Dump1 Flashcards by Adam Shutler

CL1-switch#show flow exporter Flow_Exporter-1 What is the expected output?

Current status of the specified flow exporter

How well did you know this?

Not at all

Perfectly

For troubleshooting purposes, which method can you use in combination with the “debug ip packet” command to limit the amount of output data?

A. You can disable the IP route cache globally.
B. You can use the KRON scheduler.
C. You can use an extended access list.
D. You can use an IOS parser.
E. You can use the RITE traffic exporter.

How well did you know this?

Not at all

Perfectly

After you review the output of the command show ipv6 interface brief, you see that several IPv6 addresses have the 16-bit hexadecimal value of “FFFE” inserted into the address. Based on this information, what do you conclude about these IPv6 addresses?

A. IEEE EUI-64 was implemented when assigning IPv6 addresses on the device.
B. The addresses were misconfigured and will not function as intended.
C. IPv6 addresses containing “FFFE” indicate that the address is reserved for multicast.
D. The IPv6 universal/local flag (bit 7) was flipped.
E. IPv6 unicast forwarding was enabled, but IPv6 Cisco Express Forwarding was disabled.

How well did you know this?

Not at all

Perfectly

Which method allows IPv4 and IPv6 to work together without requiring both to be used for a single connection during the migration process?

A. dual-stack method
B. 6to4 tunneling
C. GRE tunneling
D. NAT-PT

How well did you know this?

Not at all

Perfectly

A network engineer is configuring a solution to allow failover of HSRP nodes during maintenance windows, as an alternative to powering down the active router and letting the network respond accordingly. Which action will allow for manual switching of HSRP nodes?

A. Track the up/down state of a loopback interface and shut down this interface during maintenance.
B. Adjust the HSRP priority without the use of preemption.
C. Disable and enable all active interfaces on the active HSRP node.
D. Enable HSRPv2 under global configuration, which allows for maintenance mode.

How well did you know this?

Not at all

Perfectly

6Refer to the following configuration command.
router (config-line)# ntp master 10
Which statement about this command is true?

A. The router acts as an authoritative NTP clock and allows only 10 NTP client connections.
B. The router acts as an authoritative NTP clock at stratum 10.
C. The router acts as an authoritative NTP clock with a priority number of 10. D. The router acts as an authoritative NTP clock for 10 minutes only.

How well did you know this?

Not at all

Perfectly

7Under which condition does UDP dominance occur?

A. when TCP traffic is in the same class as UDP
B. when UDP flows are assigned a lower priority queue
C. when WRED is enabled
D. when ACLs are in place to block TCP traffic

When TCP flows are combined with UDP flows within a single
service-provider class and the class experiences congestion, TCP flows continually lower their
transmission rates, potentially giving up their bandwidth to UDP flows that are oblivious to drops. This
effect is called TCP starvation/UDP dominance.

How well did you know this?

Not at all

Perfectly

8Prior to enabling PPPoE in a virtual private dialup network group, which task must be completed? 
A. Disable CDP on the interface.
B. Execute the vpdn enable command.
C. Execute the no switchport command.
D. Enable QoS FIFO for PPPoE support.

How well did you know this?

Not at all

Perfectly

9
After a recent DoS attack on a network, senior management asks you to implement better logging functionality on all IOS-based devices. Which two actions can you take to provide enhanced logging results? (Choose two.)
A. Use the msec option to enable service time stamps. B. Increase the logging history .
C. Set the logging severity level to 1.
D. Specify a logging rate limit.
E. Disable event logging on all noncritical items.

A and B

The optional msec keyword specifies the date/time format should include milliseconds. This can aid in
pinpointing the exact time of events, or to correlate the order that the events happened.

How well did you know this?

Not at all

Perfectly

10What type of route filtering is occurring on R6 A. Distribute-list using an ACL
B. Distribute-list using a prefix-list
C. Distribute-list using a route-map
D. An ACL using a distance of 255

How well did you know this?

Not at all

Perfectly

11Which parameter in an SNMPv3 configuration offers authentication and encryption? 
A. auth
B. noauth
C. priv
D. secret

How well did you know this?

Not at all

Perfectly

12What is the primary service that is provided when you implement Cisco Easy Virtual Network?
A. It requires and enhances the use of VRF-Lite.
B. It reduces the need for common services separation.
C. It allows for traffic separation and improved network efficiency.
D. It introduces multi-VRF and label-prone network segmentation.

How well did you know this?

Not at all

Perfectly

13Which three characteristics are shared by subinterfaces and associated EVNs? (Choose three.) 
A. IP address
B. routing table
C. forwarding table
D. access control lists
E. NetFlow configuration

A,B,C

How well did you know this?

Not at all

Perfectly

14Which encapsulation supports an interface that is configured for an EVN trunk? 
A. 802.1Q
B. ISL
C. PPP
D. Frame Relay
E. MPLS
F. HDLC

OSPFv3 is not supported. v2 is supported.

How well did you know this?

Not at all

Perfectly

15An engineer executes the ip flow ingress command in interface configuration mode. What is the result of this action?
A. It enables the collection of IP flow samples arriving to the interface.
B. It enables the collection of IP flow samples leaving the interface.
C. It enables IP flow while disabling IP CEF on the interface.
D. It enables IP flow collection on the physical interface and its subinterfaces.

How well did you know this?

Not at all

Perfectly

16An engineer has configured a router to use EUI-64, and was asked to document the IPv6 address of the router. The router has the following interface parameters:

mac address C601.420F.0007
subnet 2001:DB8:0:1::/64

Which IPv6 addresses should the engineer add to the documentation? 
A. 2001:DB8:0:1:C601:42FF:FE0F:7
B. 2001:DB8:0:1:FFFF:C601:420F:7
C. 2001:DB8:0:1:FE80:C601:420F:7
D. 2001:DB8:0:1:C601:42FE:800F:7

How well did you know this?

Not at all

Perfectly

17JS Industries has expanded their business with the addition of their first remote office. The remote office router (R3) was previously configured and all corporate subnets were reachable from R3. JS Industries is interested in using route summarization along with the EIGRP Stub Routing feature to increase network stability while reducing the memory usage and bandwidth utilization to R3. Another network professional was tasked with implementing this solution. However, in the process of configuring EIGRP stub routing connectivity with the remote network devices off of R3 has been lost.
Currently EIGRP is configured on all routers R2, R3, and R4 in the network. Your task is to identify and resolve the cause of connectivity failure with the remote office router R3. Once the issue has been resolved you should complete the task by configuring route summarization only to the remote office router R3.
You have corrected the fault when pings from R2 to the R3 LAN interface are successful, and the R3 IP

R3# configure terminal
R3(config)# router eigrp 123 R3(config-router)# no eigrp stub receive-only R3(config-router)# eigrp stub R3(config-router)# end

R4(config)# interface s0/0
R4(config-if)# ip summary-address eigrp 123 10.2.0.0 255.255.0.0

Finally don’t forget to use the copy run start command on routers R3 and R4 to save the configurations.

How well did you know this?

Not at all

Perfectly

18IPv6 has just been deployed to all of the hosts within a network, but not to the servers. Which feature allows IPv6 devices to communicate with IPv4 servers?
A. NAT
B. NATng
C. NAT64
D. dual-stack NAT
E. DNS64

How well did you know this?

Not at all

Perfectly

19Which statement about the NPTv6 protocol is true?
A. It is used to translate IPv4 prefixes to IPv6 prefixes.
B. It is used to translate an IPv6 address prefix to another IPv6 prefix.
C. It is used to translate IPv6 prefixes to IPv4 subnets with appropriate masks. D. It is used to translate IPv4 addresses to IPv6 link-local addresses.

How well did you know this?

Not at all

Perfectly

20Which three benefits does the Cisco Easy Virtual Network provide to an enterprise network? (Choose three.)
A. simplified Layer 3 network virtualization
B. improved shared services support
C. enhanced management, troubleshooting, and usability
D. reduced configuration and deployment time for dot1q trunking
E. increased network performance and throughput
F. decreased BGP neighbor configurations

A,B,C

How well did you know this?

Not at all

Perfectly

21Route.com is a small IT corporation that is attempting to implement the network shown in the exhibit. Currently the implementation is partially completed. OSPF has been configured on routers Chicago and NewYork. The SO/O interface on Chicago and the SO/1 interface on NewYork are in Area 0. The loopbackO interface on NewYork is in Area 1. However, they cannot ping from the serial interface of the Seattle router to the loopback interface of the NewYork router. You have been asked to complete the implementation to allow this ping.

The OSPF process ID for all routers must be 10.
The routing protocol for each interface must be enabled under the routing process.
The routing protocol must be enabled for each interface using the most specific wildcard mask possible. .The serial link between Seattle and Chicago must be in OSPF area 21.
OSPF area 21 must not receive any inter-area or external routes.

Network Information
Seattle
S0/0 192.168.16.5/30 - Link between Seattle and Chicago
Secret Password: cisco
Chicago
S0/0 192.168.54.9/30 - Link between Chicago and NewYork
S0/1 192.168.16.6/30 - Link between Seattle and Chicago Secre Password: cisco
NewYork
S0/1 192.168.54.10/30 - Link between Chicago and NewYork
Loopback0 172.16.189.189
Secret Password: cisco

Seattle(config)#router ospf 10
Seattle(config-router)#network 192.168.16.4 0.0.0.3 area 21
One of the tasks states that area 21 should not receive any external or inter-area routes (except the default route).
Seattle(config-router)#area 21 stub

Chicago(config)#router ospf 10
Chicago(config-router)#network 192.168.16.4 0.0.0.3 area 21

Again, area 21 should not receive any external or inter-area routes (except the default route).
In order to accomplish this, we must stop LSA Type 5 if we don’t want to send external routes. And if we don’t want to send inter-area routes, we have to stop LSA Type 3 and Type 4. Therefore we want to configure area 21 as a totally stubby area.
Chicago(config-router)#area 21 stub no-summary

How well did you know this?

Not at all

Perfectly

22Which three problems result from application mixing of UDP and TCP streams within a network with no QoS? (Choose three.)
A. starvation
B. jitter
C. latency
D. windowing
E. lower throughput

A,C,E

How well did you know this?

Not at all

Perfectly

23Which type of BGP AS number is 64591? 
A. a private AS number
B. a public AS number
C. a private 4-byte AS number
D. a public 4-byte AS number

64512 - 65534

How well did you know this?

Not at all

Perfectly

24You have been asked to evaluate an OSPF network setup in a test lab and to answer questions a customer has about its operation. The customer has disabled your access to the show running-config command.

Areas of Router 5 and 6 are not normal areas, inspect their routing tables and determine which statement is true?

A. R5’s Loopback and R6’s Loopback are both present in R5’s Routing table
B. R5’s Loopback and R6’s Loopback are both present in R6’s Routing table
C. Only R5’s loopback is present in R5’s Routing table
D. Only R6’s loopback is present in R5’s Routing table
E. Only R5’s loopback is present in R6’s Routing table

How well did you know this?

Not at all

Perfectly

25A company has just opened two remote branch offices that need to be connected to the corporate network. Which interface configuration output can be applied to the corporate router to allow communication to the remote sites? A. interface Tunnel0 bandwidth 1536 ip address 209.165.200.230 255.255.255.224 tunnel source Serial0/0 tunnel mode gre multipoint B. interface fa0/0 bandwidth 1536 ip address 209.165.200.230 255.255.255.224 tunnel mode gre multipoint C. interface Tunnel0 bandwidth 1536 ip address 209.165.200.231 255.255.255.224 tunnel source 209.165.201.1 tunnel-mode dynamic D. interface fa 0/0 bandwidth 1536 ip address 209.165.200.231 255.255.255.224 tunnel source 192.168.161.2 tunnel destination 209.165.201.1 tunnel-mode dynamic

``` 26Which three TCP enhancements can be used with TCP selective acknowledgments? (Choose three.) A. header compression B. explicit congestion notification C. keepalive D. time stamps E. TCP path discovery F. MTU window ```

B,C,D Prior to selective acknowledgment, if TCP lost packets 4 and 7 out of an 8-packet window, TCP would receive acknowledgment of only packets 1, 2, and 3. Packets 4 through 8 would need to be re-sent. With selective acknowledgment, TCP receives acknowledgment of packets 1, 2, 3, 5, 6, and 8. Only packets 4 and 7 must be re-sent.

``` 27Which two methods of deployment can you use when implementing NAT64? (Choose two.) A. stateless B. stateful C. manual D. automatic E. static F. functional G. dynamic ```

A,B

``` 28Which Cisco VPN technology can use multipoint tunnel, resulting in a single GRE tunnel interface on the hub, to support multiple connections from multiple spoke devices? A. DMVPN B. GETVPN C. Cisco Easy VPN D. FlexVPN ```

29To configure SNMPv3 implementation, a network engineer is using the AuthNoPriv security level. What effect does this action have on the SNMP messages? A. They become unauthenticated and unencrypted. B. They become authenticated and unencrypted. C. They become authenticated and encrypted. D. They become unauthenticated and encrypted.

30Which statement about dual stack is true? A. Dual stack translates IPv6 addresses to IPv4 addresses. B. Dual stack means that devices are able to run IPv4 and IPv6 in parallel. C. Dual stack translates IPv4 addresses to IPv6 addresses. D. Dual stack changes the IP addresses on hosts from IPv4 to IPv6 automatically.

``` 31When using SNMPv3 with NoAuthNoPriv, which string is matched for authentication? A. username B. password C. community-string D. encryption-key ```

``` 32Refer to the exhibit. Which command only announces the 1.2.3.0/24 network out of FastEthernet 0/0? A. distribute list 1 out B. distribute list 1 out FastEthernet0/0 C. distribute list 2 out D. distribute list 2 out FastEthernet0/0 ```

D Access list 2 is more specific, allowing only 1.2.3.0/24, whereas access list 1 permits all 1.0.0.0/8

33Which two functions are completely independent when implementing NAT64 over NAT-PT? (Choose two.) A. DNS B. NAT C. port redirection D. stateless translation E. session handling

A,B

``` 34Which NetFlow component is applied to an interface and collects information about flows? A. flow monitor B. flow exporter C. flow sampler D. flow collector ```

35Refer to the exhibit. The DHCP client is unable to receive a DHCP address from the DHCP server. Consider the following output: hostname RouterB interface fastethernet 0/0 ip address 172.31.1.1 255.255.255.0 interface serial 0/0 ip address 10.1.1.1 255.255.255.252 ip route 172.16.1.0 255.255.255.0 10.1.1.2 Which configuration is required on the Router B fastethernet 0/0 port in order to allow the DHCP client to successfully receive an IP address from the DHCP server? A. RouterB(config-if)# ip helper-address 172.16.1.2 B. RouterB(config-if)# ip helper-address 172.16.1.1 C. RouterB(config-if)# ip helper-address 172.31.1.1 D. RouterB(config-if)# ip helper-address 255.255.255.255

36A network engineer has set up VRF-Lite on two routers where all the interfaces are in the same VRF. At a later time, a new loopback is added to Router 1, but it cannot ping any of the existing interfaces. Which two configurations enable the local or remote router to ping the loopback from any existing interface? (Choose two.) A. adding a static route for the VRF that points to the global route table B. adding the loopback to the VRF C. adding dynamic routing between the two routers and advertising the loopback D. adding the IP address of the loopback to the export route targets for the VRF E. adding a static route for the VRF that points to the loopback interface F. adding all interfaces to the global and VRF routing tables

A,B

37Refer to the following access list. access-list 100 permit ip any any log After applying the access list on a Cisco router, the network engineer notices that the router CPU utilization has risen to 99 percent. What is the reason for this? A. A packet that matches access-list with the "log" keyword is Cisco Express Forwarding switched. B. A packet that matches access-list with the "log" keyword is fast switched. C. A packet that matches access-list with the "log" keyword is process switched. D. A large amount of IP traffic is being permitted on the router.

