CCNP ROUTE Practice Qs Flashcards
Routers R2, R3, R4, and R5 have OSPF enabled. What should be configured on the routers in area 1 to ensure that all default summary routes and redistributed EIGRP routes will be forwarded from R6 to area 1, and only a default route for all other OSPF routes will be forwarded from R5 to area 1.
A. R5(config-router)# area 1 stubR6(config-router)# area 1 stub
B. R5(config-router)# area 1 stub no-summaryR6(config-router)# area 1 stub
C. R5(config-router)# area 1 nssaR6(config-router)# area 1 nssa
D. R5(config-router)# area 1 nssa no-summaryR6(config-router)# area 1 nssa
Answer: D
Explanation:
External RIP routes are being routed in OSPF area 1 where they are injected as type 7 so we use (area 1 NSSA) command on the ASBR(R2) and (Area 1 NSSA no-summary) command on R3 and R4.
You can verify issuing the command “show ip ospf database” and you will see the type 7 lsa’s on ASBR(R2) and LSA’s Type 5 and 7 on both the ABR routers(R3 ,R4).
Which two statements are correct regarding the routes to be redistributed into OSPF?
A. The network 192.168.1.0 will be allowed and assigned a metric of 100.
B. The network 192.168.1.0 will be allowed and assigned a metric of 200.
C. All networks except 10.0.0.0/8 will be allowed and assigned a metric of 200.
D. The network 172.16.0.0/16 will be allowed and assigned a metric of 200.
E. The network 10.0.10.0/24 will be allowed and assigned a metric of 200.
(Choose two.)
Answer: A,D
A network administrator is troubleshooting a redistribution of OSPF routes into EIGRP.
router eigrp 1
network 10.0.0.0
!
router ospf 1
network 172.10.0.0 0.0.255.255 area 0
redistribute eigrp 1
Given the exhibited commands, which statement is true?
A. Redistributed routes will have an external type of 1 and a metric of 1.
B. Redistributed routes will have an external type of 2 and a metric of 20.
C. Redistributed routes will maintain their original OSPF routing metric.
D. Redistributed routes will have a default metric of 0 and will be treated as reachable and advertised.
E. Redistributed routes will have a default metric of 0 but will be treated as unreachable
and not advertised.
Answer: B
Explanation:
By default, all routes redistributed into OSPF will be tagged as external type 2 (E2) with a metric of 20, except for BGP routes (with a metric of 1).
Note: The cost of a type 2 route is always the external cost, irrespective of the interior cost to reach that route. A type 1 cost is the addition of the external cost and the internal cost used to reach that route.
Which three steps are most helpful in verifying proper route redistribution? (Choose three.)
A. On the routers not performing the route redistribution, use the show ip route command to see if the redistributed routes show up.
B. On the ASBR router performing the route redistribution, use the show ip protocol command to verify the redistribution configurations.
C. On the ASBR router performing the route redistribution, use the show ip route command to verify that the proper routes from each routing protocol are there.
D. On the routers not performing the route redistribution, use the show ip protocols command to verify the routing information sources.
E. On the routers not performing the route redistribution, use the debug ip routing command to verify the routing updates from the ASBR.
Answer: A,B,C
Explanation:
In order to verify proper route redistribution, use the “show ip route” command on all routers within the network, as well as the ABSR, to verify that the routes are properly being advertised to all routers.
In addition, issuing the “show ip protocol” can be used on the router performing the redistribution to verify that routes are being redistributed into each other.
Into which two types of areas would an area border router (ABR) inject a default route?
(Choose two.)
A. stub
B. the autonomous system of an exterior gateway protocol (EGP)
C. NSSA
D. totally stubby
E. the autonomous system of a different interior gateway protocol (IGP)
F. area 0
Answer: A,D
Explanation:
Both stub area & totally stubby area allow an ABR to inject a default route. The main difference between these 2 types of areas is:
- Stub area replaces LSA Type 5 (External LSA – created by an ASBR to advertise network from another autonomous system) with a default route
- Totally stubby area replaces both LSA Type 5 and LSA Type 3 (Summary LSA – created by an ABR to advertise network from other areas, but still within the AS, sometimes called interarea routes) with a default route.
Below summarizes the LSA Types allowed and not allowed in area types:
Area Type/Type 1 & 2 (within area)/Type 3 (from other areas)/Type 4/Type 5/Type 7
Standard & Backbone/yes/yes/yes/yes/no
Stub/yes/yes/no/no/no
Totally Stub/yes/no/no/no/no
NSSA/yes/yes/no/no/yes
Totally Stubby NSSA/yes/no/no/no/yes
What is the benefit of deploying IPv6 in a campus network using dual stack mode?
A. Dual Stack Mode takes advantage of IPv6 over IPv4 tunnel ithin a network.
B. IPv4 and IPv6 run alongside one another and have no ependency on each other to function
C. IPv4 and IPv6 share network resources.
D. IPv6 can depend on existing IPv4 routing, QoS, security, and multicast policies.
Answer: B
Explanation:
Deploying IPv6 in the campus using the dual-stack model offers several advantages over the hybrid and service block models.
The primary advantage of a dual stack model is that it does not require tunneling within the campus network.
The dual stack model runs the two protocols as ships in the night, meaning that IPv4 and IPv6 run alongside one another and have no dependency on each other to function except that they share network resources.
Both have independent routing.
Router E is configured with the EIGRP variance 2 command.
What path will Router E take to reach Router A?
A. only E-D-A
B. only E-B-A
C. only E-C-A
D. both E-B-A and E-C-A
E. both E-B-A and E-D-A
F. all available paths.
Answer: D
Explanation:
By using the “variance 2 command we can share traffic to other feasible successor routes.
But by default, EIGRP only shares traffic to 4 paths. So we need to use the “maximum-paths 6” to make sure all of these routes are used.
A network administrator recently redistributed RIP routes into an OSPF domain. However, the administrator wants to configure the network so that instead of 32 external type-5 LSAs flooding into the OSPF network, there is only one.
What must the administrator do to accomplish this?
A. Configure summarization on R1 with area 1 range 172.16.32.0 255.255.224.0
B. Configure summarization on R1 with summary-address 172.16.32.0 255.255.224.0
C. Configure area 1 as a stub area with area 1 stub
D. Configure area 1 as a NSSA area with area 1 stub nssa
Answer: B
Explanation:
In many cases, the router doesn’t even need specific routes to each and every subnet (for example, 172.16.1.0/24). It would be just as happy if it knew how to get to the major network (for example, 172.16.0.0/16) and let another router take it from there.
