Book Questions Flashcards
- Which are the three Cisco network architectures for the enterprise?
Hierarchical
Borderless
Integrated
Data center/virtualization
OSI model
Collaboration
B, D, and F. Collaboration, data center/virtualization, and borderless network are the three architectures for the enterprise.
- Which technology forces affect decisions for the enterprise network?
Removal of borders
Virtualization
Growth of applications
10GigEthernet
Regulation
ROI
Competitiveness
A, B, C. Removal of borders, virtualization, and growth of applications are technology forces.
Network resiliency and control occurs in which layer of the borderless network architecture?
Policy and Control
Borderless Network Services
Borderless User Services
Connection Management
B. Network resiliency and control occurs in the Network Services layer.
Presence occurs in which collaboration architecture layer?
Communication and Collaboration
Collaboration Services
Infrastructure
Media Services
B. Presence occurs under Collaboration Services.
Which of the following is the correct order of the six phases of PPDIOO?
Prepare, Plan, Design, Implement, Operate, Optimize
Plan, Prepare, Design, Implement, Operate, Optimize
Prepare, Plan, Design, Implement, Optimize, Operate
Plan, Prepare, Design, Implement, Optimize, Operate
A. The correct order is Prepare, Plan, Design, Implement, Operate, Optimize.
The PPDIOO design methodology includes which steps? (Select all that apply.)
Identify customer requirements.
Design the network topology.
Characterize the network.
Optimize the network.
Operate the network.
Implement the network.
Prepare and plan.
A, B, C. The PPDIOO methodology has three steps.
What are the three primary sources of information in a network audit?
CIO, network manager, network engineer
Network manager, management software, CDP
Network discovery, CDP, SNMP
Existing documentation, management software, new management tools
D. The primary sources of network audits are existing documentation, management software, and new management tools.
Which design solution states that a design must start from the application layer and finish in the physical layer?
OSI model
PPDIOO
Hierarchical architecture
Top-down
D. The top-down design approach starts the design from the application layer.
Budget and personnel limitations are examples of what?
Organization requirements
Organization constraints
Technical goals
Technical constraints
B. The examples are organization constraints.
Improving network response time and reliability are examples of what?
Organization requirements
Organization constraints
Technical goals
Technical constraints
C. The examples are technical goals.
List the PPDIOO phases in order.
Prepare, Plan, Design, Implement, Operate, Optimize.
Which business forces affect decisions for the enterprise network?
Removal of borders
Virtualization
Growth of applications
10GigEthernet
Regulation
ROI
Competitiveness
E, F, G. Regulation, ROI, and competitiveness are business forces.
Which design methodology step is important for identifying organizational goals?
Identify customer requirements
Characterize the existing network
Design the network topology and solution
Examine the architecture
Validate the design
Obtain the ROI
A. Identify customer requirements.
What needs to be obtained prior to designing the network?
Expected ROI
Organizational and technical goals
Technical constraints
Bill of materials
Existing and new network applications
B, C, and E
Match each PPDIOO phase with its description.
Implement
Optimize
Design
Prepare
Operate
Plan
Establish requirements
Gap analysis
Provides high-availability design
Installation and configuration
Day to day
Proactive management
i = D, ii = F, iii = C, iv = B, v = E, vi = A
Which borderless architecture provides mobility?
Policy
Network services
User services
Connection management
Control services
C. The user services architecture provides mobility, performance, and security.
Which are the three steps in PPDIOO design methodology?
Reviewing the project cost
Designing the network topology and solution
Characterizing the network
Identifying customer requirements.
Validating the design
B, C, and D
Match each infrastructure service with its description.
Identity
Mobility
Storage
Compute
Security
Voice/collaboration
Access from a remote location
Improved computational resources
Unified messaging
AAA, NAC
Storage of critical data
Secure communications
i = D, ii = A, iii = E, iv = B, v = F, vi = C
A company location is used to test a new VoIP solution. What is this type of test called?
Prototype
Pilot
Implementation
New
B. A pilot site is an actual live location for testing.
An isolated network is created to test a new design. What is this type of test called?
Prototype
Pilot
Implementation
New
A. A prototype network is a subset of the design in an isolated environment.
NBAR, NetFlow, and EtherPeek are examples of what?
Network audit tools
Network analysis tools
SNMP tools
Trending tools
B
Monitoring commands, CiscoWorks, and WhatsUP are examples of what?
Network audit tools
Network analysis tools
SNMP tools
Trending tools
A. Monitoring commands are not SNMP tools
Which of the following are technical constraints? (Select all that apply.)
Existing wiring
Existing network circuit bandwidth
Improving the LAN’s scalability
Adding redundancy
A and B
Which of the following are technical goals? (Select all that apply.)
Existing wiring
Existing network circuit bandwidth
Improving the LAN’s scalability
Adding redundancy
C and D. The other answers are technical constraints.
Which of the following are organizational goals? (Select all that apply.)
Improving customer support
Budget has been established
Increasing competitiveness
Completion in three months
Reducing operational costs
Network personnel are busy
A, C, and E
Which of the following are organizational constraints? (Select all that apply.)
Improving customer support
Budget has been established
Increasing competitiveness
Completion in three months
Reducing operational costs
Network personnel are busy
B, D, and F. The other answers are organizational goals.
What components are included in the design document? (Select four.)
IP addressing scheme
Implementation plan
List of Layer 2 devices
Design requirements
Selected routing protocols
List of Layer 1 devices
A, B, D, E. Answers C and F are not usually included in the design document.
Match each design document section with its description.
Introduction
Design requirements
Existing Network Infrastructure
Design
Proof of Concept
Implementation Plan
Appendix
Detailed steps
Current diagram and configuration
Organizational requirements
Goals
Pilot
New logical topology
Supporting information
i = D, ii = C, iii = B, iv = F, v = E, vi = A, vii = G
The network health analysis is based on what information?
The number of users accessing the Internet
The statements made by the CIO
Statistics from the existing network
The IP addressing scheme
C. The network health analysis is based on statistics obtained from the existing network.
While performing a network audit, you encounter a Frame Relay WAN segment running at a sustained rate of 75 percent from 9 a.m. to 5 p.m. What do you recommend?
Nothing. The daily 24-hour average rate is still 45 percent.
Change from Frame Relay to MPLS.
Increase the provisioned WAN bandwidth.
Deny VoIP calls from 9 a.m. to 5 a.m.
C. WAN circuits with sustained utilization of more than 70 percent should have their provisioned bandwidth increased.
What information is included in the network audit report? (Select all that apply.)
Network device list
IOS versions
Router models
Interface speeds
WAN utilization
A, B, C, D, E. All these items are included in a network audit report.
Which three tasks are part of characterizing the existing network?
Speaking with the CIO
Using traffic analysis
Automated auditing of the network using tools
Collect information
Obtaining organizational chart
Defining organizational goals
B, C, and D
Which command provides the average CPU of a Cisco router?
show cpu
show processes cpu
show processes memory
show cpu utilization
show cpu average
B
Which parameters can be obtained by the use of a traffic analyzer?
Application importance
QoS requirements
Devices using a specific protocol
IP addresses of devices and TCP/UDP port number
Average bit rate and packet rate
C, D, and E
Which commands provide information about individual applications, protocols, or flows? (Choose three.)
show process cpu
show ip interface
show ip cache flow
show ip nbar protocol-discovery
show process memory
show interface application
B, C, and D
What is used to create the documentation of the existing network?
Router show commands
Network audit, documentation, and traffic analysis tools
Audit tools
Existing documentation and input from organization
B
What is the sequence for the stages of top-down design?
Identify customer requirements.
Define upper OSI layers.
Gather additional information.
Choose underlying technology.
Which are potential scopes for a network design project? (Choose three.)
Network layer redundancy
Campus upgrade
Data link layer redundancy
Network redesign
WAN upgrade
Application upgrade
B, D, and E
A credit card company network is being designed. Secure transactions are emphasized throughout the initial requirements. Redundant links are required to reduce network outages. What is the order of importance of the following design issues?
IP addressing design
Physical topology design
Network modules
Security design
C-1, A-2, B-3, D-4. Taking a top-down approach the order of importance is security design, IP addressing (network layer) design, physical topology design, and then network modular design.
Which types of tools are used during the network design process?
Network management tools
Network trending tools
Network modeling tools
Network simulation and testing tools
Network implementation tools
C and D
Which four items should be present in the implementation plan?
Implementation description
Estimated time to implement
Reference to design document
Rollback procedure
Estimated cost of implementation
Application profiles
A, B, C, and D
A new design uses IPsec for the WAN. Which approach should be used to verify the design?
Live network
Pilot network
Prototype network
Cable network
Internet network
C
Which three is included in the design document?
Design details
Design requirements
Current cable runs
List of Layer 2 devices
Implementation plan
A, B, and E
In the hierarchical network model, which layer is responsible for fast transport?
Network
Core
Distribution
Access
B. The core layer of the hierarchical model is responsible for fast transport.
Which Enterprise Architecture model component interfaces with the service provider (SP)?
Campus infrastructure
Access layer
Enterprise edge
Edge distribution
C. The enterprise edge consists of e-commerce, Internet connectivity, VPN/remote access, and WAN modules. The enterprise edge modules connect to SPs.
In the hierarchical network model, at which layer do security filtering, address aggregation, and media translation occur?
Network
Core
Distribution
Access
C. The distribution layer of the hierarchical model is responsible for security filtering, address and area aggregation, and media translation.
Which of the following is/are method(s) of workstation-to-router redundancy in the access layer?
AppleTalk Address Resolution Protocol (AARP)
Hot Standby Router Protocol (HSRP)
Virtual Router Redundancy Protocol (VRRP)
Answers B and C
Answers A, B, and C
D. HSRP and VRRP provide default gateway redundancy.
The network-management module has tie-ins to which component(s)? Campus infrastructure
Server farm
Enterprise edge
SP edge
Answers a and b
Answers a, b, and c
Answers a, b, c, and d
F. The network management module monitors all components and functions except the SP edge.
Which of the following is an SP edge module in the Cisco Enterprise Architecture model? Public switched telephone network (PSTN) service
Edge distribution
Server farm
Core layer
A. The SP edge includes Internet, PSTN, and WAN modules.
In which module would you place Cisco Unified Communications Manager (CUCM)? Campus core
E-commerce
Server farm
Edge distribution farm
C. The server farm hosts campus servers including Cisco CallManager servers.
High availability, port security, and rate limiting are functions of which hierarchical layer?
Network
Core
Distribution
Access
D. The access layer functions are high availability, port security, rate limiting, ARP inspection, virtual access lists, and trust classification.
True or false: The core layer of the hierarchical model does security filtering and media translation.
False
True or false: The access layer provides high availability and port security.
True
You add Communications Manager to the network as part of a Voice over IP (VoIP) solution. In which submodule of the Enterprise Architecture model should you place Communications Manager?
The server farm.
True or false: HSRP provides router redundancy.
True
Which enterprise edge submodule connects to an ISP?
The Internet submodule.
List the six modules of the Cisco Enterprise Architecture model for network design.
Enterprise campus, enterprise edge, enterprise WAN, enterprise branch, enterprise data center, and enterprise teleworker.
True or false: In the Cisco Enterprise Architecture model, the network management submodule does not manage the SP edge.
True
True or false: You can implement a full-mesh network to increase redundancy and reduce a WAN’s costs.
False. A full-mesh network increases costs.
How many links are required for a full mesh of six sites?
Use n(n – 1)/2, where n = 6. 6 * (6 – 1)/2 = (6 * 5)/2 = 30/2 = 15
List and describe four options for multihoming to the SP between the Enterprise Edge and the SP Edge. Which option provides the most redundancy?
Option 1: Single router, dual links to one ISP
Option 2: Single router, dual links to two ISPs
Option 3: Dual routers, dual links to one ISP
Option 4: Dual routers, dual links to two ISPs
Option 4 provides the most redundancy, with dual local routers, dual links, and dual ISPs.
To what enterprise edge submodule does the SP Edge Internet submodule connect?
The SP edge Internet submodule connects to the enterprise edge Internet submodule.
What are four benefits of hierarchical network design?
Cost savings, ease of understanding, easy network growth (scalability), and improved fault isolation.
In an IP telephony network, in which submodule or layer are the IP phones and CUCM servers located?
IP phones reside in the building access layer of the campus infrastructure. The CallManagers are placed in the server farm of the enterprise campus.
Match the redundant model with its description:
Workstation-router redundancy
Server redundancy
Route redundancy
Media redundancy
Cheap when implemented in the LAN and critical for the WAN
Provides load balancing
Host has multiple gateways
Data is replicated
i = C, ii = D, iii = B, iv = A
True or false: Small to medium campus networks must always implement three layers of hierarchical design.
False. Small campus networks can have collapsed core and distribution layers and implement a two-layer design. Medium campus networks can have two-tier or three-tier designs.
How many full-mesh links do you need for a network with ten routers?
Use the formula n(n – 1)/2, where n = 10. 10(10 – 1)/2 = 90/2 = 45 links.
Which layer provides routing between VLANs and security filtering?
Access layer
Distribution layer
Enterprise edge
WAN module
B. The distribution layer provides routing between VLANs and security filtering.
List the four modules of the enterprise edge area.
E-commerce, Internet, VPN/remote access, and WAN.
List the three submodules of the SP edge.
Internet services, WAN services, and PSTN services.
List the components of the Internet edge.
Firewalls, Internet routers, FTP/HTTP servers, SMTP mail servers, and DNS servers.
Which submodule contains firewalls, VPN concentrators, and ASAs? WAN
VPN/remote access
Internet
Server farm
B. The VPN/remote access submodule contains firewalls, VPN concentrators, and ASAs.
Which of the following describe the access layer? (Select two.)
High-speed data transport
Applies network policies
Performs network aggregation
Concentrates user access
Provides PoE
Avoids data manipulation
D and E. The access layer concentrates user access and provides PoE to IP phones.
Which of the following describe the distribution layer? (Select two.)
High-speed data transport
Applies network policies
Performs network aggregation
Concentrates user access
Provides PoE
Avoids data manipulation
B and C. The distribution layer concentrates the network access switches and routers and applies network policies with access lists.
Which of the following describe the core layer? (Select two.)
High-speed data transport
Applies network policies
Performs network aggregation
Concentrates user access
Provides PoE
Avoids data manipulation
A and F. The core layer provides high-speed data transport without manipulating the data.
Which campus submodule connects to the enterprise edge module? SP edge
WAN submodule
Building distribution
Campus core
Enterprise branch
Enterprise data center
D. The Campus Core connects to the server farm, the Enterprise Edge, and the Building Distribution.
Which remote module connects to the enterprise via the Internet or WAN submodules and contains a small LAN switch for users? SP edge
WAN submodule
Building distribution
Campus core
Enterprise branch
Enterprise data center
E. The infrastructure at the remote site usually consists of a WAN router and a small LAN switch.
Which three types of servers are placed in the e-commerce submodule?
Web
Application
Database
Intranet
Internet
Public share
A, B, and C. Web, application, and database servers are placed in the e-commerce submodule.
Which solution supports the enterprise teleworker?
IP telephony
Enterprise campus
Cisco virtual office
SP edge
Hierarchical design
Data Center 3.0
C. The Cisco Virtual Office supports the teleworker with router, VPN, and IP telephony.
Which are two benefits of using a modular approach?
Simplifies the network design
Reduces the amount of network traffic on the network
Often reduces the cost and complexity of the network
Makes the network simple by using full mesh topologies
A and C
Which three modules provide infrastructure for remote users? (Select three.)
Teleworker module
WAN module
Enterprise branch module
Campus module
Enterprise data center
Core, distribution, access layers
A, C, and E. The teleworker, branch, and data center modules are part of the enterprise remote modules.
Which are borderless networks infrastructure services? (Select three.)
IP telephony
Security
QoS
SP edge
High availability
Routing
B, C, and E. Security, QoS, and high availability are borderless network infrastructure services.
Which module contains devices that supports AAA and stores passwords? WAN module
VPN module
Server farm module
Internet connectivity module
SP edge
TACACS
C. Servers are located in the server farm module of the enterprise campus area.
Which topology is best used for connectivity in the building distribution layer?
Full mesh
Partial mesh
Hub and spoke
Dual ring
EthernetChannel
B. Partial-mesh connectivity is best suited in the distribution layer.
What are two ways that wireless access points are used? (Choose two.)
Function as a hub for wireless end devices
Connect to the enterprise network
Function as a Layer 3 switch for wireless end devices
Provide physical connectivity for wireless end devices
Filter out interference from microwave devices
A and B. Wireless APs function as a hub to connect wireless end devices to the network.
In which ways does application network services helps resolve application issues?
It can compress, cache, and optimize content.
Optimizes web streams which can reduce latency and offload the web server.
Multiple data centers increases productivity.
Improves application response times by using faster servers.
A and B
Which are key features of the distribution layer?
Aggregates access layer switches
Provides a routing boundary between access and core layers
Provides connectivity to end devices
Provides fast switching
Provides transport to the enterprise edge
Provides VPN termination
A, B, and C
Which Cisco solution allows a pair of switches to act as a single logical switch?
HSRP
VSS
STP
GLB
B. VSS allows a Catalyst 6500 switch pair to act as a single logical switch.
Which module or layer connects the server layer to the enterprise edge? Campus distribution layer
Campus data center access layer
Campus core layer
Campus MAN module
WAN module
Internet connectivity module
C
Which server type is used in the Internet connectivity module?
Corporate
Private
Public
Internal
Database
Application
C
Which server types are used in the e-commerce module for users running applications and storing data? (Select three.) Corporate
Private
Public
Internet
Database
Application
Web
E, F, and G
What device filters broadcasts?
Layer 2 switch
Hub
Layer 3 switch
Router
A and C
C and D
A, C, and D
F. Routers and Layer 3 switches are Layer 3 devices that control and filter network broadcasts.
What is the maximum segment distance for Fast Ethernet over unshielded twisted-pair (UTP)?
100 feet
500 feet
100 meters
285 feet
C. The maximum distance of 100BASE-T is 100 meters.
What device limits the collision domain?
Layer 2 switch
Hub
Layer 3 switch
Router
A and C
C and D
A, C, and D
G. Every port of a Layer 2 switch, Layer 3 switch, or LAN port on a router is a collision domain.
The summarization of routes is a best practice at which layer?
Access layer
Distribution layer
Core layer
WAN layer
B. Routes are summarized at the distribution layer.
What type of LAN switches are preferred in the campus backbone of an enterprise network?
Layer 2 switches
Layer 3 switches
Layer 3 hubs
Hubs
B. Layer 3 switches are recommended for the backbone of campus networks.
Two workstations are located on separate VLANs. They exchange data directly. What type of application is this?
Client/server
Client-peer
Peer-peer
Client-enterprise
C. This is a peer-to-peer application.
Which type of cable is the best solution in terms of cost for connecting an access switch to the distribution layer requiring 140 meters?
UTP
Copper
Multimode fiber
Single-mode fiber
C. Multimode fiber provides a cost-effective solution for that distance. Single-mode fiber is more expensive. UTP cannot go more than 100 meters.
Why is switching preferred over shared segments?
Shared segments provide a collision domain for each host.
Switched segments provide a collision domain for each host.
Shared segments provide a broadcast domain for each host.
Switched segments provide a broadcast domain for each host.
B. Each port on a switch is a separate collision or bandwidth domain. All ports on a hub share the same bandwidth domain.
True or false: Layer 2 switches control network broadcasts.
False. Layer 2 switches limit only the collision domain.
What technology can you use to limit multicasts at Layer 2?
CGMP
True or false: Packet marking is also called coloring.
True
True or false: Usually, the distribution and core layers are collapsed in medium-size networks.
True
What are two methods to mark frames to provide CoS?
Inter-Switch Link (ISL) and IEEE 802.1p/802.1Q
Which of the following is an example of a peer-to-peer application?
IP phone call
Client accessing file server
Web access
Using a local server on the same segment
A. IP phone-to-IP phone communication is an example of peer-to-peer communication.
What primary design factors affect the design of a campus network? (Select three.)
Environmental characteristics
Number of file servers
Infrastructure devices
Fiber and UTP characteristics
Network applications
Windows, Linux, and mainframe operating systems
A, C, and E. Network applications, infrastructure devices, and environmental characteristics affect network design.
You need to connect a building access switch to the distribution switch. The cable distance is 135 m. What type of cable do you recommend?
UTP
Coaxial cable
Multimode fiber
Single-mode fiber
C. Multimode fiber provides the necessary connectivity at the required distance. UTP can reach only 100 m. Single-mode fiber is more expensive.
Which layer of the campus network corresponds to the data center aggregation layer?
Core layer
Distribution layer
Access layer
Server farm
B. The DC aggregation layer is similar to the campus distribution layer.
Which of the following is an access layer best practice?
Reduce switch peering and routing
Use HSRP and summarize routes
Disable trunking and use RPVST+
Offload SSL sessions and use load balancers
C. Disabling trunking on host ports and using RPVST+ are best practices at the access layer.
Which of the following is a distribution layer best practice?
Reduce switch peering and routing
Use HSRP and summarize routes
Disable trunking and use RPVST+
Offload SSL sessions and use load balancers
B. The use of HSRP and summarization of routes are best practices in the distribution layer.
Which of the following is a core layer best practice?
Reduce switch peering and routing
Use HSRP and summarize routes
Disable trunking and use RPVST+
Offload SSL sessions and use load balancers
A. Best practices for the core is the use of triangle connections to reduce switch peering and use routing to prevent network loops.
Which of the following is a DC aggregation layer best practice?
Reduce switch peering and routing
Use HSRP and summarize routes
Disable trunking and use RPVST+
Offload SSL sessions and use load balancers
D. Load balancers, SSL offloading, firewalls, and intrusion detection devices are deployed in the DC aggregation layer.
Which of the following are threats to the edge distribution?
IP spoofing
Network discovery
Packet-capture devices
All of the above
D. All are threats to the enterprise edge distribution.
An enterprise network has grown to multiple buildings supporting multiple departments. Clients access servers that are in local and other buildings. The company security assessment has identified policies that need to be applied. What do you recommend?
Move all departments to a single building to prevent unauthorized access.
Move all servers to one of the LAN client segments.
Move all servers to a server farm segment that is separate from client LANs.
Move all servers to the building distribution switches.
C. Create a server farm that allows the enforcement of security policies.
Link redundancy and infrastructure services are design considerations for which layers?
Core layer
Distribution layer
Access layer
All of the above
B. These are design considerations for the distribution layer.
Which of the following are server connectivity methods in the server farm?
Single NIC
EtherChannel
Content switch
All of the above
D. All are server connectivity options.
What is the recommended method to connect the distribution switches to the core?
Redundant triangle links
Redundant cross-connect links
Redundant Layer 3 squares
Redundant Layer 2 links
A. The core and the distribution should be connected using redundant Layer 3 triangular links.
A campus network of four buildings is experiencing performance problems. Each building contains 400 to 600 devices, all in one IP subnet. The buildings are connected in a hub-and-spoke configuration back to building 1 using Gigabit Ethernet with multimode fiber. All servers are located in building 1. What do you recommend to improve performance?
Connect all buildings in a ring topology.
Implement multiple VLANs in each building.
Move servers to the buildings.
Use single-mode fiber to make the Gigabit Ethernet links faster.
B. The building subnets are too large and should be further segmented to reduce the broadcast domain.
What of the following is true about data link layer broadcasts?
Not controlled by routers
Not forwarded by routers
Not forwarded by switches
Not controlled by VLANs
B. Broadcasts are not forwarded by routers and are controlled by VLANs.
Match each LAN medium with its original physical specification.
Fast Ethernet
Gigabit Ethernet
WLAN
Token Ring
10 Gigabit Ethernet
IEEE 802.3ab
IEEE 802.11b
IEEE 802.3u
IEEE 802.3ae
IEEE 802.5
i = C, ii = A, iii = B, iv = E, v = D
True or false: Layer 3 switches bound Layer 2 collision and broadcast domains.
True. Layer 3 switches and routers control both the collision and broadcast domains.
Match each enterprise campus component with its description.
Campus infrastructure
Server farm
Edge distribution
Consists of backbone, building-distribution, and building-access modules
Connects the campus backbone to the Enterprise Edge
Provides redundancy access to the servers
i = A, ii = C, iii = B
Match each LAN device type with its description.
Hub
Bridge
Switch
Layer 3 switch
Router
Legacy device that connects two data link layer segments
Network layer device that forwards packets to serial interfaces connected to the WAN
High-speed device that forwards frames between two or more data link layer segments
High-speed device that bounds data link layer broadcast domains
Device that amplifies the signal between connected segments
i = E, ii = A, iii = C, iv = D, v = B
Match each application type with its description.
Peer to peer
Client-local server
Client/server farm
Client-enterprise edge
Server on the same segment
IM
Web access
Client accesses database server
i = B, ii = A, iii = D, iv = C
Match each transmission medium with its upper-limit distance.
UTP
Wireless
Single-mode fiber
Multimode fiber
2 km
100 m
90 km
500 m
i = B, ii = D, iii = C, iv = A
True or false: IP phones and LAN switches can reassign a frame’s CoS bits.
True. IP phones reclassify incoming frames from the PC. Switches can accept or reclassify incoming frames.
Name two ways to reduce multicast traffic in the access layer.
CGMP and IGMP snooping control multicast traffic at Layer 2. The switch and local router exchange CGMP messages. With IGMP snooping, the switch listens to IGMP messages between the host and the router.
What are two VLAN methods you can use to carry marking CoS on frames?
ISL and IEEE 802.1p/Q are two methods for CoS. ISL was created by Cisco and uses an external tag that contains 3 bits for marking. IEEE 802.1p specifies 3 bits for marking that is carried in the internal tag of IEEE 802.1q. The IEEE 802.1p specification is not included in the IEEE 802.1D-1998 standard.
True or false: You can configure both CGMP and IGMP snooping in mixed Cisco switch and non-Cisco router environments.
False. You can configure the CGMP only if both the router and switch are Cisco devices. IGMP snooping can be configured in mixed environments.
What medium do you recommend for the campus LAN backbone? 3-20
The campus backbone should have high-speed links. Recommend Gigabit Ethernet links.
The workstations send frames with the DSCP set to EF. What should the IP phones do so that the network gives preference to VoIP traffic over data traffic? 3-20
The IP phones should remap the workstation traffic to a value less than the value assigned to voice. Typically, it is recommended that you configure the IP phone to set the DSCP to EF for VoIP bearer traffic.
If the Layer 2 switches in Building A cannot look at CoS and ToS fields, where should these fields be inspected for acceptance or reclassification: in the building Layer 3 switches or in the backbone Layer 3 switches? 3-20
Inspect them at the Layer 3 switches in Building A. Packets should be marked and accepted as close as possible to the source.
Does the network have redundant access to the WAN?
No. There is no redundancy to the WAN module. A separate link to another building would provide that redundancy.
Does the network have redundant access to the Internet? 3-20
No. There is no redundancy to the Internet module. A separate link from another building would provide that redundancy.
Does Figure 3-20 use recommended devices for networks designed using the Enterprise Architecture model? 3-20
Yes. The network uses Layer 2 switches at the building-access layer and Layer 3 switches at the building distribution and campus backbone layers.
Which are environmental characteristics? (Select three.)
Transmission media characteristics
Application characteristics
Distribution of network nodes
Operating system used
Remote-site connectivity requirements
A, C, and E
Which network application type is most stringent on the network resources?
Peer to peer
Client to local server
Client to server farm
Client to enterprise edge
C
Why is LAN switching used more than shared LAN technology? (Select two.)
Shared LANs do not consume all available bandwidth.
Switched LANs offer increased throughput.
Switched LANs allow two or more ports to communicate simultaneously.
Switched LANs forward frames to all ports simultaneously.
B and C
An application used by some users in a department generates significant amounts of bandwidth. Which is a best design choice?
Rewrite the application to reduce bandwidth.
Use Gigabit Ethernet connections for those users.
Put the application users into a separate broadcast domain.
Add several switches and divide the users into the two.
C
Users access servers located on a server VLAN and servers located in departmental VLANs. Users are located in the departmental VLAN. What is the expected traffic flow from users to servers?
Most traffic is local.
All traffic requires multilayer switching.
There is no need for multilayer switching.
Most of the traffic will have to be multilayer switched.
D
Company departments are located across several buildings? These departments use several common servers. Network policy and security are important. Where should servers be placed?
Within all department buildings and duplicate the common servers in each building.
Connect the common servers to the campus core.
Use a server farm.
Connect the servers to the distribution layer.
C
A large company has a campus core. What is the best practice for the core campus network?
Use triangles.
Use squares.
Use rectangles.
Use point-to-point mesh.
A. Use redundant triangle topology between distribution and core layers.
A company has five floors. It has Layer 2 switches in each floor with servers. They plan move servers to a new computer room and create a server farm. What should they use?
Replace all Layer 2 switches with Layer 3 switches.
Connect the Layer 2 switches to a Layer 3 switch in the computer room.
Connect the Layer 2 switches to a new Layer 2 switch in the computer room.
Connect the Layer 2 switches to each other.
B
A Fast Ethernet uplink is running at 80 percent utilization. Business-critical applications are used. What can be used to minimize packet delay and loss?
Implement QoS with classification and policing in the distribution layer.
Add additional VLANs so that the business applications are used on PCs on that VLAN.
Perform packet bit rewrite in the distribution switches.
Classify users in the access with different priority bits.
A
Which are four best practices used in the access layer?
Disable trunking in host ports.
Limit VLANS to one closet.
Use PVST+ as the STP with multilayer switches.
Enable trunking on host ports.
Use VLAN spanning to speed convergence of STP.
Use VTP Server mode in hierarchical networks.
Use VTP Transparent mode in hierarchical networks.
Use RPVST+ as the STP with multilayer switches.
A, B, G, and H
Which are three best practices used in the distribution layer?
Use HSRP or GLBP.
Provide fast transport.
Use Layer 3 routing protocols to the core.
Use Layer 2 routing protocols to the core.
Summarize routes to the core layer.
Summarize routes to the access layer.
A, C, and E
Which are four best practices used in the distribution layer?
Disable trunking in host ports.
Limit VLANS to one closet.
Use HSRP.
Use GLBP.
Use VLAN spanning to speed convergence of STP.
Use Layer 3 routing to the core.
Summarize routes.
Use RPVST+ as the STP with multilayer switches.
C, D, F, and G
Which are three best practices used in the core layer?
Use routing with no Layer 2 loops.
Limit VLANS to one closet.
Use HSRP.
Use GLBP.
Use Layer 3 switches with fast forwarding.
Use Layer 3 routing to the core.
Use two equal-cost paths to every destination network.
Use RPVST+ as the STP with multilayer switches.
A, E, and G
What are two methods for implementing unified fabric in the data center over 10Gigabit Ethernet?
VSS
FCoE
iSCSI
vPC
B and C. Fibre Channel over Ethernet (FCoE) and Internet Small Computer Systems Interface (iSCSI) are two methods for implementing unified fabric in the data center over 10 Gigabit Ethernet.
What best describes the characteristics of Data Center 3.0 architecture?
Mainframes
Consolidation/virtualization/automation
Distributed client/server computing
Decentralized computing
B. Data Center 3.0 architecture can be best described by consolidation, virtualization, and automation.
Which of the following data center facility aspects best corresponds with architectural and mechanical specifications?
Space, load, and power capacity
PCI, SOX, and HIPPA
Operating temperature and humidity
Site access, fire suppression, and security alarms
A. Data center facility aspects such as space, load, power capacity, and cabling are architectural and mechanical specifications.
Which of the following uses the highest percentage of power within the overall data center power budget?
Lighting
Servers and storage
Network devices
Data center cooling
D. Data center cooling requires the most power out of the overall power budget next to servers and storage.
Which data center architecture layer provides Layer 2/Layer 3 physical port density for servers in the data center?
Data center core
Data center aggregation
Data center access
Data center distribution
C. The data center access layer provides Layer 2/Layer 3 physical port density for servers in the data center.
Layer 4 security and application services including server load balancing, Secure Sockets Layer (SSL) offloading, firewalling, and intrusion prevention system (IPS) services are provided by the data center ___________ layer?
Access
Routed
Core
Aggregation
D. The Layer 4 security and application services in the data center aggregation layer include server load balancing, SSL Offloading, firewalling, and IPS services.
Virtualization technologies allow a _________ device to share its resources by acting as multiple versions of itself?
Software
Virtual
Logical
Physical
D. Virtualization technologies allow a physical device to share its resources by acting as multiple versions of itself.
Which of the following are examples of logical isolation techniques in which network segments share the same physical infrastructure? (Select all that apply.)
VRF
VLAN
VSAN
VSS
A, B, and C. VRFs, VLANs, and VSANs are examples of network virtualization techniques where logical isolation is used.
Which of the following are examples of technologies that employ device virtualization or the use of contexts? (Select all that apply.)
VRF
ASA
VLAN
ACE
B and D. Cisco Adaptive Security Appliances (ASA) and Cisco Application Control Engines (ACE) use device virtualization or contexts.
What involves the creation of independent logical network paths over a shared network infrastructure?
Access control
Services edge
Path isolation
Device context
C. Path Isolation involves the creation of independent logical network paths over a shared network infrastructure.
Which data center architecture was based on client/server and distributed computing?
Data Center 1.0
Data Center 2.0
Data Center 3.0
Data Center 4.0
B. Data Center 2.0 brought client/server and distributed computing into the mainstream.
What Cisco Nexus switch helps deliver visibility and policy control for virtual machines (VM)?
Nexus 7000
Nexus 4000
Nexus 2000
Nexus 1000V
D. Cisco Nexus 1000V virtual switch for VMware ESX and ESXi help deliver visibility and policy control for VMs.
Which of the following is a network adapter that can run at 10GE and support Fibre Channel over Ethernet (FCoE)?
CNA
VN-Link
MDS
NAS
A. Converged network adapters (CNAs) run at 10GE and support FCoE and are available from Emulex and QLogic.
What is an innovative next-generation data center platform that converges computing, network, storage, and virtualization all together into one system? (Select the best answer.)
Cisco MDS
Cisco Nexus 7000
Cisco Nexus 5000
Cisco UCS
D. Cisco Unified Computing System (UCS) is an innovative next-generation data center platform that converges computing, network, storage, and virtualization all together into one system.
Which of the following Cisco Nexus switches support virtual device contexts using (VDCs)?
Cisco Nexus 7000
Cisco Nexus 2000
Cisco Nexus 5000
Cisco Nexus 4000
A. Cisco Nexus 7000 series switches are the only switches that support VDCs.
What services option provides an effective way to address firewall policy enforcement in a Cisco Catalyst 6500 series switch?
IPS
FWSM
Nexus 1000V
VDCs
B. The FWSM is an effective way to address policy enforcement in a Cisco Catalyst 6500 series switch, by providing firewall services for the data center.
What has enabled applications to no longer be bound to bare metal hardware resources?
Unified fabric
Device virtualization
Network virtualization
Server virtualization
D. As a result of server virtualization, many data center applications are no longer bound to bare-metal hardware resources.
Which of the following supports network virtualization technology that allows two physical Cisco Catalyst 6500 series switches to act as a single logical virtual switch?
VN-Link technology
Unified fabric
Virtual Switching System (VSS)
Virtual routing and forwarding (VRF)
C. Virtual Switching System (VSS) is a network virtualization technology that allows two physical Cisco Catalyst 6500 series switches to act as a single logical virtual switch.
What enables the spanning-tree topology to appear loop-free although multiple redundant paths are present in the physical topology?
vPC
VRF
VSS
VDC
A. Virtual Port Channel (vPC) enables the spanning-tree topology to appear loop-free although multiple redundant paths are present in the physical topology.
Which of the following are data center core layer characteristics? (Select all that apply.)
10GE
High-latency switching
Distributed forwarding architecture
Service modules
A and C. Low-latency switching, distributed forwarding architecture, 10GE, and scalable IP multicast support are all DC core layer characteristics.
Which data center layer provides advanced application and security services and has a large STP processing load?
Data center access layer
Data center aggregation layer
Data center services layer
Data center core layer
B. The data center aggregation layer supports advanced application and security services and has a large STP processing load.
Which of the following are drivers for the data center core layer? (Select all that apply.)
Future growth
10 Gigabit Ethernet density
Services edge
Administrative domains and policies
A, B, and D. 10 Gigabit Ethernet density, administrative domains and polices, and future growth are all drivers for the data center core layer.
Benefits such as port density for server farms, high-performance low-latency Layer 2 switching, and a mix of oversubscription requirements belong to which data center layer?
Core
Distribution
Access
Aggregation
C. The data center access layer provides benefits such as port density for server farms, high-performance low-latency Layer 2 switching, and a mix of oversubscription requirements.
Cable management is affected by which of the following? (Select all that apply.)
a. Alternative cooling technologies
b. Number of connections
c. Media selection
d. Increase in the number of HVAC units
B and C. Cable management and is affected by the number of connections and media selection.
Which of the following best describes how “cold” and “hot” aisles should be arranged in the data center?
a. Hot and cold aisles facing each other
b. Alternating pattern of cold and hot aisles
c. Nonalternating pattern of hot and cold aisles
d. None of the above
B. The cabinets and racks should be arranged in the data center with an alternating pattern of “cold” and “hot” aisles.
Within the unified computing resources, what defines the identity of the server?
a. Virtualization
b. Unified fabric
c. Services profile
d. Virtual machines
C. Within the unified computing resources, the service profile defines the identity of the server. The identity contains many items such as memory, CPU, network cards, and boot image.
What technology provides 54 Mbps of bandwidth using UNII frequencies?
a. IEEE 802.11b
b. IEEE 802.11g
c. IEEE 802.11a
d. IEEE 802.11n
e. Both C and D
E. Both 802.11a and 802.11n use UNII frequencies.
What frequency allotment provides 11 channels for unlicensed use for WLANs in North America?
a. UNII
b. ISM
c. Bluetoothd. FM
B. The Industrial, Scientific, and Medical (ISM) band of frequencies provides 11 channels for WLANs.
What standard is used for control messaging between access points and controllers?
a. IEEE 802.11
b. CSMA/CA
c. IEEE 802.1X
d. CAPWAP
D. CAPWAP is an Internet Engineering Task Force (IETF) standard for control messaging for setup, authentication, and operations between access points (AP) and WLAN controllers (WLC).
Which WLAN controller interface is used for out-of-band management?
a. Management interface
b. Service-port interface
c. AP manager interface
d. Virtual interface
B. The service-port interface is an optional interface that is statically configured for out-of-band management.
How many access points are supported by a Cisco Catalyst 3750 with an integrated controller?
a. 6
b. 50
c. 100
d. 300
B. The Cisco Catalyst 3750 Integrated WLC supports up to 50 APs.
Which WLAN controller redundancy scheme uses a backup WLC configured as the tertiary WLC in the APs?
a. N+1
b. N+N
c. N+N+1
d. N+N+B
C. With N+N+1 redundancy, an equal number of controllers back up each other, as with N+N. Plus, a backup WLC is configured as the tertiary WLC for the access points.
What is the recommended maximum number of data devices associated to a WLAN?
a. 8
b. 20
c. 50
d. 100
B. The recommended best practice is up to 20 WLAN clients.
Which device of Cisco’s Wireless Mesh Networking communicates with the rooftop AP (RAP)?
a. WLC
b. WCS
c. RAP
d. MAP
D. Mesh access points (MAP) connect to the RAP to connect to the wired network.
What is the maximum data rate of IEEE 802.11g?
54 Mbps
What is the typical data rate of IEEE 802.11n?
200 Mbps
What standard does IEEE 802.11i use for confidentiality, integrity, and authentication?
Advanced Encryption Standard
List at least four benefits of Cisco UWN.
Having to configure SSIDs, frequency channels, and power settings on each individual APs.
True or false: With split-MAC, the control and data frames are load-balanced between the LWAP and the WLC
False. With split-MAC, control and data traffic frames are split. LWAPs communicate with the WLCs with control messages over the wired network. LWAPP data messages are encapsulated and forwarded to and from wireless clients.
True or false: With split-MAC, the WLC, not the LWAP, is responsible for authentication and key management.
True. Controller MAC functions are association requests, resource reservation, and authentication and key management.
What CAPWAP transport mode is the preferred and most scalable?
a. Intra
b. Layer 2
c. Layer 3
d. EoIP
C. Layer 3 CAPWAP tunnels are the preferred solution.
What is the preferred intercontroller roaming option?
a. Intra
b. Layer 2
c. Layer 3
d. EoIP
B. Layer 2 intercontroller roaming is the preferred intercontroller roaming option.
What device places user traffic on the appropriate VLAN?
a. Lightweight AP
b. WLAN controller
c. MAP
d. RAP
B. The WLC places the user data on the appropriate VLAN and forwards the frame to the wired network.
How many access points are supported in a mobility group using Cisco 4400 series WLCs?
a. 144
b. 1200
c. 2400
d. 7200
C. Each 4400 series WLC supports 100 APs. 100 APs times 24 controllers in a mobility group equals 2400.
What is the recommended number of data devices an AP can support for best performance?
a. About 6
b. 7 to 8
c. 10 to 15
d. About 20
D. The recommended number of data devices per AP is 20.
What is the recommended number of VoWLAN devices an AP can support for best performance?
a. 2 to 3
b. 7 to 8
c. 10 to 15
d. About 20
B. The recommended number of voice over wireless devices per AP is seven for G.711 and eight for G.729.
What method is used to manage radio frequency channels and power configuration?
a. WLC
b. WCS
c. RRM
d. MAP
C. Cisco Radio Resource Management controls AP radio frequency and power settings.
What is the typical latency per wireless mesh hop in milliseconds?
a. 1 to 3
b. 7 to 8
c. 10 to 15
d. About 20
A. Typically, there is a 1- to 3-ms latency per hop.
What is the recommended maximum RTT between an AP and the WLC?
a. 20 ms
b. 50 ms
c. 100 ms
d. 300 ms
D. The RTT between the AP and WLC should not exceed 300 ms.
What is the recommended controller redundancy technique?
a. N+1+N
b. Static
c. Dynamic
d. Deterministic
D. Cisco recommends deterministic controller redundancy.
What is the recommended best practice for guest services?
a. Use separate VLANs.
b. Use separate routers and access lists.
c. Obtain a DSL connection and bridge to the local LAN.
d. Use EoIP to isolate traffic to the DMZ.
D. EoIP is the recommended method for guest services.
What is the recommended best practice for branch WLANs?
a. Use H-REAP with centralized controllers.
b. Use local-MAP.
c. Use wireless mesh design.
d. Use EoIP.
A. H-REAP with centralized controllers is recommended for branch WLAN design.
What are two recommended best practices for WLC design?
a. Maximize intercontroller roaming.
b. Minimize intercontroller roaming.
c. Use distributed controller placement.
d. Use centralized controller placement.
B and D. Recommended practices are minimizing intercontroller roaming and centralizing controller placement.
How many APs does the Cisco 6500 WLC module support?
a. 6
b. 50
c. 100
d. 300
D. The Cisco 6500 WLC module supports 300 access points.
Match each access point mode with its description:
i. Local
ii. REAP
iii. Monitor
iv. Rogue detector
v. Sniffer
vi. Bridge
a. For location-based services
b. Captures packets
c. For point-to-point connections
d. Default mode
e. Management across the WAN
f. Monitors rouge APs
i = D, ii = E, iii = A, iv = F, v = B, vi = C
Match each WLC interface type with its description.
i. Management
ii. Service port
iii. AP manager
iv. Dynamic
v. Virtual
a. Authentication and mobility
b. Analogous to user VLANs
c. Discovery and association
d. Out-of-band management
e. In-band management
i = E, ii = D, iii = C, iv = B, v = A
Match each roaming technique with its client database entry change.
i. Intracluster roaming
ii. Layer 2 intercluster roaming
iii. Layer 3 intercluster roaming
a. The client entry is moved to a new WLC.
b. The client entry is updated on the same WLC.
c. The client entry is copied to a new WLC.
i = B, ii = A, iii = C
Match each UDP port with its protocol.
i. LWAPP data
ii. RF group 802.11b/g
iii. WLC encrypted exchange
iv. LWAPP control
v. WLC unencrypted exchange
vi. CAPWAP control
vii. CAPWAP data
a. UDP 12114
b. UDP 12222
c. UDP 5246
d. UDP 5247
e. UDP 12223
f. UDP 16666
g. UDP 16667
i = B, ii = A, iii = G, iv = E, v = F, vi = C, vii = D
Match each wireless mesh component with its description.
i. WCS
ii. WLC
iii. RAP
iv. MAP
a. Root of the mesh network
b. Remote APs
c. Networkwide configuration and management
d. Links APs to the wired network
i = C, ii = D, iii = A, iv = B
How many MAP nodes are recommended per rooftop AP?
a. 6
b. 20
c. 500
d. 100
B. For best performance, 20 MAP nodes or fewer is recommended per RAP.
Which of the following shows the correct order of the steps in an RF site survey?
a. Define requirements, document findings, perform the survey, determine preliminary AP locations, identify coverage areas.
b. Define requirements, perform the survey, determine preliminary AP locations, identify coverage areas, document findings.
c. Identify coverage areas, define requirements, determine preliminary AP locations, perform the survey, document findings.
d. Define requirements, identify coverage areas, determine preliminary AP locations, perform the survey, document findings.
D. Only answer D has the correct order.
What technique performs dynamic channel assignment, power control, and interference detection and avoidance?
a. CAPWAP
b. RRM
c. Mobility
d. LEAP
B. Radio Resource Management (RRM) functions include radio resource monitoring, dynamic channel assignment, interference detection and avoidance, dynamic transmit power control, coverage hole detection and correction, and client and network load balancing.
What are the three nonoverlapping channels of IEEE 802.11b/g?
a. Channels A, D, and G
b. Channels 1, 6, and 11
c. Channels 3, 8, and 11
d. Channels A, E, and G
B. Channels 1, 6, and 11 of the ISM frequencies do not overlap.
Which of the following statements is true?
a. IEEE 802.11g is backward compatible with 802.11b; 802.11a is not compatible with 802.11b.
b. IEEE 802.11a is backward compatible with 802.11b; 802.11g is not compatible with 802.11b.
c. IEEE 802.11b is backward compatible with 802.11a; 802.11g is not compatible with 802.11b.
d. IEEE 802.11n is backward compatible with 802.11a and 802.11g.
A. Only answer A is correct.
What is necessary when you use H-LEAP for authentication?
a. WLC
b. WCS
c. RADIUS server
d. LWAP
C. H-LEAP uses mutual authentication between the client and the network server and uses IEEE 802.1X for 802.11 authentication messaging. H-LEAP uses a RADIUS server to manage user information.
A LWAP is added to a network. What sequence accurately reflects the process it will use to associate with the WLAN controller?
a. First master, secondary, tertiary, greatest AP capacity
b. Primary, secondary, tertiary, greatest AP capacity, master
c. Primary, secondary, tertiary, master, greatest AP capacity
d. Greatest AP capacity, primary, secondary, master
C
An LWAP is added to a network that is in a separate IP subnet from the WLAN controller. OTAP has not been enabled. Which two methods can be used by the LWAP to find the WLAN controller?
a. DHCP
b. Primary, secondary, tertiary, greatest AP capacity, master
c. Primary, secondary, tertiary, master, greatest AP capacity
d. Greatest AP capacity, primary, secondary, master
e. DNS
f. Local subnet broadcast
A and E. DHCP and DNS can be used to find the WLAN controller.
Which two of the following statements represent a preferred Wireless LWAPP implementation? (Select two.)
a. Use of Layer 2 LWAPP is preferred over Layer 3 LWAPP.
b. Use of Layer 3 LWAPP is preferred over Layer 2 LWAPP.
c. Open ports for Layer 2 LWAPP on EtherType 0xABAB and Layer 3 on TCP 12222 and TCP 12223.
d. Open ports on Layer 2 LWAPP on EtherType 0xBBBB and Layer 3 on UDP 12222 and UDP 12223.
e. Open ports on Layer 2 LWAPP on EtherType 0xBABA and Layer 3 on UDP 12222 and TCP 12223.
B and D
Which two of the following statements represent a preferred split-MAC LWAPP implementation? (Select two.)
a. IEEE 802.1Q trunking extends from the wired infrastructure to a WLAN controller. Then the 802.1Q packet is encapsulated in CAPWAP or LWAPP and sent to the access point for transmission over the SSID.
b. Each wireless client authentication type maps to a unique SSID, which in turn maps to a common shared VLAN.
c. 802.1Q trunking extends from the wired infrastructure to the access point for translation into SSIDs.
d. Each wireless client authentication type maps to a unique SSID, which in turn maps to a unique VLAN.
e. 802.1Q trunking extends from the wired infrastructure to a WLAN controller for translation into SSIDs.
C and D
Which two of these are required for Cisco wireless client mobility deployment?
a. Matching security
b. Matching mobility group name
c. Matching RF channel
d. Matching RF group name
e. Matching RF power
f. Assigned master controller
A and B
Which describe best practice for Cisco outdoor wireless mesh networks? (Select three.)
a. RAP implemented with 20 or fewer MAP nodes
b. RAP implemented with 20 to 32 MAP nodes
c. Mesh hop counts of 4 or fewer
d. Mesh hop counts of 8 to 4
e. Client access via 802.11b/g and backhaul with 802.11a
f. Client access via 802.11a and backhaul with 802.11b/g
A, C, and E
Which describe best practices for Cisco WLAN guest access? (Select two.)
a. Guest tunnels have limitations on which wireless controllers can originate the tunnel.
b. Guest tunnels have limitations on which wireless controllers can terminate the tunnel.
c. Dedicated guest VLANs are only extended to the wireless controllers in the network to ensure path isolation.
d. Dedicated guest VLANs are extended throughout the network to the access points for path isolation.
e. Dedicated guest access in the DMZ extends from the origination to the termination controllers without dedicated guest VLANs.
f. Guest tunnels can originate and terminate on any wireless controller platform.
B and E
How are WLANs identified?
a. MAC addresses
b. IP subnet
c. SSID
d. WEP key
e. LAN ports
f. Secure encryption key
C. The service set identifier identifies the WLAN network.
Which description is correct regarding Wireless solutions that provide higher bandwidth than point-to-multipoint (p2mp) wireless?
a. p2p links tend to be slower than p2mp.
b. p2mp wireless connections can provide up to 1.544-Mbps raw bandwidth.
c. p2p wireless connections can provide up to 44-Mbps raw bandwidth.
d. P2mp links tend to be faster than p2mp.
C
Which WLAN attributes should be considered during a site survey? (Select two.)
a. Channels
b. Power
c. SSID
d. Network name
e. Authentication
f. Encryption
A and B
Which WLC interfaces are mandatory? (Select all that apply.)
a. Management
b. AP manager
c. Dynamic
d. Virtual
e. Service port
f. Extended
A, B, C, and D
Which are differences between CAPWAP and LWAPP? (Select three.)
a. CAPWAP uses the newer AES. LWAPP uses DTLS.
b. CAPWAP uses DTLS. LWAPP uses AES.
c. CAPWAP control uses UDP 5246. LWAPP control uses UDP 12223.
d. CAPWAP control uses UDP 12223. LWAPP control uses UDP 5246.
e. CAPWAP is preferred.
f. LWAPP is preferred.
B, C, and E
Which two of these functions of an access point in a split MAC architecture? (choose two)
a. 802.1Q encapsulation
b. EAP authentication
c. MAC layer encryption/decryption
d. Process probe response
C and D
What are two modules or blocks used in the enterprise edge?
a. Internet and campus core
b. Core and building access
c. Internet connectivity and WAN
d. WAN and building distribution
C. DMZ/E-commerce, Internet, remote-access VPN, and WAN/MAN are all network modules found in the enterprise edge.
What MAN/WAN technology has bandwidth available from 10 Mbps to 1 Gbps?
a. DSL
b. Metro Ethernet
c. TDM
d. Frame Relay
B Metro Ethernet bandwidths can range from 10 Mbps to 1 Gbps, and even higher in some cases.
How much bandwidth does a T1 circuit provide?
a. 155 Mbps
b. 64 kbps
c. 1.544 kbps
d. 1.544 Mbps
D. A TDM T1 circuit provides 1.5.44 Mbps of bandwidth.
What methodology is used when designing the enterprise edge?
a. Cisco-powered network
b. ISL
c. PPDIOO
d. IEEE
C. The Cisco PPDIOO methodology is used when designing the enterprise edge.
SONET/SDH technology is what kind of technology?
a. Packet based
b. Cell based
c. Circuit based
d. Segment based
C. The architecture of SONET/SDH is circuit based and delivers high-speed services over an optical network.
What technology delivers IP services using labels to forward packets from the source to the destination?
a. ADSL
b. Cable
c. Frame Relay
d. MPLS
D. MPLS is technology for the delivery of IP services using labels (numbers) to forward packets.
GSM, GPRS, and UMTS are all part of ____________________technologies.
a. Wireless LAN
b. Wireless bridging
c. Mobile wireless
d. SONET/SDH
C. GSM, GPRS, and UMTS are all part of mobile wireless technologies.
When designing a network for four separate sites, what technology allows a full mesh by using only one link per site rather than point-to-point TDM circuits?
a. Dark fiber
b. Cable
c. ISDN
d. Frame Relay
D. Frame Relay technology supports full mesh configurations when connecting multiple sites together.
The _______ size specifies the maximum number of frames that are transmitted without receiving an acknowledgment.
a. Segment
b. Access
c. TCP
d. Window
D. The window size defines the upper limit of frames that can be transmitted without getting a return acknowledgment.
Which of the following adds strict PQ to modular class-based QoS?
a. LLQ
b. FIFO
c. CBWFQ
d. WFQ
A. Low-latency queuing (LLQ) adds a strict-priority queue to CBWFQ.
When using PPDIOO design methodology, what should a network designer do after identifying the customer requirements?
a. Design the network topology.
b. Design a test network.
c. Plan the implementation.
d. Characterize the existing network.
D. After analyzing the customer requirements, the next step is to characterize the existing network.
Which module within the enterprise campus connects to the enterprise edge module?
a. Server module
b. Campus core
c. Building distribution
d. Remote access/VPN module
B. The enterprise edge modules connect to the enterprise campus via the campus core module.
What WAN technology is most cost effective and suitable for the telecommuter?
a. MPLS
b. Dark fiber
c. ISDN
d. DSL
D. The high speeds and relatively low cost of DSL make this a popular Internet access technology for the enterprise telecommuter.
What two modules are found in the enterprise edge?
a. Campus core
b. Building access
c. Internet
d. MAN/WAN
C and D. DMZ/E-commerce, Internet, remote-access VPN, and WAN/MAN are modules that are found in the enterprise edge.
Which of the following statements best describes window size for good throughput?
a. A large window size reduces the number of acknowledgments.
b. A small window size reduces the number of acknowledgments.
c. A small window size provides better performance.
d. None of the above
A. The window size defines the upper limit of frames that can be transmitted without getting a return acknowledgement. A larger window size uses a smaller number of acknowledgements than smaller window sizes.
What is the default queuing mechanism for router interfaces below 2.0 Mbps?
a. Traffic shaping
b. WFQ
c. CBWFQ
d. LLQ
B. WFQ is the default QoS mechanism on interfaces below 2.0 Mbps.
Which of the following best describes the PPDIOO design methodology? (Select three.)
a. Analyze the network requirements.
b. Characterize the existing network.
c. Implement the network management.
d. Design the network topology.
A, B, and D. The PPDIOO design methodology includes the process of analyzing network requirements, characterizing the existing network, and designing the topology.
Which of the following modules belongs in the enterprise edge?
a. Building distribution
b. Campus core
c. Network management
d. DMZ/e-commerce
D. DMZ/e-commerce, Internet, remote-access VPN, and WAN/MAN are modules that are found in the enterprise edge.
Which network modules connect to ISPs in the enterprise edge? (Select two.)
a. Building distribution
b. Campus core
c. Internet
d. DMZ/e-commerce
C and D. DMZ/e-commerce and Internet are modules that are found in the enterprise edge.
Which enterprise edge network modules connect using the PSTN connectivity?
a. Remote-access/VPN
b. Campus core
c. Building access
d. DMZ/e-commerce
A. The remote-access/VPN module connects to PSTN-type connectivity.
Which enterprise edge network modules connect using Frame Relay and ATM?
a. Remote-access/VPN
b. WAN/MAN
c. Building distribution
d. Server farm
B. WAN/MAN modules are used to connect to Frame Relay and ATM networks in the enterprise edge.
During which part of the PPDIOO design methodology does implementation planning occur?
a. Analyze the network requirements.
b. Design the topology.
c. Characterize the existing network.
d. None of the above.
B. After you analyze the network requirements and characterize the existing network, the design of the topology occurs, which includes the implementation planning.
What functional area provides connectivity between the central site and remote sites?
a. DMZ/e-commerce
b. Campus core
c. Building distribution
d. MAN/WAN
D. The WAN/MAN functional area or module provides connectivity to the remote sites via Frame Relay, TDM, ATM, or MPLS services.
What WAN technology allows the enterprise to control framing?
a. Cable
b. Wireless
c. DWDM
d. Dark fiber
D. The framing for dark fiber is determined by the enterprise not the provider.
Which QoS method uses a strict PQ in addition to modular traffic classes?
a. CBWFQ
b. Policing
c. WFQ
d. LLQ
D. Low-latency queuing (LLQ) adds a strict priority queue to CBWFQ.
A T1 TDM circuit uses how many timeslots?
24 timeslots are used in a T1.
Which wireless implementation is designed to connect two wireless networks in different buildings?
a. Mobile wireless
b. GPRS
c. Bridge wireless
d. UMTS
C. Wireless bridges are used to connect two separate wireless networks together, typically located in two separate buildings.
What improves the utilization of optical-fiber strands?
DWDM maximizes the use of the installed base of fiber used by service providers and is a critical component of optical networks.
On the ISP side of a cable provider, cable modems connect to what system?
CMTS. The equipment used on the remote access side is the cable modem, which connects to the Cable Modem Termination System or (CMTS) on the Internet service provider side.
If Frame Relay, ATM, and SONET technologies are used, what enterprise edge network module would they connect to?
a. WAN/MAN
b. VPN/remote access
c. Internet
d. DMZ/e-commerce
A. The WAN/MAN module provides connectivity to the remote sites via Frame Relay, TDM, ATM, or SONET network services.
What protocol describes data-over-cable procedures that the equipment must support?
DOCSIS. The Data Over Cable Service Interface Specifications (DOCSIS) protocol defines the cable procedures that the equipment need to support.
Into what WAN technology category does ISDN fit?
a. Cell switched
b. UTMS switched
c. Circuit switched
d. Packet switched
C. ISDN falls into the circuit-switched WAN category.
What do service providers use to define their service offerings at different levels?
a. SWAN
b. WAN tiers
c. WWAN
d. SLA
D. SLA defines what level of service, offered by the provider such as bandwidth, allowed latency, and loss.
When is it appropriate to use various queuing solutions?
a. WAN has frequent congestion problems.
b. WAN occasionally becomes congested.
c. WAN is consistently at 50 percent utilized.
d. WAN is consistently at 40 percent utilized.
B. WANs that occasionally become congested is a good candidate for queuing solutions.
Which of the following are examples of packet- and cell-switched technologies used in the enterprise edge?
a. Frame Relay and ATM
b. ISDN and T1
c. Cable and DSL
d. Analog voice and T1
A. Frame Relay and ATM are commonly used to connect to WAN services in the enterprise edge.
Typical remote-access network requirements include which of the following? (Select all that apply.)
a. Best-effort interactive and low-volume traffic patterns
b. Voice and VPN support
c. Connections to the enterprise edge using Layer 2 WAN technologies
d. Server load balancing
A, B, and C. Typical remote-access requirements include best-effort interactive traffic patterns.
Which VPN infrastructure is used for business partner connectivity and uses the Internet or a private infrastructure?
a. Access VPN
b. Intranet VPN
c. Extranet VPN
d. Self-deployed MPLS VPN
C. Extranet VPN infrastructure uses private and public networks, which are used to support business partner connectivity.
What IPsec technology in the enterprise uses routers along with NHRP and mGRE?
a. IPsec direct encapsulation
b. Easy VPN
c. GET VPN
d. DMVPN
D. DMVPN. In enterprise environments, DMVPN is used on routers with NHRP and mGRE.
What backup option allows for both a backup link and load-sharing capabilities using the available bandwidth?
a. Dial backup
b. Secondary WAN link
c. Shadow PVC
d. IPsec tunnel
B. Secondary WAN links offer both backup and load-sharing capabilities.
Which common factor is used for WAN architecture selection that involves eliminating single points of failure to increase uptime and growth?
a. Network segmentation
b. Ease of management
c. Redundancy
d. Support for growth
C. The goal of high availability is to remove the single points of failure in the design, either by software, hardware, or power. Redundancy is critical in providing high levels of availability.
What WAN/MAN architecture is provided by the service provider and has excellent growth support and high availability?
a. Private WAN
b. ISP service
c. SP MPLS/IP VPN
d. Private MPLS
B. Multiprotocol Label Switching. A technology for the delivery of IP services using an efficient encapsulation mechanism. MPIS uses labels appended to OP packets or Layer 2 frames for the transport of data.
Which Cisco IOS software family has been designed for low-end to mid-range LAN switching?
a. IOS T Releases 12.3, 12.4, 12.3T, and 12.4T
b. IOS S Releases 12.2SE and 12.2SG
c. IOS XR
d. IOS SX
B. Cisco IOS S Releases 12.2SB and 12.2SR are designed for the enterprise and SP edge networks.
When designing enterprise branch architecture, which of the following are common network components? (Select all that apply.)
a. Routers supporting WAN edge connectivity
b. Switches providing the Ethernet LAN infrastructure
c. Network management servers
d. IP phones
A, B, and D. Common components used when designing enterprise branch architectures include routers, switches, and IP phones.
Which branch design supports 50 to 100 users and provides Layer 3 redundancy features?
a. Small branch
b. Medium branch
c. Large branch
d. Enterprise teleworker
B. The medium branch design is recommended for branch offices of 50 to 100 users, with an additional access router in the WAN edge allowing for redundancy services.
What type of WAN technology provides a dedicated connection from the service provider?
a. Circuit-switched data connection
b. Leased lines
c. Packet switched
d. Cell switched
B. Leased lines are dedicated network connections provided by the service provider.
What type of topology suffers from a single point of failure?
a. Hub-and-spoke topology
b. Full-mesh topology
c. Partial-mesh topology
d. None of the above
A. A major disadvantage of the hub and spoke topology is that the hub router represents a single point of failure.
What kind of topology requires that each site be connected to every other site in the cloud?
a. Hub-and-spoke topology
b. Full-mesh topology
c. Partial-mesh topology
d. All of the above
B. Full-mesh topologies require that each site has a connection to all other sites in the WAN cloud.
Which two of the following best describe WAN backup over the Internet deployments?
a. Private WAN
b. Redundancy for primary WAN connection
c. VPLS
d. Best-effort performance
B and D. WAN backup over the Internet is best effort and provides redundancy for the primary WAN connection.
Which VPN application gives users connectivity over shared networks?
a. Intranet VPN
b. Extranet VPN
c. Access VPN
d. None of the above
C. Access VPN connections give users connectivity over shared networks such as the Internet to their corporate intranets.
What are three types of WAN topologies that can be used with Cisco enterprise architectures in the WAN?
a. Ring
b. Full mesh
c. Partial mesh
d. Hub and spoke
B, C, and D. Full mesh, partial mesh, and hub and spoke are all WAN topologies used with Cisco enterprise architectures in the WAN.
The service provider plays an active role in enterprise routing with what kind of VPNs?
a. VPDNs
b. MPLS
c. L2TP
d. L2F
B. With peer-to-peer VPNs, the server provider plays an active role in enterprise routing.
Which backup option provides an additional virtual circuit for use if needed?
a. Secondary WAN link
b. Shadow PVC
c. Dial backup
d. Load sharing
B. Service providers can offer shadow PVCs, which provide additional permanent virtual circuits (PVC) for use if needed.
Which WAN backup option uses load sharing in addition to providing backup services?
a. Dial backup
b. Shadow PVC
c. Secondary WAN link
d. ISDN with DDR
C. A secondary WAN links provide advantages that include backup WAN services and load sharing.
What of the following best describes the difference between a small branch and a medium branch?
a. Small branches use dual external switches.
b. Medium branches use single ASA firewall.
c. Small branches use single ASA firewall.
d. Medium branches use external L2 switches.
D. Medium branches use dual routers and dual external L2 switches.
How many users are supported in a large branch design?
a. Up to 50
b. Between 50 to 100
c. Between 100 to 1000
d. Between 200 to 5000
C. Large branches support between 100 and 1000 users.
What two methods are used to enable private networks over public networks?
a. IPsec
b. PKI
c. GRE
d. PSTN
A and C. IPsec and GRE are methods that exist for tunneling private networks over a public IP network.
What is not a factor for WAN architecture selection?
a. Ease of management
b. Ongoing expenses
c. Spanning-tree inconsistencies
d. High availability
C. Factors for WAN architecture selection include ongoing expenses, ease of management, and high availability.
Which Layer 3 tunneling technique enables basic IP VPNs without encryption?
a. GRE
b. IPsec
c. HMAC
d. IKE
A. GRE provides simple Layer 3 tunneling for basic IP VPNs without using encryption.
Which of the following is not recommended approach for designing WANs?
a. Analyze customer requirements
b. Characterize the existing network
c. Design the new WAN
d. Implement new WAN
D. Implementing the WAN is not part of the design process.
What MAN/WAN architecture uses the Internet with site-to-site VPNs?
a. Private WAN
b. ISP service
c. SP MPLS/IP VPN
d. Private WAN with self-deployed MPLS
B. ISP service uses Internet-based site-to-site VPNs.
Which WAN backup method does not use the Internet as a transport?
a. IPsec tunnel
b. GRE tunnel
c. Shadow PVC
d. GET VPN
C. The shadow PVC uses private WAN Frame Relay services.
What branch design uses ASA firewalls? Select all that apply.
a. Small branch
b. Medium branch
c. Large branch
d. Secure branch
C. The large branch uses dual router and dual ASA firewalls.
What WAN/MAN architecture is usually reserved for large enterprises that are willing to make substantial investments in equipment and training?
a. Private WAN
b. Private WAN with self-deployed MPLS
c. ISP service
d. SP MPLS/IP VPN
B. A private WAN with self-deployed MPLS is usually reserved for large enterprises that are willing to make substantial investments in equipment and training to build out the MPLS network.
Match each branch profile design with its description.
a. Small branch
b. Medium branch
c. Large branch
d. Enterprise teleworker
i. Single access router
ii. Cable modem router
iii. Pair of access routers
iv. Pair of firewalls
i = A, ii = D, iii = B, iv = C
Which of the following addresses is an IPv4 private address?
a. 198.176.1.1
b. 172.31.16.1
c. 191.168.1.1
d. 224.130.1.1
b. 172.31.16.1
How many IP addresses are available for hosts in the subnet 198.10.100.64/27?
a. 14
b. 30
c. 62
d. 126
B. There are 5 host bits: 25 – 2 = 30 hosts.
What subnet mask should you use in loopback addresses?
a. 255.255.255.252
b. 255.255.255.254
c. 255.255.255.0
d. 255.255.255.255
D. Loopback addresses should have a /32 mask so that address space is not wasted.
In what IPv4 field are the precedence bits located?
a. Priority field
b. IP Protocol field
c. Type of Service field
d. IP Options field
C. The precedence bits are located in the Type of Service field of the IPv4 header.
What type of address is 225.10.1.1?
a. Unicast
b. Multicast
c. Broadcast
d. Anycast
B. Multicast addresses range from 224.0.0.1 to 239.255.255.255.
Which subnetworks are summarized by the following summary route: 150.10.192.0/21?
a. 150.10.192.0/24, 150.10.193.0/24
b. 150.10.192.0/22, 150.10.196.0/23, 150.10.197.0/24
c. 150.10.192.0/22, 150.10.199.0/22
d. 150.10.192.0/23, 150.10.194.0/23, 150.10.196.0/23, 150.10.199.0/24, 150.10.198.0/24
D. The summary route summarizes subnetworks from 150.10.192.0/24 to 150.10.199.0/24. Answer d is the only answer that includes them.
What type of network and subnet mask would you use to save address space in a point-to-point WAN link?
a. 100.100.10.16/26
b. 100.100.10.16/28
c. 100.100.10.16/29
d. 100.100.10.16/30
D. Point-to-point links need only two host addresses; use a /30 mask, which provides 22 – 2 = 2 host addresses.
What is DHCP?
a. Dynamic Host Control Protocol
b. Dedicated Host Configuration Protocol
c. Dynamic Host Configuration Protocol
d. Predecessor to BOOTP
C. DHCP assigns IP addresses dynamically.
A company needs to use public IP addresses so that four network servers are accessible from the Internet. What technology is used to meet this requirement?
a. DNS
b. IPsec
c. Static NAT
d. Dynamic NAT
C. Static NAT is used to statically translate public IP addresses to private IP addresses.
The DS field of DSCP is capable of how many codepoints?
a. 8
b. 32
c. 64
d. 128
C. The DS field allocates 6 bits in the ToS field, thus making it capable of 64 distinct codepoints.
List the RFC 1918 private address ranges.
10/8, 172.16/12 (172.16.0.0 to 172.31.255.255), and 192.168/16
True or false: You can use DHCP to specify the TFTP host’s IP address to a client PC.
True. You can use DHCP to specify several host IP configuration parameters, including IP address, mask, default gateway, DNS servers, and TFTP server.
True or false: 255.255.255.248 and /28 are two representations of the same IP mask.
False. The bit-number representation of 255.255.255.248 is /29. /28 is the same mask as 255.255.255.240.
True or false: Upper-layer protocols are identified in the IP header’s protocol field. TCP is protocol 6, and UDP is protocol 17.
True
Fill in the blank: Without any options, the IP header is _________ bytes in length.
20 (bytes)
The IP header’s ToS field is redefined as the DS field. How many bits does DSCP use for packet classification, and how many levels of classification are possible?
DSCP uses 6 bits, which provides 64 levels of classification
True or false: NAT uses different IP addresses for translations. PAT uses different port numbers to identify translations.
True
True or false: The IP header’s header checksum field performs the checksum of the IP header and data.
False. The header checksum field only includes a checksum of the IP header; it does not check the data portion.
Calculate the subnet, the address range within the subnet, and the subnet broadcast of the address 172.56.5.245/22.
The subnet is 172.56.4.0/22, the address range is from 172.56.4.1 to 172.56.7.254, and the subnet broadcast is 172.56.7.255.
When packets are fragmented at the network layer, where are the fragments reassembled?
The IP layer in the destination host.
Which protocol can you use to configure a default gateway setting on a host?
a. ARP
b. DHCP
c. DNS
d. RARP
B. DHCP configures the IP address, subnet mask, default gateway, and other optional parameters.
How many host addresses are available with a Class B network with the default mask?
a. 63,998
b. 64,000
c. 65,534
d. 65,536
C. Class B networks have 16 bits for host addresses with the default mask: 216 – 2 = 65,534.
Which of the following is a dotted-decimal representation of a /26 prefix mask?
a. 255.255.255.128
b. 255.255.255.192
c. 255.255.255.224
d. 255.255.255.252
B. A /26 mask has 26 network bits and 6 host bits.
Which network and mask summarize both the 192.170.20.16/30 and 192.170.20.20/30 networks?
a. 192.170.20.0/24
b. 192.170.20.20/28
c. 192.170.20.16/29
d. 192.170.20.0/30
C. Network 192.170.20.16 with a prefix of /29 summarizes addresses from 192.170.20.16 to 192.170.20.23.
Which AF class is backward compatible with IP precedence bits’ flash traffic?
a. AF2
b. AF3
c. AF4d. EF
B. AF31 is backward compatible with IP precedence priority traffic with a binary of 011.
Which of the following is true about fragmentation?
a. Routers between source and destination hosts can fragment IPv4 packets.
b. Only the first router in the network can fragment IPv4 packets.
c. IPv4 packets cannot be fragmented.
d. IPv4 packets are fragmented and reassembled at each link through the network.
A. IPv4 packets can be fragmented by the sending host and routers.
A packet sent to a multicast address reaches what destinations?
a. The nearest destination in a set of hosts.
b. All destinations in a set of hosts.
c. Broadcasts to all hosts.
d. Reserved global destinations.
B. Multicast addresses are received to a set of hosts subscribed to the multicast group.
What are three types of IPv4 addresses?
a. Anycast
b. Multicast
c. Dynamic
d. Broadcast
e. Unicast
f. Global
g. Static
B. D, and E. The three types of IPv4 address are unicast, broadcast, and multicast.
Which devices should be assigned an IP address dynamically? (Select three.)
a. Cisco IP phones
b. LAN switches
c. Workstations
d. Mobile devices
e. Routers
A, C, and D. End-user workstations, Cisco IP phones, and mobile devices should have their IP addresses assigned dynamically.
Which name resolution method reduces administrative overhead?
a. Static name resolution
b. Dynamic name resolution
c. DHCP name resolution
d. Host.txt name resolution
B. Dynamic name resolution reduces administrative overhead. Name-to-IP address tables do not need to be configured.
How many hosts can be addressed with the following IPv4 subnet: 172.30.192.240/28?
a. 6
b. 14
c. 126
d. 1024
B. There are 4 bits to determine number of host addresses: 24-2 = 16 – 2=14.
What is the smallest subnet and mask that can be used in a DMZ network that needs to have only three hosts?
a. 192.168.10.32/30
b. 192.168.10.32/29
c. 192.168.10.32/28
d. 192.168.10.32/27
B. Answer B allows up to 6 hosts. Answer A allows only 2 hosts, which is too small. Answer C allows 14 hosts, which is larger than answer b.
The remote site uses the network prefix 192.168.10.0/24. What subnets and masks can you use for the LANs at the remote site and conserve address space?
a. 192.168.10.64/26 and 192.168.10.192/26
b. 192.168.10.0/25 and 192.168.10.128/25
c. 192.168.10.32/28 and 192.168.10.64/28
d. 192.168.10.0/30 and 192.168.10.128/30
Figure 8-9
B. The networks in answer B provide 126 addresses for hosts in each LAN at Site B.
The main site uses the network prefix 192.168.15.0/24. What subnets and masks can you use to provide sufficient addresses for LANs at the main site and conserve address space?
a. 192.168.15.0/25 for LAN 1, 192.168.15.128/26 for LAN 2, and 172.15.192.0/27 for LAN 3
b. 192.168.15.0/27 for LAN 1, 192.168.15.128/26 for LAN 2, and 172.15.192.0/25 for LAN 3
c. 192.168.15.0/100 for LAN 1, 192.168.15.128/60 for LAN 2, and 172.15.192.0/29 for LAN 3
d. 192.168.15.0/26 for LAN 1, 192.168.15.128/26 for LAN 2, and 172.15.192.0/29 for LAN 3
Figure 8-9
A. Network 192.168.15.0/25 provides 126 addresses for LAN 1, network 192.168.15.128/26 provides 62 addresses for LAN 2, and network 192.168.15.192/27 provides 30 addresses for LAN 3.
Which network and mask would you use for the WAN link to save the most address space?
a. 192.168.11.240/27
b. 192.168.11.240/28
c. 192.168.11.240/29
d. 192.168.11.240/30
Figure 8-9
D. You need only two addresses for the WAN link, and the /30 mask provides only two.
What networks does Router C announce to the Internet service provider’s Internet router?
a. 210.200.200.8/26
b. 192.168.10.0/24 and 192.168.11.0/24
c. 192.168.10.0/25 summary address
d. 201.200.200.8/29 and 192.168.10.0/25
Figure 8-9
A. Private addresses are not announced to Internet service providers.
What technology does Router C use to convert private addresses to public addresses?
a. DNS
b. NAT
c. ARP
d. VLSM
Figure 8-9
B. NAT translates internal private addresses to public addresses.
What mechanism supports the ability to divide a given subnet into smaller subnets based on need?
a. DNS
b. NAT
c. ARP
d. VLSM
Figure 8-9
D. VLSM provides the ability to use different masks throughout the network.
IPv6 uses how many more bits for addresses than IPv4?
a. 32
b. 64
c. 96
d. 128
C. IPv6 uses 128 bits for addresses, and IPv4 uses 32 bits. The difference is 96.
What is the length of the IPv6 header?
a. 20 bytes
b. 30 bytes
c. 40 bytes
d. 128 bytes
C. The IPv6 header is 40 bytes in length.
What address type is the IPv6 address FE80::300:34BC:123F:1010?
a. Aggregatable global
b. Unique-local
c. Link-local
d. Multicast
C. The defining first hexadecimal digits for link-local addresses are FE8.
What are three scope types of IPv6 addresses?
a. Unicast, multicast, broadcast
b. Unicast, anycast, broadcast
c. Unicast, multicast, endcast
d. Unicast, anycast, multicast
D. IPv6 addresses can be unicast, anycast, or multicast.
What is a compact representation of the address 3f00:0000:0000:a7fb:0000:0000:b100:0023?
a. 3f::a7fb::b100:0023
b. 3f00::a7fb:0000:0000:b100:23
c. 3f::a7fb::b1:23
d. 3f00:0000:0000:a7fb::b1:23
B. Answers A and C are incorrect because you cannot use the double colons (::) twice. Answers C and D are also incorrect because you cannot reduce b100 to b1.
What is NAT-PT?
a. Network Address Translation-Port Translation. Translates RFC 1918 addresses to public IPv4 addresses.
b. Network Addressable Transparent-Port Translation. Translates network addresses to ports.
c. Network Address Translation-Protocol Translation. Translates between IPv4 and IPv6 addresses.
d. Next Address Translation–Port Translation.
C. NAT-PT translates between IPv4 and IPv6 addresses.
What IPv6 address scope type replaces the IPv4 broadcast address?
a. Unicast
b. Multicast
c. Broadcast
d. Anycast
B. The IPv6 multicast address type handles broadcasts.
What is the IPv6 equivalent to 127.0.0.1?
a. 0:0:0:0:0:0:0:0
b. 0:0:0:0:0:0:0:1
c. 127:0:0:0:0:0:0:1
d. FF::1
B. The IPv6 loopback address is ::1.
Which of the following is an “IPv4-compatible” IPv6 address?
a. ::180.10.1.1
b. f000:0:0:0:0:0:180.10.1.1
c. 180.10.1.1::
d. 2010::180.10.1.1
A. IPv4-compatible IPv6 addresses have the format ::d.d.d.d.
Which protocol maps names to IPv6 addresses?
a. Address Resolution Protocol (ARP)
b. Network Discovery (ND)
c. Domain Name System (DNS)
d. DNSv2
C. The DNS maps fully qualified domain names to IPv6 addresses using (AAAA) records.
Which of the following are IPv6 enhancements over IPv4?
a. Larger address space, globally private IP address, multicast
b. Larger address space, globally unique IP addresses, no broadcasts
c. Larger address space, globally private IP address, multicast
d. Larger address space, address auto-configuration, enhanced broadcasts
B. IPv6 increases the address space, which allows globally unique IP addresses. Broadcasts are no longer used.
Which of the following supports routing on IPv6 networks?
a. RIPv3, OSPFv3, EIGRP for IPv6
b. RIPng, OSPFv3, EIGRPv6
c. RIPng, OSPFv3, EIGRP for IPv6
d. RIPv2, OSPFv2, EIGRP
C
What changed from IPv4 header to the IPv6?
a. Protocol Type became Next Header field.
b. ND is used rather than ARP.
c. AAAA records are used rather than A records.
d. All of the above.
D. All answers are correct.
True or false: OSPFv2 supports IPv6.
False. OSPFv3 supports IPv6. OSPFv2 is used in IPv4 networks.
True or false: DNS AAAA records are used in IPv6 networks for name-to-IPv6-address resolution.
True
Fill in the blank: IPv6 ND is similar to what _______ does for IPv4 networks.
ARP
How many bits are there between the colons of IPv6 addresses?
16
The first field of the IPv6 header is 4 bits in length. What binary number is it always set to?
- The first field of the IPv6 header is the version field. It is set to binary 0110 (6).
True or false: DHCP is required for dynamic allocation of IPv6 addresses.
False
IPv6 multicast addresses begin with what hexadecimal numbers?
0xFF (1111 1111 binary)
IPv6 link-local addresses begin with what hexadecimal prefix?
FE8/10
True or false: ISATAP allows tunneling of IPv6 through IPv4 networks.
True
List the eight fields of the IPv6 header.
Version, Traffic Class, Flow Label, Payload Length, Next Header, Hop Limit, IPv6 Source Address, IPv6 Destination Address
Which of the following is not an IPv6 address type?
a. Unicast
b. Broadcast
c. Anycast
d. Multicast
B. IPv6 address types are unicast, anycast, and multicast.
True or false: The IPv6 address 2001:0:0:1234:0:0:0:abcd can be represented as 2001::1234:0:0:0:abcd and 2001:0:0:1234::abcd.
True. Both compressed representations are valid.
What is the subnet prefix of 2001:1:0:ab0:34:ab1:0:1/64?
2001:1:0:ab0::/64
The IPv6 address has 128 bits. How many hexadecimal numbers does an IPv6 address have?
32
What type of IPv6 address is the following?
FF01:0:0:0:0:0:0:2
It is a multicast address. All IPv6 multicast addresses begin with hexadecimal FF.
What is the compact format of the address 2102:0010:0000:0000:0000:fc23:0100:00ab?
a. 2102:10::fc23:01:ab
b. 2102:001::fc23:01:ab
c. 2102:10::fc23:100:ab
d. 2102:0010::fc23:01:ab
C. Answers A, B, and D are incorrect because 0100 does not compact to 01. Answer B is also incorrect because 0010 does not compact to 001.
When using the dual-stack backbone, which of the following statements is correct?
a. The backbone routers have IPv4/IPv6 dual stacks, and end hosts do not.
b. The end hosts have IPv4/IPv6 dual stacks, and backbone routers do not.
c. Both the backbone routers and end hosts have IPv4/IPv6 dual stacks.
d. Neither the backbone routers nor end hosts have IPv4/IPv6 dual stacks.
A. The dual-stack backbone routers handle packets between IPv4 hosts and IPv6 hosts.
How does a dual-stack host know which stack to use to reach a destination?
a. It performs an ND, which returns the destination host type.
b. It performs a DNS request that returns the IP address. If the returned address is IPv4, the host uses the IPv4 stack. If the returned address is IPv6, the host uses the IPv6 stack.
c. The IPv6 stack makes a determination. If the destination is IPv4, the packet is sent to the IPv4 stack.
d. The IPv4 stack makes a determination. If the destination is IPv6, the packet is sent to the IPv6 stack.
B. DNS indicates which stack to use. DNS A records return IPv4 addresses. DNS AAAA records return IPv6 addresses.
What protocol numbers are used by Ethernet to identify IPv4 versus IPv6?
a. Protocol 6 for IPv4 and protocol 17 for IPv6.
b. 0x86DD for IPv6 and 0x0800 for IPv4.
c. 0x8000 for IPv4 and 0x86DD for IPv6.
d. 0x0800 for both IPv4 and IPv6; they are identified in the packet layer.
B
Which of the following describes the IPv6 header? (Select two.)
a. It is 40 bytes in length.
b. It is of variable length.
c. The Protocol Number field describes the upper-layer protocol.
d. The Next Header field describes the upper-layer protocol.
A and D
Which of the following is true about fragmentation?
a. Routers between source and destination hosts can fragment IPv4 and IPv6 packets.
b. Routers between source and destination hosts cannot fragment IPv4 and IPv6 packets.
c. Routers between source and destination hosts can fragment IPv6 packets only. IPv4 packets cannot be fragmented.
d. Routers between source and destination hosts can fragment IPv4 packets only. IPv6 packets cannot be fragmented.
D. IPv4 packets can be fragmented by the sending host and routers. IPv6 packets are fragmented by the sending host only.
A packet sent to an anycast address reaches what?
a. The nearest destination in a set of hosts
b. All destinations in a set of hosts
c. Broadcasts to all hosts
d. Global unicast destinations
A. Anycast addresses reach the nearest destination in a group of hosts.
Which of the following is/are true about IPv6 and IPv4 headers?
a. The IPv6 header is of fixed length, and the Next Header field describes the upper-layer protocol.
b. The IPv4 header is of variable length, and the Protocol field describes the upper-layer protocol.
c. The IPv6 header is of fixed length, and the Protocol field describes the upper-layer protocol.
d. A and B
e. B and C
D
An organization uses an IPv6 address range that it received from its ISP. The IPv6 addresses will be used internally, and employees will access the Internet using Port Address Translation. What is required for DNS?
a. DNS servers need to support only IPv4 addresses.
b. DNS servers need to support only IPv6 addresses.
c. No changes are needed to the DNS servers.
d. DNS servers need to support both IPv4 and IPv6 addresses
e. Additional DNS servers for IPv6 addresses are needed.
f. DNS servers are not needed for PAT.
D
Which statements about IPv6 addresses are true? (Select two.)
a. Leading 0s are required.
b. Two colons (::) are used to separate fields.
c. Two colons (::) are used to represent successive hexadecimal fields of 0s.
d. A single interface will have multiple IPv6 addresses of different types.
C and D
You have duplicate files servers at multiple locations. Which IPv6 address type allows each end station to send a request to the nearest filer server using the same destination address, regardless of the location of that end station?
a. Anycast
b. Broadcast
c. Unicast
d. Global unicast
e. Multicast
A
Which strategy allows both IPv4 and IPv6 addressing/stacks to coexist on a host to facilitate a migration?
a. Deploy NAT-PT between the networks.
b. Hosts run IPv4 and router run native IPv6.
c. Enable anycast in the routing protocol.
d. Run both IPv4 and IPv6 address stacks on devices.
e. Redistribute between the IPv4 and IPv6 networks.
D
Which strategy would be most flexible for a corporation with the following characteristics?
2,400,000 hosts
11,000 routers
Internet connectivity
High volume of traffic with customers and business partners
a. Deploy NAT-PT between business and Internet networks.
b. Hosts run IPv4 and router run native IPv6.
c. Both hosts and routers run dual stack.
d. Enable anycast in the routing protocol.
e. Redistribute between the IPv4 and IPv6 networks.
C. Running dual-stack IPv4 and IPv6 on hosts and routers allows for full flexibility for communications for the corporation internally, with partners, and with the Internet.
What is the hierarchy for IPv6 aggregatable addresses?
a. Global, site, loop
b. Public, site, interface
c. Internet, site, interface
d. Multicast, anycast, unicast
B
NAT-PT translates between what address types?
a. Translates RFC 1918 private addresses to public IPv4 addresses
b. Translates between IPv4 and IPv6 addresses
c. Translates between network addresses and IPv6 ports
d. Translates between private IPv6 addresses to public IPv6 addresses
B
In a network where IPv6 exists within an IPv4 network, which two strategies allow both schemes to coexist? (Select two.)
a. Translate between the protocols.
b. Hosts run IPv4 and routers run native IPv6.
c. Encapsulate IPv6 packets into IPv4 packets.
d. Enable anycast in the routing protocol.
e. Redistribute between the IPv4 and IPv6 networks.
A and C
Which IPv6 feature enables routing to distribute connection requests to the nearest content server?
a. Anycast
b. Link-local
c. Aggregatable
d. Multicast
e. Site-local
A
Which statement best describes the efficiency of the IPv6 header?
a. It is less efficient than the IPv4 header.
b. It has the same efficiency as the IPv4 header; the larger IPv6 address makes it faster.
c. It is more efficient that the IPv4 header.
d. It is larger than the IPv4 header.
C
What does one-to-nearest communication mean for IPv6?
a. Anycast
b. Broadcast
c. Multicast
d. Unicast
A
Which tunneling protocol allows dual-stack hosts to tunnel over IPv4 network that is not multicast enabled?
a. 6to4
b. 6over4
c. IPsec
d. ISATAP
D
A company has an existing WAN that uses IPv4. Sites C and D use IPv4. As shown in Figure 9-17, the company plans to add two new locations (Sites A and B). The new sites will implement IPv6. The company does not want to lease more WAN circuits.
What options does the company have to connect Site A to Site B?
Implement a dual-stack backbone, or implement IPv4 tunnels between the sites.
A company has an existing WAN that uses IPv4. Sites C and D use IPv4. As shown in Figure 9-17, the company plans to add two new locations (Sites A and B). The new sites will implement IPv6. The company does not want to lease more WAN circuits.
What mechanism needs to be implemented so that IPv6 hosts can communicate with IPv4 hosts and vice versa?
NAT-PT is required to provide network address translation and protocol translation between IPv6 and IPv4 hosts.
A company has an existing WAN that uses IPv4. Sites C and D use IPv4. As shown in Figure 9-17, the company plans to add two new locations (Sites A and B). The new sites will implement IPv6. The company does not want to lease more WAN circuits.
If a dual-stack backbone is implemented, do all WAN routers and all hosts need an IPv6-IPv4 dual stack?
If a dual-stack backbone is implemented, only the WAN routers require an IPv6-IPv4 dual stack. End hosts do not need a dual stack.
A company has an existing WAN that uses IPv4. Sites C and D use IPv4. As shown in Figure 9-17, the company plans to add two new locations (Sites A and B). The new sites will implement IPv6. The company does not want to lease more WAN circuits.
If an IPv4 tunnel is implemented between Sites A and B, do all WAN routers require an IPv6-IPv4 dual stack?
No. All WAN routers still run the IPv4 stack, with two exceptions: the WAN routers at Sites A and B. These routers speak IPv6 within their sites and speak IPv4 to the WAN.
Which of the following routing protocols are classful?
a. Routing Information Protocol Version 1 (RIPv1) and RIPv2
b. Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF)
c. Intermediate System-to-Intermediate System (IS-IS) and OSPF
d. RIPv1 only
D. Only RIPv1 is a classful routing protocol. EIGRP, OSPF, IS-IS, and RIPv2 are classless routing protocols.
Which type of routing protocol would you use when connecting to an Internet service provider?
a. Classless routing protocol
b. Interior gateway protocol
c. Exterior gateway protocol
d. Classful routing protocol
C. You use an exterior gateway protocol (EGP) to receive Internet routes from a service provider.
Which routing protocol is distance vector and classless?
a. RIPv2
b. EIGRP
c. OSPF
d. IS-IS
A. RIPv2 is a classless distance-vector routing protocol.
Which type of routing protocol sends periodic routing updates?
a. Static
b. Distance vector
c. Link state
d. Hierarchical
B. Distance-vector routing protocols send periodic updates.
Which distance-vector routing protocol is used for IPv6 networks?
a. OSPFv2
b. RIPng
c. OSPFv3
d. BGPv3
B. RIPng is a distance-vector routing protocol that is used in IPv6 networks.
Which of the following is true regarding routing metrics?
a. If the metric is bandwidth, the path with the lowest bandwidth is selected.
b. If the metric is bandwidth, the path with the highest bandwidth is selected.
c. If the metric is bandwidth, the highest sum of the bandwidth is used to calculate the highest cost.
d. If the metric is cost, the path with the highest cost is selected.
B. If bandwidth is used, the path with the highest bandwidth is selected. If cost is used, the path with the lowest cost is selected.
Both OSPF and EIGRP are enabled on a router with default values. Both protocols have a route to a destination network in their databases. Which route is entered into the routing table?
a. The OSPF route.
b. The EIGRP route.
c. Both routes are entered with load balancing.
d. Neither route is entered; an error has occurred.
B. OSPF has an administrative distance of 110. EIGRP has an administrative distance of 90. The route with the lower administrative distance is selected: EIGRP.
Which of the following are classless routing protocols?
a. RIPv1 and RIPv2
b. EIGRP and RIPv2
c. IS-IS and OSPF
d. Answers B and C
D. EIGRP, RIPv2, IS-IS, and OSPF are all classless routing protocols.
Which parameters are included in the computation of the EIGRP composite metric use by default?
a. Bandwidth and load
b. Bandwidth and delay
c. Bandwidth and reliability
d. Bandwidth and maximum transmission unit (MTU)
B. The default metrics for EIGRP are bandwidth and delay.
Which routing protocol implements the Diffusing Update Algorithm (DUAL)?
a. IS-IS
b. IGRP
c. EIGRP
d. OSPF
C. EIGRP implements DUAL.
True or false: Link-state routing protocols send periodic routing updates.
False. Distance-vector routing protocols send periodic routing updates.
True or false: RIPv2 was created to support IPv6.
False. RIPng is used with IPv6 networks.
True or false: The path with the lowest cost is preferred.
True
True or false: A link with a reliability of 200/255 is preferred over a link with a reliability of 10/255.
True. The higher value for reliability is preferred.
True or false: A link with a load of 200/255 is preferred over a link with a load of 10/255.
False. The link with the lower load is preferred.
On a router, both EIGRP and OSPF have a route to 198.168.10.0/24. Which route is injected into the routing table?
The EIGRP route. EIGRP routes have an administrative distance of 90, and OSPF routes have an administrative distance of 100. The lower administrative distance is preferred.
On a router, both RIPv2 and IS-IS have a route to 198.168.10.0/24. Which route is injected into the routing table?
The IS-IS route. IS-IS routes have an administrative distance of 115, and RIP routes have an administrative distance of 120. The lower administrative distance is preferred.
On a router, EIGRP has a route to the destination with a prefix of /28, and OSPF has a route to the destination with a prefix of /30. Which is used to reach the destination?
The OSPF route, because it has a more specific route.
Which of the following is the best measurement of an interface’s reliability and load?
a. Reliability 255/255, load 1/255
b. Reliability 255/255, load 255/255
c. Reliability 1/255, load 1/255
d. Reliability 1/255, load 255/255
A. The best reliability is 255/255 (100 percent), and the best load is 1/255 (~0 percent).
Which routing protocols permit an explicit hierarchical topology?
a. BGP
b. EIGRP
c. IS-IS
d. RIP
e. OSPF
f. B and D
g. C and E
G. IS-IS and OSPF permit an explicit hierarchical topology.
What routing protocol parameter is concerned with how long a packet takes to travel from one end to another in the internetwork?
Delay measures the amount of time a packet takes to travel from one end to another in the internetwork.
For what routing protocol metric is the value of a Fast Ethernet interface calculated as 108 /108 = 1?
The metric is 108/BW. If BW = 100 Mb/s = 108, the metric = 108/108 = 1.
Match the loop-prevention technique (numerals) with its description (letters).
i. Split horizon
ii. Poison reverse
iii. Triggered updates
iv. Counting to infinity
a. Sends an infinite metric from which the route was learned
b. Drops a packet when the hop count limit is reached
c. Suppresses a route announcement from which the route was learned
d. Sends a route update when a route changes
i = C, ii = A, iii = D, iv = B
True or false: Link-state routing protocols are more CPU and memory intensive than distance-vector routing protocols.
True
Which routing protocols would you select if you needed to take advantage of VLSMs? (Select all that apply.)
a. RIPv1
b. RIPv2
c. IGRP
d. EIGRP
e. OSPF
f. IS-IS
B, D, E, and F
Which standards-based protocol would you select in a large IPv6 network?
a. RIPng
b. OSPFv3
c. EIGRP for IPv6
d. RIPv2
B. OSPFv3 is the only standards-based routing protocol in the list that supports large networks. RIPng has limited scalability.
Which of the following routing protocols are fast in converging when a change in the network occurs? (Select three.)
a. RIPv1
b. RIPv2
c. EIGRP
d. OSPF
e. IS-IS
f. BGP
C, D, and E. Link-state routing protocols plus EIGRP’s hybrid characteristics converge faster.
If you are designing a large corporate network that cannot be designed in a hierarchy, which routing protocol would you recommend?
a. RIPv1
b. RIPv2
c. EIGRP
d. OSPF
e. IS-IS
f. BGP
C. EIGRP supports large networks and does not require a hierarchical network.
Which routing protocols support VLSMs? (Select all that apply.)
a. RIPv1
b. RIPv2
c. EIGRP
d. OSPF
e. IS-IS
f. All of the above
B, C, D, and E. RIPv1 does not support VLSMs.
You are connecting your network to an ISP. Which routing protocol would you use to exchange routes?
a. RIPv1
b. RIPv2
c. EIGRP
d. OSPF
e. IS-IS
f. BGP
g. All of the above
F. BGP is used to connect to ISPs.
Which routing protocol requires only Cisco routers on the network?
a. RIPv1
b. RIPv2
c. EIGRP
d. OSPF
e. IS-IS
f. BGP
g. All of the above
C. EIGRP is supported only on Cisco routers.
Which routing protocol would be supported on an IPv6 network with multiple vendor routers?
a. RIPv2
b. EIGRP for IPv6
c. BGPv6
d. OSPFv3
e. RIPv3
f. All of the above
g. B and D
D. OSPFv3 is the only correct answer. RIPv2 is for IPv4 networks. EIGRP is not standards based. BGPv6 and RIPv3 do not exist.