38How does an IOS router process a packet that should be switched by Cisco Express Forwarding without an FIB entry? A. by forwarding the packet B. by dropping the packet C. by creating a new FIB entry for the packet D. by looking in the routing table for an alternate FIB entry

``` 39A router with an interface that is configured with ipv6 address autoconfig also has a link-local address assigned. Which message is required to obtain a global unicast address when a router is present? A. DHCPv6 request B. router-advertisement C. neighbor-solicitation D. redirect ```

40Which two statements are limitations of stateful NAT64? (Choose two) A. It supports DNS64 only B. Layer 4 supports TCP only C. It is unable to route VRF traffic D. It is unable to route multicast traffic E. It supports FTP traffic only with an ALG

C and D

41Which two statements are differences between AAA with TACACS+ and AAA with RADIUS? (Choose two) A. Only RADIUS uses TCP B. Unlike TACACS+, RADIUS sends packets with only the password encrypted C. Unlike TACACS+, RADIUS supports accounting and authorization only D. Only TACACS+ uses TCP E. Only TACACS+ combines authentication and authorization

B and D

``` 42Technologies used in preparing Service Provider IPv6? (Choose Two) A. 6ND B. 6RD C. 6VPE D. VRF-Lite E. DS-Lite F. Dual-stackA ```

B and E

``` 43New question regarding command the enables BGP to support multiprotocol A. no bgp default ipv4 unicast B. bgp default ipv4 multicast C. bgp default ipv4 unicast D. bgp address family ipv4 unicast ```

``` 44A Network engineer recently deployed easy virtual networking in the enterprise network. Which feature improves shared services support? A. router replication B. tunnel feedback C. routers distinguishers D. edge interfacing ```

``` 45Which Cisco Express Forwarding component maintains the Layer 2 next-hop addresses that are used for hardware switching? A. FIB B. RIB C. adjacency table D. ARP table ```

``` 46Which technology is required on an EVN trunk interface? A. NAT B. 802.1q C. VRF-Lite D. IS-IS ```

47A network administrator is attempting to configure IP SLA to allow one time stamp to be logged when a packet arrives on the interface and one time stamp to be logged when a packet leaves the interface. Which IP SLA accuracy tool enables this functionality? A. Trap B. RTT C. Responder D. Trigger E. Logging

48Which three methods can a network engineer used to fix a metric-based routing loop in the network?(choose three) A. Filter routes manually using prefix lists B. Implement proper network summarization on key routing points C. Utilize route database filters D. Filter routes based on tags E. Implement offset lists at network boundaries F. Filter routes manually using distribute lists

D,E,F

``` 49Which SNMP verification command shows the encryption and authentication protocols that are used in SNMPv3? A. show snmp vi B. show snmp user C. show snmp group D. show snmp ```

50Which two features were added in MSCHAP version 2?(choose 2) A. Mutual authentication between peers. B. Using the MD5 hash for stronger security C. Using three-way handshakes for authentication. D. Ability to change an expired password E. Backward-compatibility with MSCHAP version 1.

A,D

51Your network consists of a large hub-and-spoke Frame Relay network with a CIR of 56 kb/s for each spoke. Which statement about the selection of a dynamic protocol is true? A. EIGRP would be appropriate if LMI type ANSI is NOT used. B. EIGRP would be appropriate, because the Frame Relay spokes could be segmented into their own areas C. EIGRP would be appropriate, because by default, queries are not propagated across the slow speed Frame Relay links. D. EIGRP would be appropriate, because you can manage how much bandwidth is consumed over the Frame Relay interface.

``` 52What is the minimum log level for the event generated when an ACL drops a packet? A. 3 B. 4 C. 5 D. 6 E. 7 ```

``` 53Which two types of threshold can you configure for tracking objects? (Choose two.) A. weight B. MTU C. percentage D. bandwidth E. delay F. administrative distance ```

A,C

54What is the role of a route distinguisher in a VRF-Lite setup implementation? A. It extends the IP address to identify which VRF instance it belongs to. B. It manages the import and export of routes between two or more VRF instances C. It enables multicast distribution for VRF-Lite setups to enhance EGP routing protocol capabilities D. It enables multicast distribution for VRF-Lite setups to enhance IGP routing protocol Capabilities

A -- if it is a route target, it would be B

``` 55When OSPF is forming an adjacency, in which state does the actual exchange of the information in the link-state database occur? A. loading B. exchange C. INIT D. exstart ```

56A network engineer wants to display the statistics of an active tunnel on a DMVPN network Which command must the administrator execute to accomplish this task? A. router#show crypto ipsec sa B. router#show crypto isakmp sa C. router#show crypto isakmp peers D. routerfaceshow crypto ipsec transform-set E. router#show crypto engine connections active

57Which statement about stateless and tasteful IPv6 auto configuration is true? A. Both stateless and stateful configuration require additional setup. B. Stateless autofiguration requires no additional setup whereas stateful autoconnguration requires additional setup C. Stateless autoconftguraton requires additional setup whereas stateful autoconfiguration requires noadditional setup. D. Both stateless and stateful autoconfiguration require no additional setup

``` 58Which three TCP enhancements can be used with TCP selective acknowledgments? (Choose three.) A. header compression B. explicit congestion notification C. keepalive D. time stamps E. TCP path discovery F. MTU window ```

BCD Use the ip tcp selective-ack command in global configuration mode to enable TCP selective acknowledgment. Use the ip tcp timestamp command to enable the TCP time-stamp option. Use the ip tcp ecn command in global configuration mode to enable TCP ECN.

59What does stateful NAT64 do that stateless NAT64 does not do? A. Stateful NAT64 maintains bindings of IPv4 to IPv6 link-local addresses. B. Stateful NAT64 translates IPv4 to IPv6. C. Stateful NAT64 translates IPv6 to IPv4. D. Stateful NAT64 maintains bindings or session state while performing translation.

Correct Answer: D Differences Between Stateless NAT64 and Stateful NAT64 Stateless NAT64 Stateful NAT64 1:1 translation 1:N translation No conservation of IPv4 address Conserves IPv4 address Assures end-to-end address Uses address overloading, hence transparency and scalability lacks in endto- end address transparency No state or bindings created on the State or bindings are created on every translation unique translation Requires IPv4-translatable IPv6 No requirement on the nature of IPv6 addresses assignment (mandatory address assignment requirement) Requires roueither manual or DHCPv6 Free to choose any mode of IPv6 based address assignment for IPv6 address assignment

60An organization decides to implement NetFlow on its network to monitor the fluctuation of traffic that is disrupting core services. After reviewing the output of NetFlow, the network engineer is unable to see OUT traffic on the interfaces. What can you determine based on this information? A. Cisco Express Forwarding has not been configured globally. B. NetFlow output has been filtered by default. C. Flow Export version 9 is in use. D. The command ip flow-capture fragment-offset has been enabled.

Correct Answer: A

61Drag and drop: It filters traffic at the interface level It supports tagged acls It controls traffic to and from the router It requires the destination address for outbound traffic to be a local address It filters management traffic Ipv6 traffic filtering (2) Ipv6 access classes (3)

Ipv6 traffic filtering (2): It filters traffic at the interface level It supports tagged acls Ipv6 access classes (3): It controls traffic to and from the router It requires the destination address for outbound traffic to be a local address It filters management traffic

62DHCPv6 can obtain configuration parameters from a server though rapid two-way message exchange.Which two steps are involved in this process? (choose two) A. advertise B. solicit C. reply D. request E. auth

Correct Answer: BC

63How does an IOS router process a packet that should be switched by Cisco Express Forwarding without an FIB entry? A. by forwarding the packet B. by dropping the packet C. by creating a new FIB entry for the packet D. by looking in the routing table for an alternate FIB entry

Correct Answer: B

64How is authentication handled with OSPFv3? A. OSPFv3 for IPv6 authentication is supported by SHA-1 authentication. B. OSPFv3 for IPv6 authentication is supported by MD5 authentication C. OSPFv3 for IPv6 authentication is supported by IPv6 IPsec D. OSPFv3 for IPv6 authentication is supported by IPv4 IPsec

Correct Answer: C

``` 65interface s0 ----A---- encapsulation frame-relay frame-relay lmi-type ansi !subint config ---B--- ---C--- interface vitual-template1 ip unnumbered eth 0 ---D--- ``` ``` frame-relay interface-dlci 100 ppp virtual-template1 interface s0.1 point-to-point interface s.100 ip unnumbered eth 0 no ip add ppp authentication chap ```

``` frame-relay interface-dlci 100 ppp virtual-template1 (C) interface s0.1 point-to-point (B) interface s.100 ip unnumbered eth 0 no ip add (A) ppp authentication chap (D) ```

``` 66Which LSA types can exist only in an OSPF NSSA area? A. type 1 LSA B. type 3 LSA C. type 5 LSA D. type 7 LSA ```

Correct Answer: D

67Which three restrictions apply to OSPF stub areas? (Choose three.) A. No virtual links are allowed. B. The area cannot be a backbone area. C. Redistribution is not allowed unless the packet is changed to a type 7 packet D. The area has no more than 10 routers. E. No autonomous system border routers are allowed. F. Interarea routes are suppressed.

Correct Answer: ABE

``` 68Which two features RADIUS combine? (Choose two) A. telnet B. SSH C. Authentication D. Authorization E. Accounting ```

Correct Answer: CD

``` 69Which feature can be used to reduce the number of ICMP unreachable messages egressing a router? A. ICMP rate-limiting B. asymmetric routing C. URPF D. ip unreachables command ```

Correct Answer: A

70Which routing protocol will continue to receive and process routing updates from neighbors after the passive interface router configuration command is entered? A. EIGRP B. RIP C. OSPF D. IS-IS

Correct Answer: B

``` 71Which two EIGRP metrics have nonzero K values by default? (Choose two.) A. reliability B. delay C. cost D. load E. bandwidth ```

Correct Answer: BE

72What is the bandwidth set command in eigrp?

ip bandwidth-percent eigrp 1 20 1 = the EIGRP AS 20 = 20% of the bandwidth

73Router 1 cannot ping router 2 via the Frame Relay between them. Which two statements describe the problems? (Chooses two) A. Encapsulation is mismatched. B. Frame Relay map is configured. C. DLCI is active. D. DLCI is inactive or deleted. E. An access list is needed to allow ping.

Correct Answer: AD Frame Relay: Cannot ping Remote Router : 1-Encapsulation mismatch has occurred. 2-DLCI is inactive or has been deleted. 3-DLCI is assigned to the wrong subinterface. 4-An access list was misconfigured. 5-The frame-relay map command is missing. 6-No broadcast keyword is found in frame-relay map statements.

``` 74Which switching method is used when entries are present in the output of the command show ip cache? A. fast switching B. process switching C. Cisco Express Forwarding switching D. cut-through packet switching ```

75Which statement describes what this command accomplishes when inside and outside interfaces are correctly identified for NAT? ip nat inside source static tcp 192.168.1.50 80 209.165.201.1 8080 extendable A. It allows host 192.168.1.50 to access external websites using TCP port 8080. B. It allows external clients coming from public IP 209.165.201.1 to connect to a web server at 192.168.1.50. C. It allows external clients to connect to a web server hosted on 192.168.1.50. D. It represents an incorrect NAT configuration because it uses standard TCP ports.

Correct Answer: C

76When Unicast Reverse Path Forwarding is configured on an interface, which action does the interface take first when it receives a packet? A. It checks the ingress access lists B. It verifies a reverse path via the FIB to the source C. It checks the egress access lists D. It verifies that the source has a valid CEF adjacency

Correct Answer: D

``` 77Which criterion does BGP evaluate first when determinin the best path? A. MED value B. neighbor address C. local prefence value D. weight ```

Correct Answer: D

78Which effect of "vnet trunk" on an interface is true? A. It designates the interface as a GRE tunnel endpoint B. it configures 802 lq trunking on the interface C. I designates the interface as an EVN trunk D. I removes VTP from the interface

Correct Answer: B

79Which two conditions can cause BGP neighbor establishment to fail? (Choose Two) A. There is an access list blocking all TCP traffic between the two BGP neighbors. B. The IBGP neighbor is not directly connected. C. BGP synchronization is enabled in a transit autonomous system with fully-meshed IBGP neighbors. D. The BGP update interval is different between the two BGP neighbors. E. The BGP neighbor is referencing an incorrect autonomous system number in its neighbor statement.

Correct Answer: AE

``` 80Which LSA type in 0SPFv3 is used for link-local updates? A. Link LSA type 5 B. Link LSA type 8 C. Link LSA type 4 D. Link LSA type 6 ```

Answer: B

81Which statement about IP SLA feature is true? A. It keeps track of the number of packets and bytes that are observed in each flow by storing information in a cache flow B. It ensures that there are appropriate levels of service for network applications C. It classifies various traffic types by examining information within Layers 3 through 7 D. It measures how the network treats traffic for specific applications by generating traffic that bears similar characteristics to application traffic.

Answer: B

82Which three statements about IPv6 EIGRP are true? (Choose three.) A. An IPv6 EIGRP router ID is required B. EIGRP neighbor relationships can be formed only on the configured IPv6 address. C. It supports EUI-64 addresses only D. EIGRP route advertisement is configured under the interface configuration E. EIGRP neighbor relationships are formed using the link-local address F. EIGRP route advertisement is configured under the ipv6 router eigrp configuration

Answer: A,D,E

83Which statements best describes the following two OSPF commands, which are used to summarize routes? area 0 range 192.168.110.0 255.255.0.0 summary-address 192.168.110.0 255.255.0.0 A. The area range command defines the area where the network resides. The summary-address command enables autosummanzation B. The area range command specifies the area where the subnet resides and summarizes it to other areas. The summary-address command summarizes external routes C. The area range command summarizes subnets for a specific area. The summary-address commandsummaries a subnet for all areas D. The area range command defines the area where the network resides. The summary-address command summanzes a subnet for all areas

Answer: B

``` 84What is supported radius server? (choose two) A. telnet B. authentication C. accounting D. authorization E. SSH ```

Answer: B,D

85Refer to the following. aaa new-model aaa authentication login default local-case enable aaa authentication login ADMIN local-case username CCNP secret Str0ngP@ssw0rd! line 0 4 login authentication ADMIN How can you change this configuration so that when user CCNP logs in, the show run command is executed and the session is terminated? A. Assign privilege level 15 to the CCNP username B. Add the access-class keyword to the username command C. Add the autocommand keyword to the username command D. Assign privilege Ievel14 to the CCNP username E. Add the autocommand keyword to the aaa authentication command F. Add the access-class keyword to the aaa authentication command

Answer: C

86Which two statements about Frame Relay point-to-point connections are true?(Choose two) A. The device can establish a point-to-point connection to the cloud without a DLCI B. Changing a point-to-point subinterface to a different type requires the device to be reloaded. C. They use two DLCIs to communicate with multiple endpoints over the Frame Relay cloud D. Each physical interface that extends to the Frame Relay cloud can support a single SVC. E. They can operate normally without a DLCI map

Answer: B,C

``` 87Which SNMP model and level can provide DES encryption? A. SNMPv3 authEn B. SNMPv3authNoPriv C. SNMPV2noAuthNoPrry D. SNMPv3noAuthNoPrv ```

Answer: A

88What happens when two EIGRP peers have mismatched K values? A. The two devices fail to from an adjacency B. The two devices are unable to correctly perform equal-cost routing C. The two devices fail to perform EIGRP graceful shutdown when one device goes down D. The two devices are unable to correctly perform unequal-cast load balancing

Answer: A

89Which command sequence can you enter on a router to configure Unicast Reverse Path Forwarding in loose mode? A. interface GigabitEthernet0/0 ip verify unicast source reachable-via loose B. interface GigabitEthernet0/0 ip verify unicast source reachable-via rx C. interface GigabitEthernet0/0 ip verify unicast source reachable-via any D. interface GigabitEthernet0/0 ip verify unicast source reachable-via all

``` 90When using SNMPv3 with NoAuthNoPriv, which string is matched for authentication? A. username B. password C. community-string D. encryption-key ```

A The following security models exist: SNMPv1, SNMPv2, SNMPv3. The following security levels exits: "noAuthNoPriv" (no authentiation and no encryption noauth keyword in CLI), "AuthNoPriv" (messages are authenticated but not encrypted auth keyword in CLI), "AuthPriv" (messages are authenticated and encrypted priv keyword in CLI). SNMPv1 and SNMPv2 models only support the "noAuthNoPriv" model since they use plain community string to match the incoming packets. The SNMPv3 implementations could be configured to use either of the models on per-group basis (in case if "noAuthNoPriv" is configured, username serves as a replacement for community string).

91Which command only announces the 1.2.3.0/24 network out of FastEthernet 0/0? A. distribute list 1 out B. distribute list 1 out FastEthernet0/0 C. distribute list 2 out D. distribute list 2 out FastEthernet0/0

Answer: D

``` 92Which two functions are completely independent when implementing NAT64 over NAT-PT? (Choose two.) A. DNS B. NAT C. port redirection D. stateless translation E. session handling ```

Answer: A,B Explanation: Network Address Translation IPv6 to IPv4, or NAT64, technology facilitates communication between IPv6-only and IPv4-only hosts and networks (whether in a transit, an access, or an edge network). This solution allows both enterprises and ISPs to accelerate IPv6 adoption while simultaneously handling IPv4 address depletion. The DNS64 and NAT64 functions are completely separated, which is essential to the superiority of NAT64 over NAT-PT

93A network engineer has set up VRF-Lite on two routers where all the interfaces are in the same VRF. At a later time, a new loopback is added to Router 1, but it cannot ping any of the existing interfaces. Which two configurations enable the local or remote router to ping the loopback from any existing interface? (Choose two.) A. adding a static route for the VRF that points to the global route table B. adding the loopback to the VRF C. adding dynamic routing between the two routers and advertising the loopback D. adding the IP address of the loopback to the export route targets for the VRF E. adding a static route for the VRF that points to the loopback interface F. adding all interfaces to the global and VRF routing tables

Answer: A,B

94Refer to the following access list. access-list 100 permit ip any any log After applying the access list on a Cisco router, the network engineer notices that the router CPU utilization has risen to 99 percent. What is the reason for this? A. A packet that matches access-list with the "log" keyword is Cisco Express Forwarding switched. B. A packet that matches access-list with the "log" keyword is fast switched. C. A packet that matches access-list with the "log" keyword is process switched. D. A large amount of IP traffic is being permitted on the router.

