CCNP Route Flashcards
(346 cards)
1
Q
What is the task you must perform when configuring SSH? (Choose two)
A
Configure hostname
Generate RSA key
2
Q
Which two pieces of information can you determine from the output of the show ntp status command?
A
The IP address of the peer to which the clock is synchronized
Where the clock is synchronized
3
Q
You are implementing WAN access for an enterprise network while running applications that require a fully meshed network, which two design standards are appropriate for such an environment? (Choose two)
A
A centralized DMVPN solution to simplify connectivity for the enterprise
A dedicated WAN distribution layer to consolidate connectivity to remote sites
4
Q
Which task do you need to perform first when you configure IP SLA to troubleshoot a network connectivity issue?
A
Enable the ICMP echo operation
5
Q
Which technology can combine multiple physical switches into one logical switch?
A
VSS
6
Q
Which two features are compatible with port security? (Choose two)
A
Voice VLAN
SPAN source port
7
Q
Which fallback method can you configure to allow all AAA authorization requests to be granted if the other methods do not respond or return an error?
A
A. Radius B. Enable C. TACACS+ D. NONE
Answer: D
8
Q
By default what is the maximum number of equal metric path BGP uses for load balancing?
A
8
9
Q
The track objects in IP SLA and make sure that it is only up if all track objects are up, which method achieves that goal?
A
AND
10
Q
With PCA and PCB and there are three routers between them and a different MTU value and they want a PCA to run an application with PCB and DF is set so we have to choose?
A
MSS
11
Q
Drag and Drop
- TLL
- ICMP Redirect
- ICMP unreachable
A
- when reaches ‗0‘ drops packets
- indicate to host that another route is available for a specific destination
- when destination is unreachable when IP is unable to give a packet to destination host due to some problem or issue
12
Q
How to implement local authentication using a list for case insensitive usernames?
A
aaa authentication login default local
13
Q
Define: \+ IP NHRP redirect – ? \+ IP NHRP static – ? \+ IP NHRP (map) – ? \+ IP NHRP (shortcut) – ?
A
?
14
Q
Which is the minimum privilege level to allow a user to execute all user-level commands but prohibits enable-level commands by default?
A
level 1
15
Q
What command can you enter to configure an enable password that uses an encrypted password from another configuration?
A
enable secret 5 $abc%!e.Cd34$!ao0
16
Q
Which is minimum level for which user can see full commands but can‘t change anything?
A
1
17
Q
Which password takes precedence if you configure multiple passwords for Telnet connections to a Cisco IOS device?
A
enable secret password
18
Q
Which condition must be met before you can configure SSH on a device running Cisco IOS?
A
The IOS must be a crypto in
19
Q
Which two statements about the enable secret and enable password commands are true? (Choose two)
A
- If both commands are missing from the global configuration, vty lines use the console password
- The enable secret command overrides enable password
20
Q
What does the following access list, which is applied on the external interface FastEthernet 1/0 of the perimeter router, accomplish?
router(config)#access-list 101 deny ip 10.0.0.0 0.255.255.255 any log
router (config)#access-list 101 deny ip 192.168.0.0 0.0.255.255 any log
router (config)#access-list 101 deny ip 172.16.0.0 0.15.255.255 any log
router (config)#access-list 101 permit ip any any
router (config)#interface FastEthernet 1/0
router (config-if)#ip access-group 101 in
A
It filters incoming traffic from private addresses in order to prevent spoofing and logs any intrusion attempts.
21
Q
Which two statements about IP access-lists are true? (Choose two)
A
- They support wildcard masks to limit the address bits to which entries are applies.
- Entries are applied to traffic in the order in which they appear.
22
Q
Which two different configuration can you apply to a device to block incoming SSH access? (Choose two)
A
1 ipv6 access-list VTY-ACCESS-IN sequence 10 deny tcp any any eq 22 sequence 20 permit ipv6 any any line vty 0 15 ipv6 access-class VTY-ACCESS-IN in 2 ipv6 access-list VTY-ACCESS-IN sequence 10 deny tcp any any eq 22 sequence 20 permit ipv6 any any interface Ethernet0/0 ipv6 traffic-filter VTY-ACCESS-IN in
23
Q
Which access list entry checks for an ACK within a packet TCP header?
A
access-list 149 permit tcp any any eq 21 established
24
Q
Which PPP authentication method sends authentication information in cleartext?
A
PAP
25
Which two features were added in MSCHAP Version 2? (Choose two)
- Ability to change an expired password
| - Mutual authentication between peers
26
Which value does a Cisco router use as its default username for CHAP authentication?
Its own hostname
27
Which command instruct a PPPoE client to obtain its IP address from the PPPoE server? (OR What command is needed to get the ip address assigned from the PPPOE server?)
ip address negotiated
28
What configurations does PPPoE allow? (Choose two)
-8 clients can be configured on 1 CPE -Clients can connect to multiple hosts over DMVPN
29
Which feature can automatically assign IP addresses in a PPPoE environment?
PPP
30
Which two commands must you configure in the calling router to support the PPPoE client? (Choose two)
- mtu
| - pppoe-client dial-pool-number
31
Which Cisco Express Forwarding table or tables hold forwarding information?
FIB and adjacency tables only
32
Which feature eliminates the need for Cisco Express Forwarding to maintain a route cache?
FIB
33
Which Cisco Express Forwarding component maintains Layer 2 next-hop addresses that are used for hardware switching?
adjacency table
34
Refer to exhibit. What is indicated by the show ip cef command for an address?
CEF cannot switch packet for this route and passes it to the next best switching method.
35
Which three algorithms can you configure with the ip cef load-sharing algorithm command? (Choose three)
- Tunnel
- Universal
- Include-ports
36
Refer to Exhibit
A network engineer is working on the network topology and executes the command no ip split horizon on interface S0/0 of the Hub router. What is the result of this command?
Each of the spoke routers can see the routes that are advertised from the other spoke routers.
37
If you convert a WAN connection with OSPF from T1 to a Frame Relay circuit, which two actions must you take to enable the connection? (Choose two)
- Change the OSPF network type to nonbroadcast.
| - Manually configure neighbors in the OSPF process.
38
Which two statements about Frame Relay LMI autosense are true on a router? (Choose two)
- It operates on Frame Relay DTE interfaces
| - It operates when the line is up but the line protocol is down
39
In a point-to-multipoint Frame Relay topology, which two methods ensure that all routing updates are received by all EIGRP routers within the Frame Relay network? (Choose two)
- Disable split horizon
| - Use subinterface
40
In which two ways can split horizon issues be overcome in a Frame Relay network environment? (choose two)
- Configuring multiple subinterfaces on a single physical interface to various remote sites
- Disabling split horizon.
41
On which two types of interface is Frame Relay switching supported? (Choose two)
- serial interfaces
| - ISDN interfaces
42
Which task must you perform to enable a point-to-point Frame Relay connection?
Configure static address mapping.
43
Which two statements about Frame Relay Point-to-Point connections are true? (Choose two)
- Changing a point-to-point sub interface to a different type requires the device to be reloaded.
- They use two DLCIs to communicate with multiple endpoints over the Frame Relay cloud.
44
Which value does a point-to-point GRE tunnel use to identify a peer?
IP address
45
Which two statement about GRE tunnel interface are true? (Choose two)
- A tunnel destination must be routable, but it can be unreachable
- To establish a tunnel the source interface must be up/up state
46
A network engineer has configured GRE between two IOS routers. The state of the tunnel interface is continuously oscillating between up and down. What is the solution to this problem?
Create a more specific static route to define how to reach the remote router.
47
When the tunnel interface is configured in default mode, which statement about routers and the tunnel destination address is true?
The router must have a route installed towards the tunnel destination
48
Which two statements about GRE tunnel keys are true? (Choose two)
- The key ID must be the same on each device.
| - They prevent the injection of unwanted packets.
49
```
Refer to the exhibit.
R1(config-if)#interface Tunnel0
R1(config-if)#tunnel source 10.0.0.1
R1(config-if)#tunnel destination 10.0.0.2
R1(config-if)#ipv6 address k:k:k:k::1/64
R1(config-if)#ipv6 ospf 1 area 1
R1(config-if)#tunnel mode ipv6ip
!
R2(config-if)#interface Tunnel1
R2(config-if)#tunnel source 10.0.0.2
R2(config-if)#tunnel source 10.0.0.1
R2(config-if)#ipv6 address k:k:k:k::2/64 R2(config-if)#ipv6 ospf 1 area 1
R2(config-if)#tunnel mode ipv6ip
```
A user calls from another branch office with a request to establish a simple VPN tunnel to test a new router‘s tunneling capability. Based on the configuration in the exhibit, which type of tunnel was configured?
6to4
50
Refer to the exhibit. After configuring GRE between two routers running OSPF that are connected to each other via a WAN link, a network engineer notices that the two routers cannot establish the GRE tunnel to begin the exchange of routing updates. What is the reason for this?
Either a firewall between the two routers or an ACL on the router is blocking IP protocol number 47.
51
During which DMVPN phase is spoke-to-spoke communication enabled?
phase 2
52
Which two statements about NHRP in a DMVPN environment are true? (Choose two)
- It can authenticate VPN endpoints
| - It provides address resolution to route traffic
53
Which two phases of DMVPN allow the spoke site to create dynamic tunnels to one other? (Choose two)
- Phase 2
| - Phase 3
54
Which Cisco VPN technology can use multipoint tunnel, resulting in a single GRE tunnel interface on the hub, to support multiple connections from multiple spoke devices?
