Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Which three TCP enhancements can be used with TCP selective acknowledgments? (Choose three.)
A. header compression
B. explicit congestion notification
C. keepalive
D. time stamps
E. TCP path discovery
F. MTU window
Answer: B,C,D
Explanation:
TCP Selective Acknowledgment
The TCP Selective Acknowledgment feature improves performance if multiple packets are lost from one
TCP window of data.
Prior to this feature, because of limited information available from cumulative acknowledgments, a TCP
sender could learn about only one lost packet per-round-trip
time. An aggressive sender could choose to resend packets early, but such re-sent segments might have
already been successfully received.
The TCP selective acknowledgment mechanism helps improve performance. The receiving TCP host
returns selective acknowledgment packets to the sender,
informing the sender of data that has been received. In other words, the receiver can acknowledge packets
received out of order. The sender can then resend only
missing data segments (instead of everything since the first missing packet).
Prior to selective acknowledgment, if TCP lost packets 4 and 7 out of an 8-packet window, TCP would
receive acknowledgment of only packets 1, 2, and 3. Packets
4 through 8 would need to be re-sent. With selective acknowledgment, TCP receives acknowledgment of
packets 1, 2, 3, 5, 6, and 8. Only packets 4 and 7 must be
re-sent.
TCP selective acknowledgment is used only when multiple packets are dropped within one TCP window.
There is no performance impact when the feature is
enabled but not used. Use the ip tcp selective-ack command in global configuration mode to enable TCP
selective acknowledgment.
Refer to RFC 2021 for more details about TCP selective acknowledgment.
TCP Time Stamp
The TCP time-stamp option provides improved TCP round-trip time measurements. Because the time
stamps are always sent and echoed in both directions and the time-stamp value in the header is always
changing, TCP header compression will not compress the outgoing packet. To allow TCP header
compression over a serial link, the TCP time-stamp option is disabled. Use the ip tcp timestamp command
to enable the TCP time-stamp option.
TCP Explicit Congestion Notification
The TCP Explicit Congestion Notification (ECN) feature allows an intermediate router to notify end hosts of
impending network congestion. It also provides enhanced support for TCP sessions associated with
applications, such as Telnet, web browsing, and transfer of audio and video data that are sensitive to delay
or packet loss. The benefit of this feature is the reduction of delay and packet loss in data transmissions.
Use the ip tcp ecn command in global configuration mode to enable TCP ECN.
TCP Keepalive Timer
The TCP Keepalive Timer feature provides a mechanism to identify dead connections. When a TCP
connection on a routing device is idle for too long, the device sends a TCP keepalive packet to the peer
with only the Acknowledgment (ACK) flag turned on. If a response packet (a TCP ACK packet) is not
received after the device sends a specific number of probes, the connection is considered dead and the
device initiating the probes frees resources used by the TCP connection. Reference: http://www.cisco.com/
c/en/us/td/docs/ios-xml/ios/ipapp/configuration/xe-3s/asr1000/iap-xe-3s-asr1000-book/iap-tcp.html#GUID-22A82C5F-631F-4390-9838-F2E48FFEEA01
Q2. Which technology was originally developed for routers to handle fragmentation in the path between end points?
A. PMTUD
B. MSS
C. windowing
D. TCP
E. global synchronization
Answer: A
Explanation:
Q3. Which encapsulation supports an interface that is configured for an EVN trunk?
A. 802.1Q
B. ISL
C. PPP
D. Frame Relay
E. MPLS
F. HDLC
Answer: A
Explanation:
Restrictions for EVN
An EVN trunk is allowed on any interface that supports 802.1q encapsulation, such as Fast Ethernet,
Gigabit Ethernet, and port channels.
A single IP infrastructure can be virtualized to provide up to 32 virtual networks end-to-end.
If an EVN trunk is configured on an interface, you cannot configure VRF-Lite on the same interface.
OSPFv3 is not supported; OSPFv2 is supported.
Reference:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/evn/configuration/xe-3s/evn-xe-3s- book/evnoverview.Pdf
Q4. Refer to the exhibit.
