Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. A metro service provider is planning Resilient Ethernet Protocol for his backbone. Which two aspects must be considered before the network design is finalized? (Choose two.)
A. Two Resilient Ethernet Protocol segments can be connected redundantly at two points. One connection will be blocked, using the Spanning Tree Protocol defined in IEEE 802.1D.
B. UniDirectional Link Detection Protocol can be enabled on Resilient Ethernet Protocol interfaces to detect unidirectional failures.
C. The guaranteed convergence recovery time is less than 50 ms for the local segment.
D. A Resilient Ethernet Protocol segment is limited to a maximum of seven devices.
E. VLAN load balancing for optimal bandwidth usage is supported in any Resilient Ethernet Protocol segment.
Answer: BE
Q2. You have been tasked to create a Layer 2 network design that uses vPC to provide resiliency and avoid loops. vPC removes Layer 2 loops while providing redundancy through which mechanism?
A. dual-active detection
B. address synchronization
C. strict forwarding rules
D. Bridge Assurance
Answer: C
Q3. As a service provider you must support a Layer 2 virtualization protocol that does not include the use of label switching. Which option can meet this design requirement?
A. VPLS
B. VRF-Lite
C. QinQ
D. 802.3ad
Answer: C
Q4. A many-to-many enterprise messaging application is using multicast as a transport mechanism. As part of the network design for this application, which multicast address should be used, according to best practices outlined in RFC 2365?
A. 224.0.0.60
B. 232.192.0.60
C. 239.128.0.60
D. 239.193.0.60
Answer: D
Q5. Your enterprise customer has asked where they should deploy flow monitoring in their network to monitor traffic between branch offices. What is your design recommendation?
A. at the edge of the network so that user traffic will be seen
B. at the central site, because all traffic from the remotes will be seen there.
C. in the core, because all traffic will be seen there
D. in the data center, because all user traffic will be seen there
Answer: B
Q6. What is a design aspect regarding multicast transport for MPLS Layer 3 VPNs using the Rosen Draft implementation?
A. LDP is the multicast control plane protocol.
B. Multicast traffic is forwarded over GRE tunnels.
C. Multicast traffic is forwarded over LDP or RSVP signaled LSPs.
D. Using the MDT SAFI in BGP ensures that PIM can be disabled in the core.
Answer: B
Q7. You are designing a multisite VPN solution for a customer and you are concerned with the additional overhead of point-to-point tunnels and the associated overlay routing with DMVPN. How does a GDOI-based VPN eliminate the additional tunnel and routing overhead found in DMVPN?
A. The GDOI-based VPN requires overlaying a secondary routing infrastructure through the tunnels.
B. In a GDOI-based VPN, all group members share a common security association.
C. The GDOI-based VPN requires the provisioning of a complex connectivity mesh.
D. The GDOI-based VPN leverages the routing protocol to find its peer for tunnel setup.
Answer: B
Q8. You are performing a BGP design review for a service provider that offers MPLS-based services to their end customers. The network is comprised of several PE routers that run iBGP with a pair of route reflectors for all BGP address families. Which two options about the use of Constrained Route Distribution for BGP/MPLS VPNs are true? (Choose two.)
A. This feature must be enabled on all devices in the network at the same time.
B. The RR must advertise the default route target filter toward the PE routers.
C. The RRs do not need to advertise any route target filter toward the PE routers.
D. Both PE and RR routers must support this feature.
Answer: BD
Q9. While reviewing an existing network design, you are discussing the characteristics of different STP versions. Which protocol minimizes unicast flooding during TCN in a Layer 2 switched network with many VLANs?
A. STP
B. MST
C. PVRSTP
D. PVSTP+
Answer: D
Q10. A customer is using a service provider to provide a WAN backbone for a 30-site network. In establishing the network, the customer must work within these constraints:
The customer has a self-managed MPLS backbone.
The VPLS WAN backbone of the service provider does not support PIM snooping.
Multicast VPN must be used for multicast support inside some VRFs.
What can the customer do so that multicast traffic is NOT flooded to all sites?
A. Configure static GRE tunnels and run the MPLS and multicast VPN inside these GRE tunnels.
B. Use Label Switched Multicast for the multicast transport.
C. Use PIM-SSM as the multicast routing protocol with IETF Rosen Draft multicast VPN.
D. Configure a static mapping between multicast addresses and MAC addresses.
E. Use GET VPN to encrypt the multicast packets inside the WAN.
Answer: A
Q11. A customer wants to understand the benefits of a proposed network design that utilizes SNMPv3. Which two network threats is SNMPv3 effective against? (Choose two.)
A. modification of information threats
B. masquerade threats
C. denial of service threats
D. traffic analysis threats
Answer: AB
Q12. Refer to the exhibit.
A service provider would like to use Ethernet OAM to detect end-to-end connectivity failures between SP-SW1 and SP-SW2. In which two of these ways can you design this solution? (Choose two.)
A. Enable Y.1731 Connectivity Fault Management on the SP switches.
B. E-LMI PDUs must be forwarded over VPLS.
C. Cisco Discovery Protocol PDUs must be forwarded over the VPLS.
D. Use upward maintenance endpoints on the SP switches.
E. Enable IEEE 802.1ag Connectivity Fault Management on the SP switches.
Answer: DE
Q13. A company plans to include Nonstop Forwarding and Bidirectional Forwarding Detection as a part of their network redundancy plan. In which two ways do NSF and BFD work together when different hardware platforms are compared? (Choose two.)
A. During supervisor engine or routing engine failover, the NSF feature will always ensure that the BFD at the peer router will not trigger a link down independent of the used hardware platform.
B. At some hardware platforms, BFD and NSF are not supported together. During supervisor engine or routing engine failover, the BFD at the peer router will trigger a link down.
C. To ensure that BFD at the peer router will not trigger a link down during NSF, the BFD packets must be processed fast enough, and, during supervisor engine or routing engine failover, by processing the BFD independent from the supervisor engine or routing engine.
D. Because BFD is always processed at the line cards (not at the supervisor engine or routing engine), a supervisor engine or routing engine failover will not affect the BFD peer router.
E. Because BFD is always processed at the supervisor engine or routing engine, a supervisor engine or routing engine failover will always trigger a link down at the peer router.
Answer: BC
Q14. Network designers plan to interconnect two geographically separated data centers using an Ethernet-over-MPLS pseudowire. Within that design, the link between the sites is stable, there are no apparent loops in the topology, and the root bridges for the respective VLANs are stable and unchanging. What additional aspect of the design should be adjusted to mitigate the chance of connectivity issues to the peer data center when the connection takes place?
A. Enable 802.1d on one data center, and 802.1w on the other.
B. Ensure that the spanning tree diameter for one or more VLANs is not too large.
C. Enable UDLD on the link between the data centers.
D. Enable root guard on the link between the data centers.
Answer: B
Q15. A company wants to connect two data center sites using a hub-and-spoke design with 2000 remote sites. One design consideration is the requirement to transfer MPLS packets over the public Internet. In addition, one router at each site should be used, and the MPLS packets must be encapsulated inside IP packets because the public Internet cannot transfer native MPLS packets. Which feature can be used to simplify the network design?
A. GET VPN can be used to encrypt the MPLS packets with IPsec.
B. DMVPN can be used to build up GRE tunnels dynamically with MPLS encapsulation inside.
C. L2TPv3 can be used to encapsulate the MPLS packets.
D. Site-to-site IPsec without GRE can be used to encapsulate the MPLS packets.
E. PPPoE can be used to encapsulate the MPLS packets.
Answer: B