DMVPN
55
Which two statements about NAT in a DMVPN environment are true? (Choose two)
- A spoke router can be represented by a static NAT on a device
- A hub router can use static NAT for its public IP address
56
Which security feature can protect DMVPN tunnels?
IPSec
57
Which condition prevents the establishment of a DMVPN tunnel between two spokes?
The two spokes are behind different PAT devices
58
Which three problems result from application mixing of UDP and TCP streams within a network with no QoS? (Choose three)
- starvation
- latency
- lower throughput
59
Which feature can mitigate fragmentation issues within network segments that are between GRE endpoints?
TCP MSS
| - also correct -> PMTUD
60
Which feature mitigates fragmentation issues caused by endpoint hosts?
TCP MSS
61
What is the default maximum segment size for TCP traffic?
536
62
Which two protocols can cause TCP starvation? (Choose two)
TFTP, SNMP
63
Which technology was originally developed for routers to handle fragmentation in the path between end points?
PMTUD
64
A network engineer applies the command "ip tcp adjust-mss" under interface configuration mode. What is the result?
The probability of dropped or segmented TCP packets is decreased.
65
Which value determines the amount of traffic that a network path can hold in transit?
bandwidth delay product
66
Which protocol can you use to remotely install an IOS image on a Cisco switch?
FTP
67
Under which circumstance can TCP starvation occur?
when TCP and UDP traffic are mixed in the same class of service
68
Which option is one way to mitigate asymmetric routing on an active/active firewall setup for TCP-based connections?
disabling stateful TCP checks
69
Which three TCP enhancements can be used with TCP selective acknowledgments? (Choose three)
- explicit congestion notification
- keepalive
- time stamps
70
Refer to the exhibit.
After configuring the routes, the network engineer executes the show ip route command. What is the expected results?
Gateway of last resort is not set Router #
71
What happens when a router receives a route with an administrative distance of 255?
The router is unable to install the route into the routing table
72
efer to the exhibit. Which networking challenge is the most important issue to address to enable optimal communication between the networks at company A and company B?
asymmetric routing
73
A router receives a routing advertisement for 10.1.1.0/24 from an EIGRP peer and from an OSPF peer. Which route does the router install in the routing table, and for which reason?
The EIGRP route, because the administrative distance is lower.
74
You are configuring a static route. Which action must you take to avoid the possibility of recursive row?
Use the ip route command to specify both the next-hop IP address and the connected interface
75
Which routing protocol routes traffic through the best path and second best path at the same time?
EIGRP or BGP
76
You want to configure a device to select an OSPF-learned route as the preferred path over an EBGP-learned route. Which action must you take?
Decrease the OSPF administrative distance
77
A network engineer is modifying RIPng timer configuration. Which configuration mode should the engineer use?
router(config-rtr)#
78
What is the default authentication in RIPv2 when authentication is enabled?
Plaintext authentication
79
Two routers are configured with RIPng but can‘t form neighbors as traffic traverses a firewall. Which port does the firewall need to permit to form neighbors?
UDP Port 521
80
Which command must you configure globally to support RIPng?
ipv6 unicast-routing
81
Afer configuring RIPng on two routers that are connected via a WAN link, a network engineer notices that the two routers cannot exchange routing updates. What is the reason for this?
Either a firewall between the two routers or an ACL on the router is blocking UDP 521
82
A network engineer is enabling RIPng on a new customer link. Under which configuration mode is RIPng enabled?
Interface
83
A route with default RIPv2 settings loses connectivity to it‘s next-hop neighbor. How long does the router wait before removing the route to the next hop from its route table?
240 seconds
84
Customer enabled new link to partner using RIPng, how and where is RIPng configured?
global – (config)#ipv6 router rip "RIPNG"
85
What is the maximum number of hops on a route that RIPng advertises as reachable?
15
86
A network engineer is troubleshooting connectivity issues with a directly connected RIPng neighbor. Which command should show directly connected RIPng neighbor adjacencies only?
router#show ipv6 rip next-hops
87
Which two statements about OSPF E1 routes are true? (Choose two)
- They use the OSPF cost from redistribution and the OSPF cost to the ASBR.
- They are preferred over E2 routes
88
OSPF has R1 router ID 172.18.1.1. What happens when R1 configure with a new loopback interface IP address 172.17.1.1?
OSPF retains 172.18.1.1 as router ID until interface on which is configured goes down
89
Which two areas does OSPF send a summary route by default ? (Choose two)
- Totally stubby
| - Stub
90
Refer to the exhibit. Which LSA type does R3 propagate into Area 1 for the 192.168.10.0/24 network?
type 7 LSA
91
Which OSPF network type uses a DR?
Nonbroadcast multi-access
92
What are two important differences between OSPFv2 and OSPFv3? (Choose two)
- Only OSPFv3 provides support for IPv6.
| - Only OSPFv3 supports multiple OSPF instances on a single link.
93
Device R1 has 1 Gigabit and 10 Gigabit Ethernet interfaces, which command do you enter so that it takes full advantage of OSPF costs?
R1(config-router)#auto-cost reference-bandwidth 10000
94
Which LSA type in OSPFv3 is used for link-local updates?
Link LSA type 8
95
Which two statements about OSPFv3 are true? (Choose two)
- The router ID is configured as an IPv4 address.
| - It uses link-local addresses to form neighbor relationships.
96
Refer to the exhibit.
You notice that traffic from R1 to the 192.168.10 0/24 network prefers the path through R3 instead of the least-cost path through R2.What is the most likely reason for this route selection?
OSPF prefers intra-area routes over interarea routes.
97
When OSPF is forming an adjacency, in which state does the actual exchange of the information in the link-state database occur?
loading
98
A network engineer enables OSPF on a Frame Relay WAN connection to various remote sites, but no OSPF adjacencies come up Which two actions are possible solutions for this issue? (Choose Two)
- Change the network type to point-to-multipoint under WAN interface
- Configure the neighbor command under OSPF process for each remote site
99
Which two OSPF router types can perform summarization in an OSPF network? (Choose two)
- area border router
| - autonomous system boundary router
100
If you want to migrate an IS-IS network to another routing protocol. Which routing protocols should you choose? (Choose two)
- EIGRP
| - OSPF
101
A router was configured with the ―eigrp stub‖ command. The router advertises which types of routes?
connected and summary
102
Refer to Exhibit - All interfaces on each router are participating in the EIGRP 100 process. Interface Loopback 2 on HQR2 is currently in shutdown mode. An engineer issues the eigrp stub command on router BR1. Which statements about the query messages sent from router HQ-R2 for a route to reach the 12.12.12.12/32 network is true?
Router HQ-R1 receives query messages from HQ-R2 for a route to 12.12.12.12/32 network.
103
```
Refer to the exhibit.
router eigrp 65535
no auto-summary
network 10.0.0.0 0.0.0.255
router ospf 1
network 192.168.5.0 0.0.0.255 area 0
passive-interface loopback0
redistribute eigrp 65535
```
If this configuration is applied to a device that redistributes EIGRP routes into OSPF. which two statements about the behavior of the device are true? (Choose two)
- The device redistributes all EIGRP networks into OSPF
| - The device redistributes only classful EIGRP networks into OSPF
104
Refer to the exhibit.
12.0.0.0/24 is subnetted, 1 subnets
D 12.12.12.0 [90/30720] vi 52.52.52.2, 00:00:12, FastEthernet2/0
[90/30720] vi 51.51.51.1, 00:00:12, FastEthernet1/0
The excerpt was taken from the routing table of router SATX. Which option ensures that routes from 51.51.51.1 are preferred over routes from 52.52.52.2?
SATX(config-router)#distance 89 51.51.51.1 0.0.0.0
105
Which two options can you use to configure an EIGRP stub router? (Choose two)
- receive-only
| - summary
106
Which two types of authentication does EIGRP offer? (Choose two)
- MD5
| - Plain Text
107
Which three statements about IPv6 EIGRP are true? (Choose three)
- EIGRP neighbor relationships are formed using the link-local address.
- EIGRP route advertisement is configured under the interface configuration.
- An IPv6 EIGRP router ID is required.
108
What is EIGRP Summary Route Administrative Distance?
5
109
Which EIGRP packets use unreliable delivery? (Choose two)
- Request
| - Hello
110
What is used in EIGRP metric calculation?
Minimum bandwidth on the path
111
How EIGRP metric is calculated?
Bandwidth+Delay
112
Which statements are true to configure IPv6 EIGRP configuration for route advertisements? (Choose two)
- Route advertisements are configured at the interface configuration
- Uses link-local IP address for route advertisements
113
Which task must you preform to implement EIGRP for IPv6 on a device?
Manually configure the router ID
114
Which two features are provided by EIGRP for IPv6? (Choose two)
- Partial Update
| - Scaling
115
Which two packet type can an EIGRP router send when a route goes into the Active state? (Choose two)
- reply
| - query
116
Which two EIGRP metrics have nonzero K values by default? (Choose two)
- delay
| - bandwidth
117
Refer to the exhibit. You want router R1 to perform unequal-cost routing to the 192.168.10.0/24 network. What is the smallest EIGRP variance value that you can configure on R1 to achieve this result?