A network administrator checks this adjacency table on a router. What is a possible cause for the incomplete marking?
A. incomplete ARP information
B. incorrect ACL
C. dynamic routing protocol failure
D. serial link congestion
Answer: A
Explanation:
To display information about the Cisco Express Forwarding adjacency table or the hardware Layer 3-
switching adjacency table, use the show adjacency command.
Reasons for Incomplete Adjacencies
There are two known reasons for an incomplete adjacency:
The router cannot use ARP successfully for the next-hop interface.
After a clear ip arp or a clear adjacency command, the router marks the adjacency as incomplete. Then it
fails to clear the entry.
In an MPLS environment, IP CEF should be enabeled for Label Switching. Interface level command ip
route-cache cef No ARP Entry When CEF cannot locate a valid adjacency for a destination prefix, it punts
the packets to the CPU for ARP resolution and, in turn, for completion of the adjacency.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/express-forwarding-cef/17812-cefincomp.
html#t4
Q5. You have been asked to evaluate how EIGRP is functioning in a customer network.
Which key chain is being used for authentication of EIGRP adjacency between R4 and R2?
A. CISCO
B. EIGRP
C. key
D. MD5
Answer: A
Explanation: R4 and R2 configs are as shown below:
Clearly we see the actual key chain is named CISCO.
Q6. You have been asked to evaluate how EIGRP is functioning in a customer network.
Traffic from R1 to R61 s Loopback address is load shared between R1-R2-R4-R6 and R1-R3-R5-R6 paths. What is the ratio of traffic over each path?
A. 1:1
B. 1:5
C. 6:8
D. 19:80
Answer: D
Explanation:
Q7. Two aspects of an IP SLA operation can be tracked: state and reachability. Which statement about state tracking is true?
A. When tracking state, an OK return code means that the track's state is up; any other return code means that the track's state is down.
B. When tracking state, an OK or over threshold return code means that the track's state is up; any other return code means that the track's state is down.
C. When tracking state, an OK return code means that the track's state is down; any other return code means that the track's state is up.
D. When tracking state, an OK or over threshold return code means that the track's state is down; any other return code means that the track's state is up.
Answer: A
Explanation:
Q8. To configure SNMPv3 implementation, a network engineer is using the AuthNoPriv security level. What effect does this action have on the SNMP messages?
A. They become unauthenticated and unencrypted.
B. They become authenticated and unencrypted.
C. They become authenticated and encrypted.
D. They become unauthenticated and encrypted.
Answer: B
Explanation:
Q9. For security purposes, an IPv6 traffic filter was configured under various interfaces on the local router. However, shortly after implementing the traffic filter, OSPFv3 neighbor adjacencies were lost. What caused this issue?
A. The traffic filter is blocking all ICMPv6 traffic.
B. The global anycast address must be added to the traffic filter to allow OSPFv3 to work properly.
C. The link-local addresses that were used by OSPFv3 were explicitly denied, which caused the neighbor relationships to fail.
D. IPv6 traffic filtering can be implemented only on SVIs.
Answer: C
Explanation:
OSPFv3 uses link-local IPv6 addresses for neighbor discovery and other features, so if any IPv6 traffic
filters are implemented be sure to include the link local address so that it is permitted in the filter list.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx- os/unicast/configuration/
guide/l3_cli_nxos/l3_ospfv3.html
Q10. Scenario:
You have been asked to evaluate an OSPF network setup in a test lab and to answer questions a customer has about its operation. The customer has disabled your access to the show running-config command.
Which of the following statements is true about the serial links that terminate in R3
A. The R1-R3 link needs the neighbor command for the adjacency to stay up
B. The R2-R3 link OSPF timer values are 30, 120, 120
C. The R1-R3 link OSPF timer values should be 10,40,40
D. R3 is responsible for flooding LSUs to all the routers on the network.
Answer: B
Explanation:
Q11. You have been asked to evaluate how EIGRP is functioning in a customer network.
What is the advertised distance for the 192.168.46.0 network on R1?
