Test 1 Flashcards
What are structured data forms that are possible for use with RESTCONF as defined by YANG?
XML
JSON
Explanation
RESTCONF uses structured data (XML or JSON) and YANG to provide a REST-like APIs, enabling you to programmatically access different network devices. RESTCONF APIs use HTTPs methods.
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/169/b_169_programmability_cg/restconf_programmable_interface.html
Your enterprise has invested in six Firepower NGFWs to help protect the network and end systems. What is the most powerful method of managing these systems?
FMC
The Firepower Management Center (FMC) is the recommended tool, especially when multiple devices are to be managed. Local management of a single system is possible using the FDM, if desired.
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp1010/firepower-1010-gsg/ftd-fmc.html
What decimal value is used for EF traffic marking in DSCP?
46
Explanation
101 110 are the markings for DSCP for EF traffic. This has a value of 46.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/4_0/qos/configuration/guide/nexus1000v_qos/qos_6dscp_val.pdf
statements regarding Access Control Lists in Cisco networking
Explanation
There are two incorrect statements here that you should not have chosen. The entry at the “end” of an ACL is an implicit DENY ALL, not a PERMIT ALL. You do not typically place a standard ACL close to the source of traffic as your only criteria is source address. You are most likely going to prevent the node from communicating with a wide variety of services. Extended ACLs can go close to the source of traffic more easily as they can be very precise in what they are filtering.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/sec-data-acl-xe-3s-book/sec-create-ip-apply.html
What is is a core post-infection detection technology of Cisco AMP?
Explanation
There are four post-infection technologies - Cognitive Threat Analytics, Device Flow Correlation, Cloud Indication of Compromise, and Endpoint IOC.
Reference: https://www.cisco.com/c/dam/en/us/products/collateral/security/amp-for-endpoints/white-paper-c11-740980.pdf
Cisco’s approach to location services in wireless LANs is to call upon a mapping of different areas that includes information on signal attenuation in the actual areas of the enterprise. What is this approach called?
Cisco RF Fingerprinting refers to a new and innovative approach that significantly improves the accuracy and precision available with traditional signal strength lateration techniques. Cisco RF Fingerprinting offers the simplicity of an RSSI-based lateration approach with customized calibration capabilities and improved indoor performance.”
Reference: https://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob30dg/Locatn.html
If you want to incorporate the status of an interface in HSRP, what keyword is critical?
track
You can use object tracking to incorporate the status of an interface in the HSRP calculations. For example: standby 10 track 1 decrement 20 In this configuration, there could be an object tracker (ID 1) that is tracking the interface status. Downing of the interface decrements priority by 20.
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/15-mt/iap-15-mt-book/iap-eot.pdf
What does NETCONF use for the transport stack?
SSH/TCP
NETCONF uses SSH/TCP as the transport stack. SNMP uses UDP as transport.
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/cns/configuration/15-mt/cns-15-mt-book/netconf-sshv2.html
In Layer 3 roaming, what markings are used in order to facilitate successful communications following the wireless client roam?
ANCHOR
FOREIGN
In layer 3 roaming, the original controller marks the client with an “Anchor” entry in its own client database. The database entry is copied to the new controller client database and marked with a “Foreign” entry in the new controller.
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/overview.html
Which of the following FHRPs offers the lowest administrative overhead in a configuration that supports both HA and high performance?
GLBP
The Gateway Load Balancing Protocol features a simple configuration that can take advantage of load balancing using a variety of approaches and optimizations.
REFERENCE: https://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html
You are having issues with the BGP routing in your Enterprise. What is the second component of the BGP Best Path Selection Algorithm?
Highest Local_pref
The first attribute analyzed is WEIGHT. Larger is better. The second step is the largest LOCAL_PREF.
REFERENCE: https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13753-25.html
What component of the SD-WAN solution from Cisco Systems distributes routes and policy information via OMP?
vSmart - “This software-based component is responsible for the centralized control plane of the SD-WAN network. It maintains a secure connection to each WAN Edge router and distributes routes and policy information via the Overlay Management Protocol (OMP), acting as a route reflector. It also orchestrates the secure data plane connectivity between the WAN Edge routers by reflecting crypto key information originating from WAN Edge routers, allowing for a very scalable, IKE-less architecture.”
Reference: https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-design-guide.html
What component of the SD-WAN solution from Cisco Systems distributes routes and policy information via OMP?
You have a Cisco AP set to bridge mode. You have just performed a factory reset of the device. What mode is the AP in after the reset?
