Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Which statement about the spanning-tree portfast feature on the switch is true?
A. If an interface is enabled for portfast receives BDPU, the port goes through the spanning-tree listening, learning, and forwarding states.
B. If an interface is enabled for portfast receives BDPU, the port does not go through the spanning-tree listening, learning, and forwarding states.
C. If an interface is enabled for portfast receives BDPU, the port is shut down immediately.
D. If an interface is enabled for portfast receives BDPU, the port goes into the spanning-tree inconsistent state.
Answer: A
Q2. Refer to the exhibit.
Why is the prefix 1.1.1.1/32 not present in the routing table of R1?
A. There is a duplicate router ID.
B. There is a subnet mask mismatch on Ethernet0/0.
C. The router LSA has an invalid checksum.
D. There is an OSPF network type mismatch that causes the advertising router to be unreachable.
Answer: D
Explanation:
A common problem when using Open Shortest Path First (OSPF) is routes in the database don't appear in the routing table. In most cases OSPF finds a discrepancy in the database so it doesn't install the route in the routing table. Often, you can see the Adv Router is not-reachable message (which means that the router advertising the LSA is not reachable through OSPF) on top of the link-state advertisement (LSA) in the database when this problem occurs. Here is an example:
Adv Router is not-reachable
LS agE. 418
Options: (No TOS-capability, DC)
LS TypE. Router
Links Link State ID. 172.16.32.2
Advertising Router: 172.16.32.2
LS Seq Number: 80000002
Checksum: 0xFA63
Length: 60
Number of Links: 3
There are several reasons for this problem, most of which deal with mis-configuration or a broken topology. When the configuration is corrected the OSPF database discrepancy goes away and the routes appear in the routing table.
Reason 1: Network Type Mismatch
Let's use the following network diagram as an example:
R4-4K
R1-7010
interface Loopback0
ip address 172.16.33.1 255.255.255.255
interface Serial2
ip address 172.16.32.1 255.255.255.0
ip ospf network broadcast
router ospf 20
network 172.16.0.0 0.0.255.255 area 0
interface Loopback0
ip address 172.16.30.1 255.255.255.255
!
interface Serial1/0
ip address 172.16.32.2 255.255.255.0
clockrate 64000
router ospf 20
network 172.16.0.0 0.0.255.255 area 0
R4-4K(4)# show ip ospf interface serial 2
Serial2 is up, line protocol is up
Internet Address 172.16.32.1/24, Area 0
Process ID 20, Router ID 172.16.33.1, Network Type BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 172.16.33.1, Interface address 172.16.32.1
Backup Designated router (ID) 172.16.32.2, Interface address 172.16.32.2
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:08
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 172.16.32.2 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
R1-7010(5)# show ip ospf interface serial 1/0
Serial1/0 is up, line protocol is up
Internet Address 172.16.32.2/24, Area 0
Process ID 20, Router ID 172.16.32.2, Network Type POINT_TO_POINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:02
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 172.16.33.1
Suppress hello for 0 neighbor(s)
As you can see above, Router R4-4K is configured for broadcast, and Router R1-7010 is configured for point-to-point. This kind of network type mismatch makes the advertising router unreachable.
R4-4K(4)# show ip ospf database router 172.16.32.2
Adv Router is not-reachable
LS agE. 418
Options: (No TOS-capability, DC)
LS TypE. Router Links
Link State ID. 172.16.32.2
Advertising Router: 172.16.32.2
LS Seq Number: 80000002
Checksum: 0xFA63
Length: 60
Number of Links: 3
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID. 172.16.33.1
(Link Data) Router Interface address: 172.16.32.2
Number of TOS metrics: 0
TOS 0 Metrics: 64
Link connected to: a Stub Network
(Link ID) Network/subnet number: 172.16.32.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 64
R1-7010(5)# show ip ospf database router 172.16.33.1
Adv Router is not-reachable
LS agE. 357
Options: (No TOS-capability, DC)
LS TypE. Router Links
Link State ID. 172.16.33.1
Advertising Router: 172.16.33.1
LS Seq Number: 8000000A
Checksum: 0xD4AA
Length: 48
Number of Links: 2
Link connected to: a Transit Network
(Link ID) Designated Router address: 172.16.32.1
(Link Data) Router Interface address: 172.16.32.1
Number of TOS metrics: 0
TOS 0 Metrics: 64
You can see that for subnet 172.16.32.0/24, Router R1-7010 is generating a point-to-point link and Router R4-4K is generating a transit link. This creates a discrepancy in the link-state database, which means no routes are installed in the routing table.