A. 333056
B. 1938688
C. 1810944
D. 307456
Answer: C
Explanation:
Q12. A network engineer is investigating the cause of a service disruption on a network segment and executes the debug condition interface fastethernet f0/0 command. In which situation is the debugging output generated?
A. when packets on the interface are received and the interface is operational
B. when packets on the interface are received and logging buffered is enabled
C. when packets on the interface are received and forwarded to a configured syslog server
D. when packets on the interface are received and the interface is shut down
Answer: A
Explanation:
Q13. Which switching method is used when entries are present in the output of the command show ip cache?
A. fast switching
B. process switching
C. Cisco Express Forwarding switching
D. cut-through packet switching
Answer: A
Explanation:
Fast switching allows higher throughput by switching a packet using a cache created by the initial packet
sent to a particular destination. Destination addresses are stored in the high-speed cache to expedite forwarding. Routers offer better packet-transfer performance when fast switching is enabled. Fast switching is enabled by default on all interfaces that support fast switching.
To display the routing table cache used to fast switch IP traffic, use the "show ip cache" EXEC command.
Reference:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/switch/command/reference/fswtch_r/xrfscmd5.ht
ml#wp1038133
Q14. What is the result of the command ip flow-export destination 10.10.10.1 5858?
A. It configures the router to export cache flow information to IP 10.10.10.1 on port UDP/5858.
B. It configures the router to export cache flow information about flows with destination IP 10.10.10.1 and port UDP/5858.
C. It configures the router to receive cache flow information from IP 10.10.10.1 on port UDP/5858.
D. It configures the router to receive cache flow information about flows with destination IP 10.10.10.1 and port UDP/5858.
Answer: A
Explanation:
To enable the exporting of information in NetFlow cache entries, use the ip flow-export destination
command in global configuration mode.
Syntax Description
ip- IP address of the workstation to which you want to send the address NetFlow information.
udp-port UDP protocol-specific port number.
Reference:
http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/12s_mdnf.html#wp1023091
Q15. Under which condition does UDP dominance occur?
A. when TCP traffic is in the same class as UDP
B. when UDP flows are assigned a lower priority queue
C. when WRED is enabled
D. when ACLs are in place to block TCP traffic
Answer: A
Explanation:
Explanation: Mixing TCP with UDP It is a general best practice to not mix TCP-based traffic with UDPbased
traffic (especially Streaming-Video) within a single service-provider class because of the behaviors
of these protocols during periods of congestion. Specifically, TCP transmitters throttle back flows when
drops are detected. Although some UDP applications have application-level windowing, flow control, and
retransmission capabilities, most UDP transmitters are completely oblivious to drops and, thus, never lower
transmission rates because of dropping. When TCP flows are combined with UDP flows within a single
service-provider class and the class experiences congestion, TCP flows continually lower their
transmission rates, potentially giving up their bandwidth to UDP flows that are oblivious to drops. This
effect is called TCP starvation/UDP dominance. TCP starvation/UDP dominance likely occurs if (TCP-based) Mission-Critical Data is assigned to the same service-provider class as (UDP-based) Streaming-
Video and the class experiences sustained congestion. Even if WRED is enabled on the service-provider
class, the same behavior would be observed because WRED (for the most part) manages congestion only
on TCP-based flows. Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/
WAN_and_MAN/QoS_SRND/QoS- SRND-Book/VPNQoS.html
Topic 2, Layer 2 Technologies
13. Prior to enabling PPPoE in a virtual private dialup network group, which task must be completed?
A. Disable CDP on the interface.
B. Execute the vpdn enable command.
C. Execute the no switchport command.
D. Enable QoS FIFO for PPPoE support.
Q16. The enterprise network WAN link has been receiving several denial of service attacks from both IPv4 and IPv6 sources. Which three elements can you use to identify an IPv6 packet via its header, in order to filter future attacks? (Choose three.)
A. Traffic Class
B. Source address
C. Flow Label
D. Hop Limit
E. Destination Address
F. Fragment Offset
Answer: A,C,D
Explanation: