192.168.1.0/24, so the network administrator is wrong in thinking any traffic is being forwarded there C. The next hop towards 192.168.1.0/24 at R4 should be 10.1.1.2 which is R2 D. The next hop towards 192.168.1.0/24 at R4 would be 10.1.2.2, which is R3. R3 should be load sharing between R1 and R2 for its next hop Answer: A

Section: (none) Explanation/Reference: Explanation: Since OSPF and EIGRP are being redistributed between R 1 and R 2, the route will appear to R4 as an external route, with the next hop being the IP address at R2.

QUESTION 22 Refer to the exhibit. R12 (in Area 4) receives a packet destined for a network in Area 1. What routing table entry will R12 have that will enable it to forward the packet? FreeExamKing.com

A. B. C. D.

a summary route generated by R1 and propagated through the OSPF domain a default route generated by R1 and propagated through the OSPF domain a summary route generated by R4 and propagated to R12 a default route generated by R4 and propagated to R12

Answer: D Section: (none) Explanation/Reference:

QUESTION 23 When the NTP peer statement is used in a Cisco IOS router, what functionality does this imply is also being used on the router? A. static client

B. symmetric active mode C. static server D. NTP broadcast client

Answer: B Section: (none) Explanation/Reference: Explanation: When a networking device is operating in the symmetric active mod e, it polls its assigned time- serving hosts for the current time and it responds to polls by its hosts. Because this is a peer-to- peer relationship, the host also retains time-related information about the local networking device that it is communicating with. This mode should be used when there is a number of mutually redundant servers that are interconnected via diverse network paths. Most stratum 1 and stratum 2 servers on the Internet today adopt this form of network setup. Use the peer command to individually specify the time-serving hosts that you want your networking device to consider synchronizing with and to set your networking device to operate in the symmetric active mode . Reference: http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.3/system_management/configuration/guide/y c33ntp.html

QUESTION 24 In Frame Relay, BECN messages indicating congestion are sent or received by which of these? A. B. C. D. received by the sender sent by the sender received by the destination sent by the destination

Answer: A Section: (none) Explanation/Reference: Explanation: Backward Explicit Congestion Notification (BECN) - The router receiving the frame with BECN set knows that a frame it sent experienced congestion. A frame relay switch sends the BECN to the original sender of the frame to indicate congestion in the network.

QUESTION 25 Refer to the exhibit. In this network, R1 has been configured to advertise a summary route, 192.168.0.0/22, to R2. R2 has been configured to advertise a summary route, 192.168.0.0/21, to R1. Both routers have been configured to remove the discard route (the route to null created when a summary route is configured) by setting the administrative distance of the discard route to 255. What will happen if R1 receives a packet destined to 192.168.3.1?

A. B. C. D.

The packet will loop between R1 and R2. It is not possible to set the administrative distance on a summary to 255. The packet will be forwarded to R2, where it will be routed to null0. The packet will be dropped by R1, since there is no route to 192.168.3.1

Answer: A Section: (none) Explanation/Reference:

QUESTION 26 Which two options help minimize router resource requirements and improve manageability? (Choose two.) A. B. C. D. autosummarization Simple Network Management Protocol CPU optimization prefix aggregation

Answer: AD Section: (none) Explanation/Reference: Explanation: Automatic route summarization and prefix aggregation is always a recommended best design practice whenever possible, as it means less routing table entries for the router to store. For example, many subnets can be hidden behind a single routing table entry, making these entries smaller, and routing more efficient).

QUESTION 27 Which of these best identifies the types of prefixes a router running BGP will advertise to an EBGP peer? A. prefixes received from any other BGP peer and prefixes locally originated via network statements or redistributed to BGP B. all prefixes in its IP routing table C. only prefixes received from EBGP peers and prefixes locally originated via network statements or redistributed D. only prefixes received from EBGP peers and prefixes received from route reflectors E. all prefixes in its routing table except the prefixes received from other EBGP peers F. a prefixes in its routing table except the prefixes received from other IBGP peers Answer: A Section: (none) Explanation/Reference: Explanation: By default, a BGP router will advertise routes that were received form other BGP peers (both IBGP and EBGP peers) as well as any locally generated routes via the network command or via redistribution. The default configuration of BGP on a circuit does not advertise any routes or allow any learned routes into the IGP routing table, these have to be manually entered as Network statements or be redistributed into the IGP.

The network command controls what networks are originated by this box. This is a different concept from what you are used to configuring with IGRP and RIP. With this command we are not trying to run BGP on a certain interface, rather we are trying to indicate to BGP what networks it should originate from this box. The network command is one way to advertise your networks via BGP. Another way is to redistribute your IGP (IGRP, OSPF, RIP, EIGRP, etc.) into BGP. Careful filtering should be applied to make sure you are sending to the internet only routes that you want to advertise and not everything you have.

QUESTION 28 What feature monitors the level of each traffic type in 1-second intervals? A. B. C. D. E. Port Fast Uplink Fast Storm Control Port Aggregation Protocol Link Aggregation Configuration Options

Answer: C Section: (none) Explanation/Reference: Explanation: Traffic storm control (also called traffic suppression) monitors incoming traffic levels over a 1- second traffic storm control interval and, during the interval, compares the traffic level with the traffic storm control level that you configure. The traffic storm control level is a percentage of the total available bandwidth of the port. Each port has a single traffic storm control level that is used for all types of traffic (broadcast, multicast, and unicast).

QUESTION 29 IP multicast addresses in which range are used for Scope Relative multicast? A. The lowest (numerically) 256 multicast addresses of each administratively scoped address range are automatically reserved for Scope Relative multicast. B. Scope Relative multicast addresses must be chosen from the administratively scoped address range by the network administrator and configured on every router. C. The highest (numerically) 256 addresses of each administratively scoped address range are automatically reserved for Scope Relative multicast. D. The highest (numerically) 32 addresses of each administratively scoped address range are automatically reserved for Scope Relative multicast. Answer: C Section: (none) Explanation/Reference: Explanation: Multicast addresses may be allocated in any of three ways: Static: Statically allocated addresses are allocated by IANA for specific protocols that require well-known addresses to work. Examples of static addresses are 224.0.1.1 which is used for the Network Time Protocol and 224.2.127.255 which is used for global scope multicast session announcements. Scope-relative: RFC 2365 reserves the highest 256 addresses in every administrative scope range for relative assignments. Relative assignments are made by IANA and consist of an offset which is valid in every scope. Dynamic: For most purposes, the correct way to use multicast is to obtain a dynamic multicast address. These addresses are provided on demand and have a specific lifetime.

Reference: http://www.ietf.org/rfc/rfc2908.txt

QUESTION 30 Refer to the exhibit. Which protocol will load-balance traffic across all gateways in a group by dynamically assigning responsibility for a Virtual IP address and multiple virtual MAC addresses to each member of the group?

A. B. C. D. E.

Hot Standby Router Protocol Gateway Load Balancing Protocol Virtual Router Redundancy Protocol Simple Network Management Protocol Spanning Tree Protocol

Answer: B Section: (none) Explanation/Reference: Explanation: The Gateway Load Balancing Protocol feature provides automatic router backup for IP hosts configured with a single default gateway on an IEEE 802.3 LAN. Multiple first hop routers on the LAN combine to offer a single virtual first hop IP router while sharing the IP packet forwarding load. Other routers on the LAN may act as redundant GLBP routers that will become active if any of the existing forwarding routers fail. GLBP performs a similar, but not identical, function for the user as the HSRP and the VRRP. HSRP and VRRP protocols allow multiple routers to participate in a virtual router group configured with a virtual IP address. One member is elected to be the active router to forward packets sent to the virtual IP address for the group. The other routers in the group are redundant until the active router fails. These standby routers have unused bandwidth that the protocol is not using. Although multiple virtual router groups can be configured for the same set of routers, the hosts must be configured for different default gateways, which results in an extra administrative burden. GLBP provides load balancing over multiple routers (gateways) using a single virtual IP address and multiple virtual MAC addresses. Each host is configured with the same virtual IP address, and all routers in the virtual router group participate in forwarding packets. Reference: GLBP - Gateway Load Balancing

Protocolhttp://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html

QUESTION 31 Which two statements correctly describe CBWFQ? (Choose two.) A. B. C. D. CBWFQ services each class queue using a strict priority scheduler. Inside a class queue, processing is always FIFO, except for the class-default queue. The CBWFQ scheduler provides a guaranteed minimum amount of bandwidth to each class. The class-default queue only supports WFQ.

Answer: BC Section: (none) Explanation/Reference: FreeExamKing.com Explanation: CBWFQ allows a network administrator to create minimum guaranteed bandwidth classes. Instead of providing a queue for each individual flow, a class is defined that consists of one or more flows. Each class can be guaranteed a minimum amount of bandwidth. Within a class queue, processing is always FIFO, except for the class-default queue. CBWFQ supports 64 queues, with a maximum and default queue length varying depending on the model of router and the amount of memory installed. All 64 queues can be configured, but one class queue, called class-default , is automatically configured. If the explicitly configured classification does not match a packet, IOS places the packet into the class-default class. Currently, CBWFQ can use either FIFO or WFQ inside the class-default queue References: http://www.cisco.com/en/US/docs/internetworking/technology/handbook/QoS.html http://ninjasd.wordpress.com/2008/06/03/class-default-queue/

QUESTION 32 Which Cisco IOS feature can be used to defend against spoofing attacks? A. B. C. D. E. F. Cisco IOS Firewall (CBAC) lock-anD.key ACL and/or reflexive ACL IP Source Guard and/or Unicast RPF TCP Intercept Cisco IOS IPS Auth-Proxy

Answer: C Section: (none) Explanation/Reference: Explanation: The proper deployment and configuration of Unicast RPF provides the most effective means of anti-spoofing protection against attacks with spoofed source IP addresses. IP source guard provides the most effective means of anti-spoofing protection against attacks with spoofed source MAC addresses. Deployment as close to all traffic sources as possible provides maximum effectiveness. Reference: http://tools.cisco.com/security/center/getDocument.x?id=442

QUESTION 33

Refer to the exhibit. Assume that all necessary configurations in this network are correct for routing. Subnet 10.1.1.0/24 is sourced by Router A and advertised via BGP, OSPF, and EIGRP. Eventually, Router G learns of this subnet. What is the routing protocol and administrative distance that Router G used to reach subnet 10.1.1.0/24?

A. B. C. D. E. F.

EIGRP, AD 5 EIGRP, AD 90 EIGRP, AD 170 OSPF, AD 110 BGP, AD 20 BGP, AD 200

Answer: E Section: (none) Explanation/Reference: Explanation: In this example, router G will learn this route via OSPF, EIGRP, and IBGP, and external BGP. Since the administrative distance of EBGP is 20, this will be the preferred route to the 10.1.1.0/24 network.

QUESTION 34 Refer to the exhibit. While performing an internal audit of your network, you come across this configuration in all of your routers. Which three statements about this configuration are true? (Choose three.)

A. B. C. D. E. F.

The Event Manager applet is configured incorrectly. The IP SNMP process is monitored every 10 seconds. The IP SNMP process is monitored every 10 minutes. When CPU process exceeds 50%, an event is generated. SNMP trap type 50 messages are sent to the event managers. A publish event is sent to well-known user 798 with an SNMP trap message.

Answer: BDF Section: (none) Explanation/Reference: Explanation: B, D: Example: The following example shows how to configure three EEM applets to demonstrate how the Cisco IOS watchdog system monitor (IOSWDSysMon) event detector works: Watchdog System Monitor Sample1 Policy The first policy triggers an applet when the average CPU usage for the process named IP Input is greater than or equal to 1 percent for 10 seconds: event manager applet IOSWD_Sample1 event ioswdsysmon sub1 cpu-proc taskname "IP Input" op ge val 1 period 10 action 1.0 syslog msg "IOSWD_Sample1 Policy Triggered" To specify the action of publishing an application-specific event when the event specified for an Embedded Event Manager (EEM) applet is triggered, use the action publish-event command in applet configuration mode. To remove the action of publishing an application-specific event, use the no form of this command. action label publish-event sub-system sub-system-id type event-type arg1 argument-data [ arg2 argumentdata ] [ arg3 argument-data ] [ arg4 argument-data ] no action label publish-event Syntax Description

Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_command_reference_chapter 09186a00801a8084.html#wp1110829

QUESTION 35 Phase I and Phase II DMVPN differ in terms of which of these characteristics? A. utilization of spoke-to-spoke dynamic tunnels B. utilization of hub-to-spoke dynamic tunnels C. support for multicast

D. utilization ofmultipoint GRE tunnels at the hub site Answer: A Section: (none) Explanation/Reference: Explanation: The 3 DMVPN Phases are: Phase 1: Hub and spoke functionality Phase 2: Spoke-to-spoke functionality Phase 3: Architecture and scaling Reference: http://www.cisco.com/application/pdf/en/us/guest/products/ps6658/c1161/cdccont_0900aecd8031 3c97.pdf

QUESTION 36 Refer to the exhibit. R10 (in Area 2) is redistributing routes learned from BGP into the OSPF process. R2 will generate which three OSPF LSA types for advertisements to Area 0? (Choose three.)

A. B. C. D. E. F.

Type 1 - router LSAs Type 2 - network LSAs Type 3 - network summary LSAs Type 4 - ASBR Summary LSAs Type 5 - AS external LSAs Type 7 - NSSA external LSAs

Answer: CDE Section: (none) Explanation/Reference:

Explanation: In this example, router R2 is an area border router (ABR) as it connects areas 2 and 0. It also learned of routes from R10, which is an ASBR since it redistributes BGP routes into OSPF so these routes will also need to be advertised into area 0. The OSPF LSA Types are as follows : Type 1: Router link advertisements generated by each router for each area it belongs to. Flooded to a single area only. Type 2: Network link advertisements generated by designated routers describing the set of routers attached to a particular network. Flooded to the area that contains the network. Type 3/4: Summary link advertisements generated by ABRs describing inter-area routes. Type 3 describes routes to networks and is used for summarization. Type 4 describes routes to the ASBR. Type 5: Generated by the ASBR and describes links external to the Autonomous System (AS). Flooded to all areas except stub areas. Type 6: Group membership link entry generated by multicast OSPF routers. Type 7: NSSA external routes generated by ASBR. Only flooded to the NSSA. The ABR converts LSA type 7 into LSA type 5 before flooding them into the backbone (area 0).

QUESTION 37 If you have a large number of alignment errors, FCS errors, or late collisions, this may indicate which of these problems? A. there is a half-duplex connection between the switch and an endpoint on a 10/100/1000 BASE.T Ethernet link B. no problem, these errors are normal under most circumstances C. there is a duplex mismatch on a 1000 BASE.LX/LH D. there is a duplex mismatch on a 10/100/1000 BASE-T Ethernet link Answer: D Section: (none) Explanation/Reference: Explanation: Many different modes of operations for Ethernet over twisted pair (10/100/1000 Base T), and most network adapters are capable of different modes of operations. In 1995, a standard was released for allowing two network adapters connected to each other to negotiate the best possible shared mode of operation. The autonegotiation standard contained a mechanism for detecting the speed but not the duplex setting of Ethernet peers that did not use autonegotiation. When two linked interfaces are set to different duplex modes, the effect of this duplex mismatch is a network that functions much slower than its nominal speed. The primary rule for avoiding this is to avoid setting one end of a connection to full duplex and the other end to autonegotiation. Duplex mismatch may be inadvertently caused when an administrator configures an interface to a fixed mode (e.g 100 Mbit/s full duplex) and fails to configure the remote interface, leaving it set to autonegotiate. Then, when the autonegotiation process fails, half duplex is assumed by the autonegotiating side of the link. The resulting duplex mismatch results in a dramatically slow network, in which many collisions, and especially late collisions occur on the interface set to half-duplex, and FCS errors are seen on the full-duplex side. Gigabit Ethernet standards require autonegotiation to be on in order to operate. Reference: http://en.wikipedia.org/wiki/10BASE.T

QUESTION 38 The Border Gateway Protocol tries to install the best path for a prefix into the Routing Information Base and fails. Which three of these are possible reasons for this failure? (Choose three.) A. B. C. D. memory failure a route with a worse administrative distance is already present in the IGP routing table a route with a better administrative distance is already present in the IGP routing table the best path for the prefix is already installed in the RIB

E. the number of routes in VRF exceeds the route limit configured for the VRF instance Answer: ACE Section: (none) Explanation/Reference: Explanation: What does r RIB-Failure mean in the "show ip bgp" command output? R1> show ip bgp BGP table version is 5, local router ID is 200.200.200.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path r> 6.6.6.0/24 10.10.13.3 0 130 0 30 i *> 7.7.7.0/24 10.10.13.3 0 125 0 30 i When BGP tries to install the bestpath prefix into Routing Information Base (RIB) (for example, the IP Routing table), RIB might reject the BGP route due to any of these reasons: * Route with better administrative distance already present in IGP. For example, if a static route already exists in IP Routing table. * Memory failure. * The number of routes in VPN routing/forwarding (VRF) exceeds the route-limit configured under the VRF instance. Reference: http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a00800949e8.shtml

QUESTION 39 Refer to the exhibit. R2 does not have any 10.100.x.x routes in either its routing table or its BGP table. What is the most likely cause of the problem?

A. B. C. D.

The advertised BGP next hop is not in R2's routing table. BGP will not advertise a route that is not in the IP routing table. BGP will not advertise a route unless it is synchronized with the IGP. The serial link between the routers in not participating in the BGP process.

Answer: B Section: (none) Explanation/Reference: Explanation: A BGP router will not advertise the routes specified in the network command unless it also has that route in its routing table. In this case, the 10.100.0.0/16 network was added under the BGP process using the network command, but this route is not in the routing table. Only the more specific 10.100.1.0/24 and 10.100.2.0/24 routes are in the routing table as connected routes. By adding a static route to the null0 interface, the 10.100.0.0/16 route will be in the IGP routing table and this route will be added to the BGP process and advertised to neighbors.

QUESTION 40 Which of these statements correctly describes traffic policing? A. B. C. D. E. It allows for the provision of low latency on congested interfaces. It is mandatory when enabling NBAR and CBWFQ. It allows for the metering and limitation of bandwidth utilization. It is also referred to as 'buffer tuning,1 and is an optimal way to manage router I/O memory. It should be configured on every router to avoid memory corruption.

Answer: C Section: (none)

Explanation/Reference: Explanation: From the CCIE R&S Exam Certification Guide: CB Policing is enabled for packets either entering or exiting an interface, or those entering or exiting a subinterface. It monitors, or meters, the bit rate of the combined packets; when a packet pushes the metered rate past the configured policing rate, the policer takes action against that packet. The most aggressive action is to discard the packet.

QUESTION 41 Refer to the exhibit. In this network R1 and R2 are both configured as EIGRP stub routers. If the link between R1 and R3 failed, would R3 still be able to reach 192.168.1.0/24, and why or why not?

A. No. R3 would remove its route to 192.168.1.0/24 through R1, but would not query R2 for an alternate route, since R2 is a stub. B. Yes. When a directly connected link fails, a router is allowed to query all neighbors, including stub neighbors, for an alternate route. C. Yes, because R3 would know about both routes, through R1 and R2, before the link between R1 and R3 failed. D. No. The path through R2 would always be considered a loop at R3. Answer: A Section: (none) Explanation/Reference: Explanation: EIGRP Stub Router Functionality When EIGRP routes to destinations are lost and no feasible successor routes exist, EIGRP sends a QUERY packet to each neighbor to discover whether alternative routes exist. These routers then propagate this QUERY until it reaches the edge of the network. In a typical redundant hub-and- spoke scenario, it is typical for the spoke site to be connected via redundant links to the hub site. In this case, the QUERY is propagated back to another router in the hub site, which may not be optimum. EIGRP has a functionality known as a stub router functionality that prevents this behavior. When a spoke router is explicitly configured to be so, a hub router does not send any QUERY packets to a stub router .

QUESTION 42 What keywords do you need to the access-list to provide to the logging message like source address and source mac address?

A. B. C. D.

log log-input log-output logging

Answer: B Section: (none) Explanation/Reference: Explanation: The "log-input" keyword is an optional access list command and includes the input interface and source MAC address or VC in the logging output. To define an extended IP access list, use the extended version of the access-list command in global configuration mode. To remove the access lists, use the no form of this command. access-list access-list-number [ dynamic dynamic-name [ timeout minutes ]] { deny | permit } protocol source source-wildcard destination destination-wildcard [ precedence precedence ] [ tos tos ] [ log | log-input ] [ timerange time-range-name ] [ fragments ] Reference: http://www.cisco.com/en/US/docs/ios/12_3/ipaddr/command/ reference/ip1_a1g.html

QUESTION 43 Refer to the exhibit. Which of these is applied to the Bearer class?

A. WRED B. traffic shaping

C. packet marking D. packet classification E. FIFO queuing within the class

Answer: E Section: (none) Explanation/Reference: Explanation: The "priority" command is used to configure Low Latency queuing (LLQ) where the traffic assigned to the LLQ is given strict priority with FIFO queuing. The priority command can be configured in multiple classes, but it should only be used for voice- like, constant bit rate (CBR) traffic. If the traffic is not CBR, you must configure a large enough bandwidth parameter to absorb the data bursts. Configuring the priority command in multiple classes provides the ability to police the priority classes individually. For an example, refer to the following configuration: policy-map policy1 Page 35 of 251 35 class voice1 priority 24 class voice2 priority 48 class data bandwidth 20 In this example, voice1 and voice2 classes of traffic go into the high priority queue and get strict priority queueing over data traffic. However, voice1 traffic will be rate-limited to 24 kbps and voice2 traffic will be rate-limited to 48 kbps. The classes will be individually rate-limited (and given first-in first-out [FIFO] treatment) even if they go into the same queue. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a0080087 b13.html

QUESTION 44 Which three of these statements correctly describe Source Specific Multicast? (Choose three.) A. SSM uses shared trees only. B. SSM uses shortest path trees only. C. The use of SSM is recommended when there are many sources and it is desirable to keep the amount of mroute state in the routers in the network to a minimum.

D. There are no RPs to worry about. E. Is best suited for applications that are in the many-to-many category. F. Is best suited for applications that are in the one-to-many category. Answer: BDF Section: (none) Explanation/Reference: Explanation: D: SSM is easy to install and provision in a network because it does not require the network to maintain information about which active sources are sending to multicast groups. This requirement exists in ISM (with IGMPv1, IGMPv2, or IGMPv3). The current standard solutions for ISM service are PIM-SM and Multicast Source Discovery Protocol (MSDP). Rendezvous point (RP) management in PIM-SM (including the necessity for Auto-RP or bootstrap router [BSR]) and MSDP is required only for the network to learn about active sources. This management is not necessary in SSM. SSM is therefore easier than ISM to install and manage and easier to operationally scale in deployment. Another factor that contributes to the ease of installation of SSM is the fact that it can leverage preexisting PIMSM networks. B: SSM is a solution where the knowledge of the source is acquired out of band. SSM uses only a source tree, but there is no flooding of data, because learning the source is out of band. SSM is most useful for applications such as Internet broadcasting or corporate communications F: SSM is a datagram delivery model that best supports one-to-many applications, also known as broadcast applications. SSM is a core networking technology for the Cisco implementation of IP multicast solutions targeted for audio and video broadcast application environments and is described in RFC 3569. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801a6 d6f.html

QUESTION 45 Refer to the exhibit. What type of issue does this Router A error log indicate?

Exhibit: A. physical layer problem B. PortFast is enabled on both HSRP routers C. HSRP standby router configuration error D. HSRP router interfaces are in the wrong VLAN Answer: A Section: (none) Explanation/Reference: Explanation: Case Study: HSRP State Continuously Changes (Active, Standby, Speak) These error messages can appear: Jan 9 08:00:42.623: %STANDBY-6-STATECHANGE: Standby: 49: Vlan149 state Standby -> Active Jan 9 08:00:56.011: %STANDBY-6-STATECHANGE: Standby: 49: Vlan149 state Active-> Speak Jan 9 08:01:03.011: %STANDBY-6-STATECHANGE: Standby: 49: Vlan149 state Speak -> Standby Jan 9 08:01:29.427: %STANDBY-6-STATECHANGE: Standby: 49: Vlan149 state Standby -> Active Jan 9 08:01:36.808: %STANDBY-6-STATECHANGE: Standby: 49: Vlan149 state Active-> Speak

Jan 9 08:01:43.808: %STANDBY-6-STATECHANGE: Standby: 49: Vlan149 state Speak -> Standby These error messages describe a situation in which a standby HSRP router did not receive three successive HSRP hello packets from its HSRP peer. The output shows that the standby router moves from the standby state to the active state. Shortly thereafter, the router returns to the standby state. Unless this error message occurs during the initial installation, an HSRP issue probably does not cause the error message. The error messages signify the loss of HSRP hellos between the peers. When you troubleshoot this issue, you must verify the communication between the HSRP peers. A random, momentary loss of data communication between the peers is the most common problem that results in these messages. There are several possible causes for the loss of HSRP packets between the peers. The most common problems are physical layer problems or excessive network traffic caused by spanning tree issues. Reference: http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml

QUESTION 46 Poor performance, collisions, and intermittent communication between a PC and a switch port may be the result of which of these? A. B. C. D. the wrong wire category is being used the port on the switch is in the errdisable state there are mismatching duplex modes there are mismatching speeds

Answer: C Section: (none) Explanation/Reference: Explanation: Issues with autonegotiation of duplex generally do not result in link establishment issues. Instead, autonegotiation issues mainly result in performance-related issues. A duplex mismatch can result in performance issues, intermittent connectivity, and loss of communication. When you troubleshoot NIC issues, verify that the NIC and switch use a valid configuration. Reference: http://www.cisco.com/warp/public/473/46.html

QUESTION 47 All of these switch port errors are indications of duplex mismatches on 10/100/1000 IEEE 802.3u Gigabit

Ethernet ports except which one? A. B. C. D. E. F. alignment errors FCS errors multiple collisions runts excessive collisions late collisions

Answer: C Section: (none) Explanation/Reference: Explanation: The causes for the most common errors found in a 10/100/1000 LAN environment is found in the following table (Note the answers to this question in bold). Reference: http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00800a7af0. shtml

QUESTION 48 R2 does not have any 10.100.x.x routes in either its routing table or its BGP table. What will you do at R5 to solve this problem? Network Topology Exhibit:

R5 exhibits:

A. B. C. D.

Add a BGP network statement to encompass the serial link. Configure a static route for 10.100.0.0/16 to null0 Disable BGP synchronization. Set the BGP next-hop-self command for neighbor R2

Answer: B Section: (none) Explanation/Reference: Explanation: A BGP router will not advertise the routes specified in the network command unless it also has that route in its routing table. In this case, the 10.100.0.0/16 network was added under the BGP process using the network command, but this route is not in the routing table. Only the more specific 10.100.1.0/24 and 10.100.2.0/24 routes are in the routing table as connected routes. By adding a static route to the null0 interface, the 10.100.0.0/16 route will be in the IGP routing table and this route will be added to the BGP process and advertised to neighbors.

QUESTION 49 IP multicast routing uses (S,G) entries for multicast packet forwarding. Which addresses are used in the S entries? A. GLOP addresses B. SDP / SAP addresses C. Source Specific Multicast addresses

D. Any class, class A, class B. or class C host addresses E. the block of administratively scoped multicast addresses Answer: D Section: (none) Explanation/Reference: Explanation: State entries for a source tree use the notation (S, G) pronounced S comma G . The letter S represents the IP address of the source (any valid class A, B, or C host IP address), and G represents the group address. Reference: http://www.ciscopress.com/articles/article.asp?p=32100

QUESTION 50 Which of these identifies two types of information that can be used to direct traffic along a specific route when using policy-based routing? A. B. C. D. the source IP address and protocol (such as FTP and HTTP) the type of service header and packet length the packet Time to Live and the source IP address the source IP address and the Layer 2 source address

Answer: A Section: (none) Explanation/Reference:

QUESTION 51 An OSPF adjacency will not form correctly across a point-to-point link in the same area. What is the most likely reason for this problem? A. B. C. D. Each interface is configured with the ip unnumbered loop back 0 command. Each interface has a different OSPF cost. Each interface has a different MTU size. Each interface is configured with secondary addresses as well as primary addresses.

Answer: C Section: (none) Explanation/Reference: Explanation: By default, OSPF checks whether neighbors are using the same MTU on a common interface. This check is performed when neighbors exchange Database Descriptor (DBD) packets. If the receiving MTU in the DBD packet is higher than the IP MTU configured on the incoming interface, OSPF adjacency will not be established. This behavior can be overridden with the interface command: "ip ospf mtu-ignore".

QUESTION 52 Which standard supports multiple instances of spanning tree? A. 802.1D B. 802.1s

C. 802.1w D. 802.1Z Answer: B Section: (none) Explanation/Reference: Explanation: Multiple Spanning Tree (802.1s MST) is an IEEE standard inspired from the Cisco proprietary Multiple Instances Spanning Tree Protocol (MISTP) implementation. Reference: Understanding Multiple Spanning Tree Protocol (802.1s) http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfc. shtml

QUESTION 53 In order to configure two routers as anycast RPs, which of these requirements, at a minimum, must be satisfied? A. B. C. D. Multicast Source Discovery Protocol mesh-groups must be configured between the two any cast RPs. The RPs must be within the same IGP domain. Multicast Source Discovery Protocol must be configured between the two any cast RPs. The two any cast RPs must be IBGP peers.

Answer: C Section: (none) Explanation/Reference: Explanation: Anycast-RP is an extension of the Static RP technique that also allows multiple Rendezvous Points for a group range to be deployed. This allows the network to continue to operate if a Rendezvous Point fails. The idea is to configure two or more routers in the network to be the Rendezvous Point. Each of these Anycast-RP routers will be configured with the same Rendezvous Point address (in this case 10.1.1.1) on one of their Loopback interfaces. Each router also will advertise this address (the Rendezvous Point address) as a /32 host route. This will result in the other routers in the network using the closest Anycast-RP as their Rendezvous Point based on the unicast routing metrics. Normally, this would split the network into multiple PIM-SM domains that would not talk to each other . However, the Multicast Source Discovery Protocol (MSDP) is used to communicate active source information from one Anycast-RP to the other in Source Active (SA) messages . This allows active sources in one half of the network to be learned and joined by the Rendezvous Point in the other half of the network. Reference: http://www.cisco.com/en/US/tech/tk828/technologies_white_paper09186a00802d4643.shtml

QUESTION 54 What is the reason that RSTP has a better convergence time than 802.1D? A. B. C. D. it is newer it is not timer-based it has less overhead it has smaller timers

Answer: B Section: (none) Explanation/Reference:

Explanation: Rapid transition is the most important feature introduced by 802.1w RSTP. The legacy STA passively waited for the network to converge before it turned a port into the forwarding state. The achievement of faster convergence was a matter of tuning the conservative default parameters (forward delay and max_age timers) and often put the stability of the network at stake. The new rapid STP is able to actively confirm that a port can safely transition to the forwarding state without having to rely on any timer configuration.

QUESTION 55 Which port is on every bridge in a Spanning Tree Protocol IEEE 802.1w network except the root bridge? A. B. C. D. root port designated port alternate port Backup port

Answer: A Section: (none) Explanation/Reference: Explanation: The root port is the port on each switch with the least cost path back to the root bridge. The root bridge has no need for a root port.

QUESTION 56 If you have overlapping IP address between two different networks or routing domains, what two commands do you need to globally configure NAT to get this to work? A. B. C. D. ip nat outside source list 1 interface x and ip nat inside source list 1 interface x ip nat outside source static x.x.x.xy.y.y.y and ip nat inside source static x.x.x.xy.y.y.y ip nat outside source static udp x.x.x.x y.y.y.y and ip nat inside source udp x.x.x.x y.y.y.y ip nat outside source static tcp x.x.x.x y.y.y.y and ip nat outside source tcp x.x.x.x y.y.y.y

Answer: B Section: (none) Explanation/Reference: Explanation: Both source and destination address has to be translated for this solution.

QUESTION 57 In Layer 2 topologies, spanning-tree failures can cause loops in the network. These unblocked loops can cause network failures because of excessive traffic. Which two Catalyst 6500 features can be used to limit excessive traffic during spanning-tree loop conditions? (Choose two.) A. B. C. D. storm suppression storm control loop guard broadcast suppression

Answer: BC

Section: (none) Explanation/Reference: Explanation: Loop Guard: The STP loop guard feature provides additional protection against Layer 2 forwarding loops (STP loops). An STP loop is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state. This usually happens because one of the ports of a physically redundant topology (not necessarily the STP blocking port) no longer receives STP BPDUs. In its operation, STP relies on continuous reception or transmission of BPDUs based on the port role. The designated port transmits BPDUs, and the non-designated port receives BPDUs. When one of the ports in a physically redundant topology no longer receives BPDUs, the STP conceives that the topology is loop free. Eventually, the blocking port from the alternate or backup port becomes designated and moves to a forwarding state. This situation creates a loop. The loop guard feature makes additional checks. If BPDUs are not received on a non-designated port, and loop guard is enabled, that port is moved into the STP loop-inconsistent blocking state, instead of the listening / learning / forwarding state. Without the loop guard feature, the port assumes the designated port role. The port moves to the STP forwarding state and creates a loop. Storm Control: A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. The traffic storm control feature prevents LAN ports from being disrupted by a broadcast, multicast, or unicast traffic storm on physical interfaces. Traffic storm control (also called traffic suppression) monitors incoming traffic levels over a 1- second traffic storm control interval and, during the interval, compares the traffic level with the traffic storm control level that you configure. The traffic storm control level is a percentage of the total available bandwidth of the port. Each port has a single traffic storm control level that is used for all types of traffic (broadcast, multicast, and unicast). Traffic storm control monitors the level of each traffic type for which you enable traffic storm control in 1-second traffic storm control intervals. Within an interval, when the ingress traffic for which traffic storm control is enabled reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the traffic storm control interval ends.

QUESTION 58 What is the end result if a 10/100/1000 IEEE 802.3u Gigabit Ethernet link has autonegotiation enabled on the switch port and the host NIC is statically configured for 100 Mb/s and full-duplex? A. B. C. D. E. The link comes up, because autonegotiation sets the switch port to 100Mb/s and full-duplex. The link does not come up because autonegotiation must be enabled or disabled on both sides of the link. Autonegotiation sets the switch port to 100Mb/s and half-duplex. Autonegotiation sets the switch port to the defaults of 10OOMb/s and full-duplex. Autonegotiation sets the switch port to the defaults of 10OOMb/s and half-duplex.

Answer: C Section: (none) Explanation/Reference: Explanation: This scenario will create 100Mbs and half duplex. duplex mismatch will result. Why Do Autonegotiation and Compatibility Issues Exist? Autonegotiation issues can result from nonconforming implementation, hardware incapabilities, or software defects. When NICs or vendor switches do not conform exactly to the IEEE specification 802.3u, problems can result. Hardware incompatibility and other issues can also exist as a result of vendor-specific advanced features, such as autopolarity or cable integrity, which are not described in IEEE 802.3u for 10/100 Mbps autonegotiation. Generally, if both the NIC and the switch adhere to IEEE 802.3u autonegotiation specifications and all additional features are disabled, autonegotiation must properly negotiate speed and duplex, and no operational issues exist.

General Troubleshooting for 10/100/1000 Mbps NICs Autonegotiation Valid Configuration Table Speed determination issues can result in no connectivity. However, issues with autonegotiation of duplex generally do not result in link establishment issues. Instead, autonegotiation issues mainly result in performance-related issues. The most common problems with NIC issues deal with speed and duplex configuration. Table 1 summarizes all possible settings of speed and duplex for FastEthernet NICs and switch ports. Note: This section is only applicable for 10/100/1000 Mbps (1000BASE-T) NICs, and not 1000BASE-X NICs. Table 1-Autonegotiation Valid Configuration 1 A duplex mismatch can result in performance issues, intermittent connectivity, and loss of communication. When you troubleshoot NIC issues, verify that the NIC and switch use a valid configuration. 2 Some third-party NIC cards can fall back to half-duplex operation mode, even though both the switchport and NIC configuration are manually configured for 100 Mbps, full-duplex. This is because NIC autonegotiation link detection still operates when the NIC is manually configured. This causes duplex inconsistency between the switchport and the NIC. Symptoms include poor port performance and frame check sequence (FCS) errors that increment on the switchport. In order to troubleshoot this issue, try to manually configure the switchport to 100 Mbps, half-duplex. If this action resolves the connectivity problems,this NIC issue is the possible cause. Try to update to the latest drivers for your NIC, or contact your NIC card vendor for additional support. Reference: http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00800a7af0. shtml

QUESTION 59 Which of these is a valid differentiated services PHB? A. Guaranteed PHB B. C. D. E. Class-Selector PHB Reserved Forwarding PHB Discard Eligible PHB Priority PHB

Answer: B Section: (none) Explanation/Reference: Explanation: The Per-Hop Behavior is indicated by encoding a 6-bit value-called the Differentiated Services Code Point (DSCP)-into the 8-bit Differentiated Services (DS) field of the IP packet header. Behaviors: Default PHB-which is typically best-effort traffic Expedited Forwarding (EF) PHB-for low-loss, low-latency traffic Assured Forwarding (AF)-behavior group Class Selector PHBs-which are defined to maintain backward compatibility with the IP Precedence field.

QUESTION 60 Refer to the exhibit. This exhibit shows the NAT configuration for Router A and the output for a ping issued from device 171.68.200.48 and destined to 172.16.47.142. Based on this information, what change must be made to Router A in order for the ping to work?

A. reload the router B. clear the route cache C. add a static route D. configure IP as classless E. Load a newer IOS image Answer: D Section: (none) Explanation/Reference: Explanation: Based on the debug messages we see that the router does not have a route for the destination address (172.16.47.142) in its routing table. The result of the non-routable packet is an ICMP Unreachable message, which is sent to the inside device. However, RouterA has a default route of 172.16.47.145, so why is the route considered non- routable? RouterA has " no ip classless" configured, which means if a packet destined for a "major" network address (in this case, 172.16.0.0) for which subnets exist in the routing table, the router does not rely on the default route. In other words, issuing the " no ip classless" command turns off the router's ability to look for the route with the longest bit match. To change this behavior, you have to configure ip classless on RouterA. The " ip classless" command is enabled by default on Cisco routers with IOS Version 11.3 and above. RouterA# configure terminal Enter configuration commands, one per line. End with CTRL/Z. RouterA#(config)# ip classless

RouterA#(config)# end Reference: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

QUESTION 61 If a port configured with STP Port Fast BPDU guard receives a BPDU, what will happen to the port? A. B. C. D. it will be identified as a designated port it will be put into a forwarding state it will be put into an errdisabled state it will be designated as a root port

Answer: C Section: (none) Explanation/Reference: Explanation: The devices behind the ports with STP portfast enabled are not allowed to influence the STP topology. This is achieved by disabling the port with portfast configured upon reception of BPDU. The port is transitioned into errdisable state, and a message is printed on the console. Reference: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml

QUESTION 62 Refer to the exhibit. For this network, assume all routers have been configured to run EIGRP in AS 100, and have also been configured to run EIGRP on all connected links. If the link between R3 and R4 fails, how many queries will R5 and R6 receive?

A. R6 will receive two queries, one for 192.168.1.0/24 and one for 192.168.2.0/24. R5 will receive one query, for 192.168.1.0/24. B. Both R5 and R6 will receive two queries, one for 192.168.1.0/24 and one for 192.168.2.0/24. C. Neither R5 nor R6 will receive any queries for either 192.168.1.0/24 or 192.168.2.0/24. D. R5 will receive one query, for 192.168.1.0/24, and R6 will receive no queries. Answer: A Section: (none)

Explanation/Reference: Explanation: Both R5 and R6 will receive queries as R4 will go active to R5 for both routes and since R5 does not have any other routes to these it queries R6.

QUESTION 63 Which of these statements about OSPF external LSAs (type 5) is correct? A. External LSAs (type 5) are automatically changed to type 1 LSAs at ASBRs. B. Type 5 LSAs are route summaries describing routes to networks outside the OSPF Autonomous System. C. OSPF external LSAs are automatically flooded into all OSPF areas, unlike type 7 LSAs, which require that redistribution be configured. D. External network LSAs (type 5) redistributed from other routing protocols into OSPF are not permitted to flood into a stub area. E. OSPF external LSAs can be flooded into an NSSA area if redistributed from other routing protocols into OSPF and if the subnets parameter is used with the redistribute command. Answer: D Section: (none) Explanation/Reference: Explanation: type 5 not flooded into stub area OSPF Type 5 LSA: ASBRs generate AS external link advertisements. External link advertisements describe routes to destinations external to the AS and are flooded everywhere with the exception of stub areas, totally stubby areas, and NSSAs. The link-state ID of the type 5 LSA is the external network number. Configuring a stub area reduces the size of LSDB inside an area, resulting in reduced memory requirements for routers in that area. Exteranl network LSAs (type 5), such as those redistributed from other routing protocols into OSPF, are not permitted to flood into a stub area. Reference: http://jsk984.wordpress.com/page/2/

QUESTION 64 Which of these statements is true in reference to IPv6 multicast? A. B. C. D. IPv6 multicast uses Multicast Listener Discovery. IPv6 multicast requires MSDP. PIM dense mode is not part of IPv6 multicast. The first 8 bits of an IPv6 multicast address are always FF (1111 1111)

Answer: A Section: (none) Explanation/Reference: Explanation: The Multicast Listener Discovery Protocol (MLD) is used by IPv6 routers to discover the presence of multicast listeners (i.e., nodes that wish to receive multicast packets) on their directly attached links, and to discover specifically which multicast addresses are of interest to those neighboring nodes. Note that a multicast router may itself be a listener of one or more multicast addresses; in this case it performs both the "multicast router part" and the "multicast address listener part" of the protocol, to collect the multicast listener information needed by its multicast routing protocol on the one hand, and to inform itself and other neighboring multicast routers of its listening state on the other hand. Reference: http://www.ietf.org/rfc/rfc3810.txt

QUESTION 65 The following network topology is shown in the following exhibit, where routers R1 and R2 are configured with HSRP:

Exhibit: A. B. C. D. HSRP secondary address configuration error This is not an HSRP problem, but rather an STP error or router or switch configuration issue HSRP standby configuration error HSRP burned-in address error

Answer: B Section: (none) Explanation/Reference: Explanation: From the Cisco Troubleshoot HSRP Case Studies : Case Study #1: HSRP Standby IP Address Is Reported as a Duplicate IP Address These error messages can appear: Oct 12 13:15:41 : %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by 0000.0c07. ac19 Oct 13 16:25:41 : %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by 0000.0c07. ac19 Oct 15 22:31:02 : %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by 0000.0c07. ac19 Oct 15 22:41:01 : %STANDBY-3-DUPADDR: Duplicate address 10.25.0.1 on Vlan25, sourced by 0000.0c07. ac19 These error messages do not necessarily indicate an HSRP problem. Rather, the error messages indicate a possible Spanning Tree Protocol (STP) loop or router/switch configuration issue. The error messages are just symptoms of another problem. In addition, these error messages do not prevent the proper operation of HSRP. The duplicate HSRP packet is ignored. These error messages are throttled at 30-second intervals. But, slow network performance and packet loss can result from the network instability that causes the STANDBY-3DUPADDR error messages of the HSRP address. Reference:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094afd.shtml

QUESTION 66 Which two of these statements best describe the role of split horizon? (Choose two.) A. It is a redistribution technique used by routing protocols. B. It is a function that prevents the advertising of routes over an interface that the router is using to reach a route. C. Its role is to help avoid routing loops D. It is a function used by routing protocols to install routes into routing table. E. It is used only by EIGRP. Answer: BC Section: (none) Explanation/Reference: Explanation: In computer networks, distance-vector routing protocols employ the split horizon rule which prohibits a router from advertising a route back out the interface from which it was learned. Split horizon is one of the methods used to prevent routing loops due to the slow convergence times of distance-vector routing protocols.

QUESTION 67 Which of these tables is used by an LSR to perform a forwarding lookup for a packet destined to an address within an RFC 4364 VPN? A. B. C. D. CEF FIB LFIB IGP

Answer: C Section: (none) Explanation/Reference: Explanation: LFIB is used to forward labels currently being forwarded. The Label Forwarding Information Base (LFIB) is a table that indicates where and how to forward frames in an MPLS/VPN network. It is created by label switch-capable devices; the LFIB contains a list of entries consisting of an ingress and one or more egress subentries (outgoing label, outgoing interface, outgoing link-level components). The LFIB is constructed based on information the LSRs gain from interaction with the routing protocols.

QUESTION 68 Refer to the exhibit. In this network, all routers are configured to place all interfaces shown in OSPF Area 0. If you examined the OSPF database on R4, what would the network (type 2) LSA generated by R3 contain?

A. B. C. D.

a connection to 10.1.5.0/24, and links to R3, R2, and R1 a connection to 10.1.5.0/24, and links to R2 and R1 connections to 10.1.5.0/24 and 10.1.1.0/31 R3 would not generate a network (type 2) LSA in this network.

Answer: D Section: (none) Explanation/Reference: Explanation: R3 will not generate any type 2. It is not a DR and this connection with R4 is a point to point link where there is no DR. Type 2 LSA are generated by DR

QUESTION 69 WRED is most effective under what circumstances? A. B. C. D. most traffic is TCP-based an equal distribution of TCP and UDP traffic a mix of TCP, UDP, and non-IP traffic very high bandwidth interfaces such as Gigabit Ethernet

Answer: A Section: (none) Explanation/Reference: Explanation: WRED avoids the globalization problems that occur when tail drop is used as the congestion avoidance mechanism. Global synchronization manifests when multiple TCP hosts reduce their transmission rates in response to packet dropping, then increase their transmission rates once again when the congestion is reduced. WRED is only useful when the bulk of the traffic is TCP/IP traffic . With TCP, dropped packets indicate congestion, so the packet source will reduce its transmission rate. With other protocols, packet sources may not respond or may resend dropped packets at the same rate. Thus, dropping packets does not decrease congestion. Reference: http://www.cisco.com/en/US/docs/ios/12_0/qos/configuration/guide/qcconavd.html

QUESTION 70

Both Loop guard and UniDirectional Link Detection protect against Layer 2 STP loops. How to differ loop guard from UDLD in loop detection and prevention? (Choose two.) A. Loop guard can be used with root guard simultaneously on the same port on the same VLAN while UDLD cannot. B. Loop guard detects and protects against duplicate packets being received and transmitted on different ports. C. UDLD protects against STP failures caused by cabling problems that create one-way links. D. Loop guard protects against STP failures caused by problems that result in the loss of BPDUs from a designated switch port. Answer: CD Section: (none) Explanation/Reference: Explanation: Both UniDirectional Link Detection (UDLD) and Loop Guard protect a switch trunk port from causing loops. Both features prevent switch ports from errantly moving from a blocking to a forwarding state when a unidirectional link exists in the network. Unidirectional links are simply links for which one of the two transmission paths on the link has failed, but not both. This can happen as a result of miscabling, cutting one fiber cable, unplugging one fiber, GBIC problems, or other reasons. Because STP monitors incoming BPDUs to know when to reconverge the network, adjacent switches on a unidirectional link could both become forwarding, causing a loop. Loop Guard -When normal BPDUs are no longer received, the port does not go through normal STP convergence, but rather falls into an STP loop-inconsistent state. Reference: CCIE Routing and Switching Official Exam Certification Guide, Second Edition by Wendell Odom, page 83.

QUESTION 71 Which of these statements about anycast RPs is correct? A. Anycast RPs cannot be used in conjunction with Auto-RPs. B. After a failure of one of the anycast RPs, the PIM network v reconverge on the remaining anycast RP or RPs in less than one second. C. After a failure of one of the anycast RPs, the PIM network x reconverge on the remaining anycast RP or RPs in roughly the same time that it takes unicast routing to reconverge D. The anycast RPs must reside within the same IGP domain. Answer: C Section: (none) Explanation/Reference: Explanation: Anycast-RP:

If an Anycast-RP were to fail, its host route would cease being advertised to the network and the unicast routing will reconverge on the remaining Anycast-RP. This will cause the routers in the network to rejoin and reregister receivers and sources to the remaining Anycast-RP to maintain multicast traffic flow. This process occurs in approximately the time that it takes unicast routing to converge, which means that Anycast-RP has one of the fastest Rendezvous Point failover times of all of the Rendezvous Point configuration methods. Reference: http://www.cisco.com/en/US/tech/tk828/technologies_white_paper09186a00802d4643.shtml

QUESTION 72 Refer to the exhibit. This network is using a classful routing protocol. Subnet 10.1.1.0/24 is sourced by Router A and advertised to Router B. Router B then sends updates to Router C, which forwards updates to Router D, which propagates routing information beyond. With regards to only the 10.1.1.0/24 subnet, what does Router D advertise out its 10.1.4.0/24 interface?

Exhibit: A. B. C. D. E. 10.1.1.0 10.1.1.0/24 10.0.0.0 10.0.0.0/8 No update is sent regarding the 10.1.1.0/24 subnet

Answer: E Section: (none) Explanation/Reference:

Explanation: Cisco routers running a classful routing protocol will automatically summarize at network boundaries. In this case, B will advertise the summarized 10.0.0.0/8 network to C. Since C will have a more specific route to the 10/0.0.0/8 network, he will not advertise this route to D, so D will not receive either the 10.1.1.0/24 or the 10.0.0.0/8 route.

QUESTION 73 Which of these statements best describes the major difference between an IPv4-compatible tunnel and a 6to4 tunnel? A. An IPv4-compatible tunnel is a static tunnel, but an 6to4 tunnel is a semiautomatic tunnel. B. The deployment of a IPv4-compatible tunnel requires a special code on the edge routers, but a 6to4 tunnel does not require any special code. C. An IPv4-compatible tunnel is typically used only between two IPv6 domains, but a 6to4 tunnel is used to connect to connect two or more IPv6 domains. D. For an IPv4-compatible tunnel, the ISP assigns only IPv4 addresses for each domain, but for a 6to4 tunnel, the ISP assigns only IPv6 addresses for each domain. Answer: C Section: (none) Explanation/Reference: Explanation: "It's a semiautomatic tunnel" 6to4 Eliminates Complex Tunnel Management The 6to4 transition mechanism provides a solution to the complexity problem of building manually configured tunnels to an ISP by advertising a site's IPv4 tunnel endpoint (to be used for a dynamic tunnel) in a special external routing prefix for that site. Thus one site trying to reach another will discover the 6to4 tunnel endpoint from a Domain Name System (DNS) name to address lookup and use a dynamically built tunnel from site to site for the communication. (See Figure 2.) The tunnels are transient in that there is no state maintained for them, lasting only as long as a specific transaction uses the path. A 6to4 tunnel also bypasses the need to establish a tunnel to a wide- area IPv6 routing infrastructure, such as the 6bone. The specification of a 48-bit external routing prefix in the IPv6 Aggregatable Global Unicast Address Format (AGGR) [7] (see Figure 3) that provides just enough space to hold the 32 bits required for the 32-bit IPv4 tunnel endpoint address (called V4ADDR in Figure 3) makes this setup possible. Thus, this prefix has exactly the same format as normal prefixes assigned according to the AGGR. Within the subscriber site it can be used exactly like any other valid IPv6 prefix, for instance, for automated address assignment and discovery according to the normal IPv6 mechanisms for this. OLD Style, more work: The 6to4 mechanism addresses many of the practical difficulties with manually configured tunneling: The enduser site network staff must choose an IPv6 Internet service to tunnel to. This entails a process of at least three parts: - Finding candidate networks when the site's choice of IPv4 service does not provide IPv6 service (either tunneling or native), - Determining which ones are the best IPv4 path to use so that an IPv6-over-IPv4 tunnel doesn't inadvertently follow a very unreliable or low-performance path, - Making arrangements with the desired IPv6 service provider for tunneling service, a scenario that may at times be difficult if the selected provider is not willing to provide the service, or if for other administrative/cost reasons it is difficult to establish a business relationship. Clearly it is easiest to use the site's own service provider, but in the early days of IPv6 transition this will often not be an option. An IPv6-over-IPv4 tunnel must be built to the selected provider, and a peering relationship must be established with the selected provider. This requires establishing a technical relationship with the provider and working through the various low-level details of how to configure tunnels between two routers, including answering the following questions: - Are the site and provider routers compatible early on in this process? - What peering protocol will be used (presumably an IPv6-capable version of the Border Gateway Protocol Version 4 [BGP4]), and are the versions compatible and well debugged? - Have all the technical tunnel configuration issues between the site and provider been addressed? Again, it is clearly easiest to perform all

these steps if they are taken with the site's own IPv4 service provider.

QUESTION 74 Traffic classification using NBAR is configured using which IOS command? A. router(config-if)#ip nbar protocol-discovery B. C. D. E. F. router(config)#ip nbar port-map {protocol} [tcp|udp] {port-number} {port-number} router(config-cmap)#match protocol {protocol-name} router(config)#ip nbar pdlm {pdlm-file} router(config-cmap)#match access-group {number} router(config-pmap)#class nbar

Answer: C Section: (none) Explanation/Reference: Explanation: To configure a traffic class and the match criteria that will be used to identify traffic as belonging to that class, use the class-map global configuration command.

Example: In the following example, the class-map class1 command uses the NBAR classification of SQL*Net as its matching criterion: Router(config)# class-map class1 Router(config-cmap)# match protocol sqlnet Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter0 9186a00800c75d0.html#32047

QUESTION 75 Which two of these are reasons why some ports do not reply to RSTP proposals? (Choose two. A. B. C. D. the age time has expired the remote bridge is in the discarding state the remote bridge does not understand RSTP BPDU the remote bridge is in the forwarding state

Answer: BC

Section: (none) Explanation/Reference: Explanation: If a designated discarding port does not receive an agreement after it sends a proposal, it slowly transitions to the forwarding state, and falls back to the traditional 802.1D listening-learning sequence. This can occur if the remote bridge does not understand RSTP BPDUs, or if the port of the remote bridge is blocking. Reference: "Understanding Rapid Spanning Tree Protocol (802.1w)" http://www.cisco.com/en/US/tech/tk389/ tk621/technologies_white_paper09186a0080094cfa.shtml #agree

QUESTION 76 Which of these statements correctly describes the operation of Multicast Listener Discovery? A. IPv6 routers use MLD to discover multicast listeners on directly attached links. B. For each unicast and anycast address configured on an interface of a node or router, a corresponding MLD address is automatically enabled. C. MLD addresses are scoped to local links. D. Since ARP is not used in IPv6, each node and router uses MLD to learn the link layer address of neighbor nodes and routers on the same local link. E. Nodes and routers use MLD to verify if IPv6 addresses are already in use on local links before they configure their own IPv6 addresses with stateless auto-configuration. Answer: A Section: (none) Explanation/Reference: Explanation: The purpose of Multicast Listener Discovery (MLD) is to enable each IPv6 router to discover the presence of multicast listeners (that is, nodes wishing to receive multicast packets) on its directly attached links, and to discover specifically which multicast addresses are of interest to those neighboring nodes. This information is then provided to whichever multicast routing protocol is being used by the router, in order to ensure that multicast packets are delivered to all links where there are interested receivers. MLD is an asymmetric protocol, specifying different behaviors for multicast listeners and for routers. For those multicast addresses to which a router itself is listening, the router performs both parts of the protocol, including responding to its own messages. If a router has more than one interface to the same link, it need perform the router part of MLD over only one of those interfaces. Listeners, on the other hand, must perform the listener part of MLD on all interfaces from which an application or upper-layer protocol has requested reception of multicast packets.

QUESTION 77 The ip inspect inspection-name {in | out} command is used to configure which IOS security feature? A. B. C. D. E. F. IPS IPsec site-to-site VPN Cisco IOS Firewall Cisco Auto Secure IDS Easy VPN

Answer: C Section: (none) Explanation/Reference: Explanation: CBAC is a function of the Cisco IOS feature set. CBAC is configured using the "ip inspect" command. The ip inspect inspection-name {in | out} command is used to apply the inspection rule to an interface. The keyword in is used for inbound traffic when the CBAC is applied on the internal (trusted, or secure) interface. The keyword out is used for outbound traffic when the CBAC is applied on the external, unsecured interface. Reference: http://www.ciscopress.com/articles/article.asp?p=26533&seqNum=5&rl=1

QUESTION 78 Policy-based routing allows network administrators to implement routing policies to allow or deny paths based on all of these factors except which one? A. B. C. D. E. packet size end system protocol application throughput

Answer: E Section: (none) Explanation/Reference: Explanation: You can set up PBR as a way to route packets based on configured policies. For example, you can implement routing policies to allow or deny paths based on the identity of a particular end system, an application protocol, or the size of packets. Instead of routing by the destination address, policy-based routing allows network administrators to determine and implement routing policies to allow or deny paths based on the following: - Identity of a particular end system - Application - Protocol - Size of packets Reference: http://www.cisco.com/en/US/docs/ios/12_0/qos/configuration/guide/qcclass.html

QUESTION 79 Refer to the exhibit. All the routers in this network are configured to advertise all connected links through BGP, and R2 through R4 are configured to advertise all connected links through OSPF. At R4, 172.30.1.0/24 is not in the local BGP table or the local routing table. What is the most likely cause of this problem?

A. R3 is learning 172.30.1.0/24 through IBGP, and therefore it will not readvertise this route to its IBGP peers, including R4.

B. R4 has no path to the next hop for 172.30.1.0/24, R1. C. AtR4, the next hop for 172.30.1.0/24 is R1, and R1 is learning about the network between R1 and R2 through IBGP. BGP does not allow a route with an IBGP next hop to be installed in the local routing table. D. R2 is probably filtering 172.30.1.0/24; without looking at the configuration on R2, you cannot determine what the problem is. Answer: A Section: (none) Explanation/Reference:

QUESTION 80 You are a network engineer, study the exhibit carefully. The company's network is running EIGRP and you want to change the path R5 uses to reach 172.30.1.0/24 to R4. How could you achieve this goal? Exhibit:

A. Do nothing; the best path to 172.30.1.0/24 from R5 is already through R4. B. Change the bandwidth on the link between R4 and R5 to 110. C. Change the bandwidth on the link between R2 and R5 to 70, and change the bandwidth on the link between R3 and R5 to 70. D. Change the bandwidth on the link between R3 and R5 to 70. E. None of the other alternatives apply. Answer: C Section: (none) Explanation/Reference: Explanation: For default behavior (most K values are 0 by default), you can simplify the EIGRP best path formula as: Metric = Bandwidth + Delay. Since the delay is set to 10 on all links this scenario in this case the best path can be seen by simply looking at the bandwidth. Since the other two paths will be preferred because those paths have higher cumulative bandwidth values, we must lower one of the links to 70 on each of the paths in order for the path through R4 to be preferred.

QUESTION 81 Refer to the exhibit. In this network, how traffic arriving at R1 for 10.1.3.1 be routed?

A. through R3, since the path through R3 is through the backbone B. through R1 since the path through R1 has the lowest hop count C. through R1, since the path through R1 has the lowest total metric (10+10=20, versus 10+10+10=30 through R3) D. through R2, because that is the only path available; no neighbor adjacency will be built between R1 and R2 Answer: A Section: (none) Explanation/Reference: Explanation: Since there is a mismatch in area configuration between R1 and R2, the traffic is required to go through the backbone.

QUESTION 82 Two directly connected routers, R1 and R2, are both configured for OSPF graceful restart. R2 is capable of switching packets in hardware, but R1 is not. If a network administrator logs on to R2 and performs a system reload, what will the result be?

A. Traffic forwarded from R2 to or through R1 will continue to be forwarded based on the forwarding table state at the time of the reload. OSPF will resynchronize its local databases after the reload has completed. B. R2 will continue forwarding traffic to and through R1, but R1 will drop this traffic because it is not capable of maintaining its forwarding state through the reload. C. All the traffic R2 is forwarding to or through R1 will be dropped while OSPF rebuilds its neighbor adjacency and forwarding tables. D. R2 will continue to forward traffic to R1, but R1 will drop the traffic because its neighbor adjacency with R2 has failed. Answer: A Section: (none) Explanation/Reference: Explanation: Nonstop Forwarding (NSF) for OSPFv2 in Cisco IOS software uses the IETF standardized graceful restart functionality that is described in RFC 3623. Under very specific situations, a router may undergo certain well-known failure conditions that should not affect packet forwarding across the switching platform. NSF capability allows for the forwarding of data packets to continue along routes that are already known, while the routing protocol information is being restored. This capability is useful in cases in which there is a component failure (for example, a Route Processor [RP] crash with a backup RP taking over) or in which there is a scheduled hitless software upgrade. A key element of NSF is packet forwarding. The OSPF protocol depends on CEF to continue forwarding packets during switchover while the routing protocols rebuild the Routing Information Base (RIB) tables. Once OSPF has converged, CEF updates the Forwarding Information Base (FIB) table and removes stale route entries. CEF then updates the line cards with the new FIB information. CEF maintains the FIB and uses the FIB information that was current at the time of a switchover to continue forwarding packets during the switchover. This feature reduces traffic interruption during the switchover. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a00805e8 fbd.html

QUESTION 83 Which three of these are characteristics of Unidirectional Link Detection? (Choose three.) A. UDLD detects wiring mistakes when receive and transmit twisted pairs are not connected to the correct pinots. B. UDLD detects wiring mistakes when receive and transmit fibers are not connected to the same port on the remote side. C. UDLD protects against situations in which light is received on both sides of a fiber Gigabit Ethernet link (link up) but the fiber-optic hardware is not communicating correctly. D. UDLD prevents spanning-tree loops caused by one-way link conditions E. UDLD prevents spanning-tree loops caused by link speed and duplex configuration mismatches. Answer: BCD Section: (none) Explanation/Reference: Explanation: The UDLD protocol allows devices connected through fiber-optic or copper Ethernet cables (for example, Category5 cabling) to monitor the physical configuration of the cables and detect when a unidirectional link exists. When a unidirectional link is detected, UDLD shuts down the affected port and alerts the user. Unidirectional links can cause a variety of problems, including spanning- tree topology loops. UDLD is a Layer2 protocol that works with Layer 1 mechanisms such as autonegotiation to determine the physical status of a link. At Layer1, autonegotiation handles physical signaling and fault detection. UDLD also performs tasks that autonegotiation cannot perform such as detecting

the identities of neighbors and shutting down misconnected ports. When both autonegotiation and UDLD are enabled, Layer1 and Layer2 detection features can work together to prevent physical and logical unidirectional connections and malfunctioning of other protocols. A unidirectional link occurs whenever traffic transmitted by the local device over a link is received by the neighbor but traffic transmitted from the neighbor is not received by the local device. For example, if one of the fiber strands in a pair is disconnected, as long as autonegotiation is active the link does not stay up. In this situation, the logical link is undetermined, and UDLD does not take any actions. If both fibers are working normally at Layer1, then UDLD at Layer 2 determines whether those fibers are connected correctly and whether traffic is flowing bidirectionally between the correct neighbors. This check cannot be performed by autonegotiation, because autonegotiation is a Layer1 feature. The switch periodically transmits UDLD messages (packets) to neighbor devices on ports with UDLD enabled. If the messages are echoed back to the sender within a specific time frame and they are lacking a specific acknowledgment (echo), the link is flagged as unidirectional and the port is shut down. Devices on both ends of the link must support UDLD in order for the protocol to successfully identify and disable unidirectional links. Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst5000/catos/5.x/configuration/guide/udld.htm l#wp1019845

QUESTION 84 Refer to the exhibit. Which two of the following statements are true? (Choose two.)

A. The distance commands have no effect, as the specified routers are not directly connected. B. If either router A or B loses connectivity to the stub network via Domain 1, it is prevented from using a path via Domain 2. C. These configurations prevent a routing loop between routers A & B in the event that router C malfunctions and stops communicating. D. The configurations ensure that intra-domain routes to network 10.100.254.0 are preferred over inter-domain routes, no matter the actual cost to the stub network. E. The addition of the command distance ospf external 200 to both OSPF processes on both routers A & B will prevent routing loops and allow routing to the stub network via Domain 2 if either one of the routers loses connectivity via Domain 1.

F. Either router A or router B will actively redistribute routes between the domains; the other router will be in standby. Since the administrative distances are the same, the active and standby roles are determined by which router becomes active first. Answer: BC Section: (none) Explanation/Reference:

QUESTION 85 If a port configured with STP root guard receives a superior STP BPDU, the port will be put into which state? A. B. C. D. root-inconsistent state forwarding state blocking state errdisabled state

Answer: A Section: (none) Explanation/Reference: Explanation: Loop Guard-When normal BPDUs are no longer received, the port does not go through normal STP convergence, but rather falls into an STP loop-inconsistent state.

QUESTION 86 Refer to the exhibit. Assuming that the routing protocol for this network is EIGRP, if the link between R1 and R3 failed, what would R4 receive from R3?

A. R4 would receive an update noting R3's higher cost to reach 172.30.1.0/24. B. R4 would not receive any updates or queries, since R3 would simply move to the path through R2. C. R4 would receive a query, since R3 would mark 172.30.1.0/24 as active when the link between R1 and R4 failed. D. R4 would not receive any packets, since R3 is not using the link to R1 to reach 172.30.1.0/24. Answer: A Section: (none) Explanation/Reference:

QUESTION 87 Which three of these statements about Dynamic Trunking Protocol are correct? (Choose three.)

A. It supports auto negotiation for both ISL and IEEE 802.1 Q trunks. B. It must be disabled on an interface if you do not want the interface to work as a trunk or start negotiation to become a trunk. C. It is a point-to-multipoint protocol. D. It is a point-to-point protocol. E. It is not supported on private VLAN ports or tunneling ports. Answer: ABD Section: (none) Explanation/Reference:

QUESTION 88 Which three Cisco extensions to 802.1D are built in to 802.1w? (Choose three.) A. B. C. D. E. F. BackboneFast UplinkFast FlexLink Port Fast load balancing PortlinkFast

Answer: ABD Section: (none) Explanation/Reference: Explanation: From the CCIE R&S Exam Certification Guide: IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) enhances the 802.1d standard with one goal in mind: improving STP convergence. To do so, RSTP defines new variations on BPDUs between switches, new port states, and new port roles, all with the capability to operate backwardly compatible with 802.1d switches. The key components of speeding convergence with 802.1w are as follows: ? Waiting for only three missed hellos on an RP before reacting (versus ten missed Hellos via the Maxage timer with 802.1d) ? New processes that allow transition from the disabled state (replaces the blocking state in 802.1d) to learning state, bypassing the concept of an 802.1d listening state ? Standardization of features like Cisco PortFast, UplinkFast, and BackboneFast ? An additional feature to allow a backup DP when a switch has multiple ports connected to the same shared LAN segment

QUESTION 89 According to the definitions of different services in various RFCs, traffic with Expedited Forwarding per-hop behavior should be marked as which of these?

A. B. C. D. E.

DSCP decimal 36 IPToSofOxEF IP experimental ECN DSCP decimal 5 binary value of 101110

Answer: E Section: (none) Explanation/Reference: Explanation: The table below lists the IP precedence and DSCP values, and their names, for review. Note that not all DSCP values are listed; only the DSCP values suggested by the DiffServ RFCs are listed in the table. QoS tools that are capable of setting DSCP can set any of the actual 64 values. Reference: http://www.ciscopress.com/articles/article.asp?p=101170&seqNum=2&rl=1

QUESTION 90 Having multiple unknown unicast frames in a switch would most likely deplete which of these resources? A. B. C. D. E. available MAC addresses in the system available memory for frame buffering available bandwidth electrical power TCAM entries

Answer: C Section: (none) Explanation/Reference:

QUESTION 91 What is the purpose of an explicit "deny any" statement at the end of an ACL? A. B. C. D. E. F. none, since it is implicit to enable Cisco lOS IPS to work properly; however, it is the deny all traffic entry that is actually required to enable Cisco lOS Firewall to work properly; however, it is the deny all traffic entry that is actually required to allow the log option to be used to log any matches to prevent sync flood attacks to prevent half-opened TCP connections

Answer: D Section: (none) Explanation/Reference: Explanation: Although all ACLs contain an implicit deny statement, Cisco recommends use of an explicit deny statement, for example, "deny ip any any". On most platforms, such statements maintain a count of the number of denied packets that can be displayed using the show access-list command. Using the explicit deny any command also allows for the use of the "log" keyword to log all traffic denied by the access list.