3
118
What happens when two EIGRP peers have mismatched K values?
The two devices fail to form an adjacency
119
When an EIGRP router discovers a new neighbor, which packet type does the router send to help the neighbor build its topology table?
updates
120
```
Refer to the exhibit.
R1 interface Loopback0
ip address 172.16.1.1. 255.255.255.255
interface FastEthernet0/0
ip address 192.168.10.33 255.255.255.224
router eigrp 100
eigrp router-id 172.16.1.1
no auto-summary
network 192.168.10.0
network 172.16.0.0
```
```
R2 interface Loopback0
ip address 172.16.2.2 255.255.255.255
interface FastEthernet0/0
ip address 192.168.10.17 255.255.255.240
router eigrp 100
eigrp router-id 172.16.2.2
network 192.168.10.0
network 172.16.0.0
```
R1 and R2 are unable to establish an EIGRP adjacency. Which action corrects the problem?
Change the IP address and subnet mask on R2 so that is on the same subnet as R1.
121
Which calculation is used to determine the default EIGRP metric?
bandwidth + delay
122
Other than a working EIGRP configuration, which option must be the same on all routers for EIGRP authentication key rollover to work correctly?
Time
123
Based on the output, which option is the next hop to get to the 130.0.1.0/24 network?
10.20.20.1
124
Which two conditions can cause BGP neighbor establishment to fail? (Choose two)
- There is an access list blocking all TCP traffic between the two BGP neighbors.
- The BGP neighbor is referencing an incorrect autonomous system number in its neighbor statement.
125
Which BGP option is required when load sharing over multiple equal-bandwidth parallel from a single CE router to a single ISP router over eBGP?
eBGP Multipath
126
Which two options are benefits of BGP peer groups? (Choose two)
-A configuration change can be applied simultaneously to all peers in the peer group - Each neighbor in a peer group can have different inbound BGP policies
127
Which criterion does the BGP maximum paths feature use for load balancing?
weight
128
Which adverse circumstance can the TTL feature prevent?
DoS attacks
129
Which two tasks must you perform to configure a BGP peer group? (Choose two)
- Activate each neighbor
| - Assign neighbors to the peer group
130
Which criterion does BGP evaluate first when determining the best path?
weight
131
Which command do you enter on router R6 so that BGP supports multiple protocols?
R6(config-router)#no bgp default ipv4-unicast
132
Which two BGP neighbor states are valid? (Choose two)
- Established
| - Active
133
Refer to the exhibit.
router eigrp 1
redistribute bgp 1 route-map BGP_DEFAULT_ROUTE_RM
network 2.0.0.0
route-map BGP_DEFAULT_ROUTE_RM permit 10
match ip address prefix-list DEFAULT_ROUTE_PL
ip prefix-list DEFAULT_ROUTE_PL seq 10 permit 0.0.0.0/0
For which reason is EIGRP failing to redistribute the default route?
The EIGRP process is missing the default metric.
134
Refer to the exhibit. Which option describes why the EIGRP neighbors of this router are not learning routes that are received from OSPF?
```
router eigrp 1
redistribute ospf 100
network 10.10.10.0 0.0.0.255
auto-summary
!
router ospf 100
network 172.16.0.0 0.0.255.255 area 100
redistribute eigrp 1
```
Default metrics are not configured under EIGRP
135
Refer to the exhibit. How does R1 handle the route to network 10.1.80.0/24?
R1 router eigrp 1 no auto-summary redistribute ospf 1 route-map ospf-to-eigrp default-metric 10000 10 255 1 1500
ip prefix-list ccnp1 seq 5 permit 10.1.48.0/24 le 24 ip prefix-list ccnp2 seq 5 permit 10.1.80.0/24 le 32
ip prefix-list ccnp3 seq 5 permit 10.1.64.0/24 le 24
route-map ospf-to-eigrp permit 10 match ip address prefix-list ccnp1 route-map ospf-to-eigrp permit 20 match ip address prefix-list ccnp2
R1 redistributes network 10.1.80.0/24 into EIGRP without changing the mask
136
Which option is an invalid redistribute command option for redistributing routes from EIGRP into OSPF?
access list
137
Which command denies the default route?
ip prefix-list de10.ny-route seq 5 deny 0 0 0.0/0
138
A network engineer is configuring a DHCP server to support a specialized application. Which additional DHCP feature must be enabled to support the delivery of various additional parameters to DHCP clients?
options
139
After testing various dynamic IPv6 address assignment methods, an engineer decides that more control is needed when distributing addresses to clients. Which two advantages does DHCPv6 have over EUI-64 (Choose two)
- DHCPv6 allows for additional parameters to be sent to the client, such as the domain name and DNS server.
- DHCPv6 providers tighter control over the IPv6 addresses that are distributed to clients.
140
Which three options are valid DHCPv6 functions? (Choose three)
- Server
- Client
- Relay
141
DHCPv6 can obtain configuration parameters from a server through rapid two-way message exchange. Which two steps are involved in this process? (Choose two)
- Solicit
| - reply
142
Which set of actions does a network engineer perform to set the IPv6 address of a DHCP relay server at the VLAN interface level?
Enter the VLAN interface configuration mode, enable IPv6 DHCP relay, and define the IPv6 address of a DHCP relay server
143
Where must a network engineer configure the ip helper-address command on a router?
On the interface that will receive the broadcasts
144
When a new PC is connected to the network, which step must it take first to receive a DHCP address?
It sends a DHCPDISCOVER message to 255.255.255.255
145
Which two tasks does a DHCP relay agent perform? (Choose two)
- It forwards DHCPDISCOVER and DHCPREQUEST messages to the DHCP server
- It forwards DHCPOFFER and DHCPACK messages to the DHCP client
146
Consider this scenario. TCP traffic is blocked on port 547 between a DHCPv6 relay agent and a DHCPv6 server that is configured for prefix delegation. Which two outcomes will result when the relay agent is rebooted? (Choose two)
- Routers will not obtain DHCPv6 prefixes.
| - The DHCPv6 relay agent will resume distributing addresses.
147
Refer in the exhibit.
interface FastEthernet0/0 ip helper-address 192.168.145.5
A packet capture indicates that the router is not forwarding the DHCP packets that it receives on interface FastEthernet0/0. Which command needs to be entered in global configuration mode to resolve this issue?
ip DHCP relay
148
After reviewing the EVN configuration, a network administrator notices that a predefined EVN, which is known as ―vnet global‖ was configured. What is the purpose of this EVN? (OR) What is the purpose of ‗vnet global‖?
It refers to the global routing context and corresponds to the default RIB.
149
```
Refer to the exhibit.
-hostname R1 ! ip vrf Yellow
rd 100:1 ! interface Serial0/0
ip vrf forwarding Yellow
ip address 209.165.202.129 255.255.255.224 !
ip route 209.165.202.129 255.255.255.224 null0 ! router eigrp 100
address-family ipv4 vrf Yellow
network 209.165.202.129 0.0.0.0
no auto-summary
autonomous-system 100
redistribute static
-hostname R2 !
ip vrf Yellow
rd 100:1 !
interface Serial0/0
ip vrf forwarding Yellow
ip address 209.165.202.130 255.255.255.224 !
router eigrp 100
address-family ipv4 vrf Yellow
network 209.165.202.130 0.0.0.0
no auto-summary
autonomous-system 100
```
A senior network engineer tries to propagate a summary route 209.165.201.0/27 to R2 by redistributing static route on R1, but setup is not working. What is the issue with the configuration in the exhibit.
The summary route is in the global routing table.
150
Which technology does Easy Virtual Network use?
VRF-Lite
151
Which technology is required on an EVN trunk interface?
802.1q
152
```
Refer to the exhibit.
hostname R1 !
ip vrf Yellow
rd 100:1 !
interface Serial0/0
ip vrf forwarding Yellow
ip address 209.165.202.129 255.255.255.224 ! router eigrp 100
address-family ipv4 vrf Yellow
network 209.165.202.129 0.0.0.0
no auto-summary
```
```
hostname R2 !
ip vrf Yellow
rd 100:1 !
interface Serial0/0
ip vrf forwarding Yellow
ip address 209.165.202.130 255.255.255.224 !
router eigrp 100
address-family ipv4 vrf Yellow
network 209.165.202.130 0.0.0.0
no auto-summary
```
A network engineer is unable to make VRF lite EIGRP adjacency work. There is nothing wrong with communication between R1 and R2. What command will eliminate the issue when executed on both routers?
(config-router-af)#autonomous-system 100
153
Which two statements about EVN are true? (Choose two)
- Virtual network tags are assigned per-VRF.
| - The VLAN ID in the 802.1q frame carries the virtual network tag.
154
What is the primary service that is provided when you implement Cisco Easy Virtual Network?
It allows for traffic separation and improved network efficiency.
155
Which condition must be met before two EVN devices can connect?
A trunk interface must be configured between the devices.
156
Where does the EVN marks the traffic to separate different users?
On the trunk, with VNET tag
157
Which two statements about EVN are true? (Choose two)
- It uses redistribution to share routes between VNs.
| - A configuration can be based on an existing VRF configuration.
158
Which protocol does VRF-Lite support?
EIGRP
159
A customer asks its service provider for VPN support for IPv4 and IPv6 address families. Which command enables a VRF that supports these requirements?