In our telephone network example, the local telephone switch should only need to know to route a phone call to the switch for the called area code. Similarly, a router’s ability to take a group of subnetworks and summarize them as one network (in other words, one advertisement) is called route summarization.
Besides reducing the number of routing entries that a router must keep track of, route summarization can also help protect an external router from making multiple changes to its routing table due to instability within a particular subnet.
For example, let’s say that we were working on a router that connected to 172.16.2.0/24. As we were working on the router, we rebooted it several times. If we were not summarizing our routes, an external router would see each time 172.16.2.0/24 went away and came back.
Each time, it would have to modify its own routing table. However, if our external router were receiving only a summary route (i.e., 172.16.0.0/16), then it wouldn’t have to be concerned with our work on one particular subnet. This is especially a problem for EIGRP, which can create stuck in active (SIA) routes that can lead to a network melt-down.
Summarization Example: We have the following networks that we want to advertise as a single summary route: * 172.16.100.0/24 * 172.16.101.0/24 * 172.16.102.0/24 * 172.16.103.0/24 * 172.16.104.0/24 * 172.16.105.0/24 * 172.16.106.0/24
If R1 is configured for 6to4 tunneling, what will the prefix of its IPv6 network be?
A. 1723:1100:1::/48
B. FFFF:AC1F:6401::/16
C. AC1F:6401::/32
D. 2002:AC1F:6401::/48
E. 3FFE:AC1F:6401::/32
Answer: D
To configure 6to4 on a dual-stack edge router. Which three of the following are valid in 6to4 Tunneling configuration? (Choose three)
A. IPv4 Tunnel IP address
B. Tunnel mode (6to4)
C. Tunnel Keepalives
D. IPv4 Tunnel Destination
E. IPv4 Tunnel Source.
F. 6to4 IPv6 address (within 2002 /16)
Answer: B,E,F
How is network layer addressing accomplished in the OSI protocol suite?
A. Internet Protocol address
B. Media Access Control address
C. Packet Layer Protocol address
D. Network Service Access Point address
E. Authority and Format Identifier address
Answer: D
Explanation:
OSI network-layer addressing is implemented by using two types of hierarchical addresses: network service access-point addresses and network-entity titles.
A network service-access point (NSAP) is a conceptual point on the boundary between the network and the transport layers.
The NSAP is the location at which OSI network services are provided to the transport layer. Each transport-layer entity is assigned a single NSAP, which is individually addressed in an OSI internetwork using NSAP addresses.
A network engineer is configuring a routed interface to forward broadcasts of UDP 69, 53, and 49 to 172.20.14.225. Which command should be applied to the configuration to allow this?
A. router(config-if)#ip helper-address 172.20.14.225
B. router(config-if)#udp helper-address 172.20.14.225
C. router(config-if)#ip udp helper-address 172.20.14.225
D. router(config-if)#ip helper-address 172.20.14.225 69 53 49
Answer: A
Refer to the exhibit. Will redistributed RIP routes from OSPF Area 2 be allowed in Area 1?
A. Because Area 1 is an NSSA, redistributed RIP routes will not be allowed.
B. Redistributed RIP routes will be allowed in Area 1 because they will be changed into type 5 LSAs in Area 0 and passed on into Area 1.
C. Because NSSA will discard type 7 LSAs, redistributed RIP routes will not be allowed in Area 1.
D. Redistributed RIP routes will be allowed in Area 1 because they will be changed into type 7 LSAs in Area 0 and passed on into Area 1.
E. RIP routes will be allowed in Area 1 only if they are first redistributed into IGRP.
Answer: A
Router RTA is configured as follows:
RTA (config)#router rip
RTA(config-router)#network 10.0.0.0
RTA(config-router)#distribute-list 44 in interface BRIO
RTA(config-router)#exit
RTA(config)#access-list 44 deny 172.16.1.0 0.0.0.255
RTA(config)#access-list 44 permit any
Answer: C,E
Explanation:
Distribute list are used to filter routing updates and they are based on access lists.
In this case, an access list of 44 was created to deny the route from network 172.16.1.0/24 so this route will not be entered into the routing table of RTA. But the route from RTW can be entered because it is not filtered by the access list
A and B are not correct because the distribute list is applied to the inbound direction of interface BRI0 so outgoing routing updated will not be filtered.
Distribute list just filters routing updates so user traffic from network 172.16.1.0 will not be denied.
Which address is used by the Unicast Reverse Path Forwarding protocol to validate a packet against the routing table?
A. source address
B. destination address
C. router interface
D. default gateway
Answer: A
A router is configured for redistribution to advertise EIGRP routes into OSPF on a boundary router. Given the configuration:
router ospf 1
redistribute eigrp 1 metric 25 subnets
What is the function of the 25 parameter in the redistribute command?
A. It specifies the seed cost to be applied to the redistributed routes.
B. It specifies the administrative distance on the redistributed routes.
C. It specifies the metric limit of 25 subnets in each OSPF route advertisement.
D. It specifies a new process-id to inject the EIGRP routes into OSPF.
Answer: A
Which routing protocol will continue to receive and process routing updates from neighbors
after the passive interface router configuration command is entered?
A. EIGRP
B. RIP
C. OSPF
D. IS-IS
Answer: B
R1 and R2 belong to the RIP routing domain that includes the networks 10.20.0.0/16 and 10.21.0.0/16. R3 and R4 are performing two-way route redistribution between OSPF and RIP.
A network administrator has discovered that R2 is receiving OSPF routes for the networks 10.20.0.0/16 and 10.21.0.0/16 and a routing loop has occurred.
Which action will correct this problem?
A. Apply an inbound ACL to the R2 serial interface.
B. Change the RIP administrative distance on R3 to 110.
C. Configure distribute-lists on R3 and R4.
D. Set the OSPF default metric to 20.
E. Change the OSPF administrative distance on R3 to 110.
Answer: C
Explanation:
Distribute List is Like an access-list, use to deny or permit the routing update to pass through a router/interface. Distribute List allow you apply an access list to a routing updates.
It can be apply on in or out bond of an interface under a routing process. e.g in fig. R1 want to send a routing update to it neighbor, this update will go through from interface S0/0, router will check, is there some Distribute List apply to this interface. If there is a Distribute List which would contain the allow route to pass through this interface.
Which three route filtering statements are true? (Choose three)
A. After the router rip and passive-interface s0/0 commands have been issued, the s0/0 interface will not send any RIP updates, but will receive routing updates on that interface.