Answer: C

95How does an IOS router process a packet that should be switched by Cisco Express Forwarding without an FIB entry? A. by forwarding the packet B. by dropping the packet C. by creating a new FIB entry for the packet D. by looking in the routing table for an alternate FIB entry

Answer: B

96A router with an interface that is configured with ipv6 address autoconfig also has a link-local address assigned. Which message is required to obtain a global unicast address when a router is present? A. DHCPv6 request B. router-advertisement C. neighbor-solicitation D. redirect

Answer: B Autoconfiguration is performed on multicast-enabled links only and begins when a multicastenabled interface is enabled (during system startup or manually). Nodes (both, hosts and routers) begin the process by generating a link-local address for the interface. It is formed by appending the interface identifier to well-known link-local prefix FE80 :: 0. The interface identifier replaces the right-most zeroes of the link-local prefix. Before the link-local address can be assigned to the interface, the node performs the Duplicate Address Detection mechanism to see if any other node is using the same link-local address on the link. It does this by sending a Neighbor Solicitation message with target address as the "tentative" address and destination address as the solicited-node multicast address corresponding to this tentative address. If a node responds with a Neighbor Advertisement message with tentative address as the target address, the address is a duplicate address and must not be used. Hence, manual configuration is required. Once the node verifies that its tentative address is unique on the link, it assigns that link-local address to the interface. At this stage, it has IP-connectivity to other neighbors on this link. The autoconfiguration on the routers stop at this stage, further tasks are performed only by the hosts. The routers will need manual configuration (or stateful configuration) to receive site-local or global addresses. The next phase involves obtaining Router Advertisements from routers if any routers are present on the link. If no routers are present, a stateful configuration is required. If routers are present, the Router Advertisements notify what sort of configurations the hosts need to do and the hosts receive a global unicast IPv6 address.

97DHCPv6 Messages

Solicit Advertise Request Reply

98EIGRP: The router will send Query packets the stub router if it needs information about a route or routes. How does a stub router respond?

the stub router will respond with a message of inaccessible to any queries received from the hub router. This method allows for backward compatibility with older versions of software while retaining stub routing functionality.

99After testing various dynamic IPv6 address assignment methods, an engineer decides that more control is needed when distributing addresses to clients. Which two advantages does DHCPv6 have over EUI-64 (Choose two.) A. DHCPv6 requires less planning and configuration than EUI-64 requires. B. DHCPv6 allows for additional parameters to be sent to the client, such as the domain name and DNS server. C. DHCPv6 providers tighter control over the IPv6 addresses that are distributed to clients. D. DHCPv6 does not require the configuration of prefix pools. E. DHCPv6 does not require neighbor and router discovery on the network segment.

A,B

100TCP traffic is blocked on port 547 between a DHCPv6 relay agent and a DHCPv6 server that is configured for prefix delegation. Which two outcomes will result when the relay agent is rebooted? (Choose two) A. Routers will not obtain DHCPv6 prefixes. B. DHCPv6 clients will be unreachable. C. Hosts will not obtain DHCPv6 addresses. D. The DHCPv6 relay agent will resume distributing addresses. E. DHCPv6 address conflicts will occur on downstream clients.

A,C

``` 101Which technology was originally developed for routers to handle fragmentation in the path between end points? A. PMTUD B. MSS C. windowing D. TCP E. global synchronization ```

102What is the primary service that is provided when you implement Cisco Easy Virtual Network? A. It requires and enhances the use of VRF-Lite. B. It reduces the need for common services separation. C. It allows for traffic separation and improved network efficiency. D. It introduces multi-VRF and label-prone network segmentation.

``` 103On which two types of interface is Frame Relay switching supported? (Choose two.) A. serial interfaces B. Ethernet interfaces C. fiber interfaces D. ISDN interfaces E. auxiliary interfaces ```

A,D

104Which two reductions are the correct reductions of the IPv6 address 2001:0d02:0000:0000:0014:0000:0000:0095? (Choose two) A. 2001:0d02:::0014:::0095 B. 2001:d02::14::95 C. 2001:d02:0:0:14::95 D. 2001:d02::14:0:0:95

C,D

``` 105Which option to the command service timestamps debug enables the logging server to capture the greatest amount of information from the router? A. uptime B. show-timezone C. year D. msec ```

106When a packet is denied by an IPv6 traffic filter, which additional action does the device perform? A. It scans the rest of the ACL for a permit entry matching the destination. B. It generates a TCP Fin bit and sends it to the source. C. A creates a null route for the destination and adds it to the route table. D. It generates an ICMP unreachable message for the frame.

107Which two statements about NHRP in a DMVPN environment are true? (Choose two ) A. It can authenticate VPN endpoints. B. It can identity PIM-SM RPs over a tunnel. C. It routes traffic through the tunnel. D. It provides address resolution to route traffic E. It requires each endpoint to have a unique network ID

A,D

``` 108Loose Mode (2) Strict Mode (2) ``` It can drop legitimate traffic It requires the source address to be routable It supports using the default route as the route reference It permits only packets that are received on the same interface as the exit interface for the destination address.

Loose: It requires the source address to be routable It supports using the default route as the route reference Strict: It can drop legitimate traffic It permits only packets that are received on the same interface as the exit interface for the destination address.

``` 109In which state do DR and BDR establish adjacency with each ospf router in the network A. Exstart State B. Loading State C. Exchange State D. Init State ```

110Which two statements are true of the OSPF link-state routing protocol? (Choose two.) A. Using the Bellman-Ford algorithm, each OSPF router independently calculates its best paths to all destinations in the network. B. Using the DUAL algorithm, each OSPF router independently calculates its best paths to all destinations in the network. C. OSPF sends summaries of individual link-state entries every 30 minutes to ensure LSDB synchronization. D. OSPF sends triggered updates when a network change occurs E. OSPF sends updates every 10 seconds F. When a link changes state, the router that detected the change creates a link-state advertisement (LSA) and propagates it to all OSPF devices using the 224.0.0.6 multicast address.

``` 111With which network type will OSPF establish router adjacencies but not perform the DR/BDR election A. Point-to-point B. Backbone area 0 C. Broadcast multi-access D. Non-broadcast multi-access ```

112Which two statements about ICMP unreachable messages are true?(Ch oose two) A. They are sent when a route to the destination is missing from the routing table B. They can be enabled and disabled on a device only on a global level C. They are sent when a destination address responds to an ARP request D. They include the entire packet so that the source can identify the process that generated the message E. They include a portion of the original data so that the source can identify the process that generated the message

A,E

``` 113Which two BGP neighbor states are valid? (Choose two) A. DROTHER B. established C. stuck in active D. unknown E. 2-WAY F. active ```

B,F

114COPP (3) MPP (3) It designates the permitted management interfaces on the device. It is enable only when an interface is configured. It protects the device against DoS attacks. It requires only a single command to configure It supports packet forwarding by reducing the load on the device It uses QoS to limit the load on the device.

COPP: It protects the device against DoS attacks. It supports packet forwarding by reducing the load on the device It uses QoS to limit the load on the device. MPP: It designates the permitted management interfaces on the device. It is enable only when an interface is configured. It requires only a single command to configure

115Which statement about the metric calculation in EIGRP is true? A. The maximum delay along the path is used B. The mean value of bandwidth between the source and destination is used C. The minimum bandwidth between the source and destination is used D. The minimum delay along the path is used

116You need the IP address of the devices with which the router has established an adjacency. Also, the retransmit interval and the queue counts for the adjacent routers need to be checked. What command will display the required information? A. show ip eigrp adjacency B. show ip eigrp topology C. show ip eigrp interfaces D. show ip eigrp neighbor

117Which two steps must you perform to allow access to a device when the connection to a remote TACACS+ authentication server fails? (Choose two) A. include the local keyword in the AAA configuration B. Configure accounting to reference the log of previously authenticated connections C. Configure the device to accept Telnet and SSH connections. D. Remove the aaa new model command from the global configuration E. Configure a local username and password on the device

B, E

118In which network environment is AAA with RADIUS most appropriate? A. when Apple Talk Remote Access Is in use B. when NetBIOS Frame Control Protocol is in use C. when users require access to only one device at a time D. when you need to separate all AAA services

``` 119A network engineer wants to baseline the network to determine suitability for real-time voice applications. Which IP SLA operation is best suited for this task? A. ICMP-echo B. ICMP-jitter C. UDP-connect D. UDP-jitter E. TCP-connect F. UDP-echo ```

120Which IOS commands can you use to limit the CPU impact of log generation and transmission on an IOS router? A. You can use the ip access-list logging interval command in conjunction with the logging rate-limit command B. You can use the ip access-list logging limit command in conjunction with the logging rate-interval command C. You can use the ip access-list syslog-logging interval command in conjunction with the loggingrate-limit command D. You can use the ip access-list logged interval command in conjunction with the logging rate-limit command

121For a GRE tunnel to be up between two routers, which of the following must be configured? A. Loopback Interface B. IP reachability between the loopback interfaces C. Dynamic Routing between routers. D. Tunnel interfaces must be in the same subnet

``` 122On which two types of interface is Frame Relay switching supported? (Choose two.) A. serial interfaces B. Ethernet interfaces C. fiber interfaces D. ISDN interfaces E. auxiliary interfaces ```

A,D

123A network engineer is trying to modify an existing active NAT configuration on an IOS router by using the following command: (config)# no ip nat pool dynamic-nat-pool 192.1.1.20 192.1.1.254 netmask 255.255.255.0 Upon entering the command on the IOS router, the following message is seen on the console: %Dynamic Mapping in Use, Cannot remove message or the %Pool outpool in use, cannot destroy What is the least impactful method that the engineer can use to modify the existing IP NAT configuration? A. Clear the IP NAT translations using the clear ip nat traffic * " command, then replace the NAT configuration quickly, before any new NAT entries are populated into the translation table due to active NAT traffic. B. Clear the IP NAT translations using the clear ip nat translation * " command, then replace the NAT configuration quickly, before any new NAT entries are populated into the translation table due to active NAT traffic. C. Clear the IP NAT translations using the reload command on the router, then replace the NAT configuration quickly, before any new NAT entries are populated into the translation table due to active NAT traffic. D. Clear the IP NAT translations using the clear ip nat table * " command, then replace the NAT configuration quickly, before any new NAT entries are populated into the translation table due to active NAT traffic.

124Refer to the following configuration command router(conttg)# ip nat inside source static tcp 172.16.10.8 8080 172.16.10.8 80 Which statement about the command is true? A. Any packet that is received in the inside interface with a source IP port address of 172.16.10.8:80 is translated to 172.16.10.8 8:80 B. Any packet that is received in the inside interface with a source IP address of 172 16 10 8 is redirected to port 8080 or port 80 C. The router accepts only a TCP connection from port 8080 and port 80 on IP address 172 16 10 8 D. Any packet that is received in the inside interface with a source IP port address of 172 16 10 8 8080 is translated to 172.16.10.8 80

``` 125What command can you enter to configure an enable password that uses an encrypted password from another configuration? A. enable secret $abc%!#.Cd34$!ao0 B. enable secret 7 Sabc%!#.Cd34$!ao0 C. enable secret 0 Sabc%U*.Cd34$!ao0 D. enable secret 5 $abc%!#.Cd34$!ao0 E. enable secret 15 $abc%i#.Cd34$!ao0 F. enable secret 6 $abc%!#.Cd34$!ao0 ```

126Which two reductions are the correct reductions of the IPv6 address 2001:0d02:0000:0000:0014:0000:0000:0095? (Choose two) A. 2001:0d02:::0014:::0095 B. 2001:d02::14::95 C. 2001:d02:0:0:14::95 D. 2001:d02::14:0:0:95

C,D

127When a packet is denied by an IPv6 traffic filter, which additional action does the device perform? A. It scans the rest of the ACL for a permit entry matching the destination. B. It generates a TCP Fin bit and sends it to the source. C. A creates a null route for the destination and adds it to the route table. D. It generates an ICMP unreachable message for the frame

``` 128A network engineer wants to baseline the network to determine suitability for real-time voice applications. Which IP SLA operation is best suited for this task? A. ICMP-echo B. ICMP-jitter C. UDP-connect D. UDP-jitter E. TCP-connect F. UDP-echo ```

129Which two statements about NHRP in a DMVPN environment are true? (Choose two ) A. It can authenticate VPN endpoints. B. It can identity PIM-SM RPs over a tunnel. C. It routes traffic through the tunnel. D. It provides address resolution to route traffic E. It requires each endpoint to have a unique network ID

A, D

130A network engineer receives a command output from a customer that indicates an issue with NTP. What are two reasons for the output? (choose two) A. NTP traffic is blocked. B. NTP is not configured. C. The router is the NTP master. D. ntp update-calendar is missing. E. There is an NTP authentication failure

A,E

131A network engineer wants to notify a manager in the events that the IP SLA connection loss threshold reached. Which two feature are need to implements this functionality? (choose two) A. MOS B. Threshold action C. Cisco IOS EEM D. SNMP traps E. logging local

B,D

132Which two statements about GRE tunnel interfaces are true? A. To establish a tunnel, the source interface must be in the up/up state. B. A tunnel destination must be routable, but it can be unreachable. C. A tunnel can be established when the source interface is in the up/down state. D. To establish a tunnel, the source interface must be a loopback.

A,B

133Which type of information is displayed when a network engineer executes the show track 1 command on the router? A. information about the IP route track table. B. time to next poll for track object 1 C. information about tracking list 1 D. tracking information statistics.

``` 134Which two OSPF network types can operate without a DR/BDR relationship? (Choose Two) A. Point-to-multipoint B. Point-to-point C. nonbroadcast D. nonbroadcast multi-access E. broadcast ```

A,B

``` 135Company has migrated to IPv6 in their network. Which three IPv6 notations represent the same address? (Select three) A. 2031::130F::9C0:876A:130B B. 2031:0000:130F:0000:0000:09C0:876A:130B C. 2031:0:130F:::9C0:876A:130B D. 2031::130F:0::9C0:876A:130B E. 2031:0:130F:0:0:09C0:876A:130B F. 2031:0:130F::9C0:876A:130B ```

B,E,F

136What is the purpose of configuring the router as a PPPoE client? A. to provide VPN access over L2TP B. to enable PPP session from the router to the termination device at the headend for metroEthernet connectivity C. for DSL connectivity and removing the need for the end-user PC to run the PPPoE client software D. for connecting the router to a cable modem, which bridges the Ethernet frames from the router to the cable modem termination system

137Which mode of uRPF causes a router interface to accept a packet, if the network to which the packetu2019s source IP address belongs is found in the routeru2019s FIB? A. Strict mode B. Loose mode C. Auto mode D. Desirable mode

``` 138Company plans on migrating their network from IPv4 to IPv6 in the near future. Which three techniques can be used to transition from IPv4 to IPv6? (Select three) A. Dual stack B. NAT C. Flow label D. Mobile IP E. 6to4 tunneling F. Anycast G. MBGP ```

A,B,E

``` 139What is the default authentication in RIPv2 when authentication is enabled? A. enable password authentication B. MD5 authentication C. SHA1 authentication D. plaintext authentication ```

140Which two piece of information can you learn by viewing the routing table? (Choose two.) A. Whether an ACL was applied inbound or outbound to an interface. B. Whether the administrative distance was manually or dynamically configured. C. Which neighbor adjacencies are established. D. The EIGRP or BGP autonomous system. E. The length of time that a route has been known.

B,E

141Which two tasks should you perform to begin troubleshooting a network problem? (Choose two.) A. Gather the facts. B. Define the problem as a set of symptoms and causes. C. Implement an action plan. D. Monitor and verify the resolution. E. Analyse the results.

A,B

142While the packet travels from source to destination through an Internetwork, which of the following statements are true? (Choose two BEST answers.) A. The source and destination hardware (interface) addresses change. B. The source and destination hardware (interface) addresses remain constant. C. The source and destination IP addresses change. D. The source and destination IP addresses remain constant.

A,D

143Which difference in the packet fragmentation feature between IPv4 and IPv6 is true? A. Fragmentation performed by IPv4 Sender and forwarding routers IPv6 Only by the sender. B. There is no fragmentation in IPv6 because it uses Path MTU Discovery in order to find the smallest packet size to the destination.