Which of the following characteristics are implemented differently between distancevector and link-state routing protocols?
a. IP route tables
b. Route information distribution
c. Routing tables
d. Forwarding of traffic
e. Verification of route information sources
f. Administrative distance
B, C, and E
Which two are true for IGPs and EGPs?
a. IGPs can be substituted with static routing.
b. IGPs are better at finding the fastest paths across the network.
c. IGPs must converge quickly, but EGPs do not.
d. IGPs are for inter-autonomous system connection, EGPs are used for intra-autonomous system connections.
B and C. IGPs converge faster than EGPs.
How is convergence related to routing information?
a. The speed of convergence affects the frequency of routing updates
b. The faster the convergence, less consistent routing information is produced
c. The faster the convergence, more consistent routing information is produced
d. There is no relation between convergence and routing information consistency.
C. Faster routing convergence means more accurate information.
What is a major advantage of classless structured network over a classless network?
a. There is less overhead in classless networks
b. There is more overhead in classless networks.
c. Less IP addresses are used in classful networks.
d. Classless networks do not have advantages over classful networks.
A. Classless network have less routing overhead.
Which two EIGRP features make it appropriate for a company’s network?
a. Slow convergence
b. VLSM support
c. DUAL
d. Automatic summarization
e. Multivendor support
B and C. EIGRP uses DUAL for fast convergence and supports VLSMs.
Match the protocol with the characteristic.
i. EIGRP for IPv6
ii. RIPv2
iii. RIPng
iv. EIGRP
a. Uses multicast FF02::9
b. Uses multicast 224.0.0.9
c. Uses multicast 224.0.0.10
d. Uses multicast FF02::A
i = D, ii = B, iii = A, iv = C
A small network is experiencing excessive broadcast traffic and slow response times. The current routing protocol is RIPv1. What design changes would you recommend?
a. Migrate to RIPv2.
b. Migrate to RIPng.
c. Migrate to EIGRP for IPv4.
d. Migrate to EIGRPv6.
C. To reduce broadcast traffic, use EIGRP for IPv4 as the routing protocol for the network. RIPng and EIGRPv6 are for IPv6 networks.
Match the EIGRP component with its description.
i. RTP
ii. DUAL
iii. Protocol-dependent modules
iv. Neighbor discovery
a. An interface between DUAL and IPX RIP, IGRP, and AppleTalk
b. Used to deliver EIGRP messages reliably
c. Builds an adjacency table
d. Guarantees a loop-free network
i = B, ii = D, iii = A, iv = C
Match each EIGRP parameter with its description.
i. Feasible distance
ii. Successor
iii. Feasible successor
iv. Active state
a. The best path selected by DUAL.
b. The successor is down.
c. The lowest calculated metric of a path to reach the destination.
d. The second-best path.
i = C, ii = A, iii = D, iv = B
On an IPv6 network, you have RIPng and EIGRP running. Both protocols have a route to destination 10.1.1.0/24. Which route gets injected into the routing table?
a. The RIPng route
b. The EIGRP route
c. Both routes
d. Neither route, because of a route conflict.
B. EIGRP route has a lower administrative distance.
Which routing protocol should be used if the network requirements include fastest convergence time and unequal load balancing?
a. Use BGP.
b. Use OSPF.
c. Use EIGRP.
d. Use RIPv2.
C. EIGRP provides fast convergence and unequal load balancing.
Which two routing protocols converge most quickly?
a. BGP
b. OSPF
c. EIGRP
d. RIPv2
B and C
A user performs a Telnet from PC 1 to PC 2. If the metric used by the configured routing protocol is the bandwidth parameter, which route will the packets take?
a. Route 1
b. Route 2
c. Neither, because the information is insufficient.
d. One packet takes Route 1, the following packet takes Route 2, and so on.
Table 10-10
A. The minimum bandwidth via Route 1 is 384 kb/s. The minimum bandwidth via Route 2 is 128 kbps. The route with the higher minimum bandwidth is preferred, so the router chooses Route 1.
A user performs a Telnet from PC 1 to PC 2. If the metric used by the configured routing protocol is hop count, which route will the packets take?
a. Route 1
b. Route 2
c. Neither, because the information is insufficient.
d. One packet takes Route 1, the following packet takes Route 2, and so on.
Table 10-10
B. Route 2 has fewer router hops than Route 1.
A user performs a Telnet from PC 1 to PC 2. If the metric used by the configured routing protocol is OSPF cost, which route will the packets take?
a. Route 1
b. Route 2
c. Neither, because the information is insufficient.
d. One packet takes Route 1, the following packet takes Route 2, and so on.
Table 10-10
A. Route 2 has a higher cost than Route 1. The Route 2 cost is 108/128 kbps = 781.25. The Route 1 cost is 108/512 kbps + 108/384 kbps + 108/512 kbps = 195.31 + 260.41 + 195.31 = 651.03. Route 1 is preferred
By default, if RIPv2 is enabled on all routers, what path is taken?
a. Path 1
b. Path 2
c. Unequal load balancing with Path 1 and Path 2
d. Equal load balancing with Path 1 and Path 2
Table 10-14
A. Path 1 has a lower hop count metric.
By default, if RIPng is enabled on all routers, what path is taken?
a. Path 1
b. Path 2
c. Unequal load balancing with Path 1 and Path 2
d. Equal load balancing with Path 1 and Path 2
Table 10-14
A. Path 1 has a lower hop count metric.
By default, if EIGRP is enabled on all routers, what path is taken?
a. Path 1
b. Path 2
c. Unequal load balancing with Path 1 and Path 2
d. Equal load balancing with Path 1 and Path 2
Table 10-14
B. Path 2 has greater bandwidth.
EIGRP is configured on the routers. If it is configured with the variance command, what path is taken?
a. Path 1
b. Path 2
c. Unequal load sharing Path 1 and Path 2
d. Equal load balancing with Path 1 and Path 2
Table 10-14
C. Load sharing is enabled with the variance command.
By default, if EIGRP for IPv6 is enabled on all routers, and this is an IPv6 network, what path is taken?
a. Path 1
b. Path 2
c. Unequal load balancing with Path 1 and Path 2
d. Equal load balancing with Path 1 and Path 2
B. By default, path 2 has higher bandwidth thus has the better metric.
Which protocol defines an Area Border Router (ABR)?
a. Enhanced Interior Gateway Routing Protocol (EIGRP)
b. Open Shortest Path First (OSPF)
c. Intermediate System-to- Intermediate System (IS-IS)
d. Routing Information Protocol (RIP)
B. OSPF defines ABRs that connect areas to the OSPF backbone.
Which routing protocols support variable-length subnet masks (VLSM)?
a. EIGRP
b. OSPF
c. IS-IS
d. A and B
e. A and C
f. B and C
g. A, B, and C
G. EIGRP, OSPF, and IS-IS support VLSMs.
What is an ASBR?
a. Area Border Router
b. Autonomous System Boundary Router
c. Auxiliary System Border Router
d. Area System Border Router
B. OSPF defines the ASBR as the router that injects external routes into the OSPF autonomous system.
What is the OSPFv2 link-state advertisement (LSA) type for autonomous system external LSAs?
a. Type 1
b. Type 2
c. Type 3
d. Type 4
e. Type 5
E. OSPFv2 Type 5 LSAs are autonomous system external LSAs.
What address do you use to multicast to the OSPFv2 designated router (DR)?
a. 224.0.0.1
b. 224.0.0.5
c. 224.0.0.6
d. 224.0.0.10
C. OSPFv2 routers use 224.0.0.6 to communicate with DRs.
To where are OSPF Type 1 LSAs flooded?
a. The OSPF area
b. The OSPF domain
c. From the area to the OSPF backbone
d. Through the virtual link
A. Type 1 LSAs (router LSAs) are forwarded to all routers within an OSPF area.
What OSPFv3 LSA carries address prefixes?
a. Network LSA
b. Summary LSA
c. Interarea-router LSA
d. Intra-area-prefix LSA
D. Intra-area-prefix LSAs carry IPv6 prefixes associated with a router, a stub network, or an associated transit network segment.
What protocol do you use to exchange IP routes between autonomous systems?
a. IGMP
b. eBGP
c. EIGRP
d. OSPF
B. You use External Border Gateway Protocol (eBGP) to exchange routes between autonomous systems.
Where should routes be summarized?
a. On the core routers
b. On the distribution routers
c. On the access routers
d. None of the above
B. It is a best practice to summarize routes on the distribution routers toward the core.
What is IGMP?
a. Interior Group Management Protocol
b. Internet Group Management Protocol
c. Interior Gateway Routing Protocol
d. Interior Gateway Media Protocol
B. You use IGMP between hosts and local routers to register with multicast groups.
How many bits are mapped from the Layer 3 IPv4 multicast address to a Layer 2 MAC address?
a. 16 bits
b. 23 bits
c. 24 bits
d. 32 bits
B. The lower 23 bits of the IP multicast address are mapped to the last 23 bits of the Layer 2 MAC address.
What is the administrative distance of eBGP routes?
a. 20
b. 100
c. 110
d. 200
A. The administrative distance of eBGP routes is 20. The administrative distance of Internal BGP (iBGP) routes is 200.
What is CIDR?
a. Classful intradomain routing
b. Classful interior domain routing
c. Classless intradomain routing
d. Classless interdomain routing
D. CIDR provides the capability to forward packets based on IP prefixes only, with no concern for IP address class boundaries.
True or false: A router needs to have all its interfaces in Area 0 to be considered an OSPF backbone router.
False. A router with one or more interfaces in Area 0 is considered an OSPF backbone router.
True or false: OSPF IS-IS uses a designated router in multiaccess networks.
True
Which multicast addresses do OSPFv2 routers use?
224.0.0.5 for ALLSPFRouters and 224.0.0.6 for ALLDRouters.
Which multicast addresses are used by OSPFv3 routers?
FF02::5 for ALLSPFRouters and FF02::6 for ALLDRouters.
What is the Cisco administrative distance of OSPF?
The administrative distance of OSPF is 110.
Which OSPFv2 router type generates the OSPF Type 3 LSA?
OSPF ABRs generate the Type 3 summary LSA for ABRs.
Which OSPFv2 router type generates the OSPF Type 2 LSA?
OSPF DRs generate Type 2 network LSAs.
What is included in an OSPFv2 router LSA?
Included are the router’s links, interfaces, state of links, and cost.
True or false: The router with the lowest priority is selected as the OSPF DR.
False. The router with the highest priority is selected as the OSPF designated router.
True or false: You use iBGP to exchange routes between different autonomous systems.
False. You use eBGP to exchange routes between different autonomous systems.
True or false: BGP Version 4 does not include support for CIDR, only OSPF and EIGRP do.
False. BGPv4 added support for classless interdomain routing (CIDR), which provides the capability of forwarding packets based on IP prefixes only, with no concern for the address class.
True or false: eBGP and iBGP redistribute automatically on a router if the BGP peers are configured with the same autonomous system number.
True
eBGP routes have an administrative distance of ____, and iBGP routes have an administrative distance of ____.
20, 200
True or false: IGMP snooping and CGMP are methods to reduce the multicast traffic at Layer 2.
True
True or false: PIM has a hop-count limit of 32.
False. PIM does not have a hop-count limit. DVMRP has a hop-count limit of 32.
True or false: PIM-SM routers use the multicast 224.0.0.13 address to request a multicast group to the RP.
True
True or false: autonomous system path is the only attribute BGP uses to determine the best path to the destination.
False. BGP uses several attributes in the BGP decision process.
List three IP routing protocols that use multicast addresses to communicate with their neighbors.
RIPv2, OSPF, and EIGRP.
What IPv6 multicast address does EIGRP use for IPv6?
FF02::A
Match the routing protocol with the description:
i. EIGRP
ii. OSPFv2
iii. RIPv2
iv. BGP
a. Distance-vector protocol used in the edge of the network
b. IETF link-state protocol used in the network core
c. Hybrid protocol used in the network core
d. Path-vector protocol
i = C, ii = B, iii = A, iv = D
What is the default OSPF cost for a Fast Ethernet interface?
Cost is calculated as 108 / BW, and BW = 100 Mbps = 108 bps for Fast Ethernet. Cost = 108 / 108 = 1.
Which routing protocol do you use in the core of a large enterprise network that supports VLSMs for a network with a mix of Cisco and non-Cisco routers?
OSPF. Although RIPv2 and EIGRP support VLSMs, RIPv2 is no longer recommended. EIGRP is not supported on non-Cisco routers.
What is the benefit of designing for stub areas?
You do not need to flood external LSAs into the stub area, which reduces LSA traffic.
What constraint does the OSPF network design have for traffic traveling between areas?
All traffic from one area must travel through Area 0 (the backbone) to get to another area.
How is OSPFv3 identified as the upper-layer protocol in IPv6?
OSPFv3 is identified as IPv6 Next Header 89.
Which routing protocols are recommended for large enterprise networks?
a. RIPv2
b. OSPFv2
c. EIGRP
d. IS-IS
e. A and B
f. B and C
g. B and D
h. A, B, C, and D
F. EIGRP and OSPFv2 are recommended for large enterprise networks.
What OSPFv3 has an LS type of 0x0008?
a. Router LSA
b. Interarea-router LSA
c. Link LSA
d. Intra-area-prefix LSA
C. Link LSAs are flooded to the local link.
Which routing protocol does not support VLSMs?
a. RIPv1
b. OSPFv2
c. EIGRP
d. RIPv2
e. B and C
f. B, C, and D
RIPv1
Which routing protocols have fast convergence for IPv4 networks?
a. BGP
b. OSPFv2
c. EIGRP
d. RIPv2
e. B and C
f. B, C, and D
g. A, B, and C
E. EIGRP and OSPFv2 have fast convergence.
Which routing protocols have fast convergence for IPv6 networks?
a. RIPng
b. OSPFv3
c. EIGRP for IPv6
d. RIPv2
e. MP-BGP
f. B and C
g. B, C, and D
h. B, C, and E
F. EIGRP for IPv6 and OSPFv3 have fast convergence for IPv6 networks.
A retail chain has about 800 stores that connect to the headquarters and a backup location. The company wants to limit the amount of routing traffic used on the WAN links. What routing protocol(s) is/are recommended?
a. RIPv1
b. RIPv2
c. OSPFv2
d. EIGRP
e. IS-IS
f. BGP
g. B, C, and D
h. C and D
i. C, D, and E
H. RIPv1 and RIPv2 generate periodic routing traffic. IS-IS is used in SP networks. BGP is used for external networks.
Which of the following statements is correct?
a. OSPFv3 provides changes to OSPFv2 for use in IPv4 networks.
b. OSPFv3 provides changes to OSPFv2 for use in IPv6 networks.
c. OSPFv3 provides changes to OSPFv2 for use in IPv6 and IPv4 networks.
d. OSPFng provides changes to OSPFv2 for use in IPv6 networks.
B. OSPFv3 is used in IPv6 networks.
If OSPF is enabled on all routers with the default metrics unchanged, what path is taken?
a. Path 1
b. Path 2
c. Unequal load balance with Path 1 and Path 2
d. Equal load balance with Path 1 and Path 2
Figure 11-26
B. From Router A, the OSPF cost for Path 1 is 108 / 256 kbps = 390. The OSPF cost for Path 2 is (108 / 1536 kbps) + (108 / 1024 kbps) + (108 / 768 kbps) = 65 + 97 + 130 = 292. OSPF selects Path 2 because it has a lower cost.
Identify the OSPF router types shown in Figure 11-27. Router A = \_\_\_\_\_\_\_ Router B = \_\_\_\_\_\_\_ Router C = \_\_\_\_\_\_\_ Router D = \_\_\_\_\_\_\_ Router E = \_\_\_\_\_\_\_ Router F = \_\_\_\_\_\_\_
Figure 11-27
Router A = Internal; Router B = ABR; Router C = Backbone; Router D = ASBR; Router E = ABR; Router F = Internal.
Match the IP multicast address with its description.
i. 224.0.0.1
ii. 224.0.0.2
iii. 224.0.0.5
iv. 224.0.0.10
a. All OSPF routers
b. All routers
c. EIGRP routers
d. All hosts
i =D, ii = B, iii = A, iv = C
Match the BGP attribute with its description.
i. Local preference
ii. MED
iii. Autonomous system path
iv. Next hop
a. IP address
b. Indicates the path used to exit the autonomous system
c. Tells external BGP peers the preferred path into the autonomous system
d. List of ASNs
i = B, ii = C, iii = D, iv = A
Which Cisco feature can you use instead of local preference to influence the selected path to external BGP routers?
Weight. Weight is configured locally and not exchanged in BGP updates. On the other hand, the local preference attribute is exchanged between iBGP peers and is configured at the gateway router.
What is the purpose of route reflectors?
Route reflectors reduce the number of iBGP logical mesh connections.
When BGP confederations are used, which number do external peers see?
External peers see the confederation ID. The internal private autonomous system numbers are used within the confederation.
With ____________ all routers peer with each other within the private autonomous system, and with __________ client routers peer only with the reflector.
BGP confederations, route reflectors.
Which of the following shows the correct order that BGP uses to select a best path?
a. Origin, lowest IP, autonomous system path, weight, local preference, MED
b. Weight, local preference, autonomous system path, origin, MED, lowest IP
c. Lowest IP, autonomous system path, origin, weight, MED, local preference
d. Weight, origin, local preference, autonomous system path, MED, lowest IP
B. Only answer B has the correct order of BGP path selection, which is weight, local preference, autonomous system path, origin, MED, and lowest IP.
What feature did BGPv4 implement to provide forwarding of packets based on IP prefixes?
CIDR was first implemented in BGPv4.
What route should be used to summarize the following networks?
- 150.80.0/23, 10.150.82.0/24, 10.150.83.0/24, 10.150.84.0/22
a. 10.150.80.0/23, 10.150.82.0/23, and 10.150.84.0/22
b. 10.150.80.0/22 and 10.150.84/22
c. 10.150.80.0/21
d. 10.150.80.0/20
C
Match the IPv6 multicast address with its description.
i. FF02::1
ii. FF02::2
iii. FF02::5
iv. FF02::9
v. FF02::A
a. OSPFv3 routers
b. RIPng routers
c. All routers
d. EIGRP routers
e. All nodes
i = E, ii = C, iii = A, iv = B, v = D
Route summarization and redistribution occur in which layer of the hierarchical model?
a. Building access
b. Distribution
c. Core
d. Server access
B
Which of the following best describes route summarization?
a. Grouping contiguous addresses to advertise a large Class A network
b. Grouping noncontiguous addresses to advertise a larger network
c. Grouping contiguous addresses to advertise a larger network
d. Grouping Internet addresses
C
Where should you configure BGP?
a. Routers A and B
b. Routers C and D
c. Answers A and B
d. Routers A and C
Figure 11-28
B. BGP should be configured between autonomous system 100 and autonomous system 500.
On which router should you configure redistribution for OSPF and EIGRP?
a. Router A only
b. Router B only
c. Routers A and B
d. Redistribution occurs automatically.