B. After the router eigrp 10 and passive-interface s0/0 commands have been issued, the s0/0 interface will not send any EIGRP updates, but will receive routing updates on that interface
C. After the router ospf 10 and passive-interface s0/0 commands have been issued , the s0/0 interface will not send any OSPF updates, but will receive routing updates on that interface
D. When you use the passive-interface command with RIPv2, multicasts are sent out the specified interface
E. When you use the passive-interface command with EIGRP, hello messages are not sent out the specified interface
F. When you use the passive-interface command with OSPF, hello messages are not sent out the specified interface
Answer: A,E,F
Explanation:
Passive-interface command is used in all routing protocols to disable sending updates out from a specific interface. However the command behavior varies from one protocol to another”
- In RIP, this command will not allow sending multicast updates via a specific interface but will allow listening to incoming updates from other RIP speaking neighbors. This means that the router will still be able to receive updates o n that passive interface and use them in its routing table.
In EIGRP and OSPF the passive-interface command stops sending outgoing hello packets, hence the router can not form any neighbor relationship via the passive interface. This behavior stops both outgoing and incoming routing updates.
Which traffic does the following configuration allow?
ipv6 access-list cisco
permit ipv6 host 2001:DB8:0:4::32 any eq ssh
line vty 0 4
ipv6 access-class cisco in
A. all traffic to vty 0 4 from source 2001:DB8:0:4::32
B. only ssh traffic to vty 0 4 from source all
C. only ssh traffic to vty 0 4 from source 2001:DB8:0:4::32
D. all traffic to vty 0 4 from source all
Answer: C
On the basis of the partial configuration, which two statements are correct? (Choose two.)
A. Only routes matching 10.0.1.0/24 will be advertised out Ethernet 0.
B. Only routes 10.0.1.0/24 will be sent out all interfaces.
C. Only routes 10.0.1.0/24 will be allowed in the routing table.
D. Only routes matching 10.0.0.0/8 will be advertised out Ethernet 0.
E. Only routes matching 10.0.0.0/8 will be advertised out interfaces other than Ethernet 0.
F. All routes will be advertised out interfaces other than Ethernet 0.
Answer: A,E
Explanation:
In this case, the following algorithm is used when multiple distribute-lists are used:
1. First check which interface is being sent out. If it is Ethernet 0, distribute-list 2 is applied first. If the network is denied then no further checking is done for this network. But if distribute-list 2 permits that network then distribute-list 1 is also checked. If both distributelists allow that network then it will be sent out.
- If the interface is not Ethernet 0 then only distribute-list 1 is applied.
Now let’s take some examples. + If the advertised network is 10.0.1.0/24, it will be sent out all interfaces, including Ethernet 0.+ If the advertised network is 10.0.2.0/24, it will be sent out all interfaces, excepting Ethernet 0.+ If the advertised network is 11.0.0.0/8, it will be dropped.
Note: It is possible to define one interface-specific distribute-list per interface and one protocol-specific distribute-list for each process/autonomous-system.
(For more information, please read:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080208748.shtml)
Which command should be added to RTB under router bgp 100 to allow only the external OSPF routes to be redistributed to RTC?
A. redistribute ospf 1
B. redistribute ospf 1 match external 1
C. redistribute ospf 1 match external 2
D. redistribute ospf 1 match external 1 external 2
Answer: D
Explanation:
Use the external keyword along with the redistribute command under router bgp to redistribute OSPF external routes into BGP. With the external keyword, you have three choices: 1. redistribute both external type-1 and type-2 (Default)
- redistribute type-1
- redistribute type-2 Enter the commands in the configuration mode as described here:
RTB(config-router)# router bgp 100 RTB(config-router)# redistribute ospf 1 match external.
A network engineer notices that transmission rates of senders of tcp traffic sharply increase and decrease simultaneously during periods of congestion.
Which condition causes this?
A. Global synchronization
B. Tail drop
C. Random early detection
D. Queue management algorithm
Correct answer: A
Which three problems results from application mixing of UDP and TCP streams within a network with no QoS (choose three)
A. Starvation
B. Jitter
C. Latency
D. windowing
E. Lower throughput
Correct answer:ACE
Which method allows IPv4 and IPv6 to work together without requiring both to be used for a single connection during the migration process?
A. Dual stack method
B. 6to4 tunneling
C. GRE tunneling
D. NAT-PT
Correct Answer:A
Which statement about the use of tunneling to migrate to IPv6 is true?
A. Tunneling is less secure than dual stack or translation.
B. Tunneling is more difficult to configure than dual stack or translation
C. Tunneling does not enable users of the new protocol to communicate with users of the old protocol without dual-stack hosts.
D. Tunneling destination are manually determined by the IPv4 address in the low-order 32 bits of IPv4-compatible IPv6 address
Correct Answer:C
A network administrator executes the command clear ip route. Which two tables does this command clear and rebuild? (Choose two)
A. IP routing
B. FIB
C. ARP cache
D. MAC address table
E. Cisco Express Forwarding table
F. Topology table
Correct Answer:AB
Which switching method is used when entries are present in the output of the command show ip cache?
A. Fast switching
B. Process switching
C. Cisco Express Forwarding Switching
D. Cut-through packet switching
Correct answer: A
Which two actions must you perform to enable and use window scaling on a router? (Choose two)
A. Execute the command ip tcp windows-size 65536
B. Set window scaling to be used on the remote host.
C. Execute the command ip tcp queuemax.
D. Set TCP options to “enabled” on the remote host.
E. Execute the command ip tcp adjust-mss
Correct Answer:AB
Which three TCP enhancements can be used with TCP selective acknowledgments?
A. Header compression
B. Explicit congestion notification
C. Keepalive
D. Time stamps
E. TCP path recovery
F. MTU window
Correct Answer: BCD
A network administrator uses IP SLA to measure UDP performance and notices that packets on one router have a higher one-way delay compared to the opposite direction. Which UDP characteristic does this scenario describe?
A. Latency
B. Starvation
C. Connectionless communication
D. Nonsequencing unordered packets
E. Jitter
Correct Answer:A
Under which condition does UDP dominance occur?
A. When TCP traffic is in the same class as UDP
B. When UDP flows are assigned a lower priority queue
C. When WRED is enabled
D. When ACLs are in place to block TCP traffic.
Correct Answer:A
Prior to enabling PPPoE in a virtual private dialup network group, which task must be completed?
A. Disable CDP on the interface.
B. Execute the vpdn enable command
C. Execute the no switchport command
D. Enable QoS FiFo for PPPoE support
Correct Answer:B
A network engineer has been asked to ensure that the PPPoE connection is established and authenticated using an encrypted password. Which technology, in combination with PPPoE, can be used for authentication in this manner?
A. PAP
B. Dot1x
C. Ipsec
D. CHAPE. ESP
Correct Answer:D
A corporate policy requires PPPoE to be enabled and to maintain a connection with the ISP, even if not interested traffic exists. which feature can be found to accomplish this task?