``` 144By default what is the maximum number of equal metric path BGP uses for load balancing? A. 6 B. 4 C. 8 D. 16 ```

145What are two limitations of Stateful NAT64? (Choose two.) A. No requirement on the nature of IPv6 address assignment. B. Lacks in end-to-end address transparency. C. Gyros for all.

A,B

146Which two features are compatible with port security? (Choose two.) A. Voice VLAN B. SPAN source ports C. DTP

A,B

147With PCA and PCB and there are three routers between them and a different MTU value and they want a PCA to run an application with PCB and DF is set so we have to choose ...? A. MSS B. PMTU C. GRE D. DF

148Which two pieces of information can you determine from the output of the show ntp status command? (Choose two.) A. The NTP version number of the peer. B. The configured NTP servers. C. The IP address of the peer to which the clock is synchronized. D. Where the clock is synchronized.

C,D

149You are implementing WAN access for an enterprise network while running applications that require a fully meshed network, which two design standards are appropriate for such an environment? (Choose two.) A. A centralized DMVPN solution to simplify connectivity for the enterprise. B. A dedicated WAN distribution layer to consolidate connectivity to remote sites. C. A collapsed core and distribution layer to minimize costs. D. Multiple MPLS VPN connections with static routing. E. Multiple MPLS VPN connections with dynamic routing.

A,B

``` 150Which task do you need to perform first when you configure IP SLA to troubleshoot a network connectivity issue? A. Specify the test frequency. B. Enable the ICMP echo operation. C. Schedule the ICMP echo operation. D. Verify the ICMP echo operation ```

``` 151Which technology can combine multiple physical switches into one logical switch? A. HSRP B. VSS C. VRRP D. NHRP ```

152Which two facts must you take into account when you deploy PPPoE? (Choose two.) A. DDR idle timers must be configured to support VPDN login. B. PPPoE supports a maxiumum of 10 clients per customer premise equipment. C. DDR is not supported. D. You must manually configure IP addresses on the PPPoE interface. E. An individual PVC can support one PPPoE client.

B, E

153What are two reasons to use multicast to deliver video traffic, instead of unicast or broadcast? (Choose two.) A. It provides reliable TCP transport. B. It enables mulitple servers to send video streams simultaneously. C. It enables multiple clients to send video streams simultaneously. D. It supports distributed applications. E. It enables multiple clients to receive video streams simultaneously.

D,E

``` 154Which types of LSAs are present in the stub area? A. LSA type 1, 2, 3, 4 and 5 B. LSA type 1, 2 and 3 C. LSA type 3 and 5 D. LSA type 1 and 2 ```

155Which action is the most efficient way to handle route feedback when converting a RIPv2 network to OSPF? A. Implement route tags. B. Implement IP prefix lists. C. Implement route maps with access lists. D. Implement distribute lists.

156Which command configures a PPPoE client and specifies dial-on-demand routing functionality? A. pppoe-client dial-pool-number B. PPPoE enable C. interface dialer 1 D. encapsulation PPP

``` 157Cisco EVN related question, a network engineer implemented Cisco EVN. Which feature implements shared services support? A. Edge interfacing B. Tunnel feedback C. Route replication D. Route redistribution ```

158Refer to exhibit. What is indicated by the show ip cef command for an address? A. CEF is unable to get routing information for this route. B. CEF cannot switch packet for this route and passes it to the next best switching method. C. A valid entry and is pointed to hardware based forwarding. D. CEF cannot switch packet for this route and drops it.

``` 159What is uRPF checking first when the packet enters the interface? A. Access list ingress B. Access list egress C. Route available in FIB D. And another option I can't remember ```

160A network engineer applies the command ip tcp adjust-mss under interface configuration mode. What is the result? A. The probability of SYN packet truncation is increased. B. The UDP session is inversely affected. C. The probability of dropped or segmented TCP packets is decreased. D. The optimum MTU value for the interface is set.

161A network engineer enables OSPF on a Frame Relay WAN connection to various remote sites, but no OSPF adjacencies come up. Which two actions are possible solutions for this issue? (Choose two) A. Change the network type to point-to-multipoint under WAN interface. B. Enable virtual links. C. Change the network type to nonbroadcast multipoint access. D. Configure the neighbor command under OSPF process for each remote site. E. Ensure that the OSPF process number matches among all remote sites.

A,C

162In a point to multipoint Frame Relay topology, which methods ensure that all routing updates are received by all EIGRP within the Frame Relay network (Choose two) ``` A. Disable split horizon B. Create separate address ranges C. Use subinterface D. Use statically defined EIGRP neighbor on the site E. Disable EIGRP out summary ```

A,D

163Which statements best describes the following two OSPF commands, which are used to summarize routes? area 0 range 192.168.110.0 255.255.0.0 summary-address 192.168.110.0 255.255.0.0 A. The area range command defines the area where the network resides. The summary-address command enables autosummanzation. B. The area range command defines the area where the network resides. The summary-address command summanzes a subnet for all areas. C. The area range command specifies the area where the subnet resides and summarizes it to other areas. The summary-address command summarizes external routes. D. The area range command summarizes subnets for a specific area. The summary-address command summaries a subnet for all areas.

164Which two actions are common methods for migrating a network from one protocol to another? (Choose two.) A. redistributing routes from the current routing protocol to the new routing protocol B. removing the current routing protocol and implementing the new routing protocol C. changing the relative administrative distances of the two routing protocols D. changing the network IP addresses and bringing up the new IP addresses using the new routing protocol E. disabling IP routing globally and implementing the new routing protocol

A,C

``` 165Which two types of traffic can benefit from LLQ? (Choose two.) A. email B. voice C. telnet D. video E. file transfer ```

B,D

166A network engineer is configuring two dedicated Internet connections within the Internet module. One connection is the primary connection to all wired business communications, while the other is the primary connection for all customer wireless traffic. If one of the links goes down, the affected traffic needs to be redirected to the redundant link. Which current technology should be deployed to monitor the scenario? A. IP SLA B. MMC C. IP SAA D. PBR

``` 167Which two LSA types were introduced to support OSPF for IPv6? (Choose two.) A. type 9 B. type 10 C. type 5 D. type 7 E. type 8 ```

A,E

168Users were moved from the local DHCP server to the remote corporate DHCP server. After the move, none of the users were able to use the network. Which two issues will prevent this setup from working properly? (Choose two.) A. Auto-QoS is blocking DHCP traffic. B. The DHCP server IP address configuration is missing locally. C. 802.1X is blocking DHCP traffic. D. The broadcast domain is too large for proper DHCP propagation. E. The route to the new DHCP server is missing.

B,E

``` 169Which IP SLA operation can be used to simulate voice traffic on a network? A. TCP connect B. UDP-jitter C. ICMP-echo D. ICMP-jitter ```

170In which network environment is AAA with RADIUS most appropriate? A. when Apple Talk Remote Access is in user B. when NetBIOS Frame Control Protocol is in use C. when users require access to only one device at a time D. when you need to separate all AAA services

``` 171Which value determines the amnount of traffic that a network path can hold in transit? A. route cache setting B. maxsimum windows size C. badwidth delay product D. MSS ```

``` 172Which location within the network is preferred when using a dedicated route for Cisco IP SLA operations? A. user edge B. provider edge C. access edge D. distribution edge ```

173A user is attempting to authentication on the device connected to a TACACS+ server but the server require more information from the user to complete authenticaton. Which response does the TACACS+ daemon return? A. ACCEP B. ERROR C. REJECT D. CONTINUE

``` 174When an EIGRP router discovers a new neighbor, which packet type does the router send to help the neighbor build its topology table? A. Replies B. Requests C. Updates D. Queries ```

175After configuring RIPng on two routers that are connected via a WAN link, a network engineer notices that two routers cannot exchange routing pdated.What is the reason for this? A. Either a firewall between the two routers or an ACL on the router is blocking UDP 521. B. Either a firewall between the two routers or an ACL on the router is blocking TCP 520. C. Either a firewall between the two routers or an ACL on the router is blocking TCP 521. D. Either a firewall between the two routers or an ACL on the router is blocking UDP 520.

``` 176A network engineer is enabling RIPng on a new customer link Under which configuration mode is RIPng enabled? A. Global B. Router C. Interface D. IPv6 ```

177Which three algorithms can you configure with the ip cef load-sharing algorithm command? (Choose three.) ``` A. per-packed B. Tunnel C. per-destination D. Universal E. Per-source F. Include-ports ```

B, D, F

``` 178Which tecnology supports overlapping IP address on a single interace? A. policy-based routing B. VRF-Lite C. On-Demand Routing D. QoS ```

``` 179Which task must you perform to enable a point-to-point Frame Relay connection? A. Enable inverse ARP. B. Configure the encapsulation type. C. Configure static address mapping. D. Disable inverse ARP. ```

180what command to show hello/dead timers in ospf

show ipv6 ospf interface

181How can you minimize unicast flooding in a network? A. Configure HSRP on two routers, with one subnet preferred on the first router and different subnet preferred on the second router. B. Set the router\\'s ARP timeout value to be the same as the timeout value for Layer forwarding table entries. C. Set the router\\'s ARP timeout value to greater than the timeout value for Layer 2 forwarding table entries. D. Set the router\\'s ARP timeout value to less than the timeout value for Layer 2 forwarding table entries.

182Which option is one way to mitigate symmetric routing on an active/active firewall setup for TCP based connections? A. performing packet captures B. disabling asr-group commands on interfaces that are likely to receive asymetnc traffic C. replacing them with redundant routers and allowing load balancing D. disabling stateful TCP checks

183Authentication (2) Accounting (2) Authorization (2) supports a local database for device access enforces time period during which a user can access a device verifies network usage not supported with local aaa specifies a user's specific access privileges supports encryption

Authentication supports encryption supports a local database for device access Accounting verifies network usage not supported with local aaa Authorization enforces time period during which a user can access a device specifies a user's specific access privileges

``` 184What number is a valid representation for the 200F:0000:AB00:0000:0000:0000:0000/56 IPv6 prefix? A. 200F:0:0:AB/56 B. 200F:0:AB00:/56 C. 200F:AB00/56 D. 200F:AB/56 ```

185which condition prevents the establishment of a DMPVN tunnel between two spokes ? A. HSRP is enabled on the spoke devices B. IPsec is enabled on the spoke devices C. the two spokes are behind different PAT devices D. the two spokes have different tunnel keepalive settings.

186How route tags can be set?(choose two) A. ONLY within route tags B. within taglists C. can be set with ONLY route-maps D. can be set DIRECTLY within route maps. E. only used on link state RPs

B,D

``` 187Which adverse circumstance can the TTL feature prevent? A. DoS attacks B. link saturation C. CAM table overload D. routing loops ```

188Which statement about this neighbor of R1 is true? A. OSPFv3 adjacency has been lost, which causes the neighbor to be considered Stale. B. Aggregate global addresses are always used between IPv6 neighbors. C. OSPFv3 adjacency will not work between link-local addresses. D. R1 used ICMP to learn about this neighbor.

189Which two statements about EVN are true? A. It supports IPv6 traffic. B. It can support up to 16 VNs. C. It uses redistribution to share routes between VNs. D. It supports SSM only. E. A configuration can be based on an existing VRF configuration

C,E

``` 190Which feature can be used to reduce the number of ICMP unreachable message egressing a router? A. uRPF B. ICMP rate-limiting C. ip unreachables command D. Asymmetric routing ```

191For security purposes, an IPv6 traffic filter was configured under various interfaces on the local router. However, shortly after implementing the traffic filter, OSPFv3 neighbor adjacencies were lost. What caused this issue? A. The traffic filter is blocking all ICMPv6 traffic. B. The global anycast address must be added to the traffic filter to allow OSPFv3 to work properly. C. The link-local addresses that were used by OSPFv3 were explicitly denied, which caused the neighbor relationships to fail. D. IPv6 traffic filtering can be implemented only on SVls.

192A packet capture indicates that the router is not forwarding the DHCP packets that itreceives on interface FastEthernet0/0. Which command needs to be entered in global configuration mode to resolve this issue? A. ip DHCP relay B. ip helper C. ip forward-protocol D. service DHCP

193Which statement is true about 6to4 tunneling?(Choose Two) A. IPv4 traffic is encapsulated with an IPv6 header B. the edge router can use locally configured IPv6 address C. host and routers inside a 6to4 site will need a special code D. an edge router must use IPv6 address of 2002:/16 in its prefix

B,D

``` 194Which type of Netflow information is displayed when the show ip flow export command is executed? A. sent status and statistics B. top talkers C. export interface configurations D. local status and statistics ```

195Which two statements about the OSPF down bit are true? (Choose two ) A. It is set when OSPF routers are redistributed into BGP B. It is set only for LSA types 1,2 and 4. C. It set when an OSFP virtual link in created. D. It is set only for LSA types 3, 5, and 7 E. It is set when MP-BGP routers are redistributed into OSPF

C,D

``` 196By default, which type of IPv6 address is used to build the EUl-64 bit format? A. unique-local address B. IPv4-compatible IPv6 address C. link-local address D. aggregatable-local address ```

``` 197Which routing protocol routers traffic through the best path and second best path at the same time? A. EIGRP B. BGP C. OSPF D. RIP ```

198A router receives a routing advertisement for 10.1.1.0/24 from an EIGRP peer and from an OSPF peer, Which route does the router install in the routing table, and for which reason? A. the OSPF route, because the administrative distance is lower B. the EIGRP route, because the metric is lower C. the OSPF route, because the metric is lower D. the EIGRP route, because the administrative distance is lower

199A network engineer initiates the ip sla responder tcp-connect command in order to gather statistics for performance gauging. Which type of statistics does the engineer see? A. connectionless-oriented B. service-oriented C. connection-oriented D. application-oriented:

445Which value does a point-to-point GRE tunnel use to identify a peer? ``` A. MAC address B. configured multicast address. C. DLCI D. IP address E. VC ID ```

200If you convert a WAN connection with OSPF from T1 to a Frame Relay circuit, which two actions must you take to enable the connection? (Choose two) A. Change the OSPF network type to nonbroadcast. B. Manually configure neighbors in the OSPF process. C. Manually configure the hello and dead timers. D. Change the OSPF network type to broadcast. E. Change the OSPF network type to multipoint nonbroadcast.

A,B

201Which three functionalities are specific to stateful NAT64? (Choose Three) A. It requires IPv4-transalable IPv6 address B. It requires either manual or DHCPv6 based address assignment for IPv6 host. C. It helps ensure end-to-end address transparency and scalability. D. A state or bindings are created on every unique translation. E. It conserves IPv4 addresses.

B,D,E

202Which OSPF area prevent LSA type 4, LSA type 5? (Choose two) A. Stub Area B. Totally Stubby Area C. Not-So-Stubby Area D. Totally Not-So-Stubby Area

B,D

203What does the number 16 in the following command represent? Router(config)#snmp-server user abcd public v2c access 16 A. the mask of the files that are allowed to use community string public. B. the standard named access list 16, which contains the access rules that apply to user abcd. C. the number of concurrent users who are allowed to query the SNMP community. D. the user ID that is allowed to use the community string public.

204Which two statements about uRPF are true? (Choose two) A. The Keyword any can be used with both strict mode and loose mode. B. Strict mode may drop legitimate traffic. C. It is enabled globally. D. Strict mode is most appropriate for networks with asymmetric routing. E. Loose mode may drop traffic when asymmetric routing occurs on the network F. It is enabled on a per interface basis.

B,F

205How big is the smallest packet than will always be fragmented on a standart Ethernet network with default configuration? A. 1500 bytes B. 1800 bytes C. 2048 bytes D. 2100 bytes

206Which two options are benefits of BGP peer groups?(Choose two) A. A Configuration change can be applied simultaneously to all peers in the peer group B. They cam optimize backbone routers C. They can be updated via multicast D. Each neighbor in a peer group can have different inbound BGP policies E. The use soft update to minimize bandwidth consumption F. They support groups of paths

A,D

207Which two statements about EVN are true? A. It supports IPv6 traffic. B. It can support up to 16 VNs. C. It uses redistribution to share routes between VNs. D. It supports SSM only. E. A configuration can be based on an existing VRF configuration

C,E

208What are two impotant differences between OSPFv2 and OSPFv3 (Choouse two.) A. Only OSPFv3 provides support for IPv6. B. Only OSPFv3 automatically chooses a router ID for the local device. C. Only OSPFv3 supports multiple OSPF instances on a single link. D. Only OSPFv3 automatically enable interfaces when you create them in device configuration mode. E. Only OSPFv3 automatically detects OSPF neighbors on an NBMA interface.

