Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Refer to the exhibit.
You must ensure that both core A and core B devices have only the minimum information required for reaching the spoke routers yet maintain full reachability during network failures.
Which of the following design solutions accomplishes these requirements?
A. Route summarization, with specific route leaking on hubs A and B
B. Route summarization, with GRE tunnel on hubs A and B
C. Implement PfR enhancements on hubs A and B.
D. Implement ODR for hub-to-spoke routing.
Answer: B
Q2. Refer to the exhibit.
When designing an MPLS-based LAN extension between DC-1 and DC-2, what are three advantages of deploying VSS? (Choose three.)
A. Layers 2, 3, and 4 flow-based load balancing
B. native VSS and MEC failover without using scripts
C. sub-second failover
D. required to configure VPLS
E. failover time depends on Cisco IOS EEM and STP convergence
F. limited VLAN-based VPLS traffic hashing
Answer: A,B,C
Q3. When creating a network design, which one of these options provides for basic Layer 2 client isolation to prevent broadcast traffic exposure?
A. SVI
B. VLAN
C. routed port
D. edge port
Answer: B
Q4. You work as a network designer for a company that is replacing their Frame Relay WAN with an MPLS VPN service, where the PE-to-CE routing protocol is BGP. The company has 3000 routes in their distribution routers, and they would like to advertise their access routers through the MPLS network. Their service provider, however, only supports 1000 prefixes per VRF. Which two design solutions can be applied to ensure that your access routers will be able to reach all devices in your network? (Choose two.)
A. Use prefix lists on your distribution routers to control which routes are sent to the MPLS network.
B. On your distribution routers, configure null routes and aggregate routes for the prefixes in your network.
C. Configure your distribution routers to send a default route to the MPLS network.
D. Summarize the routes on the MPLS WAN interfaces of your distribution routers.
Answer: BC
Q5. A new video multicast application is deployed in the network. The application team wants to use the 239.0.0.1 multicast group to stream the video to users. They want to know if this choice will impact the existing multicast design. What impact will their choice have on the existing multicast design?
A. Because 239.0.0.1 is a private multicast range, a flood of PIM packets that have to be processed by the CPU and hosts will be sent by the routers in the network.
B. Because 239.0.0.1 is a private multicast range, the rendezvous point has to send out constant group updates that will have to be processed by the CPU and hosts.
C. The multicast application sends too many packets into the network and the network infrastructure drops packets.
D. The 239.0.0.1 group address maps to a system MAC address, and all multicast traffic will have to be sent to the CPU and flooded out all ports.
Answer: D
Q6. A many-to-many enterprise messaging application is using multicast as a transport mechanism. As part of the network design for this application, which multicast address should be used, according to best practices outlined in RFC 2365?
A. 224.0.0.60
B. 232.192.0.60
C. 239.128.0.60
D. 239.193.0.60
Answer: D
Q7. When designing a large full mesh network running OSPF, how would you reduce LSA repetition?
A. Elect a DR and BDR.
B. Use access control lists to control outbound advertisements.
C. Choose one or two routers to re-flood LSA information.
D. Put each of the point-to-point links in your full mesh networking into a separate area.
Answer: C
Q8. Which restriction prevents a designer from using a GDOI-based VPN to secure traffic that traverses the Internet?
A. Enterprise host IP addresses are typically not routable.
B. GDOI is less secure than traditional IPsec.
C. Network address translation functions interfere with tunnel header preservation.
D. The use of public addresses is not supported with GDOI.
Answer: C
Q9. When creating a network design that routes an IGP over L2VPNs, with which device does the remote CE router form an IGP adjacency?
A. the hub site PE router
B. the hub site CE router
C. the directly connected PE router
D. The IGP will not establish adjacency over the MPLS network.
Answer: B
Q10. In an OSPF network, users in a particular OSPF non-backbone area are complaining about slow access speeds to a shared corporate resource in another OSPF area. Traceroutes show that theusers are taking a suboptimal default route to the destinations. Which solution will improve access speed?
A. Make the area totally stubby so that the default can be followed along the best path.
B. Create a virtual link between the areas so that traffic can shortcut directly between them.
C. Implement policy routing to channel the traffic in the optimal direction.
D. Leak specific summaries on the ABRs for the remote subnets in addition to the default.
Answer: D
Q11. You have been hired by Acme Corporation to evaluate their existing network and determine if the current network design is secure enough to prevent man-in-the-middle attacks. When evaluating the network, which switch security option should you investigate to ensure that authorized ARP responses take place according to known IP-to-MAC address mapping?
A. ARP rate limiting
B. DHCP snooping
C. Dynamic ARP Inspections
D. IP Source Guard
Answer: C
Q12. You are using iSCSI to transfer files between a 10 Gigabit Ethernet storage system and a 1 Gigabit Ethernet server. The performance is only approximately 700 Mb/s and output drops are occurring on the server switch port. Which action will improve performance in a cost-effective manner?
A. Use a WRED random drop policy.
B. Increase the queue to at least 1 GB.
C. Enable the TCP Nagle algorithm on the receiver.
D. Change the protocol to CIFS.
Answer: A
Q13. Company X will be integrating an IPv6 application into their network and wants to develop a test environment to evaluate application performance across the network. This application will require both unicast and multicast communications. The company can do this implementation only in certain areas of its existing IPv4-only network, but wants all areas to communicate with each other. When developing the design to provide connectivity between these testing locations, what tunneling technology would work in this scenario?
A. ISATAP
B. 6to4
C. DMVPN
D. 6vPE
E. 6PE
Answer: C
Q14. A service provider has a Resilient Ethernet Protocol ring running as a metro backbone between its locations in one city. A customer wants to connect one site with one box redundant to theResilient Ethernet Protocol ring at two different service provider locations. How can this be done without producing any Layer 2 loops within the network design?
A. Spanning tree at the service provider side only must be enabled.
B. Spanning tree at the customer side only must be enabled.
C. Flex Links at the service provider side only must be enabled.
D. Flex Links at the customer side only must be enabled.
E. EtherChannel at the service provider side and the customer side must be enabled.
F. Spanning tree at the service provider side and the customer side must be enabled.
G. Flex Links at the service provider side and the customer side must be enabled.
Answer: D
Q15. You are working on a network design plan for a company with approximately 2000 sites. The sites will be connected using the public Internet. You plan to use private IP addressing in the network design, which will be routed without NAT through an encrypted WAN network. Some sites will be connected to the Internet with dynamic public IP addresses, and these addresses may change occasionally. Which VPN solution will support these design requirements?
A. GET VPN must be used, because DMVPN does not scale to 2000 sites.
B. DMVPN must be used, because GET VPN does not scale to 2000 sites.
C. GET VPN must be used, because private IP addresses cannot be transferred with DMVPN through the public Internet.
D. DMVPN must be used, because private IP addresses cannot be transferred with GET VPN through the public Internet.
E. GET VPN must be used, because DMVPN does not support dynamic IP addresses for some sites.
F. DMVPN must be used, because GET VPN does not support dynamic IP addresses for some sites.
Answer: D