A. TCT Adjust
B. Dialer persistent
C. PPPoE groups
D. Half-bridging
E. Peer Neighbor Route
Correct answer: B
Which PPP authentication method sent authentication information in clear text? A. MS CHAP B. CDPCP C. CHAP D. PAP
Correct answer: D
Which protocol uses dynamic address mapping to request the next-hope protocol address for specific connection? A. Frame Relay inverse ARP B. Static DLCI mapping C. Frame Relay broadcast queue D. Dynamic DLCI mapping
Correct answer:A
Which statement is true about PPP session phase of PPPoE?
A. PPP options are negotiated and authentication is not performed. Once the link set up is completed, PPPOE functions as layer 3 encapsulation method that allows data to be transferred over PPP link within the PPPoE headers.
B. PPP options are not negotiated and authentication is performed. Once the link setup is complete, PPPoE functions as a layer 4 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.
C. PPP options are automatically enabled and authorization is performed. Once the link setup is completed, PPPoE functions as a layer 2 encapsulation method that allows data to be encrypted over PPP link within PPPoE headers.
D. PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as layer 2 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.
Correct Answer: D
PPPoE is composed of which two phases?
A. Active Authentication phase and PPP Session Phase
B. Passive Discovery Phase and PPP session phase
C. Active authorization phase and PPP Session pahse
D. Active Discovery phase and PPP Session phase
Correct Answer: D
A router with an interface that is configured with iPv6 address autoconfig also has a link-local address assigned. Which message is required to obtain a global unicast address when a router is present?
A. DHCPv6 request
B. Router-advertisement
C. Neighbor-solicitation
D. Redirect
Correct Answer:B
A router with an interface that is configured with IPv6 address autoconfig also has a link-local address assigned. Which message is required to obtain a global unicast address when a router is present?
A. DHCPv6 request
B. Router-advertisement
C. Neighbor-solicitation
D. Redirect
Correct Answer:B
An engineer has configured a router to use EUI-64, and was asked to document the IPv6 address of the router. The router has the following interface parameters:
MAC address C601.420F.0007
Subnet 2001:DB8:0:1::/64
Which IPv6 addresses should the engineer add to the documentation?
A. 2001:DB8:0:1:C601:42FF:FE0F:7
B. 2001:DB8:0:1:FFFF:C601:420F:7
C. 2001:DB8:0:1:FE80:C601:420F:7
D. 2001:DB8:0:1:C601:42FE:800F:7
Correct Answer: A
For security purposes, an IPv6 traffic filter was configured under various interfaces on the local router. However, shortly after implementing the traffic filter, OSPFv3 neighbor adjacencies were lost. What caused this issue?
A. The traffic filter is blocking all ICMPv6 traffic
B. The global anycast address must be added to the traffic filter to allow OSPFv3 to work properly.
C. The link-local addresses that were used by OSPFV3 were explicit denied, which caused the neighbor relationships to fail.
D. IPv6 traffic filtering can be implemented only on SVIs.
Correct Answer: C
What is the purpose of the autonomous-system {autonomous-system-number} command?
A. It sets the EIGRP autonomous system number in a VRF
B. It sets the BGP autonomous system number in a VRF
C. Its sets the global EIGRP autonomous system number
D. It sets the global BGP autonomous system number
Correct Answer:A
What is the default OSPF hello interval on a Frame Relay point-to-point network?
A. 10
B. 20
C. 30
D. 40
Correct Answer:A
Which prefix is matched by the command ip prefix-list name permit 10.8.0.0/16 ge 24 le 24?
A. 10.9.1.0/24
B. 10.8.0.0/24
C. 10.8.0.0/16
D. 10.8.0.0/23
Correct Answer:B
Router A and Router B are configured with IPv6 addressing and basic routing capabilities using OSPFV3. The Network that are advertised from Router A do not show up in Router B routing table. After debugging IPv6 packets, the message “not a router” is found in the output. Why is the routing information not being learned by router B?
A. OSPFV3 timers were not adjusted for fast convergence.
B. The networks were not advertised properly under the OSPFV3 process.
C. An IPv6 traffic filter is blocking the networks from being learned via the Router B interface that is connected to Router A
D. IPv6 unicast routing is not enabled on router A or router B.
Correct Answer: D
After you review the output of the command show IPv6 interface brief, you see that several IPv6 addresses have the 16-bit hexadecimal value of fFFE inserted into the address. Based on this information, what do you conclude about these IPV6 addresses?
A. IEEE EUI-64 was implemented when assigning IPV6 addresses on the device.
B. The addresses were misconfigured and will not function as intended.
C. IPv6 addresses containing “FFFE” indicate that the address is reversed for multicast.
D. The IPv6 universal/local flag (bit 7) was flipped E. IPv6 unicast Forwarding was enable, but IPv6 Cisco Express Forwarding was disabled.
Correct Answer:A
A packet capture log indicates that several router solicitation messages were sent from a local host on the IPv6 segment. What is the expected acknowledgment and its usage?
A. Router acknowledgement message will be forwarded upstream, where the DHCP server will allocate addresses to the local host.
B. Routers on the IPv6 segment will respond with an advertisement that provides an external path from the local subnet, as well as certain data, such as prefix discovery.
C. Duplicate Address detection will determine if any other local host is using the same IPv6 address for communication with the IPv6 routers on the segment.
Correct Answer:B
A company has just opened two remote branch office that need to be connected to the corporate network. Which interface configuration output can be applied to the corporate router to allow communication to the remote sites?
A. Interface Tunnel0 Bandwidth 1536 Ip address 209.165.200.230 255.255.255.224 Tunnel source serial0/0 Tunnel mode gre multipoint
B. Interface fa0/0 Bandwidth 1536 IP address 209.165.200.230 255.255.255.224 Tunnel mode gre multipoint
C. Interface tunnel0 Bandwidth 1536 IP address 209.165.200.231 255.255.255.224 Tunnel source 209.165.201.1 Tunnel-mode dynamic
D. Interface fa0/0 Bandwidth 1536 IP address 209.165.200.231 255.255.255.224 Tunnel source 192.168.161.2 Tunnel destination 209.165.201.1 Tunnel-mode dynamic
Correct Answer:A
A network engineer executes the show crypto ipsec sa command. Which three pieces of information are displayed in the output.
A. Inbound crypto map
B. Remaining key lifetime
C. Path MTU
D. Tagged packets
E. Untagged packets
F. Invalid identity packets
Correct Answer:ABC
Refer to the following output:Router#show ip nhrp detail
10.1.1.2/8 via 10.2.1.2, Tunnel1 created 00:00:12 expire 01:59:47 typE. Dynamic, Flags: authoritative unique nat registered used NBMA address: 10.12.1.2
What does the authoritative flag mean in regards to the NHRP information?