A,C

209Which feature can automatically assign IP addresses in a PPPoE environment? A. DHCP B. BOOTP C. PPP D. APPA

210What are two limitations when in use of NPTv6 for IPV6 vs IPV6 Address translation? ``` A. stateful address translation B. a limit of 32 1-to-1 translations C. lack of overloading functionality D. identify all interfaces NAT inside or outside E. 1-to-1 prefix rewrite F. mismatched prefix allocations ```

C,E

211Which condition can cause unicast reverse path forwarding to fail? A. split horizon B. STP convergence C. PortFast security violation D. asymmetric routing

212Connect A to B (a) supports IPv6 prefix 64:ff9b::/96 (a) IPv6 prefix assigned by an organization (a) supports application layer gateway (a) translates 2001:1::/64 to 2001:1:2::/64 (b) network-specific stateful IPv6 prefix (b) NAT64 (b) NPTv6 (b) well-known stateful NAT64 prefix

supports IPv6 prefix 64:ff9b::/96 = well-known stateful NAT64 prefix IPv6 prefix assigned by an organization = network-specific stateful IPv6 prefix supports application layer gateway = NAT64 translates 2001:1::/64 to 2001:1:2::/64 = NPTv6

``` 213You are configuring a Microsoft client to call a PPP server using CHAP. Only the client will be authenticated, but the clients password has expired and must be changed. Which PPP server configuration allows the call to be completed? A. ppp authentication ms-chap-v2 B. ppp authentication chap callin C. ppp authentication chap D. ppp authentication ms-chap-v2 callin E. ppp authentication ms-chap callin ```

214Which two tasks does a DHCP relay agent perform? (Choose two.) A. It forwards DHCPHELLO and DHCPREQUEST messages to the DHCP server. B. It forwards DHCPREQUEST and DHCPACK messages to the DHCP server. C. It forwards DHCPOFFER and DHCPCOMPLETE messages to the DHCP client. D. It forwards DHCPDISCOVER and DHCPREQUEST messages to the DHCP server. E. It forwards DHCPOFFER and DHCPACK messages to the DHCP client.

D,E

``` 215Which command enables NAT-PT on an IPv6 interface? A. ipv6 nat enable B. ipv6 nat C. ipv6nat-pt enable D. ipv6 nat-pt ```

216(a) DLCI (a) FECN (a) LMI (a) PVC (a) SVC (b) circuit that provides temporary on-demand connections between DTEs (b) locally significant ID (b) logical connection comprising two endpoints and a CIR (b) signaling mechanism for frame relay devices (b) indicator of congestion on the network

``` DLCI = locally significant ID FECN = indicator of congestion on the network LMI = signaling mechanism for frame relay devices PVC = logical connection comprising two endpoints and a CIR SVC = circuit that provides temporary on-demand connections between DTEs ```

217A network engineer enables OSPF on a Frame Relay WAN connection with circuit-id 24755272 to various remote sites, but no OSPF adjacencies come up. Which two actions are possible solutions for this issue? (Choose two.) A. Change the network type to nonbroadcast multipoint access. B. Ensure that the OSPF process number matches among all remote sites. C. Change the network type to point-to-multipoint under WAN interface. D. Enable virtual links. E. Configure the neighborcommand under OSPF process for each remote site.

C,E

``` 218A network engineer executes the show ip cache flow command. Which two types of information are displayed in the report that is generated? (Choose two.) A. flow samples for specific protocols B. IP packet distribution C. top talkers D. flow export statistics E. MLS flow traffic ```

A,B

``` 219Which two statements about NetFlow version 9 are true? (Choose two.) A. It is IEEE standards based. B. It is a Cisco proprietary technology. C. It is IETF standards based. D. It supports egress flows only. E. It supports ingress flows only. F. It supports ingress and egress flows. ```

C,F

220A network administrator creates a static route that points directly to a multi-access interface, instead of the next-hop IP address. The administrator notices that Cisco Express Forwarding ARP requests are being sent to all destinations. Which issue might this configuration create? A. Cisco Express Forwarding routing loop B. IP route interference C. high memory usage D. high bandwidth usage E. low bandwidth usage

``` 221Which CLI command can you enter to permit or deny IPv6 traffic travelling through an interface? A. ipv6 access-class B. access-list C. access-group D. ipv6 traffic-filter ```

222Which three statements about SNMP are true? (Choose three.) A. The manager polls the agent using UDP port 161. B. SNMPv3 supports authentication and encryption. C. The manager configures and send traps to the agent. D. The manager sends GET and SET messages. E. The MIB database can be altered only by the SNMP agent. F. The agent is the monitoring device.

A,B,D

``` 223DHCPv6 can obtain configuration parameters from a server through rapid two-way message exchange. Which two steps are involved in this process? (Choose two.) A. reply B. auth C. advertise D. request E. solicit ```

A,E

224In a point-to-multipoint Frame Relay topology, which two methods ensure that all routing updates are received by all EIGRP routers within the Frame Relay network? (Choose two.) A. Use subinterfaces. B. Create separate address families. C. Disable EIGRP auto summary. D. Use statically defined EIGRP neighbors on the hub site. E. Disable split horizon.

D,E

``` 225In which two areas does OSPF send a summary route by default? (Choose two.) A. NSSA B. totally stubby C. normal D. backbone E. stub ```

B,E

``` 226Which two commands must you configure on a DMVPN hub to enable phase 3? (Choose two.) A. ip nhrp map B. ip redirects C. ip nhrp shortcut D. ip nhrp interest E. ip nhrp redirect F. ip network-id ```

c, e

227For which reason is EIGRP failing to redistribute the default route? A. The EIGRP process is missing the no auto-summary command. B. The EIGRP process is missing the default metric. C. The route-map statement is missing the match anykeyword. D. The EIGRP process is missing the router ID.

228(a) dynamic (a) extended (a) reflexive (a) standard (a) time-based (b) acl numbered 1300 - 1999 (b) acl applied to traffic only during certain periods (b) acl that must be defined as a named acl (b) acl that uses telnet for authentication (b) acl type that should be placed closest to the source

``` standard = acl numbered 1300 - 1999 time-based = acl applied to traffic only during certain periods reflexive = acl that must be defined as a named acl dynamic = acl that uses telnet for authentication extended = acl type that should be placed closest to the source ```

``` 229(a) excesssive unicast flooding out-of-order packets tcp starvation asymmetric routing latency ``` (b) cause of inconsistent traffic patterns condition caused by including a host port in STP condition in which packets require an excessive length of time to traverse a switch potential effect of excessive UDP traffic on the link potential result of disabling FIFO

excesssive unicast flooding = host port out-of-order packets = FIFO tcp starvation = excessive UDP traffic asymmetric routing = inconsistent traffic latency = excessive length

230Which problem can be caused by latency on a UDP stream? A. The device that sends the stream is forced to hold data in the buffer for a longer period of time. B. The device that receives the stream is forced to hold data in the buffer for a longer period of time. C. The devices at each end of the stream are forced to negotiate a smaller windows size. D. The overall throughput of the stream is decreased.

231After reviewing the EVN configuration, a network administrator notices that a predefined EVN, which is known as "vnet global", was configured. What is the purpose of this EVN? A. It aggregates and carries all dot1qtagged traffic. B. It refers to the global routing context and corresponds to the default RIB. C. It safeguards the virtual network that is preconfigured to avoid mismatched routing instances. D. It defines the routing scope for each particular EVN edge interface.

232Which two statements about NHRP and a DMVPN environment are true? (Choose two.) A. It can identify PIM-SM RPs over a tunnel. B. It provides address resolution to route traffic. C. It requires each endpoint to have a unique network ID. D. It can authenticate VPN endpoints. E. It routes traffic through the tunnel.

B,D

``` 233Which option is the minimum logging level that displays a log message when an ACL drops an incoming packet? A. Level 5 B. Level 7 C. Level 3 D. Level 6 ```

``` 234Which condition can cause unicast reverse path forwarding to fail? A. PortFast security violation B. split horizon C. asymmetric routing D. STP convergence ```

``` 235Which two protocols can be affected by MPP? (Choose two.) A. HTTP B. POP C. SFTP D. SSH E. SMTP ```

A,D

236How does an EVN provide end-to-end virtualization and separation for data traffic from multiple networks? A. It tags traffic with an 802.1q tag at the trunk interface. B. It tags traffic with a virtual network tag at the edge interface. C. It tags traffic with an 802.1q tag at the edge interface. D. It tags traffic with a virtual network tag at the trunk interface.

``` 237Which two commands must you configure in the calling router to support the PPPoE client? (Choose two.) A. mtu B. pppoe enable group C. peer default ip address pool D. pppoe-client dial-pool-number E. bba-group pppoe ```

A,D

``` 238A network engineer wants an NTP client to be able to update the local system without updating or synchronizing with the remote system. Which option for the ntp command is needed to accomplish this? access-group A. peer B. query-only C. serve-only D. serve ```

``` 239The Neighbor Discovery Protocol in ipv6 is replaced with which discovery protocol in ipv4? (2) A. ARP B. ICMP C. UDP D. TCP E. RFC ```

A, B

``` 240Which two protocols can cause TCP starvation? (Choose two) A. TFTP B. SNMP C. SMTP D. HTTPS E. FTP ```

A,B

``` 241The company network is in the process of migrating the IP address scheme to use IPv6. Which of the following address types are associated with IPv6? (Select three) A. Unicast B. Private C. Broadcast D. Public E. Multicast F. Anycast ```

A,E,F

242What is IPv6 router solicitation? A. A request made by a node to join a specified multicast group B. A request made by a node for its IP address C. A request made by a node for the IP address of the DHCP server D. A request made by a node for the IP address of the local router

243If routers in a single area are configured with the same priority value, what value does a router use for the OSPF Router ID in the absence of a loopback interface? A. The lowest IP address of any physical interface B. The highest IP address of any physical interface C. The lowest IP address of any logical interface D. The highest IP address of any logical interface

244Frame Relay LMI autosense. Which statements are true? (Choose two.) A. Line should be up and protocol should be down B. Protocol must be up C. It only works on DTEs D. It only works on DCEs

A,C

245What configurations does PPPoE allow? (Choose two) A. Client can be installed on the same network devices as server B. 8 clients can be configured on 1 CPE C. Clients can connect to multiple hosts over DMVPN D. Client connecting over ATM PVC E. Client installed on native IPv6 network

B,C

246What are characteristics of PAP and CHAP? (choose two) A. PAP provides a challenge to the client B. CHAP provides a challenge to the client C. PAP can be used by TACACS+ to verify access credentials D. PAP requires a username and optional password E. CHAP requires a username and optional password

B,C

247How should a router that is being used in a Frame Relay network be configured to keep split horizon issues from preventing routing updates? A. Configure a separate subinterface for each PVC with a unique DLCI and subnet assigned to the subinterface B. Configure each Frame Relay circuit as a point-to-point line to support multicast and broadcast traffic C. Configure many subinterfaces in the same subnet. D. Configure a single subinterface to establish multiple PVC connections to multiple E. Remote router interfaces

248In which two ways can split horizon issues be overcome in a Frame Relay network environment? (choose two.) A. Configuring one physical serial interface with Frame Relay to various remote sites. B. Configure a loopback interface with Frame Relay to various remote sites C. Configuring multiple subinterfaces on a single physical interface to various remote sites. D. Enabling split horizon. E. Disabling split horizon.

C,E

249In IPv6, the interfaces running OSPF can be configured with multiple address prefixes. Which statement is true about the IPv6 addresses that can be included into the OSPF process? A. Specific addresses can be selected using a route map. B. Specific addresses can be selected using an ACL C. Specific addresses cannot be selected for importation into the OSPF process. D. Specific addresses can be selected using a prefix list.

250What is true about peer groups? (Choose two.) A. Optimize backdoor routes. B. If you change configuration then it effects all peers in the group. C. Peer groups can send soft updates to all. D. Updates can be sent with multicast.

B,C

``` 251If you want to migrate an IS-IS network to another routing protocol with _____. (Choose two) A. UDP B. Internal BGP C. TCP/IP D. EIGRP E. OSPF F. RIP ```

D,E

``` 252What is a valid ipv6 multicast address? A. FF02::2 B. FFFF::FF C. FE80::FF D. 0::/128 ```

253What is true about EIGRP's redistributed static routes and summarized routes? (Choose two.) A. Summary routes have AD of 5 B. Static redistributed routes have AD of 190 C. Summary routes have AD of 20 D. Static redistributed routes have AD of 200

A,B

``` 254How route tags can be set? (Choose two.) A. Only with route-maps B. Only with taglists C. Can be set with route-maps D. Can be set with taglist. E. Only used on link state RPs. ```

C,D

255You have a router has some interface configured with 10Gb interface and giga interface. Which command you use to optimize higher BW? A. (config)#router ospf 1 (config-router)auto-cost reference-bandwidth 10000 B. (config)#router ospf 1 (config-router)auto-cost reference-bandwidth 1000 C. (config)#int f0/0 (config-int)auto-cost reference-bandwidth 1000 D. (config)#int f0/0 (config-int)auto-cost reference-bandwidth 10000

``` 256RIPv2 uses _____________. A. Port UDP 520 B. Port TCP 520 C. Port UDP 502 D. Port TCP 502 ```

``` 257RIPng ____________. A. Firewall Port block UDP 520 B. Firewall Port block TCP 520 C. Firewall Port block UDP 521 D. Firewall Port block TCP 521 ```

``` 258A. Hello or ACK received B. AS number match C. Hello timer match D. Identical metric (k values E. Dead Timer Match ```

A,B,D

``` 259A network engineer is disabling split horizon on a point-to-multipoint minterface that is running RIPng. Under which configuration mode can split horizon be disabled? A. router(config-riping)# B. router(config-rtr)# C. router(config-if)# D. router(config)# ```

260A network engineer configures two connected routers to run OSPF in Area 0; however, the routers fail to establish adjacency. Which option is one of the caused for this issue? A. Area numbers match. B. OSPF process numbers do not match on both neighbor routers. C. The Same MTU sizes are configured on both sides. D. The Same OSPF router IDs are configured on both routers.

``` 261Which IPV6 address type does RIPng use for next-hop addresses? A. Anycast B. Global C. Multicas D. Site-local E. Link-local ```

``` 262Which type of message does a device configured with the eigrp stub command send in response to EIGRP queries? A. Invalid request B. Unavailable C. Stuck in active D. Stub-only E. Reject F. Inaccessible ```

263Which two statements about route targets that are configured with VRF-Lite are true? (Choose two.) A. Route targets uniquely identify the customer routing table B. Route targets control the import and export of routes into a customer routing table C. Route targets are supported only when BGP is configured D. When IS-IS is configured, route targets identify the circuit level in which the customer resides E. When BGP is configured, route targets are transmitted as BGP standard communities F. Route targets allos customers to be assigned overlapping adresses

B,C

264What is the output of the following command: show ip vrf A. Show's default RD values. B. Displays IP routing table information associated with a VRF. C. Show's routing protocol information associated with a VRF. D. Displays the ARP table (static and dynamic entries) in the specified VRF.

``` 265What command would you use to set EIGRP routes to be prioritized? A. Distance 100 B. Distance 89 C. Distance eigrp 100 D. Distance eigrp 89 ```

266A route map was configured and it was distributing OSPF external routes __________. A. Distributing E1 only B. Distributing E1 and E2 using prefix list C. Distributing E1 and E2 using access list D. Distributing E2 routes

``` 267Which routing protocol does DMVPN support? (Choose three.) A. ISIS B. RIP C. EIGRP D. OSPF E. BGP ```

C,D,E

``` 268What is used in EIGRP metric calculation? A. Maximum delay B. Minimum delay C. Average delay D. Minimum interface bandwidth ```

``` 269Routers R1 and R2 are IPv6 BGP peers that have been configured to support a neighbor relationship over an IPv4 internet work. Which three neighbor IP addresses are valid choices to use in the highlighted section of the exhibit? (Choose three.) A. ::0A43:0002 B. 0A43:0002:: C. ::10.67.0.2 D. 10.67.0.2:: E. 0:0:0:0:0:0:10.67.0.2 F. 10.67.0.2:0:0:0:0:0:0 ```

A,C,E

270What are three reasons to control routing updates via route filtering? (Choose three). A. To hide certain networks from the rest of the organization B. For easier implementation C. To control network overhead on the wire D. For simple security E. To prevent adjacencies from forming

A,C,D

271Refer to the exhibit. Based upon the configuration, you need to understand why the policy routing match counts are not increasing. Which would be the first logical step to take? A. Confirm if there are other problematic route-map statements that precede divert. B. Check the access list for log hits. C. Check the routing table for 212.50.185.126. D. Remove any two of the set clauses. (Multiple set clause entries will cause PBR to use the routing table.)

272Which statement describes the difference between a manually configured IPv6 in IPv4 tunnel versus an automatic 6to4 tunnel? A. A manually configured IPv6 in IPv4 tunnel allows multiple IPv4 destinations. B. An automatic 6to4 tunnel allows multiple IPv4 destinations. C. A manually configured IPv6 in IPv4 tunnel does not require dual-stack (IPv4 and IPv6) routers at the tunnel endpoints. D. An automatic 6to4 tunnel does not require dual-stack (IPv4 and IPv6) routers at the tunnel endpoints.

273Which two statements are true about using IPv4 and IPv6 simultaneously on a network segment? (Choose two.) A. Hosts can be configured to receive both IPv4 and IPv6 addresses via DHCP. B. Host configuration options for IPv4 can be either statically assigned or assigned via DHCP.Host configuration options for IPv6 can be statically assigned only. C. IPv6 allows a host to create its own IPv6 address that will allow it to communicate to other devices on a network configured via DHCP. IPv4 does not provide a similar capability for hosts. D. IPv4 and IPv6 addresses can be simultaneously assigned to a host but not to a router interface. E. IPv6 provides for more host IP addresses but IPv4 provides for more network addresses.

A,C

``` 274Which is an "invalid" option when redistributing from EIGRP into OSPF? A. ACL B. Tag C. Metric D. Route map ```

``` 275Engineer has to enable RIP on a link. Where he will issue the command? A. Ipv6 B. Global C. Router sub command D. Interface subcommand ```

``` 276Which authentication methods does EIGRP use? A. sha B. md5 C. xda D. chap E. cisco ```

277Which statement about local policy routing is true? A. It is used to policy route packets that are generated by the device. B. It requires all packets to be packet switched. C. It is used to policy route packets that pass through the device. D. It requires all packets to be CEF switched. E. It supports IPv4 packets only. F. It requires an ip address or access list as the matching criteria.

278What appears in the other router routing table? #loopback EIGRP STUB A. loopback of the stub router advertised B. loopback of the stub router was not advertised

``` 279Which three configuration parameters can a DHCPV6 pool contain? (Choose three.) A. Domain search list B. Router IP C. Default gateway D. Prefix delegation E. DNS servers F. Subnet mask ```

A,D,E

``` 280What are two BGP neigborship states? (Choose two.) A. Full B. Open Sent C. 2WAY D. Connect E. DROTHER F. Stuck in active ```

B,D

281Which access list entry checks for an ACK within a packet header? A. access-list 49 permit ip any any eq 21 tcp-ack B. access-list 49 permit tcp any any eq 21 tcp-ack C. access-list 149 permit tcp any any eq 21 established D. access-list 49 permit tcp any any eq 21 established

``` 282Which TCP port for BGP? A. port 161 B. port 123 C. port 179 D. port 47 ```

``` 283Which type of access list allows granular session filtering for upper-level protocols? A. Content-based access lists B. Context-based access lists C. Reflexive access lists D. Extended access lists ```

284Which two options are requirements for EIGRP authentication? (Choose two) A. A crypto map must be configured. B. The Authentication key must be configured under the interface running EIGRP. C. The authentication key must be configured within the EIGRP routing configuration. D. The authentication key IDs must match between two neighbors. E. A separate key chain must be configured. F. AN IPsec profile must be configured.

B,D

``` 285Which three options are valid DHCPv6 functions? (Choose three.) A. Server B. Client C. Approver D. Requester E. Repeater F. ACK G. Relay ```

A,B,G

286Refer to the exhibit. A network engineer executes the show ipv6 ospf database command and is presented with the output that is shown. Which flooding scope is referenced in the link-state type? A. Link-local B. Area C. As (OSPF domain) D. Reserved

``` 287Which type of address does OSPFv3 use to form neighbor adjacencies and to send LSAs? A. Unicast IPv6 addresses B. Link-local addresses C. Multicast address FF02::5 D. Unicast IPv4 addresses ```

288What following parameters for the EIGRP authentication need to match in order for EIGRP neighbors to establish a neighbor relationship? A. Autonomous System number. B. K-Values C. If authentication is used both: the key number, the password, and the date/time. D. The neighbors must be on common subnet (all IGPs follow this rule).

289An engineer is using a network sniffer to troubleshoot DHCPv6 between a router and hosts on the LAN with the following configuration: ``` Interface Ethernet0 - Ipv6 dhcp server DHCPSERVERPOOL rapid-commit ! Which two DHCPv6 messages will appear in the snifer logs? A. Reply B. Request C. Advertise D. Acknowledge E. Solicit F. Accept ```

A,E

290Which the Valid range for BGP private ASNs? A. 64512-65535 B. 62640-65535 C. 32024-65535

``` 291When ospf is forming an adjacency, in which state, the actual exchange of information in the link? A. INIT B. Loading C. Exstart D. Exchange ```

``` 292Using new backup router in spite of faulty one in ospf domain but relationship with neighbor in one interface only not working, what is the reason of this problem? (Choose two.) A. Area Id mismatch B. Authentication mismatch C. Process id of ospf not match D. Ospf timers not match ```

A,D

``` 293A network administrator notices that the BGP state drops and logs are generated for missing BGP hello keepalives. What is the potential problem? A. Incorrect neighbor options B. Hello timer mismatch C. BGP path MTU enabled D. MTU mismatch ```

``` 294Which BGP option is required when load sharing over multiple equal-bandwidth parallel links from a single CE router to a single ISP router over eBGP? Select the best response. A. eBGP Multipath B. eBGP Multihop C. BGP Synchronization D. Public AS numbers ```

295During a recent OSPF election among three routers, RTA was elected the DR and RTB was elected the BDR, as seen in the graphic. Assume that RTA fails, and that RTB takes the place of the DR while RTC becomes the new BDR. What will happen when RTA comes back online? A. RTA will take the place of DR immediately upon establishing its adjacencies B. RTA will take the place of DR only if RTB fails. C. RTA will take the place of DR only if both RTB and RTC fail. D. A new election will take place establishing an all new DR and BDR based on configured priority levels and MAC addresses.

296What is the IPv6 address FF02::2 used for? Select the best response. A. All hosts in a local segment B. All routers in a local segment C. All hosts in a particular multicast group D. All routers in an autonomous system

297When an IPv6 enabled host boots, it sends a router solicitation (RS) message. An IPv6 router responds with a router advertisement (RA). Which two items are contained in the RA? (Choose two.) A. IPv6 address for the host B. Lifetime of the prefix C. Prefixes for the link D. Keepalive timers E. Request for the local host IP address F. Any route advertisements it has received

B,C

298Refer to the exhibit. EIGRP is configured on all routers in the network. On a basis of the show ip eigrp topology output provided, what conclusion can be derived? Select the best response. A. Router R1 can send traffic destined for network 10.6.1.0/24 out of interface FastEthernet0/0. B. Router R1 is waiting for a reply from the neighbor 10.1.2.1 to the hello message sent out before it declares the neighbor unreachable. C. Router R1 is waiting for a reply from the neighbor 10.1.2.1 to the hello message sent out inquiring for a second successor to network 10.6.1.0/24. D. Router R1 is waiting for a reply from the neighbor 10.1.2.1 in response to the query sent out about network 10.6.1.0/24.

299An administrator types in the command router ospf 1 and receives the error message: "OSPF process 1 cannot start." (Output is omitted.) What should be done to correctly set up OSPF? Select the best response. A. Ensure that an interface has been configured with an IP address. B. Ensure that an interface has been configured with an IP address and is up. C. Ensure that IP classless is enabled. D. Ensure that the interfaces can ping their directly connected neighbors.

300What is the metric for an OSPF summary route? A. 160 B. 140 C. 120 D. 100

301What are three key concepts that apply when configuring the EIGRP stub routing feature in a hub and spoke network? (Choose three.) A. A hub router prevents routes from being advertised to the remote router. B. Only remote routers are configured as stubs. C. Stub routers are not queried for routes. D. Spoke routers connected to hub routers answer the route queries for the stub router. E. A stub router should have only EIGRP hub routers as neighbors. F. EIGRP stub routing should be used on hub routers only.

B,C,E

302What is the difference between the IPv6 addresses ::/0 and ::/128? Choose the best response. A. ::/0 is the unspecified address, and ::/128 is the multicast address. B. ::/0 is the unicast address, and ::/128 is the anycast address. C. ::/0 is the unicast address, and ::/128 is the multicast address. D. ::/0 is the anycast address, and ::/128 is the multicast address. E. ::/0 is the default route, and ::/128 is the unspecified address. F. ::/0 is the anycast address, and ::/128 is the default address.

303Which statement is true about EBGP? Select the best response. A. An internal routing protocol can be used to reach an EBGP neighbor. B. The next hop does not change when BGP updates are exchanged between EBGP neighbors. C. A static route can be used to form an adjacency between neighbors. D. EBGP requires a full mesh.

304Which three are characteristics of IPv6? (Choose three.) A. An IPv6 address is 128 bits long. B. An IPv6 header is 20 bits long. C. An IPv6 header contains the next header field. D. An IPv6 header contains the protocol field. E. IPv6 routers send RA messages. F. An IPv6 header contains the header checksum field.

A,C,E

305EIGRP has been configured on all routers in the network. What additional configuration statement should be included on router R4 to advertise a default route to its neighbors? A. R4(config)# ip default-network 10.0.0.0 B. R4(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.1 C. R4(config)# ip route 10.0.0.0 255.0.0.0 10.1.1.1 D. R4(config-router)# default-information originate

306Which two statements are true about 6to4 tunnels? (Choose two.) A. In a 6to4 tunnel, the first two bytes of the IPv6 address will be 2002 and the next four bytes will be the hexadecimal equivalent of the IPv4 address. B. In a 6to4 tunnel, the first two bytes of the IPv6 address will be locally derived and the next two bytes will be the hexadecimal equivalent of the IPv4 address. C. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the 2002:c0a8:6301::/48 IPv6 address. D. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the 2002:c0a8:6301::/16 IPv6 address. E. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the 2002:1315:4463:1::/64 IPv6 address.

A,C

307What does the command clear ipv6 ospf process accomplish? Select the best response. A. The OSPF adjacencies are cleared and initiated again. B. The route table is cleared. Then the OSPF neighbors are reformed. C. The shortest path first (SPF) algorithm is performed on the LSA database. D. The OSPF database is repopulated. Then the shortest path first (SPF) algorithm is performed.

308When implementing OSPFv3, which statement describes the configuration of OSPF areas? Select the best response. A. In interface configuration mode, the OSPFv3 area ID combination assigns interfaces to OSPFv3 areas. B. In router configuration mode, the network wildcard area ID combination assigns networks to OSPFv3 areas. C. In interface configuration mode, the IPv6 OSPF process area ID combination assigns interfaces to OSPFv3 areas. D. In router configuration mode, the IPv6 OSPF interface area ID combination assigns interfaces to OSPFv3 areas.

309You have implemented mutual route redistribution between OSPF and EIGRP on a border router. When checking the routing table on one of the OSPF routers within the OSPF routing domain, you are seeing some, but not all of the expected routes. Which two things should you verify to troubleshoot this problem? (Choose two.) A. The border router is using a proper seed metric for OSPF. B. The border router is using a proper seed metric for EIGRP. C. The administrative distance is set for OSPF and EIGRP. D. The missing EIGRP routes are present in the routing table of the border router. E. The subnet keyword on the border router in the redistribute EIGRP command.

D,E

``` 310How does an EVN provide end-to-end virtualization and separation of data traffic from multiple networks? A. On the edge interface, with vnet tag B. On the edge, with 801.q C. On the trunk, with vnet tag D. On the trunk, with 802.1 q ```

311Which two statements about EVNs are true? (Choose two.) A. VRFs using MPLS require a trunk interface that uses EVN B. VRF-Lite requires a trunk interface that uses EVN C. All EVNs within a trunk interface can share the same IP infrastructure D. Each EVN within a trunk interface must be configured separately E. Commands that are specified once under a trunk interface can be inherited by all EVNs

C,E

``` 312Which two protocols are required for DMVPN? (Choose two.) A. IPsec B. PPTP C. mGRE D. NHRP E. Open VPN ```

C,D

``` 313Which values identifies VPNs in an EVN environment? A. DLCI B. Route target C. Virtual network tag D. VLAN ID ```

314What are the four main steps in configuring a GRE tunnel over IPsec on Cisco routers? (Choose four.) A. Configure a physical interface or create a loopback interface to use as the tunnel endpoint. B. Create the GRE tunnel interfaces. C. Add the tunnel interfaces to the routing process so that it exchanages routing updates across that interface. D. Add the tunnel subnet to the routing process so that it exchanages routing updates across that interface. E. Add all subnets to the crypto access-list, so that IPsec encrypts the GRE tunnel traffic. F. Add GRE traffic to the crypto access-list, so that IPsec encrypts the GRE tunnel traffic.

A,B,D,F

315What two features are benefits of using GRE tunnels with IPsec over using an IPsec tunnel alone in building-to-building site-to-site VPNs? (Choose two.) A. Allows dynamic routing securely over the tunnel B. IKE keepalives are unidirectional and sent every ten seconds C. Reduces IPsec headers overhead since tunnel mode is used D. Supports non-IP traffic over the tunnel E. uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration

A,D

316Router R1, a branch router, connects to the Internet using DSL. Some traffic flows through a GRE and IPsec tunnel, over the DSL connection, destined for an Enterprise network. Which of the following answers best describes the router's logic that tells the router, for a given packet, to apply GRE encapsulation to the packet? A. When the packet received on the LAN interface is permitted by the ACL listed on the tunnel gre acl command under the incoming interface B. When routing the packet, matching a route whose outgoing interface is the GRE tunnel interface C. When routing the packet, matching a route whose outgoing interface is the IPsec tunnel interface D. When permitted by an ACL that was referenced in the associated crypto map

317Which two statement about GRE tunnel interface are true? (Choose two) A. A tunnel can be established when a source the source interface is in the up/down state B. A tunnel Destination must be Routable, but it can be unreachable C. To establish a tunnel the source interface must be a loopback D. To Establish a tunnel the source interface must be up/up state E. A tunnel destination must be a physical interface that is on up/up state

B,D

318Which two statements about EVN are true? (Choose two.) A. Virtual network tags are assigned per-VRF. B. It is supported only on access ports. C. Virtual network tags are assigned globally. D. Routing metrics can be manipulated only from directly within the routing-context configuration. E. The VLAN ID in the 802.1q frame carries the virtual network tag. F. The VLAN ID is the ISL frame carries the virtual network tag.

A,E

``` 319Which two GRE features can you configure to prevent fragmentation? A. TCP MSS B. DF Bit Clear C. IP MTU D. PMTUD E. MTU ignore F. UDP windows sizes ```

A,D

320When the tunnel interface is configured in default mode, which statement about routers and the tunnel destination address is true? A. The router must have a route installed towards the tunnel destination B. The router must have wccp redirects enabled inbound from the tunnel destination C. The router must have cisco discovery protocol enabled on the tunnel to form a CDP neighborship with the tunnel destination D. The router must have redirects enabled outbound towards the tunnel destination

``` 321One of the AAA Authentication PPP Methods if PAP used ____. A. krb5 B. ssl C. transliteration methods D. UPN ```

``` 322The Cisco SA 500 Series Security Appliances are built specifically for businesses with less than 100 employees. What are three important benefits of this device? (Choose three.) A. Business-grade firewall B. Premium support via SMART net C. Site-to-site VPN for remote offices D. Cisco IOS software-based E. Email security F. XML support ```

A,C,E

``` 323Which two methods use IPsec to provide secure connectivity from the branch office to the headquarters office? (Choose two.) A. DMVPN B. MPLS VPN C. Virtual Tunnel Interface (VTI) D. SSL VPN E. PPPoE ```

A,C

324What is the command to enable IPv6 access list? A. ipv6 traffic-filter access-list-name { in | out } B. ipv6 access-list [access-list-name] C. access-list ipv6 [access-list-name] D. ipv6 access-group [access-list-name] { in | out }

``` 325Which access list used to filter upper layer protocol? A. Extended acl B. Standart acl C. Reflexive acl D. Time based acl E. Dynamic acl ```

``` 326Which option is a prerequisite for stateful NAT64? A. IPsec for IPv6 B. DNS64 C. Application Level Gateway D. ICMP64 ```

327Refer to the exhibit. configure terminal ip flow-export destination 192.168.10.1 9991 ip flow-export version 9 How can you configure a second export destination for IP address 192.168.10.1? A. Specify a different TCP port B. Specify a different UDP port C. Specify a VRF D. Configure a version 5 flow-export to the same destination E. Specify a different flow ID

328If you configure one router in your network with the auto-cost reference bandwidth 100 command, which effect on the data path is true? A. The data path remains the same for all links. B. The data path changes for 10 Mbps links only. C. The data path changes for all links D. The data path changes for 10 Gbps links only.

329Router R1, a branch router, connects to the Internet using DSL. Some traffic flows through a GRE and IPsec tunnel, over the DSL connection, and into the core of an Enterprise network. The branch also allows local hosts to communicate directly with public sites in the Internet over this same DSL connection. Which of the following answers defines how the branch NAT config avoids performing NAT for the Enterprise directed traffic but does perform NAT for the Internet-directed traffic? A. By not enabling NAT on the IPsec tunnel interface B. By not enabling NAT on the GRE tunnel interface C. By configuring the NAT-referenced ACL to not permit the Enterprise traffic D. By asking the ISP to perform NAT in the cloud

330Which statement is correct regarding the operation of NAT-PT between the IPv4 and IPv6 networks shown? A. The router will determine the IPv4 destination address. B. The source IPv6 host can use DNS to determine the IPv6-to-IPv4 address mapping. C. The host is statically configured with the IPv6-to-IPv4 address mapping. D. ICMP can be used to determine the IPv6-to-IPv4 address mapping.

