Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. What is a cause for unicast flooding?
A. Unicast flooding occurs when multicast traffic arrives on a Layer 2 switch that has directly connected multicast receivers.
B. When PIM snooping is not enabled, unicast flooding occurs on the switch that interconnects the PIM-enabled routers.
C. A man-in-the-middle attack can cause the ARP cache of an end host to have the wrong MAC address. Instead of having the MAC address of the default gateway, it has a MAC address of the man-in-the-middle. This causes all traffic to be unicast flooded through the man-in-the-middle, which can then sniff all packets.
D. Forwarding table overflow prevents new MAC addresses from being learned, and packets destined to those MAC addresses are flooded until space becomes available in the forwarding table.
Answer: D
Explanation:
Causes of Flooding The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on). Below case studies display most common reasons for destination MAC address not being known to the switch.
Cause 1: Asymmetric Routing
Large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links
Cause 2: Spanning-Tree Protocol Topology Changes
Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur
Cause 3: Forwarding Table Overflow
Another possible cause of flooding can be overflow of the switch forwarding table. In this case, new addresses cannot be learned and packets destined to such addresses are flooded until some space becomes available in the forwarding table. New addresses will then be learned. This is possible but rare, since most modern switches have large enough forwarding tables to accommodate MAC addresses for most designs.
Reference:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/23563-143.html
Q2. Which three routing protocols utilize TLVs? (Choose three.)
A. BGP
B. IS-IS
C. ODR
D. OSPF
E. EIGRP
F. RIP
Answer: A,B,E
Explanation:
IS-IS, originally designed for Open System Interconnection (OSI) routing, uses TLV parameters to carry information in Link State Packets (LSPs). The TLVs make IS-IS extendable. IS-IS can therefore carry different kinds of information in the LSPs. Several routing protocols use TLVs to carry a variety of attributes. Cisco Discovery Protocol (CDP), Label Discovery Protocol (LDP), and Border Gateway Protocol (BGP) are examples of protocols that use TLVs. BGP uses TLVs to carry attributes such as Network Layer Reachability Information (NLRI), Multiple Exit Discriminator (MED), and local pReference: The IP header of the EIGRP packet specifies IP protocol number 88 within it, and the maximum length of the packet will be the IP MTU of the interface on which it is transmitted, most of the time 1500 octets. Following the IP header is the various Type/Length/Value (TLV) triplets. These TLVs will not only carry the route entries but also provide fields for the management of the DUAL process, multicast sequencing, and IOS software versions from the router.
References: http://www.cisco.com/c/en/us/support/docs/ip/integrated-intermediate-system-to-intermediate-system-is-is/5739-tlvs-5739.html http://ericleahy.com/index.php/eigrp-packets-neighborships/
Q3. Refer to the exhibit.
The device with this configuration is unable to reach network 172.31.31.0/24. The next hop router has been verified to have full connectivity to the network. Which two actions can you take to establish connectivity to the network? (Choose two.)
A. Create a static route to 172.16.199.0 using the address of the next hop router.
B. Create a default route to the link address of the next hop router.
C. Create a static route to the loopback address of the next hop router.
D. Create a default route to 172.16.199.9.
E. Modify the existing static route so that the next hop is 0.0.0.0.
F. Replace the ip default-network command with the ip default-gateway command.
Answer: A,B
Explanation:
Unlike the ip default-gateway command, you can use ip default-network when ip routing is enabled on the Cisco router. When you configure ip default-network the router considers routes to that network for installation as the gateway of last resort on the router.
For every network configured with ip default-network, if a router has a route to that network, that route is flagged as a candidate default route. However, in this case if the router does not a route to the drfault network of 172.16.199.9, then you would need to ensure that this route exisits by creating a static route to 172.16.199.0 using the address of the next hop router, or simply create a default route using the address of the next hop router.
Q4. Refer to the exhibit.
You discover that only 1.5 Mb/s of web traffic can pass during times of congestion on the given network.
Which two options are possible reasons for this limitation? (Choose two.)
A. The web traffic class has too little bandwidth reservation.
B. Video traffic is using too much bandwidth.
C. The service-policy is on the wrong interface.
D. The service-policy is going in the wrong direction.
E. The NAT policy is adding too much overhead.
Answer: A,B
Explanation:
In this example, the web traffic will fall into the default class, which is only 15 percent of the 10Mbps Internet connection (1.5Mbps). Meanwhile, video traffic is allowed 50% of the 10 Mbps.
Q5. Which two statements about the function of the stub feature in EIGRP are true? (Choose two.)
A. It stops the stub router from sending queries to peers.
B. It stops the hub router from sending queries to the stub router.
C. It stops the stub router from propagating dynamically learned EIGRP prefixes to the hub routers.
D. It stops the hub router from propagating dynamically learned EIGRP prefixes to the stub routers.
Answer: B,C
Explanation:
When using the EIGRP Stub Routing feature, you need to configure the distribution and remote routers to use EIGRP, and to configure only the remote router as a stub. Only specified routes are propagated from the remote (stub) router. The router responds to queries for summaries, connected routes, redistributed static routes, external routes, and internal routes with the message "inaccessible." A router that is configured as a stub will send a special peer information packet to all neighboring routers to report its status as a stub router. Without the stub feature, even after the routes that are sent from the distribution router to the remote router have been filtered or summarized, a problem might occur. If a route is lost somewhere in the corporate network, EIGRP could send a query to the distribution router, which in turn will send a query to the remote router even if routes are being summarized. If there is a problem communicating over the WAN link between the distribution router and the remote router, an EIGRP stuck in active (SIA) condition could occur and cause instability elsewhere in the network. The EIGRP Stub Routing feature allows a network administrator to prevent queries from being sent to the remote router.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/eigrpstb.html
Q6. Which two statements about class maps are true? (Choose two.)
A. As many as eight DSCP values can be included in a match dscp statement.
B. The default parameter on a class map with more than one match command is match-any.
C. The match class command can nest a class map within another class map.
D. A policy map can be used to designate a protocol within a class map.
Answer: A,C
Explanation:
Answer A.
Router(config-cmap)# match [ip] dscp dscp-value [dscp-value dscp-value dscp-value
dscp-value dscp-value dscp-value dscp-value]
(Optional) Identifies a specific IP differentiated service code point (DSCP) value as a match criterion. Up to eight DSCP values can be included in one match statement.
Answer C.
Router config-cmap)# match class-map class-name (Optional) Specifies the name of a traffic class to be used as a matching criterion (for nesting traffic class [nested class maps] within one another).
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/configuration/guide/fqos_c/qcfmcli2.html
Q7. Which two statements about the max-age time in IS-IS are true? (Choose two.)
A. The IS-IS max-age time is 20 minutes by default.
B. The IS-IS max-age time is 60 minutes by default.
C. The IS-IS max-age time increments from zero to max-age.
D. The IS-IS max-age time decrements from max-age to zero.
Answer: A,D
Q8. In the DiffServ model, which class represents the highest priority with the highest drop probability?
A. AF11
B. AF13
C. AF41
D. AF43
Answer: D
Explanation:
AF43 — Assured forwarding, high drop probability, Class 4 DSCP, and Flash-override precedence.
Table of AF Classes and Drop Priority
Drop Precedence
Class 1
Class 2
Class 3
Class 4
Low drop
AF11
DSCP 10
001010
AF21
DSCP 18
010010
AF31
DSCP 26
011010
AF41
DSCP 34
100010
Medium drop
AF12
DSCP 12
001100
AF22
DSCP 20
010100
AF32
DSCP 28
011100
AF42
DSCP 36
100100
High drop
AF13
DSCP 14
001110
AF23
DSCP 22
010110
AF33
DSCP 30
011110
AF43
DSCP 38
100110
Reference:
https://www.informit.com/library/content.aspx?b=CCIE_Practical_Studies_II&seqNum=56
Q9. Refer to the exhibit.
RIPv2 authentication is failing on a device with this configuration. Which two actions can you take to enable it? (Choose two.)
A. Set the RIP authentication mode to text.
B. Set the RIP authentication mode to MD5.
C. Configure the password encryption for the key.
D. Set the password encryption to AES.
Answer: A,B
Explanation:
See the reference link below for information on configuring RIPv2 authentication, including both test and MD5 modes.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13719-50.html#configuringplain
Q10. Which two statements about IS-IS are true? (Choose two.)
A. The default hello interval is 10 seconds and the default hold timer is 30 seconds.
B. The hello interval can be changed on a per-interface basis with the command isis hello-multiplier.
C. Both routers need to have the same hello intervals and hold timers in order to form IS-IS neighbors.
D. Both IS-IS routers need to have the same capabilities in the hello packet in order to form neighbors.
Answer: A,B
Explanation:
isis hello-interval
To specify the length of time between hello packets that the Cisco IOS software sends, use the isis hello-interval command in interface configuration mode. By default, a value three times the hello interval seconds is advertised as the hold time in the hello packets sent. (Change the multiplier of 3 by specifying the isis hello-multiplier command.) With smaller hello intervals, topological changes are detected faster, but there is more routing traffic. The default is 10 seconds.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/iproute/command/reference/fiprrp_r/1rfisis.ht ml
Q11. Which three statements about DMVPN are true? (Choose three.)
A. It facilitates zero-touch configuration for addition of new spokes.
B. It supports dynamically addressed spokes using DHCP.
C. It features automatic IPsec triggering for building an IPsec tunnel.
D. It requires uses of IPsec to build the DMVPN cloud.
E. Spokes can build tunnels to other spokes and exchange traffic directly.
F. It supports server load balancing on the spokes.
Answer: A,C,E
Q12. For which two conditions is Cisco Express Forwarding recursion disabled by default when the BGP Prefix Independent Convergence functionality is enabled? (Choose two.)
A. next hops learned with a /24 mask
B. next hops learned with any mask shorter than /32
C. next hops learned with a /32 mask
D. next hops that are directly connected
Answer: C,D
Explanation:
Recursion is the ability to find the next longest matching path when the primary path goes down. When the BGP PIC feature is not installed, and if the next hop to a prefix fails, Cisco Express Forwarding finds the next path to reach the prefix by recursing through the FIB to find the next longest matching path to the prefix. This is useful if the next hop is multiple
hops away and there is more than one way of reaching the next hop.
However, with the BGP PIC feature, you may want to disable Cisco Express Forwarding recursion for the following reasons:
. Recursion slows down convergence when Cisco Express Forwarding searches all the FIB entries.
. BGP PIC Edge already precomputes an alternate path, thus eliminating the need for Cisco Express Forwarding recursion.
When the BGP PIC functionality is enabled, Cisco Express Forwarding recursion is disabled by default for two conditions:
. For next hops learned with a /32 network mask (host routes)
. For next hops that are directly connected
For all other cases, Cisco Express Forwarding recursion is enabled.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/irg-bgp-mp-pic.html
Q13. Which statement about UDLD is true?
A. The udld reset command resets ports that have been error-disabled by both UDLD and Fast UDLD.
B. Fast UDLD is configured in aggressive mode.
C. Only bidirectional link failures can be detected in normal mode.
D. Each switch in a UDLD topology can send and receive packets to and from its neighbors.
Answer: A
Q14. Which mechanism does Cisco recommend for CE router interfaces that face the service provider for an EVPL circuit with multiple EVCs and multiple traffic classes?
A. HCBWFQ
B. LLQ
C. tail drop
D. WRED
Answer: A
Explanation:
In a simple handoff, packets may be discarded in the service provider network, either because of congestion on a link without an appropriate QoS policy or because of a policer QoS configuration on the service provider network that serves to rate limit traffic accessing the WAN core. To address these issues, QoS on the CE device is applied at a per-port level. A QoS service policy is configured on the outside Ethernet interface, and this parent policy includes a shaper that then references a second or subordinate (child) policy that enables queueing within the shaped rate. This is called a hierarchical CBWFQ (HCBWFQ) configuration.
Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/Ethernet_Acces s_for_NG_MAN_WAN_V3-1_external.html
Q15. Which three features require Cisco Express Forwarding? (Choose three.)
A. NBAR
B. AutoQoS
C. fragmentation
D. MPLS
E. UplinkFast
F. BackboneFast
Answer: A,B,D
Explanation:
QoS Features That Require CEF
These class-based QoS features are supported only on routers that run CEF.
.Network Based Application Recognition (NBAR) provides intelligent network classification. For more information, refer to Network Based Application Recognition.
. The AutoQoS -VoIP feature simplifies and speeds up the implementation and provisioning of QoS for VoIP traffic. This feature is enabled with the help of the auto qos voip command. CEF must be enabled at the interface or ATM PVC before the auto qos command can be used. For more information about this feature and its prerequisites, refer to AutoQoS -VoIP.
From MPLS Fundamentals - Luc De Ghein
Why Is CEF Needed in MPLS Networks?
Concerning MPLS, CEF is special for a certain reason; otherwise, this book would not explicitly cover it. Labeled packets that enter the router are switched according to the label forwarding information base (LFIB) on the router. IP packets that enter the router are switched according to the CEF table on the router. Regardless of whether the packet is switched according to the LFIB or the CEF table, the outgoing packet can be a labeled packet or an IP packet
Reference: http://www.cisco.com/c/en/us/support/docs/asynchronous-transfer-mode-atm/ip-to-atm-class-of-service/4800-cefreq.html