A. It was obtained directly from the next-hop server.
B. Data packets are process switches for this mapping entry.
C. NHRP mapping is for network that are local to this router.
D. The mapping entry was created in response to an NHRP registration request.
E. The NHRP mapping entry cannot be overwritten.
Correct Answer:A
Which common issue causes intermittent DMVPN tunnel flaps?
A. A routing neighbor reachability issue
B. A suboptimal routing table
C. Interface bandwidth congestion
D. That the GRE tunnel to hub router is not encrypted
Correct Answer: A
Which encapsulation supports an interface that is configured for an EVN trunk?
A. 802.1Q
B. ISL
C. PPP
D. Frame Relay
E. MPLSF. HDLC
Correct answer:A
Which three characteristics are shared by subinterfaces and associated EVNs?
A. IP address
B. Routing table
C. Forwarding control lists
E. NetFlow configuration
Correct Answer:ABC
A user is having issues accessing file shares on a network. The network engineer advises the user to open a web browser, input a prescribed IP address, and follow the instructions. After doing this, the user is able to access company shares. Which type of remote access did the engineer enable?
A. EZVPN
B. Ipsec VPN client access
C. VPDN client access
D. SSL VPN client access
Correct Answer:D
Which Cisco IOS VPN technology leverages IPsec, mGRE, dynamic routing protocol, NHRP, and Cisco Express Forwarding?
A. Flex VPN
B. DMVPN
C. GetVPN
D. Cisco Easy VPN
Correct answer:B
Which traffic does the following configuration allow?IPv6 access-list ciscoPermit ipv6 host 2001:DB8:0:4::32 any eq sshLine vty 0 4IPv6 access-class cisco in
A. All traffic to vty 0 4 from source 2001:DB8:0:4:32
B. Only ssh traffic to vty 0 4 from source all
C. Only ssh traffic to vty 0 4 from source 2001:DB:8:0:4::32
D. All traffic to vty 0 4 from source all
Correct Answer:C
For troubleshooting purposes, which method can you use in combination with the “debug ip packet” command to limit the amount of output data?
A. You can disable the IP route cache globally
B. You can use the KRON scheduler.
C. You can use an extended access list.
D. You can use an IOS parser.
E. You can use the RITE traffic exporter.
Correct Answer:C
Refer to the following access list. Access-list 100 permit ip any any logAfter applying the access list on a cisco router, the network engineer notices that the router CPU utilization has risen to 99 percent. What is the reason for this?
A. A packet that matches access-list with the “log” keyword is cisco express Forwarding switched.
B. A packet that matches access-list with the “log” keyword is fast switched.
C. A packet that matches access-list with the “log” keyword is process switched
D. A large amount of IP traffic is being permitted on the router
Correct Answer:C
Which address is used by Unicast Reverse Path Forwarding protocol to validate a packet against the routing table?
A. Source address
B. Destination address
C. Router interface
D. Default gateway
Correct Answer:A
What are three modes of Unicast Reverse Path Forwarding?
A. Strict mode, loose mode, and VRF mode
B. Strict mode, loose mode, and broadcast mode
C. Strict mode, broadcast mode, and VRF mode
D. Broadcast mode, loose mode, and VRF mode
Correct Answer: A
What does the following access list, which is applied on the external interface FastEthernet 1/0 of the perimeter router, accomplish? Router(config)#access-list 101 deny ip 10.0.0.0 255.255.255.255 any logRouter(config)#access-list 101 deny ip 192.168.0.0 0.0.255.255 any logRouter(config)#access-list 101 deny ip 172.16.0.0 0.15.255.255 any logRouter(config)#interface fastEthernet 1/0Router(config-ip)#ip access-group 101 in
A. It prevents incoming traffic from IP address ranges 10.0.0.0-10.0.0.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255 and logs any intrusion attempts
B. It prevents the internal network from being used in spoofed denial of service attacks and logs any exit to the internet.
C. It filters incoming traffic from private addresses in order to prevent spoofing and logs any intrusion attempts.
D. It prevents private internal addresses to be accessed directly from outside.
Correct Answer:C
Refer to the following command:
Router(config)# ip http secure-port 4433
Which statement is true?
A. The router will listen on port 4433 for HTTPS traffic
B. The router will listen on port 4433 for HTTP traffic
C. The router will never accept any HTTP and HTTPS traffic.
D. The router will listen listen to HTTP and HTTP traffic on port 4433
Correct Answer: A
A network engineer is configuring a routed interface to forward broadcasts of UDP 69, 53, and 49 to 172.20.14.225. Which command should be applied to the configuration to allow this?
A. Router(config-if)# ip helper-address 172.20.14.225
B. Router(config-if)# udp helper-address 172.20.14.225
C. Router(config-if)# ip udp helper-address 172.20.14.225
Correct Answer: A
A network engineer is configuring SNMP on the network devices to utilize one-way SNMP notifications. However, the engineer is not concerned with authentication or encryption. Which command satisfies the requirement of this scenario?
A. Router(config)#snmp-server host 172.16.201.28 traps version 2c CiSCORO
B. Router(config)#snmp-server host 172.16.201.28 informs version 2c CISCORO
C. Router(config)# snmp-server host 172.16.201.28 traps version 3 auth CISCORO
Correct Answer: A
When using SNMPv3 with NoauthNopriv, which string is math ed for sithentication?
A. Username
B. Password
C. Community-string
D. Encryption-key
Correct answer:A
After a recent DoS attack on a network, senior management ask you to implement better logging functionality on all IOS-based devices. Which two actions can you take to provide enhanced logging results? Choose two
A. Use the msec option to enable service time stamps
B. Increase the logging history
C. Set the logging severity level to 1
D. Specify a logging rate limitE. Disable event logging on all noncritical items
Correct Answer: A,B
A network engineer finds that a core router has crashed without warning. In this situation, which feature can the engineer use to create a crash collection?
A. Secure copy protocol
B. Core dumps
C. Warm reloads
D. SNMPE. Netflow
Correct Answer: B
A network engineer is trying to implement broadcast-based NTP in a network and executes the ntp broadcast client command. Assuming that an NTP server is already set up, what is the result of the command?
A. It enables receiving NTP broadcast on the interface where the command was executed
B. It enables receiving NTP broadcast on all interfaces globally.
C. It enables a device to be an NTP peer to another device.
D. It enables a devices to receive NTP broadcast and unicast packets
Correct Answer: A
What is a function of NPTv6?