Router(config-vrf)#vrf definition CUSTOMER
160
Which technology supports overlapping IP addresses on a single interface?
VRF-Lite
161
```
Refer to the exhibit.
interface gigabitethernet 2/0/0
vnet trunk
ip address 192.168.1.1 255.255.255.0
vnet name cisco
```
Which effect of this configuration is true?
It designates the interfaces as an EVN trunk
162
What is the role of a route distinguisher via a VRF-Lite setup implementation?
It extends the IP address to identify which VRF instance it belongs to.
163
Which statement is true about an edge interface in relation to the Cisco Easy Virtual Network?
An edge interface connects a user device to the EVN while defining the EVN boundaries.
164
Which two statements about EVNs are true? (Choose two)
- All EVNs within a trunk interface can share the same IP infrastructure
- Commands that are specified once under a trunk interface can be inherited by all EVNs
165
Which three benefits does the Cisco Easy Virtual Network provide to an enterprise network? (Choose three)
- simplified Layer 3 network virtualization
- improved shared services support
- enhanced management, troubleshooting, and usability
166
What is VRF-lite?
VRF without MPLS
167
Which CLI command can you enter to permit or deny IPv6 traffic travelling through an interface?
ipv6 traffic-filter
168
Which two technologies can encapsulate an IPv6 payload in an IPv4 packet for transmission across a network? (Choose two)
- ISATAP
| - NAT-PT
169
When a packet is denied by an IPv6 traffic filter, which additional action does the device perform?
It generates an ICMP unreachable message for the frame.
170
Which two options are components of a dual stack? (Choose two)
- IPv6 traffic
| - IPv4 traffic
171
What are two limitations when in use of NPTv6 for IPV6 vs IPV6 Address translation? (Choose two)
- lack of overloading functionality
| - mismatched prefix allocations
172
Which two statements about 6to4 tunneling are accurate? (Choose two)
- Each 6to4 site receives a /48 prefix in a 6to4 tunnel
| - Prepending 0x2002 with the IPv4 address creates an IPv6 address that is used in 6to4 tunneling
173
The Neighbor Discovery Protocol in IPv6 is replaced with which discovery protocol in IPv4?
ARP
174
Considering the IPv6 address independence requirements, which process do you avoid when you use NPTv6 for translation?
rewriting of higher layer information
175
Company is deploying a multicast application that must be accessible between sites, but must not be accessible outside of the organization. Based on the scoping requirements, the multicast group address for the application will be allocated out of which range?
FF08::/16
176
Which statement about stateless and stateful IPv6 autoconfiguration are true?
Stateless autoconfiguration requires no additional setup, whereas stateful autoconfiguration requires additional setup
177
Which two statements about uRPF are true? (Choose two)
- Strict mode may drop legitimate traffic
| - It is enabled on a per interface basis
178
Which command sequence can you enter on a router to configure Unicast Reverse Path Forwarding in loose mode?
interface GigabitEthernet0/0
| ip verify unicast source reachable-via any
179
Refer to the exhibit.
The IP SLA configuration of R1 is shown below:
R1(config)#ip sla 1
R1(config-ip-sla)#icmp-echo 172.20.20.2 source-interface f1/0
R1(config-ip-sla)#frequency 10
R1(config-ip-sla)#threshold 100
R1(config)#ip sla schedule 1 start-time now life forever R1(config)#track 10 ip sla 1 reachability
R1(config)#ip route 0.0.0.0.0 0.0.0.0 172.20.20.2
What makes default route not removed when SLA state down or failed?
missing of track feature on default static route command
180
A network engineer wants to baseline the network to determine suitability for real-time voice applications. Which IP SLA operation is best suited for this task?
UDP-jitter
181
Refer to exhibit. Which two reasons for IP SLA tracking failure are likely true? (Choose two)
R1(config)#ip sla 1
R1(config-ip-sla)#icmp-echo 172.20.20.2 source-interface FastEthernet0/0
R1(config-ip-sla-echo)#timeout 5000
R1(config-ip-sla-echo)#frequency 10
R1(config-ip-sla-echo)#threshold 500
R1(config)#ip sla schedule 1 start-time now life forever
R1(config)#track 10 ip sla 1 reachability
R1(config)#ip route 0.0.0.0 0.0.0.0 172.20.20.2 track 10
R1(config)#no ip route 0.0.0.0 0.0.0.0 172.20.20.2
R1(config)#ip route 0.0.0.0 0.0.0.0 172.30.30.2 5
- A route back to the R1 LAN network is missing in R2
| - The threshold value is wrong
182
Which IP SLA operation can be used to measure round-trip delay for the full path and hop-by-hop round-trip delay on the network?
ICMP path echo
183
A network engineer wants to monitor hop by hop response time on the network. Which IP SLA operation accomplishes this task?
ICMP path echo
184
Which three IP SLA performance metrics can you use to monitor enterprise-class networks? (Choose three)
- Packet loss
- Delay
- Connectivity
185
Which three items can you track when you use two time stamps with IP SLAs? (Choose three)
- delay
- jitter
- packet loss
186
Which feature can be used to reduce the number of ICMP unreachable message egressing a router?
ICMP rate-limiting
187
Which LAN feature enables a default gateway to inform its end device?
ICMP redirects
188
Which IP SLA operation can be used to simulate voice traffic on a network?
UDP-jitter
189
Which location within the network is preferred when using a dedicated router for Cisco IP SLA operations?
provider edge
190
Which two statements about ICMP unreachable messages are true? (Choose two)
- They are sent when a route to the destination is missing from the routing table
- They include a portion of the original data so that the source can identify the process that generated the message
191
When does a Cisco router send an ICMP redirect?
when the packet‘s ingress and egress interface are the same
192
Which two types of threshold can you configure for tracking objects? (Choose two)
- percentage
| - weight
193
Which type of information is displayed when a network engineer executes the show track 1 command on the router?
information about tracking list 1
194
A network engineer is asked to create an SNMP-enabled proactive monitoring solution to ensure that jitter levels remain between particular boundaries. Which IP SLA option should the engineer use?
threshold
195
Which three statements about SNMP are true? (Choose three)
- The manager sends GET and SET messages.
- SNMPv3 supports authentication and encryption
- The manager polls the agent using UDP port 161
196
In SNMPv3, which security level provides encryption of the data?
authPriv
197
What does the number 16 in the following command represent?
| Router(config)#snmp-server user abcd public v2c access 16
the standard named access list 16, which contains the access rules that apply to user abcd
198
In SNMPv3, which security level provides encryption of the data?
authPriv
199
Which SNMP model and level can provide DES encryption?
SNMPv3 authPriv
200
Refer to the exhibit.
snmp-server community ciscotest
snmp-server host 192.168.1.128 ciscotest
snmp-server enable traps bgp
Which effect of this configuration is true?
The device sends SNMP traps related to BGP operations to host 192.168.1.128
201
Which SNMP verification command shows the encryption and authentication protocols that are used in SNMPv3?
show snmp user
202
Refer to the following command.
Logging Console 7
Which option is one of the effects entering this command on a Cisco IOS router, with no additional logging configuration?
The router can experience high CPU utilization
203
A router is connected to a Windows Syslog server which does not function. What is the reason?
Firewall is blocking UDP port 514
204
A network engineer executes the commands ―logging host 172.16.200.225‖ and ―logging trap 5‖. Which action results when these two commands are executed together?
Logging messages that have a severity level of ―notifications‖ and above (numerically lower) are sent to the remote server 172.16.200.225
205
Refer to the exhibit.
A network engineer has configured NTP on a Cisco router, but the time on the router is still incorrect. What is the reason for this problem?
The router is not syncing with the peer, even though the NTP request and response packets are being exchanged.
206
Which two statements about NTP stratum are true? (Choose two)
- Stratum 2 devices receive their time from a peer that is connected directly to an authoritative time source
- Stratum 1 devices are connected directly to an authoritative time source
207
```
Refer to the exhibit. Which effect of this configuration is true?
R1# show run | include ntp
ntp master 5
ntp authenticate
ntp authentication-key 1 md4 123Cisco
ntp authentication-key 5 md4 Cisco123
ntp trusted-key 1
```
R1 acts as an authoritative clock at stratum 5
208
Refer to the following configuration command.
router (config-line)# ntp master 10
Which statement about this command is true?
The router acts as an authoritative NTP clock at stratum 10.
209
```
Refer to exhibit:
access-list 1 permit 192.168.1.1 access-list 1 deny any
access-list 2 permit 192.168.1.4
access-list 2 deny any !
ntp access-group peer 2
ntp access-group serve 1
ntp master 4 !
Which three NTP features can be deduced on the router? (Choose three)
```
- Only accepts time requests from 192.168.1.1
- Only is in stratum 4
- Only updates its time from 192.168.1.4
210
Which three NTP operating modes must the trusted-key command be configured on for authentication to operate properly? (Choose three)
- Client
- Server
- Broadcast
211
Which two statements about NTP operation are true? (Choose two)
- If multiple NTP servers are configured, the one with the lowest stratum is preferred
- By default, NTP communications use UDP port 123.
212
Which statement describes what this command accomplishes when inside and outside interfaces are correctly identified for NAT?
ip nat inside source static tcp 192.168.1.50 80 209.165.201.1 8080 extendable
It allows external clients to connect to a web server hosted on 192.168.1.50.