R1-7010(5)# show ip route
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C 172.16.32.0/24 is directly connected, Serial1/0
C 172.16.30.1/32 is directly connected, Loopback0
Solution
To solve this problem, configure both routers for the same network type. You can either change the network type of Router R1-7010 to broadcast, or change Router R4-4K's serial interface to point-to-point.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/7112-26.html
Q3. Which two statements about the max-age time in IS-IS are true? (Choose two.)
A. The IS-IS max-age time is 20 minutes by default.
B. The IS-IS max-age time is 60 minutes by default.
C. The IS-IS max-age time increments from zero to max-age.
D. The IS-IS max-age time decrements from max-age to zero.
Answer: A,D
Q4. Which two protocols does the Management Plane Protection feature support? (Choose two.)
A. ARP
B. HTTPS
C. TFTP
D. OSPF
Answer: B,C
Q5. Which statement about the OSPF Loop-Free Alternate feature is true?
A. It is supported on routers that are configured with virtual links.
B. It is supported in VRF OSPF instances.
C. It is supported when a traffic engineering tunnel interface is protected.
D. It is supported when traffic can be redirected to a primary neighbor.
Answer: B
Explanation:
Restrictions for OSPF IPv4 Remote Loop-Free Alternate IP Fast Reroute
. The OSPF IPv4 Remote Loop-Free Alternate IP Fast Reroute feature is not supported on devices that are virtual links headends.
. The feature is supported only in global VPN routing and forwarding (VRF) OSPF
Instances.
. The only supported tunneling method is MPLS.
. You cannot configure a traffic engineering (TE) tunnel interface as a protected interface. Use the MPLS Traffic Engineering—Fast Reroute Link and Node Protection feature to protect these tunnels. For more information, see the “MPLS Traffic Engineering—Fast Reroute Link and Node Protection” section in the Multiprotocol Label Switching Configuration Guide.
. You can configure a TE tunnel interface in a repair path, but OSPF will not verify the tunnel’s placement; you must ensure that it is not crossing the physical interface that it is intended to protect.
. Not all routes can have repair paths. Multipath primary routes might have repair paths for all, some, or no primary paths, depending on the network topology, the connectivity of the computing router, and the attributes required of repair paths.
. Devices that can be selected as tunnel termination points must have a /32 address advertised in the area in which remote LFA is enabled. This address will be used as a tunnel termination IP. If the device does not advertise a /32 address, it may not be used for remote LFA tunnel termination.
. All devices in the network that can be selected as tunnel termination points must be configured to accept targeted LDP sessions using the mpls ldp discovery targeted-hello accept command.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/iro-xe-3s-book/iro-ipfrr-lfa.html
Q6. Which three statements about SPAN traffic monitoring are true? (Choose three.)
A. Traffic from a non-source VLAN is discarded when it arrives on a source VLAN.
B. Multiple sessions can send traffic to an individual destination port.
C. It supports up to 32 SPAN ports per switch.
D. The destination port acts as a normal switchport.
E. It supports up to 64 SPAN ports per switch.
F. Only one session can send traffic to an individual destination port.
Answer: A,E,F
Explanation:
You can create up to a total of 64 SPAN and ERSPAN sessions to define sources and destinations on the local device.You can also create a SPAN session to monitor multiple VLAN sources and choose only VLANs of interest to transmit on multiple destination ports.
For example, you can configure SPAN on a trunk port and monitor traffic from different VLANs on different destination ports.
You can configure a particular destination port in only one SPAN session.
Traffic from a non-source VLAN is discarded when it arrives on a source VLAN.
Reference:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/4_0/troubleshooti
ng/configuration/guide/n1000v_troubleshooting/trouble_15span.html
Q7. Which statement about OSPF multiaccess segments is true?
A. The designated router is elected first.
B. The designated and backup designated routers are elected at the same time.
C. The router that sent the first hello message is elected first.
D. The backup designated router is elected first.
Answer: D
Explanation:
According to the RFC, the BDR is actually elected first, followed by the DR. The RFC explains why: “The reason behind the election algorithm’s complexity is the desire for an orderly transition from Backup Designated Router to Designated Router, when the current Designated Router fails. This orderly transition is ensured through the introduction of hysteresis: no new Backup Designated Router can be chosen until the old Backup accepts its new Designated Router responsibilities. The above procedure may elect the same router to be both Designated Router and Backup Designated Router, although that router will never be the calculating router (Router X) itself.”
Reference: http://www.ietf.org/rfc/rfc2328.txt – Page 76
Q8. Which three protocols support SSM? (Choose three.)
A. IGMPv2
B. IGMPv3
C. IGMP v3lite
D. URD
E. CGMP
F. IGMPv1
Answer: B,C,D
Q9. In which two situations is an EIGRP hello packet sent as unicast? (Choose two.)
A. during neighbor discovery
B. when link costs change
C. when the neighbor command is used
D. when an ACK is sent
Answer: C,D
Q10. Which regular expression will only allow prefixes that originated from AS 65000 and that are learned through AS 65001?
A. ^65000_65001$
B. 65000_65001$
C. ^65000_65001
D. ^65001_65000$
Answer: D
Explanation:
The following table lists the regular expressions and their meanings:
+------------------------------------------------------+
| CHAR | USAGE |
+------------------------------------------------------|
| ^ | Start of string |
|------|-----------------------------------------------|
| $ | End of string |
|------|-----------------------------------------------|
| [] | Range of characters |
|------|-----------------------------------------------|
| - | Used to specify range ( i.e. [0-9] ) |
|------|-----------------------------------------------|
| ( ) | Logical grouping |
|------|-----------------------------------------------|
| . | Any single character |
|------|-----------------------------------------------|
| * | Zero or more instances |
|------|-----------------------------------------------|
| + | One or more instance |
|------|-----------------------------------------------|
| ? | Zero or one instance |
|------|-----------------------------------------------|
| _ | Comma, open or close brace, open or close |
| | parentheses, start or end of string, or space |
+------------------------------------------------------+
Some commonly used regular expressions include:
+-------------+---------------------------+
| Expression | Meaning |
|-------------+---------------------------|
| .* | Anything |
|-------------+---------------------------|
| ^$ | Locally originated routes |
|-------------+---------------------------|
| ^100_ | Learned from AS 100 |
|-------------+---------------------------|
| _100$ | Originated in AS 100 |
|-------------+---------------------------|
| _100_ | Any instance of AS 100 |
|-------------+---------------------------|
| ^[0-9]+$ | Directly connected ASes |
+-------------+---------------------------+
Reference: http://blog.ine.com/2008/01/06/understanding-bgp-regular-expressions/
Q11. Refer to the exhibit.
What does "(received-only)" mean?
A. The prefix 10.1.1.1 can not be advertised to any eBGP neighbor.
B. The prefix 10.1.1.1 can not be advertised to any iBGP neighbor.
C. BGP soft reconfiguration outbound is applied.
D. BGP soft reconfiguration inbound is applied.
Answer: D
Explanation:
When you configure bgp soft-configuration-inbound, all the updates received from the neighbor will be stored unmodified, regardless of the inbound policy, and these routes appear as “(received-only).”
Q12. Which two statements about IS-IS wide metrics are true? (Choose two.)
A. The wide metric is a 24-bit field.
B. The maximum link metric is 16777215.
C. R3 and R4 periodically advertise PNSP messages to synchronize the IS-IS database.
D. IS-IS devices that are enabled with wide metrics can become neighbors with a device that uses standard metrics.
E. The maximum link metric is 4261412864.
F. The maximum path metric is 16777215.
Answer: A,B
Q13. What is the function of NSF?
A. forward traffic simultaneously using both supervisors
B. forward traffic based on Cisco Express Forwarding
C. provide automatic failover to back up supervisor in VSS mode
D. provide nonstop forwarding in the event of failure of one of the member supervisors
Answer: D
Q14. DRAG DROP
Drag and drop the TACACS+ configuration command on the left to the correct function it performs on the right.
Answer:
Q15. Refer to the exhibit.
Which statement about authentication on Router A is true?
A. The router will attempt to authenticate users against TACACS+ only.
B. The router will attempt to authenticate users against the local database only.
C. The router will attempt to authenticate users against the local database first, and fall back to TACACS+ if the local database authentication fails.
D. The router will authenticate users against the default database only.
E. The router will attempt to authenticate users against TACACS+ first, and fall back to the local database if the TACACS+ authentication fails.
Answer: E