A. It interferes with encryption of the full IP payload
B. It maintains a per-node state
C. It is checksum-neutral
D. It rewrites transport layer headers.
Correct Answer: C
IPv6 has just been deployed to all of the hosts within a network, but not to the servers. Which features allows ipv6 devices to communicate with ipv4 servers?
A. NAT
B. NATng
C. NAT64
D. Dual-stack NAT
E. DNS64
Correct Answer: C
A network engineer initiates the ip sla responder tcp-connect command in order to gather statistics for performance gauging. Which type of statistics does the engineer see?
A. Connectionless-oriented
B. Service-oriented
C. Connection-oriented
D. Application-oriented
Correct Answer:C
A network engineer executes the “ipv6 flowset” command. What is the result?
A. Flow-label marking in 1280-byte or larger packets is enabled.
B. Flow-set marking in 1280-byte or larger packets is enabled.
C. Ipv6 PMTU is enabled on the router
D. IPv6 flow control is enabled on the router.
Correct Answer: A
A network engineer executes the show ip flow export command. Which line in the output indicates that the send queue is full and report packets are not being sent?
A. Output drops
B. Enqueuing for the RP
C. Fragmentation failures
D. Adjacency issues
Correct Answer:A
A network engineer is asked to configure a site-to-site IPsec VPN tunnel. One of the last things that the engineer does is to configure an access list (access-list 1 permit any) along with the command
ip nat inside source lost 1 int s0/0 overload.
Which functions do the two commands serve in this scenario?
A. The command access-list 1 defines interesting traffic that is allowed through the tunnel.
B. The command ip nat inside source list 1 int s0/0 overload disables “many-to-one” access for all devices on a defined segment to share a single IP address upon existing the external interface.
C. The command access-list 1 permit any defines only one machine that is allowed through the tunnel.
D. The command ip nat inside source list 1 int s0/0 overload provides “many-to-one” access for all devices on a defined segment to share a single IP address upon existing the external interface.
Correct Answer: D
A network engineer is configuring a solution to allow failover of HSRP nodes during maintenance windows, as an alternative to powering down the active router and letting the network respond accordingly. Which action will allow for manual switching of HSRP nodes?
A. Track the up/down state of a loopback interface and shutdown this interface during maintenance.
B. Adjust the HSRP priority without the use of preemption
C. Disable and unable all active interface on the active HSRP node.
D. Enable HSRPv2 under global configuration, which allows for maintenance mode.
Correct Answer:A
What is the effect of the distribute-list command in the R1 configuration?
A. R1 will permit only the 10.0.0.0/24 route in the R2 RIP updates
B. R1 will not filter any routes because there is no exact prefix match
C. R1 will filter the 10.1.0.0/24 and the 172.24.1.0/24 routes from the R2 RIP updates
D. R1 will filter only the 172.24.1.0/24 route from the R2 RIP updates
Answer: C
Explanation:
The command “distribute-list 10 in Serial0 will create an incoming distribute list for interface serial 0 and refers to access list 10.
So it will permit routing updates from 10.0.x.x network while other entries (in this case the 10.1.0.0/24 and 172.24.1.0/24 networks) will be filtered out from the routing update received on interface S0.
R3#show run | include defaultip
default-network 140.140.0.0
ip default-network 130.130.0.0
R3#show ip route | begin Gateway
Gateway of last resort is 0.0.0.0 to network 130.130.0.0
116.0.0.0/8 is variably subnetted, 5 subnets, 3 masks
C 116.16.37.0/30 is directly connected, Serial1/0.2
C 116.16.32.0/30 is directly connected, Serial2/0.2
C 116.16.34.0/28 is directly connected, Serial1/0.1
C 116.16.35.0/28 is directly connected, Serial2/0.1
S 116.0.0.0/8 [1/0] via 116.16.34.0
* 140.140.0.0/32 is subnetted, 3 subnets
O 140.140.1.1 [110/65] via 116.16.34.4, 00:14:54, Serial1/0.1
O 140.140.3.1 [110/65] via 116.16.34.4, 00:14:54, Serial1/0.1
O 140.140.2.1 [110/65] via 116.16.34.4, 00:14:54, Serial1/0.1
* 130.130.0.0/16 is variably subnetted, 4 subnets, 2 masks
D* 130.130.0.0/16 is a summary, 00:30:04, Null0
C 130.130.1.0/24 is directly connected, Ethernet0/0
C 130.130.2.0/24 is directly connected, Ethernet0/1
C 130.130.3.0/24 is directly connected, Ethernet1/0
D 150.150.0.0/16 [90/679936] via 116.16.35.5, 00:02:58, Serial2/0.1
Refer to the exhibit.
Why is the 140.140.0.0 network not used as the gateway of last resort
even though it is configured first?
A. The last default-network statement will always be preferred.
B. A route to the 140.140.0.0 network does not exist in the routing table.
C. Default-network selection will always prefer the statement with the lowest IP address.
D. A router will load balance across multiple default-networks; repeatedly issuing the show ip route command would show the gateway of last resort changing between the two networks.
Answer: B
Explanation:
As you can see in the exhibit, 140.140.0.0 doesn’t appear in the routing table.
What two situations could require the use of multiple routing protocols? (Choose two)
A. when using UNIX host-based routers
B. when smaller broadcast domains are desired
C. because having multiple routing protocols confuses hackers
D. when migrating from an older Interior Gateway Protocol (IGP) to a new IGP
E. when all equipment is manufactured by Cisco
F. when there are multiple paths to destination networks
Answer: A,D
Explanation:
Simple routing protocols work well for simple networks, but networks grow and become more complex.
While running a single routing protocol throughout your entire IP internetwork is desirable, multiprotocol routing is common for a number of reasons, including company mergers, multiple departments managed by multiple network administrators, multivendor environments, or simply because the original routing protocol is no longer the best choice.
Often, the multiple protocols are redistributed into each other during a migration period from one protocol to the other.
Which three statements are true when configuring redistribution for OSPF? (Choose three)
A. The default metric is 10.
B. The default metric is 20.
C. The default metric type is 2.
D. The default metric type is 1.
E. Subnets do not redistribute by default.
F. Subnets redistribute by default.
Answer: B,C,E
If the command variance 3 were added to RTE, which path or paths would be chosen to route traffic to network X?
A. E-B-A
B. E-B-A and E-C-A
C. E-C-A and E-D-A
D. E-B-A, E-C-A and E-D-A
Answer: B
Explanation:
Advertised distance of RTD is greater than FD of RTE-RTC-RTA, so the route through D will not be used.