213
Which option is a prerequisite for stateful NAT64?
DNS64
214
Which technology uses the many-to-one method of mapping IP addresses?
PAT
215
Which three functionalities are specific to stateful NAT64? (Choose three)
- It conserves IPv4 addresses
- A state or bindings are created on every unique translation.
- No constraint is put on the number of endpoints due to 1 :N translation.
216
Which command enables NAT-PT on an IPv6 interface?
ipv6 nat
217
Which functionality is required within an IP router that is situated at the boundary of an IPv4 network and an IPv6 network to allow communication between IPv6-only and IPv4-only nodes?
Network Address Translator-Protocol Translator (NAT-PT)
218
Which NAT command to disable dynamic ARP learning on an interface?
R(config)# ip nat allow-static-host
219
Which feature or technology is supported with stateful NAT64?
VFR
220
What does stateful NAT64 do that stateless NAT64 does not do?
Stateful NAT64 maintains bindings or session state while performing translation
221
What are two options for authenticating a user who is attempting to access a network device? (Choose two)
- RADIUS
| - TACACS+
222
Which keyword of the AAA authentication PPP command supports PAP only?
krb5
223
A network access serve using TACACAS+ for AAA operations receives an error message from the TACACS+ server. Which action does the network access server take next?
It checks the method list for an additional AAA option
224
In which network environment is AAA with RADIUS most appropriate?
when users require access to only one device at a time
225
A user is attempting to authentication on the device connected to a TACACS+ server but the server require more information from the user to complete authentication. Which reponse does the TACACS+ daemon return?
CONTINUE
226
Which two statements about AAA with the local database are true? (Choose two)
-It supports a limited number of usernames and passwords -Accounting is not supported locally
227
Which two features does RADIUS combine? (Choose two)
- Authentication
| - Authorization
228
A network engineer executes the ―show ip cache flow‖ command. Which two types of information are displayed in the report that is generated? (Choose two)
- flow sample for specific protocols
| - IP packet distribution
229
Where is the best place to position a NetFlow server?
WAN edge
230
Which two statements about NetFlow templates are true? (Choose two)
- Only NetFlow version 9 is template based
| - Template can increased bandwidth usage
231
Where can NetFlow export data for long term storage and analysis?
collector
232
Which version or versions of NetFlow support MPLS?
NetFlow version 9
233
Refer to the exhibit. How can you configure a second export destination for IP address 192.168.10.1?
configure terminal
ip flow-export destination 192.168.10.1 9991
ip flow-export version 9
Specify a different UDP port
234
Which two commands would be used to troubleshoot high memory usage for a process? (Choose two)
- router#show memory allocating-process table
| - router#show memory summary
235
Which statement about conditional debugging is true?
You can limit the output to a specific interface
236
Which two debug commands can you use to view issues with CHAP and PAP authentication? (Choose two)
- debug ppp authentication
| - debug ppp negotiation
237
Which action can you take to mitigate unicast flooding in a network?
Set the ARP timer value to less than the CAM timer value.
238
Which three causes of unicast flooding are true? (Choose three)
- forwarding table overflow -changes in STP topology
| - asymmetric routing
239
What happens when unicast flood protection is triggered on a VLAN?
The VLAN is shut down
240
Which adverse event can occur as a consequence of asymmetric routing on the network?
unicast flooding
241
How can you minimize unicast flooding in a network?
Set the router‘s ARP timeout value to be the same as the timeout value for Layer 2 forwarding table entries
242
Which of the following situations results in a routing loop?
when you have multiple points of redistribution
243
Which three methods can a network engineer use to fix a metric-based routing loop in the network? (Choose three)
- Filter routes based on tags -Implement offset lists at network boundaries
- Filter routes manually using distribute lists
244
Which command do you enter to filter only routing updates that are sent through interface GigabitEthernet0/0?
R1(config-router)#passive-interface GigabitEthernet0/0
245
Given the network diagram, which address would successfully summarize only the networks seen?
192.168.8.0/21
246
How big is the smallest packet that will always be fragmented on a standard Ethernet network with default configuration?
1800 bytes
247
Which option is the best for protecting CPU ultilization on a device?
COPP
248
Which STP feature can reduce TCNs on ports that are connected to end devices?
PortFast
249
Which two causes of latency are true? (Choose two)
- Propagation delay
| - Serialization delay
250
In which scenario can asymmetric routing occur?
redundant routers running VRRP
251
The Cisco ASA 500 Series Security Appliances are built specifically for businesses with less than 100 employees. What are three important benefits of this device? (Choose three)
- business-grade firewall
- site-to-site VPN for remote offices
- email security
252
Drag and drop for adverse network conditions.
1. Excessive unicast flooding condition:
2. Out-of-order packets:
3. TCP starvation:
4. Asymmetric routing:
5. Latency:
1. caused by including a host port in STP
2. potential result of disabling FIFO
3. potential effect of excessive UDP traffic on link
4. cause of inconsistent traffic patterns
5. condition in which packets require an excessive length of time to traverse a switch
253
Drag drop the correct descriptions on the right to the Frame Relay LMI extensions on the left.
```
1 Address registration
2 Global addressing
3 Multicasting
4 Simple flow control
5 Virtual circuit status messages
```
1 It allows neighboring Cisco devices to exchange management IP addresses
2 It enables the Frame Relay network to identify interfaces in the same manner as a LAN
3 It provides the most efficient transmission of routing protocol messages and supports address resolution
4 It supports devices that are unable to use congestion notification
5 It prevents data from being transmitted into black holes
254
Drag the descriptions on the left to the appropriate group on the right.
1 Authentication
2 Authorization
3 Accounting
1
+ supports a local database for device access
+ supports encryption
2
+ specifies a user‘s specific access privileges
+ enforces time periods during which a user can access the device
3
+ not supported with local AAA
+ verifies network usage
255
Drag drop about AAA commands.
```
1 if authenticated –
2 none –
3 local –
4 krb5-instance –
5 group radius –
6 group tacas+ –
```
1 It allows the user to perform the requested function once authenticated
2 It instructs the network access server to proceed without requesting authorization information
3 It provides authorization for a limited set of functions only
4 It uses a defined instance for authorization
5 It uses authorization information from a standards based server
6 It uses authorization information stored as attribute value pair in a Cisco proprietary server
256
Refer to the exhibit. You are configuring the R1 Serial0 interface for a multipoint connection. Drag and drop the required configuration statements from the left onto the corresponding locations from the diagram on the right.
```
1 interface Ethernet0
ip address 10.1.1.2 255.255.255.0
Serial interface config
2 no ip address
3 frame-relay lmi-type ansi
subinterface config
4 ip address 192.168.1.5 255.255.255.240
```
1 interface Serial0
2 encapsulation frame-relay
3 interface Serial0.1 multipoint
4 frame-relay map ip 192.168.1.1 100 broadcast
257
Drag and drop the GRE features from the left onto the correct description on the right.
```
1 mGRE:
2 IPSec:
3 Keepalive:
4 Tunnel Key:
5 MSS:
```
1 technology that supports dynamic tunnel endpoints
2 encryption protocol used to source tunnels
3 technology that prevents one side of the tunnel from going down while the other stays up
4 clear-text password that confirms the peer connection
5 configurable value that prevents an interface from sending packets that are too large for the tunnel
258
Drag and drop the AAA features from the left onto the correct description on the right.
```
1 Authentication:
2 Accounting:
3 TACACS+:
4 RADIUS:
5 Authorization:
```
```
1 challenge and response operation
2 feature that logs network usage
3 authentication method that uses TCP
4 authentication method that uses UDP
5 controls specific access privileges of a user
```
259
Drag and drop each statement about uRPF on the left to the correct uRPF mode on the right.
1 Loose Modes:
2 Strict Modes:
1
+ It supports using the default route as a route reference
+ It requires the source address to be routable
2
+ It can drop legitimate traffic
+ It permits only packets that are received on the same interface as the exit interface for the destination address
260
Refer to the exhibit. You are configuring the R1 Serial0 interface for a point-to-point connection. Drag and drop the required configuration statements from the left onto the correct locations from the diagram on the right. Not all commands are used.
```
Interface Serial0/0/0
1
encapsulation frame-relay
frame-relay lmi-type ansi
!subinterface config
2
3
interface virtual-template 1
ip unnumbered ethernet 0
4
```
1 no ip address
2 interface serial0.1 point-to-point
3 frame-relay interface-dlci 100 ppp virtual-template1
4 ppp authentication chap
261
Drag and drop the statements from the left onto the correct IPv6 router security features on the right.
1 IPv6 Traffic Filter
2 IPv6 Access Classes management traffic
1
+ It filters traffic on the interface level
+ It supports tagged ACLs
2
+ It controls traffic to and from the router
+ It requires the destination address for inbound traffic to be a local address
+ It filters
262
Drag and drop the statements about device security from the left onto the correct description on the right.
1 CoPP:
2 MPP:
1
+ It protects the device against DoS attacks
+ It supports packet forwarding by reducing the load on the device
+ It uses QoS to limit the load on the device
2
+ It designates the permitted management interfaces on the device
+ It is enabled only when an interface is configured
+ It requires only a single command to configure
263
Drag and drop the correct description on the right onto the corresponding ACL types on the left.