331A. Export messages of notifications for an external server B. Show notifications in cli C. Sends info to host 172.16.10.12 with notifications less than or equal to 5 D. Sends info to host 172.16.10.12 with notifications greater than or equal to 5

332A network engineer wants to verify the status of a recently configured NTP setup on one of the routers. The engineer executes the show ntp associations command. What does the output indicate? A. The synchronized NTP servers that are configured on the device. B. The authentication mode that is used with the NTP server. C. The security key value for the configured NTP server. D. The facility that is configured for the NTP server.

333What show command is used here? TCB Local Address Foreign Address (state) 6523A4FC 10.1.25.3.11000 10.1.25.3.23 ESTAB 65239A84 10.1.25.3.23 10.1.25.3.11000 ESTAB 653FCBBC *.1723 *.* LISTEN A. show tcp brief B. show tcp brief all C. show tcp brief numeric D. show tcp brief ip

``` 334Under which circumstance will a branch ISR router contain interface vlan configurations? A. Performing inter-VLAN routing B. Performing 802.1Q trunking C. Performing ISL trunking D. Ethernet Switch Module installed E. ADSL WIC installed F. Running Call Manager Express ```

``` 335How to set up IP SLA to monitor Bandwidth between the certain limits? A. Timer B. Frequency C. Threshold D. Queue-limit ```

``` 336Which location is traffic from IP SLAs? A. Core edge B. Access edge C. WAN edge D. Distribution edge E. User edge ```

337A network engineer executes the show ip sla statistics command. What does the output of this command show? A. Operation availability B. Device CPU utilization C. Interface packet statistics D. Packet sequencing

338Which alerts will be seen on the console when running the command: logging console warnings? A. Warnings only B. Warnings, notifications, error, debugging, informational C. Warnings, errors, critical, alerts, emergencies D. Notifications, warnings, errors E. Warnings, errors, critical, alerts

339A network engineer is asked to create an SNMP-enabled proactive monitoring solution to ensure that jitter levels remain between particular boundaries. Which IP SLA option should the engineer use? A. Threshold B. Frequency C. Verify-data D. Timeout

``` 340Which IP SLA operation requires Cisco endpoints? A. UDP Jitter for VoIP B. ICMP Path Echo C. ICMP Echo D. UDP Jitter ```

``` 341Which option must be configured on a target device to use time stamping to accurately represent response times using IP SLA? A. Responder B. Jitter value C. TCP Connect D. ICMP Echo ```

``` 342What is the viable successor of NAT_PT? A. NAT44 B. NAT64 C. NPTv6 D. NATng ```

343Which option is the first task that a device that is configured with NAT64 performs when it receives an incoming IPv6 packet that matches the stateful NAT64 prefix? A. It translates the IPv6 header into an IPv4 header. B. It checks the IPv6 packet against the NAT64 stateful prefix. C. It translates the IPv6 source address to an IPv4 header. D. It translates the^ IPv4 destination address into a new NAT64 state. E. It performs an IPv6 route lookup.

``` 344Which SNMP verification command shows the encryption and authentication protocols that are used in SNMPV3? A. Show snmp group B. Show snmp user C. Show snmp D. Show snmp view ```

``` 345A network engineer enables a trunk port and encounters the following message:%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet 1/1, changed state to up. What is the severity level of this message? A. Alert B. Critical C. Notification D. Informational ```

``` 346Up/down interface... what is the log severity level? A. Level 3 B. Level 4 C. Level 5 D. Level 0 ```

``` 347Which NAT Command to disable dynamic ARP learning on an interface? A. R(config-if) # ip nat enable B. R(config-if) # ip nat inside C. R(config-if)# ip nat outside D. R(config)# ip nat allow static host E. R(config)# ip nat service ```

348Your company uses Voice over IP (VoIP). The system sends UDP datagrams containing the voice data between communicating hosts. When areas of the network become busy, some of the datagrams arrive at their destination out of order. What happens when this occurs? A. UDP will send an ICMP Information request message to the source host. B. UDP will pass the information in the datagrams up to the next OSI layer in the order in which they arrive. C. UDP will drop the datagrams that arrive out of order. D. UDP will use the sequence numbers in the datagram headers to reassemble the data into the ...

349Where are EIGRP successor routes stored? A. In the routing table only B. In the neighbor table only C. In the topology table only D. In the routing table and the topology table E. In the routing table and the neighbor table

``` 350A network engineer is troubleshooting connectivity issues with a directly connected RIPng neighbor. Which command should directly connected RIPng neighbor adjacencies only? A. Router#show ipv6 rip next-hops B. Router#show ip rip neighbors C. Router#show ipv6 routers D. Router#show ipv6 rip database ```

``` 351Which three NTP operating modes must the trusted-Key command be configured on for authentication to operate properly? (Choose three.) A. Interface B. Client C. Peer D. Server E. Broadcast ```

B,C,E

``` 352Which two types of threshold can you configure for tracking objects? (Choose two.) A. Percentage B. MTU C. Bandwidth D. Weight E. Delay F. Administrative distance ```

A,D

353Consider this scenario. TCP traffic is blocked on port 547 between a DHCPv6 relay agent and a DHCPv6 server that is configured for prefix delegation. Which two outcomes will result when the relay agent is rebooted? (Choose two.) A. Routers will not obtain DHCPv6 prefixes. B. DHCPv6 clients will be unreachable. C. Hosts will not obtain DHCPv6 addresses. D. The DHCPv6 relay agent will resume distributing addresses. E. DHCPv6 address conflicts will occur on downstream clients.

A,C

``` 354a: init loading exstart full 2-way down exchange ``` no info has been received, but hello can still be sent a hello is received but the id of the receiving router was not included in the hello DR/BD election rtrs and DR/BDR establish a master/slave relationship exchange DBD link-state requests all is synchronized

``` down init 2-way exstart exchange loading full ```

``` 355a: redistribution b/w mgmt authentication stubs ``` ``` b: low-speed wan links wan link to external supplier integrating 2 companies 256kb/s CIR FR hub and spokes ```

b/w mgmt = low authen = external redist = merge stubs = 256

356sh ip eigrp neigh sh ip eigrp int sh ip eigrp top sh ip route eigrp confirm what EIGRP is learning confirm what is actually being used view route information sources verify the rtring of specific nets

top route eigrp neigh int

``` 357local preference update query boundaries summarization boundaries ospf process ids authentication type ospf areas and associated prefixes load sharing method that will be used amount of bw that will be allocated to OSPF ``` choose 4

summarization process ids authentication areas and prefixes

``` 358originate route AS_Path weight local preference MED ``` BGP, put in order

``` weight local pref originate route AS_PATH MED ```

359path selection values memory usage ad of bgp notification, update sh ip bgp sum sh ip route bgp sh ip bgp sh ip bgp neigh match

mem ad path selection notification, update

360is propagated throughout the local auto system is not advertised to neighbors used for 1 rtr with multiple exit points is propagated between AS's MED (1) Local Pref (1) Weight (2)

``` MED = is propagated Local = throughout local AS weight = the other 2 ```

``` 361NAT-PT 6to4 tunnels GRE tunnels route tagging IPsec tunnels ISATAP tunnels ``` choose 4 for ipv4 to ipv6 transitions

nat-pt 6to4 gre isatap

362ipv6 dhcp relay dest ipv6 add auto ipv6 enable ipv6 add ``` DHCPv6 Server (2) Client Int (2) ```

DHCPv6: ipv6 enable ipv6 add auto client: ipv6 dhcp relay dest ipv6 add

``` 363A network engineer notices that transmission rates of senders of TCP traffic sharply increase and decrease simultaneously during periods of congestion. Which condition causes this? A. global synchronization B. tail drop C. random early detection D. queue management algorithm ```

364Which statement about the use of tunneling to migrate to IPv6 is true? A. Tunneling is less secure than dual stack or translation. B. Tunneling is more difficult to configure than dual stack or translation. C. Tunneling does not enable users of the new protocol to communicate with users of the old protocol without dual-stack hosts. D. Tunneling destinations are manually determined by the IPv4 address in the low-order 32 bits of IPv4-compatible IPv6 addresses.

``` 365A network administrator executes the command clear ip route. Which two tables does this command clear and rebuild? (Choose two.) A. IP routing B. FIB C. ARP cache D. MAC address table E. Cisco Express Forwarding table F. topology table ```

A,B

366Which two actions must you perform to enable and use window scaling on a router? (Choose two.) A. Execute the command ip tcp window-size 65536. B. Set window scaling to be used on the remote host. C. Execute the command ip tcp queuemax. D. Set TCP options to "enabled" on the remote host. E. Execute the command ip tcp adjust-mss.

A,B

``` 367A network administrator uses IP SLA to measure UDP performance and notices that packets on one router have a higher one-way delay compared to the opposite direction. Which UDP characteristic does this scenario describe? A. latency B. starvation C. connectionless communication D. nonsequencing unordered packets E. jitter ```

``` 368A network engineer has been asked to ensure that the PPPoE connection is established and authenticated using an encrypted password. Which technology, in combination with PPPoE, can be used for authentication in this manner? A. PAP B. dot1x C. Ipsec D. CHAP E. ESP ```

``` 369A corporate policy requires PPPoE to be enabled and to maintain a connection with the ISP, even if no interesting traffic exists. Which feature can be used to accomplish this task? A. TCP Adjust B. Dialer Persistent C. PPPoE Groups D. half-bridging E. Peer Neighbor Route ```

``` 370Which protocol uses dynamic address mapping to request the next-hop protocol address for a specific connection? A. Frame Relay inverse ARP B. static DLCI mapping C. Frame Relay broadcast queue D. dynamic DLCI mapping ```

371Which statement is true about the PPP Session Phase of PPPoE? A. PPP options are negotiated and authentication is not performed. Once the link setup is completed, PPPoE functions as a Layer 3 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers. B. PPP options are not negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 4 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers. C. PPP options are automatically enabled and authorization is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method that allows data to be encrypted over the PPP link within PPPoE headers. D. PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.

372PPPoE is composed of which two phases? A. Active Authentication Phase and PPP Session Phase B. Passive Discovery Phase and PPP Session Phase C. Active Authorization Phase and PPP Session Phase D. Active Discovery Phase and PPP Session Phase

373For security purposes, an Ipv6 traffic filter was configured under various interfaces on the local router. However, shortly after implementing the traffic filter, OSPFv3 neighbor adjacencies were lost. What caused this issue? A. The traffic filter is blocking all ICMPv6 traffic. B. The global anycast address must be added to the traffic filter to allow OSPFv3 to work properly. C. The link-local addresses that were used by OSPFv3 were explicitly denied, which caused the neighbor relationships to fail. D. Ipv6 traffic filtering can be implemented only on SVIs.

374What is the purpose of the autonomous-system {autonomous-system-number} command? A. It sets the EIGRP autonomous system number in a VRF. B. It sets the BGP autonomous system number in a VRF. C. It sets the global EIGRP autonomous system number. D. It sets the global BGP autonomous system number.

375Router A and Router B are configured with IPv6 addressing and basic routing capabilities using oSPFv3. The networks that are advertised from Router A do not show up in Router B's routing table. After debugging IPv6 packets, the message "not a router" is found in the output. Why is the routing information not being learned by Router B? A. OSPFv3 timers were adjusted for fast convergence. B. The networks were not advertised properly under the OSPFv3 process. C. An IPv6 traffic filter is blocking the networks from being learned via the Router B interface that is connected to Router A. D. IPv6 unicast routing is not enabled on Router A or Router B.

376A packet capture log indicates that several router solicitation messages were sent from a local host on the Ipv6 segment. What is the expected acknowledgment and its usage? A. Router acknowledgment messages will be forwarded upstream, where the DHCP server will allocate addresses to the local host. B. Routers on the Ipv6 segment will respond with an advertisement that provides an external path from the local subnet, as well as certain data, such as prefix discovery. C. Duplicate Address Detection will determine if any other local host is using the same Ipv6 address for communication with the Ipv6 routers on the segment. D. All local host traffic will be redirected to the router with the lowest ICMPv6 signature, which is statically defined by the network administrator.

``` 377A network engineer executes the show crypto ipsec sa command. Which three pieces of information are displayed in the output? (Choose three.) A. inbound crypto map B. remaining key lifetime C. path MTU D. tagged packets E. untagged packets F. invalid identity packets ```

A,B,C

378Refer to the following output: Router#show ip nhrp detail - 10.1.1.2/8 via 10.2.1.2, Tunnel1 created 00:00:12, expire 01:59:47 TypE. Dynamic, Flags: authoritative unique nat registered used NBMA address: 10.12.1.2 - What does the authoritative flag mean in regards to the NHRP information? A. It was obtained directly from the next-hop server. B. Data packets are process switches for this mapping entry. C. NHRP mapping is for networks that are local to this router. D. The mapping entry was created in response to an NHRP registration request. E. The NHRP mapping entry cannot be overwritten.

379Which common issue causes intermittent DMVPN tunnel flaps? A. a routing neighbor reachability issue B. a suboptimal routing table C. interface bandwidth congestion D. that the GRE tunnel to hub router is not encrypted

380What are the three modes of Unicast Reverse Path Forwarding? A. strict mode, loose mode, and VRF mode B. strict mode, loose mode, and broadcast mode C. strict mode, broadcast mode, and VRF mode D. broadcast mode, loose mode, and VRF mode

381Refer to the following command: router(config)# ip http secure-port 4433 Which statement is true? A. The router will listen on port 4433 for HTTPS traffic. B. The router will listen on port 4433 for HTTP traffic. C. The router will never accept any HTTP and HTTPS traffic. D. The router will listen to HTTP and HTTP traffic on port 4433.

382A network engineer is configuring a routed interface to forward broadcasts of UDP 69, 53, and 49 to 172.20.14.225. Which command should be applied to the configuration to allow this? A. router(config-if)#ip helper-address 172.20.14.225 B. router(config-if)#udp helper-address 172.20.14.225 C. router(config-if)#ip udp helper-address 172.20.14.225 D. router(config-if)#ip helper-address 172.20.14.225 69 53 49

383A network engineer is configuring SNMP on network devices to utilize one-way SNMP notifications. However, the engineer is not concerned with authentication or encryption. Which command satisfies the requirements of this scenario? A. router(config)#snmp-server host 172.16.201.28 traps version 2c CISCORO B. router(config)#snmp-server host 172.16.201.28 informs version 2c CISCORO C. router(config)#snmp-server host 172.16.201.28 traps version 3 auth CISCORO D. router(config)#snmp-server host 172.16.201.28 informs version 3 auth CISCORO

``` 384A network engineer finds that a core router has crashed without warning. In this situation, which feature can the engineer use to create a crash collection? A. secure copy protocol B. core dumps C. warm reloads D. SNMP E. NetFlow ```

385A network engineer is trying to implement broadcast-based NTP in a network and executes the ntp broadcast client command. Assuming that an NTP server is already set up, what is the result of the command? A. It enables receiving NTP broadcasts on the interface where the command was executed. B. It enables receiving NTP broadcasts on all interfaces globally. C. It enables a device to be an NTP peer to another device. D. It enables a device to receive NTP broadcast and unicast packets.

``` 386What is a function of NPTv6? A. It interferes with encryption of the full IP payload. B. It maintains a per-node state. C. It is checksum-neutral. D. It rewrites transport layer headers. ```

387A network engineer executes the "ipv6 flowset" command. What is the result? A. Flow-label marking in 1280-byte or larger packets is enabled. B. Flow-set marking in 1280-byte or larger packets is enabled. C. Ipv6 PMTU is enabled on the router. D. Ipv6 flow control is enabled on the router.

``` 388A network engineer executes the show ip flow export command. Which line in the output indicates that the send queue is full and export packets are not being sent? A. output drops B. enqueuing for the RP C. fragmentation failures D. adjacency issues ```

389A network engineer is asked to configure a "site-to-site" Ipsec VPN tunnel. One of the last things that the engineer does is to configure an access list (access-list 1 permit any) along with the command ip nat inside source list 1 int s0/0 overload. Which functions do the two commands serve in this scenario? A. The command access-list 1 defines interesting traffic that is allowed through the tunnel. B. The command ip nat inside source list 1 int s0/0 overload disables "many-to-one" access for all devices on a defined segment to share a single IP address upon exiting the external interface. C. The command access-list 1 permit any defines only one machine that is allowed through the tunnel. D. The command ip nat inside source list 1 int s0/0 overload provides "many-to-one" access for all devices on a defined segment to share a single IP address upon exiting the external interface.