QUESTION 92 A new router has been allocated a single /24 subnet (172.16.123.0/24). The interface between this new router and the upstream router has already been configured from a different IP subnet. The four other interfaces on this router require 56, 10, 72, and 24 IP addresses, respectively. The router always uses the first IP address on any subnet. Which of these combinations of IP addresses will allow the router to meet the interface requirements?

A. 172.16.123.1 255.255.255.128 172.16.123.129 255.255.255.224 172.16.123.161 255.255.255.224 172.16.123.193 255.255.255.224 B. 172.16.123.1 255.255.255.192 172.16.123.65 255.255.255.192 172.16.123.129 255.255.255.192 172.16.123.193 255.255.255.192 C. 172.16.123.1 255.255.255.128 172.16.123.129 255.255.255.192 172.16.123.193 255.255.255.224 172.16.123.225 255.255.255.248 D. 172.16.123.1 255.255.255.128 172.16.123.129 255.255.255.192 172.16.123.193 255.255.255.224 172.16.123.225 255.255.255.240 Answer: D Section: (none) Explanation/Reference: Explanation: The subnet sizes needed to meet the address requirements are: 56 = /26 = 255.255.255.192 10 = /28 = 255.255.255.240 72 = /25 = 255.255.255.128 24 = /27 = 255.255.255.224 Answer D most efficiently meets these requirements.

QUESTION 93 What will be the results of enabling IP Source Guard on an untrusted switch port that does not have DHCP snooping enabled?

A. B. C. D.

The switch will run out of ACL hardware resources. All DHCP requests will pass through the switch untested. DHCP requests will be switched in the software, which may result in lengthy response times. The DHCP server reply will be dropped and the client will not be able to obtain an IP address.

Answer: D Section: (none) Explanation/Reference:

Explanation: IP source guard prevents IP spoofing by allowing only the IP addresses that are obtained through DHCP snooping on a particular port. Initially, all IP traffic on the port is blocked except for the DHCP packets that are captured by DHCP snooping. When a client receives a valid IP address from the DHCP server, a port access control list (PACL) is installed on the port that permits the traffic from the IP address. This process restricts the client IP traffic to those source IP addresses that are obtained from the DHCP server; any IP traffic with a source IP address other than that in the PACLs permit list is filtered out. This filtering limits the ability of a host to attack the network by claiming a neighbor host's IP address. IP source guard uses source IP address filtering, which filters the IP traffic that is based on its source IP address. Only the IP traffic with a source IP address that matches the IP source binding entry is permitted. A port's IP source address filter is changed when a new DHCP-snooping binding entry for a port is created or deleted. The port PACL is modified and reapplied in the hardware to reflect the IP source binding change. By default, if you enable IP source guard without any DHCP-snooping bindings on the port, a default PACL that denies all IP traffic is installed on the port. When you disable IP source guard, any IP source filter PACL is removed from the port. Reference: http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter0 9186a008022f26c.html

QUESTION 94 Refer to the exhibit. In this network, which EIGRP neighbor would R5 consider the successor for 172.30.1.0/24?

A. B. C. D.

R3 would be the successor for 172.30.1.0/24 atR5. R2 would be the successor for 172.30.1.0/24 atR5. R4 would be the successor for 172.30.1.0/24 atR5. not enough information has been given to determine which EIGRP neighbor would be the successor at R5 for 172.30.1.0/24.

Answer: A Section: (none) Explanation/Reference:

QUESTION 95

Which three of these are reasons to implement a DMVPN using both IPsec and GRE for remote site connectivity? (Choose three) A. B. C. D. E. F. less configuration needed at the hub site support for dynamically addressed (DHCP) spoke routers support for dynamically addressed (DHCP) hub routers dynamic spoke-to-spoke tunneling support for Dynamic Spoke Control Protocol less configuration needed at the spoke sites

Answer: ABD Section: (none) Explanation/Reference: Explanation: No GRE or IPsec information about a spoke is configured on the hub router in the DMVPN network . The spoke router's GRE tunnel is configured (via NHRP commands) with information about the hub router. When the spoke router starts up, it automatically initiates the IPsec tunnel with the hub router as described above. It then uses NHRP to notify the hub router of its current physical interface IP address. This is useful for three reasons: If the spoke router has its physical interface IP address assigned dynamically (such as with ADSL or CableModem via the use of DHCP), then the hub router cannot be configured with this information since each time the spoke router reloads it will get a new physical interface IP address. With DMVPN, spoke routers can still connect dynamically even if they are dynamically addressed through DHCP. Configuration of the hub router is shortened and simplified since it does not need to have any GRE or IPsec information about the peer routers. All of this information is learned dynamically via NHRP. When you add a new spoke router to the DMVPN network, you do not need to change the configuration on the hub or on any of the current spoke routers. The new spoke router is configured with the hub information, and when it starts up, it dynamically registers with the hub router. The dynamic routing protocol propagates the routing information for this spoke to the hub. The hub propagates this new routing information to the other spokes. It also propagates the routing information from the other spokes to this spoke. With the DMVPN solution, one router is the hub, and all the other routers (spokes) are configured with tunnels to the hub. The spoke-to-hub tunnels are up continuously, and spokes do not need configuration for direct tunnels to any of the other spokes. Instead, when a spoke wants to transmit a packet to another spoke (such as the subnet behind another spoke), it uses NHRP to dynamically determine the required destination address of the target spoke. The hub router acts as the NHRP server and handles this request for the source spoke. The two spokes then dynamically create an IPsec tunnel between them (via the single mGRE interface) and data can be directly transferred. This dynamic spoke-to-spoke tunnel will be automatically torn down after a (configurable) period of inactivity. Reference: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_white_paper09186a008018983e.shtml #solution

QUESTION 96 A (*,G) multicast entry is associated with which three multicast types or features? (Choose three.) A. B. C. D. E. shared tree source tree dense mode sparse mode bi-directional PIM

Answer: ADE Section: (none) Explanation/Reference:

QUESTION 97 During the IPv6 address resolution, a node sends a neighbor solicitation message in order to discover which of these? A. B. C. D. The Layer 2 multicast address of the destination node The solicited node multicast address of the destination node The Layer 2 address of the destination node based on the destination IPv6 address The IPv6 address of the destination node based on the destination Layer 2 address

Answer: C Section: (none) Explanation/Reference: Explanation: Neighbor solicitation messages are sent on the local link when a node wants to determine the link- layer address of another node on the same local link. When a node wants to determine the link- layer address of another node, the source address in a neighbor solicitation message is the IPv6 address of the node sending the neighbor solicitation message. The destination address in the neighbor solicitation message is the solicited-node multicast address that corresponds to the IPv6 address of the destination node. The neighbor solicitation message also includes the link-layer address of the source node. Reference: http://www.cisco.com/en/US/docs/storage/san_switches/mds9000/sw/rel_3_x/configuration/guides /cli_3_4_x/ ipv6.html#wp1206008

QUESTION 98 A network is composed of several VRFs. It is required that VRF users VRF_A and VRF_B be able to route to and from VRF_C, which hosts shared services. However, traffic must not be allowed to flow between VRF_A and VRF_B. How can this be accomplished?

A. B. C. D.

route redistribution import and export using route descriptors import and export using route targets Cisco MPLS Traffic Engineering

Answer: C Section: (none) Explanation/Reference: Explanation: You can use VRF import and export route targets to configure a variety of VPN topologies, such as full-mesh VPNs, hub-and-spoke VPNs, and overlapping VPNs. In an overlapping VPN, a site is a member of more than one VPN. For example, in Figure76, the middle site is a member of both VPN A and VPN B. In other words, that site can communicate with all other VPN A sites and all other VPN B sites. An overlapping VPN is often used to provide centralized services. The central site might contain DNS servers or WWW servers or management stations that need to be reachable from multiple VPNs. Overlapping IPv4 and IPv6 VPNs are supported by the same route-target mechanism.

Reference: http://www.juniper.net/techpubs/software/erx/junose71/swconfig-bgp-mpls/html/bgp- mpls-appsconfig10.html

QUESTION 99 Which three of these statements correctly describe type 2 LSAs (network link advertisements)? (Choose three.) A. B. C. D. E. Network LSAs are generated by the DR. Network LSAs are flooded only in their originating areas. A network LSA lists all attached routers including the DR. Every router in an OSPF area generates type 2 LSAs, as well as type 1 LSAs. The link-state ID of the type 2 LSA is the loop back address of the DR.

F. When a network LSA reaches an ABR it is converted to a type 5 LSA (AS external LSA) and then flooded to other areas. Answer: ABC Section: (none) Explanation/Reference: Explanation: Type 2 LSAs represent a transit subnet for which a DR has been elected. The LSID is the RID of the DR on that subnet. Note that type 2 LSAs are not created for subnets on which no DR has been elected. The type 2 LSA includes references to the RIDs of all routers that are currently neighbors of the DR on that subnet. Type 2 LSAs, like Type 1 LSAs are flooded only in the area they are generated in. Incorrect Answers: D: Only the DR on a multiaccess network generates Type 2 LSAs. On a non-multiaccess network, Type 2 LSAs are not required. E: The LSID of the Type 2 LSA is the RID of the DR for the segment. While the RID could be the loopback address, it could also be manually configured or the address of another interface if no loopback address is configured. F: Type 5 LSAs are generated by the ABR from Type 7 LSAs in a NSSA.

QUESTION 100 Auto-RP messages are forwarded via which of these? A. IP multicast using lANA-registered groups 224.0.1.39 and 224.0.1.40. B. unicast messages between candidate RPs and the mapping agent C. hop-by-hop flooding of Auto-RP control packets via the 224.0.0.13 [PIM-ROUTERS] link-local multicast group D. hop-by-hop flooding of Auto-RP control packets via the 224.0.0.2 [ALL-ROUTERS] link-local multicast group Answer: A Section: (none) Explanation/Reference: Explanation: Auto-RP automates the distribution of group-to-RP mappings in a network supporting sparse mode PIM. It supports the use of multiple RPs within a network to serve different group ranges, and allows configurations of redundant RPs for reliability purposes. In comparison, manual configuration of RP information is prone to inconsistency which can cause connectivity problems. In summary, the automatic distribution of Group-to-RP mappings simplifies configuration task, and guarantees consistency. In a nutshell, the Auto-RP mechanism operates on two basic components, the candidate RPs and the RP

mapping agents: All candidate RPs advertise their willingness to be an RP via "RP- announcement" messages. These messages are periodically sent to a reserved well-known group 224.0.1.39 (CISCO-RP- ANNOUNCE ). The default interval is 60 seconds (tunable via CLI). The RP mapping agents join group 224.0.1.39 and select consistently an RP for each group address range. The pair (group range--> RP) is called an RP-mapping. The RP mapping agents advertise the authoritative RP-mappings to another well-known group address 224.0.1.40 (CISCO-RP-DISCOVERY). All PIM routers join 224.0.1.40 and store the RP- mappings in their private cache. With Auto-RP, Multiple RPs can be used to serve different group ranges, or as hot-backups of each other. Reference: ftp://ftpeng.cisco.com/ipmulticast/autorp.html

QUESTION 101 If a host wants to join a multicast group, what will it do? A. send an IGMPv2 membership report using unicast to the default router on the local subnet B. send an IGMPv2 membership report using unicast to the rendezvous point for the group C. send an IGMPv2 membership report-using multicast on the local subnet with the destination IP address set to the multicast group being joined D. send an IGMPv2 membership report using multicast to the "All-PIM-Routers" multicast group, 224.0.0.2, on the local subnet Answer: C Section: (none) Explanation/Reference: Explanation: IGMP is designed to be used by hosts to inform routers that they wish to receive Multicast traffic on specific addresses. In this way, routers can decide whether to forward Multicast traffic based on whether a host on a given subnet has requested this or not. In addition, some vendors such as Cisco, extend this functionality by having routers share this information with switches so that the switches will only forward the Multicast traffic to ports with hosts that have requested it. Without this feature, the traffic would effectively be broadcast traffic. When a host joins a Multicast session, it sends out an IGMPv2 packet to let any listening routers know that it wants to receive Multicast traffic sent to a particular address. This packet is addressed to the Multicast address that the host wants to join. This is called "Joining a Multicast Group". Similarly, when the session has ended, the host sends out another IGMP packet to "Leave the Multicast Group".

QUESTION 102 Refer to the exhibit. R7 is redistributing routes that it learned from EIGRP into the OSPF process. What OSPF LSA type will be propagated by R3 from Area 0 into Area 3? FreeExamKing.com

A. B. C. D. E. F.

a router LSA (type 1) with a route to 0.0.0.0/0 ) a network LSA (type 2) with a route to 0.0.0.0/0 ) a summary LSA (type 3) with a route to 0.0.0.0/0 ) an ASBR summary LSA (type 4) with a route to R7 ) an external LSA (type 5) with a route to 0.0.0.0/0 an NSSA external LSA (type 7) with a route to 0.0.0.0/0

Answer: C Section: (none) Explanation/Reference: Explanation: Stub area ABRs do not advertise any external LSAs into the stub area. The only LSA propagated into a stub area is a Type 3 network summary LSA.

QUESTION 103 In what way is the class selector in a DSCP used?

A. B. C. D. E.

for backward compatibility with IP precedence to reference the corresponding MQC class map ID as a means of providing explicit congestion notification Only for IPv6 to reference the corresponding Frame Relay class map ID

Answer: A Section: (none) Explanation/Reference:

QUESTION 104 The classic Spanning Tree Protocol (802.1D 1998) uses which sequence of variables to determine the best received BPDU?

A. B. C. D.

1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest port id, 4) lowest root path cost 1) lowest root path cost, 2) lowest root bridge id, 3) lowest sender bridge id, 4) lowest sender port id 1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest root path cost 4) lowest sender port id 1) lowest root bridge id, 2) lowest root path cost, 3) lowest sender bridge id, 4) lowest sender port id

Answer: D Section: (none) Explanation/Reference: Explanation: 1. The root bridge of the spanning tree is the bridge with the smallest bridge ID. 2. After the root bridge has been chosen, each bridge determines the cost of each possible path from itself to the root. 3. When multiple paths from a bridge are least-cost paths, the chosen path uses the neighbor bridge with the lower bridge ID. 4. In some cases, there may still be a tie, as when two bridges are connected by multiple cables. In this case, multiple ports on a single bridge are candidates for root port or designated port. In this case, the port with the lowest port priority is used.

QUESTION 105 A user has no network connectivity. A check of the associated port reveals that the interface is up, the line protocol is down. What is the likely cause of the problem? A. B. C. D. speed mismatch MTU set too low duplex mismatch incorrect encapsulation

Answer: A Section: (none) Explanation/Reference: Explanation: A speed mismatch will result in the line protocol of the port to go down. Unlike with a speed mismatch, the two devices will communicate with a duplex mismatch. However, devices with a duplex mismatch will suffer from poor performance.

QUESTION 106 Refer to the exhibit. Which statement best describes an OSPF not-so-stubby area (NSSA)?

A. Type 5 external LSAs are not allowed in NSSA areas, so NSSA ASBRs generate type 7 NSSA external LSAs instead, which remain within the NSSA. B. An NSSA is a feature specific to Cisco that reduces the number of routes in the routing table C. Type 5 external LSAs generated by the NSSA ABR are the only type of LSAs allowed in an NSSA. D. A default route is required on the NSSA ABR to access external networks attached to Area 1 Answer: A Section: (none) Explanation/Reference:

QUESTION 107 Which three of these statements about penultimate hop popping are true? (Choose three.) A. It is used only for directly connected subnets or aggregate routes. B. It can only be used with LDP. C. It is only used when two or more labels are stacked. D. It enables the Edge LSR to request a label pop operation from its upstream neighbors E. It is requested through TDP using a special label value that is also called the implicit-null value. F. It is requested through LDP using a special label value that is also called the implicit-null value. Answer: ADF Section: (none) Explanation/Reference: Explanation: In order to implement penultimate hop popping, the edge LSR requests a label pop operation from its upstream neighbor via LDP or TDP using a special implicit-null label. This label has a value of 3 for LDP and 1 for TDP.

QUESTION 108 Refer to the exhibit. Which of these correctly describes the use of uRPF to protect this trusted network from Internet-based IP spoofing?

A. B. C. D.

it should be applied to s0 and it inspects inbound packets it should be applied to s0 and it inspects outbound packets it should be applied to s1 and it inspects inbound packets it should be applied to s1 and it inspects outbound packets

Answer: A Section: (none) Explanation/Reference:

QUESTION 109 Refer to the exhibit. In this network, the two directly connected routers R1 and R2 will not form an EIGRP neighbor relationship. What is the most likely cause of this problem?

A. B. C. D.

The two routers are not on the same IP subnet. The network statements under the EIGRP routing process are misconfigured. The two routers are in different autonomous systems. There is a partial link failure of some type.

Answer: A Section: (none) Explanation/Reference: Explanation: For two routers to form an EIGRP adjacency, each router must believe that the source IP address of a received Hello is in that router's primary connected subnet on that interface. The primary subnet of an interface is the subnet as implied by the "ip address" command that does not have the secondary keyword. An EIGRP router looks at the source IP address of a Hello; if the source IP address is a part of that router's primary subnet of the incoming interface, the Hello passes the IP address check. In the exhibit, the primary subnet on TK1 is the secondary subnet on TK2 and vice versa, so an adjacency cannot form.

QUESTION 110 If an LSR receives a labeled packet for which there is no label entry in the LFIB, which action does the router perform? A. It uses a default label for forwarding. B. It strips the label and does a lookup in the FIB using the IP destination address. C. It drops the packet. D. It uses LDP to create an LSP and a new entry in the LFIB for that label. Answer: C Section: (none) Explanation/Reference: Explanation: In normal operation, an LSR should receive only a labeled packet with a label at the top of the stack that is known to the LSR, because the LSR should have previously advertised that label. However, it is possible for something to go wrong in the MPLS network and the LSR to start receiving labeled packets with a top label that the LSR does not find in its LFIB. The LSR can theoretically try two things: strip off the labels and try to forward the packet, or drop the packet. The Cisco LSR drops the packet. This is the right thing to do, because this LSR did not assign the top label, and it does not know what kind of packet is behind the label stack Reference: http:// www.ciscopress.com/articles/article.asp?p=680824

QUESTION 111 Which description is true about the disabling of IP TTL propagation in an MPLS network? A. TTL propagation cannot be disabled in an MPLS domain. B. The TTL field from the IP packet is copied into the TTL field of the MPLS label header at the ingress edge LSR. C. The TTL field of the MPLS label header is set to 255. D. TTL propagation is only disabled on the ingress edge LSR. Answer: C Section: (none) Explanation/Reference: Explanation: Tunnel Ingress Processing (Push): For each pushed Uniform model label, the TTL is copied from the label/IP-packet immediately underneath it. For each pushed Pipe model label, the TTL field is set to a value configured by the network operator. In most implementations, this value is set to 255 by default. Reference : "TTL Processing in MPLS Networks" February 2001 http://quimby.gnus.org/internet-drafts/draft-agarwal-mpls-ttl-00.txt

QUESTION 112 Which two of these best describe the operation of an OSPF totally stubby area? (Choose two.) A. The ABR of a totally stubby area will block type 5 external LSAs B. If a router has been configured as a totally stubby router, it will not advertise type 1 router LSAs, in order to conserve memory. C. If the ABR for a totally stubby area has been configured as a totally stubby router it will not generate any type 2 network LSAs. D. Totally stubby areas use default routes not just to reach destinations external to the AS but also to reach all destinations external to the area. E. The ABR of a totally stubby area will block all type 5 external LSAs from being propagated into the totally stubby area unless a flag known as the "P-bit" in the LSA is set. Answer: AD Section: (none) Explanation/Reference: Explanation: A totally stubby area blocks all LSAs external to the area. This includes Type 3, Type 4, Type 5 and Type 7. The ABR will typically inject a default route into the totally stubby area to enable area routers to reach external destinations. Type 1 and Type 2 LSAs are still generated within the totally stubby area and flooded locally within the area.

QUESTION 113 Frame Relay traffic shaping is enabled on a WAN interface with the following settings: CIR = 768 kb/s, Bc = 2000 , Be = 7680. What is the time interval Tc? A. 2.6 ms B. 10 ms

C. 7.4 ms D. 12.6 ms Answer: A Section: (none) Explanation/Reference: Explanation: Time interval, measured in milliseconds, over which the committed burset (Bc) can be sent. With many shaping tools can be found by the formula: Tc=Bc/CIR.

QUESTION 114 Network topology Exhibit:

On the basis of the exhibits presented. Packets from hosts attached toR3 and destined for network 10.100.2.0 are being sent to R4 via R1. Which option is a solution to this problem? A. B. C. D. Set the update source on R3 to R5. Set R3 to advertise its specific 24 bit 10.x.x.x routes to R1. Enable EBGP multihop between R2 and R3. Set the next-hop-self command on R2 for neighbor R3.

Answer: D Section: (none) Explanation/Reference: Explanation: For eBGP, the next hop is always the IP address of the neighbor that the neighbor command specifies. R2 will need to either add the serial link network to the BGP routing process using the "network" command, or it will need to use the "next-hop-self" command to advertise to router R3 that the next hop to the 10.100.2.0 network should be R2, and not R 5 on the 192.168.254.8/30 network.

QUESTION 115

When you see the key word "master" configured on the NTP line, what is the default stratum clock on a Cisco router? A. B. C. D. 2 4 8 1

Answer: C Section: (none) Explanation/Reference: Explanation: To configure the Cisco IOS software as a Network Time Protocol (NTP) master clock to which peers synchronize themselves when an external NTP source is not available, use the "ntp master" command in global configuration mode. ntp master [ stratum ] Syntax Description Defaults When enabled, the default stratum is 8. Reference: http://www.cisco.com/en/US/docs/ios/12_2/configfun/command/reference/frf012.html#wp1123474

QUESTION 116 Refer to the exhibit. Assume all link costs in this network are 10. R1 is redistributing 192.168.1.0/24 into area 1 with a next hop of 10.1.1.2, which is its local address on the link between R1 and R2. R2 and R3, Area Border Routers, are configured to advertise a summary, 10.1.0.0/16; R2 is advertising this summary with a cost of 20, while R3 is advertising this summary with a cost of 10. Will R4 choose R2 or R3 as its next hop towards 192.168.1.0/24?

A. choose the path through R2, because it will use the border router (type 4) LSA to calculate the shortest path to the next hop (10.1.1.2), which is through R2

B. use the path through R3 to reach 192.168.1.0/24, because the shortest path it has to reach the next hop (10.1.1.2) is through the summary route advertised by R3, with a cost of 10. C. use R3 to reach 192.168.1.0/24, because OSPF always chooses the closest path to the border with the area in which an external route is injected. D. not have a route to 192.168.1.0/24. Answer: A Section: (none) Explanation/Reference:

QUESTION 117 Which of these statements best describes OSPF neighbor adjacencies? A. On broadcast networks, all routers become adjacent with all other neighbors. B. Neighbors in point-to-point networks will always become adjacent and do not need to exchange hello packets. C. If a virtual link is being utilized, a router that is connecting to Area 0 will establish an adjacency with the Area 0 DR and BDR. D. On broadcast networks, a DR and BDR are elected and they establish adjacencies with all other routers. E. In a point-to-point network, neither a DR nor a BDR is elected, but pairs of neighbors establish master-slave relationships in which the router with the lower priority is the master. Answer: D Section: (none) Explanation/Reference: Explanation: OSPF optimizes the LSA flooding process on multiaccess data links by using the concept of a designated router (DR). The DR and BDR form full adjacencies with all other neighbors on the link, so they reach a full state once the database exchange process is complete. However, two neighbors that are both DROthers do not become fully adjacent. Incorrect answers: A. Routers only become adjacent with the DR and BDR. B. Neighbors on point to point links still exchange hellos. The default hello interval is 10 seconds. C. DRs and BDRs are associated with multiaccess networks, not specific areas. E. While it is true that a DR and BDR are not elected on a point to point link, in the master-slave relationship, the higher priority router is elected as master.

QUESTION 118 Refer to the exhibit. Which statement about this configuration is true?

A. ACL 101 needs to have at least one permit statement in it or it will not work properly. B. The ip inspect test out command needs to be used instead of the ip inspect test in command to make the configuration work. C. Ethernet 0 is the trusted interface and Ethernet 1 is the untrusted interface. D. Ethernet 0 needs an inbound access list to make the configuration work. E. Ethernet 0 needs an outbound access list to make the configuration work. Answer: C Section: (none) Explanation/Reference:

QUESTION 119 Which two of these are differences between traffic policing and traffic shaping? (Choose two.) A. B. C. D. E. with traffic shaping, a router stores excess traffic in packet buffers until bandwidth is available again with policing you can tune the buffer usage for traffic exceeding the specified CIR with shaping you can tune the buffer usage for traffic exceeding the specified CIR shaping should only be applied for ingress traffic, policing only for egress policing uses a token bucket algorithm, shaping uses an SPD algorithm

Answer: AC Section: (none) Explanation/Reference: Explanation: With traffic shaping, when the excess burst (Be) is configured to a value different than 0, the shaper allows tokens to be stored in the bucket, up to Bc + Be. The largest value that the token bucket can ever reach is Bc + Be, and overflow tokens are dropped. The only way to have more than Bc tokens in the bucket is to not use all Bc tokens during one or more Tc. Since the token bucket is replenished every Tc with Bc tokens, you can

accumulate unused tokens for later use up to Bc + Be. In contrast, class-based policing and rate-limiting adds tokens continuously to the bucket. Specifically, the token arrival rate is calculated as follows: (time between packets<which is equal to t-t1>* policer rate)/8 bits per byte. In other words, if the previous arrival of the packet was at t1 and the current time is t, the bucket is updated with t-t1 worth of bytes based on the token arrival rate. Note that a traffic policer uses burst values specified in bytes, and the above formula converts from bits to bytes. Reference: "Comparing Traffic Policing and Traffic Shaping for Bandwidth Limiting " http://www.cisco.com/warp/public/105/policevsshape.html

QUESTION 120 Refer to the exhibit. In this network, R1 is redistributing 10.1.5.0/24 into OSPF, and R2 is originating 10.1.4.0/24 as an internal route. R6 has received packets destined to 10.1.4.1 and 10.1.5.1. Which statement correctly describes the path or paths these two packets will take?

A. The packet destined to 10.1.5.1 will follow the optimum path through the network, R4 to R1, while the packet destined to 10.1.4.1 will follow a suboptimal path through the network. B. Both packets will follow optimal paths through the network to their destinations. C. The packet destined to 10.1.4.1 will follow an optimal path through the network, while the packet destined to 10.1.5.1 will follow a suboptimal path through the network. D. There is not enough information provided to determine which packet will take an optimal or suboptimal path through the network. Answer: A Section: (none) Explanation/Reference: Explanation:

Since Area 2 is NSSA, no type 5 LSA's are allowed. R6 gets a default route from R4 and R5. Packets from R6 to 10.1.5.0 will travel via R4 by using the default route with the lower cost (10). So these packets take the optimal path. Unlike with packets destined to 10.1.4.0. This network is internal. So advertized from the ABR as LSA type 3. The cost via R4 and R5 are equal. Loadbalancing over equal cost path will take place. This is not an optimal path, as the way over R4 is one hop more.

QUESTION 121 What is the mathematical relationship between the committed information rate (CIR), committed burst (Be), and committed rate measurement interval (Tc)? A. B. C. D. CIR = Be/Tc Tc = CIR/Bc CIR = TC/Bc Tc = Bc/CIR

Answer: D Section: (none) Explanation/Reference: Explanation: FRTS Non-Configurable Parameters: interval (Tc) The interval during which you send the Bc bits in order to maintain the average rate of the CIR in seconds. Tc = Bc/CIR in seconds The range for Tc is between 10 ms and 125 ms. The router internally calculates this value based on the CIR and Bc values in the map class. If Bc/CIR is more than or equal to 125 msec, it uses the internal Tc value. If Bc/CIR is less than 125 ms, it uses the Tc calculated from that equation. Reference: http://www.cisco.com/en/US/tech/tk713/tk237/technologies_configuration_example09186a008009 42f8.shtml

QUESTION 122 Refer to the exhibit. In this network, R1 is redistributing 10.1.5.0/24 into Area 1. Which LSAs will R6 have that contain 10.1.5.0/24?

A. R6 will not have any LSAs containing 10.1.5.0/24 B. R6 will have an NSSA external (type 7) LSA in its local database for 10.1.5.0/24, since routes redistributed into an OSPF NSSA are injected as type 7 LSAs. C. R6 will have an external (type 5) LSA for 10.1.5.0/24 in its local database, because one of the two Area 1 Area Border Routers (R2 or R3) will translate R1's external NSSF (type 7) LSA into a type 7 LSA. D. R6 will have a border router (type 4) LSA in its local database for 10.1.5.0/24, generated by one of the two Area 1 Area Border Routers. Answer: A Section: (none) Explanation/Reference: Explanation: A totally NSSA area blocks LSA types 3, 4, and 5 from entering the area. Type 7 LSAs are allowed to be created within the area. The ABRs for area 1 in the exhibit will be converting the Type 7 LSA created by R1 for the subnet to a Type 5 LSA to advertise to the backbone area 0. The ABRs for Area 2 will not propogate this LSA into area 2 as Type 5 LSAs are blocked by all stub areas. Therefore, no non-ABR routers within area 2 will have an LSA containing 10.1.5.0/24.

QUESTION 123 Refer to the exhibit. For this network, if you examined the local OSPF database on R3, what would be contained in the router (type 1) LSAfrom R1?

A. R3 would not have a router (type 1) LSAfrom R1 in its local database. B. R1's router (type 1) LSA would contain a link to R2 and a connection to 10.1.1.0/31. ) C. R1's router (type 1) LSA would contain a link to R2, a connection to 10.1.1.0/31, and a link to 10.1.5.0/24. C. R1's router (type 1) LSA would contain a link to R2, a connection to 10.1.1.0/31, and a link to 10.1.2.0/31.

Answer: A Section: (none) Explanation/Reference:

QUESTION 124 Refer to the exhibit. Assuming EIGRP is the routing protocol, if the link between R3 and R5 failed, how many queries would R5 send out?

A. B. C. D.

R5 would not send out any queries, but it would switch to using the path through R4. R5 would send queries to R2 and R4. R5 would send a query to R4, but not to R2. R5 would send a query to R2, but not to R4.

Answer: A Section: (none) Explanation/Reference: Explanation: A router running EIGRP stores all its neighbors' routing tables so that it can quickly adapt to alternate routes. If no appropriate route exists, EIGRP queries its neighbors to discover an alternate route. These queries propagate until an alternate route is found. However, in this case, the feasible successor is already known. As long as a feasible successor is known for an EIGRP router, a query is not need when the preferred path has a failure.

QUESTION 125 Refer to the exhibit. Router A wants to redistribute all the routes from the RIP domain into the EGRP domain but the 170.170.0.0/16 network is not being installed into Router A's routing table. How can this problem be fixed?

A. B. C. D. E.

redistribute RIP into OSPF 30 redistribute OSPF into EIGRP 20 redistribute RIP into EIGRP 20 and filter route 170.170.0.0 filter route 170.170.0.0 from RIP filter route 170.170.0.0 from OSPF

Answer: E Section: (none) Explanation/Reference: Explanation: Since OSPF has a lower administrative distance than RIP, Router A will install the 172.17.0.0/16 route learned via OSPF, and not RIP. Since router A is only redistributing RIP routes into EIGRP, this route will not be installed included. Filtering this 172.17.0.0/16 route from OSPF will force the router to accept the RIP learned route and then redistribute it into EIGRP.

QUESTION 126 Refer to the exhibit. Two directly connected routers are configured for OSPF. On the console of one router, you are seeing the output in the exhibit. What is the most likely cause?

A. B. C. D.

The maximum transmission unit on either side of the link is not the same. This is normal for OSPF running over an FDDI ring. OSPF has received a packet that will not fit in its local buffer, so the packet has been discarded. This debug is wrong, OSPF does not exchange DBD packets.

Answer: A Section: (none) Explanation/Reference:

QUESTION 127 What three types of NTP relationships form between two devices? (Choose three.)

A. B. C. D. E.

client server broadcast uncast anycast

Answer: ABC Section: (none) Explanation/Reference:

QUESTION 128 Refer to the exhibit. In the diagram, the switches are running IEEE 802.1s MST. Which ports are in the MST blocking state?

A. B. C. D. E.

GE.1/2 and GE 2/1 GE.1/1 andGE.2/2 GE.3/2 and GE 4/1 No ports are in the blocking state There is not enough information to determine which ports are in the blocking state.

Answer: D Section: (none) Explanation/Reference: Explanation: There are no layer 2 loops in the network as the connection between Dist-1 and Dist-2 is a layer 3 connection. Therefore, there are no ports blocking.

QUESTION 129 What are the port roles described by 802.1w? A. B. C. D. root port, designated port, alternate port, backup port, and disabled standby port, designated port, backup port, and disabled root port, designated port, alternate port, and standby port standby port, alternate port, root port, and disabled

Answer: A Section: (none) Explanation/Reference: Explanation: RSTP and STP Port Roles

QUESTION 130 Refer to the exhibit. Spanning tree protocol is running on all three switches. The switches are configured so that Link A is the active link, and Link B is the standby link. There is a problem occurring where Switch B starts forwarding on Link B causing a routing loop. What is the likely cause of the problem?

A. Port Fast is not enabled. B. There is a port duplex mismatch. C. MISTP is enabled without RSTP. D. A single instance of STP is enabled instead of PVST. Answer: B Section: (none) Explanation/Reference:

QUESTION 131 In Frame Relay, the Discard Eligible bit works in conjunction with which of these mechanisms as part of congestion control?

A. B. C. D. E.

Type of service (TOS) settings class of service (COS) settings Frame Relay traffic shaping (FRTS) settings forward explicit congestion notification (FECN) settings differentiated services code point (DSCP) Settings

Answer: D Section: (none) Explanation/Reference: Explanation: Frame Relay reduces network overhead by implementing simple congestion-notification mechanisms rather than explicit, per-virtual-circuit flow control. Frame Relay typically is implemented on reliable network media, so data integrity is not sacrificed because flow control can be left to higher-layer protocols. Frame Relay implements two congestion-notification mechanisms:

Forward-explicit congestion notification (FECN)

Backward-explicit congestion notification (BECN) FECN and BECN each is controlled by a single bit contained in the Frame Relay frame header. The Frame Relay frame header also contains a Discard Eligibility (DE) bit, which is used to identify less important traffic that can be dropped during periods of congestion. The FECN bit is part of the Address field in the Frame Relay frame header. The FECN mechanism is initiated when a DTE device sends Frame Relay frames into the network. If the network is congested, DCE devices (switches) set the value of the frames' FECN bit to 1. When the frames reach the destination DTE device, the Address field (with the FECN bit set) indicates that the frame experienced congestion in the path from source to destination. The DTE device can relay this information to a higher-layer protocol for processing. Depending on the implementation, flow control may be initiated, or the indication may be ignored. Reference: http://www.cisco.com/en/US/tech/tk1330/tsd_technology_support_technical_reference_chapter09 186a0080759833.html

QUESTION 132 Which two of these best describe an OSPF stub area? (Choose two.) A. B. C. D. E. All routers in a stub area must be configured as stub. Each stub area always has an ASBR attached to it. A stub area will not accept routes belonging to an external AS. Only summary routes from an external AS can be injected into a stub area. To reach outside networks, the routers in a stub area use a default route which is injected into the area by the ASBR.

Answer: AC Section: (none) Explanation/Reference: Explanation: A stub area does not allow for any LSAs that define AS-external traffic. To configure an OSPF stub area, all routers within the area must include the command "area x stub" Incorrect answers: B. ASBRs are not allowed in stub areas. If an ASBR is required, the area must be a NSSA. D. No external routes are injected into a stub area E. There are no ASBRs in a stub area.

QUESTION 133 Which three statements accurately describe a link-state routing protocol? (Choose three.) A. Each router sends routing information to all nodes in the flooding domain.

B. C. D. E. F.

Each router sends all or some portion of its routing table to neighboring routers. Each router individually builds a picture of the entire flooding domain. Each router has knowledge of all other routers in the flooding domain. Each router is only aware of neighboring routers. Each router installs routes directly from the routing updates into the routing table.

Answer: ACD Section: (none) Explanation/Reference: Explanation: Link-State Versus Distance Vector Link-state algorithms (also known as shortest path first algorithms) flood routing information to all nodes in the internetwork. Each router, however, sends only the portion of the routing table that describes the state of its own links. In link-state algorithms, each router builds a picture of the entire network in its routing tables. Distance vector algorithms (also known as Bellman-Ford algorithms) call for each router to send all or some portion of its routing table, but only to its neighbors. In essence, link-state algorithms send small updates everywhere, while distance vector algorithms send larger updates only to neighboring routers. Distance vector algorithms know only about their neighbors. Because they converge more quickly, link-state algorithms are somewhat less prone to routing loops than distance vector algorithms. On the other hand, link-state algorithms require more CPU power and memory than distance vector algorithms. Link-state algorithms, therefore, can be more expensive to implement and support.

QUESTION 134 You are configuring the Cisco IOS DHCP Server to handle DHCP in a LAN. Which two of these configurations are required in order for DHCP to work? (Choose two.) A. B. C. D. E. configure manual bindings configure a DHCP address pool configure a DHCP server boot file exclude those IP addresses that will not be used in DHCP configure the timeout value for ping packets

Answer: BD Section: (none) Explanation/Reference: Explanation: To configure the Cisco IOS DHCP Server feature, first configure a database agent or disable conflict logging, then configure IP addresses that the DHCP server should not assign (excluded addresses) and should assign (a pool of available IP addresses) to requesting clients. These configuration tasks are explained in the following sections. Each task in the following list is identified as required or optional. Configuring a DHCP Database Agent or Disabling DHCP Conflict Logging (Required) Excluding IP Addresses (Required) Configuring a DHCP Address Pool (Required) Configuring Manual Bindings (Optional) Configuring a DHCP Server Boot File (Optional) Configuring the Number of Ping Packets (Optional) Configuring the Timeout Value for Ping Packets (Optional) Enabling the Cisco IOS DHCP Server Feature (Optional)

Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a0080087 43b.html

QUESTION 135 Which two of these parameters are used to determine a forwarding equivalence class? (Choose two.) A. B. C. D. IP prefix Layer 2 circuit RSVP request from CE for bandwidth reservation BGP MED value

Answer: AB Section: (none) Explanation/Reference: Explanation: Forwarding Equivalency Class (FEC) is a set of packets which will be forwarded in the same manner (e.g., over the same path with the same forwarding treatment). Typically packets belonging to the same FEC will follow the same path in the MPLS domain. While assigning a packet to an FEC the ingress LSR may look at the IP header and also some other information such as the interface on which this packet arrived. The FEC to which a packet is assigned is identified by a label. One example of an FEC is a set of unicast packets whose network layer destination address matches a particular IP address prefix. A set of multicast packets with the same source and destination network layer addresses is another example of an FEC. Yet another example is a set of unicast packets whose destination addresses match a particular IP address prefix and whose Type of Service bits are the same. Layer 2 circuits can also be used, as in layer 2 MPLS VPN's such as those defined by the Martini draft or through the notion of "pseudo-wire" networks. Reference: http://www.mplsrc.com/faq2.shtml

QUESTION 136 Examine the following items, what is the difference between BPDU guard and root guard? A. BPDU guard ignores BPDUs received on a port if PortFast is enabled on the port; root guard is used during configuration to force a switch to be the root bridge. B. BPDU guard disables the port upon the reception of a BPDU if PortFast is enabled on the port; root guard allows for the reception of BPDUs as long as a device does not try to become the root. C. BPDU guard blocks BPDUs from being transmitted; root guard does not let other devices become the root bridge. D. BPDU guard disables a port upon receiving a BPDU if PortFast is enabled on the port; root guard protects against root bridge flapping between devices E. BPDU guard ignores BPDUs received on a port if PortFast is enabled on the port; root guard allows for the reception of BPDUs as long as a device does not try to become the root.

Answer: B Section: (none) Explanation/Reference: Explanation: BPDU guard and root guard are similar, but their impact is different. BPDU guard disables the port upon BPDU reception if PortFast is enabled on the port. The disablement effectively denies devices behind such ports from participation in STP. You must manually reenable the port that is put into errdisable state or configure errdisable-timeout .

Root guard allows the device to participate in STP as long as the device does not try to become the root. If root guard blocks the port, subsequent recovery is automatic. Recovery occurs as soon as the offending device ceases to send superior BPDUs. Reference: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96b.shtml

QUESTION 137 All of these are Spanning Tree Protocol IEEE 802.1w port states except which one? A. B. C. D. Discarding Learning Forwarding Blocking

Answer: D Section: (none) Explanation/Reference: Explanation: RSTP and STP port states:

QUESTION 138 You work as a network technician. Study the exhibit provided. You are implementing this QoS configuration to improve the bandwidth guarantees for traffic towards two servers, one with the IP address 5.5.5.5 and the other with the IP address 5.5.5.4. Even after the configuration is applied, performance does not seem to improve. Which will be the most likely cause of this problem?

A. The class maps are wrongly configured B. The policy map mark has been applied on a half-duplex Ethernet interface; this is not supported. C. The policy map queue is configured on the wrong interface; it is applied on the serial interface whereas traffic is going over the tunnel interface. D. The ip nbar protocol-discover command cannot be configured together with a service policy output on the serial interface.

E. This is probably a software bug Answer: A Section: (none) Explanation/Reference:

QUESTION 139 Refer to the exhibit. In this network, R1 is configured not to perform auto summarization within EIGRP. What routes will R3 learn from R2 through EIGRP?

A. 172.30.1.0/24 and 10.1.2.0/24; EIGRP only performs auto summarization at the edge between two major networks. B. 172.30.0.0/16 and 10.1.2.0/24; R2 will perform auto summarization, although R1 will not. C. Since R2 is configured without auto summarization, it will not propagate the 172.30.1.0/24 route. D. 172.30.0.0/8 and 10.0.0.0/8. Answer: A Section: (none) Explanation/Reference: Explanation: With EIGRP, routing information advertised out an interface is often automatically summarized at major network number boundaries. Specifically, this automatic summarization occurs for those routes whose major network number differs from the major network number of the interface to which the advertisement is being sent. The remaining routes, which are part of the major network number of the interface, are advertised without summarization. Reference: http://www.cisco.com/en/US/docs/internetworking/design/guide/nd2017.html

QUESTION 140 Which statement is true about the actions taken when a VTP message is received on a switch configured with the VTP mode "transparent"?

A. B. C. D.

VTP updates are ignored and are not forwarded. VTP updates are ignored and forwarded out all ports. VTP updates are made to the VLAN database and are forwarded out trunks only. VTP updates are ignored and forwarded out trunks only.

Answer: D Section: (none) Explanation/Reference: Explanation:

VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements, but transparent switches do forward VTP advertisements that they receive out their trunk ports only. Reference: Understanding VLAN Trunk Protocol (VTP) http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml#v tp_modes

QUESTION 141 Via which item are Auto-RP messages forwarded? A. IP multicast using IANA-registered groups 224.0.1.39 and 224.0.1.40. B. hop-by-hop flooding of Auto-RP control packets via the 224.0.0.13 [PIM-ROUTERS] link-local multicast group C. hop-by-hop flooding of Auto-RP control packets via the 224.0.0.2 [ALL-ROUTERS] link-local multicast group D. unicast messages between candidate RPs and the mapping agent Answer: A Section: (none) Explanation/Reference: Explanation: Auto-RP automates the distribution of group-to-RP mappings in a network supporting sparse mode PIM. It supports the use of multiple RPs within a network to serve different group ranges, and allows configurations of redundant RPs for reliability purposes. In comparison, manual configuration of RP information is prone to inconsistency, which can cause connectivity problems. In summary, the automatic distribution of Group-to-RP mappings simplifies configuration task, and guarantees consistency. In a nutshell, the Auto-RP mechanism operates on two basic components, the candidate RPs and the RP mapping agents: All candidate RPs advertise their willingness to be an RP via "RP- announcement" messages. These messages are periodically sent to a reserved well-known group 224.0.1.39 (CISCO-RP- ANNOUNCE ). The default interval is 60 seconds (tunable via CLI). The RP mapping agents join group 224.0.1.39 and select consistently an RP for each group address range. The pair (group range--> RP) is called an RP-mapping. The RP mapping agents advertise the authoritative RP-mappings to another well-known group address 224.0.1.40 (CISCO-RP-DISCOVERY). All PIM routers join 224.0.1.40 and store the RP- mappings in their private cache. With Auto-RP, Multiple RPs can be used to serve different group ranges, or as hot-backups of each other. Reference: ftp://ftpeng.cisco.com/ipmulticast/autorp.html

QUESTION 142 For an MPLS label, if the stack bit is set to 1 which of these is correct? A. B. C. D. The stack bit is reserved for future use. The label is the last entry in the label stack. The stack bit will only be used when LDP is the label distribution protocol. The stack bit is for Cisco implementations exclusively and will only be used when TDP is the label distribution protocol. E. The label is the top entry in the label stack and will remain set to 1 until the last entry, the bottom label, is reached. Answer: B Section: (none) Explanation/Reference: Explanation: The label stack is represented as a sequence of "label stack entries". Each label stack entry is represented by 4

octets. This is shown in Figure 1. 0123 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+ Label | Label | CoS |S| TTL | Stack +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Entry Label: Label Value, 20 bits CoS : Class of Service, 3 bits S: Bottom of Stack, 1 bit TTL: Time to Live, 8 bits Figure 1 The label stack entries appear AFTER the data link layer headers, but BEFORE any network layer headers. The top of the label stack appears earliest in the packet, and the bottom appears latest. The network layer packet immediately follows the label stack entry which has the S bit set. Each label stack entry is broken down into the following fields: 1. Bottom of Stack (S) This bit is set to one for the last entry in the label stack (i.e., for the bottom of the stack), and zero for all other label stack entries. Reference: http://www3.ietf.org/proceedings/98aug/I-D/draft-ietf-mpls-label-encaps-02.txt

QUESTION 143 Refer to the exhibit. In this network, R1 R2, and R3 are all configured to run EIGRP on all their connected interfaces. R2 is also configured as an EIGRP stub. At R3, what EIGRP routes are in the local topology table?

A. B. C. D.

172.30.0.0/16 172.30.2.0/24 72.20.1.0/24 and 172.30.2.0/24 Not enough information has been provided to know what would be in the topology table at R3.

Answer: B Section: (none) Explanation/Reference:

QUESTION 144 Based on the output provided in the exhibit, to which address or location will the router forward a packet sent to 192.168.32.1?

Exhibit:

A. B. C. D.

10.1.1.1 10.1.1.3 the default gateway 10.1.1.2

Answer: A Section: (none) Explanation/Reference: Explanation: Refer to the following example from Cisco: Let's look at three routes that have just been installed in the routing table, and see how they look on the router. router# show ip route .... D 192.168.32.0/26 [90/25789217] via 10.1.1.1 R 192.168.32.0/24 [120/4] via 10.1.1.2 O 192.168.32.0/19 [110/229840] via 10.1.1.3 .... If a packet arrives on a router interface destined for 192.168.32.1, which route would the router choose? It depends on the prefix length, or the number of bits set in the subnet mask. Longer prefixes are always preferred over shorter ones when forwarding a packet. In this case, a packet destined to 192.168.32.1 is directed toward 10.1.1.1, because 192.168.32.1 falls within the 192.168.32.0/26 network (192.168.32.0 to 192.168.32.63). It is chosen based on the longest match, not the fact that it has a lower AD. It also falls within the other two routes available, but the 192.168.32.0/26 has the longest prefix within the routing table (26 bits verses 24 or 19 bits). Likewise, if a packet destined for 192.168.32.100 arrives on one of the router's interfaces, it's forwarded to 10.1.1.2, because 192.168.32.100 doesn't fall within 192.168.32.0/26 (192.168.32.0 through 192.168.32.63), but it does fall within the 192.168.32.0/24 destination (192.168.32.0 through 192.168.32.255). Again, it also falls into the range covered by 192.168.32.0/19, but 192.168.32.0/24 has a longer prefix length. Reference: www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094823.shtml

QUESTION 145 When using OSPF Graceful Restart, which mechanism is used to continue forwarding packets during a switchover? A. B. C. D. E. Layer 2 Forwarding hardware based forwarding Reverse Path Forwarding UDP forwarding forwarding address

Answer: B

Section: (none) Explanation/Reference: Explanation: Nonstop Forwarding (NSF) for OSPFv2 in Cisco IOS software uses the IETF standardized graceful restart functionality that is described in RFC 3623. Under very specific situations, a router may undergo certain wellknown failure conditions that should not affect packet forwarding across the switching platform. NSF capability allows for the forwarding of data packets to continue along routes that are already known, while the routing protocol information is being restored. This capability is useful in cases in which there is a component failure (for example, a Route Processor [RP] crash with a backup RP taking over) or in which there is a scheduled hitless software upgrade. A key element of NSF is packet forwarding. The OSPF protocol depends on CEF to continue forwarding packets during switchover while the routing protocols rebuild the Routing Information Base (RIB) tables. Once OSPF has converged, CEF updates the Forwarding Information Base (FIB) table and removes stale route entries. CEF then updates the line cards with the new FIB information. CEF maintains the FIB and uses the FIB information that was current at the time of a switchover to continue forwarding packets during the switchover. This feature reduces traffic interruption during the switchover. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a00805e8 fbd.html

QUESTION 146 What is the destination IP address of the IGMPv2 membership report packet that a receiver sends to join group 239.1.1.1? A. B. C. D. 224.0.0.1 224.0.0.2 239.1.1.1 the IP address of the host sending the membership report

Answer: C Section: (none) Explanation/Reference: Explanation: Multicast hosts use IGMPv2 Host Membership Report messages to communicate to a local router for which multicast groups they want to receive traffic. IGMP v2 Message Types

QUESTION 147 Which information is carried in an OSPFv3 intra-area-prefix LSA? A. B. C. D. IPv6 prefixes link-local addresses solicited node multicast addresses IPv6 prefixes and topology information

Answer: A Section: (none) Explanation/Reference: Explanation: The OSPFv3 LSA types and their OSPFv2 counterparts:

OSPFv3 removes the prefix advertisement function from Router and Network LSAs, and puts it in the new Intra-Area Prefix LSA. Now Router and Network LSAs only represent the router's node information for SPF and are only flooded if information pertinent to the SPF algorithm changes. Reference: http://www.networkworld. com/subnets/cisco/050107-ch9-ospfv3.html?page=3

QUESTION 148 Which table contains a mirror image of the forwarding information in the IP routing table used in CEF switching? A. B. C. D. Field Information Base Forwarding Information Base Field Information Based Forwarding Information Based

Answer: B Section: (none) Explanation/Reference: Explanation: Forwarding Information Base: CEF uses a Forwarding Information Base (FIB) to make IP destination prefix-based switching decisions. The FIB is conceptually similar to a routing table or information base. It maintains a mirror image of the forwarding information contained in the IP routing table. When routing or topology changes occur in the network, the IP routing table is updated, and those changes are reflected in the FIB. The FIB maintains next-hop address information based on the information in the IP routing table. Because there is a one-to-one correlation between FIB entries and routing table entries, the FIB contains all known routes and eliminates the need for route cache maintenance that is associated with switching paths such as fast switching and optimum switching. Reference: http://www.cisco.com/en/US/docs/ios/12_1/switch/ configuration/guide/xcdcef.html

QUESTION 149 Refer to the exhibit. In this network, all routers are configured to run OSPF on all interfaces in these two areas. If you examine the OSPF database on R4, what type of LSA will contain 10.1.5.0/24, and which router will have originated it?

A. B. C. D.

10.1.5.0/24 be in a summary (type 3) LSA originated by R3 10.1.5.0/24 be in a network (type 2) LSA originated by R3. 10.1.5.0/24 not be in any LSA in the OSPF database at R4, because R4 and R3 are in different areas. 10.1.5.0/24 be in a router (type 1) LSA generated by R3.

Answer: A Section: (none) Explanation/Reference: Explanation: There is a special IOS feature that prevents the sending of LSA type 3 (network summaries) at the ABR. It is called the "OSPF ABR Type 3 LSA Filtering Feature: The OSPF ABR Type 3 LSA Filtering feature extends the ability of an ABR that is running the OSPF protocol to filter type 3 link-state advertisements (LSAs) that are sent between different OSPF areas. This feature allows only packets with specified prefixes to be sent from one area to another area and restricts all packets with other prefixes. This type of area filtering can be applied out of a specific OSPF area, into a specific OSPF area, or into and out of the same OSPF areas at the same time. Not A: Routers use the Type-1 LSA to advertise the networks and other routers to which they are directly connected in an area, which is flooded within the same area. So, all the routers within the same area have the complete topology information for their own area. As a result, ABRs maintain complete topology information about all areas to which they are directly attached. However, when ABRs advertise a network that belongs to one area into a second area, they advertise only the prefix and mask of the network by using the Type-3 LSA. The routers in the second area do not know about the topology information of other areas, but they have reachability information for the networks in other areas. The ABR sends it out as LSA type 3. Q164: Refer to the exhibit. In this network R1 and R2 are both configured as EIGRP stub routers. If the link between R1 and R3 failed, would R3 still be able to reach 192.168.1.0/24, and why or why not?

A. No. R3 would remove its route to 192.168.1.0/24 through R1 , but would not query R2 for an alternate route, since R2 is a stub. B. Yes. When a directly connected link fails, a router is allowed to query all neighbors, including stub neighbors, for an alternate route. C. Yes, because R3 would know about both routes, through R1 and R2, before the link between R1 and R3 failed. D. No. The path through R2 would always be considered a loop at R3. There is a special IOS feature that prevents the sending of LSA type 3 (network summaries) at the ABR. Its called "OSPF ABR Type 3 LSA Filtering Feature: The OSPF ABR Type 3 LSA Filtering feature extends the ability of an ABR that is running the OSPF protocol to filter type 3 link-state advertisements (LSAs) that are sent between different OSPF areas. This feature allows only packets with specified prefixes to be sent from one area to another area and restricts all packets with other prefixes. This type of area filtering can be applied out of a specific OSPF area, into a specific OSPF area, or into and out of the same OSPF areas at the same time. Not A: Routers use the TypE.1 LSA to advertise the networks and other routers to which they are directly connected in a area, which is flooded within the same area. So, all the routers within the same area have the complete topology information for their own area. As a result, ABRs maintain complete topology information about all areas to which they are directly attached. However, when ABRs advertise a network that belongs to one area into a second area, they advertise only the prefix and mask of the network by using the TypE.3 LSA. The routers in the second area do not know about the topology information of other areas, but they have reachability information for the networks in other areas. The ABR sends it out as LSA type 3.

QUESTION 150 The IPv6 address of 2031:0000:130F:0000:0000:09C0:876A:130B can be expressed most efficiently in what way? A. B. C. D. E. 2031:0:130F:0:0:9C0:876A:130B 2031:0:130F:0:0:09C0:876A:130B 2031:0:130F::9C0:876A:130B 2031::130F::9C0:876A:130B O 231::13F::9C:876A:13B

Answer: C Section: (none)

Explanation/Reference: Explanation: IPv6 addresses are written as eight sets of four hexadecimal digits: FEDC:BA98:0000:0000:0000:0000.7654.3210 To make writing the addresses easier, groups of zeros that appear in the address may be replaced with double colons: FEDC:BA98::7654:3210 Only one group of contiguous zeros may be condensed within an address. Reference: http://www.netcordia.com/tnm/tnm34/ipv6.html

QUESTION 151 Refer to the exhibit. Assuming that EIGRP is the routing protocol, then at R5, what would be the status of each path to 172.30.1.0/24?

A. the path through R3 would be the successor, the path through R1 would be a feasible successor, and the path through R4 would be neither a successor nor a feasible successor B. the path through R3 would be the successor, and the paths through R1 and R4 would be feasible successors C. the path through R1 would be the successor, the path through R3 would be a feasible successor, and the path through R4 would be neither a successor nor feasible successor D. not enough information has been given to figure out what the status of each route would be Answer: A Section: (none) Explanation/Reference:

QUESTION 152 Though many options are supported in EIGRPv6, select two options from the below list that are supported. (Choose two.) A. VRF B. auto-summary

C. per-interface configuration D. prefix-list support via routE.map E. prefix-list support via distribute-list Answer: CE Section: (none) Explanation/Reference: Explanation: In a nutshell, the overall operation and features of EIGRPv6 are still the same as they are in EIGRPv4. But, EIGRPv6 does differ from EIGRPv4 in the following ways: EIGRPv6 is configured (enabled) directly on Cisco router's interfaces; this means EIGRPv6 can be configured (enabled) on a router's interface, without having to configure (assign) a Global IPv6 address on the interface and without using the "network" command while the router is in router configuration mode. Also, when configuring (enabling) EIGRPv6 on a Cisco router, the EIGRP routing process must be configured (assigned) with a "router-id" (by using the router configuration command "router-id"); if a "router-id" is not configured (assigned) the EIGRPv6 routing process will not start. The EIGRPv6 routing process also uses a "shutdown" feature; meaning an EIGRPv6 routing process will not start until the routing process has been placed into "no shutdown" mode. (by, typing the "no shutdown" command while the router is in router configuration mode) Also, on Passive Interfaces; EIGRPv6 is not required to be configured. Lastly, EIGRPv6 use the router configuration command "distribute-list prefix-list" to perform route filtering; and when configuring route filtering the "route-map" command is not supported. Reference: http://www.articledashboard.com/Article/IPv6-Cisco-Training--How-is-EIGRPv6- different-fromEIGRPv4-/484934

QUESTION 153 An expanding company is deploying leased lines between its main site and two remote sites. The bandwidth of the leased lines is 128kb/s each, terminated on different serial interfaces on the main router. These links are used for combined VOIP and data traffic. The network administrator has implemented a VOIP solution to reduce costs, and has therefore reserved sufficient bandwidth in a low latency queue on each interface for the VOIP traffic. Users now complain about bad voice quality although no drops are observed in the low latency queue. What action will likely fix this problem? A. B. C. D. E. mark VOIP traffic with IP precedence 6 and configure only 'fair-queue' on the links configure the scheduler allocate 3000 1000 command to allow the QoS code to have enough CPU cycles enable class-based traffic shaping on the VoIP traffic class enable Layer 2 fragmentation and interleaving on the links enable Frame Relay on the links and send voice and data on different Frame Relay PVCs

Answer: D Section: (none) Explanation/Reference: Explanation: Link fragmentation and interleaving (LFI) is a method used to reduce serialization delay for timesensitive applications, such as VoIP. Consider a 1500-byte FTP packet traversing a 128k serial link. The packet would take 94ms to be serialized. A VoIP packet that arrived after the FTP packet could then be forced to wait in the queue for up to 94ms. Considering that overall end-to end delay for a VoIP packet should not exceed 150ms (G.114), you can see that the delay induced by waiting for the larger packet can have a significant impact on voice quality. LFI resolves this issue by fragmenting large packets so that smaller time- sensitive packets can be interleaved with the large ones, reducing delay. Reference: "Configuring Cisco VOIP" By Syngress, page 299.

QUESTION 154 When STP Uplink Fast is enabled on a switch utilizing the default bridge priority, what will the new bridge priority be changed to? A. B. C. D. 8192 16384 49152 65535

Answer: C Section: (none) Explanation/Reference: Explanation: Upon enabling UplinkFast globally in a switch, the switch takes three actions: ? Increases the root priority to 49,152 ? Sets the post costs to 3000 ? Tracks alternate RPs, which are ports in which root Hellos are being received

QUESTION 155 Which three statements best describe Cisco IOS Firewall configurations? (Choose three.) A. B. C. D. An ACL that is applied in the inbound direction on an unsecured interface must be an extended ACL. An IP inspection rule can be applied in the outbound direction on an unsecured interface. An ACL that is applied in the outbound direction on an unsecured interface must be an extended ACL. An IP inspection rule can be applied in the inbound direction on a secured interface.

Answer: ABD Section: (none) Explanation/Reference: Explanation: The below excerpt is from the Cisco Press book " The Cisco IOS Firewall Feature Set" By Anupam Tewari. Note the places in italics where the correct answers can be found: For CBAC (IOS Firewall) to function properly, it is essential that the access list be configured appropriately on the interfaces . An extended access list must be used for the creation of temporary openings. The five steps involved in configuring CBAC are as follows: Choose an interface. CBAC can identify any interface as an internal or external interface. Unlike Firewall, CBAC has no concept of inside or outside; instead, it is concerned with the direction of the first packet initiating the conversation. Sessions originating from the external side are not permitted. For example, when user X in ABC Company tries to connect to the Internet, the direction of the conversation is from the ABC Company to the Internet. The router interface that connects to user X is considered internal , and the interface connected to the Internet is considered external . Configure IP access list at the interface. CBAC permits less traffic than necessary to get similar functionality with static access lists. When configuring an access list on the internal interface, the inbound access list (at the internal interface) or outbound (at the external interface) can be standard or extended. These access lists permit the CBAC to inspect the traffic. The outbound access list (on internal interface) and the inbound access list (at the external interface), on the other hand, should always be extended. On the external interface, the outbound access list can be standard or extended, but the inbound access list must be an extended list. The inbound access list will deny the traffic to be inspected by CBAC. This denied

traffic would be permitted in by the temporary openings created by the CBAC. Configure global timeouts and thresholds. Global timeouts are used to configure the duration for which a hole in the firewall is maintained to allow in the return traffic. Thresholds are configured to shield the network from denial-of-service (DoS) attacks. The sessions that are not established under the configured parameters are dropped. For example, the ip inspect tcp synwait-time 30 command says to drop all the TCP sessions that are not established in 30 seconds. Similar timeouts can be set up for FIN-exchange, TCP or UDP idle timeouts, and DNS timeouts. Define an inspection rule. An inspection rule defines which application-layer protocol will be inspected by the CBAC. After configuring the inspection rule for an application-layer protocol, all the packets for that protocol are permitted out and are allowed back in. Each protocol packet is inspected to maintain the session information; the same session information is used to determine whether the packet is the part of valid session. ip inspect name inspection-name protocol [timeout seconds ] is a global command used to configure the inspection rule. Protocol keywords can be tcp, udp, ftp-cmd, or http. timeout refers to the period of protocol inactivity before dropping the connection. Apply the inspection rule to the interface. The ip inspect inspectionname {in | out} command is used to apply the inspection rule to an interface. The keyword in is used for inbound traffic when the CBAC is applied on the internal (trusted, or secure) interface. The keyword out is used for outbound traffic when the CBAC is applied on the external, unsecured interface. Reference: http://www.ciscopress.com/articles/article.asp?p=26533&seqNum=5&rl=1

QUESTION 156 You are designing your network to be able to use trunks. As part of this process you are comparing the ISL and 802.1Q encapsulation options. All of these statements about the two encapsulation options are correct except which one? A. B. C. D. E. Both support normal and extended VLAN ranges. ISL is a Cisco proprietary encapsulation method and 802.10 is an IEEE standard. ISL encapsulates the original frame. Both support native VLANs. 802.10 does not encapsulate the original frame.

Answer: D Section: (none) Explanation/Reference: Explanation: Comparing ISL and 802.1Q

QUESTION 157 Refer to the exhibit. Your network is primarily an OSPF network, but there are points of redistribution from other routing protocols into your network. No route filtering has been implemented. Taking into account the output from the show ip ospf database command in the exhibit, which of these statements is true?

Exhibit: A. B. C. D. R101 is in Area 1, and Area 1 is an OSPF stub area R101 is an ABR for Area 0 and Area 1 R101 is in Area 1, and Area 1 is a standard OSPF area R101 is in Area 1, and Area 1 is an OSPF not-so-stubby area

Answer: C Section: (none) Explanation/Reference: Explanation: Router R101 is configured for OSPF area 1, as it is showing Net Link States for (Area 1). This rules out Answer A. Area 1 cannot be a stub area or a NSSA because there are Type-5 AS External Link States in the OSPF database and all stub area ABRs block Type-5 LSAs. Also, there are no Type-7 LSAs to match the Type-5 LSAs so area 1 cannot be a NSSA. So these conditions rule out answers B and C. The router also is not an ABR, as there are only LSAs for area 1 in the database, none for area 0. This rules out answer D. Router R101 must be an ASBR in standard OSPF area 1 based on the LSAs that are present in the database.

QUESTION 158 Examine the following options ,which type of prefixes will a router running BGP most likely advertise to an IBGP peer, assuming it is not configured as a route reflector?

A. prefixes received from EBGP peers and prefixes received from route reflectors B. all prefixes in its routing table C. prefixes received from any other BGP peer and prefixes locally originated via network statements or redistributed D. prefixes received from EBGP peers and prefixes locally originated via network statements or redistributed Answer: D Section: (none) Explanation/Reference: Explanation: By default, a BGP router will advertise routes that were received form other BGP peers (both IBGP and EBGP peers) as well as any locally generated routes via the network command or via redistribution. The default configuration of BGP on a circuit does not advertise any routes or allow any learned routes into the IGP routing table, these have to be manually entered as Network statements or be redistributed into the IGP. The network command controls what networks are originated by this box. This is a different concept from what you are used to configuring with IGRP and RIP. With this command we are not trying to run BGP on a certain interface, rather we are trying to indicate to BGP what networks it should originate from this box. The network command is one way to advertise your networks via BGP. Another way is to redistribute your IGP (IGRP, OSPF, RIP, EIGRP, etc.) into BGP. Careful filtering should be applied to make sure you are sending to the internet only routes that you want to advertise and not everything you have.

QUESTION 159 If a port configured with STP loop guard stops receiving BPDUs, the port will be put into which state?

A. B. C. D.

learning state listening state forwarding state root-inconsistent state

Answer: D Section: (none) Explanation/Reference: Explanation: Loop Guard-When normal BPDUs are no longer received, the port does not go through normal STP convergence, but rather falls into an STP loop-inconsistent state.

QUESTION 160 Two routers configured to run BGP have been connected to a firewall, one on the inside interface and one on the outside interface. BGP has been configured so the two routers should peer, including the correct BGP session endpoint addresses and the correct BGP session hop-count limit (EBGP multihop). What is a good first test to see if BGP will work across the firewall? A. Attempt to telnet from the router connected to the inside of the firewall to the router connected to the outside of the firewall. If telnet works, BGP will work, since telnet and BGP both use TCP to transport data. B. Ping from the router connected to the inside interface of the firewall to the router connected to the outside interface of the firewall. If you can ping between them, BGP should work, since BGP uses IP to transport packets. C. There is no way to make BGP work across a firewall without special configuration, so there is no simple test that will show you if BGP will work or not, other than trying to start the peering session.

D. There is no way to make BGP work across a firewall. Answer: A Section: (none) Explanation/Reference: Explanation: Because BGP uses unicast TCP packets on port 179 to communicate with its peers, you can configure the firewall to allow unicast traffic on TCP port 179. This way, BGP peering can be established between the routers that are connected through the firewall. For an example configuration of BGP through PIX firewalls, see the reference link below. Reference: http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009487d.s html

QUESTION 161 An OSPF router is becoming active in a multi-access network and discovers its neighbors. Which description is true? A. If a DR and a BDR already exist and the router becoming active has the same priority and a higher loopback address than either of them, it will force a new election. B. If the router becoming active has a higher priority than some elected routers, it may influence an election but will not force an election to override an active DR or BDR. C. If a DR and a BDR already exist and the router becoming active has a lower router ID than either of them, it will force a new election. D. If there is a DR but not a BDR, and the router becoming active has the same priority as an already active router, the router with the lowest router ID will become the BDR. Answer: B Section: (none) Explanation/Reference: Explanation: The following rules govern the DR/BDR election process: ? Any router with its OSPF priority set to between 1-255 inclusive can try to become DR by putting its own RID into the DR field of its sent Hellos. ? Routers examine received Hellos, looking at other routers' priority settings, RIDs, and whether each neighbor claims to want to become the DR. ? If a received Hello implies a "better" potential DR, the router stops claiming to want to be DR and asserts that the better candidate should be the DR. ? The first criteria for "better" is the router with the highest priority. ? If the priorities tie, the router with the higher RID is better. ? The router not claiming to be the DR, but with he higher priority (or higher RID, in case priority is a tie) becomes the BDR ? If a new router arrives after the election, or an existing router improves its priority, it cannot preempt the existing DR and take over as DR (or as BDR). ? Once a DR is elected, and the DR fails, the BDR becomes DR, and a new election is held for a new BDR. Reference: CCIE Routing and Switching Official Exam Certification Guide, Second Edition by Wendell Odom, page 268.

QUESTION 162 Refer to the exhibit. In this network, all routers are configured to run EIGRP on all links. If the link between R1 and R2 fails, what is the maximum number of queries R3 will receive for 192.168.1.0/24, assuming that all the

packets transmitted during convergence are transmitted once (there are no dropped or retransmitted packets)?

A. R3 receive up to four queries for 192.168.1.0/24, one each from R2, R4, R5, and R6. B. R3 receive up eight queries for 192.168.1.0/24, one from R2, two from R4, three from R5, and four from R6. C. R3 receive one query for 192.168.1.0/24, since the remote routers, R4, R5, and R6, are natural stubs in EIGRP. D. R3 not receive any queries from R2, because there are no alternate paths for 192.168.1.0/24. Answer: A Section: (none) Explanation/Reference: Explanation: Queries and replies are sent when destinations go into Active state. Queries are always multicast unless they are sent in response to a received query. In this case, it is unicast back to the successor that originated the query. Replies are always sent in response to queries to indicate to the originator that it does not need to go into Active state because it has feasible successors. Replies are unicast to the originator of the query. Both queries and replies are transmitted reliably. Reference: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f07.shtml

QUESTION 163 Unicast Reverse Path Forwarding can perform all of these actions except which one?

A. examine all packets received to make sure that the source addresses and source interfaces appear in the routing table and match the interfaces where the packets were received B. check to see if any packet received at a router interface arrives on the best return path C. combine with a configured ACL D. log its events, if you specify the logging options for the ACL entries used by the unicast rpf command E. Inspect IP packets encapsulated in tunnels, such as GRE

Answer: E Section: (none) Explanation/Reference: Explanation: Consider the following points in determining your policy for deploying Unicast RPF:

Unicast RPF must be applied at the interface downstream from the larger portion of the network, preferably at the edges of your network.

The further downstream you apply Unicast RPF, the finer the granularity you have in mitigating address spoofing and in identifying the sources of spoofed addresses. For example, applying Unicast RPF on an aggregation router helps mitigate attacks from many downstream networks or clients and is simple to administer, but it does not help identify the source of the attack. Applying Unicast RPF at the network access server helps limit the scope of the attack and trace the source of the attack; however, deploying Unicast RPF across many sites does add to the administration cost of operating the network.

The more entities that deploy Unicast RPF across Internet, intranet, and extranet resources, the better the chances of mitigating large-scale network disruptions throughout the Internet community, and the better the chances of tracing the source of an attack.

Unicast RPF will not inspect IP packets encapsulated in tunnels, such as GRE, LT2P, or PPTP. Unicast RPF must be configured at a home gateway so that Unicast RPF processes network traffic only after the tunneling and encryption layers have been stripped off the packets. Reference: http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00804 fdef9.html

QUESTION 164 Which statement correctly describes the Designated Forwarder in bidirectional PIM?

A. It has the best route to the rendezvous point and is the only router on the local subnet that may forward multicast traffic down the shared tree B. It is responsible for forwarding all multicast traffic on to and off of the local subnet. C. It is elected based on the highest IP address of all PIM routers on the local subnet and is the only router on the local subnet that may forward multicast traffic up the shared tree. D. It has the best route to the rendezvous point and is the only router on the local subnet that may forward multicast traffic up the shared tree. Answer: D Section: (none) Explanation/Reference: Explanation: To avoid multicast packet looping, bidir-PIM introduces a new mechanism called the designated forwarder (DF) election, which establishes a loop-free SPT rooted at the RP. DF Election On every network segment and point-to-point link, all PIM routers participate in a procedure called DF election. The procedure selects one router as the DF for every RP of bidirectional groups. This router is responsible for

forwarding multicast packets received on that network upstream to the RP. The DF election is based on unicast routing metrics and uses the same tie-break rules employed by PIM assert processes. The router with the most preferred unicast routing metric to the RP becomes the DF. Use of this method ensures that only one copy of every packet will be sent to the RP, even if there are parallel equal cost paths to the RP. A DF is selected for every RP of bidirectional groups. As a result, multiple routers may be elected as DF on any network segment, one for each RP. In addition, any particular router may be elected as DF on more than one interface. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1834/products_feature_guide09186a0080080 0d6.html

QUESTION 165 Refer to the exhibit. Which protocol would allow you to implement a first-hop redundancy connection and make this a multi-vendor solution?

A. B. C. D.

Gateway Load Balancing Protocol (GLBP) Hot Standby Router Protocol (HSRP) Multi-group Hot Standby Router Protocol (MSHRP) Virtual Router Redundancy Protocol (VRRP)

Answer: D Section: (none) Explanation/Reference: Explanation: Figure1 below shows a LAN topology in which VRRP is configured. In this example, RoutersA, B, and C are VRRP routers (routers running VRRP) that comprise a virtual router. The IP address of the virtual router is the same as that configured for the Ethernet interface of Router A (10.0.0.1). Figure1 Basic VRRP Topology

Because the virtual router uses the IP address of the physical Ethernet interface of Router A, Router A assumes the role of the virtual router master and is also known as the IP address owner. As the virtual router master, Router A controls the IP address of the virtual router and is responsible for forwarding packets sent to this IP address. Clients 1 through 3 are configured with the default gateway IP address of 10.0.0.1. Routers B and C function as virtual router backups . If the virtual router master fails, the router configured with the higher priority will become the virtual router master and provide uninterrupted service for the LAN hosts. When Router A recovers, it becomes the virtual router master again. Reference: http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00804 2fbd9.html

QUESTION 166 A router is connected to an HDLC circuit via a T1 physical interface. The SLA for this link only allows for a sustained rate of 768 kb/s. Bursts are allowed for up to 30 seconds at up to line rate, with a window Tc of 125 ms. What should the Bc and Be setting be when using generic traffic shaping? A. B. C. D. Be = 46320000 , Bc = 96000 Be = ,768000 Bc = 32000 Be = ,128000 Bc = 7680 Be = ,0 Bc = 96000

Answer: A Section: (none) Explanation/Reference: Explanation: Be: The amount of excess data allowed to be sent during first Tc interval in bits once credit is built up. The T1 line rate is 1544kbps. In this case the burst is allowed at line rate up to 30 sec so Be = 1544000 * 30 = 46320000 Bc: The amount of data to send per each Tc interval in bits. Ideally for data PVCs Bc = CIR/8 so that Tc = 125msec. In this case 768000/8=96000 Reference: http://www.cisco.com/en/US/tech/tk713/tk237/technologies_configuration_example09186a008009 42f8.shtml

QUESTION 167 Which two types of QoS functionality does Network-Based Application Recognition provide? (Choose two.) A. NBAR provides scheduling in an MQC policy map using an advanced algorithm. B. NBAR provides deep packet inspection and is used for advanced packet classification. C. NBAR provides per-protocol packet and byte accounting functionality; it is used to track bandwidth utilization for all protocols described in the loaded PDLMs. D. NBAR provides the ability to configure MCQ; it is a mandatory MCQ component. E. NBAR can be configured using an application policy. Answer: BC Section: (none) Explanation/Reference: Explanation: The Network-Based Application Recognition (NBAR) feature adds intelligent network classification to network infrastructures. NBAR is a classification engine that recognizes a wide variety of applications, including webbased and other difficult-to-classify protocols that utilize dynamic TCP/User Datagram Ports (UDP) port assignments. When an application is recognized and classified by NBAR, a network can invoke services for that specific application. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter0 9186a00800c75d1.html#54116

QUESTION 168 Which statement is true of a source that wants to transmit multicast traffic to group 239.1.1.1? A. It may begin transmitting multicast traffic to the group only when there is no other host transmitting to the group on the local subnet. B. It may transmit multicast traffic to the group at any time. C. Before sending traffic, it must first join multicast group 239.1.1.1 by sending an IGMPv2 membership report to the default router on the local subnet. D. It must send an IGMPv2 Request to Send packet and then wait for an IGMPv2 Clear to Send packet from the IGMPv2 querier router on the local subnet Answer: B Section: (none) Explanation/Reference: Explanation: Although hosts that want to receive IP multicast traffic are required to use IGMP first, senders of multicast traffic can transmit to the destination multicast IP address at any time.

QUESTION 169 Which three LMI types can be configured for use with Frame Relay on a Cisco router? (Choose three). A. Cisco B. ANSI-Annex D C. Q.931 - Annex B

D. Q.933- Annex A Answer: ABD Section: (none) Explanation/Reference: Explanation: The three LMI types for use with Frame Relay on a CISCO Router are: CISCO ANSI Q.933

QUESTION 170 In order to create a fully meshed Frame Relay network with point-to-point links between 10 sites, how many links would be needed? A. B. C. D. E. 10 20 35 45 60

Answer: D Section: (none) Explanation/Reference: Explanation: The number of links (connections) needed for any fully meshed configuration can be found by the formula: N(N1)/2. For 10 links we have: 10(10-1)/2=45

QUESTION 171 If two bridges are competing to become the root bridge of an IEEE 802.1 D spanning tree and both have the same bridge priority configured, what parameter determines the winner? A. B. C. D. root port cost MAC address highest-numbered IP interface device uptime

E. OS revision Answer: B Section: (none) Explanation/Reference: Explanation: A Spanning-Tree Bridge-ID contains two pieces of information, a Bridge Priority value and a MAC Address. These two values put together are called the Bridge-ID. The root bridge of the spanning tree is the bridge with the smallest bridge ID. To compare two bridge IDs, the priority is compared first. If two bridges have equal priority, then the MAC addresses are compared.

QUESTION 172 By using a unique route distinguisher per VRF, an RFC 4364 Layer 3 VPN allows for which of these?

A. B. C. D.

overlapping IP address spaces multi-homed access a unique IGP per VRF traffic engineering

Answer: A Section: (none) Explanation/Reference: Explanation: RFC 4364 describes a method by which a Service Provider may use an IP backbone to provide IP Virtual Private Networks (VPNs) for its customers. This method uses a "peer model", in which the customers' edge routers (CE routers) send their routes to the Service Provider's edge routers (PE routers). Border Gateway Protocol (BGP) [BGP, BGP-MP] is then used by the Service Provider to exchange the routes of a particular VPN among the PE routers that are attached to that VPN. This is done in a way that ensures that routes from different VPNs remain distinct and separate, even if two VPNs have an overlapping address space. The BGP Multiprotocol Extensions [BGP-MP] allow BGP to carry routes from multiple "address families". We introduce the notion of the "VPN-IPv4 address family". A VPN-IPv4 address is a 12-byte quantity, beginning with an 8byte Route Distinguisher (RD) and ending with a 4-byte IPv4 address. If several VPNs use the same IPv4 address prefix, the PEs translate these into unique VPN-IPv4 address prefixes (route distinguisher). This ensures that if the same address is used in several different VPNs, it is possible for BGP to carry several completely different routes to that address, one for each VPN. Reference: http://www.networksorcery.com/enp/rfc/rfc4364.txt

QUESTION 173 Refer to the exhibit. All routers in this network are configured to run OSPF on all their connected links. R1 is redistributing 192.168.1.0/24 into Area 1. When the 192.168.1.0/24 network is disconnected from R1 the network administrator notes that R4 and R3 both receive two OSPF updates. Since 192.168.1.0/24 is within Area 1, the network administrator thinks this may indicate incorrect operation and calls technical support. Is this incorrect OSPF operation, and why or why not?

Exhibit:

A. This is correct operation; R3 should receive new LSAs from R1. and R4 should receive one updated LSA from R1 and another from R2. B. This is correct operation; R4 will receive and updated router (type 1) LSA from R1 and an OSPF update removing the external (type 5) LSA from the OSPF database. C. This is incorrect operation; R4 should only receive one LSA when 192.168.1.0/24 is disconnected from R1. D. This is incorrect operation; R4 should not receive any LSAs when 192.168.1.0/24 is disconnected from R1. Answer: A Section: (none) Explanation/Reference: Explanation: Router R1 will send out a Type 1 LSA locally to area 1 to describe the updated interface state on itself. This is one LSA received by R3. This LSA will not be transmitted into area 0. R1 will also send out a Type 5 LSA to withdraw the external route. This is the 2nd LSA received by R3. Both R3 and R2 will forward this LSA to R4 as ABRs between areas 0 and 1. This accounts for the two LSAs received by R4

QUESTION 174 Refer to the exhibit. A network engineer has connected a packet-capturing device to the common broadcast segment in this network, on which all the routers are configured to run OSPF. By examining various show commands on the routers, the engineer discovers that the designated router is R1. By examining the captured packets, the engineer also discovers that every new LSA that R3 sends to the link. R1 resends to the link a few moments later. Is this correct OSPF operation, and why or why not?

Exhibit: A. This is incorrect operation; each new LSA should only be flooded onto a given broadcast link once. B. This is correct operation; OSPF uses a scheme whereby each LSA flooded onto a link is acknowledged by the receiving router through a reflood back onto the link of the same information. C. This is incorrect operation; it indicates that while R3 can send packets to R1, R1 cannot send packets to R3. D. This is correct operation; flooding new LSA information to the other routers is a function of the designated router. Answer: D Section: (none)

Explanation/Reference: Explanation: OSPF optimizes the LSA flooding process on multiaccess data links by using the concept of a designated router (DR). Without the concept of a DR, each pair of routers that share a data link would become fully adjacent neighbors. Each pair of routers would directly exchange their LSDBs with each. On a LAN with only six routers, without a DR, 15 different pairs of routers would exist, and 15 different instances of full database flooding would occur. OSPF uses a DR (and backup DR, or BDR) on a LAN or other multiaccess network. The flooding occurs through the DR, significantly reducing the unnecessary exchange of redundant LSAs. If R1 is the designated router, the first time the LSA is seen is when R3 sends the LSA to its neighbor, R1 which is the DR. The second time the LSA is seen, is R1 flooding the LSA to all of the routers on the segment.

QUESTION 175 When receiving information from redistributed routes, a router will use all of these factors when building its routing table except for which one?

A. B. C. D. E.

Routing protocol process ID Administrative distance IP prefix lists The route metric Prefix length

Answer: A Section: (none) Explanation/Reference: Explanation: Process id is never factored in. Building the Routing Table : The main considerations while building the routing table are: Administrative distance - This is the measure of trustworthiness of the source of the route. If a router learns about a destination from more than one routing protocol, administrative distance is compared and the preference is given to the routes with lower administrative distance. In other words, it is the believability of the source of the route. Metrics - This is a measure used by the routing protocol to calculate the best path to a given destination, if it learns multiple paths to the same destination. Each routing protocol uses a different metric. Prefix length As each routing process receives updates and other information, it chooses the best path to any given destination and attempts to install this path into the routing table. For instance, if EIGRP learns of a path toward 10.1.1.0/24, and decides this particular path is the best EIGRP path to this destination, it tries to install the path it has learned into the routing table. The router decides whether or not to install the routes presented by the routing processes based on the administrative distance of the route in question. If this path has the lowest administrative distance to this destination (when compared to the other routes in the table), it's installed in the routing table. If this route isn't the route with the best administrative distance, then the route is rejected. The Routing protocol process ID is not used in building the routing table for redistributed routes. Reference: www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094823.shtml

QUESTION 176 You work as a network engineer for the company, you want to configure two BGP speakers to form an EBGP session across a firewall. On the engineer's network, the firewall always permits TCP sessions that are initiated from the inside network (the network attached to the inside interface of the firewall). What prerequisite is there for enabling BGP to run on this network? A. EBGP multihop will need to be configured for this to work.

B. This should work with normal BGP peering, with no additional configuration on the BGP speakers or the firewall. C. The BGP protocol port must be opened on the firewall. D. There is no way to make BGP work across a firewall. Answer: C Section: (none) Explanation/Reference: Explanation: Because BGP uses unicast TCP packets on port 179 to communicate with its peers, you must allow unicast traffic on TCP port 179 on the firewalls. You will need to allow incoming as well as outgoing TCP port 179. This way, BGP peering can be established between the routers that are connected through the firewall. A configuration example of how to do this is found at the reference link below. Reference: ASA/PIX: BGP through ASA Configuration Example http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009487d.s html

QUESTION 177 Which of these statements about PIM-join messages in classic PIM-SM is correct? A. PIM-join messages are sent every 60 seconds to refresh the upstream router's mroute state for the multicast tree. B. Routers send a PIM-join acknowledgement in response to each PIM-join message received from a downstream router. C. PIM-join messages are only sent when the multicast distribution tree is first being established. D. PIM-join messages are sent every three minutes to refresh the upstream router's mroute state for the multicast tree. Answer: A Section: (none) Explanation/Reference: Explanation: In a typical PIM-SM implementation, each neighboring router that supports a downstream multicast group member sends a PIM Join/Prune Message every 60 seconds, so it can take up to 60 second for a rebooted router to learn the forwarding states for any downstream multicast group members after learning the identity of the multicast group RP router. Reference: http://www.patentstorm.us/ patents/6631420-description.html

QUESTION 178 Refer to the exhibit. The network administrator for this small EIGRP network would like to change the primary path from R5 to 172.30.1.0/24 so that it passes through R2. Which of these changes allow the network administrator to achieve this goal?

A. Increase the delay on the link between R5 and R4 to 30, and increase the delay on the link between R5 and R3 to 25. B. Increase the delay on the link between R5 and R3 to 25. C. Decrease the delay on the link between R5 and R2 by 5. D. Do nothing; the traffic from R5 to 172.30.1.0/24 already passes through R2. Answer: A Section: (none) Explanation/Reference:

QUESTION 179 Which four commands are required when implementing DMVPN? (Choose four.) A. B. C. D. E. F. crypto ipsec transform crypto isakmp policy crypto acl easy vpn gre tunnel interface crypto ipsec profile

Answer: ABEF Section: (none) Explanation/Reference:

QUESTION 180 What protocol provides a mechanism to tranparently intercepts and redirects CIFS traffic from a client to a local Cisco Wide Area Application engine? A. B. C. D. File Transport Protocol (FTP) Hot Standby Routing Protocol (HSRP) Virtual Router Redundancy Protocol (VRRP) Web Cache Communication Protocol (WCCP)

Answer: D Section: (none) Explanation/Reference: Explanation: Clients in a WAFS network use the Common Internet File System (CIFS) cache service to request file and print services from servers over a network. WCCP provides the mechanism to transparently redirect CIFS traffic to your WAE for processing. To configure basic WCCP, you must enable the WCCP service on at least one router in your network and on your WAE. It is not necessary to configure all of the available WCCP features or services to get your WAE up and running.

QUESTION 181 Which three of these major functionality changes were made between IGMPv2 and IGMPv3? (Choose three.) A. B. C. D. E. IGMPv3 added the ability for a host to specify which sources in a multicast group it wishes to receive. IGMPv3 added the ability for a host to specify which sources in a multicast group it does not wish to receive. IGMPv3 removed the ability to perform a wildcard join of all sources in a multicast group. IGMPv3 removed the report-suppression feature for IGMP membership reports IGMPv3 added Request to Send and Clear to Send signaling between sources and local IGMP queriers.

Answer: ABD Section: (none) Explanation/Reference: Explanation: Tableof IGMP Versions

Note: IGMP report suppression is supported only when the multicast query has IGMPv1 and IGMPv2 reports. This feature is not supported when the query includes IGMPv3 reports. References: http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00805 a344c.html http://www.cisco.com/en/US/docs/switches/lan/catalyst2970/software/release/12.2_25_se/configur ation/guide/ swigmp.html#wp1117101

QUESTION 182 The ip pim autorp listener command is used to do which of these? A. enable the use of Auto-RP on a router B. enable a Cisco router to "passively" listen to Auto-RP packets without the router actively sending or forwarding any of the packets C. configure the router as an Auto-RP mapping agent D. allow Auto-RP packets in groups 224.0.1.39 and 224.0.1.40 to be flooded in dense mode out interfaces configured with the ip pim sparse-mode command Answer: D Section: (none) Explanation/Reference: Explanation: To cause IP multicast traffic for the two Auto-RP groups 224.0.1.39 and 224.0.1.40 to be Protocol Independent Multicast (PIM) dense mode flooded across interfaces operating in PIM sparse mode, use the ip pim autorp listener command in global configuration mode. Use the ip pim autorp listener command with interfaces configured for PIM sparse mode operation in order to establish a network configuration where Auto-RP operates in PIM dense mode and multicast traffic can operate in sparse mode, bidirectional mode, or source specific multicast (SSM) mode. Example: The following example enables IP multicast routing and the Auto-RP listener feature on a router. It also configures the router as a Candidate RP for the multicast groups 239.254.2.0 through 239.254.2.255. ip multicast-routing ip pim autorp listener ip pim send-rp-announce Loopback0 scope 16 group-list 1 ip pim send-.rp-discovery Loopback1 scope 16 access-list 1 permit 239.254.2.0 0.0.0.255 Reference: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fiprmc_r/mult/1rfmult2.ht m#wp1090395

QUESTION 183 Multicast addresses in which range are reserved by the IANA for administratively scoped multicast? A. B. C. D. 232.0.0.0-232.0.0.255 233.0.0.0-233.255.255.255 232.0.0.0-232.255.255.255 239.0.0.0-239.255.255.255

Answer: A Section: (none) Explanation/Reference: Explanation: IANA Assigned Multicast Address Blocks The IETF has provided the IANA with guidance on how IP Multicast address space should be allocated in RFC 3171bis, "IANA Guidelines for IPv4 Multicast Address Assignments." Table 1 below lists the current

assignments blocks documented in RFC 3171bis.

Reference: http://www.cisco.com/en/US/tech/tk828/technologies_white_paper09186a00802d4643.shtml

QUESTION 184 Which three of these are good reasons to use summarization or route aggregation? (Choose three.)

A. B. C. D. E.

Aggregation reduces the amount of memory required to store the routing table. Summarization adds the amount of memory that is required to routes when calculating the routing paths. Summarization is used to minimize the exchange and processing of routing information. Aggregation eliminates routes to be installed on the routing table. Summarization optimizes the routing information advertisement during route redistribution.

Answer: ACE Section: (none) Explanation/Reference: Explanation: Route summarization means summarizing a group of routes into a single route advertisement. The net result of route summarization and its most obvious benefit is a reduction is the size of routing tables on the network. This in turn reduces the latency associated with each router hop since the average speed for routing table lookup will be increased due to the reduced number of entries. The routing protocol overhead can also be significantly reduced since fewer routing entries are being advertised. This can become critical as the overall network (and hence the number of subnets) grows. Apart from reducing routing table sizes route summarization can also improve the stability of the network by containing the propagation of routing traffic after a network link goes down. If a router is only advertising a summary route to the next downstream router, then it will not advertise changes relating to specific subnets contained within the summarized range.

QUESTION 185 Spanning Tree Protocol IEEE 802.1s defines the ability to deploy which of these? A. One global STP instance for all VLANs

B. one STP instance for each VLAN C. one STP instance per set of VLANs D. one STP instance per set of bridges

Answer: C Section: (none) Explanation/Reference: Explanation: 802.1s for MST is an amendment to 802.1Q. MST extends the IEEE 802.1w rapid spanning tree (RST) algorithm to multiple spanning trees. This extension provides both rapid convergence and load balancing in a VLAN environment. MST converges faster than PVST+. MST is backward compatible with 802.1D STP, 802.1w (rapid spanning tree protocol [RSTP]), and the Cisco PVST+ architecture. MST allows you to build multiple spanning trees over trunks. You can group and associate VLANs to spanning tree instances. Each instance can have a topology independent of other spanning tree instances. This new architecture provides multiple forwarding paths for data traffic and enables load balancing. Network fault tolerance is improved because a failure in one instance (forwarding path) does not affect other instances (forwarding paths). Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/s pantree. html#wp1050594

QUESTION 186 Two routers are connected over a serial link, and are configured to run EIGRP on all interfaces. You examine the EIGRP neighbor table on both routers (using the show ip eigrp neighbor command) and see that the router connected over the serial link is listed as a neighbor for a certain amount of time, but is periodically removed from the neighbor table. None of the routes from the neighbor ever seem to be learned, and the neighbor transmission statistics (SRTT, RTO, and Q Count) seem to indicate that no packets are being transmitted between the neighbors. What is the most likely cause of this problem? A. While multicast packets are being successfully sent over the link, unicast packets are not. B. This is correct behavior for the first few minutes of EIGRP neighbor formation. After four or five cycles, it should straighten itself out and the neighbor relationship should work. C. The hello or hold intervals are set differently on the two routers. D. There is a bug in the EIGRP code that needs to be fixed. Answer: A Section: (none) Explanation/Reference: Explanation: EIGRP uses multicast to establish a neighbor relationship and to send EIGRP update messages which include routing updates. EIGRP uses the Reliable Transport Protocol (RTP) to send the multicast EIGRP updates. EIGRP sends updates, waiting on a unicast EIGRP ACK message from each recipient. If any neighbors fail to acknowledge receipt of the multicasted update, RTP resends Updates as unicasts just to those neighbors. Incorrect Answers: B: This is not normal behavior C: The hello and hold timers do not need to match in EIGRP. Each router uses its neighbor's timers to monitor the relationship D: While it is possible that a bug in the EIGRP code could cause these symptoms, Answer A is more specifically correct.

QUESTION 187 If a Cisco switch is configured with VTP v1 in transparent mode, what is done with received VTP advertisements?

A. B. C. D.

They are discarded. The changes within the advertisements are made to the switch's VTP database. The contents are ignored and they are forwarded out all trunking ports. The contents are altered to reflect the switch's own VTP database and then they are forward out all trunking ports.

Answer: C Section: (none) Explanation/Reference: Explanation: From the CCIE R&S Exam Certification Guide: VTP Modes and Features

QUESTION 188 Two islands of IPv6 networks running IS-IS (IPv6 IGP) need to connect via a tunnel over an IPv4 network. Which of these tunneling methods could be used to achieve this goal? A. B. C. D. manual tunnels (RFC 2893) 6to4 tunnels ISATAP tunnels GRE tunnels

Answer: D Section: (none) Explanation/Reference: Explanation: IPv6 traffic can be carried over IPv4 GRE tunnels using the standard GRE tunneling technique that is designed to provide the services necessary to implement any standard point-to-point encapsulation scheme. As in IPv6 manually configured tunnels, GRE tunnels are links between two points, with a separate tunnel for each link. The tunnels are not tied to a specific passenger or transport protocol, but in this case carry IPv6 as the passenger protocol with the GRE as the carrier protocol and IPv4 or IPv6 as the transport protocol. The primary use of GRE tunnels is for stable connections that require regular secure communication between two edge routers or between an edge router and an end system. The edge routers and the end systems must be dual-stack implementations. GRE has a protocol field that identifies the passenger protocol. GRE tunnels allow Intermediate System-to-Intermediate System (IS-IS) or IPv6 to be specified as a passenger protocol, which allows both IS-IS and IPv6 traffic to run over the same tunnel. If GRE did not have a protocol field, it would be impossible to distinguish whether the tunnel was carrying IS-IS or IPv6 packets. The GRE protocol

field is why it is desirable that you tunnel IS-IS and IPv6 inside GRE. http://www.cisco.com/en/US/products/sw/ iosswrel/ps5187/products_configuration_guide_chapter0 9186a00801d6604.html#wp1027187

QUESTION 189 If you have multiple DHCP pools configured on the same router, what IOS command has to be entered in the DHCP configuration to be processed be using the other DHCP pool configuration? A. B. C. D. host network ip helper default-gateway

Answer: A Section: (none) Explanation/Reference: Explanation: If you want to use the other DHCP pools you should do it statically. Not C: The question is: << If you have multiple DHCP pools configured in the same Router>> That's mean you don't need the network to configure pools, because they are already configured

QUESTION 190 Refer to the exhibit. R10 is redistributing routes learned form BGP into the OSPF process. R5 receives a packet destined for a network learned via BGP. Information received by means of which LSA enables R5 to properly route the packet?

A. a type 7 (NSSA external) LSA generated by R10

B. C. D. E. F.

a type 7 (NSSA external) LSA generated by R2 a type 7 (NSSA external) LSA generated by R1 a type 5 (AS external) LSA generated by R10 a type 5 (AS external) LSA generated by R2 a type 5 (AS external) LSA generated by R1

Answer: E Section: (none) Explanation/Reference:

QUESTION 191 You have attempted to configure OSPFv3 between two routers over Frame Relay and cannot establish adjacency. What have you failed to map? A. the multicast address for all routers to the DLCI B. the solicited node multicast address to the DLCI C. the neighbor's link local address to the DLCI D. the broadcast address for all routers to the DLCI Answer: C Section: (none) Explanation/Reference: Explanation: From the CCIE R&S Exam Certification Guide: In IPv4 Frame Relay networks, you are likely to be familiar with mapping IP addresses to DLCI numbers. The configuration of frame-relay map statements is much the same in IPv6, but there is a twist: It requires two map statements instead of just one. One map statement points to the link- local address, and the other points to the unicast address of the next-hop interface.

QUESTION 192 Refer to the exhibit. Both multicast sources are sending to the same multicast address. How does a user specify which multicast stream they would like to receive?

A. The user must know the source address and group address of the desired multicast stream and explicitly join that stream. B. Dense mode is used to forward the multicast streams to the end users allowing them to pick the desired stream when it arrives. C. The multicast streams must be separated from each other by specifying a scope for each. This means that each user can only get multicast traffic from one of the sources. D. Routers A and B are set up as rendezvous points. The user joins a multicast group by sending an IGMP request to their local router. The local router then connects to the correct RP and receives the desired multicast stream. Answer: A Section: (none) Explanation/Reference: FreeExamKing.com Explanation: The user must know the source address and group address of the desired stream and explicitly join it. This is a feature of igmpv3. the group add is 232.1.1.1 and this is in the ssm range specified for igmpv3. this is a security behaviour incorporated to mitigate dos that can be caused whn rogue multicast group add diverts stream from clients. this is the case with version 1 and 2.

QUESTION 193 Refer to the exhibit. In this network, all routers are configured to run EIGRP on all links. R2 is configured to send a summary route only to R4, R5, and R6. If the link between R1 and R2 fails, Page 144 of 251 "Pass Any Exam. Any Time." - www.actualtests.com 144 Cisco 350-001: Practice Exam what is the maximum number of queries R3, R4, R5, and R6 will receive for 192.168.1.0/24, assuming that all the packets transmitted during convergence are transmitted once (there are no dropped or retransmitted packets)?

A. R3 will receive one query for 192.168.1.0/24 .from R2. R4, R5, and R6 will each receive, and reply to, one query. B. R3 will receive four queries for 192.168.1.0/24, one each from R2, R4, R5, and R6. R4, R5, and R6 will each receive, and reply to, one query. C. R3, R4, R5, and R6 will not receive any queries for 192.168.1.0/24, since there is no alternate path to this destination within the network D. R3 will receive one query for 192.168.1.0/24. R4, R5, and R6 will not receive any queries for this destination, because R2 is not advertising this network towards them. Answer: A Section: (none) Explanation/Reference: Explanation: There is not something like a natural stub router. Stub needs to be configured.

QUESTION 194 Which three port states are used by RSTP 802.1w? (Choose three.)

A. B. C. D. E. F.

Listening Learning Forwarding Blocking Discarding Disabled

Answer: BCE Section: (none) Explanation/Reference:

Explanation: Discarding, learning and forwarding are the 3 port states in RSTP. In RSTP, a discarding state means that the port does not forward frames, receive frames, or learn source MAC addresses, regardless of whether the port was shut down, failed, or simply does not have a reason to forward. Once RSTP decides to transition from discarding to forwarding state (for example, a newly selected RP), it goes immediately to the learning state. From that point on, the process continues just as it does with 802.1d. RSTP no longer needs the listening state because of its active querying to neighbors, which guarantees no loops during convergence.