```
1 Dynamic:
2 Extended:
3 Reflexive:
4 Standard:
5 Time-based:
```
1 ACL that uses Telnet for Authentication
2 ACL type that should be placed closest to the traffic source
3 ACL that must be defined with a named ACL
4 ACL numbered from 1300 through 1999
5 ACL that applied to traffic only during specifically defined periods
264
Drag and drop the steps in the NAT process for IPv4-initiated packers from the left into the correct sequence on the right.
Step 1:
Step 2:
Step 3:
Step 4:
Step 1: The packet is routed to an NVI
Step 2: The packet is assigned a dynamic or static binding
Step 3: The IPV4 source address is translated to IPv6
Step 4: The translation information is used to create a session
265
Drag the items on the left to the proper locations on the right.
1 network-specific stateful NAT64 prefix:
2 NAT64 :
3 NPTv6 :
4 well-known stateful NAT64 prefix:
1 IPv6 prefix assigned by an organization
2 supports application layer gateway
3 translates 2001:1::/64 to 2001:2::/64
4 supports IPv6 prefix 64:FF9B::/96
266
A network engineer configures two connected routers to run OSPF in Area 0; however, the routers fail to establish adjacency. Which option is one of the caused for this issue?
The Same OSPF router IDs are configured on both routers
267
A network engineer trying to synchronize the time clock but the time is not working. What is likely the cause of this problem?
Either a firewall between the two routers or an ACL on the router is blocking UDP 123.
268
Refer to the exhibit. Router DHCP is configured to lease IPv4 and IPv6 addresses to clients on ALS1 and ALS2. Clients on ALS2 receive IPv4 and IPv6 addresses. Clients on ALS1
receive IPv4 addresses. Which configuration on DSW1 allows clients on ALS1 to receive IPv6 addresses?
```
DSW1#sh run int f0/0
Building configuration…
!
interface FastEhternet0/0
ip address 10.4.10.1 255.255.255.0
ip helper-address 4.4.4.4
duplex auto
speed auto
ipv6 address 2002:A04:A01:A04:A01/120
ipv6 enable
end
```
DSW1(config-if)#ipv6 dhcp relay destination 2002:404:404::404:404 GigabitEthernet1/2
269
Which two statements about configuring Frame Relay point-to-multipoint connections are true? (Choose two)
- They require the frame-relay mapping command to be configured
- They require inverse ARP
270
Which interface type does a PPPoE client use to establish a session?
dialer
271
Which values identifies VPNs in an EVN environment?
virtual network tag
272
Which two protocols are required for DMVPN? (Choose two)
- mGRE
| - NHRP
273
Which command do you enter to display log messages with a timestamp that includes the length of time since the device was last rebooted?
service timestamps log uptime
274
A network engineer executes the command ―show ip eigrp vrf purple topology‖. Which type of information is displayed as a result?
route successors for a specific routing table
275
A network engineer wants an NTP client to be able to update the local system without updating or synchronizing with the remote system. Which option for the ntp access-group command is needed to accomplish this?
Serve
276
Which option is invalid when configuring Unicast Reverse Path Forwarding?
source reachable via both
277
Drag and drop the statements about NAT64 from the left onto the correct NAT64 types on the right.
1 Stateful:
2 Stateless:
1
+ It supports FTP64 for ALG + It supports PAT and overload + It allows IPv6 systems to use any type of IPv6 address
2
+ ALG is not supported
+ It supports one-to-one mapping only
+ It requires IPv6 systems to use RFC6052 IPv4-translatable addresses
278
Which statement about the metric calculation in EIGRP is true?
The minimum bandwidth between the source and destination is used
279
Which two steps must you perform to allow access to a device when the connection to a remote TACACS+ authentication server fails? (Choose two)
1 Include the local keyword in the AAA configuration
| 2 Configure a local username and password on the device
280
```
Refer to the exhibit.
ip vrf BLUE
ip vrf RED
!
interface FastEthernet0/0
ip vrf forwarding RED
ip address 10.1.1.1 255.255.255.0
!
interface FastEthernet0/1
ip vrf forwarding BLUE
ip address 10.1.2.1 255.255.255.0
```
Network users on the 10.1.2.0/24 subnet have a default gateway of 10.1.2.254. Which command will configure this gateway?
router(config)#ip route vrf BLUE 0.0.0.0 0.0.0.0 10.1.2.254
281
Refer to the exhibit.
Router# show processes cpu sorted
Router# show processes memory sorted
Based on Cisco best practice, which statement about the output is true?
The output should be analyzed by a network engineer before executing any debug commands on an IOS router in production
282
Users were moved from the local DHCP server to the remote corporate DHCP server. After the move, none of the users were able to use the network. Which two issues wil prevent this setup from working properly? (Choose two)
-The DHCP server IP address configuration is missing locally -The route to the new DHCP server is missing
283
Which two statements about the OSPF down bit are true? (Choose two)
- It is set only for LSA types 3,5, and 7
| - It is set when MP-BGP routes are redistributed into OSPF
284
Which command can be entered on router R5 to configure 80 percent of the bandwidth of a link for EIGRP Autonomous System 55?
R5(config-if)#ip bandwidth-percent eigrp 55 80
285
Which two addresses types are included in NAT? (Choose two)
- inside global
| - outside local
286
Refer to the exhibit.
```
Hostname R1
!
ip vrf Yellow
rd 100:1
interface Serial0/0
ip vrf forwarding Yellow
ip address 192.168.1.1 255.255.255.0
!
router eigrp 100
network 192.168.1.1 0.0.0.0
no auto-summary
redistribute static
!
R1#ping vrf Yellow 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echoes to 192.168.1.2, timeout is 2 second:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
```
R1 is configured with VRF-Lite and can ping R2. R2 is fully configured, but it has no active EIGRP neighbors in vrf Yellow If the configuration of R2 is complete, then which issue prevents the EIGRP 100 neighbor relationship in vrf Yellow from forming?
EIGRP 100 network 192 168 1 0/24 is configured in the global routing table on R1
287
Which two LSA types were introduced to support OSPF for IPv6? (Choose two)
- type 9
| - type 8
288
Which two statements about DMVPN are true? (Choose two)
- It uses NHRP to create a mapping database of spoke addresses
- It supports dynamic addresses for spokes in a hub-and-spoke VPN topology
289
A netwoik engineer is configuring two dedicated Internet connections within the Internet module One connection is the primary connection to all wired business communications while Che other is the primary connection for all customer wireless traffic If one of the links goes down, the affected traffic needs to be redirected to the redundant link Winch current technology should be deployed to monitor the scenario?
IP SLA
290
Refer to the exhibit.
access-list 1 permit 10.1.1.0 0.0.0.255
access-list 1 deny any
Which command we use to control the type of routes that are processed in incoming route updates?
distribute-list 1 in
291
Which two types of traffic can benefit from LLQ? (Choose two)
- voice
| - video
292
A network administrator is attempting to configure IP SLA to allow one time stamp to be logged when a packet arrives on the interface and one time stamp to be logged when a packet leaves the interface. Which IP SLA accuracy tool enables this functionality?
Responder
293
Which two actions are common methods for migrating a network from one protocol to another? (Choose two)
- redistributing routes from the current routing protocol to the new routing protocol
- changing the relative administrative distances of the two routing protocols
294
Which statements best describes the following two OSPF commands, which are used to summarize routes?
area 0 range 192.168.110.0 255.255.0.0
summary-address 192.168.110.0 255.255.0.0
The area range command specifies the area where the subnet resides and summarizes it to other areas. The summary-address command summarizes external routes
295
Which action is the most efficient way to handle route feedback when converting a RIPv2 network to OSPF?
Implement route tags
296
Which types of LSAs are present in the stub area?
LSA type 1, 2 and 3
297
What is the hop count is advertised for an unreachable network by a RIP router that uses poison reverse?
16
298
Refer to the exhibit.
aaa new-model
aaa authentication login default local-case enable
aaa authentication login ADMIN local-case
username CCNP secret Str0ngP@ssw0rd!
line 0 4
login authentication ADMIN
How can you change this configuration so that when user CCNP logs in, the show run command is executed and the session is terminated?
Add the autocommand keyword to the username command
299
Refer to the exhibit.
```
router ospf 10
router-id 192.168.1.1
log-adjacency-changes
redistribute bgp 1 subnets route-map BGP-TO-OSPF
!
route-map BGP-TO-OSPF deny 10
match ip address 50
route-map BGP-TO-OSPF permit 20
!
access-list 50 permit 172.16.1.0 0.0.0.255
```
Which statement about redistribution from BGP into OSPF process 10 is true?
Network 172.16.1.0/24 is not redistributed into OSPF
300
Which functions are included in the two-message rapid exchange that a DHCPv6 client can receive from a server?
solicit and reply
301
Refer to the exhibit.
(exhibit missing)
Which key chain is being used for authentication of EIGRP adjacency between R4 and R2?
CISCO
302
Which two statements about redistributing EIGRP into OSPF are true? (Choose two)
- The redistributed EIGRP routes appear as type 5 LSAs in the OSPF database
- The redistributed EIGRP routes appear as OSPF external type 2 routes in the routing table
303
A network engineer executes the show ip flow interface command. Which type of information is displayed on the interface?
NetFlow configuration
304
Which two statements are differences between AAA with TACACS+ and AAA with RADIUS? (Choose two)
- Unlike TACACS+, RADIUS sends packets with only the password encrypted.