Figure 11-28
C. Both Routers A and B perform the redistribution with route filters to prevent route feedback.
To announce the networks from autonomous system 100 to autonomous system 500, which routing protocols should you redistribute into BGP?
a. OSPF only
b. EIGRP only
c. OSPF and EIGRP
d. iBGP
Figure 11-28
B. The OSPF routes are redistributed into EIGRP. Then you can redistribute EIGRP routes into BGP.
Where should you use filters?
a. Routers A and B
b. Routers C and D
c. Routers A and C
d. Answers A and B
Figure 11-28
D. You should use filters on all routers performing redistribution.
Which of the following security legislation applies protection for credit card holder data?
a. SOX
b. GLBA
c. HIPAA
d. PCI DSS
D. Payment Card Industry Data Security Standards (PCI DSS) is a security standard that defines standards to protect credit card holder data.
What classification of security threat gathers information about the target host?
a. Gaining unauthorized access
b. Reconnaissance
c. Denial of service
d. None of the above
B. Reconnaissance is used to gather information from the hosts attached to the network.
What type of security threat works to overwhelm network resources such as memory, CPU, and bandwidth?
a. Denial of service
b. Reconnaissance
c. Gaining unauthorized access
d. NMAP scans
A. DoS attacks aim to overwhelm resources such as memory, CPU, and bandwidth, and thus impact the target system and denying legitimate user’s access.
What is it called when attackers change sensitive data without proper authorization?
a. VLAN filtering
b. ACLs
c. Integrity violations
d. Loss of availability
C. When attackers change sensitive data without the proper authorization, this is called an integrity violation.
What security document focuses on the processes and procedures for managing network events in addition to emergency-type scenarios?
a. Acceptable-use policy
b. Incident-handling policy
c. Network access control policy
d. Security management policy
B. Incident-handling policies define the processes and procedures for managing security incidents, including the handling of emergency-type scenarios.
Which of the following should be included in a security policy? (Select all that apply.)
a. Identification of assets
b. Definition of roles and responsibilities
c. Description of permitted behaviors
d. All of the above
D. All of these fall into the two main reasons for having a security policy by providing a framework for the security implementation and creating a security baseline of the current security posture.
Authentication of the identity is based on what attributes? (Select all that apply.)
a. Something the subject knows
b. Something the subject has
c. Something the subject is
d. All of the above
D. Authentication of the identity can be based on any of the attributes or a combination thereof.
What VPN protocol uses encrypted point-to-point GRE tunnels?
a. GRE-based VPN
b. Cisco Easy VPN
c. Cisco GET VPN
d. Cisco DMVPN
D. Cisco DMVPN provides encrypted point-to-point GRE tunnels. GRE-based VPNs do not use encryption.
What are some physical security guidelines to consider for a secure infrastructure? (Select all that apply.)
a. Evaluate potential security breaches
b. Use physical access controls such as locks or alarms
c. Assess the impact of stolen network resources and equipment
d. Syslog and SNMP analysis
A, B, and C. Evaluating security breaches, using locks or alarms, and assessing the impact of stolen resources are all physical security guidelines to consider for a secure infrastructure.
Which of the following benefits does a security management solution provide?
a. SAINT scans
b. Provisions network security policies for deployment
c. Prevents unauthorized access
d. NMAP scans
B. Security management solutions provide ways to provision network security policies for ease of deployment.
What technique can be used to protect private information that is transported over the Internet between the headquarters and branch office? (Select the best answer.)
a. Authentication
b. Log all data
c. Encryption
d. Accounting
C. Encryption can protect data transported between sites over the Internet.
What would be recommended to protect database servers connected to or accessible from the Internet? (Select all that apply.)
a. Firewall
b. Server load balancing (SLB)
c. Syslog
d. SPAN
A. Firewalls have the capabilities to protect database servers in DMZ segments.
What network security issue does 3DES encryption aim to solve?
a. Data integrity
b. User authentication
c. Data authentication
d. Data confidentiality
D. Encryption is a security technique for protecting the data confidentiality of information.
Users are reporting a DoS attack in the DMZ. All the servers have been patched, and all unnecessary services have been turned off. What else can you do to alleviate some of the attack’s effects? (Select all that apply.)
a. Rate limit traffic on the firewall’s ingress.
b. Use ACLs to let only allowed traffic into the network.
c. Block all TCP traffic from unknown sources.
d. DHCP snooping for the DMZ segment.
A and B. The use of ACLs and rate limiting can alleviate the effects of a DoS attack being performed.
You are a network engineer for ABC Corp. You need to bring your coworkers up-todate on network security threats. What would you discuss with them? (Select all that apply.)
a. Reconnaissance and gaining unauthorized access
b. DHCP snooping
c. DMZ security
d. DoS
A and D. DoS, reconnaissance, and gaining unauthorized access are security threats.
True or false: IPsec can ensure data integrity and confidentiality across the Internet.
True. IPsec can ensure data integrity and confidentiality across the Internet.
What focuses on the accuracy and controls imposed on a company’s financial records?
a. HIPAA
b. GLBA
c. SOX
d. EU Data Protection Directive
C. SOX focuses on the accuracy and controls imposed on a company’s financial records.
What are components of managing the security infrastructure? (Select all that apply.)
a. Security management policy
b. Incident-handling policy
c. Network access control policy
d. None of the above
A, B, and C. Managing the security infrastructure has components that include the overall security management policy, incident-handling policy, and network access control policy.
Which security legislative body calls for the protection of people’s privacy?
a. HIPAA
b. GLBA
c. EU Data Protection Directive
d. SOX
C. EU Data Protection Directive calls for the protection of the people’s right to privacy with respect to the processing of personal data.
How can attackers obtain sensitive account information? (Select all that apply.)
a. Password-cracking utilities
b. Capturing network traffic
c. Social engineering
d. All of the above
D. Attackers can use password-cracking utilities, capture network traffic, and use social engineering to obtain sensitive information.
What best describes how to protect data’s integrity?
a. System availability
b. Data confidentiality
c. Ensuring that only legitimate users can view sensitive data
d. Allowing only authorized users to modify data
D. Data integrity allows only authorized users to modify data, ensuring that the data is authentic.
What provides an audit trail of network activities?
a. Authentication
b. Accounting
c. Authorization
d. SSHv1
B. Accounting provides an audit trail of activities by logging the actions of the user.
What authenticates valid DHCP servers to ensure unauthorized host systems are not from interfering with production systems?
DHCP snooping authenticates valid DHCP servers, thereby preventing rouge DHCP servers from interfering with real production servers.
What contains the organization’s procedures, guidelines, and standards?
The security policy contains the organization’s procedures, guidelines, and standards.
How can you enforce access control? (Select all that apply.)
a. Restrict access using VLANs
b. Restrict access using OS-based controls
c. Use encryption techniques
d. All of the above
D. Access control can be enforced by restricting access using VLANs, OS-based controls, and encryption techniques.
What is a general user document that is written in simple language to describe the roles and responsibilities within risk management?
An acceptable-use policy describes roles and responsibilities.
True or false: The network access control policy defines the general access control principles used and how data is classified, such as confidential, top secret, or internal.
True. The network access control policy defines the general access control principles used and how data is classified, such as confidential, top secret, or internal.
What are the four steps used to facilitate continuing efforts in maintaining security policies?
a. Secure, monitor, maintain, close out
b. Monitor, test, evaluate, purchase
c. Improve, test, purchase, evaluate
d. Secure, monitor, test, improve
D
Match the encryption keys and VPN protocols with their definitions.
i. IPsec
ii. SSL
iii. Shared secret
iv. PKI
a. Both sides use the same key.
b. Uses AH and ESP.
c. Web browser TCP port 443.
d. Asymmetric cryptography.
i = B, ii = C, iii = A, iv = D
What does Cisco recommend as the foundation of any deployed security solution?
a. Customer requirements
b. Security audit
c. SLA policy
d. Security policy
D. The foundation of security solutions is a security policy.
Which two of the following protocols are used for IP security?
a. SSH and EIGRP
b. BGP and TCP
c. AH and ESP
d. SSH and RIP
C. AH and ESP are part of IP security.
Which security solution best meets requirements for confidentiality, integrity, and authenticity when using the public network such as the Internet?
a. Cisco IOS firewall
b. Intrusion prevention
c. Secure connectivity
d. AAA
e. Traffic Guard Protector
C. Secure connectivity has requirements of confidentiality, integrity, and authenticity when using the Internet as a transport.
What uses security integrated into routers, switches, and appliances to defend against attacks?
a. Trust and identity management
b. Threat defense
c. Secure connectivity
d. Cisco SAFE
e. Secure firewalling
B. Threat defense integrates security into routers, switches, and appliances to ward off attacks.
Encryption and authentication are used to provide secure transport across untrusted networks by providing ________________.
a. Trust and identity management
b. Threat defense
c. Secure connectivity
d. Cisco SAFE
e. Secure firewalling
C. Secure connectivity has requirements of encryption and authentication to provide secure transport access public networks.
Which of the following are benefits of using Cisco SAFE Architecture? (Select all that apply.)
a. SAFE eases the development, implementation, and management of secure networks.
b. SAFE provides for an open, modular, and expandable structure.
c. SAFE is the basis for the design of highly available secure networks.
d. SAFE provides for self-healing of network devices.
A, B, and C. SAFE Architecture does not provide self-healing of network devices.
What network security platform combines a high-performance firewall with an IPS, antivirus, IPsec, and an SSL VPN in a single unified architecture?
a. Integrated Services Routers
b. Cisco Catalyst switches
c. Adaptive Security Appliances
d. NAC
C. The Cisco ASAs provide high-performance firewall, IPS, antivirus, IPsec, and VPN services.
Which media-level access control standard developed by IEEE permits and denies access to the network and applies traffic policy based on identity?
a. AES
b. 802.1X
c. NAC
d. FWSM
B. 802.1x is an IEEE media-level access control standard that permits and denies admission to the network and applies traffic policy based on identity.
What mechanism protects networks from threats by enforcing security compliance on all devices attempting to access the network?
a. NAC
b. SNMP
c. ASDM
d. SDM
A. Network Access Control (NAC) protects the network from security threats by enforcing security compliance on all devices attempting to access the network.
Which of the following can be used to perform firewall filtering with the use of ACLs? (Select all that apply.)
a. ASA
b. IPS
c. FWSM
d. All of the above
A and C. The Cisco FWSM and ASA security appliances all support firewall filtering with ACLs.
What Cisco security appliance acts as an SMTP gateway for the enterprise?
a. Cisco NAC Appliance
b. Cisco IronPort ESA
c. Cisco ASA
d. Cisco IronPort WSA
B. IronPort ESA is a firewall and threat-monitoring appliance for SMTP (TCP port 25)-based traffic.
Which security management solution integrates the configuration management of firewalls, VPNs, routers, switch modules, and IPS devices?
a. CSM
b. SDM
c. ASDM
d. ACS
A. Cisco Security Manager (CSM) is an integrated solution for configuration management of firewall, VPN, router, switch module, and IPS devices.
When integrating security into the network DEVICES, which of the following can be used? (Select all that apply.)
a. RMON
b. ASA
c. Cisco IOS IPS
d. Syslog
B and C. Cisco IOS IPS and ASA can be used to integrate security into the network.
Which of the following technologies is used to detect and mitigate threats in network traffic?
a. 802.1X
b. NetFlow
c. NAC
d. SSH
B. NetFlow provides information for detecting and mitigating threats.
What Cisco security management platform is used to control the TACACS and RADIUS protocols?
a. SSH
b. NIPS
c. ACS
d. IDM
C. Cisco ACS is a security management platform for controlling administrative access for Cisco devices and security applications.
What security device combines IOS firewall with VPN and IPS services?
a. ASA
b. ISR
c. Cisco Catalyst switches
d. IPS
B. Integrated Services Router (ISR) combines IOS firewall, VPN, and IPS services.
Which of the following is a standards-based protocol for authenticating network clients?
a. NAC
b. PoE
c. 802.1X
d. CSM
C. The 802.1X protocol is a standards-based protocol for authenticating network clients by permitting or denying access to the network.
Cisco ________ Appliance is an integrated solution led by Cisco that incorporates the network infrastructure and third-party software to impose security policy on attached endpoints.
a. ASA
b. CSM
c. ISR
d. NAC
D. The Cisco NAC Appliance is an integrated solution led by Cisco that incorporates the network infrastructure and third-party software to impose security policies on the attached endpoints.
What is an appliance-based solution for network security administrators to monitor, identity, isolate, and respond to security threats? (Select the best answer.)
a. CS-MARS
b. CSA MC
c. ASDM
d. IDM
A. Cisco Security MARS (CS-MARS) is an appliance-based solution for network security administrators to monitor, identify, isolate, and respond to security threats.
Cisco IOS Trust and Identity has a set of services that include which of the following? (Select all that apply.)
a. 802.1X
b. SSL
c. AAA
d. ASDM
A, B, and C. Cisco IOS Trust and Identity is a set of services that include AAA, SSH, SSL, 802.1X, and PKI.
Cisco IOS ______________ offers data encryption at the IP packet level using a set of standards-based protocols.
a. IPS
b. IPsec
c. L2TP
d. L2F
B. Cisco IOS IPsec offers data encryption at the IP packet level using a set of standards-based protocols.
What provides hardware VPN encryption for terminating a large number of VPN tunnels for ISRs?
a. FWSM
b. IDS Network Module
c. Network Analysis Module
d. High-Performance AIM
D. High-Performance Advanced Integration Module (AIM) is a hardware module for terminating large numbers of VPN tunnels.
What are two ways to enhance VPN performance on Cisco ISR G2s?
a. SSL Network Module
b. IDS Network Module
c. Built-In Hardware VPN Acceleration
d. High-Performance AIM
C and D. Built-In Hardware VPN Acceleration is hardware-based encryption that offloads VPN processing from the router’s internal CPU to improve VPN throughput. High-Performance Advanced Integration Module (AIM) is a hardware module for terminating large numbers of VPN tunnels.
Which Cisco security solution can prevent noncompliant devices from accessing the network until they are compliant?
a. CS-MARS
b. IDS module
c. ACS
d. NAC
D. Cisco NAC can restrict access to noncompliant devices but permit access to trusted wired or wireless endpoints such as desktops, laptops, PDAs, and servers.
Which of the following service modules do Cisco Catalyst 6500 switches support? (Select all that apply.)
a. FWSM
b. IDSM2
c. IPsec VPN Shared Port Adapter (SPA)
d. ASA
A , B and C. Cisco Catalyst 6500 switches support FWSM, IPsec VPN SPA and IDSM2 service modules.
What provides attack responses by blocking malicious traffic with Gbps line rates?
a. Network Analysis Module
b. Anomaly Guard Module
c. Content Switch Module
d. Traffic Anomaly Detector Module
B. The Anomaly Guard Module provides attack responses by blocking malicious traffic at Gbps line rates.
Which of the following are identity and access control protocols and mechanisms? (Select all that apply.)
a. 802.1X
b. ACLs
c. NAC
d. NetFlow
A, B, and C. Some identity and access control protocols include 802.1X, ACLs, and NAC. NetFlow collects stats on packets flowing through the router.
Which two of the following are Cisco security management tools?
a. CS-MARS
b. IDS module
c. ACS
d. NAC
A and C. Cisco Security MARS and ACS are two Cisco security management tools.
True or false: NetFlow is used for threat detection and mitigation.
True. NetFlow is used for threat detection and mitigation.
True or false: Cisco ASAs, FWSM, and IOS firewall are part of infection containment.
True. Cisco ASAs, FWSM, and IOS firewall are part of infection containment.
What IOS feature offers inline deep packet inspection to successfully diminish a wide range of network attacks?
a. IOS SSH
b. IOS SSL VPN
c. IOS IPsec
d. IOS IPS
D. The IOS Intrusion Prevention System (IPS) offers inline deep packet inspection to successfully diminish a wide range of network attacks.
The Cisco 4200 ___________ sensor appliances can identify, analyze, and block unwanted traffic from flowing on the network.
IPS. The Cisco 4200 IPS sensor appliances can identify, analyze, and block unwanted traffic on the network.
What provides centralized control for administrative access to Cisco devices and security applications?
a. CSM
b. ACS
c. CS-MARS
d. ASDM
B. Cisco Secure Access Control Server (ACS) provides centralized control for administrative access to Cisco devices and security applications.
True or false: IPS 4255 delivers 10000 Mbps of performance and can be used to protect partially utilized gigabit-connected subnets.
False. IPS 4255 delivers 650 Mbps of performance and can be used to protect partially utilized gigabit-connected subnets.
Match each protocol, mechanism, or feature with its security grouping:
i. CSM
ii. IGP/EGP MD5
iii. NetFlow
iv. NAC
a. Identity and access control
b. Threat detection and mitigation
c. Infrastructure protection
d. Security management
i = D, ii = C, iii = B, iv = A
Which International Telecommunication Union (ITU) standard provides a framework for multimedia protocols for the transport of voice, video, and data over packet-switched networks?
a. Session Initiation Protocol (SIP)
b. Voice over IP (VoIP)
c. H.323
d. Weighted fair queuing (WFQ)
C. H.323 is the ITU standard that provides a framework for the transport of voice, video, and data over packet-switched networks.
What is the default coder-decoder (codec) used with VoIP dial peers?
a. G.711
b. G.723
c. G.728
d. G.729
D. The default codec in Cisco VoIP dial peers is G.729, which has an 8 kbps bit rate.
Real-time Transport Protocol (RTP) operates at what layer of the OSI model?
a. Application
b. Session
c. Transport
d. Network
C. RTP operates at the transport layer of the OSI model.
Which H.323 protocol is responsible for call setup and signaling?
a. H.245
b. G.711
c. H.225
d. RTCP
C. The H.225 standard defines the procedures for call setup and signaling.
What unit represents the average number of concurrent voice calls, commonly calculated for the period of 1 hour?
a. Kbps
b. Erlang
c. DS0
d. FXS
B. An Erlang is a unit that describes the number of calls in an hour.
Which feature does not transmit packets when there is silence?
a. Ear and mouth (E&M)
b. Voice-activity detection (VAD)
c. Dial peers
d. Digital silence suppressor (DSS)
B. VAD reduces traffic by not transmitting packets when there is silence in voice conversations.
What does Compressed Real-time Transport Protocol (cRTP) compress?
a. RTP headers
b. RTP, TCP, and IP headers
c. RTP, User Datagram Protocol (UDP), and IP headers
d. Real-time Transport Control Protocol (RTCP) headers
C. cRTP compresses the RTP, UDP, and IP headers.
Which QoS mechanism is recommended for VoIP networks?
a. Custom queuing
b. Low-latency queuing (LLQ)
c. Priority queuing
d. Switched-based queuing
B. LLQ is recommended for VoIP networks.
Where is the local loop located?
a. Between phones and the central office (CO) switch
b. Between two PBXs
c. Between the loopback interfaces of two VoIP routers
d. Between two PSTN switches
A. The local loop is located between the traditional phone and the CO switch.
What is jitter?
a. The echo caused by mismatched impedance
b. The loss of packets in the network
c. The variable delay of received packets
d. The fixed delay of received packets
C. Jitter is the variance in the amount of per-packet delay incurred during the transport of packets across the network, such as packets in an IP telephony voice call.
True or false: LLQ is recommended for VoIP networks.
True. Cisco recommends low-latency queuing for VoIP networks.
True or false: H.323 is an IETF standard, and SIP is an ITU standard for multimedia protocols.
False. H.323 is an ITU standard, and SIP is an IETF standard for multimedia.
True or false: An Erlang is a unit that represents the continuous use of one voice path in one hour.
True. An Erlang is a telecommunications traffic unit of measurement representing the continuous use of one voice path for 1 hour.