Which two statements about EVNs are true? (Choose two)
A. VRF using MPLS require a trunk interface that use EVN
B. VRF-Lite requires a trunk interface that uses EVN
C. All EVNs within a trunk interface can share the same IP infrastructure
D. Each EVN within a trunk interface must be configured separately
E. Commands that are specified once under a trunk interface can be inherited by all ENVs
Answer: C,E
An EUI-64 bit address is formed by adding a reserved 16-bit value in which position of the Mac address?
A. between the vendor OID and the NIC-specific part of the MAC address.
B. after the NIC-specific part of the MAC address.
C. before the vendor OID part of the MAC address.
D. anywhere in the Mac address, because the value that is added is reserved.
Answer: A
Which OSPF area prevent LSA type 4, LSA type 5? (Choose two)
A. Stub Area
B. Totally Stubby Area
C. Not-So-Stubby Area
D. Totally Not-So-Stubby Area
Answer: B,D
Explanation: Source :
https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-pathfirst-
ospf/13703-8.html#anc2
What is the purpose of configuring the router as a PPPoE client?
A. to provide VPN access over L2TP
B. to enable PPP session from the router to the termination device at the headend for metroEthernet connectivity
C. for DSL connectivity and removing the need for the end-user PC to run the PPPoE client software
D. for connecting the router to a cable modem, which bridges the Ethernet frames from the router to the cable modem termination system
Answer: C
Explanation:
DSL Technology used PPPoE protocol (service provide end) and user end required to be used same Protcol running as client to communicate with it
The Cisco SA 500 Series Security Appliances are built specifically for businesses with less than 100 employees. What are three important benefits of this device? (Choose three)
A. business-grade firewall
B. premium support via SMART net
C. site-to-site VPN for remote offices
D. Cisco IOS software-based
E. email security
F. XML support
Answer: A,C,E
What is a function of NPTv6?
A. It interferes with encryption of the full IP payload.
B. It maintains a per-node state.
C. It is checksum-neutral.
D. It rewrites transport layer headers.
Answer: C
Which two protocols are required for DMVPN? (Choose two)
A. IPsec
B. PPTP
C. mGRE
D. NHRP
E. Open VPN
Answer: A,D
Explanation: The DMVPN feature allows users to better scale large and small IP Security (IPsec) Virtual Private Networks (VPNs) by combining generic routing encapsulation (GRE)
tunnels, IPsec encryption, and Next Hop Resolution Protocol (NHRP).
http://www.cisco.com/c/en/us/td/docs/ios/12_4/ip_addr/configuration/guide/hadnhrp.html
Which type of access list allows granular session filtering for upper-level protocols?
A. content-based access lists
B. context-based access-lists
C. reflexive access-lists
D. extended access lists
Answer: D
Which two statements about NetFlow templates are true? (Choose two)
A. Only NetFlow version 9 is template based.
B. NetFlow Version 5 and version 9 are template based.
C. Only NetFlow version 5 is template based.
D. Template can increased bandwidth usage
E. They can increase overall performance.
F. They can reduce bandwidth usage.
Router R1, a branch router, connects to the Internet using DSL. Some traffic flows through a GRE and IPsec tunnel, over the DSL connection, and into the core of an Enterprise network.
The branch also allows local hosts to communicate directly with public sites in the Internet over this same DSL connection.
Which of the following answers defines how the branch NAT config avoids performing NAT for the Enterprise directed traffic but does perform NAT for the Internet-directed traffic?
A. By not enabling NAT on the IPsec tunnel interface
B. By not enabling NAT on the GRE tunnel interface
C. By configuring the NAT-referenced ACL to not permit the Enterprise traffic
D. By asking the ISP to perform NAT in the cloud
Answer: C
Explanation:
The NAT configuration acts only on packets permitted by a referenced ACL. As a result, the ACL can permit packets destined for the Internet, performing NAT on those packets. The ACL also denies packets going to the Enterprise, meaning that the router does not apply NAT to those packets.
Which IPV6 address type does RIPng use for next-hop addresses?
A. anycast
B. global
C. multicast
D. site-local
E. link-local
Answer: E
An EUI-64 bit address is formed by inserting which 16-bit value into the MAC address of adevice?
A. 3FFE
B. FFFE
C. FF02
D. 2001
Answer: B
Drag and drop the steps in the NAT process for IPv4-initiated packers from the left into the correct sequence on the right.
Sampler: mysampler, id: 1,packets matched: 10,mode: random sampling mode
Which statement about the output of the show flow-sampler command is true?
A. The sampler matched 10 packets, each packet randomly chosen from every group of 100 packets.
B. The sampler matched 10 packets, one packet every 100 packets.
C. The sampler matched 10 packets, each one randomly chosen from every 100-second interval.
D. The sampler matched 10 packets, one packet every 100 seconds.
Answer: A
Which statement is correct regarding the operation of NAT-PT between the IPv4 and IPv6 networks shown?
A. The router will determine the IPv4 destination address.
B. The source IPv6 host can use DNS to determine the IPv6-to-IPv4 address mapping.
C. The host is statically configured with the IPv6-to-IPv4 address mapping.
D. ICMP can be used to determine the IPv6-to-IPv4 address mapping.
Answer: B
When policy-based routing (PBR) is being configured,
Which three criteria can the set command specify? (Choose three.)
A. all interfaces through which the packets can be routed
B. all interfaces in the path toward the destination
C. adjacent next hop router in the path toward the destination
D. all routers in the path toward the destination
E. all networks in the path toward the destination
F. type of service and precedence in the IP packets
Answer: A,C,F
Explanation:
Configuring Policy-Based Routing (PBR):
You can configure PBR by following these steps. Some of the steps may be omitted depending on your application for PBR. For this example, note the set condition options listed is step 3 (answers are bolded).
Step1
Define and configure the route map needed for the policy. This is accomplished with the route-map command, as discussed previously.
Step2
Define and configure the match statements the route map will use. The most common match statements used are the following:
- match ip address [access-list number]
The match ip address is used to call a standard, extended, or expanded-range ACL.
match length [min_packet_length_0-2147483647] [max_packet_length_0-2147483647]
The match length is used to match the Layer 3 packet length, in bytes, with all associated headers and trailers included. You must enter the minimum and maximum packet length. Use the match length command to policy route traffic based on packet size. You can deploy this to route traffic with large or small packet sizes to specific areas of the network.
Step3
Configure and define the new routing policy with set commands. Multiple set commands may be used; if multiple commands are used, they are executed in the following order:
- set ip {precedence [value_0-7 | name] | tos [value_0-8 | name]}
- set ip next-hop ip_address
- set interface interface_name
- set ip default next-hop ip_address
- set default interface interface_name
- set ip precedence {[1-7]|[routine|critical|flash|flashoverride|
- immediate|internet|network|priority]}
A new TAC engineer came to you for advice. A GRE over IPsec tunnel was configured, but the tunnel is not coming up. What did the TAC engineer configure incorrectly?
