Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 5)
How is an EUI-64 format interface ID created from a 48-bit MAC address?
A. by appending 0xFF to the MAC address
B. by prefixing the MAC address with 0xFFEE
C. by prefixing the MAC address with 0xFF and appending 0xFF to it
D. by inserting 0xFFFE between the upper three bytes and the lower three bytes of the MAC address
E. by prefixing the MAC address with 0xF and inserting 0xF after each of its first three bytes
Answer: D
Explanation:
The modified EUI-64 format interface identifier is derived from the 48-bit link-layer (MAC) address by inserting the hexadecimal number FFFE between the upper three bytes (OUI field) and the lower three bytes (serial number) of the link layer address.
Q2. - (Topic 4)
Which two options are valid WAN connectivity methods? (Choose two.)
A. PPP
B. WAP
C. DSL
D. L2TPv3
E. Ethernet
Answer: A,C
Explanation:
The Point-to-Point Protocol (PPP) provides a standard method for transporting multi- protocol datagrams over point-to-point links. PPP was originally emerged as an encapsulation protocol for transporting IP traffic between two peers. It is a data link layer protocol used for WAN connections.
DSL is also considered a WAN connection, as it can be used to connect networks, typically when used with VPN technology.
Q3. - (Topic 4)
Refer to the exhibit.
What is the meaning of the term dynamic as displayed in the output of the show frame- relay map command shown?
A. The Serial0/0 interface is passing traffic.
B. The DLCI 100 was dynamically allocated by the router.
C. The Serial0/0 interface acquired the IP address of 172.16.3.1 from a DHCP server.
D. The DLCI 100 will be dynamically changed as required to adapt to changes in the Frame Relay cloud.
E. The mapping between DLCI 100 and the end station IP address 172.16.3.1 was learned through Inverse ARP.
Answer: E
Explanation:
Inverse Address Resolution Protocol (Inverse ARP) was developed to provide a mechanism for dynamic DLCI to Layer 3 address maps. Inverse ARP works much the same way Address Resolution Protocol (ARP) works on a LAN. However, with ARP, the device knows the Layer 3 IP address and needs to know the remote data link MAC address. With Inverse ARP, the router knows the Layer 2 address which is the DLCI, but needs to know the remote Layer 3 IP address.
When using dynamic address mapping, Inverse ARP requests a next-hop protocol address for each active PVC. Once the requesting router receives an Inverse ARP response, it updates its DLCI-to-Layer 3 address mapping table. Dynamic address mapping is enabled by default for all protocols enabled on a physical interface. If the Frame Relay environment supports LMI autosensing and Inverse ARP, dynamic address mapping takes place automatically. Therefore, no static address mapping is required.
Q4. - (Topic 5)
Refer to the exhibit.
All of the routers in the network are configured with the ip subnet-zero command. Which network addresses should be used for Link A and Network A? (Choose two.)
A. Network A - 172.16.3.48/26
B. Network A - 172.16.3.128/25
C. Network A - 172.16.3.192/26
D. Link A - 172.16.3.0/30
E. Link A - 172.16.3.40/30
F. Link A - 172.16.3.112/30
Answer: B,D
Explanation:
Only a /30 is needed for the point to point link and sine the use of the ip subnet-zero was used, 172.16.3.0/30 is valid. Also, a /25 is required for 120 hosts and again 172.16.3.128/25 is the best, valid option.
Q5. CORRECT TEXT - (Topic 8)
Which protocol authenticates connected devices before allowing them to access the LAN?
A. 802.1d
B. 802.11
C. 802.1w
D. 802.1x
Answer: D
Explanation:
802.1X authentication involves three parties: a supplicant, an authenticator, and an authentication server. The supplicant is a client device (such as a laptop) that wishes to attach to the LAN/WLAN. The term 'supplicant' is also used interchangeably to refer to the software running on the client that provides credentials to the authenticator. The
authenticator is a network device, such as an Ethernet switch or wireless access point; and the authentication server is typically a host running software supporting the RADIUS and EAP protocols.
The authenticator acts like a security guard to a protected network. The supplicant (i.e., client device) is not allowed access through the authenticator to the protected side of the network until the supplicant’s identity has been validated and authorized. An analogy to this is providing a valid visa at the airport's arrival immigration before being allowed to enter the country. With 802.1X port-based authentication, the supplicant provides credentials, such as user name/password or digital certificate, to the authenticator, and the authenticator forwards the credentials to the authentication server for verification. If the authentication server determines the credentials are valid, the supplicant (client device) is allowed to access resources located on the protected side of the network.
Q6. - (Topic 5)
Which three statements about Syslog utilization are true? (Choose three.)
A. Utilizing Syslog improves network performance.
B. The Syslog server automatically notifies the network administrator of network problems.
C. A Syslog server provides the storage space necessary to store log files without using router disk space.
D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.
E. Enabling Syslog on a router automatically enables NTP for accurate time stamping.
F. A Syslog server helps in aggregation of logs and alerts.
Answer: C,D,F
Explanation:
The Syslog sender sends a small (less than 1KB) text message to the Syslog receiver. The Syslog receiver is commonly called "syslogd," "Syslog daemon," or "Syslog server." Syslog messages can be sent via UDP (port 514) and/or TCP (typically, port 5000). While there are some exceptions, such as SSL wrappers, this data is typically sent in clear text over the network. A Syslog server provides the storage space necessary to store log files without using router disk space.
In general, there are significantly more Syslog messages available within IOS as compared to SNMP Trap messages. For example, a Cisco Catalyst 6500 switch running Cisco IOS Software Release 12.2(18)SXF contains about 90 SNMP trap notification messages, but has more than 6000 Syslog event messages.
System logging is a method of collecting messages from devices to a server running a syslog daemon. Logging to a central syslog server helps in aggregation of logs and alerts. Cisco devices can send their log messages to a UNIX-style syslog service. A syslog service accepts messages and stores them in files, or prints them according to a simple configuration file.
Reference: http://www.cisco.com/c/en/us/products/collateral/services/high-availability/white_paper_c11-557812.html
Q7. - (Topic 8)
What is the danger of the permit any entry in a NAT access list?
A. It can lead to overloaded resources on the router.
B. It can cause too many addresses to be assigned to the same interface.
C. It can disable the overload command.
D. It prevents the correct translation of IP addresses on the inside network.
Answer: A
Q8. - (Topic 8)
Which statement about named ACLs is true?
A. They support standard and extended ACLs.
B. They are used to filter usernames and passwords for Telnet and SSH.
C. They are used to filter Layer 7 traffic.
D. They support standard ACLs only.
E. They are used to rate limit traffic destined to targeted networks.
Answer: A
Explanation:
Named Access Control Lists (ACLs) allows standard and extended ACLs to be given names instead of numbers. Unlike in numbered Access Control Lists (ACLs), we can edit Named Access Control Lists. Another benefit of using named access configuration mode is that you can add new statements to the access list, and insert them wherever you like. With the legacy syntax, you must delete the entire access list before reapplying it using the updated rules.
Q9. - (Topic 8)
A router has learned three possible routes that could be used to reach a destination network One route is from EIGRP and has a composite metric of 07104371. Another route is from OSPF with a metric of 782 The last is from RIPv2 and has a metric of 4 Which route or routes will the router install in the routing table?
A. the EIGRP route
B. the OSPF route
C. the RIPv2 route
D. all three routes
E. the OSPF and RIPv2 routes
Answer: A
Q10. - (Topic 8)
On which type of device is every port in the same collision domain?
A. a router
B. a Layer 2 switch
C. a hub
Answer: C
Explanation: Collision domainA collision domain is, as the name implies, a part of a
network where packet collisions can occur. A collision occurs when two devices send a packet at the same time on the shared network segment. The packets collide and both devices must send the packets again, which reduces network efficiency. Collisions are often in a hub environment, because each port on a hub is in the same collision domain. By contrast, each port on a bridge, a switch or a router is in a separate collision domain.
Q11. DRAG DROP - (Topic 6)
Drag the security features on the left to the specific security risks they help protect against on the right. (Not all options are used.)
Answer:
Q12. - (Topic 8)
Which logging command can enable administrators to correlate syslog messages with millisecond precision?
A. no logging console
B. logging buffered 4
C. no logging monitor
D. service timestamps log datetime msec
E. logging host 10.2.0.21
Answer: D
Q13. - (Topic 5)
What are the alert messages generated by SNMP agents called?
A. TRAP
B. INFORM
C. GET
D. SET
Answer: A,B
Explanation:
A TRAP is a SNMP message sent from one application to another (which is typically on a remote host). Their purpose is merely to notify the other application that something has happened, has been noticed, etc. The big problem with TRAPs is that they’re
unacknowledged so you don’t actually know if the remote application received your oh-so- important message to it. SNMPv2 PDUs fixed this by introducing the notion of an INFORM, which is nothing more than an acknowledged TRAP.
Q14. - (Topic 8)
Which destination IP address can a host use to send one message to multiple devices across different subnets?
A. 172.20.1.0
B. 127.0.0.1
C. 192.168.0.119
D. 239.255.0.1
Answer: D
Explanation: Multicast is a networking protocol where one host can send a message to a special multicast IP address and one or more network devices can listen for and receive those messages.
Multicast works by taking advantage of the existing IPv4 networking infrastructure, and it does so in something of a weird fashion. As you read, keep in mind that things are a little
confusing because multicast was "shoe-horned" in to an existing technology.
For the rest of this article, let's use the multicast IP address of 239.255.0.1. We'll not worry about port numbers yet, but make a mental note that they are used in multicast. We'll discuss that later.
Q15. - (Topic 8)
How does NAT overloading provide one-to-many address transalation?
A. it uses a pool of addresses.
B. it converts IPv4 addresses to unused IPv6 addresses.
C. it assigns a unique TCP/UDP port to each session.
D. it uses virtual MAC address and virtual IP addresses.
Answer: C