Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. A network designer has provisioned a router to use IPsec to encrypt the traffic over a GRE tunnel going to a web server at a remote location. From the router, the network designer can ping the web server, although the users in the office comment that they are unable to reach it. (Note: The DF bit is not set.) Which aspect should be changed in the design of the virtual connection?
A. IP addresses of the GRE tunnel endpoints
B. IPsec configuration
C. MTU size on the GRE tunnel
D. encapsulation of the GRE tunnel
Answer: C
Q2. Refer to the exhibit.
You are developing a migration plan to enable IPv6 in your IPv4 network. Starting at R3 and assuming default IS-IS operations, what is likely to happen when you enable IPv6 routing on the link from R3 to R2?
A. Only R3 and R2 have IPv4 and IPv6 reachability.
B. R2 receives an IPv6 default route from R3.
C. Loopback reachability between all routers for IPv4 is lost.
D. All routers except R2 are reachable through IPv4.
E. R3 advertises the link from R3-R2 to R1, R4 and R5 only.
Answer: C
Q3. Which two techniques are used in a network design to slow down the distribution of topology information caused by a rapidly flapping link? (Choose two.)
A. Bidirectional Forwarding Detection
B. IP event dampening
C. link-state incremental SPF
D. link-state partial SPF
E. LSA throttling
F. SPF throttling
Answer: BE
Q4. You have been tasked with designing a data center interconnect to provide business continuity. You want to encrypt the traffic over the DCI using IEEE 802.1AE MACsec to prevent the deployment of any firewall or IPS. Which two interconnect technologies support MACsec? (Choose two.)
A. EoMPLS
B. MPLS Layer 3 VPN
C. DMVPN
D. OTV
E. VPLS
F. GET VPN
Answer: AE
Q5. Voice traffic between two campus enterprise networks is growing. The network designers decide to add a second 10-Mb Metro Ethernet service parallel to their original 10-Mb service in order to provide more bandwidth and diversity. The QoS profile will be the same on the new 10-Mb service due to the voice stability on the first Metro Ethernet link. When the second link is added to the OSPF domain, which traffic design consideration would have the most impact on the voice traffic when both links are active?
A. per-destination IP address basis
B. per-flow basis
C. per-packet basis
D. per-source IP address basis
Answer: C
Q6. A customer is using a service provider to provide a WAN backbone for a 30-site network. In establishing the network, the customer must work within these constraints:
The customer has a self-managed MPLS backbone.
The VPLS WAN backbone of the service provider does not support PIM snooping.
Multicast VPN must be used for multicast support inside some VRFs.
What can the customer do so that multicast traffic is NOT flooded to all sites?
A. Configure static GRE tunnels and run the MPLS and multicast VPN inside these GRE tunnels.
B. Use Label Switched Multicast for the multicast transport.
C. Use PIM-SSM as the multicast routing protocol with IETF Rosen Draft multicast VPN.
D. Configure a static mapping between multicast addresses and MAC addresses.
E. Use GET VPN to encrypt the multicast packets inside the WAN.
Answer: A
Q7. Acme Corporation indicates that their network design must support the ability to scale to support a high number of remote sites. Which IGP is considered to scale better for a hub-and-spoke topology?
A. BGP
B. OSPF
C. IS-IS
D. EIGRP
Answer: D
Q8. Refer to the exhibit.
A new IPv4 multicast-based video-streaming service is being provisioned. During the design-validation tests, you realize that the link between the two buildings is carrying multicast traffic even when there are no receivers connected to the switch in Building B and despite IGMP snooping being enabled on both Layer 2 switches and IGMPv2 runs on the hosts. Which design change will prevent the multicast traffic from being unnecessarily flooded throughout the campus network?
A. Enable PIM snooping on both Layer 2 switches.
B. Enable multicast storm control on the link between Switch 1 and Switch 2.
C. Use static Layer 2 MAC forwarding entries on Switch 1.
D. Change the IPv4 multicast group address such that it excludes the usage of link-local MAC addresses.
E. Ensure that Switch 1 is an IGMP querier.
Answer: D
Q9. Which two mechanisms ensure that a network design provides fast path failure detection? (Choose two.)
A. BFD
B. fast hello packets
C. UDLD
D. IP Cisco Express Forwarding
Answer: AB
Q10. A company has these requirements for access to their wireless and wired corporate LANs using 802.1x:
. Client devices that are corporate assets and have been joined to the Active
Directory domain are allowed access.
. Personal devices must not be allowed access.
. Clients and access servers must be mutually authenticated.
Which solution meets these requirements?
A. Protected Extensible Authentication Protocol/Microsoft Challenge Handshake Authentication Protocol Version 2 with user authentication
B. Extensible Authentication Protocol-Transport Layer Security with machine authentication
C. Extensible Authentication Protocol-Transport Layer Security with user authentication
D. Protected Extensible Authentication Protocol/Microsoft Challenge Handshake Authentication Protocol Version 2 with machine authentication
Answer: B
Q11. A company plans to include Nonstop Forwarding and Bidirectional Forwarding Detection as a part of their network redundancy plan. In which two ways do NSF and BFD work together when different hardware platforms are compared? (Choose two.)
A. During supervisor engine or routing engine failover, the NSF feature will always ensure that the BFD at the peer router will not trigger a link down independent of the used hardware platform.
B. At some hardware platforms, BFD and NSF are not supported together. During supervisor engine or routing engine failover, the BFD at the peer router will trigger a link down.
C. To ensure that BFD at the peer router will not trigger a link down during NSF, the BFD packets must be processed fast enough, and, during supervisor engine or routing engine failover, by processing the BFD independent from the supervisor engine or routing engine.
D. Because BFD is always processed at the line cards (not at the supervisor engine or routing engine), a supervisor engine or routing engine failover will not affect the BFD peer router.
E. Because BFD is always processed at the supervisor engine or routing engine, a supervisor engine or routing engine failover will always trigger a link down at the peer router.
Answer: BC
Q12. Refer to the exhibit.
When designing an MPLS-based LAN extension between DC-1 and DC-2, what are three advantages of deploying VSS? (Choose three.)
A. Layers 2, 3, and 4 flow-based load balancing
B. native VSS and MEC failover without using scripts
C. sub-second failover
D. required to configure VPLS
E. failover time depends on Cisco IOS EEM and STP convergence
F. limited VLAN-based VPLS traffic hashing
Answer: A,B,C
Q13. Your design client has requested that you ensure that the client devices are not dynamically configured with incorrect DNS information. When finalizing the network design, which security option must be configured on the switches?
A. IGMP snooping
B. DHCP snooping
C. root guard
D. DNS snooping
Answer: B
Q14. You are tasked with implementing a 1000-phone remote access solution, where phones will traverse a WAN edge router. Assuming all of the following features are supported in a hardware-assisted manner, which of the following will have the most detrimental impact on the delay of the packet?
A. encryption
B. stateful firewall
C. MPLS encapsulation
D. GRE encapsulation
Answer: A
Q15. A senior network designer suggests that you should improve network convergence times by reducing BGP timers between your CE router and the PE router of the service provider. Which three factors should you to consider when you adjust the timer values? (Choose three.)
A. access bandwidth
B. service provider agreement to support tuned timers
C. number of routes on the CE router
D. number of VRFs on the PE router
E. service provider scheduling of changes to the PE
Answer: ABC