Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. DRAG DROP
Drag and drop each SNMP security model and level on the left to the corresponding mode of authentication on the right.
Answer:
Q2. Refer to the exhibit.
Which statement is true?
A. The Cisco PfR state is UP; however, the external interface Et0/1 of border router 10.1.1.1 has exceeded the maximum available bandwidth threshold.
B. The Cisco PfR state is UP; however, an issue is preventing the border router from establishing a TCP session to the master controller.
C. The Cisco PfR state is UP and is able to monitor traffic flows; however, MD5 authentication has not been successful between the master controller and the border routers.
D. The Cisco PfR State is UP; however, the receive capacity was not configured for inbound traffic.
E. The Cisco PfR state is UP, and the link utilization out-of-policy threshold is set to 90 percent for traffic exiting the external links.
Answer: E
Explanation:
All three interfaces show as UP, and the capacity is set to 500 kbps, with the max threshold set to 450 kbps (90% of 500kbps).
Q3. Refer to the exhibit.
You discover that only 1.5 Mb/s of web traffic can pass during times of congestion on the given network.
Which two options are possible reasons for this limitation? (Choose two.)
A. The web traffic class has too little bandwidth reservation.
B. Video traffic is using too much bandwidth.
C. The service-policy is on the wrong interface.
D. The service-policy is going in the wrong direction.
E. The NAT policy is adding too much overhead.
Answer: A,B
Explanation:
In this example, the web traffic will fall into the default class, which is only 15 percent of the 10Mbps Internet connection (1.5Mbps). Meanwhile, video traffic is allowed 50% of the 10 Mbps.
Q4. What is the most efficient way to confirm whether microbursts of traffic are occurring?
A. Monitor the output traffic rate using the show interface command.
B. Monitor the output traffic rate using the show controllers command.
C. Check the CPU utilization of the router.
D. Sniff the traffic and plot the packet rate over time.
Answer: D
Explanation:
Micro-bursting is a phenomenon where rapid bursts of data packets are sent in quick succession, leading to periods of full line-rate transmission that can overflow packet buffers of the network stack, both in network endpoints and routers and switches inside the network. In order to troubleshoot microbursts, you need a packet sniffer that can capture traffic over a long period of time and allow you to analyze it in the form of a graph which displays the saturation points (packet rate during microbursts versus total available bandwidth). You can eventually trace it to the source causing the bursts (e.g. stock trading applications).
Reference: Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 989-994). Kindle Edition.
Q5. Refer to the exhibit.
Which configuration is missing that would enable SSH access on a router that is running Cisco IOS XE Software?
A. int Gig0/0/0
management-interface
B. class-map ssh-class
match access-group protect-ssh
policy-map control-plane-in
class ssh-class
police 80000 conform transmit exceed drop
control-plane
service-policy input control-plane-in
C. control-plane host
management-interface GigabitEthernet0/0/0 allow ssh
D. interface Gig0/0/0
ip access-group protect-ssh in
Answer: C
Explanation:
The feature Management Plane Protection (MPP) allows an administrator to restrict on which interfaces management traffic can be received by a device. This allows the administrator additional control over a device and how the device is accessed. This example shows how to enable the MPP in order to only allow SSH and HTTPS on the GigabitEthernet0/1 interface:
!
control-plane host
management-interface GigabitEthernet 0/1 allow ssh https
!
Reference: http://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html
Q6. Refer to the exhibit.
Which two routes are included in the route update? (Choose two.)
A. 10.3.0.0
B. 10.3.2.0
C. 10.3.4.0
D. 10.3.6.0
E. 10.3.3.0
Answer: C,D
Explanation:
This access list will permit the 10.3.4.0, 10.3.5.0, 10.3.6.0, and 10.3.7.0 subnets.
Q7. Which two statements about TCP are true? (Choose two.)
A. TCP option must be divisible by 32.
B. It has a 16-bit window size.
C. Its maximum data offset is fifteen 32-bit words.
D. It has a 32-bit window size.
E. Its maximum data offset is ten 32-bit words.
F. It has a 32-bit checksum field.
Answer: B,C
Q8. You are backing up a server with a 1 Gbps link and a latency of 2 ms. Which two statements about the backup are true? (Choose two.)
A. The bandwidth delay product is 2 Mb.
B. The default TCP send window size is the limiting factor.
C. The default TCP receive window size is the limiting factor.
D. The bandwidth delay product is 500 Mb.
E. The bandwidth delay product is 50 Mb.
Answer: A,C
Explanation:
1 Gbps is the same as 1000 Mbps, and 1000Mb x .0002 = 2 Mbps. With TCP based data transfers, the receive window is always the limiting factor, as the sender is generally able to send traffic at line rate, but then must wait for the acknowledgements to send more data.
Q9. Refer to the exhibit.
Which three statements about the device with this configuration are true? (Choose three.)
A. Multiple AFIs are configured on the device.
B. The authentication on 172.16.129.7 is configured incorrectly.
C. The device is configured to support MPLS VPNs.
D. This device is configured with a single AFI.
E. The authentication on 172.16.129.4 is configured incorrectly.
F. The device is configured to support L2VPNs.
Answer: A,B,C
Q10. Which flag in a configuration BPDU instructs all switches to shorten their bridge table aging process from the default 300 seconds to the current forward delay value?
A. topology change bit
B. topology change acknowledgment bit
C. priority bit
D. max-age bit
Answer: A
Explanation:
The Root Bridge continues to set the Topology Change flag (TCN bit) in all Configuration BPDUs that it sends out for a total of Forward Delay + Max Age seconds (default = 35 (20+15) seconds). This flag instructs all bridges to shorten their MAC address table (Bridge table) aging process from the default value of 300 seconds to the current Forward Delay value of the bridge (default=15 seconds). The TCA flag is set by the upstream bridge to tell the downstream bridges to stop sending TCN BPDUs. The TC flag is set in configuration BPDU by the Root Bridge to shorten the bridge table age-out period from default 300 seconds to Forward Delay seconds.
Q11. Refer to the exhibit.
Which two statements about this egress queue are true? (Choose two.)
A. The queue 3 buffer is allocated 20 percent, its drop threshold is 100 percent, and it is guaranteed 400 percent of memory.
B. The queue 1 buffer is allocated 30 percent, its drop threshold is 25 percent, and it is guaranteed 100 percent of memory.
C. The queue 1 buffer is allocated 30 percent, its drop threshold is 100 percent, and it is guaranteed 150 percent of memory.
D. The queue 2 buffer is allocated 30 percent, its drop threshold is 200 percent, and it can use at maximum 400 percent of memory.
E. The queue 3 buffer is allocated 30 percent, its drop threshold is 100 percent, and it can use at maximum 400 percent of memory.
Answer: B,D
Q12. What are the three primary components of NetFlow? (Choose three.)
A. Flow caching
B. A flow collector
C. The data analyzer
D. Flow sequence numbers
E. Cisco Express Forwarding
F. Multicast
Answer: A,B,C
Explanation:
NetFlow includes three key components that perform the following capabilities:
. Flow caching analyzes and collects IP data flows entering router or switch interfaces and prepares data for export. It enables the accumulation of data on flows with unique characteristics, such as IP addresses, application, and CoS.
. FlowCollector and Data Analysis captures exported data from multiple routers and filters and aggregates the data according to customer policies, and then stores this summarized or aggregated data. Users can leverage Cisco NetFlow collector as a flow collector, or they can opt for a variety of third-party partner products. A Graphical user interface displays and analyzes NetFlow data collected from FlowCollector files. This allows users to complete near-real-time visualization or trending analysis of recorded and aggregated flow data. Users can specify the router and aggregation scheme and desired time interval.
Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/product_data_sheet0900aecd80173f71.html
Q13. Which two options are causes of out-of-order packets? (Choose two.)
A. a routing loop
B. a router in the packet flow path that is intermittently dropping packets
C. high latency
D. packets in a flow traversing multiple paths through the network
E. some packets in a flow being process-switched and others being interrupt-switched on a transit router
Answer: D,E
Explanation:
In traditional packet forwarding systems, using different paths have varying latencies that cause out of order packets, eventually resulting in far lower performance for the network application. Also, if some packets are process switched quickly by the routing engine of the router while others are interrupt switched (which takes more time) then it could result in out of order packets. The other options would cause packet drops or latency, but not out of order packets.
Q14. Refer to the exhibit.
Which configuration can you implement on PE-1 to allow CE-1 to receive delegated IPv6 prefixes?
A)
B)
C)
D)
E)
A. Exhibit A
B. Exhibit B
C. Exhibit C
D. Exhibit D
E. Exhibit E
Answer: A
Q15. Which topology allows the split-horizon rule to be safely disabled when using EIGRP?
A. full mesh
B. partial mesh
C. hub and spoke
D. ring
Answer: C