- Only TACACS+ uses TCP
305
Which IOS commands can you use to limit the CPU impact of log generation and transmission on an IOS router?
You can use the ip access-list logging interval command in conjunction with the logging rate-limit command.
306
You are configuring a Microsoft client to call a PPP server using CHAP. Only the client will be authenticated but the client‘s password has expired and must be changed. Which PPP server configuration allows the call to be completed?
ppp authentication ms-chap-v2 callin
307
Which command creates a manual summary on an interface when using EIGRP?
ip summary-address eigrp 100 172.32.0.0 255.255.254.0
308
A network engineer wants to implement an SNMP notification process for host machines using the strongest security available. Which command accomplishes this task?
router(config)#snmp-server host 172.16.200.225 traps v3
309
Which issue is important to address when integrating two networks with different routing protocol?
preventing asymmetric routing
310
Drag and drop the DMVPN components from the left onto the correct descriptions on the right.
1 hub –
2 spoke –
3 mGRE –
4 NHRP –
1 device that acts as the next-hop server
2 device that is usually identified with a dynamic address
3 technology that allows one interface to support multiple tunnels
4 protocol that allows spokes to communicate directly with one another
311
Refer to the exhibit.
%Interfact GigabitEthernet1: IPv4 disabled and address(es) removed due to enabling VRF
CUST_A
An engineer is enabling VPN service for a customer and notices this output when placing the customer-facing interface into a VRF. Which action corrects the issue?
Reconfigure the IP address on Gigabit Ethernet 1
312
Which two statements about VRF-Lite configurations are true? (Choose two)
- Different customers can have overlapping IP addresses on different VPNs
- Each customer has its own private routing table.
313
Which two statements about PPPoE packet types are true? (Choose two)
- PADI is an initialization packet sent as a broadcast message
- PADO is a unicast reply packet sent to the client
314
Which two statements are examples of the differences between IPv4 and IPv6 EIGRP? (Choose two)
- IPv6 keyword is used in many EIGRP commands
| - Network command is not used in IPv6
315
Refer to the exhibit.
VRF HUB (VRF Id = 3): default RD 100:10;
default VPNID
New CLI format, supports multiple address-families
Flags: 0x180C
Interfaces:
G1/1
Address family ipv4 unicast (Table ID = 0x3)
Flags: 0x0
Export VPN route-target communities
RT 100:10
Import VPN route-target communities
RT 100:10 RT 200:20
No import route-map
No global export route-map
No export route-map
VRF label distribution protocol: not configured VRF label allocation mode: per-prefix
Address family ipv6 unicast (Table ID = 0x1E000001)
```
VRF SPOKE (VRF Id = 4): default RD 200:20;
default VPNID
New CLI format, supports multiple
address-families
Flags: 0x180C
Interfaces:
G1/2
Address family ipv4 unicast (Table ID = 0x4)
Flags: 0x0
Export VPN route-target communities
RT 200:20
Import VPN route-target communities
RT 200:20
No import route-map
No global export route-map
No export route-map
VRF label distribution protocol: not configured
VRF label allocation mode: per-prefix
Address family ipv6 unicast (Table ID = 0x1E000001)
```
A network engineer is modifying configurations for a customer that currently uses VPN connectivity between their sites The customer has added a new spoke site but it does not have reachability to servers located at the hub. Based on the output which statement describes the cause?
The SPOKE VRF is not impoThe SPOKE VRF is not importing Route-Target 100:10rting Route-Target 100:10
316
Which statement about dynamic NAT is true?
It maps inside addresses to a pool of global addresses
317
Which statement about the IP SLA feature is true?
It measures how the network treats traffic for specific applications by generating traffic that bears similar characteristics to application traffic
318
A network engineer is enabling conditional debugging and execute two commands: debug condition interfaces serial0/0 and debug condition interfaces serial 0/1. Which debugging output is displayed as a result?
Output is display for both specified interfaces.
319
What is the DHCP option to download TFTP info to a Cisco phone?
option 66
320
What type of address OSPFv3 uses to form adjacency and send updates?
link-local
321
What security feature is supported across all SNMP version?
noauthnopriv
322
A network engineer executes the show crypto ipsec sa command. Which three pieces of information are displayed in the output? (Choose three)
- inbound crypto map
- remaining key lifetime
- path MTU
323
Drag drop about AAA.
```
1 Auth-proxy:
2 Commands:
3 Connection:
4 Exec:
5 Network:
6 Resources:
```
1 It returns information about hosts using proxy service
2 It returns information about individual EXEC commands and permissions associated with a privilege level
3 It returns information about outbound communications from the network access server
4 It returns information about user EXEC terminal sessions with the network access server
5 It returns information about SLIP, PPP and ARA sessions
6 It returns information about calls that have passed and failed user authentication
324
What are two reasons to use multicast to deliver video traffic, instead of unicast or broadcast?
- It supports distributed applications
| - It enables multiple clients to receive the video stream simultaneously
325
Which two statements about PAP authentication in a PPP environment are true? (Choose two)
- It is performed at the beginning of the session only
| - It sends the password in clear text
326
Which two tasks should you perform to begin troubleshooting a network problem? (Choose two)
- Gather all the facts
| - Define the problem as a set of symptoms and causes
327
Which two piece of information can you learn by viewing the routing table? (Choose two)
- Whether the administrative distance was manually or dynamically configured
- The length of time that a route has been known
328
Which two facts must you take into account when you deploy PPPoE? (Choose two)
- PPPoE supports a maximum of 10 clients per customer premises equipment
- An individual PVC can support one PPPoE client
329
OSPF Eval Sim
| How old is the Type 4 LSA from Router 3 for area 1 on the router R5 based on the output you have examined?
1858
```
on R5
show ip ospf database
Summary Net Link States: (Area 2)
Link ID: 3.3.3.3
Age: 1858
```
330
OSPF Eval Sim
| Which of the following statements is true about the serial links that terminate in R3?
The R2-R3 link OSPF timer values are 30, 120, 120
On R2
show ip ospf interface serial 1/0
Network Type NON_BROADCAST
Timer intervals configured, Hello 30, Dead 120, Wait 120
331
OSPF Eval Sim
| How many times was SPF algorithm executed on R4 for Area 1?
9
on R4
show ip ospf
SPF Algorithm executed 9 times
332
OSPF Eval Sim
| Areas of Router 5 and 6 are not normal areas, inspect their routing tables and determine which statement is true?
R5‘s Loopback and R6‘s Loopback are both present in R5‘s Routing table
on R4 and R5
show ip ospf
Area 2
It is a NSSA area
on R5 look for Loopbacks of both R5 and R6
show ip route
!R5
C 5.5.5.5/32 is directly connected, Loopback0
C 5.5.1.0/24 is directly connected, Loopback1
!R6
O IA 6.6.6.6 [110/3] via 192.168.45.4, 00:26:33, Ethernet0/0
on R4
show ip ospf
Area 3
It is a stub area, no summary LSA in this area
on R6
show ip ospf
Area 3
IT is a stub area
on R6 - we will not see R5's Loopbacks in R6's route table
show ip route
333
EIGRP Eval Sim
Traffic from R1 to R6′ s Loopback address is load shared between R1-R2-R4-R6 and R1-R3-R5-R6 paths. What is the ratio of traffic over each path?
19:80
on R6 to learn the loopback's IP
show ip interface brief
Loopback0 150.1.6.6
```
on R1 to learn the ratio of traffic load shared between paths
show ip route 150.1.6.6
Routing Descriptor Blocks:
192.168.13.3
traffic share count is 19
192.168.12.2
traffic share count is 80
```
334
EIGRP Eval Sim
| What type of route filtering is occurring on R6?
Distribute-list using an ACL
```
on R6 to see the distribute-list pointing to the ACL
show running-config
router eigrp 1
distribute-list 1 out
network 150.1.6.6 0.0.0.0
network 172.16.6.6 0.0.0.0
network 192.168.46.0
network 192.168.56.0
!
access-list 1 permit 192.168.46.0
access-list 1 permit 192.168.56.0
access-list 1 permit 150.1.6.6
```
335
EIGRP Eval Sim
| Which key chain is being used for authentication of EIGRP adjacency between R4 and R2?
CISCO
on R2 and R4
show running-config
```
!R2
key chain CISCO
key 1
key-string firstkey
key chain FIRSTKEY
key 1
key-string CISCO
```
!R4
key chain CISCO
key 1
key-string firstkey
336
EIGRP Eval Sim
| What is the advertised distance for the 192.168.46.0 network on R1?
333056
on R1
show ip eigrp 1 topology OR show ip eigrp topology
P 192.168.46.0/24, 1 successors, FD is 332800
via 192.168.12.2 (1810944/333056), Ethernet0/0
337
EIGRP Eval Sim
| What percent of R1‘s interfaces bandwidth is EIGRP allowed to use?
20
on R1
show running-config
interface Ethernet0/0
ip bandwidth-percent eigrp 1 20
338
EIGRP OSPF Redist Sim
You are a network engineer with ROUTE.com, a small IT company. They have recently merged two organizations and now need to merge their networks as shown in the topology exhibit. One network is using OSPF as its IGP and the other is using EIGRP as its IGP. R4 has been added to the existing OSPF network to provide the interconnect between the OSPF and EIGRP networks. Two links have been added that will provide redundancy.