QUESTION 195 What is the reason that you avoid having multicast applications use the multicast address 255.0.0.11 whenever possible? A. This address is reserved by the IANA for the Multicast Address Dynamic Client Allocation Protocol. B. This Layer 3 IP multicast address maps to a Layer 2 MAC address that will always be flooded to all ports of a Cisco Layer 2 switch. C. This is a link-local multicast address which is never forwarded beyond the local subnet D. This address is reserved by the IANA for the Session Announcement Protocol. Answer: B Section: (none) Explanation/Reference: Explanation: IGMP Snooping normally is used by Layer 2 switches to constrain multicast traffic only to those ports that have hosts attached and that have signaled their desire to join the multicast group by sending IGMP Membership Reports. However, it is important to note that most Layer 2 switches flood all multicast traffic that falls within the MAC address range of 0x0100.5E00.00xx (which corresponds to Layer 3 addresses in the Link-Local block) to all ports on the switch even if IGMP Snooping is enabled. This is true for the current suite of Cisco switches. The reason that this Link- Local multicast traffic is always flooded is that IGMP Membership Reports normally are never sent for multicast traffic in the Link-Local block. For example, routers do not send IGMP Membership Reports for the ALL-OSPF-ROUTERS group (255.0.0.5) when OSPF is enabled. Therefore, if Layer 2 switches were to constrain (that is, not flood) Link-Local packets in the 255.0.0.0/24 (0x0100.5E00.00xx) range to only those ports where IGMP Membership reports were received, Link-Local protocols such as OSPF would break. The impact of this Link-Local flooding in combination with the 32:1 ambiguity that arises when Layer 3 multicast addresses are mapped to Layer 2 MAC addresses means that there are several multicast group ranges besides the 255.0.0.0/24 that will map to the 0x0100.5E00.00xx MAC address range and hence also will be flooded by most Layer 2 switches. It is recommended that multicast addresses that map to the 0x0100.5E00.00xx MAC address range be avoided . Reference: http://www.cisco.com/en/US/tech/tk828/technologies_white_paper09186a00802d4643.shtml#wp1 002391

QUESTION 196 Prior to 802.1w, Cisco implemented a number of proprietary enhancements to 802.1 D to improve convergence in a Layer 2 network. Which of these statements is true? A. B. C. D. E. Only Port Fast and UplinkFast are specified in 802.1w; BackboneFast must be manually configured. Only UplinkFast and BackboneFast are specified in 802.1w; Port Fast must be manually configured. Only Port Fast is specified in 802.1w; UplinkFast and BackboneFast must be manually configured. None of the proprietary Cisco enhancements are specified in 802.1w. Port Fast, Uplink Fast, and Backbone Fast are specified in 802.1w.

Answer: E Section: (none) Explanation/Reference:

QUESTION 197 Refer to the exhibit. In this network, what will be the impact at R4 if the link between R1 and R2 fails?

Exhibit: A. R2 will generate a new network (type 2) LSA, since it has lost its connection to 10.1.1.4/30. When R4 receives this LSA, it will run SPF to recalculate the shortest path three. B. R4 will receive a router (type 1) LSA from R2, since it has lost its connection to R2. When R4 receives this LSA, it will run SPF to recalculate the shortest path tree. C. R4 will not receive any new LSAs of any type, nor will it run SPF. D. R3 will generate a new summary (type 3) LSA when the link between R1 and R2 fails. When R4 receives this new summary LSA, it will run SPF, recalculating its shortest path tree. Answer: C Section: (none) Explanation/Reference:

QUESTION 198 What is the STP root guard feature designed to prevent? A. B. C. D. a root port being transitioned to the forwarding state a port being assigned as a root port a root port being transitioned to the blocking state a port being assigned as an alternate port

Answer: B Section: (none) Explanation/Reference:

Explanation: Root Guard-Enabled per port; ignores any received superior BPDUs to prevent a switch connected to this port from becoming root. Upon receipt of superior BPDUs, this switch puts the port in a loop-inconsistent state, ceasing forwarding and receiving frames until the superior BPDUs cease.

QUESTION 199 Refer to the exhibit. In this network, OSPF has been configured on R2 and R3 to run on all 10.0.0/8 links. EBGP and IBGP sessions are configured as shown. BGP is advertising all OSPF learned routes on R2, and 192.168.1.0/24 on R1. The user at H1 calls and states that H1 cannot reach a server located on 192.168.1.0/24, although it can reach R1's address on the 192.168.2.0/24 network.

A. The next hop to 192.168.1.0/24 is on the 192.168.2.0/24 network. R3 does not have a route to 192.168.2.0/24, so it will not install the route to 192.168.1.0/24. B. The next hop to 192.168.1.0/24 at R3 is R2; IBGP will not install a route with a directly connected next hop. C. The next hop to 10.1.2.0/24 is R3 (on the 10.1.1.0/24 network). R1 does not have a route to the 10.1.1.0/24 network, so it will not install 10.1.2.0/24. D. H1's default gateway is probably misconfigured. Answer: A Section: (none) Explanation/Reference: Explanation: If the router doesn't know how to reach a route's next hop, a recursive lookup will fail, and the route can't be added to BGP. For example, if a BGP router receives a route for 10.0.0.0/8 with a NEXT_HOP attribute of 192.168.0.1, but doesn't have an entry in its routing table for a subnet containing 192.168.0.1, the received route for 10.0.0.0/8 is useless and won't be installed in the routing table.

QUESTION 200 Into which two types of areas would an area border router (ABR) inject a default route? (Choose two.) A. B. C. D. E. F. the autonomous system of a different interior gateway protocol (IGP) area 0 totally stubby NSSA stub the autonomous system of an exterior gateway protocol (EGP)

Answer: CE Section: (none) Explanation/Reference:

QUESTION 201 Refer to the exhibit. If VLAN 21 does not exist before typing the commands, what is the result of the configuration applied on switch SW1?

A. B. C. D.

A new VLAN 21 is created and port 0/8 is assigned to that VLAN. A new VLAN 21 is created, but no ports are assigned to that VLAN. No VLAN 21 is created and no ports are assigned to that VLAN. Configuration commandvlan database should be used first to create the VLAN 21.

Answer: A Section: (none) Explanation/Reference:

QUESTION 202 Which of these is mandatory when configuring Cisco IOS Firewall? A. B. C. D. E. Cisco IOS IPS enabled on theuntrusted interface NBAR enabled to perform protocol discovery and deep packet inspection a route map to define the trusted outgoing traffic a route map to define the application inspection rules an inbound extended ACL applied to theuntrusted interface

Answer: E Section: (none) Explanation/Reference:

QUESTION 203 Which of these statements is true regarding BPDU generation for both 802.1D and 802.1w? A. B. C. D. E. F. In 802.1D, only the root switch generates BPDUs every "hello time" second. For both 802.1D and 802.1w, only the root switch generates BPDUs every "hello-time" second. For both 802.1D and 802.1w, all switches generate BPDUs every "hello-time" second. In 802.1D, all switches generate BPDUs every "hello-time" second. In 802.1w, only the root switch generates BPDUs every "hello-time" second. In 802.1w, all switches generate BPDUs every "hello-time" second.

Answer: A Section: (none)

Explanation/Reference:

QUESTION 204 Refer to the exhibit. In this network, if the link between R1 and R2 fails, what will be the impact on R4?

A. R4 will receive a new summary (type 3) LSA from R3 when the link between R1 and R2 fails. This will cause R4 to run SPF. B. R4 will not notice any changes if the link between R1 and R2 fails, since R3 will be generating a summary (type 3) LSA between Area 1, where the link between R1 and R2 is located, and Area 0, where R4 is connected. C. R4 will receive a new router (type 1) LSA from R2, since R2 has lost its connection with R1. When R4 receives this new router LSA, it will run SPF. D. R4 will receive a new network (type 2) LSA from R2, since R2 has lost connectivity to the 10.1.1.4/31 network. When R4 receives this new LSA, it will run SPF to recalculate its tree. Answer: A Section: (none) Explanation/Reference:

QUESTION 205 Refer to the exhibit. In this network, what path will traffic destined to 10.1.3.1 and arriving at R1 prefer?

A. through R3, since that is the lowest cost path (10+10 = 20, which is lower than 100) B. through R2, since it is the path through Area 0 C. through R2; this is the only path available for R1 to reach 10.1.3.0/24, since R3 is in a different autonomous system than R1 and R2 D. through R3, because R1 will only have a summary (type 3) LSA from R2 Answer: B Section: (none) Explanation/Reference:

QUESTION 206 Refer to the exhibit. In this network, what path will traffic destined to 10.1.3.1 take when it arrives at R5?

A. R5 will not have a path to 10.1.3.0/24, because the summary (type 3) LSA advertised by R1 into Area 1 will not bereadvertised back into Area 0 by R3. B. R5 will not have a path to 10.1.3.0/24, because R2 is in a different autonomous system than R1 or R3. C. The traffic will take the path R4, R3, R2, R1 because this is the lowest cost path from R5 to 10.1.3.0/24. D. The traffic will take the path R5, R3, R2, R1, because OSPF always prefers paths within areas to paths that pass through other areas. Answer: A Section: (none) Explanation/Reference:

QUESTION 207 Refer to the exhibit. In this network, what path will traffic arriving at R4 and destined to 10.1.5.1 take?

A. It will follow the default route with the lowest metric, through R2. B. It will choose the path through R3, because that is the shortest path to the destination (10+20 = 30 versus 15+20 = 35), based on the border router (type 4) LSAs generated by R2 and R3. C. R4 will not have a route to 10.1.5.0/24, so it will drop the traffic. D. It will load-share between the two paths, because the two default routes injected into Area 1 are of equal cost. Answer: B Section: (none) Explanation/Reference:

QUESTION 208 Refer to the exhibit. In this network, what result will there be if the link between R1 and R3 fails, in relation to R4's route to 10.1.5.0/24?

A. R1 will not be originating a route for 10.1.5.0/24 into the network. B. R4 will receive a new network LSA from R3 noting that R3 has lost its connection to 10.1.1.0/24. Based on this information, R4 will run SPF and find an alternate path to 10.1.5.0/24 through R2. C. R4 will receive new router LSAs from both R3 and R1, noting that they no longer connect to each other. Based on these LSAs, R4 will run SPF and find an alternate path to 10.1.5.0/24 through R2. D. R4 will continue forwarding traffic for 10.1.5.0/24 to R3, since that is the ABR connecting it to Area 1, the area within which 10.1.5.0/24 is located. Answer: A Section: (none) Explanation/Reference:

QUESTION 209 Refer to the exhibit. Assume all the links in this network are internal OSPF links. What will the result be if the link between R1 and R3 fails, in regards to R4's path to 10.1.5.0/24?

A. R3 will generate a new summary (type 3) LSA and flood it into Area 1. R4, on receiving this LSA, will run SPF and find an alternate path to 10.1.5.0/24 through R2. B. R4's OSPF database and routing table will not be affected, since R4 will not have a route to 10.1.5.0/24. It will only have default routes originated by the ABRs, R2, and R3. C. R3 will generate a new summary (type 3) LSA, and flood it into Area 1. R4's route to 10.1.5.0/24 will not be affected by this new information, since it will be using the path through R2 whether or not the link between R1 and R3 is up. D. R1 and R3 will each originate a new router (type 1) LSA, indicating they are no longer connected. When R4 receives these two LSAs, it will run SPF and find the alternate path through R2. Answer: B Section: (none) Explanation/Reference:

QUESTION 210 Refer to the exhibit. In this network, traffic destined to 10.1.5.1 and arriving at R4 will take which path?

A. It will take the path through R2. B. R4 will load-share the traffic arriving for 10.1.5.1 across the two paths, through R2 and R3, since both paths have a cost of 30. C. R4 will not have a path to 10.1.5.0/24, so the traffic will be dropped. D. It will take the path through R3.

Answer: A Section: (none) Explanation/Reference:

QUESTION 211 Refer to the exhibit. In this network, R1 is injecting 10.1.5.0/24 using a network statement as a network (type 2) LSA. What LSAs will R6 have in its local database for 10.1.5.0/24?

A. R6 will not have any LSAs containing 10.1.5.0/24. B. R6 will have the network (type 2) LSA generated by R1 in Area 1 containing 10.1.5.0/24. C. R6 will have a summary (type 3) LSA containing 10.1.5.0/24, generated by either R2 or R3, the Area Border Routers for area 1. D. R6 will have a summary (type 3) LSA containing 10.1.5.0/24, generated by R4 or R5, the Area Border Routers for Area 2, its local area. Answer: A Section: (none) Explanation/Reference:

QUESTION 212 Refer to the exhibit. In this network, each router has a router ID as shown next to the router. While working on a software upgrade on R1 and R2, the network administrator notices that when the upgrade is finished, R4 is the designated router on the link. Is OSPF working correctly on this link, and why or why not?

v A. Yes, OSPF will never allow an existing DR to be replaced when a new router is connected to a broadcast network. In this case, the administrator has recently reloaded R1 and R2, so it would be expected that either R3 or R4 would be the DR on the link. B. No, OSPF should always elect the router with the highest router ID as the designated router on the link. The administrator should call for technical support. C. Yes, OSPF is operating correctly, because the router with the lowest router ID should always be elected designated router on a broadcast link. D. There is not enough information provided in the question to answer accurately. Answer: A Section: (none) Explanation/Reference:

QUESTION 213 Which two of these are used in the selection of a root bridge in a network utilizing Spanning Tree Protocol IEEE 802.1D? (Choose two.) A. B. C. D. E. F. Designated Root Cost bridge ID priority max age bridge ID MAC address Designated Root Priority forward delay

Answer: BD Section: (none) Explanation/Reference:

QUESTION 214 What is the purpose of the STP PortFast BPDU guard feature? A. B. C. D. enforce the placement of the root bridge in the network ensure that a port is transitioned to a forwarding state quickly if a BPDU is received enforce the borders of an STP domain ensure that any BPDUs received are forwarded into the STP domain

Answer: C Section: (none) Explanation/Reference:

QUESTION 215 If a Cisco switch is configured with VTPv2 in transparent mode, what is done with received VTP advertisements?

A. They are discarded. B. The contents of each VTP advertisement are altered to match the switch's VTP database and then the advertisements are forward out alltrunking ports. C. The contents of each VTP advertisement are ignored and the advertisements are forwarded out alltrunking ports. D. The VTP database is altered according to the contents of each advertisement and then the advertisements are forward out alltrunking ports. Answer: C Section: (none) Explanation/Reference:

QUESTION 216 In Frame Relay, FECN messages indicating congestion are sent or received by which of these? A. B. C. D. received by the sender sent by the sender received by the destination sent by the destination

Answer: C Section: (none) Explanation/Reference:

QUESTION 217 Refer to the exhibit. In this network, BGP is configured to run as shown, with an autonomous system boundary between R1 and R2. OSPF is running between R2, R3, and R4, advertising all connected links. The user at H1 calls and states that H1 cannot reach a server attached to 191.168.1.0/24. What is the most likely cause of the problem?

A. When R4 receives traffic for 192.168.1.0/24, it forwards the packets to R3. However, R3 does not have a route to 192.168.1.0/24, so it is dropping the packets. B. The next hop to 192.168.1.0/24 is on the 192.168.2.0/24 network. R3 does not have a route to 192.168.2.0/24, so it will not install the route to 192.168.2.0/24.

C. The next hop to 10.1.2.0/24 is R3 (on the 10.1.1.0/24 network). R1 does not have a route to the 10.1.1.0/24 network, so it will not install 10.1.2.0/24. D. H1's default gateway is probablymisconfigured. Answer: A Section: (none) Explanation/Reference:

QUESTION 218 Refer to the exhibit. All the routers in this network are configured to advertise every link they are connected to using BGP. BGP is configured as shown, with basic configurations (normal BGP peering for each session). The user at H1 calls and states that H1 cannot reach a server attached to 191.168.1.0/24, although it can contact addresses on the 192.168.2.0/24 link. What is the most probable cause of the problem?

A. R3 will not install a route to 192.168.1.0/24 with a R1 as the next hop, because BGP speakers will not install a route where the next hop is learned through IBGP. B. H1's default gateway is probablymisconfigured. C. The next hop to 192.168.1.0/24 is on the 192.168.2.0/24 network. R3 does not have a route to 192.168.2.0/24, so it will not install the route to 192.168.2.0/24. D. The next hop to 192.168.1.0/24 is R2, but IBGP will not install a route with a directly-connected next hop. Answer: A Section: (none) Explanation/Reference:

QUESTION 219 Which of these is the best definition of Rapid Spanning Tree Protocol? A. RSTP is the 802.1w standard that provides faster spanning tree convergence over 802.1D- 1998 after a topology change, and also includes features equivalent to STP BPDU guard, root guard, and loop guard. B. RSTP is the 802.1w standard version of Cisco PVST+. C. RSTP is the 802.1w standard that provides faster spanning-tree convergence over 802.1D- 1998 after a topology change, and includes features equivalent to CiscoPortFast, UplinkFast, and BackboneFast. D. RSTP is the 802.1s and 802.1w standard that provides faster spanning-tree convergence over 802.1D-1998 after a topology change. Answer: C Section: (none) Explanation/Reference:

QUESTION 220 Which three statements correctly describe Cisco spanning-tree features? (Choose three.) A. B. C. D. E. F. RSTP edge ports operate identically to PVST+ host ports. STP BPDUs are relayed by all non-root bridges and RSTP BPDUs are generated by each bridge. RSTP and PVST+ both have root ports, designated ports, and backup ports. RPVST+ converges faster than RSTP during a topology change. RSTPcan only achieve rapid transition to Forwarding on edge ports and on point-to-point links. RPVST+ and RSTP are both based upon the IEEE 802.1w specification.

Answer: BEF Section: (none) Explanation/Reference:

QUESTION 221 Refer to the exhibit. Your network is primarily an OSPF network, but there are points of redistribution from other routing protocols into your network. No route filtering has been implemented. Taking into account the output from the show ip ospf database command in the exhibit, which of these statements is true?

v A. B. C. D. E. R101 is in Area 1, and Area 1 is a standard OSPF area R101 is in Area 1, and Area 1 is an OSPF stub area R101 is in Area 1, and Area 1 is an OSPF totally stubby area R101 is in Area 1, and Area 1 is an OSPF not-so-stubby area R101is an ABR for Area 0 and Area 1

Answer: B Section: (none) Explanation/Reference:

QUESTION 222 Refer to the exhibit. Your network is primarily an OSPF network, but there are points of redistribution from other routing protocols into your network. No route filtering has been implemented. Taking into account the output from the show ip ospf database command in the exhibit, which of these statements is true?

A. B. C. D. E.

R101 is in Area 1, and Area 1 is a standard OSPF area R101 is in Area 1, and Area 1 is an OSPF stub area R101 is in Area 1, and Area 1 is an OSPF totally stubby area R101 is in Area 1, and Area 1 is an OSPF not-so-stubby area R101is an ABR for Area 0 and Area 1

Answer: C Section: (none) Explanation/Reference:

QUESTION 223 Refer to the exhibit. Your network is primarily an OSPF network, but there are points of redistribution from other routing protocols into your network. No route filtering has been implemented. Taking into account the output from the show ip ospf database command in the exhibit, which two of these statements are true? (Choose two.)

v A. B. C. D. E. R106 is in Area 2, and Area 2 is a standard OSPF area R106 is in Area 2, and Area 2 is an OSPF totally stubby area R106 is in Area 2, and Area 2 is an OSPF not-so-stubby area R106 is an ABR for Area 0 and Area 2 R106is an ASBR

Answer: CE Section: (none) Explanation/Reference:

QUESTION 224 Your network is primarily an OSPF network, but there are points of redistribution from other routing protocols into your network. No route filtering has been implemented. Taking into account the output from the show ip ospf database command in the exhibit, which two of these statements are true? (Choose two.)

A. B. C. D. E.

R106 is in Area 2, and Area 2 is a standard OSPF area R106 is in Area 2, and Area 2 is an OSPF stub area R106 is in Area 2, and Area 2 is an OSPF not-so-stubby area R106 is an ABR for Area 0 and Area 2 R106is an ASBR

Answer: AE Section: (none) Explanation/Reference:

QUESTION 225 Which three statements about class-maps are correct? (Choose three.)

A. B. C. D. E. F.

The same class map can be referenced by different policy maps The default matching strategy is "match-any." Class map names are case-sensitive. A class map can be referenced from within another class map. Class maps only support named access lists. Each class map can contain only one match statement.

Answer: ACD Section: (none) Explanation/Reference:

QUESTION 226 Refer to the exhibit. In the diagram, the switches are running IEEE 802.1w RSPT. On which ports should root guard be enabled in order to facilitate deterministic root bridge election under normal and failure scenarios?

A. B. C. D. E. F.

GE-3/1, GE-3/2 FE-2/1, FE-3/2 GE-1/1, GE-1/2 GE-4/1, GE-4/2 GE-2/1, GE-2/2 GE-3/1, GE-3/2, GE-4/1, GE-4/2, FE-2/1, FE-3/2

Answer: F Section: (none) Explanation/Reference:

QUESTION 227 Refer to the exhibit. R11 receives a packet destined for a network in Area 1. What routing table entry will R11 have that will enable it to forward the packet?

A. B. C. D.

a summary address generated by R1 and propagated through the OSPF domain a default address generated by R1 and propagated through the OSPF domain a summary address generated by R3 and propagated to R11 a default address generated by R3 and propagated to R11

Answer: A Section: (none) Explanation/Reference:

QUESTION 228 Refer to the exhibit. R7 is redistributing routes that it learned from EIGRP into the OSPF process. R11 receives a packet destined for a network in the EIGRP domain. What routing table entry will R11 have that will enable it to forward the packet?

A. B. C. D. E. F.

the specific network entry redistributed by R7 and propagated through the OSPF domain a summary route generated by R7 and propagated through the OSPF domain a default route generated by R7 and propagated through the OSPF domain a summary route generated by R1 and propagated through the OSPF domain a summary route generated by R3 and propagated to R11 a default route generated by R3 and propagated to R11

Answer: F Section: (none) Explanation/Reference:

QUESTION 229 Refer to the exhibit. R7 (in Area 1) is redistributing routes that it learned from EIGRP into the OSPF process. R12 (in Area 4) receives a packet destined for a network in the EIGRP domain. What routing table entry will R12 have that will enable it to forward the packet?

A. B. C. D. E.

the specific network entry redistributed by R7 and propagated through the OSPF domain a summary route generated by R7 and propagated through the OSPF domain a default rout e generated by R7 and propagated through the OSPF domain a summary route generated by R4 and propagated to R12 a default route generated by R4 and propagated to R12

Answer: E Section: (none) Explanation/Reference:

QUESTION 230 Refer to the exhibit. Packets from hosts attached to R3 and destined to network 10.100.2.0 are being dropped. Which two of these are possible solutions to this problem? (Choose two.)

A. B. C. D. E.

Disable BGP synchronization on R2. Disable BGP synchronization on R3. Set the next-hop-self command on R2 for neighbor R3. Enable EBGPmultihop between R2 and R3. Redistribute the serial link network between R2 and R5 into R2's IGP.

Answer: CE Section: (none) Explanation/Reference:

QUESTION 231 What is the most significant feature added to IGMPv2 that was lacking in IGMPv1? A. Hosts can request to join multicast groups instead of waiting until queried by routers. B. Hosts can send leave messages to routers instead of just silently leaving multicast groups. C. Routers can send out queries on subnets to discover which multicast groups are active or inactive. D. Routers can inform switch when hosts joins multicast groups so the switches can track group members and forward only to members of each group. Answer: B Section: (none) Explanation/Reference:

QUESTION 232 Refer to the exhibit. Voice traffic is marked "precedence 5." How much bandwidth is allocated for voice traffic during periods of congestion?

A. B. C. D.

a minimum of 48 kb/s a maximum of 48 kb/s a minimum of 48% of the available bandwidth a maximum of 48% of the available bandwidth

Answer: B Section: (none) Explanation/Reference:

QUESTION 233 Refer to the exhibit. What is the overall type of queuing being used on the outgoing data for interface Ethernet0/1?

A. B. C. D. E. F.

LLQ FIFO CBWFQ priority queuing weighted fair queuing IP RTP priority queuing

Answer: A Section: (none) Explanation/Reference:

QUESTION 234 Which of these is true concerning the configuration of the bandwidth parameter within a class map in a policy map?

A. B. C. D. E.

a maximum bandwidth guarantee is provided for this class a minimum bandwidth guarantee is provided for the entire policy map a maximum bandwidth guarantee is provided for the entire policy map a minimum bandwidth guarantee is provided for this class no bandwidth guarantee is provided; this is only used for calculating routing protocol metrics

Answer: D Section: (none) Explanation/Reference:

QUESTION 235 The election of the IGMP querier router on a subnet is based upon which of these? A. B. C. D. the lowest IP address the highest IP address the Designated Router Priority field in the IGMP query packet the highest MAC address

Answer: A Section: (none) Explanation/Reference:

QUESTION 236 If a host leaving multicast group 239.1.1.1 sends an IGMP Leave message, how will the IGMP querier router respond? A. by immediately shutting off the flow of all 239.1.1.1 multicast traffic to the subnet B. by sending an IGMP group-specific query on the subnet with a destination IP address of 239.1.1.1, to see if any other host is still joined to the group C. by shutting off the flow of all 239.1.1.1 multicast traffic to the subnet, but only after waiting for a period of 10 seconds to see if another host sends an IGMP "Leave Override" message to override the other host's Leave message D. by sending an IGMP group-specific query on the subnet with a destination IP address of the "All-MulticastHosts" address of 224.0.0.1, to see if any other host is still joined to the group E. by sending an IGMP general query on the subnet with a destination IP address of the "All-Multicast-Hosts" address of 224.0.0.1 to see if any other host is still joined to the group Answer: B Section: (none) Explanation/Reference:

QUESTION 237 An IGMPv3 host that wishes to join multicast group 239.1.1.1 should send an unsolicited IGMPv3 membership

report with the destination IP address set to which of these? A. B. C. D. the link-local multicast group address of 224.0.0.13 the multicast group address of the group being joined the link-local multicast group address of 224.0.0.22 the address of the IGMPquerier router on the local subnet

Answer: C Section: (none) Explanation/Reference:

QUESTION 238 You are the network administrator of an enterprise with a main site and multiple remote sites. Your network carries both VOIP and data traffic. You agree with your service provider to classify VOIP and data traffic according to the different service RFCs. How can your data and VOIP traffic be marked? A. B. C. D. E. data marked with DSCP AF21, VOIP marked with DSCP EF data marked with DSCP AF51, VOIP marked with DSCP EF data marked with the DE-bit, VOIP marked with the CLP-bit data marked with DSCP EF, VOIP marked with DSCP AF31 data marked with IP precedence 5, VOIP marked with DSCP EF

Answer: A Section: (none) Explanation/Reference:

QUESTION 239 Refer to the exhibit. When applying this hierarchical policy map on the on the tunnel1 interface, you measure high jitter for traffic going through class 1234. What is the most likely cause of this jitter?

A. The configuration of a hierarchical policy map on a tunnel interface is not supported. B. Class 5555 and class 5554 are both taking up 100% of the bandwidth, leaving nothing for class 1234. C. The burst size for the traffic shaping is wrongly configured to 15000; this would require an interface capable of sending at 150Mb/s. D. The burst size for the traffic shaping has been wrongly configured; it should be set as low as possible. E. The burst size for the traffic shaping has been wrongly configured; it should be set as high as possible. Answer: D Section: (none) Explanation/Reference:

QUESTION 240 Refer to the exhibit. When applying this policy map on the tunnel1 interface, you see packet loss for the TCP class starting at around 100000 b/s, instead of the configured 150000 b/s. What is the most likely cause of the discrepancy?

A. The violate-action command should not be configured. B. The current configuration of the load-interval command on the tunnel interface is preventing proper policing calculations. C. The burst size is too low. D. Policing on tunnel interfaces is not supported. E. The CIR keyword is missing in thepolicer. Answer: C Section: (none) Explanation/Reference:

QUESTION 241 Refer to the exhibit. As a network administrator, you have configured a dual-rate, dual-bucket policer in accordance with RFC 2698 on the serial interface of you router, connecting to your provider. The SLA with your provider states that you should only send AF31 (limited to 150 kb/s), AF32 (limited to 50 kb/s) and AF33 (best effort). Your service provider claims you are not conforming to the SLA. Which two things are wrong with this configuration? (Choose two.)

A. B. C. D. E.

The configuration of a service policy on half-duplex Ethernet interfaces is not supported. The class class-default sub-command of the policy-map limit command should be set to the DSCP default. The violate action is wrong. Thispolicer configuration is not implementing RFC 2698 dual-bucket, dual-rate. Thepolicer is configured in the wrong class.

Answer: CE Section: (none) Explanation/Reference:

QUESTION 242 Refer to the exhibit. You have noticed that several users in the network are consuming a great deal of bandwidth for the peer-to-peer application Kazaa2. You would like to limit this traffic, and at the same time provide a guaranteed 100 kb/s bandwidth for one of your servers. After applying the configuration in the exhibit, you notice no change in the bandwidth utilization on the serial link; it is still heavily oversubscribing the interface. What is the cause of this problem?

A. B. C. D. E.

CEF needs to be enabled for NBAR. In class Kazaa2, you should configure apolicer instead of a drop command. The server class should have a priority of 100. The bandwidth parameter on serial 0/0 is wrong. Kazaa2is not a valid protocol.

Answer: A Section: (none) Explanation/Reference:

QUESTION 243 All of these are fundamental building blocks of a differentiated services Traffic Conditioner Block except which one? A. dropper B. C. D. E. F. classifier marker querier meter shaper

Answer: D Section: (none) Explanation/Reference:

QUESTION 244 You would like to provide guaranteed bandwidth for some applications across various tunnel interfaces.

These tunnels exit the router at the same physical interface. However, when you execute the show policy-map interface serial0/0 command, you do not see any matches for the FTP class. What is wrong?

A. B. C. D. E.

The policy map mark should be configured on the tunnel interface. Traffic should be policed first. Theqos pre-classify command should be configured on the tunnel. TheQoS tunnel should be specified in the policy map. The default class has not been defined.

Answer: C Section: (none) Explanation/Reference:

QUESTION 245 Refer to the exhibit. You would like to guarantee 7 Mb/s for FTP traffic in your LAN, as it seems that peer-topeer traffic is taking up a large amount of bandwidth. When testing the configuration, you notice that FTP traffic doesn't reach 7 Mb/s. What is the problem?

A. B. C. D. E.

The Ethernet interface should havekeepalives enabled. The duplex settings are wrong on the Ethernet interface. Theqos pre-classify command should be removed from the tunnel interfaces. the priority queue for the voice class is probably taking all the bandwidth there are probably not enough interface buffers; they should be tuned.

Answer: B Section: (none) Explanation/Reference:

QUESTION 246 You have two EBGP peers connected via two parallel serial lines. What should you do to be able to loadbalance between two EBGP speakers over the parallel serial lines in both directions? A. nothing, BGP automatically load-balances the traffic between different autonomous systems on all available links B. peer between theeBGP speaker's loopbacks, configuring eBGP multihop as required, and use an IGP to load-share between the two equal-cost paths between the loopback addresses C. configure a loopback as update source for both EBGP peers and have on each AS an IGP to introduce two equal-cost paths to reach the EBGP peer loopback address; it is also necessary to use the next-hop-self command D. use theebgp-load-balance command on the neighbor statement on both sides

E. configure a loopback as update source for both EBGP peers and have on each AS an IGP to introduce two equal-cost paths to reach the peer loopback address; it is also necessary to use theebgp-multihop and nexthop-self commands Answer: B Section: (none) Explanation/Reference:

QUESTION 247 Spanning Tree Protocol calculates path cost based on which of these? A. B. C. D. E. interface bandwidth interface delay interface bandwidth and delay hop count bridge priority

Answer: A Section: (none) Explanation/Reference:

QUESTION 248 Refer to the exhibit. What type of issue does this error log indicate if the IP address in the error log is located off of the Router A WAN?

Page 179 of 251 179

A. B. C. D.

HSRP standby configuration error HSRP burned-in address error HSRP secondary address configuration error this is not an HSRP problem, but rather an STP error or router or switch configuration issue

Answer: D Section: (none) Explanation/Reference:

QUESTION 249 What two features in Cisco switches help prevent Layer 2 loops? (Choose two.) A. B. C. D. E. F. UniDirectional Link Detection Hot Standby Router Protocol Virtual Router Redundancy Protocol PortFast root guard loop guard

Answer: AF Section: (none) Explanation/Reference:

QUESTION 250 IPv4 multicast addresses in which range are considered link-local multicast addresses? A. B. C. D. 239.0.0.0239.255.255.255 224.0.1.0224.0.1.255 224.0.0.0224.0.0.255 224.0.0.0239.255.255.255

Answer: C Section: (none) Explanation/Reference:

QUESTION 251 IP multicast addresses in which range are reserved by the IANA for Source Specific Multicast? A. 239.0.0.0239.255.255.255 B. 232.0.0.0232.0.0.255

C. 233.0.0.0233.255.255.255 D. 232.0.0.0232.255.255.255 Answer: D Section: (none) Explanation/Reference:

QUESTION 252 A multicast application is being deployed within the enterprise network. The scope of the application's multicast traffic is to remain entirely within the enterprise network. From which address range should the multicast address be assigned for this application? A. The enterprise should apply to IANA to have an address permanently assigned to this application. B. The network administrator should assign an address in the address range 232.0.0.0232.255.255.255 to the application. C. The network administrator can pick any IP multicast address for use by the application since the application scope is entirely within the enterprise network and will not conflict with global Internet multicast. D. The network administrator should assign an address from the administratively scoped address range (239.0.0.0239.255.255.255) to the application. Answer: D Section: (none) Explanation/Reference:

QUESTION 253 In PIM-SM what control plane signaling must a multicast source perform before it begins to send multicast traffic to a group? A. The source must send a PIM Register message to the rendezvous point (RP). B. The source must first join the multicast group using IGMP before sending. C. The source must perform a Request to Send (RTS) and Clear to Send (CTS) handshake with the PIM designated router (DR). D. No control plane signaling needs to be performed; the source can simply begin sending on the local subnet. Answer: D Section: (none) Explanation/Reference:

QUESTION 254 Which two of these statements correctly describe classic PIM-SM? (Choose two.) A. The IOS default is for a last-hop router to trigger a switch to the shortest path tree as soon as a new source is detected on the shared tree.

