Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Refer to the exhibit.
Traffic from CE1 to CE2 is traveling through the core instead of through R1. All the PE routers have a similar configuration, and BGP peering and extended-community meshing are configured correctly.
Which configuration change routes the traffic through R1?
A)
B)
C)
D)
A. Exhibit A
B. Exhibit B
C. Exhibit C
D. Exhibit D
Answer: A
Q2. DRAG DROP
Drag and drop the argument of the ip cef load-sharing algorithm command on the left to the function it performs on the right.
Answer:
Q3. Refer to the exhibit.
Which three statements about the R1 configuration are true? (Choose three.)
A. The virtual circuit identifier is 1611 and the virtual circuit is down.
B. The local label for the circuit is 4006.
C. The targeted LDP session to the remote peer is up.
D. The local label for the circuit is 1611.
E. The virtual circuit identifier is 4006 and the virtual circuit is down.
F. The circuit is using MPLS VC type 4.
Answer: A,B,C
Explanation:
The number after the vc is the identifier, which is 1611 in this case. Here, the VC status is shown as down.
As shown, the MPLS VC labels: local 4006, remote unassigned shows the local label used is 4006.
The targeted LDP session is up as verified by the “Signalling protocol: LDP, peer 172.16.12.70 up” statement in the output.
Q4. On which three options can Cisco PfR base its traffic routing? (Choose three.)
A. Time of day
B. An access list with permit or deny statements
C. Load-balancing requirements
D. Network performance
E. User-defined link capacity thresholds
F. Router IOS version
Answer: C,D,E
Explanation:
Key Advantages of using PfR for Load balancing:
. Utilization based load-balancing: PfR takes real-time link utilization into account when load balancing the links. This will ensure that a link will not go beyond a certain percentage of its maximum capacity (75% by default).
. Application Performance based Load Balancing: PfR does not randomly forward traffic through one link or another. It takes application performance requirements into consideration and then forwards the traffic through a link which meets the performance policy requirements. PfR also load balances the link at the same time.
. Bi-directional Solution: PfR is a bi-directional load balancing solution which influences outbound as well as in-bound traffic.
. Consolidated Centralized View: PfR offers consolidated and centralized view of the state of all external links in the network. At any given time, the network administrator can see the current link utilization (in kbps and percentage of its capacity), maximum link threshold, and the policies applied to the links in the network.
Reference: http://docwiki.cisco.com/wiki/PfR:Solutions:InternetOutboundLoadBalancing
Q5. Which statement about the feasible distance in EIGRP is true?
A. It is the maximum metric that should feasibly be considered for installation in the RIB.
B. It is the minimum metric to reach the destination as stored in the topology table.
C. It is the metric that is supplied by the best next hop toward the destination.
D. It is the maximum metric possible based on the maximum hop count that is allowed.
Answer: B
Explanation:
An EIGRP router advertises each destination it can reach as a route with an attached metric. This metric is called the route's reported distance (the term advertised distance has also been used in older documentation). A successor route for any given destination is chosen as having the lowest computed feasible distance; that is, the lowest sum of reported distance plus the cost to get to the advertising router. By default, an EIGRP router will store only the route with the best (lowest) feasible distance in the routing table (or, multiple routes with equivalent feasible distances).
Reference: http://packetlife.net/blog/2010/aug/9/eigrp-feasible-successor-routes/
Q6. Which two features improve BGP convergence? (Choose two.)
A. next-hop address tracking
B. additional paths
C. advertise map
D. communities
E. soft reconfiguration
Answer: A,B
Explanation:
The BGP Support for Next-Hop Address Tracking feature is enabled by default when a supporting Cisco software image is installed. BGP next-hop address tracking is event driven. BGP prefixes are automatically tracked as peering sessions are established. Next-hop changes are rapidly reported to the BGP routing process as they are updated in the RIB. This optimization improves overall BGP convergence by reducing the response time to next-hop changes for routes installed in the RIB. When a best path calculation is run in between BGP scanner cycles, only next-hop changes are tracked and processed. BGP routers and route reflectors (RRs) propagate only their best path over their sessions. The advertisement of a prefix replaces the previous announcement of that prefix (this behavior is known as an implicit withdraw). The implicit withdraw can achieve better scaling, but at the cost of path diversity. Path hiding can prevent efficient use of BGP multipath, prevent hitless planned maintenance, and can lead to MED oscillations and suboptimal hot-potato routing. Upon nexthop failures, path hiding also inhibits fast and local recovery because the network has to wait for BGP control plane convergence to restore traffic. The BGP Additional Paths feature provides a generic way of offering path diversity; the Best External or Best Internal features offer path diversity only in limited scenarios. The BGP Additional Paths feature provides a way for multiple paths for the same prefix to be advertised without the new paths implicitly replacing the previous paths. Thus, path diversity is achieved instead of path hiding.
References: http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/15-1sg/irg-nexthop-track.html http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/bgp_additional_paths.html
Q7. Refer to the exhibit.
How can Router X in AS70000 peer with Router Y in AS65000, in case Router Y supports only 2-byte ASNs?
A. Router X should be configured with a remove-private-as command, because this will establish the peering session with a random private 2-byte ASN.
B. It is not possible. Router Y must be upgraded to an image that supports 4-byte ASN.
C. Router Y should be configured with a 4-byte AS using the local-as command.
D. Router X should be configured with a 2-byte AS using the local-as command.
Answer: D
Explanation:
Since router Y does not support 4-byte ASN,s it will not understand any AS numbers larger than 65535, so router X should use the local-as command on the peering statement to router Y to so that it sends in a 2-byte ASN to router Y.
Q8. Refer to the exhibit.
If the traffic flowing from network 192.168.254.0 to 172.16.250.0 is unencrypted, which two actions must you take to enable encryption? (Choose two).
A. Configure the transform-set on R2 to match the configuration on R1.
B. Configure the crypto map on R2 to include the correct subnet.
C. Configure the ISAKMP policy names to match on R1 and R2.
D. Configure the crypto map names to match on R1 and R2.
E. Configure the Diffie-Hellman keys used in the ISAKMP policies to be different on R1 and R2.
Answer: A,B
Explanation:
A transform set combines an encryption method and an authentication method. During the IPsec security association negotiation with ISAKMP, the peers agree to use a particular transform set to protect a particular data flow. The transform set must be the same for both peers. Also, the crypto map on R2 points to the address name of VPN, which includes 172.16.0.0/16, but it should be the local subnet of 192.168.0.0/16
Q9. Which three features require Cisco Express Forwarding? (Choose three.)
A. NBAR
B. AutoQoS
C. fragmentation
D. MPLS
E. UplinkFast
F. BackboneFast
Answer: A,B,D
Explanation:
QoS Features That Require CEF
These class-based QoS features are supported only on routers that run CEF.
.Network Based Application Recognition (NBAR) provides intelligent network classification. For more information, refer to Network Based Application Recognition.
. The AutoQoS -VoIP feature simplifies and speeds up the implementation and provisioning of QoS for VoIP traffic. This feature is enabled with the help of the auto qos voip command. CEF must be enabled at the interface or ATM PVC before the auto qos command can be used. For more information about this feature and its prerequisites, refer to AutoQoS -VoIP.
From MPLS Fundamentals - Luc De Ghein
Why Is CEF Needed in MPLS Networks?
Concerning MPLS, CEF is special for a certain reason; otherwise, this book would not explicitly cover it. Labeled packets that enter the router are switched according to the label forwarding information base (LFIB) on the router. IP packets that enter the router are switched according to the CEF table on the router. Regardless of whether the packet is switched according to the LFIB or the CEF table, the outgoing packet can be a labeled packet or an IP packet
Reference: http://www.cisco.com/c/en/us/support/docs/asynchronous-transfer-mode-atm/ip-to-atm-class-of-service/4800-cefreq.html
Q10. Which statement about MSS is true?
A. It is negotiated between sender and receiver.
B. It is sent in all TCP packets.
C. It is 20 bytes lower than MTU by default.
D. It is sent in SYN packets.
E. It is 28 bytes lower than MTU by default.
Answer: D
Explanation:
The maximum segment size (MSS) is a parameter of the Options field of the TCP header that specifies the largest amount of data, specified in octets, that a computer or communications device can receive in a single TCP segment. It does not count the TCP header or the IP header. The IP datagram containing a TCP segment may be self-contained within a single packet, or it may be reconstructed from several fragmented pieces; either way, the MSS limit applies to the total amount of data contained in the final, reconstructed TCP segment. The default TCP Maximum Segment Size is 536. Where a host wishes to set the maximum segment size to a value other than the default, the maximum segment size is specified as a TCP option, initially in the TCP SYN packet during the TCP handshake. The value cannot be changed after the connection is established.
Reference: http://en.wikipedia.org/wiki/Maximum_segment_size
Q11. A floating static route appears in the routing table of an interface even when the interface is unusable.
Which action can you take to correct the problem?
A. Remove the permanent option from the static route.
B. Correct the administrative distance.
C. Configure the floating static route to point to another route in the routing table.
D. Correct the DHCP-provided route on the DHCP server.
Answer: A
Q12. What is a cause for unicast flooding?
A. Unicast flooding occurs when multicast traffic arrives on a Layer 2 switch that has directly connected multicast receivers.
B. When PIM snooping is not enabled, unicast flooding occurs on the switch that interconnects the PIM-enabled routers.
C. A man-in-the-middle attack can cause the ARP cache of an end host to have the wrong MAC address. Instead of having the MAC address of the default gateway, it has a MAC address of the man-in-the-middle. This causes all traffic to be unicast flooded through the man-in-the-middle, which can then sniff all packets.
D. Forwarding table overflow prevents new MAC addresses from being learned, and packets destined to those MAC addresses are flooded until space becomes available in the forwarding table.
Answer: D
Explanation:
Causes of Flooding The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on). Below case studies display most common reasons for destination MAC address not being known to the switch.
Cause 1: Asymmetric Routing
Large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links
Cause 2: Spanning-Tree Protocol Topology Changes
Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur
Cause 3: Forwarding Table Overflow
Another possible cause of flooding can be overflow of the switch forwarding table. In this case, new addresses cannot be learned and packets destined to such addresses are flooded until some space becomes available in the forwarding table. New addresses will then be learned. This is possible but rare, since most modern switches have large enough forwarding tables to accommodate MAC addresses for most designs.
Reference:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/23563-143.html
Q13. Refer to the exhibit.
Which two statements about the output are true? (Choose two.)
A. 802.1D spanning tree is being used.
B. Setting the priority of this switch to 0 for VLAN 1 would cause it to become the new root.
C. The hello, max-age, and forward delay timers are not set to their default values.
D. Spanning-tree PortFast is enabled on GigabitEthernet1/1.
Answer: A,B
Explanation:
802.1D is the standard for Spanning tree, which is being used here. For priority, The priority order starts from 0 (yes, 0 is valid) and then increases in 4096. 0, 4096, 8192, 12288, …. Etc.
The lower the number is, the higher is the priority. Here we see that the current root has a priority of 8192, so configuring this with a priority of 0 will make it the new root.
Q14. Refer to the exhibit.
Which prefixes will appear in the EIGRP topology table?
A. 10.0.0.0/8, 172.16.1.0/24, 192.168.0.0/16
B. 10.1.1.0/24, 10.1.2.0/24, 172.16.1.0/26, 192.168.1.0/26, 192.168.2.0/26
C. 10.1.1.0/24, 10.1.2.0/24, 172.16.1.0/26, 172.16.2.0/26, 192.168.1.0/26, 192.168.2.0/26
D. 10.1.1.1/24, 10.1.2.1/24, 172.16.1.1/26, 172, 192.168.1.1/26, 192.168.2.1/26
Answer: B
Q15. Which three statements about bridge assurance are true? (Choose three.)
A. Bridge assurance must be enabled on both ends of a link.
B. Bridge assurance can be enabled on one end of a link or on both ends.
C. Bridge assurance is enabled on STP point-to-point links only.
D. Bridge assurance is enabled on STP multipoint links only.
E. If a bridge assurance port fails to receive a BPDU after a timeout, the port is put into a blocking state.
F. If a bridge assurance port fails to receive a BPDU after a timeout, the port is put into an error disabled state.
Answer: A,C,E
Explanation:
Bridge Assurance is enabled by default and can only be disabled globally. Also, Bridge Assurance can be enabled only on spanning tree network ports that are point-to-point links.
Finally, both ends of the link must have Bridge Assurance enabled.
With Bridge Assurance enabled, BPDUs are sent out on all operational network ports, including alternate and backup ports, for each hello time period. If the port does not receive a BPDU for a specified period, the port moves into the blocking state and is not used in the root port calculation. Once that port receives a BPDU, it resumes the normal spanning tree transitions.
Reference:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guid e/cli/CLIConfigurationGuide/SpanningEnhanced.html