Bridge
“If the AP is in Bridge mode, then the same Bridge mode is retained after the factory reset of the AP; if the AP is in FlexConnect, Local, Sniffer, or any other mode, then the AP mode is set to Local mode after the factory reset of the AP. If you press the Reset button on the AP and perform a true factory reset, then the AP moves to a cookie configured mode.”
Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-10/config-guide/b_cg810/managing_aps.html
You are examining the configuration of a AAA method list on your Cisco router. You notice that the method list ends with the keyword none. What does this indicate?
When configuring a route map that modifies the MED value of a BGP prefix, what keyword is used for MED in the set statement?
You have configured a stub area in your OSPF network. What OSPF LSAs are dynamically filtered from appearing in the stub area? (Choose 2)
The stub area filters Type 4 and Type 5 LSAs. Remember, the Type 4 LSA defines the ASBR in the network, and the Type 5 LSAs are for the external prefixes.
REFERENCE: https://www.ajsnetworking.com/ospf-lsa-types/
You have client systems in the 10.10.10.0/24 subnet that need to be permitted access to an internal webserver at 10.20.20.100. Which permit entry for an ACL correctly defines this?
Permit tcp 10.10.10.0. 0.0.0.0.255 host 10.20.100 eq443
Here the traffic to filter is TCP. The source of the traffic is the subnet 10.10.10.0/24. Note the use of the host keyword to simplify the destination definition. Here we specify the 443 (HTTPS) port on the webserver to be granular with the permissions.
REFERENCE: https://www.cisco.com/c/en/us/support/docs/ip/access-lists/26448-ACLsamples.html
In order to virtualize a workload recently, you had to install software on your Mac OS, and then install the virtual machine. What type of hypervisor is in use here?
Type 2
Type 1 hypervisors do not need to be installed within an OS. They can install on top of the “bare metal”. Type 2 hypervisors must be installed in an OS.
REFERENCE: https://searchservervirtualization.techtarget.com/definition/hosted-hypervisor-Type-2-hypervisor#:~:text=A%20Type%202%20hypervisor%2C%20also,Type%201%20and%20Type%202.
Several tests in the IP SLA feature require specialized software on the IP target system. What is this software called?
IP SLA responder
Some tests require the target to feature the IP SLA Responder feature. Note that many tests do not require this and the target can be any IP host on the network.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipsla/configuration/15-mt/sla-15-mt-book/sla_overview-0.html
Which are valid reasons your OSPF speakers are stuck in the Exstart/Exchange state? (Choose 3)
Access list blocking the unicast packet
Both routers have the same RID
Mismatched MTU settings
A stub flag mismatch or an authentication failure would not result in a stuck state. REFERENCE: https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13684-12.html#neighbors
You are curious about how Ansible is able to access and configure a remote node. What protocol is used for this?
SSH
Ansible is agentless. It does not need to install special software on the managed node. SSH is required to access and configure the remote device. REFERENCE: https://docs.ansible.com/ansible/latest/user_guide/connection_details.html
Which of the following syslog severity levels are considered more severe than WARNINGS? (Choose 2)
Errors
Warnings
Debugging are level 7 and are considered the least severe. Emergencies are level 0 and are the most severe.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/routers/access/wireless/software/guide/SysMsgLogging.html
When you are engaging in traffic engineering in BGP, you use the following regular expression syntax in your route map:
^65000$
What does this match?
Prefixes that have originated in the AS 65000
This regular expression matches those AS paths that begin (far right) with AS 65000. This position in the AS path indicates the prefix originated from that AS.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt-book/irg-external-sp.html#GUID-BDECC44A-630D-4E5B-9FEC-7FC4ACE6130F
What technology permits the Cisco ISE to share key information (such as TrustSec data) with other Cisco and non-Cisco devices in your Enterprise solutions?
PxGrid
“A Cisco ISE node with pxGrid persona shares the context-sensitive information from Cisco ISE session directory with other network systems such as ISE ecosystem partner systems and Cisco platforms. The pxGrid framework can also be used to exchange policy and configuration data between nodes like sharing tags and policy objects. TrustSec information like tag definition, value, and description can be passed from Cisco ISE to other Cisco management platforms such as Cisco DNA Center and Cisco Stealthwatch.”
Reference: https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html
valid considering fabric-mode access points in the SD-Access solution
They must connect directly to the fabic edge node or the extended node switch
The AP is in Local mode
These APs will still use CAPWAP tunnels to the WLC. They will be in local mode. They will directly connect to the fabric edge node. These APs can still honor the access and QoS policies like normal.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html
Python commands are often used in exception handling
Except
Try
The try and except commands are used together in a clause in order to help with exception handling. The commands work as follows: if no exception occurs, the except clause is skipped and execution of the try statement is finished.
REFERENCE: https://docs.python.org/3/tutorial/errors.html
You are interested in providing your WLC address to your Lightweight Access Point using DHCP. What option is used for this?
Option 43 in DHCP can carry the WLC IP address for the lightweight APs to call upon.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/wireless/access_point/1000/installation/guide/1000hig4/1000h_f.pdf
commands would be the most useful for monitoring CoPP
Show Policy-map control-plane
Remember, like policing under DiffServ, you use a class-map, policy-map, and service-policy approach to the configuration. Here, we use the show policy-map control-plane command to review the CoPP configuration.
Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-0SY/configuration/guide/15_0_sy_swcg/control_plane_policing_copp.pdf
Examine the configuration shown:
switch(config)# ntp access-group peer accesslist1
What keyword can you use in this command in order for the local device to receive time requests and NTP control queries from the servers specified in the access list but not to synchronize itself to the specified servers?
Serve
The serve keyword enables the device to receive time requests and NTP control queries from the servers specified in the access list but not to synchronize itself to the specified servers.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/system_management/configuration/guide/sm_nx_os_cg/sm_3ntp.html#93976
In which OSPF router state does the DBD packet play a key role?
Exchange
In the exchange state, OSPF routers exchange database descriptor (DBD) packets. The contents of the DBD received are compared to the information contained in the routers link-state database to check if new or more current link-state information is available with the neighbor.
REFERENCE: https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13685-13.html
What keyword indicates PAT is in use with a NAT configuration on a Cisco router?
Overload
The overload keyword is an easy indicator for the presence of PAT in the NAT configuration. For example:
ip nat inside source list 1 interface gi0/0 overload
Reference: https://www.cisco.com/c/en/us/support/docs/long-reach-ethernet-lre-digital-subscriber-line-xdsl/asymmetric-digital-subscriber-line-adsl/12905-827spat.html
What REST API response code would you expect to see if there was a problem with authorization during the REST API usage?
401
Remember, the 200 codes are for various successes. The 400 codes involve client issues, while the 500 codes involve server-side issues. Here, the most likely code would be 401 - UNAUTHORIZED.
REFERENCE: https://restfulapi.net/http-status-codes/
three statements about FlexConnect are true
It is used with wireless and branch offices
This was formerly called H-REAP
The AP can operate with a controller or without a controller (if necessary)
This tech was called H-REAP before. It is used with poor links to branch offices. It permits the WLC to not be available and have the APs still be able to accommodate clients.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-2/configuration/guide/cg/cg_flexconnect.html
two of the following statements about wireless SSIDs
The SSID is typically broadcast throughout the Enterprise by default
The SSID must be manually configured if not broadcated
Most devices will default to a broadcast of the SSID for all clients to see.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-7/config-guide/b_cg87/wlans.html#ID72
Which type of WiFi antenna is not directional?
Dipole
The Yagi, Dish, and Patch antenna types are all considered directional. REFERENCE: https://www.cisco.com/c/en/us/products/collateral/wireless/aironet-antennas-accessories/prod_white_paper0900aecd806a1a3e.html
What defines the data structures used by NETCONF and RESTCONF?
YANG
YANG is a standards based data modeling language used to create device configuration requests or the requests for operational (show command) data. It has a structured format similar to a computer program that is human readable. Several applications are available that can be run on a centralized management platform (for example a laptop) to create these configuration and operational data requests.
REFERENCE: https://www.cisco.com/c/en/us/support/docs/storage-networking/management/200933-YANG-NETCONF-Configuration-Validation.html
You want to use an interface on the Firepower NGFW for the exclusive use of syslog monitoring. You want to ensure this interface cannot be used for data traffic and does not support SSH connections. What interface should you use?
The diagnostic interface is used for this purpose.
REFERENCE: https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/interface_overview_for_firepower_threat_defense.html#concept_9C4E970171294952B654154256F1A676
What STP tuning mechanism allows you to control the alternate port selection and is configured upstream of where you want to make the change?
You can use the STP port priority value to influence the alternate port selection. With this command, a lower value is a preferred. The default value is 128.
REFERENCE: https://www.ciscopress.com/articles/article.asp?p=2995351&seqNum=2