B. The IOS default is for every one of the routers on the shared tree to trigger a switch to the shortest path tree as soon as a new source is detected on the shared tree. Page 181 of 251 181 C. The default behavior of switching to the shortest path tree as soon as a new source is detected on the shared tree can be disabled by setting the value in theip pim spt-threshold command to "infinity." D. The default behavior of switching to the shortest path tree as soon as a new source is detected on the shared tree can be disabled by setting the value in theip pim spt-threshold command to "zero." Answer: AC Section: (none) Explanation/Reference:

QUESTION 255 Under which two circumstances would an RSTP bridge flush its CAM table? (Choose two.) A. B. C. D. E. F. upon a port state change upon receiving a topology change notification when transitioning from discarding to forwarding when transitioning from forwarding to discarding only when changing from listening to discarding whenCAM resources have been completely used up

Answer: BC Section: (none) Explanation/Reference:

QUESTION 256 Which of these correctly identifies a difference between the way BPDUs are handled by 802.1w and 802.1D? A. B. C. D. 802.1D bridges do not relay BPDUs. 802.1w bridges do not relay BPDUs. 802.1D bridges only relay BPDUs received from the root. 802.1w bridges only relay BPDUs received from the root.

Answer: C Section: (none) Explanation/Reference:

QUESTION 257 NBAR supports all of these with the exception of which one? A. HTTP

B. IP multicast Page 182 of 251 182 C. TCP flows with dynamically assigned port numbers D. non-UDP protocols Answer: B Section: (none) Explanation/Reference:

QUESTION 258 Modified deficit round robin supports which of these functionalities? A. B. C. D. priority queue weighted fair queues round-robin service of output queues LLQ

Answer: AC Section: (none) Explanation/Reference:

QUESTION 259 Modified deficit round robin supports how many queues, including the priority queue? A. B. C. D. 4 8 32 64

Answer: B Section: (none) Explanation/Reference:

QUESTION 260 QPPB allows which of these marking behaviors?

A. B. C. D.

the use of NBAR to associate an IP Precedence to a packet the assigning of a specific BGP attribute based on the IP precedence and DSCP of the inbound packet the assigning of only a specific BGP community based on the ingress packet DSCP marking QPPB provides no marking or classification behaviors.

Answer: B

Section: (none) Explanation/Reference:

QUESTION 261 WRED has which two of these characteristics? (Choose two.) A. B. C. D. non-IP traffic is given the lowest priority and is more likely to be dropped when the minimum threshold is crossed, WRED begins dropping all incoming packets (tail- drop) global synchronization is avoided by selectively dropping packets from multiple TCP flows low-bandwidth flows experience packet drop at a higher rate than higher bandwidth flows

Answer: AC Section: (none) Explanation/Reference:

QUESTION 262 Which IPv6 address would you ping to determine if OSPFv3 is able to send and receive unicast packets across a link? A. B. C. D. E. anycast address site-local multicast global address of the link unique local address link-local address

Answer: E Section: (none) Explanation/Reference:

QUESTION 263 You are seeing a Denial of Service (DoS) attack against an edge router connected to another network. Deploying which of these will do the most to protect the router? A. Netflow B. CoPP (Control Plane Policing) C. D. E. F. Cisco IOS IPS AutoSecure CBAC (Context-Based Access Control) AAA

Answer: B Section: (none) Explanation/Reference:

QUESTION 264 When configuring EIGRP routing over DMVPN (mGRE tunnel), which two actions need to be performed on the hub router? (Choose two.)

A. B. C. D. E.

add the enableeigrp stub command enable NHRP multicast and broadcast static map entry add the disableeigrp as-member split-horizon command add the disableeigrp as-member next-hop-self command set the NHRP hold time to match the EIGRP hold time

Answer: CD Section: (none) Explanation/Reference:

QUESTION 265 Which of these statements accurately identifies how Unicast Reverse Path Forwarding can be employed to prevent the use of malformed or forged IP sources addresses? A. B. C. D. E. It is applied only on the input interface of a router. It is applied only on the output interface of a router. It can be configured either on the input or output interface of a router. It cannot be configured on a router interface. It is configured under any routing protocol process.

Answer: A Section: (none) Explanation/Reference:

QUESTION 266 All of these port states are used by RSTP+ with the exception of which one? A. B. C. D. E. F. Listening Forwarding Discarding Blocking Learning Backup

Answer: C Section: (none) Explanation/Reference:

QUESTION 267 Based on the information in the exhibit, which statement is true?

A. B. C. D. E.

RTC will be able to access the 10.0.0.0 network. RTC will not have the 10.0.0.0 network in its routing table. RTC will not have the 192.168.10.0 network in its routing table. RTB will not have the 10.0.0.0 network in its routing table. RTBand RTC will not have the 10.0.0.0 network in their routing tables.

Answer: B Section: (none) Explanation/Reference:

QUESTION 268 What is IPv6 router solicitation? A. B. C. D. a request made by a node for the IP address of the local router a request made by a node for a DHCP provided IP address a request made by a node for the IP address of the DHCP server a request made by a node to join a specified multicast group

Answer: A Section: (none) Explanation/Reference:

QUESTION 269 What is the purpose of an explicit "deny any" statement at the end of an ACL? A. B. C. D. E. F. none, since it is implicit to enable Cisco lOS IPS to work properly; however, it is the deny all traffic entry that is actually required to enable Cisco lOS Firewall to work properly; however, it is the deny all traffic entry that is actually required to allow the log option to be used to log any matches to prevent sync flood attacks to prevent half-opened TCP connections

Answer: D Section: (none) Explanation/Reference:

QUESTION 270 Which of these is mandatory when configuring Cisco IOS Firewall? A. B. C. D. E. Cisco IOS IPS enabled on the untrusted interface NBAR enabled to perform protocol discovery and deep packet inspection a route map to define the trusted outgoing traffic a route map to define the application inspection rules an inbound extended ACL applied to the untrusted interface

Answer: E Section: (none) Explanation/Reference:

QUESTION 271 Which statement correctly describes the disabling of IP TTL propagation in an MPLS network? A. The TTL field from the IP packet is copied into the TTL field of the MPLS label header at the ingress edge LSR. B. TTL propagation cannot be disabled in an MPLS domain. C. TTL propagation is only disabled on the ingress edge LSR, D. The TTL field of the MPLS label header is set to 255. E. The TTL field of the IP packet is set to 0. Answer: D Section: (none) Explanation/Reference:

QUESTION 272

Two routers configured to run BGP have been connected to a firewall, one on the inside interface and one on the outside interface. BGP has been configured so the two routers should peer, including the correct BGP session endpoint addresses and the correct BGP session hop-count limit (EBGP multihop). What is a good first test to see if BGP will work across the firewall? A. Attempt to TELNET from the router connected to the inside of the firewall to the router connected to the outside of the firewall. If telnet works, BGP will work, since telnet and BGP both use TCP to transport data. B. Ping from the router connected to the inside interface of the firewall to the router connected to the outside interface of the firewall. If you can ping between them, BGP should work, since BGP uses IP to transport packets. C. There is no way to make BGP work across a firewall without special configuration, so there is no simple test that will show you if BGP will work or not, other than trying to start the peering session. D. There is no way to make BGP work across a firewall. Answer: A Section: (none) Explanation/Reference:

QUESTION 273 Spanning Tree Protocol IEEE 802.1 s defines the ability to deploy which of these? A. B. C. D. one global STP instance for all VLANs one STP instance for each VLAN one STP instance per set of VLANs one STP instance per set of bridges

Answer: C Section: (none) Explanation/Reference:

QUESTION 274 a root bridge in a network utilizing Spanning Tree Protocol IEEE 802.1 D? (Choose two. A. B. C. D. E. F. Designated Root Cost bridge ID priority max age bridge ID MAC address Designated Root Priority forward delay

Answer: BD Section: (none) Explanation/Reference:

QUESTION 275

If a port configured with STP loop guard stops receiving BPDUs, the port will be put into which state? A. B. C. D. learning state listening state forwarding state root-inconsistent state

Answer: D Section: (none) Explanation/Reference:

QUESTION 276 What is the purpose of the STP PortFast BPDU guard feature? A. B. C. D. enforce the placement of the root bridge in the network ensure that a port is transitioned to a forwarding state quickly if a BPDU is received enforce the borders of an STP domain ensure that any BPDUs received are forwarded into the STP domain

Answer: C Section: (none) Explanation/Reference:

QUESTION 277 When STP UplinkFast is enabled on a switch utilizing the default bridge priority, what will the new bridge priority be changed to? A. B. C. D. 8192 16384 49152 65535

Answer: C Section: (none) Explanation/Reference:

QUESTION 278 Which of these best describes the actions taken when a VTP message is received on a switch configured with the VTP mode "transparent"?

A. VTP updates are ignored and forwarded out all ports. B. VTP updates are ignored and forwarded out trunks only. C. VTP updates are made to the VLAN database and are forwarded out trunks only.

D. VTP updates are ignored and are not forwarded. Answer: B Section: (none) Explanation/Reference:

QUESTION 279 Refer to the exhibit. In this network, R1 has been configured to advertise a summary route, 192.168.0.0/22, to R2. R2 has been configured to advertise a summary route, 192.168.0.0/21, to R1. Both routers have been configured to remove the discard route (the route to null created when a summary route is configured) by setting the administrative distance of the discard route to 255. What will happen if R1 receives a packet destined to 192.168.3.1 ?

A. B. C. D.

The packet will loop between R1 and R2. It is not possible to set the administrative distance on a summary to 255. The packet will be forwarded to R2, where it will be routed to nullO. The packet will be dropped by R1, since there is no route to 192.168.3.1.

Answer: A Section: (none) Explanation/Reference:

QUESTION 280 Refer to the exhibit. In this network, R1 is configured not to perform autosummarization within EIGRP. What routes will R3 learn from R2 through EIGRP?

A. 172.30.1.0/24 and 10.1.2.0/24; EIGRP only performs autosummarization at the edqe between two major networks. B. 172.30.0.0/16 and 10.1.2.0/24; R2 will perform autosummarization, although R1 will not. C. Since R2 is configured without autosummarization, it will not propagate the 172.30.1.0/24 route. D. 172.30.0.0/8 and 10.0.0.0/8.

Answer: A Section: (none) Explanation/Reference:

QUESTION 281 The classic Spanning Tree Protocol (802.1 D 1998) uses which sequence of variables to determine the best received BPDU? A. 1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest port id, 4) lowest root path cost Page 190 of 251 190 B. 1) lowest root path cost, 2) lowest root bridge id, 3) lowest sender bridge id, 4) lowest sender port id C. 1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest root path cost 4) lowest sender port id D. 1) lowest root bridge id, 2) lowest root path cost, 3) lowest sender bridge id, 4) lowest sender port id Answer: D Section: (none) Explanation/Reference:

QUESTION 282 Which three port states are used by RSTP 802.1w? (Choose three.) A. B. C. D. E. F. Listening Learning Forwarding Blocking Discarding Disabled

Answer: BCE Section: (none) Explanation/Reference:

QUESTION 283 Refer to the exhibit. Catalyst R is the root bridge for both VLAN 1 and VLAN 2. What is the easiest way to loadshare traffic across both trunks and maintain redundancy in case a link fails, without using any type of EtherChannel link-bundling?

A. Increase the root bridge priority (increasing the numerical priority number) for VLAN 2 on Catalyst D so that port D2 becomes the root port on Catalyst D for VLAN 2. B. Decrease the port priority on R2 for VLAN 2 on Catalyst R so that port D1 will be blocked for VLAN 2 and port D2 will remain blocked for VLAN 1. C. Decrease the path cost on R2 on Catalyst R for VLAN 2 so that port D1 will be blocked for VLAN 2 and port D2 will remain blocked for VLAN 1. D. Increase the root bridge priority (decreasing the numerical priority number) for VLAN 2 on Catalyst R so that R2 becomes the root port on Catalyst D for VLAN 2.

Answer: B Section: (none) Explanation/Reference:

QUESTION 284 Refer to the exhibit. In the diagram, the switches are running IEEE 802.1s MST. Which ports are in the MST blocking state?

A. B. C. D. E.

GE-1/2andGE2/1 GE-1/1 and GE-2/2 GE-3/2 and GE 4/1 no ports are in the blocking state There is not enough information to determine which ports are in the blocking state.

Answer: D Section: (none)

Explanation/Reference:

QUESTION 285 Refer to the exhibit. In the diagram, the switches are running IEEE 802.1 w RSPT. On which ports should root guard be enabled in order to facilitate deterministic root bridge election under normal and failure scenarios?

A. B. C. D. E. F.

GE-3/1, GE-3/2 FE-2/1, FE-3/2 GE-1/1.GE-1/2 GE-4/1, GE-4/2 GE-2/1, GE-2/2 GE-3/1, GE-3/2, GE-4/1, GE-4/2, FE-2/1, FE-3/2

Answer: F Section: (none) Explanation/Reference:

QUESTION 286 Loop guard and UniDireclional Link Detection both protect against Layer 2 STP loops. In which two ways does loop guard differ from UDLD in loop detection and prevention? (Choose two.

A. Loop guard can be used with root guard simultaneously on the same port on the same VLAN while UDLD cannot.

B. UDLD protects against STP failures caused by cabling problems that create one-way links. C. Loop guard detects and protects against duplicate packets being received and transmitted on different ports. D. UDLD protects against unidirectional cabling problems on copper and fiber media. E. Loop guard protects against STP failures caused by problems that result in the loss of BPDUs from a designated switch port. Answer: BE Section: (none) Explanation/Reference:

QUESTION 287 Refer to the exhibit. Voice traffic is marked "precedence 5." How much bandwidth is allocated for voice traffic during periods of congestion?

A. a minimum of 48 kb/s B. a maximum of 48 kb/s

C. a minimum of 48% of the available bandwidth D. a maximum of 48% of the available bandwidth Answer: B Section: (none) Explanation/Reference:

QUESTION 288

Refer to the exhibit. Which of these is applied to the Bearer class?

A. wred B. traffic shaping C. packet marking D. packet classification E. FIFO queuing within the class Answer: E Section: (none)

Explanation/Reference:

QUESTION 289 Refer to the exhibit. What is the overall type of queuing being used on the outgoing data for interface EthernetO/1?

A. LLQ B. FIFO C. CBWFQ D. priority queuing E. weighted fair queuing Answer: A Section: (none) Explanation/Reference:

QUESTION 290 Which two of these are differences between traffic policing and traffic shaping? (Choose two.) A. B. C. D. E. with traffic shaping, a router stores excess traffic in packet buffers until bandwidth is available again with policing you can tune the buffer usage for traffic exceeding the specified CIR with shaping you can tune the buffer usage for traffic exceeding the specified CIR shaping should only be applied for ingress traffic, policing only for egress policing uses a token bucket algorithm, shaping uses an SPD algorithm

Answer: AC Section: (none) Explanation/Reference:

QUESTION 291 Which of these is a valid differentiated services PHB? A. B. C. D. E. Guaranteed PHB Class-Selector PHB Reserved Forwarding PHB Discard Eligible PHB Priority PHB

Answer: B Section: (none) Explanation/Reference:

QUESTION 292 An expanding company is deploying leased lines between its main site and two remote sites. The bandwidth of the leased lines is 128kb/s each, terminated on different serial interfaces on the main router. These links are used for combined VOIP and data traffic. The network administrator has implemented a VOIP solution to reduce costs, and has therefore reserved sufficient bandwidth in a low latency queue on each interface for the VOIP traffic. Users now complain about bad voice quality although no drops are observed in the low latency queue. What action will likely fix this problem? A. B. C. D. E. mark VOIP traffic with IP precedence 6 and configure only fair-queue' on the links configure the scheduler allocate 3000 1000 command to allow the OoS code to have enough CPU cycles enable class-based traffic shaping on the VOIP traffic class enable Layer 2 fragmentation and interleaving on the links enable Frame Relay on the links and send voice and data on different Frame Relay PVCs

Answer: D Section: (none) Explanation/Reference:

QUESTION 293 You are the network administrator of an enterprise with a main site and multiple remote sites. Your network carries both VOIP and data traffic. You agree with your service provider to classify VOIP and data traffic according to the different service RFCs. How can your data and VOIP traffic be marked? A. B. C. D. E. data marked with DSCP AF21, VOIP marked with DSCP EF data marked with DSCP AF51, VOIP marked with DSCP EF data marked with the DE-bit. VOIP marked with the CLP-bit data marked with DSCP EF, VOIP marked with DSCP AF31 data marked with IP precedence 5, VOIP marked with DSCP EF

Answer: A Section: (none) Explanation/Reference:

QUESTION 294 Refer to the exhibit. When applying this hierarchical policy map on the on the tunnell interface, you measure high jitter for traffic going through class 1234. What is the most likely cause of this jitter?

A. The configuration of a hierarchical policy map on a tunnel interface is not supported. B. Class 5555 and class 5554 are both taking up 100% of the bandwidth, leaving nothing for class 1234. C. The burst size for the traffic shaping is wrongly configured to 15000; this would require an interface capable of sending at 150Mb/s. D. The burst size for the traffic shaping has been wrongly configured; it should be set as low as possible.

E. The burst size for the traffic shaping has been wrongly configured; it should be set as high as possible. Answer: D Section: (none) Explanation/Reference:

QUESTION 295 Refer to the exhibit. When applying this policy map on the tunneM interface, you see packet loss for the TCP class starting at around 100000 b/s. instead of the configured 150000 b/s. What is the most likely cause of the discrepancy?

A. The violate-action command should not be configured. B. The current configuration of the load-interval command on the tunnel interface is preventing proper policing calculations. C. The burst size is too low. D. Policing on tunnel interfaces is not supported. E. The CIR keyword is missing in the policer. Answer: C Section: (none) Explanation/Reference:

QUESTION 296 Refer to the exhibit. As a network administrator, you have configured a dual-rate, dual-bucket policer in accordance with RFC 2698 on the serial interface of you router, connecting to your provider. The SLA with your provider states that you should only send AF31 (limited to 150 kb/s), AF32 (limited to 50 kb/s)and AF33 (best effort). Your service provider claims you are not conforming to the SLA. Which two things are wrong with this configuration? (Choose two.)

A. B. C. D.

The configuration of a service policy on half-duplex Ethernet interfaces is not supported. The class class-default sub-command of the policy-map limit command should be set to the DSCP default. The violate action is wrong. This policer configuration is not implementing RFC 2698 dual-bucket, dual-rate.

E. Thepolicer is configured in the wrong class. Answer: CE Section: (none) Explanation/Reference:

QUESTION 297 Refer to the exhibit. You have noticed that several users in the network are consuming a great deal of bandwidth for the peer-to-peer application Kazaa2. You would like to limit this traffic, and at the same time provide a guaranteed 100 kb/s bandwidth for one of your servers. After applying the configuration in the exhibit, you notice no change in the bandwidth utilization on the serial link; it is still heavily oversubscribing the interface. What is the cause of this problem?

A. B. C. D. E.

CEF needs to be enabled for NBAR. In class Kazaa2, you should configure a policer instead of a drop command. The server class should have a priority of 100. The bandwidth parameter on serial 0/0 is wrong. Kazaa2 is not a valid protocol.

Answer: A Section: (none) Explanation/Reference:

QUESTION 298 All of these are fundamental building blocks of a differentiated services Traffic Conditioner Block except which one? A. dropper B. classifier C. D. E. F. marker querier meter shaper

Answer: D Section: (none) Explanation/Reference:

QUESTION 299 Refer to the exhibit. You would like to guarantee 7 Mb/s for FTP traffic in your LAN, as it seems that peer-topeer traffic is taking up a large amount of bandwidth. When testing the configuration, you notice that FTP traffic doesnl reach 7 Mb/ s. What is the problem?

A. B. C. D. E.

The Ethernet interface should have keepalives enabled. The duplex settings are wrong on the Ethernet interface. The qos pre-classify command should be removed from the tunnel interfaces. the priority queue for the voice class is probably taking all the bandwidth there are probably not enough interface buffers; they should be tuned.

Answer: B Section: (none) Explanation/Reference:

QUESTION 300 Which types of prefixes will a router running BGP most likely advertise to an IBGP peer, assuming it is not configured as a route reflector? A. prefixes received from any other BGP peer and prefixes locally originated via network statements or redistributed B. all prefixes in its routing table C. prefixes received from EBGP peers and prefixes locally originated via network statements or redistributed D. prefixes received from EBGP peers and prefixes received from route reflectors E. prefixes received from other IBGP peers, prefixes received from EBGP peers, and prefixes redistributed to BGP

F. prefixes received from other IBGP peers and prefixes received from route reflectors Answer: C Section: (none) Explanation/Reference:

QUESTION 301 You have two EBGP peers connected via two parallel serial lines. What should you do to be able to loadbalance between two EBGP speakers over the parallel serial lines in both directions? A. nothing, BGP automatically load-balances the traffic between different autonomous systems on all available links B. peer between the eBGP speaker's loopbacks, configuring eBGP multihop as required, and use an IGP to load-share between the two equal-cost paths between the loopback addresses C. configure a loopback as update source for both EBGP peers and have on each AS an IGP to introduce two equal-cost paths to reach the EBGP peer loopback address; it is also necessary to use the next-hop-self command D. use the ebgp-load-balance command on the neighbor statement on both sides E. configure a loopback as update source for both EBGP peers and have on each AS an IGP to introduce two equal-cost paths to reach the peer loopback address; it is also necessary to use the ebgp-multihop and next-hop-self commands Answer: B Section: (none) Explanation/Reference:

QUESTION 302 Which three of these statements about penultimate hop popping are true? (Choose three.) A. B. C. D. E. F. It is used only for directly connected subnets or aggregate routes. It can only be used with LDP. It is only used when two or more labels are stacked. It enables the Edge LSR to request a label pop operation from its upstream neighbors. It is requested through TDP using a special label value that is also called the implicit-null value. It is requested through LDP using a special label value that is also called the implicit-null value.

Answer: ADF Section: (none) Explanation/Reference: Page 203 of 251 203

QUESTION 303 Which of these best identifies the types of prefixes a router running BGP will advertise to an EBGP peer?

A. prefixes received from any other BGP peer and prefixes locally originated via network statements or redistributed to BGP B. all prefixes in its IP routing table. C. only prefixes received from EBGP peers and prefixes locally originated via network statements or redistributed. D. only prefixes received from EBGP peers and prefixes received from route reflectors. E. all prefixes in its routing table except the prefixes received from other EBGP peers. F. all prefixes in its routing table except the prefixes received from other IBGP peers. Answer: A Section: (none) Explanation/Reference:

QUESTION 304 Which standard supports multiple instances of spanning tree? A. B. C. D. 802.1 D 802.1s 802.1w 802.1 z

Answer: B Section: (none) Explanation/Reference:

QUESTION 305 Spanning Tree Protocol calculates path cost based on which of these: A. B. C. D. E. interface bandwidth interface delay interface bandwidth and delay hop count bridge priority

Answer: A Section: (none) Explanation/Reference:

QUESTION 306 Refer to the exhibit. What type of issue does this error log indicate if the IP address in the error log is located off of the Router A WAN?

A. B. C. D.

HSRP standby configuration error HSRP burned-in address error HSRP secondary address configuration error this is not an HSRP problem, but rather an STP error or router or switch configuration issue

Answer: D Section: (none) Explanation/Reference:

QUESTION 307 What two features in Cisco switches help prevent Layer 2 loops? (Choose two.

A. B. C. D. E. F.

Unidirectional Link Detection Hot Standby Router Protocol Virtual Router Redundancy Protocol PortFast root guard loop guard

Answer: AF Section: (none) Explanation/Reference:

QUESTION 308 Refer to the exhibit. Which switching feature is being tested?

A. B. C. D.

loop guard PortFast root guard BDPU guard

Answer: A Section: (none) Explanation/Reference:

QUESTION 309 Refer to the exhibit. This exhibit shows the NAT configuration for Router A and the output for a ping issued from device 171.68.200.48 and destined to 172.16.47.142. Based on this information, what change must be made to Router A in order for the ping to work?

A. B. C. D. E.

reload the router clear the route cache add a static route configure IP as classless load a newer IOS image

Answer: D Section: (none) Explanation/Reference:

QUESTION 310 In PIM-SM what control plane signaling must a multicast source perform before it begins to send multicast traffic to a group?

A. The source must send a PIM Register message to the rendezvous point (RP). B. The source must first join the multicast group using IGMP before sending. C. The source must perform a Request to Send (RTS) and Clear to Send (CTS) handshake with the PIM designated router (DR).

D. No control plane signaling needs to be performed; the source can simply begin sending on the local subnet. Answer: D Section: (none) Explanation/Reference:

QUESTION 311 Which of these statements about PIM join messages in classic PIM-SM is correct? A. PIM join messages are sent every 60 seconds to refresh the upstream router's mroute state for the multicast tree. B. Routers send a PIM join acknowledgement in response to each PIM join message received from a downstream router. C. PIM join messages are only sent when the multicast distribution tree is first being established. D. PIM join messages are sent every three minutes to refresh the upstream router's mroute state for the multicast tree. Answer: A Section: (none) Explanation/Reference:

QUESTION 312 The ip pim autorp listener command is used to do which of these? A. enable a Cisco router to "passively" listen to Auto-RP packets without the router actively sending or forwarding any of the packets B. allow Auto-RP packets in groups 224.0.1.39 and 224.0.1.40 to be flooded in dense mode out interfaces configured with the ip pim sparse-mode command C. enable the use of Auto-RP on a router D. configure the router as an Auto-RP mapping agent Answer: B Section: (none) Explanation/Reference:

QUESTION 313 In order to configure two routers as anycast RPs, which of these requirements, af a minimum, must be satisfied?

A. B. C. D.

Multicast Source Discovery Protocol mesh-groups must be configured between the two anycast RPs. The RPs must be within the same IGP domain. Multicast Source Discovery Protocol must be configured between the two anycast RPs. The two anycast RPs must be IBGP peers.

Answer: C Section: (none) Explanation/Reference:

QUESTION 314 Which two of these statements correctly describe classic PIM-SM? (Choose two.) A. The lOS default is for a last-hop router to trigger a switch to the shortest path tree as soon as a new source is detected on the shared tree. B. The lOS default is for every one of the routers on the shared tree to trigger a switch to the shortest path tree as soon as a new source is detected on the shared tree. C. The default behavior of switching to the shortest path tree as soon as a new source is detected on the shared tree can be disabled by setting the value in the ip pirn spt-threshold command to "infinity. D. The default behavior of switching to the shortest path tree as soon as a new source is detected on the shared tree can be disabled by setting the value in the ip pirn spt-threshold command to "zero." Answer: AC Section: (none) Explanation/Reference:

QUESTION 315 In Layer 2 topologies, spanning-tree failures can cause loops in the network. These unblocked loops can cause network failures because of excessive traffic. Which two Catalyst 6500 features can be used to limit excessive traffic during spanning-tree loop conditions? (Choose two.) A. B. C. D. E. loop guard storm control storm suppression broadcast suppression BPDU guard

Answer: BD Section: (none) Explanation/Reference:

QUESTION 316 Why does RSTP have a better convergence time than 802.1 D? A. B. C. D. it is newer it has smaller timers it has less overhead it is not timer-based

Answer: D Section: (none) Explanation/Reference:

QUESTION 317 Under which two circumstances would an RSTP bridge flush its CAM table? (Choose two.) A. B. C. D. upon a port state change upon receiving a topology change notification when transitioning from discarding to forwarding when transitioning from forwarding to discarding E, only when changing from listening to discarding E. when CAM resources have been completely used up Answer: BC Section: (none) Explanation/Reference:

QUESTION 318 Which of these correctly identifies a difference between the way BPDUs are handled by 802.1w and 802.1 D? A. 802.1 D bridges do not relay B. 802.1w bridges do not relay BPDUs C. 802.1 D bridges only relay BPDUs receive d from the root m the roi D. 802.1w bridges only relay BPDUs received from the root. Answer: C Section: (none) Explanation/Reference:

QUESTION 319 NBAR supports all of these with the exception of which one? A. HTTP B. IP multicast C. TCP flows with dynamically assigned port numbers D. non-UDP protocols Answer: B Section: (none) Explanation/Reference:

QUESTION 320 Modified deficit round robin supports which of these functionalities? A. B. C. D. priority queue weighted fair queues round-robin service of output queues LLQ

Answer: AC Section: (none) Explanation/Reference:

QUESTION 321 A router is connected to an HDLC circuit via a T1 physical interface. The SLA for this link only allows for a sustained rate of 768 kb/s. Bursts are allowed for up to 30 seconds at up to line rate, with a window Tc of 125 ms. What should the Be and Be setting be when using generic traffic shaping? A. B. C. D. Be = 46320000 , Be = 96000 Be = ,768000 Be = 32000 Be = ,128000 Be = 7680 Be = ,0 Be = 96000

Answer: A Section: (none) Explanation/Reference:

QUESTION 322 Which of these tables is used by an LSR to perform a forwarding lookup for a packet destined to an address within an RFC 4364 VPN? A. B. C. D. CEF FIB LFIB IGP

Answer: C Section: (none) Explanation/Reference:

QUESTION 323 Which two of these parameters are used to determine a forwarding equivalence class? (Choose two.

A. B. C. D.

IP prefix Layer 2 circuit RSVP request from CE for bandwidth reservation BGP MED value

Answer: AB Section: (none) Explanation/Reference:

QUESTION 324 A network is composed of several VRFs. It is required that VRF users VRF_A and VRF_B be able to route to and from VRF_C, which hosts shared services. However, traffic must not be allowed to flow between VRF_A and VRF_B. How can this be accomplished? A. B. C. D. route redistribution import and export using route descriptors import and export using route targets Cisco MPLS Traffic Engineering

Answer: C Section: (none) Explanation/Reference:

QUESTION 325 Which of these statements best describes the major difference between an IPv4-compatible tunnel and a 6to4 tunnel? A. An IPv4-compatible tunnel is a static tunnel, but an 6to4 tunnel is a semiautomatic tunnel. B. The deployment of a IPv4-compatible tunnel requires a special code on the edge routers, but a 6to4 tunnel does not require any special code. C. An IPv4-compatible tunnel is typically used only between two IPv6 domains, but a 6to4 tunnel is used to connect to connect two or more IPv6 domains. D. For an IPv4-compatible tunnel, the ISP assigns only IPv4 addresses for each domain, but for a 6to4 tunnel, the ISP assigns only IPv6 addresses for each domain. Answer: C Section: (none) Explanation/Reference:

QUESTION 326 Which information is carried in an OSPFv3 intra-a re a-prefix LSA? A. IPv6 prefixes B. link-local addresses C. solicited node multicast addresses

D. IPv6 prefixes and topology information Answer: A Section: (none) Explanation/Reference:

QUESTION 327 Which IPv6 address would you ping to determine if OSPFv3 is able to send and receive unicast packets across a link? A. B. C. D. E. anycast address site-local multicast global address ofthe link unique local address link-local address

Answer: E Section: (none) Explanation/Reference:

QUESTION 328 You are using IPv6, and would like to configure EIGRPv3. Which three of these correctly describe how you can perform this configuration? (Choose three.) A. EIGRP for IPv6 is directly configured on the interfaces over which it runs. B. EIGRP for IPv6 is not configured on the interfaces over which it runs, but if a user uses passive- interface configuration, EIGRP for IPv6 needs to be configured on the interface that is made passive. C. There is a network statement configuration in EIGRP for IPv6, the same as for IPv4. D. There is no network statement configuration in EIGRP for IPv6. E. When a user uses a passive-interface configuration, EIGRP for IPv6 does not need to be configured on the interface that is made passive. F. When a user uses a non-passive-interface configuration, EIGRP for IPv6 does not need to be configured on the interface that is made passive Answer: ADE Section: (none) Explanation/Reference:

QUESTION 329 Which of these statements accurately identifies how Unicast Reverse Path Forwarding can be employed to prevent the use of malformed or forged IP sources addresses? A. It is applied only on the input interface of a router. ~ B. It is applied only on the output interface of a router.

C. It can be configured either on the input or output interface of a router. D. It cannot be configured on a router interface. E. It is configured under any routing protocol process. Answer: A Section: (none) Explanation/Reference:

QUESTION 330 UnicastReverse Path Forwarding can perform all of these actions except which one? A. examine all packets received to make sure that the source addresses and source interfaces appear in the routing table and match the interfaces where the packets were received B. check to see if any packet received at a router interface arrives on the best return path C. combine with a configured ACL D. log its events, if you specify the logging options for the ACL entries used by the unicast rpf command E. inspect IP packets encapsulated in tunnels, such as GRE Answer: E Section: (none) Explanation/Reference:

QUESTION 331 Which three of these statements about Dynamic Trunking Protocol are correct? (Choose three A. It supports autonegotiation for both ISL and IEEE 802.1 Q trunks. B. It must be disabled on an interface if you do not want the interface to work as a trunk or start negotiation to become a trunk. C. It is a point-to-multipoint protocol. D. It is a point-to-point protocol. E. It is not supported on private VLAN ports or tunneling ports Answer: ABD Section: (none) Explanation/Reference:

QUESTION 332 You are designing your network to be able to use trunks. As part of this process you are comparing the ISL and 802.1 Q encapsulation options. All of these statements about the two encapsulation options are correct except which one? A. Both support normal and extended VLAN ranges. B. ISL is a Cisco proprietary encapsulation method and 802.1 Q is an IEEE standard. C. ISL encapsulates the original frame

D. Both support native VLANs. E. 802.1 Q does not encapsulate the original frame. Answer: D Section: (none) Explanation/Reference:

QUESTION 333 What s the default stratum clock on a Cisco router, when you see the key word "master" configured on the NTP line? A. B. C. D. E. 1 2 4 6 8

Answer: E Section: (none) Explanation/Reference:

QUESTION 334 Though many options are supported in EIGRPvS, select two options from the below list that are supported. Choose 2 A. B. C. D. E. VRF auto-summary per-interface configuration prefix-list support via route-map prefix-list support via distribute-list

Answer: CE Section: (none) Explanation/Reference:

QUESTION 335 During the IPv6 address resolution, a node sends a neighbor solicitation message in order to discover which of these? A. B. C. D. The Layer 2 multicast address of the destination node The solicited node multicast address of the destination node The Layer 2 address of the destination node based on the destination IPv6 address The IPv6 address of the destination node based on the destination Layer 2 address

Answer: C Section: (none) Explanation/Reference:

QUESTION 336 Which one of these statements is true of OSPF type 5 LSAs? A. B. C. D. They are used to summarize area routes to other areas. They are used in not-so-stubby areas to propagate external routes. They are used to notify areas of the ASBR. They are flooded to all areas except stub areas (external route).