What do you implement to stop packets from being transmitted when there is silence in a voice conversation?
VAD. Voice-activity detection suppresses packets when there is silence.
The variable delay of received VoIP packets is corrected with what kind of buffers?
Dejitter buffers are used at the receiving end to smooth out the variable delay of received packets.
True or false: Common Channel Signaling uses a separate channel for signaling.
True. With CCS, a separate channel (from the bearer channels) is used for signaling.
True or false: FXO ports are used for phones, and FXS ports connect to the PSTN.
False. You use FXS ports to connect to phones and FXO ports to connect to the PSTN.
True or false: SS7 provides mechanisms for exchanging control and routing messages in the PSTN.
True. SS7 implements call setup, routing, and control, ensuring that intermediate and far-end switches are available when a call is placed.
An organization uses what kind of system to gather and provide information for the customer before transferring her to an agent?
Interactive voice response (IVR) system. IVR systems connect incoming calls to an audio playback system that queues the calls, provides prerecorded announcements, prompts the caller for key options, provides the caller with information, and transfers the call to another switch extension or agent.
An organization uses what kind of system to route calls to agents based on the agent skill group or call statistics?
Automatic call distribution (ACD) system. ACD is used by airline reservation systems, customer service departments, and other call centers.
In addition to codec selection, both _______ and _______ can be used to reduce the bandwidth of VoIP calls.
cRTP and VAD. Both cRTP and VAD reduce the amount of bandwidth used by VoIP calls. G.729 calls can be reduced from 26.4 kbps to 11.2 with cRTP and to 7.3 with cRTP and VAD.
Label each of the following delays as fixed or variable:
a. Processing
b. Dejitter buffer
c. Serialization
d. Queuing
e. Propagation
A, B, C, and E are fixed; D is variable. Fixed-delay components include processing, serialization, dejitter, and propagation delays. Variable-delay components include only queuing delays.
How can you reduce serialization delay?
You reduce the frame size with fragmentation or increase the link bandwidth. The formula is serialization delay = frame size/link bandwidth.
Which queuing technique uses a strict priority queue for RTP traffic?
PQ-WFQ and LLQ. Both of these queuing techniques use a strict-priority queue. LLQ also provides class-based differentiated services.
True or false: The maximum one-way delay in the G.114 recommendation for acceptable voice is 200 ms.
False. The G.114 recommendation specifies a 150-ms one-way maximum delay.
True or false: FRF.12 is an LFI standard used in networks with VoFR and VoIP over Frame Relay.
True. FRF.12 specifies LFI for Frame Relay networks.
An assessment of a network determines that the average round-trip time between two sites is 250 ms. Can an IPT solution be implemented between the sites?
Yes. An RTT of 250 ms means that the average one-way delay is 125 ms, which is less than the recommended maximum of 150 ms.
Match each protocol with its description:
i. DHCP
ii. SCCP
iii. RTP
iv. H.323
v. TFTP
a. Transports coded voice streams
b. Controls Cisco IOS gateways
c. Provides call signaling between Cisco IP phones and CUCM
d. Provides IP address
e. Provides phone configuration
i = D, ii = C, iii = A, iv = B, v = E
Match each CM deployment model with its description:
i. Single-site deployment
ii. Multisite WAN with distributed call processing
iii. Multisite WAN with centralized call processing
a. Single CUCM cluster with SRST at remote sites
b. Single CUCM cluster implemented in a large building
c. Multiple CUCM clusters
i = B, ii = C, iii = A
Match each component with its Cisco IPT functional area:
i. CUCM
ii. Layer 3 switch
iii. Digital gateway
iv. Unity
a. Service applications
b. Call processing
c. Client endpoint
d. Infrastructure
i = B, ii = D, iii = C, iv = A
Which protocol is preferred for inter-PBX trunks?
a. SS7
b. RTP
c. Q.SIG
d. DTMF
C. Q.SIG is the preferred protocol for inter-PBX trunks.
cRTP compresses the IP/UDP/RTP header to what size?
a. 2 or 4 bytes
b. 2 or 5 bytes
c. 40 bytes
d. It compresses the RTP header only.
A. cRTP compresses the IP/UDP/RTP headers from 40 bytes to 2 or 4 bytes.
The steps of converting an analog signal to digital format occur in which order?
a. Sampling, filtering, digitizing
b. Filtering, sampling, digitizing
c. Digitizing, filtering, sampling
d. Sampling, digitizing, filtering
B. The analog signal is filtered and then sampled, and then samples are digitized.
Digitizing is divided into which two processes?
a. Filtering and sampling
b. Expanding and filtering
c. Companding, and quantizing and coding
d. Sampling, and quantizing and coding
C. The digitizing process is divided into companding, and quantization and coding.
Which of the following are goals of IP telephony?
a. Use the existing IP infrastructure
b. Provide lower cost of ownership
c. Provide greater flexibility in voice communications
d. All of the above
D. All answers are correct.
An analysis of a 384-kbps WAN link shows complaints of voice quality issues between two sites when large file transfers take place. The circuit is running at 45 percent utilization. What QoS schemes should be implemented to alleviate this?
a. CQ and cRTP
b. LFI and cRTP
c. LLQ
d. All of the above
B. LFI and cRTP should be implemented to help with the serialization delay on slow-speed WAN circuits. LLQ will not help because the circuit has no congestion.
Which codec is recommended for use in WAN links?
a. G.711
b. G.723
c. G.726
d. G.729
D. The G.729 codec is recommended on WAN links because of its lower bandwidth requirements and relatively high MOS.
Which technology reduces the amount of bandwidth used? (Select all that apply.)
a. QoS
b. LFI
c. cRTP
d. VAD
C and D. cRTP and VAD reduce the amount of IP bandwidth used in IPT calls.
Which of the following statements is true?
a. CAC prevents voice calls from affecting other voice calls.
b. CAC prevents voice calls from affecting data bandwidth.
c. CAC prevents data from affecting voice calls.
d. CAC prevents data from affecting other data traffic.
A. CAC prevents new voice calls from affecting existing voice calls.
What IPT component contains the dial plan and is used to register IP phones?
a. Gateway
b. Unity server
c. Gatekeeper
d. Cisco Unified CallManager
D. The Cisco Unified CallManager performs the call processing functions of the Cisco IPT solution.
Which are drivers for Unified Communications?
a. Better quality
b. Reduce WAN costs
c. Flexibility to carry data, voice and video
d. Efficient integration with legacy PSTN infrastructure
e. Improvement of QoS on the network
B and C
Match the H.323 component with its description.
a. Gateway
b. Gatekeeper
c. MCU
d. Terminal
i. IP phone
ii. Manages multipoint conferences
iii. Call control and signaling
iv. Provides translation services between H.323 endpoints
A = iv, B = iii, C = ii, D = i.
Which IPT component provides the call processing component?
a. Cisco Call Processing Manager
b. Cisco Gateway Manager
c. Cisco Unified Communications Manager
d. Cisco IP Contact Center
C
Which protocol is used for communications between two IP endpoints?
a. SCCP
b. SIP
c. H.323
d. MGCP
e. RSVP
f. CAC
g. CUCM
h. RTP
H. RTP is used to transport voice streams between two endpoints.
Which protocol is an IETF-defined application layer control protocol used to establish and terminate calls between two or more endpoints?
a. SCCP
b. SIP
c. H.323
d. MGCP
e. RSVP
f. CAC
g. CUCM
h. RTP
B. SIP is defined is RFC 2453 and is used to establish, maintain, and terminate calls.
Which protocol is defined in RFC 3661 and used by CUCM to control gateways?
a. SCCP
b. SIP
c. H.323
d. MGCP
e. RSVP
f. CAC
g. CUCM
h. RTP
D. MGCP is used to control gateways.
Which services from the Media Services Framework provide capture of media streams?
a. Access services
b. Transport services
c. Bridging services
d. Storage services
e. Session control services
f. Application services
g. Endpoint services
h. Reliable services
D. Storage services provide capture and storage of media streams.
Which services from the Media Services Framework provide transcoding?
a. Access services
b. Transport services
c. Bridging services
d. Storage services
e. Session control services
f. Application services
g. Endpoint services
h. Reliable services
C. Bridging services provide transcoding and recording services of media streams.
Which traffic type is recommended for AF4 PHB?
a. Network control
b. Telephony
c. Broadcast video
d. Multimedia conferencing
e. Real time
f. OAM
g. FTP
h. YouTube
D. Multimedia conferencing should be provisioned on DSCP AF4 PHB.
Which traffic type is recommended for CS2 PHB?
a. Network control
b. Telephony
c. Broadcast video
d. Multimedia conferencing
e. Real time
f. OAM
g. FTP
h. YouTube
F. OAM should be provisioned on DSCP CS2 PHB.
Which traffic type is recommended for CS4 PHB?
a. Network control
b. Telephony
c. Broadcast video
d. Multimedia conferencing
e. Real time
f. OAM
g. FTP
h. YouTube
D. Real-time interactive media should be provisioned on DSCP CS4 PHB.
Which CODEC generates an 8-kbps bit rate?
a. G.711
b. G.726
c. G.728
d. G.729
e. G.723
D. G.729 generates an 8-kbps bit rate.
Which CODEC generates a 64-kbps bit rate?
a. G.711
b. G.726
c. G.728
d. G.729
e. G.723
A. G.711 generates a 64-kbps bit rate.
Which is the recommended QoS mechanism for VoIP networks?
a. WRED
b. PQ
c. WFQ
d. LLQ
e. DSCP
D. LLQ is recommended for most VoIP networks.
How much bandwidth is generated by Cisco TelePresence 3000 at 1080p?
a. 12.3 Mbps
b. 4.1 Mbps
c. 6 Mbps
d. 768 kbps
e. 2 Mbps
A. Cisco TelePresence 3000 generates 12.3Mbps worth of traffic at 1080p.
How much bandwidth is generated by VT Advantage?
a. 12.3 Mbps
b. 4.1 Mbps
c. 6 Mbps
d. 768 kbps
e. 2 Mbps
D. Cisco Video Advantage generates 768 kbps worth of CIF traffic.
The client has an existing Frame Relay network, as shown in Figure 14-28. The network has a large site and 50 small remote sites. The client wants a design for a VoIP network. The client wants to provide differentiated CoS for the voice, Systems Network Architecture (SNA), FTP, and other traffic.
Based on the current network diagram, which Cisco IPT deployment model should you recommend?
Multisite WAN with centralized call processing with a CM cluster at the main site and SRST routers at the remote sites.
The client has an existing Frame Relay network, as shown in Figure 14-28. The network has a large site and 50 small remote sites. The client wants a design for a VoIP network. The client wants to provide differentiated CoS for the voice, Systems Network Architecture (SNA), FTP, and other traffic.
What feature should you recommend to provide call processing in the event of a WAN failure?
SRST enables the remote routers to provide call-handling support for IP phones when they lose connectivity to the CallManagers because of a WAN failure.
The client has an existing Frame Relay network, as shown in Figure 14-28. The network has a large site and 50 small remote sites. The client wants a design for a VoIP network. The client wants to provide differentiated CoS for the voice, Systems Network Architecture (SNA), FTP, and other traffic.
Which queuing technique should you recommend?
LLQ provides a strict queue for RTP (VoIP) traffic and differentiated class of service for all other traffic.
The client has an existing Frame Relay network, as shown in Figure 14-28. The network has a large site and 50 small remote sites. The client wants a design for a VoIP network. The client wants to provide differentiated CoS for the voice, Systems Network Architecture (SNA), FTP, and other traffic.
For Site 1, the current data traffic is 512 kbps, and video traffic is 0. What is the minimum bandwidth required to support four concurrent VoIP G.729 calls plus the data traffic to the site?
The minimum bandwidth is approximately 640 kbps. Each call is 30 kbps times four, which equals 120 kbps. The exiting 512 kbps of data traffic equals 640 kbps. The circuit should be provisioned at a higher speed to prevent the sustained peak utilization from being higher than 75 percent.
The client has an existing Frame Relay network, as shown in Figure 14-28. The network has a large site and 50 small remote sites. The client wants a design for a VoIP network. The client wants to provide differentiated CoS for the voice, Systems Network Architecture (SNA), FTP, and other traffic.
Should you implement a multisite WAN with centralized call processing CUCM cluster?
Yes, a CUCM cluster should be implemented at the main site.
The client has an existing Frame Relay network, as shown in Figure 14-28. The network has a large site and 50 small remote sites. The client wants a design for a VoIP network. The client wants to provide differentiated CoS for the voice, Systems Network Architecture (SNA), FTP, and other traffic.
What feature can you use to reduce bandwidth over the WAN links?
cRTP compresses the RTP/UDP/IP headers from 40 bytes to 2 to 4 bytes.
The client has an existing Frame Relay network, as shown in Figure 14-28. The network has a large site and 50 small remote sites. The client wants a design for a VoIP network. The client wants to provide differentiated CoS for the voice, Systems Network Architecture (SNA), FTP, and other traffic.
Which LFI technique should you use to reduce the serialization delay?
FRF.12 is the link and fragmentation technique used in Frame Relay networks.
Which version of SNMP introduces security extensions for authentication and encryption?
a. SNMPv1
b. SNMPv2
c. SNMPv3
d. SNMPv4
C. SNMPv3 introduces authentication and encryption for SNMP.
SNMP runs over which protocol?
a. TCP
b. UDP
c. IP
d. MIB
B. SNMP runs over UDP.
Which SNMP component contains an agent?
a. Managed device
b. Agent
c. NMS manager
d. MIB
A. Managed devices contain SNMP agents.
Which SNMP component is a collection of information that is stored on the local agent?
a. Managed device
b. Agent
c. NMS manager
d. MIB
D. A MIB is a collection of information that is stored on the local agent of the managed device.
CDP is an acronym for which Cisco function?
a. Collection Device Protocol
b. Cisco Device Protocol
c. Campus Discovery Protocol
d. Cisco Discovery Protocol
D. CDP is Cisco Discovery Protocol.
Which SNMP operation obtains full table information from an agent?
a. Get
b. GetNext
c. GetBulk
d. Inform
C. The NMS manager uses the GetBulk operation to retrieve large blocks of data, such as multiple rows in a table.
RMON1 provides information at what levels of the OSI model?
a. Data link and physical
b. Network, data link, physical
c. Transport and network
d. Application to network
A. RMON1 is focused on the data link and physical layers of the OSI model.
Which of the following is not an SNMP operation?
a. Get
b. Community
c. Set
d. Trap
B. Community is not an SNMP operation.
Which solution gathers information that can be used for accounting and billing applications?
a. RMON
b. NetFlow
c. CDP
d. Syslog
B. NetFlow allows for network planning, traffic engineering, billing, accounting, and application monitoring.
What is CDP?
a. Client/server protocol
b. Hello-based protocol
c. Network management agent
d. Request-response protocol
B. CDP is a hello-based protocol.
What does the acronym FCAPS stand for?
Fault management, configuration management, accounting management, performance management, and security management.
CDP runs at what layer of the OSI model?
Data link layer
Syslog level 5 is what level of severity?
Notice level
True or false: RMON provides more scalability than NetFlow.
False
True or false: NetFlow provides detailed information on the number of bytes and packets per conversation.
True
What information can be obtained from a neighbor using CDP?
Device ID, IP address, capabilities, OS version, model number, port ID.
What SNMP message is sent by an agent when an event occurs?
a. Get
b. Set
c. GetResponse
d. Trap
D. A trap message is sent by the agent when a significant event occurs.
What SNMP message is sent to an agent to obtain an instance of an object?
a. Get
b. Set
c. GetResponse
d. Trap
A. The NMS manager uses the Get operation to retrieve the value-specific MIB variable from an agent.
What SNMP message is used to configure a managed device?
a. Get
b. Set
c. GetResponse
d. Trap
B. The NMS manager uses the Set operation to set values of the object instance within an agent.
About how many facilities are available for syslog in Cisco routers?
a. 25
b. 100
c. 500
d. 1000
C. More than 500 syslog facilities can be configured on Cisco IOS.
Which SNMPv3 level provides authentication with no encryption?
a. authPriv
b. authNoPriv
c. noAuthNoPriv
d. noauthPriv
B. At the authNoPriv level, authentication is provided, but not encryption.
What encryption standard does SNMPv3 use?
a. 3DES
b. CBC-DES
c. HMAC-MD5
d. MD5
B. CBC-DES is the encryption algorithm used by SNMPv3.
Which technologies can you use to assess a network and create documentation? (Select two.)
a. RMON
b. MIB
c. CDP
d. NetFlow
C and D. Both CDP and NetFlow can be used to discover and document a network.
Which of the following are true about CDP? (Select three.)
a. It uses UDP.
b. It is a data-link protocol.
c. It provides information on neighboring routers and switches.
d. It is media and protocol independent.
e. It uses syslog and RMON.
B, C, and D
RMON2 provides information at what levels of the OSI model?
a. Data link and physical
b. Network, data link, and physical
c. Transport and network only
d. Application to network
D. RMON2 provides monitoring information from the network to the application layers.
Which network management technology operates over TCP?
a. SNMP
b. RMON
c. NetFlow
d. None of the above
D. All work over UDP.
Which statement is correct?
a. SNMPv1 uses GetBulk operations and 32-bit values.
b. SNMPv2 uses 32-bit values, and SNMPv3 uses 64-bit values.
c. SNMPv1 uses 32-bit values, and SNMPv2 uses 64-bit values.
d. SNMPv1 uses GetBulk operations, and SNMPv2 uses Inform operations.
C
Which SNMPv3 level provides authentication and privacy?
a. authPriv
b. authNoPriv
c. noAuthNoPriv
d. noauthPriv
A. The authPriv level provides authentication and encryption.
Match the RMON group with its description.
i. Statistics
ii. Matrix
iii. alHost
iv. protocoldir
a. Stores statistics for conversations between two hosts
b. Lists the protocols that the device supports
c. Contains real-time statistics for interfaces: packets sent, bytes, CRC errors, fragments
d. Contains application layer statistics for traffic sent to or from each host
i = C, ii = A, iii = D, iv = B
What is the most critical syslog priority level?
a. 0
b. 1
c. 6d. 7
A. Syslog level 0 indicates an emergency and that the system is unusable.
Which management protocol will help a company concentrate on Layer 4 monitoring and gain information to assist in long-term trending analysis?
a. SNMPv3
b. RMON2
c. NetFlow
d. CDP
e. MIB
B. RMON2 allows for Layer 4 monitoring. NetFlow is not a long-term trending solution.
Which management protocol performs network traffic analysis?
a. SNMPv3
b. RMON2
c. NetFlow
d. CDP
e. MIB
C. NetFlow does network traffic analysis.
What virtual information store is used by SNMP?
a. SNMPv3
b. RMON2
c. ASN.1
d. CDP
e. MIB
E. MIB is the database that stores information.
What standard language is used by SNMP?
a. SNMPv3
b. RMON2
c. ASN.1
d. CDP
e. MIB
C. ASN.1 is used to define information being stored.
Which SNMPv3 method provides authentication but no encryption?
a. noAuthNoPriv
b. authPriv
c. authNoPriv
d. noauthPriv
C. authNoPriv provides authentication and no encryption.
Which is not an SNMP operation?
a. GetNext
b. Trap
c. Inform Request
d. Community
e. GetBulk
D. Community is not an SNMP operation.
Which protocol allows for vendor specific information?
a. SNMPv3
b. RMON2
c. ASN.1
d. CDP
e. MIB
E. Private MIBs can be used for vendor specific information.