``` 390A network engineer is notified that several employees are experiencing network performance related issues, and bandwidth-intensive applications are identified as the root cause. In order to identify which specific type of traffic is causing this slowness, information such as the source/destination IP and Layer 4 port numbers is required. Which feature should the engineer use to gather the required information? A. SNMP B. Cisco IOS EEM C. NetFlow D. Syslog E. WCCP ```

``` 391A companys corporate policy has been updated to require that stateless, 1-to-1, and Ipv6 to Ipv6 translations at the Internet edge are performed. What is the best solution to ensure compliance with this new policy? A. NAT64 B. NAT44 C. NATv6 D. NPTv4 E. NPTv6 ```

392Sampler:mysampler,id:1,packets matched:10,mode:random sampling mode Which statement about the output of the show flow-sampler command is true? A. The sampler matched 10 packets, each packet randomly chosen from every group of 100 packets. B. The sampler matched 10 packets, one packet every 100 packets. C. The sampler matched 10 packets, each one randomly chosen from every 100-second interval. D. The sampler matched 10 packets, one packet every 100 seconds.

393What is the result of the command ip flow-export destination 10.10.10.1 5858? A. It configures the router to export cache flow information to IP 10.10.10.1 on port UDP/5858. B. It configures the router to export cache flow information about flows with destination IP 10.10.10.1 and port UDP/5858. C. It configures the router to receive cache flow information from IP 10.10.10.1 on port UDP/5858. D. It configures the router to receive cache flow information about flows with destination IP 10.10.10.1 and port UDP/5858.

394Which type of traffic does DHCP snooping drop? A. discover messages B. DHCP messages where the source MAC and client MAC do not match C. traffic from a trusted DHCP server to client D. DHCP messages where the destination MAC and client MAC do not match

395Which two commands would be used to troubleshoot high memory usage for a process? (Choose two.) A. router#show memory allocating-process table B. router#show memory summary C. router#show memory dead D. router#show memory events E. router#show memory processor statistics

A,B

396The following configuration is applied to a router at a branch site: ipv6 dhcp pool dhcp-pool dns-server 2001:DB8:1:B::1 dns-server 2001:DB8:3:307C::42 domain-name example.com ! If IPv6 is configured with default settings on all interfaces on the router, which two dynamic IPv6 addressing mechanisms could you use on end hosts to provide end-to-end connectivity? (Choose two.) A. EUI-64 B. SLAAC C. DHCPv6 D. BOOTP

A,B

``` 397The enterprise network WAN link has been receiving several denial of service attacks from both IPv4 and IPv6 sources. Which three elements can you use to identify an IPv6 packet via its header, in order to filter future attacks? (Choose three.) A. Traffic Class B. Source address C. Flow Label D. Hop Limit E. Destination Address F. Fragment Offset ```

B,C,E

398Refer to the exhibit. The network setup is running the RIP routing protocol. Which two events will occur following link failure between R2 and R3? (Choose two.) A. R2 will advertise network 192.168.2.0/27 with a hop count of 16 to R1. B. R2 will not send any advertisements and will remove route 192.168.2.0/27 from its routing table. C. R1 will reply to R2 with the advertisement for network 192.168.2.0/27 with a hop count of 16. D. After communication fails and after the hold-down timer expires, R1 will remove the 192.168.2.0/27 route from its routing table. E. R3 will not accept any further updates from R2, due to the split-horizon loop prevention mechanism.

A,C

399Which three benefits does the Cisco Easy Virtual Network provide to an enterprise network? (Choose three.) A. simplified Layer 3 network virtualization B. improved shared services support C. enhanced management, troubleshooting, and usability D. reduced configuration and deployment time for dot1q trunking E. increased network performance and throughput F. decreased BGP neighbor configurations

A,B,C

400Which traffic characteristic is the reason that UDP traffic that carries voice and video is assigned to the queue only on a link that is at least 768 kbps? A. typically is not fragmented B. typically is fragmented C. causes windowing D. causes excessive delays for video traffic

``` 401A network administrator is troubleshooting a DMVPN setup between the hub and the spoke. Which action should the administrator take before troubleshooting the IPsec configuration? A. Verify the GRE tunnels. B. Verify ISAKMP. C. Verify NHRP. D. Verify crypto maps. ```

402A network engineer is investigating the cause of a service disruption on a network segment and executes the debug condition interface fastethernet f0/0 command. In which situation is the debugging output generated? A. when packets on the interface are received and the interface is operational B. when packets on the interface are received and logging buffered is enabled C. when packets on the interface are received and forwarded to a configured syslog server D. when packets on the interface are received and the interface is shut down

403What is the primary service that is provided when you implement Cisco Easy Virtual Network? A. It requires and enhances the use of VRF-Lite. B. It reduces the need for common services separation. C. It allows for traffic separation and improved network efficiency. D. It introduces multi-VRF and label-prone network segmentation.

404Refer to the exhibit. When summarizing these routes, which route is the summarized route? A. OI 2001:DB8::/48 [110/100] via FE80::A8BB:CCFF:FE00:6F00, Ethernet0/0 B. OI 2001:DB8::/24 [110/100] via FE80::A8BB:CCFF:FE00:6F00, Ethernet0/0 C. OI 2001:DB8::/32 [110/100] via FE80::A8BB:CCFF:FE00:6F00, Ethernet0/0 D. OI 2001:DB8::/64 [110/100] via FE80::A8BB:CCFF:FE00:6F00, Ethernet0/0

``` 405Which Cisco VPN technology uses AAA to implement group policies and authorization and is also used for the XAUTH authentication method? A. DMVPN B. Cisco Easy VPN C. GETVPN D. GREVPN ```

406Refer to the exhibit. Which statement about the configuration is true? A. 20 packets are being sent every 30 seconds. B. The monitor starts at 12:05:00 a.m. C. Jitter is being tested with TCP packets to port 65051. D. The packets that are being sent use DSCP EF.

407Refer to the exhibit. Which statement about the command output is true? A. The router exports flow information to 10.10.10.1 on UDP port 5127. B. The router receives flow information from 10.10.10.2 on UDP port 5127. C. The router exports flow information to 10.10.10.1 on TCP port 5127. D. The router receives flow information from 10.10.10.2 on TCP port 5127.

``` 408Which three items can you track when you use two time stamps with IP SLAs? (Choose three.) A. delay B. jitter C. packet loss D. load E. throughput F. path ```

A,B,C

``` 409If the total bandwidth is 64 kbps and the RTT is 3 seconds, what is the bandwidth delay product? A. 8,000 bytes B. 16,000 bytes C. 24,000 bytes D. 32,000 bytes E. 62,000 bytes ```

410What are the default timers for RIPng? A. Update: 30 seconds Expire: 180 seconds Flush: 240 seconds B. Update: 20 seconds Expire: 120 seconds Flush: 160 seconds C. Update: 10 seconds Expire: 60 seconds Flush: 80 seconds D. Update: 5 seconds Expire: 30 seconds Flush: 40 seconds

411What is the purpose of the route-target command? A. It extends the IP address to identify which VRF instance it belongs to. B. It enables multicast distribution for VRF-Lite setups to enhance IGP routing protocol capabilities. C. It manages the import and export of routes between two or more VRF instances. D. It enables multicast distribution for VRF-Lite setups to enhance EGP routing protocol capabilities.

``` 412A network engineer has configured a tracking object to monitor the reachability of IP SLA 1. In order to update the next hop for the interesting traffic, which feature must be used in conjunction with the newly created tracking object to manipulate the traffic flow as required? A. SNMP B. PBR C. IP SLA D. SAA E. ACLs F. IGP ```

``` 413Which type of handshake does CHAP authentication use to establish a PPP link? A. one-way B. two-way C. three-way D. four-way ```

414Which statement is a restriction for PPPoE configuration? A. Multiple PPPoE clients can use the same dialer interface. B. Multiple PPPoE clients can use the same dialer pool. C. A PPPoE session can be initiated only by the client. D. A PPPoE session can be initiated only by the access concentrator.

415Refer to the exhibit. Which statement about the configuration is true? A. This configuration is incorrect because the MTU must match the ppp-max-payload that is defined. B. This configuration is incorrect because the dialer interface number must be the same as the dialer pool number. C. This configuration is missing an IP address on the dialer interface. D. This configuration represents a complete PPPoE client configuration on an Ethernet connection.

416A company has their headquarters located in a large city with a T3 frame relay link that connects 30 remote locations that each have T1 frame relay connections. Which technology must be configured to prevent remote sites from getting overwhelmed with traffic and prevent packet drops from the headquarters? A. traffic shaping B. IPsec VPN C. GRE VPN D. MPLS

``` 417In IPv6, SLAAC provides the ability to address a host based on a network prefix that is advertised from a local network router. How is the prefix advertised? A. routing table B. router advertisements C. routing protocol D. routing type ```

418A network engineer is considering enabling load balancing with EIGRP. Which consideration should be analyzed? A. EIGRP allows a maximum of four paths across for load balancing traffic. B. By default, EIGRP uses a default variance of 2 for load balancing. C. EIGRP unequal path load balancing can result in routing loops. D. By default, EIGRP performs equal cost load balancing at least across four equal cost paths.

419Which statement is true? A. RADIUS uses TCP, and TACACS+ uses UDP. B. RADIUS encrypts the entire body of the packet. C. TACACS+ encrypts only the password portion of a packet. D. TACACS+ separates authentication and authorization.

420Which two statements about AAA implementation in a Cisco router are true? (Choose two.) A. RADIUS is more flexible than TACACS+ in router management. B. RADIUS and TACACS+ allow accounting of commands. C. RADIUS and TACACS+ encrypt the entire body of the packet. D. RADIUS and TACACS+ are client/server AAA protocols. E. Neither RADIUS nor TACACS+ allow for accounting of commands.

B,D

``` 421Which option is invalid when configuring Unicast Reverse Path Forwarding? A. allow self ping to router B. allow default route C. allow based on ACL match D. source reachable via both ```

422Which option represents the minimal configuration that allows inbound traffic from the 172.16.1.0/24 network to successfully enter router R, while also limiting spoofed 10.0.0.0/8 hosts that could enter router R? A. (config)#ip cef (config)#interface fa0/0 (config-if)#ip verify unicast source reachable-via rx allow-default B. (config)#ip cef (config)#interface fa0/0 (config-if)#ip verify unicast source reachable-via rx C. (config)#no ip cef (config)#interface fa0/0 (config-if)#ip verify unicast source reachable-via rx D. (config)#interface fa0/0 (config-if)#ip verify unicast source reachable-via any

423Which two statements indicate a valid association mode for NTP synchronization? (Choose two.) A. The client polls NTP servers for time. B. The client broadcasts NTP requests. C. The client listens to NTP broadcasts. D. The client creates a VPN tunnel to an NTP server. E. The client multicasts NTP requests.

A,C

``` 424Which technology can be employed to automatically detect a WAN primary link failure and failover to the secondary link? A. HSRP B. VRRP C. IP SLA D. multicast ```

``` 425In which two ways can NetFlow data be viewed? (Choose two.) A. CLI B. NetFlow C. built-in GUI D. syslog server interface E. web interface ```

A,B

``` 426(a) punt adjacency drop adjacency null adjacency discard adjacency glean adjacency ``` (b) packets are discarded features that req special handling or features not supported are forwarded to the next switching layer for handling the FIB table on the rtr maintains a prefix for the subnet rather than the individual host prefixes packets are dropped, but the prefix is checked packets destined for a Null0 int are dropped. This can be an effective form of access filtering.

``` discard = discard punt = forwarded glean = FIB table maintains drop = drop null = Null0 ```

``` 427(a) opensent openconfirm established idle active connect ``` ``` (b) refuses connections (initial state) ``` waits for connection to be completed listens for/accept connections waits for OPEN msg waits for KEEPALIVE or NOTIFICATION message UPDATE, NOTIFICATION< or KEEPALIVE msgs are exchanged with peers

``` idle = refuse connect = waits active = listens for opensent = waits for OPEN openconfirm = waits for KEEPALIVE established = exchanges ```

``` 428(a) modifies IP header in transit maps 1 IPv6 to another uses network specific prefix modifies session during translation ``` (b) NAT64(2) NPTv6(2)

NAT64(2) modifies session during translation uses network-specific prefix NPTv6(2) maps 1 IPv6 to another modifies IP header in transit

429What is the function of the snmp-server manager command? A. to enable thedevice to send and receive SNMP requests and responses B. to disable SNMP messages from getting to the SNMO engine C. to enable the device to send SNMP traps to the SNMP server D. to configure the SNMP server to store log data

430Refer to the following configuration command.: router(config)# ip nat inside source static tcp 172.16.10.8 8080 172.16.10.8 80 Which statement about the command is true? A. Any packet that is received in the inside interface with a source IP port addresses of 172.16.10.8:80 is translated to 172.16.10.8:8080. B. Any packet that is received in the inside interface with a source IP address of 172.16.10.8is redirected to port 8080 or port 80. C. The router accepts only a TCP connection from port 8080 and port 80 on IP address 172.16.10.8. D. Any packet that is received in the inside interface with a source IP port address of 172.16.10.8:8080 is translatedto 172.16.10.8:80.

431Refer to the exhibit. A network engineer has configured GRE between two IOS routers. The state of the tunnel interface is continuously oscillating between up and down. What is the solution to this problem? A. Create a more specific ARP entry to define how to reach the remote router. B. Save the configuration and reload the router. C. Create a more specific static route to define how to reach the remote router. D. Check whether the Internet service provider link is stable,

``` 432A network engineer receives reports about poor voice quality issues at a remote site. The network engineer does a packet capture and sees out-of-order packets being delivered. Which option can cause the VoIP quality to suffer? A. speed duplex link issues B. misconfigured voice VLAN C. load balancing over redundant links D. traffic over backup redundant links ```

``` 433Refer to the exhibit. A network engineer is troubleshooting a DMVPN setup between the hub and the spoke. The engineer executes the command show crypto isakmp sa and observes the output that is displayed. What is the problem? A. that ISAKMP is using default settings B. an incompatible ISAKMP policy C. an incompatible IPsec transform set D. that ISAKMP is not enabled ```

``` 434Which two attributes describe UDP within a TCP/IP network? (Choose two.) A. acknowledgments B. unreliable delivery C. connection-oriented communication D. increased headers E. connectionless communication ```

B,E

``` 435Which three IP SLA performance metrics can you use to monitor enterprise-class networks? (Choose three.) A. packet loss B. delay C. bandwidth D. connectivity E. reliability F. traps ```

A,B,D

``` 436Which Easy Virtual Networking configuration component significantly decreases network configuration? A. MBGP B. VNET tags C. Easy Trunk D. VirtualNetwork Trunk E. dot1e ```

``` 437Which IP SLA operation can be used to measure round-trip delay for the full path and hop-by hop round-trip delay on the network? A. HTTP B. ICMP echo C. TCP connect D. ICMP path echo ```

``` 438What is the administrative distance for EBGP? A. 200 B. 20 C. 30 D. 70 ```

``` 439Considering the IPv6 address independence requirement, which process do you avoid when you use NPTv6 for translation? A. IPv6 duplication and conservation B. IPsec AH header modification C. checksum verification D. rewriting of higher layer information ```

``` 440What is the optimal location from which to execute a debug command that produces an excessive amount of information? A. vty lines B. a console port C. SNMP commands D. an AUXport ```

``` 441A network engineer is configuring the router for NetFlow data exploring. What is required in order for NDE to begin exporting data? A. destination B. flowmask C. source D. traffic type E. interface type F. NetFlow version ```

``` 442A network engineer wants to ensure an optimal end-to-end delay bandwidth product. The delay is less than 64 ms. Which TCP feature ensures steady state throughput? A. network buffers B. TCP acknowledgments C. widows scaling D. round-trip timers ```

``` 443You are configuring a Microsoft client to call a PPP server using CHAP. Only the client will be authenticated, but the clients password has expired and must be changed. Which PPP server configuration allows the call to be completed? A. ppp authentication ms-chap-v2 B. ppp authentication chap callin C. ppp authentication chap D. ppp authentication ms-chap-v2 callin E. ppp authentication ms-chap callin ```

444Which two tasks does a DHCP relay agent perform? (Choose two.) A. It forwards DHCPHELLO and DHCPREQUEST messages to the DHCP server. B. It forwards DHCPREQUEST and DHCPACK messages to the DHCP server. C. It forwards DHCPOFFER and DHCPCOMPLETE messages to the DHCP client. D. It forwards DHCPDISCOVER and DHCPREQUEST messages to the DHCP server. E. It forwards DHCPOFFER and DHCPACK messages to the DHCP client.

D,E

``` 445A network engineer executes the show ip cache flow command. Which two types of information are displayed in the report that is generated? (Choose two.) A. flow samples for specific protocols B. IP packet distribution C. top talkers D. flow export statistics E. MLS flow traffic ```

A,B

Dump1 Flashcards

(446 cards)