The network requirements state that you must be able to ping and telnet from loopback 101 on R1 to the OPSF domain test address of 172.16.1.100. All traffic must use the shortest path that provides the greatest bandwidth. The redundant paths from the OSPF network to the EIGRP network must be available in case of a link failure. No static or default routing is allowed in either network.
A previous network engineer has started the merger implementation and has successfully assigned and verified all IP addressing and basic IGP routing. You have been tasked with completing the implementation and ensuring that the network requirements are met. You may not remove or change any of the configuration commands currently on any of the routers. You may add new commands or change default values.
1 determine metrics on R2 (bw, delay, reliability, load, mtu) on port between R2 and R4 (devide the delay by 10)
show interface s0/0/0
Bandwidth=1544 Kbit, Delay=20000 us, Reliability=25, Load=1, MTU=1500
2 redistribute on R2
config terminal
router ospf 1 (confirm process#)
redistribute eigrp 100 metric-type 1 subnets
exit
router eigrp 100
redistribute ospf 1 metric 1544 2000 255 1 1500
(if any don't work, a lower value should be acceptable)
3 get the metrics on R3 as well
show interface fa0/0
Bandwidth=100000 Kbit, Delay=1000 us, Reliability=255, Load=1, MTU=1500 bytes
4 redistribute on R3
config terminal
router ospf 1 (confirm process#)
redistribute eigrp 100 metric-type 1 subnets
exit
router eigrp 100
redistribute ospf 1 metric 100000 100 255 1 1500
5 on R1, check for the network behind R4: 172.16.100.0/24 and ping it
show ip route
ping 172.16.100.1
6 on R2
router eigrp 100
distance eigrp 90 105
339
Policy Based Routing Sim
Company Acan has two links which can take it to the Internet. The company policy demands that you use web traffic to be forwarded only to Frame Relay link if available and other traffic can go through any links. No static or default routing is allowed.
On Border Router
1 build acl to catch http
access-list 101 permit tcp any any eq www
```
2 route map that sets the next hop to be ISP1 and permits the rest of the traffic
route-map pbr permit 10
match ip address 101
set ip next hop 10.1.101.1
exit
```
```
3 apply route map to int to server in eigrp network
int fa0/0
ip policy route-map pbr
exit
exit
```
4 test - from "host for testing" in EIGRP network, click generate traffic
on Border Router
show route-map
policy routing matches: 9 packets
340
IPv6 OSPF Virtual Link Sim
Acme is a small export company that has an existing enterprise network that is running IPv6 OSPFv3. Currently OSPF is configured on all routers. However, R4‘s loopback address (FEC0:4:4) cannot be seen in R1‘s IPv6 routing table. You are tasked with identifying the cause of this fault and implementing the needed corrective actions that uses OSPF features and does no change the current area assignments. You will know that you have corrected the fault when R4‘s loopback address (FEC0:4:4) can be seen in the routing table of R1.
Special Note: To gain the maximum number of points you must remove all incorrect or unneeded configuration statements related to this issue.
1.
on all 4 routers:
show running-config
- see that R2 and R3 do not have a virtual link set up
- this is needed as Area54 needs a virtual link to connect to Area 0
- R4 does have a virtual link that needs to be removed.
2. set up virtual link between R2 and R3
```
on R2
enable
configure terminal
ipv6 router ospf 1
area 11 virtual-link 3.3.3.3
```
```
on R3
enable
configure terminal
ipv6 router ospf 1
no area 54 virtual-link 4.4.4.4
area 11 virtual-link 2.2.2.2
```
```
3. remove the virtual link from R4
on R4
enable
config terminal
ipv6 router ospf 1
no area 54 virtual-link 3.3.3.3
```
4. Ping from R4 to R1
5. Confirm R4's loopback can be seen in R1's routing table
on R1
show ipv6 route
6. IF THE ROUTE TO R4 IS NOT IN R1'S ROUTING TABLE, advertise the IPv6 Loopbacks into OSPFv3 first
on R4
int loopback 0
ipv6 ospf 1 area 54
on R1
int loopback 0
ipv6 ospf 1 area 0
341
EIGRP Stub Sim
By increasing the first distant office, JS manufactures has extended their business. They configured the remote office router (R3) from which they can reach all Corporate subnets. In order to raise network stableness and lower the memory usage and broadband utilization to R3, JS manufactures makes use of route summarization together with the EIGRP Stub Routing feature. Another network engineer is responsible for the implementing of this solution. However, in the process of configuring EIGRP stub routing connectivity with the remote network devices off of R3 has been missing.
Presently JS has configured EIGRP on all routers in the network R2, R3, and R4. Your duty is to find and solve the connectivity failure problem with the remote office router R3. You should then configure route summarization only to the distant office router R3 to complete the task after the problem has been solved.
The success of pings from R4 to the R3 LAN interface proves that the fault has been corrected and the R3 IP routing table only contains two 10.0.0.0 subnets.
1: on R3 - find out why R3 and R4 cannot talk
show running config
router eigrp 123
eigrp stub receive-only
(receive-only means it won't share routes in this AS)
```
2: remove receive-only
configure terminal
router eigrp 123
no eigrp stub receive-only
eigrp stub
end
(now AS will share - connected and summary are shared by default)
```
3: configure R3 so it has only 2 subnets in 10.0.0.0
show ip route (to see how many routes it has)
4: on R4 port s0/0 connected to R3, set the subnets to summary
enable
configure terminal
interface s0/0
!if you don't see 10.0.0.0/8 is a summary
ip summary-address eigrp 123 10.2.0.0 255.255.0.0
!if you do see 10.0.0.0/8 is a summary
ip summary-address eigrp 123 10.0.0.0 255.0.0.0
5 on R3, see if the summary was successful
show ip route
copy running-config startup-config
ping to test
342
OSPF Sim
OSPF is configured on routers Amani and Lynaic. Amani‘s S0/0 interface and Lynaic‘s S0/1 interface are in Area 0. Lynaic‘s Loopback0 interface is in Area 2.
Your task is to configure the following:
Portland’s S0/0 interface in Area 1
Amani’s S0/1 interface in Area 1
Use the appropriate mask such that ONLY Portland’s S0/0 and Amnani’s S0/1 could be in Area 1.
Area 1 should not receive any external or inter-area routes (except the default route).
1. determine the IPs on Portland s0/0 and Amani s0/1 to create a network command that only includes these 2 IPs and puts them in Area 1
```
IPs: 192.168.4.5/30 and 191.68.4.6/30
- /30 has 4 IPs (192.168.4.4, 4.5, 4.6 and 4.7)
- changing /30 to a wlidcard is 0.0.0.3
- so the command will be:
network 192.168.4.4 0.0.0.3 area 1
```
On Amani, put s0/1 in Area 1
```
on Portland
configure terminal
router ospf 1
network 192.168.4.4 0.0.0.3 area 1
area 1 stub
end
copy running-config startup-config
```
```
on Amani
configure terminal
router ospf 1
network 192.168.4.4 0.0.0.3 area1
area 1 stub no-summary
end
copy running-config startup-config
```
343
EIGRP Simlet
Refer to the exhibit. BigBids Incorporated is a worldwide auction provider. The network uses EIGRP as its routing protocol throughout the corporation. The network administrator does not understand the convergence of EIGRP. Using the output of the show ip eigrp topology all-links command, answer the administrator‘s questions.
Which two networks does the Core1 device have feasible successors for? (Choose two)
show ip eigrp topology
- find the routes where the AD of the 2nd line is less than the fd in the 1st line: EG 155160 < 156160
P 10.140.0.0/24, 1 successors, FD is 156160. semo 26
via 172.17.3.2 (156160/128256), FastEthernet0/3
via 172.17.10.2 (157720/155160), FastEthernet0/1
- 172.17.0.0/30
- 10.140.0.0/24
344
EIGRP Simlet
Refer to the exhibit. BigBids Incorporated is a worldwide auction provider. The network uses EIGRP as its routing protocol throughout the corporation. The network administrator does not understand the convergence of EIGRP. Using the output of the show ip eigrp topology all-links command, answer the administrator‘s questions.
Which three EIGRP routes will be installed for the 172.17.3.128/25 and 172.17.2.0/24 networks? (Choose three)
show ip eigrp topology
- take note of how many successors are listed and what the FD is
- 172.17.3.128/25 [90/30720] via 172.17.3.2, 01:26:35, FastEthemet0/3
- 172.17.3.128/25 [90/30720] via 172.17.10.2, 01:26:35, FastEthernet0/1
- 172.17.2.0/24 [90/30720] via 172.17.10.2, 02:10:11, FastEthernet0/1
345
EIGRP Simlet
Refer to the exhibit. BigBids Incorporated is a worldwide auction provider. The network uses EIGRP as its routing protocol throughout the corporation. The network administrator does not understand the convergence of EIGRP. Using the output of the show ip eigrp topology all-links command, answer the administrator‘s questions.
Which three networks is the router at 172.17.10.2 directly connected to? (Choose three)
show ip eigrp topology
- to see which subnets are in 172.17.10.0 and which ones have 172.17.10.2 as successors.
- 172.17.2.0/24
- 172.17.3.128/25
- 172.17.10.0/24
346
A network engineer executes the ―show ip cache flow‖ command. Which two types of information are displayed in the report that is generated? (Choose two)
- flow sample for specific protocols
| - IP packet distribution