A. The crypto isakmp configuration is not correct.
B. The crypto map configuration is not correct.
C. The network 172.16.1.0 is not included in the OSPF process.
D. The interface tunnel configuration is not correct.
Answer: D
Drag and drop steps in the TACACS+ authentication process from the left onto the actors that perform on the right.
A new TAC engineer came to you for advice. A GRE over IPsec tunnel was configured, but the tunnel is not coming up. What did the TAC engineer configure incorrectly?
A. The crypto isakmp configuration is not correct.
B. The crypto map configuration is not correct.
C. The interface tunnel configuration is not correct.
D. The network configuration is not correct; network 172.16.1.0 is missing.
Answer: A
Drag and drop the adverse network conditions from the left onto the correct descriptions on the right.
A user calls from another branch office with a request to establish a simple VPN tunel to test a new router’s tunneling capability Based on the configuration in the exhibit, which type of tunnel was configured?
A. PPTP
B. IPsec site-to-site
C. 6to4
D. EZVPN
Answer: C
Drag and drop the statements from the left onto the correct IPv6 router security features on the right.
A new TAC engineer came to you for advice. A GRE over IPsec tunnel was configured, but the tunnel is not coming up.
What did the TAC engineer configure incorrectly?
A. The crypto map is not configured correctly.
B. The crypto ACL is not configured correctly.
C. The crypto map is not applied to the correct interface.
D. The OSPF network is not configured correctly.
Answer: B
Given the partial configuration in the exhibit, which IPv6 statement is true?
A. The configuration is an example of an encrypted IPv6 VPN tunnel.
B. The configuration is an example of a one to one IPv6 tunnel.
C. The configuration is an example of a 6to4 tunnel.
D. The configuration is an example of a 4to6 tunnel.
Answer: C
In the network diagram, Area 1 is defined as a stub area. Because redistribution is not allowed in the stub area, EIGRP routes cannot be propagated into the OSPF domain. How does defining area 1 as a not-so-stubby area (NSSA) make it possible to inject EIGRP routes into the OSPF NSSA domain?
A. by creating type 5 LSAs
B. by creating type 7 LSAs
C. by creating a link between the EIGRP domain and the RIP domain, and redistributing EIGRP into RIP
D. by manually changing the routing metric of EIGRP so that it matches the routing metric of OSPF
Answer: B
Which statement is true?
A. RTA will redistribute the RIP routers into the NSSA as type 7 LSAs. RTB will translate the type 7 LSAs into type LSAs and flood them throughout the OSPF backbone.
B. RTA will redistribute the RIP routers into the NSSA as type 7 LSAs. RTB will flood the type 7 LSAs throughout the backbone.
C. RTA will redistribute the RIP routers into the NSSA as type 5 LSAs. RTB will flood the type 5 LSAs throughout the backbone.
D. RTA will redistribute the RIP routers into the NSSA as type 5 LSAs. RTB will translate the type of 5 LSAs unto type 7 LSAs and flood them throughout the OSPF backbone.
E. RTA will not redistribute the RIP routers into the NSSA.
Answer: A
Which configuration can you apply to a device so that it always blocks outbound web traffic on Saturdays and Sundays between the hours of 1:00 AM and 11:59 PM?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
A network engineer is troubleshooting a DMVPN setup between the hub and the spoke. The engineer executes the command show crypto isakmp sa and observes the output that is displayed. What is the problem?
A. That ISAKMP is not enabled
B. That ISAKMP is using default settings
C. An incompatible IP sec transform set
D. An incompatible ISAKMP policy
Answer: B
Which option prevents routing updates from being sent to the access layer switches?
A. DWS1(config-router)# passive-interface default DWS2(config-router)# passive-interface default
B. ALS1(config-router)# passive-interface default ALS2(config-router)# passive-interface default
C. DWS1(config-router)# passive-interface gi1/1 DWS1(config-router)# passive-interface gi1/2 DWS2(config-router)# passive-interface gi1/1 DWS2(config-router)# passive-interface gi1/2
D. ALS1(config-router)# passive-interface gi0/1 ALS1(config-router)# passive-interface gi0/2 ALS2(config-router)# passive-interface gi0/1 ALS2(config-router)# passive-interface gi0/2
Answer: C
Which technology can be employed to automatically detect a WAN primary link failure and failover to the secondary link?
A. HSRP
B. VRRP
C. IP SLA
D. multicast
Answer: C
In a comparison of an IPv4 header with an IPv6 header, which three statements are true? (Choose three.)
A. An IPv4 header includes a checksum. However, an IPv6 header does not include one.
B. A router has to recompute the checksum of an IPv6 packet when decrementing the TTL.
C. An IPv6 header is half the size of an IPv4 header.
D. An IPv6 header has twice as many octets as an IPv4 header.
E. An IPv6 header is simpler and more efficient than an IPv4 header.
F. The 128-bit IPv6 address makes the IPv6 header more complicated than an IPv4 header.
Answer: A,D,E
Explanation:
The image below shows the differences between an IPv4 header and an IPv6 header:
Refer to the exhibit. What two statements are true? (Choose two.)
A. Interface FastEthernet 0/0 was configured with the ipv6 ospf 1 area 1 command.
B. OSPF version 2 has been enabled to support IPv6.
C. The IP address of the backup designated router (BDR) is FE80::205:5FFF:FED3:5808.
D. The output was generated by the show ip interface command.
E. The router was configured with the commands: router ospf 1 network 172.16.6.0 0.0.0.255 area 1
F. This is the designated router (DR) on the FastEthernet 0/0 link.
Answer: A,C
Explanation:
OSPFv3 supports IPv6. The configuration of OSPFv3 is not a subcommand mode of the
router ospf command as it is in OSPFv2 configuration.
For example, instead of using the network area command to identify networks that are part of the OSPFv3 network, the interfaces are directly configured to specify that IPv6 networks are part of the OSPFv3 network.
The following describes the steps to configure OSPF for IPv6:
There are several commonly used OSPFv3 show commands, including the show ipv6 ospf
[process-id] [area-id] interfacee [interface] command
Which two different configuration can you apply to a device to block incoming SSH access?
A. Option A
B. Option B
C. Option C
D. Option D
E. Option E
(Choose two)
Answer: B,C
Which statement about the configuration is true?
A. This configuration is incorrect because the MTU must match the ppp-max-payload that is defined.
B. This configuration is incorrect because the dialer interface number must be the same as the dialer pool number.
C. This configuration is missing an IP address on the dialer interface.
D. This configuration represents a complete PPPoE client configuration on an Ethernet connection.
Answer: D