Answer: D Section: (none) Explanation/Reference:

QUESTION 337 Which OSPF LSAtype does an ASBR use to originate a default route into an area? A. B. C. D. E. LSA1 LSA3 LSA4 LSA5 LSA7

Answer: D Section: (none) Explanation/Reference:

QUESTION 338 Refer to the exhibit. Routers A and B are directly connected. Given the configuration, how many EIGRP routes will router B see in its routing table?

A. B. C. D. E.

0 1 2 3 4

Answer: A Section: (none) Explanation/Reference:

QUESTION 339 Refer to the exhibit. Routers A and B are directly connected and running EIGRP, but they are unable to form a neighbor relationship. What is the most likely cause?

A. B. C. D.

The network statements are misconfigured. The IP address statements are misconfigured The autonomous system is misconfigured. There is a physical issue with the cable.

Answer: B Section: (none) Explanation/Reference:

QUESTION 340 Refer to the exhibit. Routers A and B are directly connected and running OSPF, but they are unable to form a neighbor relationship. What is the most likely cause?

A. B. C. D. E. F.

The routers are not on the same network. The network statements do not match. The process number does not match. The MTU does not match. The OSPF cost does not match. There is a physical issue with the cable.

Answer: D Section: (none) Explanation/Reference:

QUESTION 341 FreeExamKing.com Refer to the exhibit. Users on the 199.155.24.0 network are unable to reach the 172.16.10.0 network. What is the most likely solution?

A. B. C. D. E.

Router ISP1 should be configured to peer with router B. Router ISP2 should be configured with no synchronization. Router ISP1 should be configured with no synchronization. Router ISP2 should be configured with no auto-summary. Router ISP1 or IPS2 should be configured with network 176.16.10.0 mask 255.255.255.0.

Answer: E Section: (none) Explanation/Reference:

QUESTION 342 Two BGP peers connected through a routed firewall are unable to establish a peering relationship. What could be the most likely cause? A. B. C. D. BGP peers must be Layer 2-adjacent. EBGP multihop is not configured. The firewall is not configured to allow IP protocol 89. The firewall is not configured to allow UDP 179.

Answer: B Section: (none) Explanation/Reference:

QUESTION 343 Which two of these steps are minimum requirements to configure OSPFv3 under IPv6? (Choose two. A. Configure a routing process using the command ipv6 router ospf [process-id].

B. C. D. E.

Add the network statement for the interfaces on which OSPF will run. Configure OSPF on the interface that it will run on. Use the passive-interface command on the interfaces on which OSPF should not run. Enable routing.

Answer: CE Section: (none) Explanation/Reference:

QUESTION 344 You add the following commands into a routed topology: router eigrp 1 variance 3 traffic-share min acrossinterfaces. Users now complain about voice quality in your VoIP system. What should be done? A. B. C. D. E. F. Add the command: router eigrp 1 traffic-share voice interface fast 0/0. Reconfigure EIGRP to recognize voice packets. Remove the variance from the configuration. Reconfigure the VoIP system to use RTP sequence number headers. Use an H.323 gatekeeper for your VoIP system to negotiate an H.245 uneven packet buffer. Reconfigure EIGRP to version 2.

Answer: C Section: (none) Explanation/Reference:

QUESTION 345 Refer to the exhibit. How would you get the 1.1.1.1 network into the OSPF database?

A. B. C. D. E.

Configure RTA as an ASBR. Redistribute connected routes on RTA into OSPF. Set up a virtual link between area 1 and area 0. Set up a virtual link between area 1 and area 2. Add a static route into RTB and enter it into OSPF.

F. Place a network 1.1.1.0 0.0.0.0 command into RTB. G. Set up a unique router ID on RTA using an RFC 1918 address H. Change area 0 on RTB to area 1 Answer: C Section: (none) Explanation/Reference:

QUESTION 346 Refer to the exhibit. Router E learned about the PIM RP (designated as 7.7.7.7) from four different sources. Routers A and D advertised the 7.0.0.0 network via EIGRP. Routers B and C advertised the 7.0.0.0 network via OSPF. Considering that all four Ethernet interfaces on router E could potentially lead back to the PIM-RP, when router E receives the first multicast packet down the shared tree, which incoming interface will be used to successfully pass the RPF check?

A. B. C. D. E.

E0 E1 E2 E3 None of these interfaces will be used to successfully pass the RPF check.

F. All of these interfaces would successfully pass the RPF check. Answer: A Section: (none) Explanation/Reference:

QUESTION 347

Refer to the exhibit. From the MAC addresses shown in the command output, to which two ports is the multicast stream 225.230.57.199 being forwarded on this switch? (Choose two.) Switch#show mac-addresstable multicast

A. B. C. D. E. F. G. H.

Fa6/28 Fa7/20 Gi3/7 Fa4/2 Fa4/14 Fa4/38 Fa6/28 Fa5/7

Answer: CE Section: (none) Explanation/Reference:

QUESTION 348 Refer to the exhibit. Two ISPs have decided to use MSDP and configured routers X and Y (both are PIM RPs) as MSDP peers. In the domain of ISP B, PC A has sent an IGMP membership report for the group 224.1.1.1 and PC B has sent an IGMP membership report for the group 224.5.5.5. Assuming that the MSDP peering relationship between routers X and Y is functional, and given the partial configuration output shown from router X, which two of these statements are true? Choose two.)

A. Router X will contain an entry for 224.1.1.1 in its SA cache and will also have an installed (S.G) entry for this in its mroute table. B. Router X will not contain an entry for 224.1.1.1 in its SA cache but will have an installed (*,G) entry for this in its mroutetable. C. Router X will not contain an entry for 224.5.5.5 in its SA cache but will have an installed (S,G) entry for this in its mroute table. D. Router X will not contain an entry for 224.5.5.5 in its SA cache but will have an installed (*,G) entry for this in its mroute table. E. Router X will have no entries for 224.5.5.5 in neither its SA cache nor in its mroute table. ^F. Router F. X will have no entries for 224.1.1.1 in neither its SA cache nor in its mroute table. Answer: AD Section: (none) Explanation/Reference:

QUESTION 349 You are about to migrate a customer network to use a VSS. Which of these statements is true about a VSS? A. B. C. D. E. F. The VSS switch must be the root bridge for all VLANs and is automatically designated. The VSS switch is defined in RFC 4318 as a managed object. The PAgP+ or LACP protocols are used to maintain the operational state of the VSS devices. A VSS interoperates with a virtual port channel. The 802.1 Q or ISL protocols are used to maintain the operational state of the VSS devices. A VSS increases the size of the spanning-tree domain.

Answer: C Section: (none) Explanation/Reference:

QUESTION 350 You have done a partial migration from 802.1 D STP to 802.1w STP. Which of the following is true? A. 802.1 D and 802.1w intemperate only when the 802.1 D STP domain supports rapid convergence. B. Ports leading to 802.1 D devices will run in compatibility mode, while the rest of the ports will run in 802.1w mode. C. This is an invalid configuration and a partial migration cannot be done. D. The bridge timers will be set to match the 802.1 D devices. E. A secondary root bridge will always be populated within the 802.1 D domain. F. If the root bridge is selected within the 802.1 D domain, the whole STP domain will run in 802.1 D compatibility mode. G. In partially migrated 802.1w networks, it is recommended to keep the STP diameter below 4. Answer: B Section: (none) Explanation/Reference:

QUESTION 351 The network administrator is trying to add Switch1 to the network, but the 802.1 Q trunk is not coming up. Switch1 was previously tested in the laboratory and its trunk configuration worked fine. What are three possible causes of this problem? (Choose three.) A. B. C. D. E. F. The trunking configuration mode on Switch1 is set to Off. The trunking configuration mode on the other end is set to On. The trunking configuration mode on the other end is set to Desirable. Cisco Discovery Protocol is not running on the other end. There is a VTP domain name mismatch. Switch1 does not support 802.1Q.

Answer: BCE Section: (none) Explanation/Reference:

QUESTION 352 The core of a network has four routers connected in a square design with Gigabit Ethernet links using /30 subnets. The network is used to carry voice traffic and other applications. Convergence time is taking more than expected. Which three actions would you take to improve OSPF convergence time? (Choose three.) A. Increase MTU of the interfaces to accommodate larger OSPF packets

B. C. D. E.

Change the network type to point-to-point on those links. Reduce SPF initial timer. Increase hello interval to avoid adjacency flapping. Enable OSPF.

Answer: BCE Section: (none) Explanation/Reference:

QUESTION 353 Refer to the exhibit. BGP-4 routing to the Internet, in normal behavior, may create asymmetrical routing for different prefixes. The BGP routing table indicates that traffic should follow the paths indicated in the exhibit, but packets are not going further than the border router in AS 4. What could be the cause of this problem?

A. B. C. D. E.

TCP Intercept is configured in AS 4. Unicast Reverse Path Forwarding is configured in loose mode in this router. Packets may be leaving AS 1 without the BGP routing flag set to 1. Unicast Reverse Path Forwarding is configured in strict mode in this router. There is a missing Unicast Reverse Path Forwarding configuration.

Answer: D Section: (none) Explanation/Reference:

QUESTION 354

You replaced your Layer 3 switch, which is the default gateway of the end users. Many users cannot access anything now, including email, Internet, and other applications, although other users do not have any issues. All of the applications are hosted in an outsourced data center. In order to fix the problem, which one of these actions should you take? A. B. C. D. Clear the MAC address table in the switch. Clear the ARP cache in the switch. Clear the ARP cache in the end devices. Clear the ARP cache in the application servers.

Answer: C Section: (none) Explanation/Reference:

QUESTION 355 An 802.1 Q trunk is not coming up between two switches. The ports on both switches are configured as "switchport mode desirable." Assuming that there is no physical issue, choose two possible causes. (Choose two.) A. B. C. D. Incorrect VTP domain Incorrect VTP password Incorrect VTP mode Incorrect VTP configuration revision

Answer: AB Section: (none) Explanation/Reference:

QUESTION 356 Refer to the exhibit. Look at the command output. What would be the most probable reason for this port-ID mismatch?

A. spanning-tree misconfiguration B. speed mismatch configuration C. cabling problem D. configuration problem Answer: C Section: (none) Explanation/Reference:

QUESTION 357 Refer to the exhibit. Look at the command output. Assume that there is no other path, and the configuration is correct. What would be the consequences of this situation?

v A. B. C. D. Users in SW1 can ping SW2 but not vice versa. Users in SW2 can ping SW1 but not vice versa. Users in SW1 and SW2 can ping each other. Users in SW1 and SW2 cannot ping each other.

Answer: D Section: (none) Explanation/Reference:

QUESTION 358 Refer to the exhibit. Look at the command output. What can you use to prevent this behavior?

A. B. C. D.

udld spanning-tree loopguard VTP mode transparent switchport mode desirable

Answer: A Section: (none) Explanation/Reference:

QUESTION 359 When using IP SLA FTP operation, which two FTP modes are supported? (Choose two. A. B. C. D. Only the FTP PUT operation type is supported. Active mode is supported. Passive FTP transfer modes" are supported. FTP URL specified for the FTP GET operation is not supported.

Answer: BC Section: (none) Explanation/Reference:

QUESTION 360 If a certificate authority trustpoint is not configured when enabling HTTPS and the remote HTTPS server requires client authentication, connections to the secure HTTP client will fail. Which command must be enabled for correct operation? A. B. C. D. ip http client secure-ciphersuite 3des-ede-cbc-sha ip https max-connections 10 ip http timeout-policy idle 30 life_120 requests 100 ip http client secure-trustpoint trustpoint-name

Answer: D Section: (none) Explanation/Reference:

QUESTION 361 Refer to the exhibit. The Layer 2 network uses VTP to manage its VLAN database. A network designer created all VLANs on the VTP server (switch 1) and it has been advertised through VTP to all other VTP clients (switches 2 through 4). Due to network growth, a network operator decided to add a new switch between switch 1 and switch 3. The network operator has been instructed to use a refurbished switch and use a VTP client. Which three of these factors should the network operator consider to minimize the impact of adding a new switch? (Choose three.)

A. Pay special attention to the VTP revision number, because the higher value takes the priority. B. Configure all VLANs manually on the new switch in order to avoid connectivity issues. C. A trunk should be established between the new switch and switches 1 and 3 as VTP only runs over trunk links. D. Set at least the VTP domain name and password to get the new switch synchronized. E. An ISL trunk should be established between the new switch and switches 1 and 3, because VTP only runs over ISL. F. Pay special attention to the VTP revision number, because the lower value takes the priority.

Answer: ACD Section: (none) Explanation/Reference:

QUESTION 362 A request arrived on your MPLS-vpn-bgp group. Due to a security breach, your customer is experiencing DoS attacks coming from specific subnets (200.0.10.0/24,200.0.12.0/24). You have checked all MPLS-EBGP routes being advertised to BHKfrom other VPN sites and found four subnets listed: 200.0.10.0/24,200.0.11.0/24,200.0.12.0/24,200.0.13.0/24. You immediately apply an outbound ACL filter using the appropriate MPLS-EBGP tool: access-list 1 deny 0.0.0.0 255.255.254.255 access-list 1 permit any What happens when you apply this ACL on the MPLS-EBGP connection to BHK? A. B. C. D. E. It blocks all routes. It blocks the routes 200.0.12.0/24,200.0.10.0/24 only. It blocks the routes 200.0.12.0/24,200.0.13.0/24 only. It blocks the routes 200.0.10.0/24,200.0.13.0/24 only. Nothing happens, no routes are blocked.

Answer: B Section: (none) Explanation/Reference:

QUESTION 363 Half of your network uses RIPv2 and the other half runs OSPF. The networks do not communicate with each other. Which two of these factors describe the impact of activating EIGRP over each separate part? (Choose two.) A. B. C. D. EIGRP will not be accepted when configured on the actual RIPv2 routers. OSPF will no longer be used in the routing table, because you only have EIGRP internal routes running. OSPF will no longer be used in the routing table, because you only have EIGRP external routes running. RIPv2 will populate its RIP database but not its routing table, because you only have EIGRP external routes running. E. RIPv2 will populate its RIP database but not its routing table, because you only have EIGRP internal routes running. F. OSPF database will have RIPv2 routes.

Answer: BE Section: (none) Explanation/Reference:

QUESTION 364 Your company is researching a new application that runs over IPv6, but part of it must still have IPv4 support. Your company uses a traditional IPv4 network. Your plan is not to run IPv6 over the whole network, but to segment parts of the network or even to operate simultaneously with IPv6 and IPv4. You must make a brief presentation about IPv6 technology to the board of technical directors. Which three of these items could be part

of your presentation? (Choose three.)

A. B. C. D. E.

Tunnel IPv6 over IPv4 to connect far-end IPv6 networks. Explain why configuring IPv4 and IPv6 at the same time over the same LAN interface is not possible. Explain why configuring IPv4 and IPv6 at the same time over the same LAN interface is possible. What is the meaning of EUI-64 and how does it work? Tunnel IPv4 over IPv6 to connect far-end IPv4 networks.

Answer: ACD Section: (none) Explanation/Reference:

QUESTION 365 Refer to exhibits 1 and 2. In exhibit 1, all users on the LAN segment use router A as the active HSRP router. Router B is the standby router for the HSRP. In exhibit 2, the network management team reported that there is no utilization on the WAN link B. To solve this problem, you decide to change the logical topology of your LAN, but you are not sure about what changes must be made. You must manage HSRP or change it to another protocol in order to provide the most scalable design, automatic redundancy, and load balancing. Which one of these actions would be the best choice?

A. Use MHSRP, with three users using router A as the default gateway and three users using router B as the default gateway. B. Keep HSRP and activate PBR to redirect half of the traffic to the other WAN link. C. Use the backup interface on the WAN link B to provide load balancing for all users. D. Use GLBP instead, because it provides you with up to three MAC addresses for the same default gateway virtual IP address.

E. Use GLBP instead, because it provides you with up to four MAC addresses for the same default gateway virtual IP address. Answer: E Section: (none) Explanation/Reference:

QUESTION 366 Refer to exhibits 1 and 2. A company uses a Metro Ethernet (Gigabit Ethernet) dedicated circuit to communicate between users (subnet B) and servers (subnet A) as shown in Exhibit 1. Both routers use OSPF to advertise the subnets. During a weekly management meeting, they realize that the WAN link is oversize. They have been using only 2 Mb/s in the worst-case scenario. So they propose a new, cheaper WAN connection using a 2-Mb/s Frame-Relay point-to-point link to interconnect both sites (Exhibit 2). The Frame Relay service provider informs them that multicast traffic is not allowed to run over the service provider network. Which one of these options is best to enable the company to establish the OSPF neighbor adjacency?

A. Use OSPF network broadcast, because it uses unicast to establish a neighbor relationship. B. Use OSPF network point-to-multipoint, because it uses unicast to establish a neighbor relationship.

C. Use OSPF network point-to-point, because it uses unicast to establish a neighbor relationship. D. Use OSPF network point-to-multipoint nonbroadcast, because it establishes a neighbor relationship using unicast packets. E. Use OSPF network nonbroadcast, because it establishes a neighbor relationship using multicast. Answer: D Section: (none) Explanation/Reference:

QUESTION 367 Refer to the exhibit. Users from the Engineering VLAN complain that every time Business VLAN users have a network connectivity issue, the Engineering VLAN users usually have problems experiencing slow response or network connectivity problems. After troubleshooting, an unauthorized switch 2 was found. This unauthorized switch has been a regular problem, assuming the root bridge function under the spanning-tree domain and causing the Engineering VLAN to be unstable. Which three of these actions could be suggested to fix the problem?

A. B. C. D. E.

Upgrade Spanning Tree Protocol to Rapid Spanning Tree Protocol. Change Business VLAN PCs to switch 1 and switch 4. Force the root bridge to be switch 2, instead. Adjust spanning-tree timers (max-age and forward-delay). Shut down all unused ports.

F. Use MSTP to separate the Engineering VLAN from the Business VLAN to optimize spanning- tree convergence time within each VLAN Answer: AEF Section: (none) Explanation/Reference:

QUESTION 368 When running IP SLA, which application type should be used if you want to know round-trip delay, jitter, and packet loss for the full path?

A. B. C. D. E.

ICMP path echo UDP echo ICMP path jitter Application Performance Monitor TCP connect

Answer: C Section: (none) Explanation/Reference:

QUESTION 369 Which option is true when calculating round-trip delay in IP SLA operations? A. B. C. D. The processing time on the end routers is only assessed for operations that involve the responder. The processing time on the end routers is only assessed for operations that involve the transmitter. The processing time on the end routers is only assessed for operations that involve both the respondi The processing time on the end routers is not assessed for neither the responder nor the transmitter.

Answer: A Section: (none) Explanation/Reference:

QUESTION 370 Refer to the exhibit. You are asked to enable redirection for a network optimization engine that will be connected directly to your company CPE. What is the correct configuration to enable redirection for traffic optimization?

A. (config)#interface s0/0 (config-if)#ip wccp 61 out (config)#interface e0/0 (config-if)#ip wccp 62 out B. (config)#intetface s0/0 (config-if)#ip wccp 62 in (config)#interface e0/0 (config-if)#ip wccp 61 in C. (config)#interface s0/0 (config-if)#ip wccp 61 in (config-if)#ip wccp 62 out D. (config)#interface e0/0 (config-if)#ip wccp 61 in (config-if)#ip wccp 62 out Answer: D Section: (none) Explanation/Reference:

QUESTION 371 The EtherChannel between your LAN switch and the Internet router is not load-balancing efficiently. On the switch, there are several workstations with valid IP ranges. Which load-balance algorithms can you use in the switch in order to optimize this load balancing? (Choose four.)

A. B. C. D. E.

source IP address destination IP address per-packet load balance destination MAC address source MAC address

Answer: ABDE Section: (none) Explanation/Reference:

QUESTION 372 Before inserting a new switch in the network, the network administrator checks that the VTP domain name is correct, the VTP mode is set to server, and revision is lower than the switches in the network. The administrator then configures interfaces and trunks, erases existing VLANs, and connects the switch to the network. Following that procedure, there is no connectivity in the network. What is a possible cause of this problem? A. Because the configuration revision of the new switches is lower than the rest of the network, it can change the VLAN database of the other switches. B. As a VTP server, the new switch deleted all VLANs of the network. C. Erasing VLANs increases the VTP configuration revision. D. Since the configuration revision of the network is higher than the new switch, the VLAN database was automatically synchronized. Answer: C Section: (none) Explanation/Reference:

QUESTION 373 The network administrator wants to enable an EtherChannel between two switches in "on" mode. The administrator connects the cables and enables the interfaces, but while configuring the EtherChannel in the first switch, a spanning-tree loop was detected. Which two of these procedures can avoid this problem? (Choose two.) A. B. C. D. E. F. Configure the EtherChannel as "desirable" first. Assign all interfaces to the same VLAN. Disable PortFast on the interfaces in the EtherChannels. Disable all interfaces first. Fast Ethernet and Gigabit Ethernet ports cannot be assigned to the same EtherChannel. Fix cabling problems.

Answer: AD Section: (none) Explanation/Reference:

QUESTION 374

Customer X has a hub-and-spoke Frame Relay network, with a central office and two branch offices (RemoteA and RemoteB). Each location has only one physical link to the Frame Relay cloud and RemoteB has a router that is not a Cisco router. Since the installation, there is no connectivity between RemoteB and the central office. What is a possible solution to this issue? A. Because Frame Relay IETF encapsulation is only configurable at interface level, you must use IETF encapsulation on all routers. B. This is not a possible scenario. A dedicated Frame Relay link to RemoteB is mandatory at the central office. C. The router at RemoteB must be replaced by a Cisco router. D. Use Frame Relay IETF encapsulation on a per-VC basis on the central office router.. E. There is a problem in the Frame Relay cloud, because Cisco routers are compatible with IETF Frame Relay. Answer: D Section: (none) Explanation/Reference:

QUESTION 375 You are deploying two core switches, one in each building, 50 km away from each other. The cross-connection between them will be a Layer 2 2-gigabit EtherChannel with an 802.1 Q trunk. You configured it correctly but the link does not come up. The port is in the "admin up" state, and the line protocol is in the "down" state. The fiber link is OK. What would be the most likely reason for the link not to come up?

A. B. C. D.

The switches are not the same model. You are not using the correct SFP. You are not using correct optical media converters. Configuration should be modified, because the distance is longer.

Answer: B Section: (none) Explanation/Reference:

QUESTION 376 You are configuring an 802.1 Q trunk between a Layer 2 switch and a firewall. You read in the documentation that the best way to set up a trunk is to set the port as dynamic desirable. The trunk is not coming up. Which one of these options would be a valid explanation? A. B. C. D. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode ON. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode to OFF. The firewall does not support Cisco Discovery Protocol. You should set the switchport trunk mode as auto. The firewall does not support DTP. You should set the switchport trunk mode to ON.

Answer: D Section: (none) Explanation/Reference:

QUESTION 377 Refer to the exhibit. You are setting up a 2-gigabit EtherChannel. Following IEEE standards, the exhibit shows your configuration in a local switchl. However, EtherChannel is not coming up. Which one of these statements could be a possible reason?

A. B. C. D.

EtherChannel is only available in Cisco equipment. The customer side is supposed to be running PAgP, which is a Cisco standard. PAgP is not an IEEE standard. VRRP should be used. The configuration on switchl needs to be modified to use LACP.

Answer: D Section: (none) Explanation/Reference: Page 239 of 251 239

QUESTION 378 Refer to the exhibit. R2 and R3 are routers connected using Ethernet services from a service provider and can receive pings from each other. OSPF is configured as the routing protocol but adjacency is not happening. According to the output of the show commands in the exhibit, what could be the most likely cause of the problem?

A. B. C. D. E.

Ethernet interfaces were configured as point-to-point. Process IDs are not matching. Configured bandwidths do not match on both interfaces. Broadcasts and multicast are not being propagated over the Ethernet services. OSPF cost does not match on both interfaces.

Answer: D Section: (none) Explanation/Reference:

QUESTION 379 Which mechanism can you use to achieve sub-second failover for link failure detection when a switched Ethernet media is used and loss of signal is not supported by the link provider? A. B. C. D. E. OSPF standard hellos Cisco Discovery Protocol link detection Bidirectional Forwarding Detection Fast Link Pulse autonegotiation

Answer: C

Section: (none) Explanation/Reference:

QUESTION 380 While troubleshooting a network, you need to verify the liveness of hosts in the subnet 192.168.1.64/26. All of the hosts are able to reply to ping requests. How wou you confirm the existing nodes using one single command? A. B. C. D. E. ping 192.168.1.255 ping with sweep option ping 192.168.1.127 ping 192.168.1.64 Ping with broadcast option

Answer: C Section: (none) Explanation/Reference:

QUESTION 381 Refer to the exhibit. There are two sites connected across WAN links. All intersite and intrasite links always have the same routing metric. The network administrator sees only the top routers and links being used by hosts at both LAN A and LAN B. What would be two suggestions to load- balance the traffic across both WAN links? Choose two.

A. B. C. D. E.

Make HSRP track interfaces between the edge and core routers. Replace HSRP with GLBP. Add crossed intrasite links: R1-R4, R2-R3, R5-R8, and R6-R7. Make R3 and R8 have lower HSRP priority than R1 and R7. Replace HSRP with VRRP.

Answer: BC Section: (none) Explanation/Reference: Page 241 of 251 241

QUESTION 382 Refer to the exhibit. According to the output of the command show tag-switching forwarding-table, which four of these statements are true? (Choose four.

A. Packets to the IP address 10.10.10.5/32 will be tagged with "17" toward the next hop. B. Label "19" will be advertised to MPLS neighbors so that they can use this label to reach the IP address 10.10.10.6/32. C. IP address 10.10.10.4/32 is directly connected to the neighbor router on serial 3/0. D. Packets arriving with label "17" will be forwarded without any label toward serial 4/0. E. Packets arriving with label "20" will be forwarded with label "21" after label-swapping. F. Label "20" is advertised to MPLS neighbors so that they can use this information to reach the prefix 10.10.10.8/32. Answer: CDEF Section: (none) Explanation/Reference:

QUESTION 383 When troubleshooting a network, the output of the command show interfaces indicates a large number of runts. What is a runt? A. the number of packets that are discarded because they exceed the maximum packet size of the medium B. errors created when the CRC generated by the originating LAN station or far-end device does not match the checksum calculated from the data received. C. the number of packets that are discarded because they are smaller than the minimum packet size of the medium

D. the number of received packets that were iqnored bv the interface because the interface hardware ran low on internal buffers E. the number of times that the interface requested another interface within the router to slow down Answer: C Section: (none) Explanation/Reference:

QUESTION 384 Which two of these elements need to be configured prior to enabling SSH? (Choose two.) A. B. C. D. E. hostname loopback address default gateway domain name SSH peer address

Answer: AD Section: (none) Explanation/Reference:

QUESTION 385 Refer to the exhibit. Based on this configuration, what type of marker is achieved?

A. Single-rate, two-color marker V B. Three-rate, two-color marker C. Two-rate, three-color marker D. Single-rate, three-color marker Answer: C Section: (none) Explanation/Reference:

QUESTION 386 Refer to the exhibit. A network engineer received a sudden request to prioritize voice over his Cisco network and he has decided to leverage the AutoQoS feature. Based on the output shown, which two tasks need to be performed prior to issuing the autoqos voip command in this router?

(Choose two.)

A. Enable Cisco Express Forwarding. B. C. D. E. Enable fast switching. Delete all policy maps. Remove service-policy commands from interface serial1/0. Delete all the currently configured class maps.

Answer: AD Section: (none) Explanation/Reference:

QUESTION 387 What is an important consideration that should be taken into account when configuring shap

A. It enables policing.

B. Strict priority is not supported. C. WRED must be previously enabled. D. It enables WRR. Answer: B Section: (none) Explanation/Reference:

QUESTION 388 Refer to the exhibit. Based on the configuration shown, which queuing mechanism has been configured on interface serial./0?

A. B. C. D.

PQ CQ WFQ LLQ

E. CBWFQ

Answer: E Section: (none) Explanation/Reference:

QUESTION 389 Which of the following is the encryption algorithm used for priv option when using SNMPv3? A. B. C. D. E. HMAC-SHA HMAC-MD5 CBC-DES AES 3DES

Answer: C Section: (none) Explanation/Reference:

QUESTION 390 Which RMON group stores statistics for conversations between sets of two addresses? A. B. C. D. E. F. hostTopN matrix statistics history packet capture host

Answer: B Section: (none) Explanation/Reference:

QUESTION 391 Which of the following describes the appropriate port assignment and message exchange in a standard TFTP transaction? A. Server: 10.0.0.1:69 RRQ/WRQ Sent Client: 10.0.0.2:1888 RRQ/WRQ Received B. Server: 10.0.0.1:1888 RRQ/WRQ Received Client: 10.0.0.2:69 RRQ/WRQ Received C. Server: 10.0.0.1:69 RRQ/WRQ Received Client: 10.0.0.2:69 RRQ/WRQ Sent D. Server: 10.0.0.1:69 RRQ/WRQ Received Client: 10.0.0.2:1888 RRQ/WRQ Sent E. Server: 10.0.0.1:1888 RRQ/WRQ Sent Client: 10.0.0.2:69 RRQ/WRQ Sent

F. Server: 10.0.0.1:1888 RRQ/WRQ Received Client: 10.0.0.2:69 RRQ/WRQ Sent Answer: D Section: (none) Explanation/Reference:

QUESTION 392 You are responsible for network monitoring and need to monitor traffic over a routed network from a remote source to an IDS or IPS located in the headquarters site. What would you use in order to accomplish this? A. B. C. D. VACLs and VSPAN RSPAN ERSPAN NetFlow

Answer: C Section: (none) Explanation/Reference:

QUESTION 393 What is the default maximum reservable bandwidth (percentage) by any single flow on an interface after enabling RSVP? A. B. C. D. E. 75 percent 60 percent 56 percent 50 percent 25 percent

Answer: A Section: (none) Explanation/Reference:

QUESTION 394 Which two protocols can have their headers compressed through MQC? (Choose two.

A. B. C. D. E.

RTP RTSP HTTP TCP UDP

Answer: AD

Section: (none) Explanation/Reference:

QUESTION 395 You have a router running BGP for the MPLS network and OSPF for the local LAN network at the sales office. A route is being learned from the MPLS network that also exists on the OSPF local network. It is important that the router chooses the local LAN route being learned from the downstream switch running OSPF rather than the upstream BGP neighbor. Also, if the local OSPF route goes away, the BGP route needs to be used. What should be configured to make sure that the router will choose the LAN network as the preferred path? A. B. C. D. static route needs to be added floating static route needs to be added bgp backdoor command ospf backdoor command

Answer: C Section: (none) Explanation/Reference:

QUESTION 396 In BGP routine, what does the rule of synchronization mean? A. A BGP router can only advertise an EBGP learned route, provided that the route is an IGP route in the routing table. B. A BGP router can only advertise an IBGP learned route, provided that the route is an IGP route in the routing table. C. A BGP router can only advertise an IBGP learned route, provided that the route is an IGP route that is not in the routing table. D. A BGP router can only advertise an EBGP learned route, provided that the route is a metric of 0 in the BGP table. Answer: B Section: (none) Explanation/Reference:

QUESTION 397 Router 1 is configured for BGP as dual-homed on the Cisco network. Which three BGP attributes are carried in every BGP update on this router (both IBGP and EBGP)? (Choose three.)

A. B. C. D. E.

origin router-ID AS-path local-preference next-hop

Answer: ACE Section: (none) Explanation/Reference:

QUESTION 398 In your Cisco EIGRP network, you notice that the neighbor relationship between two of your routers was recently restarted. Which two of these choices could have made this occur? (Choose two.) A. An update packet with init flag set from a known, already established neighbor relationship was received by one of the routers. B. The ARP cache was cleared. C. The counters were cleared. D. The IP EIGRP neighbor relationship was cleared manually. Answer: AD Section: (none) Explanation/Reference:

QUESTION 399 Your Cisco network currently runs OSPF and you have a need to policy-route some specific traffic, regardless of what the routing table shows. Which one of these options would enable you to policy-route the traffic? A. B. C. D. source IP address and the protocol (such as SSL, HTTPS, SSH) the packet Time to Live and the source IP address type of service header and DSCP value destination IP address

Answer: A Section: (none) Explanation/Reference:

QUESTION 400 You use OSPF as your network routing protocol. You use the command show ip route and you see several routes described as 0, 0 IA, 0 E1, and 0 E2. What routes are in your area? A. OIA B. OE1

C. OE2 D. 0 Answer: D Section: (none) Explanation/Reference:

QUESTION 401 What are the mandatory, well-known BGP attributes? A. B. C. D. origin, AS-path, next-hop AS-path, origin, MED AS-path, origin, weight AS-path, weight, MED

Answer: A Section: (none) Explanation/Reference:

QUESTION 402 Network A has a spanning-tree problem in which the traffic is selecting a longer path. How is the path cost calculated? A. B. C. D. E. number of hops priority of the bridge interface bandwidth interface delay None of the above

Answer: C Section: (none) Explanation/Reference:

QUESTION 403 You deployed new fibers in your network to replace copper spans that were too long. While reconnecting the network, you experienced network problems because you reconnected wrong fibers to wrong ports. What could you do to prevent this type of problem in the future, particularly when connecting and reconnecting fiber pairs? A. Only use fiber in pairs. B. Configure root guard on your switches. C. Do not use fiber but use copper. D. Configure UDLD to prevent one-way link conditions. Answer: D

Section: (none) Explanation/Reference:

QUESTION 404 While deploying a new switch, you accidentally connect ports 3/12 and 3/18 together, creating a loop. STP detected it and placed port 3/18 in blocking mode. Why did STP not place port 3/12 in blocking mode instead? A. B. C. D. Port 3/12 was already up and forwarding before the loop was created. Port priority is based on lowest priority and lowest port number. You connected the wire on port 3/18 last. None of the above, it is purely random.

Answer: B Section: (none) Explanation/Reference: