CCNP (300 101) 2019.02.26 320Qs PDF

CCNP(300-101)题库V2.0（2019.02.
26）精简版
Number: 300-101
Passing Score: 790
Time Limit: 120 min
File Version: 2.0
CCNP（300-101)题库V2.0 题库（2019.02.26）
CCNP题库战报QQ交流群：138131305
CCNP最新题库战报地址：http://bbs.hh010.com/forum-263-1.htm
下载官方正版题库、看最新考试战报，请随时关注鸿鹄论坛 http://bbs.hh010.com
思科华为考试报名全国优惠，报名请联系鸿鹄全国区客服
QQ 613523101
QQ 613523103
QQ 613523105
QQ 613523107
QQ 613523108
QQ 613523109
鸿鹄论坛官方淘宝店铺：http://hh010.taobao.com/
鸿鹄论坛官方微信公众号：
Sections
Exam A
QUESTION 1
Which two options are benefits of BGP peer groups?(Choose two)
A. A Configuration change can be applied simultaneously to all peers in the peer group
B. They cam optimize backbone routers
C. They can be updated via multicast
D. Each neighbor in a peer group can have different inbound BGP policies
E. The use soft update to minimize bandwidth consumption
F. They support groups of paths
Correct Answer: AD
Section: part 1
Explanation
Explanation/Reference:
QUESTION 2
Where must a network engineer configure the ip helper-address command on a router？
A. On the interface that will receive the broadcasts

B. On the DHCP configuration
C. the interface that is closed to the destination DHCP server
D. on the global configuration mode
Correct Answer: A
Section: part 1
Explanation
QUESTION 3
Which adverse circumstance can the TTL feature prevent ？
A. routing loops
B. DoS attacks
C. link saturation
D. CAM table overload
Correct Answer: A
Section: part 1
Explanation
QUESTION 4
which of the following situations results in a routing loop ?
A. when you have a single point of redistribution

B. when you use NAT translation on the edge of your network
C. when you implement contiguous IP routing blocks
D. when you implement noncontiguous IP routing blocks
E. when you have multiple points of redistribution
Correct Answer: E
Section: part 1
Explanation
QUESTION 5
Which type of address does OSPFv3 uses to form neighbor adjancises and to send
LSAs?
A. unicast addresses
B. tank-local addresses
C. unicast IPv4 addresses
D. unicast address FF02：5
Correct Answer: A
Section: part 1
Explanation
QUESTION 6
A network engineer configures two connected routers to run OSPF in Area 0; however, the routers fail to
establish adjacency. Which option is one of the caused for this issue?
A. Area numbers match.

B. OSPF process numbers do not match on both neighbor routers.
C. The Same MTU sizes are configured on both sides.
D. The Same OSPF router IDs are configured on both routers.
Correct Answer: D
Section: part 1
Explanation
QUESTION 7
What is the maximum number of hops on a router that RIPng advertises as reachable?
A. 15
B. 255
C. 30
D. 99
Correct Answer: A
Section: part 1
Explanation
QUESTION 8
Which feature can mitigate fragmentation issues within network segments that are between GRE
endpoints?
A. PMTU
B. ICMP DF bit
C. TCP Flow Control
D. TCP MSS
Correct Answer: D
Section: part 1
Explanation
QUESTION 9
Which two features were added in MSCHAP version 2?(Choose two)
A. Mutual authentication between peers.

B. Using the MD5 hash for stronger security
C. Using three-way handshakes for authentication.
D. Ability to change an expired password
E. Backward-compatibility with MSCHAP version 1
Correct Answer: AD
Section: part 1
Explanation
QUESTION 10
which SNMP verification command shows the encryption and authentication protocols that are used in
SNMPV3?
A. show snmp group

B. show snmp user
C. show snmp
D. show snmp view
Correct Answer: B
Section: part 1
Explanation
QUESTION 11
Which location within the network is preferred when using a dedicated router for Cisco IP SLA operations?
A. provider edge
B. user edge
C. access edge
D. distribution edge
Correct Answer: A
Section: part 1
Explanation
QUESTION 12
R1 and R2 are unable to establish an EIGRP adjacency.
Which action corrects the problem?
A. Change the eigrp route-id on one of the routers so that values on the two routers are diffrent
B. Add the no auto-summary command to the R2 configuration so that it matches the R1 connfiguration
C. Change the autonomous system number on one of the routers so that each router has diffrerent values
D. Change the IP address and subnet mask on R2 so that is on the same subnet as R1.
Correct Answer: D
Section: part 1
Explanation
QUESTION 13
Which two statements about PPPoE packet types are true? (Choose two.)
A. PADR is a broadcast packet sent from the client to request a new server
B. PADI is an initialization packet sent as a broadcast message.
C. PADO is a unicast reply packet sent to the client
D. PADO is a broadcast reply packet sent to the client
E. PADR is a unicast confirmation packet sent to the client.
Correct Answer: BC
Section: part 1
Explanation
QUESTION 14
How big is the smallest packet than will always be fragmented on a standart Ethernet network with default
configuration?
A. 1500 bytes
B. 1800 bytes
C. 2048 bytes
D. 2100 bytes
Correct Answer: B
Section: part 1
Explanation
QUESTION 15
which two statement about GRE tunnel interfaces are true?(choose two)
A. A tunnel can be established when a source the source interface is in the up/down state
B. A tunnel Destination must be Routable, but it can be unreachable
C. To establish a tunnel the source interface must be a loopback
D. To Establish a tunnel the source interface must be up/up state
E. A tunnel destination must be a physical interface that is on up/up state
Correct Answer: BD
Section: part 1
Explanation
QUESTION 16
Which correct three causes of unicast flooding are true? (Choose tree)
A. forwarding table overflow

B. changes in STP topology
C. symmetric routing
D. consistent STP topology
E. asymmetric routing
Correct Answer: ABE

Section: part 1
Explanation
QUESTION 17
Which functions are included in the two-message rapid exchange that a DHCP client can receive from a
server?
A. solicit and reply

B. advertise and request
C. solicit and request
D. advertise and reply
Correct Answer: A
Section: part 1
Explanation
QUESTION 18
Refer to the exhibit. Which networking challenge is the most important issue to address to enable optimal
communication between the networks at company A and company B?
A. IPv4 fragmentation
B. unicast flooding
C. asymmetric routing
D. UDP latency
E. IPV4 MTU
Correct Answer: C
Section: part 1
Explanation
QUESTION 19
Which STP feature can reduce TCNs on ports that are connected to end devices?
A. BPDU guard
B. Root guard
C. PortFast
D. BackboneFast
Correct Answer: C
Section: part 1
Explanation
QUESTION 20
You want to configure a device to select an OSPF-learned route as the preferred path over an EBGP-
learned route Which action must you take?
A. Increase the OSPF cost

B. Decrease the OSPF cost
C. Increase the OSPF administrative distance
D. Decrease the OSPF administative distance
Correct Answer: D
Section: part 1
Explanation
QUESTION 21
Which two statements about NTP operation are true? (Choose two.)
A. If multiple NTP servers are configured, the one with the lowest stratum is preferred
B. By default, NTP communications use UDP port 123.
C. If multiple NTP servers are configured, the one with the highest stratum is preferred.
D. Locally configured time overrides time received from an NTP server.
E. “Stratum” refers to the number of hops between the NTP client and the NTP server.
Correct Answer: AB
Section: part 1
Explanation
NTP is designed to synchronize the time on a network of machines. NTP runs over the User Datagram
Protocol (UDP), using port 123 as both the source and destination, which in turn runs over IP. NTP Version
3 RFC 1305 leavingcisco.com is used to synchronize timekeeping among a set of distributed time servers
and clients. A set of nodes on a network are identified and configured with NTP and the nodes form a
synchronization subnet, sometimes referred to as an overlay network. While multiple masters (primary
servers) may exist, there is no requirement for an election protocol.
An NTP network usually gets its time from an authoritative time source, such as a radio clock or an atomic
clock attached to a time server. NTP then distributes this time across the network. An NTP client makes a
transaction with its server over its polling interval (from 64 to 1024 seconds) which dynamically changes
over time depending on the network conditions between the NTP server and the client. The other situation
occurs when the router communicates to a bad NTP server (for example, NTP server with large
dispersion); the router also increases the poll interval. No more than one NTP transaction per minute is
needed to synchronize two machines. It is not possible to adjust the NTP poll interval on a router.
NTP uses the concept of a stratum to describe how many NTP hops away a machine is from an
authoritative time source. For example, a stratum 1 time server has a radio or atomic clock directly
attached to it. It then sends its time to a stratum 2 time server through NTP, and so on. A machine running
NTP automatically chooses the machine with the lowest stratum number that it is configured to
communicate with using NTP as its time source. This strategy effectively builds a self-organizing tree of
NTP speakers. NTP performs well over the non-deterministic path lengths of packet-switched networks,
because it makes robust estimates of the following three key variables in the relationship between a client
and a time server
http://www.cisco.com/c/en/us/support/docs/availability/high-availability/19643-ntpm.html
QUESTION 22
After reviewing to EVN configuration, a network administrator notices that a predefined
BVN,
which is known as" vnet global" was configured. What is the purpose of this EVM?
A. It defines the routing scope fr each particular EVN edge interface.

B. It aggregates and canes all dop1q tagged traffic
C. It refer to the global routing context and corresponds to the default RIB.
D. t safeguard the virtual network that is preconfigured to avoid mismatched routing
instances.
Correct Answer: C
Section: part 1
Explanation
QUESTION 23
Which security feature can protect DMVPN tunnels?
A. IPsec
B. TACACS+
C. RTBH
D. RADIUS
Correct Answer: A
Section: part 1
Explanation
QUESTION 24
Refer to the exhibit.
Which statements describes the effect of this configuration on a Cisoc router?
A. The default router through 10.0.1 is never used

B. The default router through 192.168.0.1 is used only when 10.0.0 is unreachable.
C. The default router through 10.0.0.1 only when 192.168.0.1 is unreachable.
D. The default router through 192.168.0.1 is never used.
Correct Answer: B
Section: part 1
Explanation
QUESTION 25
A network engineer has configured an IOS router to synchronize its clock with a Windows server. After
several minutes, the network engineer notices that the local time on the router does not match the time on
the Windows server. What is the reason for this?
A. Either a firewall between the two devices or an ACL on the router is blocking UDP port 958
B. Either a firewall between the two devices or an ACL on the router is blocking TCP port 123
C. Either a firewall between the two devices or an ACL on the router is blocking TCP port 958
D. Either a firewall between the two devices or an ACL on the router is blocking UDP port 123
Correct Answer: D
Section: part 1
Explanation
QUESTION 26
In which scenario can asymmetric routing occur?
A. active/active firewall setup
B. single path in and out of the network.
C. active/standby firewall setup
D. redundant routers running VRRP
Correct Answer: D
Section: part 1
Explanation
QUESTION 27
Which feature or technology is supported with stateful NAT64 ?
A. IP multicast
B. NAT44 and NAT64 on the same interface
C. VFR
D. FTP and ICMP on an application layer gateway
Correct Answer: C
Section: part 1
Explanation
QUESTION 28
Other than a working EIGRP configuration, which option must be the same on all routers
for EIGRP authentication key rolleover to work correctly?
A. SMTP
B. SNMP
C. Passwords
D. Time
Correct Answer: D
Section: part 1
Explanation
Router3(config)#key chain ROLLOVER
Router3(config-keychain)#key 1
Router3(config-keychain-key)#accept-lifetime 00:00:00 Jan 1 2013 01:00:00 Jan 1 2014
Router3(config-keychain-key)#send-lifetime 00:00:00 Jan 1 2013 01:00:00 Jan 1 2014
Router3(config-keychain)#key 2
Router3(config-keychain-key)#accept-lifetime 23:00:00 Dec 31 2013 01:00:00 Jan 1 2015
Router3(config-keychain-key)#send-lifetime 23:00:00 Dec 31 2013 01:00:00 Jan 1 2015
QUESTION 29
Which two options are benefits of BGP peer groups?(Choose two)
A. A Configuration change can be applied simultaneously to all peers in the peer group
B. They cam optimize backbone routers
C. They can be updated via multicast
D. Each neighbor in a peer group can have different inbound BGP policies
E. The use soft update to minimize bandwidth consumption
F. They support groups of paths
Correct Answer: AD
Section: part 1
Explanation
QUESTION 30
% Interface GigabitEthernet1 IPv4 disabled and address(es) removed due to enabling VRF CUST_A
Refer to the exhibit An engineer is enabling VPN service for a customer and notices this output when
placing the customer-facing interface into a VRF Which action corrects the issue?
A. Reconfigure the IP address on Gigabit Ethernet 1

B. Disabling the VRF CUST_A
C. Reset interface Gigabit Ethernet 1
D. bling IPv6 on the interface
Correct Answer: A
Section: part 1
Explanation
QUESTION 31
A network engineer recently deployed Easy Virtual Networking in the enterprise network.
Which feature improves shared services support?
A. edge interfacing
B. tunnel feedback
C. route replication
D. route redistribution
Correct Answer: C
Section: part 1
Explanation
QUESTION 32
Which two effects of symmetric routing are true? (Choose two)
A. unicast flooding
B. uRPF failure
C. errdisabling of ports
D. port security violations
E. excessive STP reconvergence
Correct Answer: AB
Section: part 1
Explanation
QUESTION 33
Which two statements about NAT in a DMVPN environment are true?(Choose two)
A. a hub router can be behind a dynamic NAT on a device.

B. Spoke routers can reside only on the public side of a NAT device.
C. Two spokes can establish session among themselves using PAT behind different NAT devices.
D. A spoke router can be represented by a static NAT on a device.
E. A hub router can user static NAT for its public UP address.
Correct Answer: DE
Section: part 1
Explanation
QUESTION 34
Which three methods can a network engineer use to fix a metric based routing loop in the network.(choose
three)
A. Implement offset lists at network boundaries

B. Filter routes manually using distribute lists
C. Filter routes manually using prefix lists
D. Implement proper network summarisation on key routing points
E. Filter routes based on tags
F. Utilise root database filters
Correct Answer: ABE

Section: part 1
Explanation
QUESTION 35
A network engineer executes the command show ip eigrp vrf purple topology.
Which type of information is displayed as a result?
A. routes for a global routing table

B. updates that were sent for a specific routing table
C. active neighbors for a global routing table
D. route successors for a specific routing table
Correct Answer: D
Section: part 1
Explanation
QUESTION 36
Which statement about spilt-horizon rule for distance vector routing protocols are true?
A. A router advertises a route to an unreachable network with an infinite metric.

B. A router does not advertise routes to any neighboring router.
C. A router advertises routes back out the interface on which it learned them with an
mfirrte metric.
D. A router does not advertise routes back out the interface on which it learned them.
Correct Answer: A
Section: part 1
Explanation
QUESTION 37
Which two statements about Frame Relay Point-to-Point connections are true? (Choose two.)
A. Changing a point-to-point sub interface to a different type requires the device to be reloaded.
B. They use two DLCIs to communicate with multiple endpoints over the Frame Relay cloud.
C. The device can establish a point-to-point connection to the cloud without a DLCI.
D. They can operate normally without a DLCI map.
E. Each physical interface that extends to the Frame Relay cloud can support a single SVC.
Correct Answer: AB
Section: part 1
Explanation
QUESTION 38
You have correctly identified the inside and outside interfaces in the NAT configuration of
this device.
Which effect of the configuration is true?
A. static NAT
B. dynamic NAT
C. PAT
D. NAT64
Correct Answer: C
Section: part 1
Explanation
QUESTION 39
Refer to the exhibit Which statement describes the effect of this configuration on a Cisco router?
A. The default route through 192.168.0.1 is used only when 10.0.0.1 is unreachable.
B. The default route through 192 168 0.1 is never used
C. The default route through 10.0.0.1 is used only when 192.168 0.1 is unreachable D
D. The default route through 10 0.0.1 is never used
Correct Answer: A
Section: part 1
Explanation
QUESTION 40
Considering the IPv6 address independence requirements, which process do you avoid
when you use
NPTv6 for translation?
A. rewriting of higher layer information

B. checksum verification
C. ipv6 duplication and conservation
D. IPSEC AH header modification
Correct Answer: A
Section: part 1
Explanation
The IPv6-to-IPv6 Network Prefix Translation (NPTv6) serves as a useful mechanism for implementing
address independence in an IPv6 environment. A major benefit associated with NPTv6 is the fact that
it avoids the requirement for an NPTv6 Translator to rewrite the transport layer headers which
reduces the load on network devices.
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-16/nat-xe-16-book/
iadnat-asr1k-nptv6.html
QUESTION 41
Which statement about conditional debugging is true?
A. It can support only one condition at a time

B. You can limit the output to a specific interface
C. It generates debug messages only for packets entering the router
D. It is limited to Ethernet, serial, and multilink interfaces
Correct Answer: B
Section: part 1
Explanation
QUESTION 42
Which type of information is displayed when a network engineer executes the show track 1 command on
the
router?
A. information about tracking list 1

B. information about the IP route track table.
C. time to next poll for track object 1
D. tracking information statistics.
Correct Answer: A
Section: part 1
Explanation
QUESTION 43
Which two statements about EVN are true?（choose two）
A. It supports IPv6 traffic.

B. It can support up to 16 VNs.
C. It uses redistribution to share routes between VNs.
D. It supports SSM only.
E. A configuration can be based on an existing VRF configuration
Correct Answer: AE
Section: part 1
Explanation
QUESTION 44
Which three algorithms can you configure with the ip cef load-sharing algorithm command?(Choose three)
A. Tunnel
B. Universal
C. Include-ports
D. Source
E. Destination
Correct Answer: ABC

Section: part 1
Explanation
QUESTION 45
Which two statements about uRPF are true? (Choose two)
A. The Keyword any can be used with both strict mode and loose mode
B. Strict mode may drop legitimate traffic.
C. tt is enabled globally.
D. Strict mode is most appropriate for networks with asymmetric routing.
E. Loose mode may drop traffic when asymmetric routing occurs on the network
F. It is enabled on a per interface basis.
Correct Answer: BF
Section: part 1
Explanation
QUESTION 46
Which two statements about AAA with the local database are true?(Choose two)
A. The local database can serve only as a backup authentication method

B. It support a limited number of username and passwords
C. Accounting is not supported locally
D. By default, it is queried before a TACACS+ or RADIUS server
E. Authorization is available only for one-time-use logins
Correct Answer: BC
Section: part 1
Explanation
QUESTION 47
A Network engineer wants a NTP Client to be able to update the local system without
updating or synchronizing with the remote system. Which keyboard for the ntp access-
grup
command is needed to accomplish this?
A. server
B. peer
C. query-only
D. server-only
Correct Answer: A
Section: part 1
Explanation
QUESTION 48
Which problem can be caused by latency on a UDP stream？
A. The device that sends the stream is forced to hold data in the buffer for a longer period of time.
B. The overall throughput of the stream is decreased.
C. The device that receives the stream is forced to hold data in the buffer for a longer period of time.
D. The devices at each end of the stream are forced to negotiate a smaller window size.
Correct Answer: C
Section: part 1
Explanation
QUESTION 49
What happens when two EIGRP peers have mismatched K values?
A. The two devices fail to from an adjacency

B. The two devices fail to perform EIGRP graceful shutdown when one device goes down
C. The two devices are unable to correctly perform equal-cost routing
D. The two devices are unable to correctly perform unequal-cast load balancing
Correct Answer: A
Section: part 1
Explanation
QUESTION 50
Which two causes of latency are true? (Choose two)
A. High bandwidth on a link

B. Split horizon
C. Propagation delay
D. Serialization delay
E. Under-utilization of a link
Correct Answer: CD
Section: part 1
Explanation
QUESTION 51
(exhibit missing)
Which key chain is being used for authentication of EIGRP adjacency between R4 and
R2?
A. KEY
B. MD5
C. EIGRP
D. CISCO
Correct Answer: D
Section: part 2
Explanation
QUESTION 52
Refer to the exhibit. Router DHCP is configured to lease IPv4 and IPv6 addresses to clients on ALS1 and
ALS2. Clients on ALS2 receive IPv4 and IPv6 addresses. Clients on ALS1 receive IPv4 addresses. Which
configuration on DSW1 allows clients on ALS1 to receive IPv6 addresses?
A. DSW1 (config-if)# ipv6 helper address 2002:404:404::404:404
B. DSW1 (config)#ipv6 route 2002:404:404::404:404/128 FastEthernet 1/0
C. DSW1 (dhcp-config)# default-router 2002:A04:A01::A04:A01
D. DSW1 (config-if)# ipv6 dhcp relay destination 2002:404:404::404:404 GigabitEthernet 1/2
Correct Answer: D
Section: part 2
Explanation
QUESTION 53
Which command instruct a PPPoE client to obtain its IP address from the PPPoe server?
A. Interface dialer
B. ip address negotiated
C. pppoe enable
D. Ip address DHCP
E. Ip address dynamic
Correct Answer: B
Section: part 2
Explanation
QUESTION 54
You are configuring a Microsoft client to call a PPP server using CHAP. Only the client will be
authenticated,but the client's password has expired and must be changed. Which PPP server configuration
allows the call to be completed?
A. ppp authentication chap callin

B. ppp authentication chap
C. ppp authentication ms-chap-v2
D. ppp authentication ms-chap-v2 callin
E. ppp authentication ms-chap callin
Correct Answer: D
Section: part 2
Explanation
QUESTION 55
Which set of actions does a network engineer perform to set the IPv6 address of a DHCP relay server
at the VLAN interface level?
A. Enter the VLAN interface configuration mode and define the IPv6 address of a DHCP relay server
B. Enter the global configuration mode and enable the IPv6 DHCP relay
C. Enter the global configuration mode, enable IPv6 DHCP relay from interface configuration mode
and define the IPv6 address of a DHCP relay server
D. Enter the VLAN interface configuration mode, enable IPv6 DHCP relay, and define the IPv6 address
of a DHCP relay server
Correct Answer: D
Section: part 2
Explanation
QUESTION 56
Refer to the exhibit.How can you configure a second export destination for IP address 192.168.10.1?
A. specify a different TCP port

B. specify a different UDP port
C. specify a VRF
D. configure a version 5 flow-export to the same destination
E. specify a different flow ID
Correct Answer: C
Section: part 2
Explanation
QUESTION 57
What is VRF-Lite?
A. VRF without independent routing tables

B. VRF without MPLS
C. VRF without Cisco Express Forwarding switching
D. VRF without VPN
Correct Answer: B
Section: part 2
Explanation
QUESTION 58
When OSPF is forming an adjacency, in which state does the actual exchange of the
information in the link-state database occur?
A. INIT
B. loading
C. exstart
D. exchange
Correct Answer: B
Section: part 2
Explanation
QUESTION 59
Which access list entry check for an ACK within a packet TCP header?
A. access-list 49 permit ip any any eq 21 tcp-ack

B. access-list 49 permit tcp any any eq 21 tcp-ack
C. access-list 149 permit tcp any any eq 21 established
D. access-list 49 permit tcp any any eq 21 established
Correct Answer: C
Section: part 2
Explanation
QUESTION 60
Which two features does RADIUS combine? (choose two)
A. telnet
B. authentication
C. accounting
D. authorization
E. SSH
Correct Answer: BD
Section: part 2
Explanation
QUESTION 61
Which statement is true about an edge interface in relation to the Cisco Easy Virtual Network?
A. An edge interface is used to differentiate VRF instances.

B. An edge interface connects to end devices such as hosts and servers that are VRF-aware.
C. An edge interface connects a user device to the EVN while defining the EVN boundaries.
D. An edge interface is configured using the vnet trunk command under the switched virtual interface
Correct Answer: C
Section: part 2
Explanation
QUESTION 62
Which two statements about the enable secret and enable password commands are true? (Choose two)
A. The both commands are missing from the global configuration, vtp lines use the console password
B. The enable secret command overrides enable password
C. The enable password command has a stronger encryption algorithm than enable secret
D. The enable secret command is backwards-compatible with more version of IOS
E. The enable secret and enable password commands must be used together
Correct Answer: AB
Section: part 2
Explanation
QUESTION 63
Which routes from OSPF process 5 are redistributed into EIGRP?
A. E1 and E2 subnets matching access list TO-OSPF

B. E1 and E2 subnets matching prefix list TO-OSPF
C. only E2 subnets matching access list TO-OSPF
D. only E1 subnets matching prefix listTO-OS1
Correct Answer: D
Section: part 2
Explanation
QUESTION 64
Which Cisco Express Forwarding component maintains Layer 2 addressing information?
A. dCEF
B. adjacency table.
C. FIB
D. fast switching
E. RIB
Correct Answer: B
Section: part 2
Explanation
Adjacency TablesNodes in the network are said to be adjacent if they can reach each other with a single
hop across a link layer. In addition to the FIB, CEF uses adjacency tables to prepend Layer 2 addressing
information. The adjacency table maintains Layer 2 next-hop addresses for all FIB entries.
http://www.cisco.com/c/en/us/td/docs/ios/12_2/switch/configuration/guide/fswtch_c/xcfcef.html
QUESTION 65
Which command is implemented to display log messages with a timestamp that includes
the length of time since the device was last rebooted?
A. service timestamps log uptime

B. logging facility 20
C. service timestamps debugging localtime msec
D. logging console errors
E. logging monitor 7
F. service timestamps log datetime msec
Correct Answer: A
Section: part 2
Explanation
QUESTION 66
A network engineer is enabling conditional debugging and execute two command，
debug condition interfaces serial0/0 and debug condition interfaces serial 0/1.
Which debugging output is displayed as a result?
A. interface cannot be used as a debug condition

B. Output is display for both specified interfaces
C. Output is display for interface serial 0/1 only
D. Output is display for interface 0/0 only.
Correct Answer: B
Section: part 2
Explanation
QUESTION 67
Which command sequence can you enter on a router to configure Unicast Reverse Path Forwarding in
loose mode?
A. interface GigabitEthernet0/0
ip verify unicast source reachable-via all
B. interface GigabitEthernet0/0
ip verify unicast source reachable-via loose
C. interface GigabitEthernet0/0
ip verify unicast source reachable-via any
D. interface GigabitEthernet0/0
ip verify unicast source reachable-via rx
Correct Answer: C
Section: part 2
Explanation
QUESTION 68
You want router r1 to perform unequal-cost routing to the 172.168.10.0/24 network.
What is the smallest EIGRP variance value that you can configure on R1 to achieve this result?
A. 1
B. 2
C. 3
D. 4
Correct Answer: C
Section: part 2
Explanation
QUESTION 69
In SNMP v3, which security level provides encryption of the data?
A. authMember
B. noAuthNoPriv
C. authNoPriv
D. authPriv
Correct Answer: D
Section: part 2
Explanation
QUESTION 70
Which two features are provided by EIGRP for IPv6? (choose two)
A. Backbone areas
B. SPF algorithm
C. Partial updates
D. Area border router
E. Scaling
Correct Answer: CE
Section: part 2
Explanation
QUESTION 71
What is the role of a route distinguisher via a VRF-Lite setup implementation?
A. It extends the IP address to identify which VFP instance it belongs to.

B. It manages the import and export of routes berween two or more VRF instances
C. It enables multicast distribution for VRF-Lite setups to enhance EGP routing protocol capabilities
D. It enables multicast distribution for VRF-Lite setups to enhance IGP routing protocol capabilities
Correct Answer: A
Section: part 2
Explanation
QUESTION 72
Which calculation is used to determine the default EIGRP metric?
A. Bandwidth+Delay
B. Bandwidth*Delay
C. Bandwidth-Delay
D. Bandwidth/Delay
Correct Answer: A
Section: part 2
Explanation
QUESTION 73
Which configuration parameter is invalid when configuration unicast reverse path
forwarding?
A. allow self ping to router

B. allow default route
C. allow based on ACL match
D. source reachable via both
Correct Answer: D
Section: part 2
Explanation
QUESTION 74
You are configuring a static route. Which action must you take to avoid the possibilitiy of recursive row
A. Use the ip route command to specify the next-hop IP address only

B. Specify the next hop a directly connected interface
C. Use the ip route command to specify both the next-hop IP address and the connected interface
D. User the ip route command to specify the connected interface only
Correct Answer: C
Section: part 2
Explanation
QUESTION 75
which two protocols are required for DMVPN?(choose two)
A. IPsec
B. PPTP
C. mGRE
D. NHRP
E. Open VPN
Correct Answer: CD
Section: part 2
Explanation
QUESTION 76
Which criterion does the BGP maximum paths feature use for load balancing?
A. MED
B. local preference
C. weight
D. router ID
Correct Answer: C
Section: part 2
Explanation
QUESTION 77
Which NAT command do you enter to disable dynamic ARP learning on an interface?
A. R1(config-if)#ip nat enable

B. R1(config-if)#ip nat inside
C. R1(config)#ip nat serive
D. R1(config-if)#ip nat outside
E. R1(config)#ip nat allow-static-host
Correct Answer: E
Section: part 2
Explanation
QUESTION 78
which two options are limitations of Stateful NAT64?(choose two)
A. it is unable to route VRF traffic

B. it is unable to route multicast traffic
C. it supports FTP traffic only with an ALG
D. it supports DNS64 only
E. layer 4 supports TCP only
Correct Answer: AB
Section: part 2
Explanation
QUESTION 79
Which criterion does BGP evaluate first when determine the best path?
A. MED value
B. neighbor address
C. local prefence value
D. weight
Correct Answer: D
Section: part 2
Explanation
QUESTION 80
Which password takes precedence if you configure multiple passwords for Telnet connections to a Cisco
IOS device?
A. Console line password

B. Enable secret password
C. Enable password
D. Aux line password
Correct Answer: B
Section: part 2
Explanation
QUESTION 81
Refer to Exhibit:
Which three NTP features can be deduced on the router? (choose three)
A. only accepts time requests from 192.168.1.1

B. only handle four requests at a time
C. only is in stratum 4
D. only updates its time from 192.168.1.1
E. only accepts time requests from 192.168.1.4
F. only updates its time from 192.168.1.4
Correct Answer: ACF

Section: part 2
Explanation
IOS router defines the following four types of access for NTP:
1) Peer – permits router to respond to NTP requests and accept NTP updates. NTP control queries
are also accepted. This is the only class which allows a router to be synchronized by other
devices.
2) Serve – permits router to reply to NTP requests, but rejects NTP updates (e.g. replies from a
server or update packets from a peer). Control queries are also permitted.
3) Serve-only – permits router to respond to NTP requests only. Rejects attempt to synchronize local
system time, and does not access control queries.
4) Query-only – only accepts NTP control queries. No response to NTP requests are sent, and no local
system time synchronization with remote system is permitted.
QUESTION 82
A router with default RIPv2 settings loses connectivity to it's next-hop neighbor.
How long downs the router wait before removing the route to the next hop from its route table?
A. 30 secconds
B. 60 secconds
C. 180 secconds
D. 240 secconds
Correct Answer: D
Section: part 2
Explanation
QUESTION 83
Which condition must be met before two EVN devices can connect ?
A. One VLAN interface must be configured between devices

B. An EtherChannel configured with at least two interfaces connected between the devices.
C. A trunk interface must be configured between devices
D. A fiber connection must be established betwwrn the devices.
Correct Answer: C
Section: part 2
Explanation
QUESTION 84
Which OSPF network type uses a DR?
A. Nonbroadcast multi-access
B. point-to-multipoint
C. point-to-point
D. point-to-point nonbroadcast
Correct Answer: A
Section: part 2
Explanation
QUESTION 85
which two options are components of a dual stack?(choose two)
A. EIGRP
B. OSPF
C. IPV6 traffic
D. IPv4 traffic
E. layer 3 switch
F. layer 2 switch
Correct Answer: CD
Section: part 2
Explanation
QUESTION 86
Which two LSA types were introduced to support OSPF for IPv6? (Choose two.)
A. type 9
B. type 10
C. type 5
D. type 7
E. type 8
Correct Answer: AE
Section: part 2
Explanation
QUESTION 87
Router# show processes cpu sorted
Router# show processes memory sorted
Refer to the exhibit Based on Cisco best practice, which statement about the output is true?
A. A The output should be analyzed by a network engineer before allocating additional memory and CPU
usage to processes on an IOS router in production
B. The output should be analyzed by a network engineer before executing any configuration commands
on an IOS router in production
C. The output should be analyzed by a network engineer before executing any debug commands on an
IOS router in production
D. The output should be analyzed by a network engineer before executing other show commands on an
IOS router in production
Correct Answer: C
Section: part 2
Explanation
QUESTION 88
Refer to the exhibit. After configuring GRE between two routers running OSPF that are connected to each
other via a WAN link, a network engineer notices that the two routers cannot establish the GRE tunnel to
begin the exchange of routing updates. What is the reason for this?
A. Either a firewall between the two routers or an ACL on the router is blocking IP protocol number 47.
B. Either a firewall between the two routers or an ACL on the router is blocking UDP 57.
C. Either a firewall between the two routers or an ACL on the router is blocking TCP 47.
D. Either a firewall between the two routers or an ACL on the router is blocking IP protocol number 57.
Correct Answer: A
Section: part 2
Explanation
QUESTION 89
A Customer asks its service provider for VPN support for IPv4 and IPv6 address families. Which command
enables a VRF that supports these requirements?
A. Router(config-vrf)#route-target 004:006
B. Router(config)#ip vrf CUSTOMER
C. Router(config)#vrf definition CUSTOMER
D. Router(config-vrf)#rd 004:006
Correct Answer: C
Section: part 2
Explanation
QUESTION 90
Which statement about stateless and stateful IPv6 autoconfiguration are true?
A. Both stateless and stateful autoconfiguration require additional setup

B. Stateless autoconfiguration requires no additional setup, whereas stateful autoconfiguration requires
additional setup
C. Stateless autoconfiguration requires additional setup, whereas stateful autoconfiguration requires no
additional setup
D. Both stateless and stateful autoconfiguration require no additional setup
Correct Answer: A
Section: part 2
Explanation
QUESTION 91
Which option is the minimum privilege level that the allows the user to execute all user-level commands but
prohibits enable-level commands by default?
A. Level 1
B. Level 0
C. Level 14
D. Level 15
Correct Answer: A
Section: part 2
Explanation
QUESTION 92
Which task must you perform to enable a point-to-point Frame Relay connection ?
A. Configure the encapsulation type

B. Disable inverse ARP
C. Enable inverse ARP
D. Configure static address mapping
Correct Answer: A
Section: part 2
Explanation
QUESTION 93
A network engineer wants to monitor hop-by-hop response time on the network. Which IP SLA operation
accomplishes this task?
A. UDP echo
B. TCP echo
C. ICMP path echo
D. ICMP path jitter
Correct Answer: C
Section: part 2
Explanation
QUESTION 94
When an EIGRP router discovers a new neighbor, which packet type does the router send to help the
neighbor build its topology table?
A. Replies
B. Requests
C. Updates
D. Queries
Correct Answer: C
Section: part 2
Explanation
QUESTION 95
Which protocol does VRF-Lite support?
A. IS-IS
B. ODR
C. EIGRP
D. IGRP
Correct Answer: C
Section: part 2
Explanation
QUESTION 96
Which adverse event can occur as a consequence of asymmetric routing on the network?
A. vulnerability to a man-in the - middle atack

B. inadventent HSRP active router preemption
C. errdisabled port
D. unicast flooding
Correct Answer: D
Section: part 2
Explanation
QUESTION 97
Which technology supports overlapping IP address on a single interface?
A. policy-based routing
B. VRF-Lite
C. On-Demand Routing
D. QoS
Correct Answer: B
Section: part 2
Explanation
QUESTION 98
Which option is an invalid redistribute command option for redistributing routers from EIGRP into OSPF?
A. router map
B. tag
C. access list
D. metric
Correct Answer: C
Section: part 2
Explanation
QUESTION 99
Which command creates a manual summary on an Interface when using EIGRP?
A. A area 100 range 172.32.0.0 255.255.254 0

B. summary-address eigrp 100 172.32.0.0 255 255.254 0
C. ip summary-address eigrp 100 172.32.0.0 255.255 254 0
D. ip summary-address 100 172.32.0.0 255.255.254.0
Correct Answer: C
Section: part 2
Explanation
QUESTION 100
interface gigabitethernet 2/0/0
vnet trunk
ip address 192.168.1.1 255.255.255.0
vnet name cisco
Which effect of this configuration is true?
A. It designares the interface as a GRE tunnel endpoint

B. It configures 802.1q trunking on the interface
C. It designates the interface as an EVN trunk
D. It removes VTP from the interface
Correct Answer: C
Section: part 2
Explanation
QUESTION 101
During which DMVPN phase is spoke-to-spoke communication enabled?
A. Phase 1
B. Phase 6
C. Phase 5
D. Phase 2
E. Phase 4
Correct Answer: D
Section: part 3
Explanation
QUESTION 102
Which LSA type in OSPFv3 is used for link-local updates?
A. Link LSA type 5

B. Link LSA type 8
C. Link LSA type 6
D. Link LSA type 4
Correct Answer: B
Section: part 3
Explanation
QUESTION 103
Users were moved from the local DHCP server to the remote corporate DHCP server. After the move,
none of the users were able to use the network. Which two issues will prevent this setup from working
properly? (Choose two)
A. Auto-QoS is blocking DHCP traffic.

B. The DHCP server IP address configuration is missing locally
C. 802.1X is blocking DHCP traffic
D. The broadcast domain is too large for proper DHCP propagation
E. The route to the new DHCP server is missing
Correct Answer: BE
Section: part 3
Explanation
QUESTION 104
A network engineer has configured an IOS router to synchronize its clock with a Windows server. After
several minutes, the network engineer notices that the local time on the router does not match the time on
the Windows server. What is the reason for this?
A. Either a firewall between the two devices or an ACL on the router is blocking UDP port 958
B. Either a firewall between the two devices or an ACL on the router is blocking TCP port 123
C. Either a firewall between the two devices or an ACL on the router is blocking TCP port 958
D. Either a firewall between the two devices or an ACL on the router is blocking UDP port 123
Correct Answer: D
Section: part 3
Explanation
QUESTION 105
which condition prevents the establishment of a DMPVN tunnel between two spokes ?
A. HSRP is enabled on the spoke devices

B. IPsec is enabled on the spoke devices
C. the two spokes are behind different PAT devices
D. the two spokes have different tunnel keepalive settings.
Correct Answer: C
Section: part 3
Explanation
QUESTION 106
lf you convert a WAN connection with OSPF from T1 to a Frame Relay circuit, which two actions must you
take to enable the connection? (Choose two)
A. Change the OSPF network type to nonbroadcast

B. Manually configure neighbors in the OSPF process
C. Manually configure the hello and dead timers.
D. Change the OSPF network type to broadcast
E. Change the OSPF network type to multipoint nonbroadcast
Correct Answer: AB
Section: part 3
Explanation
QUESTION 107
Which two statements about NetFlow templates are true? (Choose two)
A. Only NetFlow version 9 is template based

B. NetFlow Version 5 and version 9 are template based
C. Only NetFlow version 5 is template based.
D. Template can increased bandwidth usage
E. They can increase overall performance
F. They can reduce bandwidth usage.
Correct Answer: AD
Section: part 3
Explanation
QUESTION 108
Refer to the following configuration command.
router(config)# ip nat inside source static tcp 172.16.10.8 8080 172.16.10.8 80
Which statement about the command is true?
A. Any packet that is received in the inside interface with a source IP port address of
172.16.10.8:80 is translated to 172.16.10.8:8080.
B. Any packet that is received in the inside interface with a source IP port address of
172.16.10.8:8080 is translated to 172.16.10.8:80.
C. The router accepts only a TCP connection from port 8080 and port 80 on IP address
172.16.10.8
D. Any packet that is received in the inside interface with a source IP address of 172.16.10.8
is redirected to port 8080 or port 80.
Correct Answer: B
Section: part 3
Explanation
Having a web server on the internal network is another example of when it may be necessary for devices
on the internet to initiate communication with internal devices. In some cases the internal web server may
be configured to listen for web traffic on a TCP port other than port 80. For example, the internal web
server may be configured to listen to TCP port 8080. In this case, you can use NAT to redirect traffic
destined to TCP port 80 to TCP port 8080.
After you define the interfaces as shown in the previous network diagram, you may decide that you want
NAT to redirect packets from the outside destined for 172.16.10.8:80 to 172.16.10.8:8080. You can use a
static nat command in order to translate the TCP port number to achieve this.
http://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/13772-12.ht
QUESTION 109
Which feature can filter information at the interface level ?
A. Conditional Debugging
B. Local Logging
C. Prefix-List
D. Syslog
Correct Answer: A
Section: part 3
Explanation
QUESTION 110
Refer to the exhibit
How does R1 handle the route to netowk 10.1.80.0.0/24?
A. R1 redistributes network 10.1.80.0/24 into EIGRP without changing the mask

B. R1 changes the mask to /32 and then redistributes network 10.1.80.0/24 into EIGRP as a classful
network
C. R1 changes the mask to /32 and then redistributes network 10.1.80.0/24 into EIGRP as a classless
network
D. R1 changes the mask to /32 and then redistributes network 10.1.80.0/24 into EIGRP as a classless
network
Correct Answer: A
Section: part 3
Explanation
QUESTION 111
Refer to exhibit. What is indicated by the show ip cef command for an address?
A. CEF is unable to get routing information for this route.

B. CEF cannot switch packet for this route and passes it to the next best switching method.
C. A valid entry and is pointed to hardware based forwarding.
D. CEF cannot switch packet for this route and drops it.
Correct Answer: B
Section: part 3
Explanation
Glean adjacency in short when the router is directly connected to hosts the FIB table on the router will
maintain a prefix for the subnet rather than for the individual host prefix. This subnet prefix points to a
GLEAN adjacency.
Punt adjacency When packets to a destination prefix can’t be CEF Switched, or the feature is not
supported in the CEF Switching path, the router will then use the next slower switching mechanism
configured on the router.
QUESTION 112
Which two EIGRP metrics have nonzero K values by default (Choose two.)
A. reliability
B. delay
C. cost
D. load
E. bandwidth
Correct Answer: BE
Section: part 3
Explanation
QUESTION 113
Which two debug commands can you use to view issues with CHAP and PAP authentication? (Choose
two.)
A. debug tacacs
B. debug ppp authentication
C. debug radius
D. debug aaa authentication
E. debug ppp negotiation
Correct Answer: BE
Section: part 3
Explanation
http://www.cisco.com/c/en/us/support/docs/wan/point-to-point-protocol-ppp/25647-understanding-ppp-
chap.html
QUESTION 114
Which statement about dynamic NAT is true?
A. It creates a one-to-one mapping of inside addresses to a global address

B. It uses the overload command to map addresses
C. It maps inside addresses to different port numbers
D. It maps inside addresses to a pool of global addresses
Correct Answer: D
Section: part 3
Explanation
QUESTION 115
What is the administrative distance of an EIGRP summary route?
A. 90
B. 5
C. 1
D. 170
Correct Answer: B
Section: part 3
Explanation
QUESTION 116
Which command must you configure globally to support RIPng?
A. ip routing
B. ip cef
C. ipv6 enable
D. ipv6 unicast-routing
Correct Answer: D
Section: part 3
Explanation
QUESTION 117
Which two statements about the OSPF down bit are true? (Choose two)
A. It is set only for LSA types 3,5. and 7

B. It is set only for LSA types 1, 2 and 4
C. It is set only when an OSPF virtual link is created
D. It is set when MP-BGP routes are redistributed into OSPF
E. It is set when OSPF routes are redistributed into BGP
Correct Answer: AD
Section: part 3
Explanation
QUESTION 118
Which IP SLA operation can be used to simulate voice traffic on a network?
A. TCP connect
B. UDP-jitter
C. ICMP-echo
D. ICMP-jitter
Correct Answer: B
Section: part 3
Explanation
QUESTION 119
Which two types of traffic can benefit from LLQ? (Choose two.)
A. email
B. voice
C. telnet
D. video
E. file transfer
Correct Answer: BD
Section: part 3
Explanation
QUESTION 120
When a new PC is connected to the network, which step must it take first to receive a DHCP address?
A. It sends a DHCPHELLO meesage to the DHCP server IP address

B. It sends a DHCPREQUEST message to the DHCP server IP address
C. It sends a DHCPREQUEST message to 255.255.255.255
D. It sends a DHCPDISCOVER message to 255.255.255.255
Correct Answer: D
Section: part 3
Explanation
QUESTION 121
Which action is the most efficient way to handle route feedback when converting a RIPv2 network to
OSPF?
A. Implement route tags.

B. Implement IP prefix lists.
C. Implement route maps with access lists.
D. Implement distribute lists.
Correct Answer: A
Section: part 3
Explanation
QUESTION 122
Company is deploying a multicast application that must be accessible between sites, but
must not be accessible outside of the organization. Based on the scoping requirements,
the multicast group address for the application will be allocated out of which range?
A. FF00:/16
B. FF0E:/16
C. FF02:/16
D. FF08:/16
Correct Answer: C
Section: part 3
Explanation
QUESTION 123
Which two packet type can an EIGRP router send when a route goes into the Active state ?(Choose two)
A. update
B. request
C. hello
D. query
E. reply
Correct Answer: DE
Section: part 3
Explanation
QUESTION 124
Refer to the exhibit. Which networking challenge is the most important issue to address to enable optimal
communication between the networks at company A and company B?
A. IPv4 fragmentation
B. unicast flooding
C. asymmetric routing
D. UDP latency
E. IPV4 MTU
Correct Answer: C
Section: part 3
Explanation
QUESTION 125
Refer to the exhibit. Which option describes why the EIGRP neighbors of this router are not learning routes
that are received from OSPF?
A. The subnet defined in OSPF is not part of area 0.
B. Default metrics are not configured under EIGRP.
C. There is no overlap in the subnets advertised.
D. The routing protocols do not have the same AS number.
Correct Answer: B
Section: part 3
Explanation
QUESTION 126
Where can NetFlow export data for long term storage and analysis?
A. syslog
B. collector
C. another network device
D. flat file
Correct Answer: B
Section: part 3
Explanation
QUESTION 127
Which two statements about the OSPF down bit are true? (Choose two )
A. It is set when OSPF routers are redistributed into BGP

B. It is set only for LSA types 1,2 and 4.
C. It set when an OSPF virtual link in created
D. It is set only for LSA types 3, 5, and 7
E. It is set when MP-BGP routers are redistributed into OSPF
Correct Answer: DE
Section: part 3
Explanation
QUESTION 128
Which two statements about ICMP unreachable messages are true?(Choose two）
A. They are sent when a route to the destination is missing from the routing table
B. They can be enable and disable on a device only on a global level
C. They are sent when a destination address responds to an ARP request
D. They include the entire packet so that the source can identify the process that generated the message
E. They include a poriton of the original data so that the source can identify the process that generated the
message
Correct Answer: AE
Section: part 3
Explanation
QUESTION 129
Which two types of threshold can you configure for tracking objects? (Choose Two)
A. percentage
B. MTU
C. bandwidth
D. weight
E. delay
F. administrative distance
Correct Answer: AD
Section: part 3
Explanation
QUESTION 130
Which two different configurations can you apply to a device incoming SSH access? (Choose two)
A. ipv6 access-list VTY-ACCESS-IN

secuence 10 deny tcp any any eq 22
sequence 20 permit ipv6 any any
line vty 0 15
ipv6 access-list VTY-ACCESS-IN out
B. ipv6 access-list VTY-ACCESS-IN
interface Ethernet0/0
ip traffic-filter VTY-ACCESS-IN out
C. ipv6 access-list VTY-ACCESS-IN
line vty 0 15
ipv6 access-class VTY-ACCESS-IN in
D. ipv6 access-list VTY-ACCESS-IN
ipv6 traffic-filter VTY-ACCESS-IN in
E. ipv6 access-list VTY-ACCESS-IN
ipv6 traffic-filter VTY-ACCESS-IN out
Correct Answer: CD
Section: part 3
Explanation
QUESTION 131
which command do you enter in router R6 so that bgp supports multiple protocols?
A. R6(config-router-af)#bgp additional-path install

B. R6(Config-router)#no address-family ipv6 unicast
C. R6(config-router)#no bgp default ipv4-multicast
D. R6(confi-router)#bgp default ipv4-multicast
Correct Answer: B
Section: part 3
Explanation
QUESTION 132
Which protocol can you use to remotely install an IOS on a Cisco switch?
A. SFTP
B. FTP
C. NetFlow
D. SNMP
Correct Answer: B
Section: part 3
Explanation
QUESTION 133
Which two statements about NHRP in a DMVPN environment are true? (Choose two)
A. It requires each endpoint to have a unique network ID

B. It routes traffic through the tunnel
C. It can identify PIM-SM RPs over a tunnel
D. It can authenticate VPN endpoints
E. It provides address resolution to route traffic
Correct Answer: DE
Section: part 3
Explanation
QUESTION 134
Refer in the exhibit.
interface FastEthernet0/0
ip helper-address 192.168.145.5
A packet capture indicates that the router is not forwarding the DHCP packets that it receives on interface
FastEthernet0/0. Which command needs to be entered in global configuration mode to resolve this issue?
A. ip helper-address
B. ip DHCP relay
C. service DHCP
D. ip forward-protocol
Correct Answer: A
Section: part 3
Explanation
QUESTION 135
Which command prevents routers from sending routing updates through a router interface?
A. default –metric 0
B. distribute-list in
C. passive-interface
D. distribute-list out
Correct Answer: C
Section: part 3
Explanation
QUESTION 136
Which three functionalities are specific to stateful NAT64? (Choose Three)
A. It requires IPv4-transalable IPv6 address

B. It requires either manual or DHCPv6 based address assignment for IPv6 host.
C. It helps ensure end-to-end address transparency and scalability
D. A state or bindings are created on every unique translation
E. it conserves IPV4 addresses
Correct Answer: BDE

Section: part 3
Explanation
QUESTION 137
DSW1#
Jul 15 17:13:40.483 bst: %TCP-6-BADAUTH: Invalid MD5 digest from 5.0.0.5(13355) to 51.51.51.1
(179)
DSW1#
Jul 15 17:13:45.394 bst: %TCP-6-BADAUTH: Invalid MD5 digest from 5.0.0.5(15418) to 51.51.51.1
(179)
Refer to the exhibit. All neighbor routers are in the BGP peer group named PEER-1. All passwords are
configured as cisco. These messages are logged to the
console of router DSW1, which is peering with router Core. Which two configurations allow a peering
session to form between DSW1 and the Core? (Choose two)
A. Core(config-router)#neighbor 5.0.0.5 peer-group PEER-2
Core(config-router)#neighbor PEER-1 password cisco
B. Core(config-router)#neighbor 5.0.0.5 peer-group PEER-1
Core(config-router)#neighbor PEER-1 password cisco
C. DSW1(config-router)#neighbor 51.51.51.1 peer-group PEER-1
DSW1(config-router)#neighbor PEER-1 password cisco
D. DSW1(config-router)#neighbor 51.51.51.1 peer-group PEER-1
E. DSW1(config-router)#neighbor 5.0.0.5 peer-group PEER-1
Correct Answer: BC
Section: part 3
Explanation
QUESTION 138
How can you minimize unicast flooding in a network?
A. Configure HSRP on two routers, with one subnet preferred on the first router and a different subnet
preferred on the second router.
B. Set the router's ARP timeout value to be the same as the timeout value for Layer2 forwarding table
entries
C. Set the router's ARP timeout value to greater than the timeout value for Layer 2 forwarding table entries
D. Set the router's ARP timeout value to less than timeout value for Layer 2 forwarding table entries
Correct Answer: B
Section: part 3
Explanation
QUESTION 139
What is the hop count is advertised for an unreachable network by a RIP router that uses poison reverse?
A. 16
B. 255
C. 0
D. 15
Correct Answer: A
Section: part 3
Explanation
QUESTION 140
Which two OSPF router types can perform summarize in an OSPF network? (Choose two)
A. summary router
B. area border router
C. autonomous system boundary router
D. internal router
E. backbone router
Correct Answer: BC
Section: part 3
Explanation
QUESTION 141
Which statement about stateless and stateful IPv6 auto configuration are true?
A. Both stateless and stateful autoconfiguration require additional setup

B. Stateless autoconfiguration requires no additional setup, whereas stateful autoconfiguration requires
additional setup
C. Stateless autoconfiguration requires additional setup, whereas stateful autoconfiguration requires no
additional setup
D. Both stateless and stateful autoconfiguration require no additional setup
Correct Answer: A
Section: part 3
Explanation
QUESTION 142
In which two areas does OSPF send a summary route by default ?（choose two）
A. NSSA
B. Backbone
C. Totally stubby
D. Stub
E. Normal
Correct Answer: CD
Section: part 3
Explanation
QUESTION 143
Which LAN feature enables a default gateway to inform its end devices when a better path to a destination
is available ?
A. HSRP
B. ICMP unreachable messages
C. ICMP redirects
D. Proxy ARP
Correct Answer: C
Section: part 3
Explanation
QUESTION 144
After configuring RIPng on two routers that are connected via a WAN link, a network engineer notices that
two routers cannot exchange routing updated.What is the reason for this?
A. Either a firewall between the two routers or an ACL on the router is blocking UDP 521
B. Either a firewall between the two routers or an ACL on the router is blocking TCP 520
C. Either a firewall between the two routers or an ACL on the router is blocking TCP 520
D. Either a firewall between the two routers or an ACL on the router is blocking UDP 520
Correct Answer: A
Section: part 3
Explanation
QUESTION 145
Which value Identifies VPNs in an EVN environment?
A. route target
B. VLAN ID
C. DLCI
D. virtual network tag
Correct Answer: D
Section: part 3
Explanation
QUESTION 146
Which three TCP enhancements can be used with TCP selective acknowledgments?(Choose three.)
A. header compression
B. explicit congestion notification
C. keepalive
D. time stamps
E. TCP path discovery
F. MTU window
Correct Answer: BCD

Section: part 3
Explanation
TCP Selective Acknowledgment
The TCP Selective Acknowledgment feature improves performance if multiple packets are lost from one
TCP window of data.
Prior to this feature, because of limited information available from cumulative acknowledgments, a TCP
sender could learn about only one lost packet per-round-trip time. An aggressive sender could choose to
resend packets early, but such re-sent segments might have already been successfully received.
The TCP selective acknowledgment mechanism helps improve performance. The receiving TCP host
returns selective acknowledgment packets to the sender, informing the sender of data that has been
received. In other words, the receiver can acknowledge packets received out of order. The sender can
then
resend only missing data segments (instead of everything since the first missing packet).
Prior to selective acknowledgment, if TCP lost packets 4 and 7 out of an 8-packet window, TCP would
receive acknowledgment of only packets 1, 2, and 3. Packets 4 through 8 would need to be re-sent. With
selective acknowledgment, TCP receives acknowledgment of packets 1, 2, 3, 5, 6, and 8. Only packets 4
and 7 must be re-sent.
TCP selective acknowledgment is used only when multiple packets are dropped within one TCP window.
There is no performance impact when the feature is enabled but not used. Use the ip tcp selective-ack
command in global configuration mode to enable TCP selective acknowledgment.
Refer to RFC 2018 for more details about TCP selective acknowledgment.
TCP Time Stamp
The TCP time-stamp option provides improved TCP round-trip time measurements. Because the time
stamps are always sent and echoed in both directions and the time-stamp value in the header is always
changing, TCP header compression will not compress the outgoing packet. To allow TCP header
compression over a serial link, the TCP time-stamp option is disabled. Use the ip tcp timestamp command
to enable the TCP time-stamp option.
TCP Explicit Congestion Notification
The TCP Explicit Congestion Notification (ECN) feature allows an intermediate router to notify end hosts of
impending network congestion. It also provides enhanced support for TCP sessions associated with
applications, such as Telnet, web browsing, and transfer of audio and video data that are sensitive to delay
or packet loss. The benefit of this feature is the reduction of delay and packet loss in data transmissions.
Use the ip tcp ecn command in global configuration mode to enable TCP ECN.
TCP Keepalive Timer
The TCP Keepalive Timer feature provides a mechanism to identify dead connections.
When a TCP connection on a routing device is idle for too long, the device sends a TCP keepalive packet
to the peer with only the Acknowledgment (ACK) flag turned on. If a response packet (a TCP ACK packet)
is not received after the device sends a specific number of probes, the connection is considered dead and
the device initiating the probes frees resources used by the TCP connection.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/xe-3s/asr1000/iap-xe-
3sasr1000-
book/iap-tcp.html#GUID-22A82C5F-631F-4390-9838-F2E48FFEEA01
QUESTION 147
Which two tasks must you perform to configure a BGP peer group ?（choose two）
A. Configure the soft-update value

B. Set the advertisement interval
C. Assign neighbors to the peer group
D. Activate each neighbor
E. Activate the default route
Correct Answer: CD
Section: part 3
Explanation
QUESTION 148
Which two commands would be used to troubleshoot high memory usage for a process?(Choose two.)
A. router#show memory allocating-process table

B. router#show memory summary
C. router#show memory dead
D. router#show memory events
E. router#show memory processor statistics
Correct Answer: AB
Section: part 3
Explanation
QUESTION 149
In which two ways can split horizon issues be overcome in a Frame Relay network
environment?
(choose two.)
A. Configuring one physical serial interface with Frame Relay to various remote sites.
B. Configure a loopback interface with Frame Relay to various remote sites
C. Configuring multiple subinterfaces on a single physical interface to various remote
sites.
D. Enabling split horizon.
E. Disabling split horizon.
Correct Answer: CE
Section: part 3
Explanation
1/ IP split horizon checking is disabled by default for Frame Relay encapsulation to allow routing updates
to go in and out of the same interface. An exception is the Enhanced Interior Gateway Routing Protocol
(EIGRP) for which split horizon must be explicitly disabled.
2/Configuring Frame Relay subinterfaces ensures that a single physical interface is treated as multiple
virtual interfaces. This capability allows you to overcome split horizon rules so packets received on one
virtual interface can be forwarded to another virtual interface, even if they are configured on the same
physical interface.
http://www.cisco.com/c/en/us/support/docs/wan/frame-relay/14168-fr-faq.html
QUESTION 150
When does a Cisco router send an ICMP redirect?
A. when the packet's source and destination VRFs are different

B. when the packet is cource-routed
C. when the packet's destination has load-balanced entries in the route table
D. when the packet's ingress and egress interface are the same
Correct Answer: D
Section: part 3
Explanation
QUESTION 151
A network engineer is enabling RIPng on a new customer link Under which configuration mode is RIPng
enabled?
A. Global
B. Router
C. Interface
D. IPv6
Correct Answer: C
Section: part 4
Explanation
QUESTION 152
Which types of LSAs are present in the stub area?
A. LSA type 1,2,3,4 and 5

B. LSA type 1,2 and 3
C. LSA type 3 and 5
D. LSA type 1 and 2
Correct Answer: B
Section: part 4
Explanation
QUESTION 153
Which LSA type can exist only in an OSPF NSSA area?
A. type 7 LSA
B. type 1 LSA
C. type 5 LSA
D. type 3 LSA
Correct Answer: A
Section: part 4
Explanation
QUESTION 154
Which feature eliminates the need for Cisco Express Forwarding to maintain a route cache ?
A. Adjacency table
B. RIB
C. FIB
D. MAC address table
Correct Answer: C
Section: part 4
Explanation
QUESTION 155
A customer requests policy-based routing Packets arriving from source 209 165 200 225
should be sent to the next hop at 209.165.200.227 with the precedence bit set to priority
Packets arriving from source 209.165.200.226 should be sent to the next hop at
209.165.200.228 with the precedence bit set to critical. Which configuration completes
these requirements?
A.
B.
C.
D.
Correct Answer: A
Section: part 4
Explanation
QUESTION 156
Which command do you enter on router R6 so that BGP supports multiple protocols?
A. R6(config-router)#no bgp default ipv4-unicast

B. R6(config-router)#bgp default ipv4-multicast
C. R6(config-router-af)#no bgp default ipv4-multicast
D. R6(config-router-af)#bgp additional-paths install
E. R6(config-router)#no address-family ipv4 unicast
Correct Answer: A
Section: part 4
Explanation
QUESTION 157
Which two actions are common methods for migrating a network from one protocol to another? (Choose
two)
A. redistributing routes from the current routing protocol to the new routing protocol
B. removing the current routing protocol and implementing the new routing protocol
C. changing the relative administrative distances of the two routing protocols
D. changing the network IP addresses and bringing up the new IP addresses using the new routing
protocol
E. disabling IP routing globally and implementing the new routing protocol
Correct Answer: AC
Section: part 4
Explanation
QUESTION 158
which two statements about frame relay lmi autosense are true on a router ?(choose two)
A. it requires the lmi type to be explicitly configured

B. it operates on frame relay DTE interface
C. it operates on frame relay DCE interface
D. it requires the line protocol to be up
E. It operates when the line is up by the line protocol is down
Correct Answer: BE
Section: part 4
Explanation
QUESTION 159
Which two statements about DMVPN are true? (Choose two.)
A. IPsec encryption not supported with statically addressed spokes.

B. t requires full-mesh connectivity on the network.
C. It uses NHRP to create a mapping database of spoke addresses
D. Multicast traffic is not supported
E. It supports dynamic addresses for spokes in a hub-and-spoke VPN topology.
Correct Answer: AC
Section: part 4
Explanation
QUESTION 160
A network engineer is configuring two dedicated Internet connections within the Internet module. One
connection is the primary connection to all wired business communications, while the other is the primary
connection for all customer wireless traffic. If one of the links goes down, the affected traffic needs to be
redirected to the redundant link. Which current technology should be deployed to monitor the scenario?
A. IP SLA
B. MMC
C. IP SAA
D. PBR
Correct Answer: A
Section: part 4
Explanation
QUESTION 161
Which two BGP neighbor states are valid? (Choose two)
A. established
B. active
C. stuck in active
D. 2-WAY
E. unknown
F. http://bbs.hh010.com
Correct Answer: AB
Section: part 4
Explanation
QUESTION 162
Device R1 has 1 Gigabit and 10 Gigabit Ethernet interfaces,Which command do you enter so that takes full
advantage of OSPF costs?
A. R1(config router)#auto-cost reference-bandwidth 10000

B. R1(config route-map)#set metric 10000000000
C. R1(config if)#ip ospf cost 10000
D. R1(config router)#auto*cost reference-bandwidth 10000000000
E. R1(config if)# ip ospf cost 100000000
F. R1(config route-map)#set metric 10000
Correct Answer: A
Section: part 4
Explanation
QUESTION 163
Which two statements about NetFlow templates are true? (Choose two)
A. Only NetFlow version 9 is template based

B. NetFlow Version 5 and version 9 are template based
C. Only NetFlow version 5 is template based.
D. Template can increased bandwidth usage
E. They can increase overall performance
F. They can reduce bandwidth usage.
Correct Answer: AD
Section: part 4
Explanation
QUESTION 164
A network engineer wants to display the statistics of an active tunnel on a DMVPN
network. Which
command should the administrator execute to accomplish this task?
A. Router#show crypto ipsec sa

B. Router#show crypto isakmp peers
C. Router#show crypto isakmp sa
D. Router#show crypto ipsec transform-set
E. Router#show crypto engine connections active
Correct Answer: A
Section: part 4
Explanation
show crypto engine connection active—Displays the total encrypts and decrypts per SA.
show crypto ipsec sa—Displays the stats on the active tunnels.
show crypto isakmp sa—Displays the state for the the ISAKMP SA.
http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/29240-
dcmvpn.html#veri
QUESTION 165
Which option is one way to mitigate symmetric routing on an active/active firewall setup for TCP-based
connections?
A. performing packet captures

B. disabling asr-group commands on interfaces that are likely to receive asymetric traffic
C. replacing them with redundant routers and allowing load balancing
D. disabling stateful TCP checks
Correct Answer: D
Section: part 4
Explanation
QUESTION 166
Which two statements about GRE tunnel keys are true? (Choose two)
A. They key ID must be the same on each device.

B. They prevent the injection of unwanted frames.
C. They prevent the injection of unwanted packets.
D. They must be stored to a keychain.
E. They provide the highe level of security that is available.
Correct Answer: AC
Section: part 4
Explanation
QUESTION 167
Which two statements are examples of the differences between IPv4 and IPv6 EIGRP? (Choose two.)
A. Network command is used in IPv6

B. DUAL is not used for route calculations.
C. DUAL is used for route calculations
D. IPv6 keyword is used in many EIGRP commands.
E. Network command is not used in IPv6
Correct Answer: DE
Section: part 4
Explanation
QUESTION 168
When unicast reverse path forwarding is configured on an interface, which action does
the interface take first when it receives a packet?
A. It check the ingress access list

B. It check the egress access list
C. It verifies that the source has a valid CEF adjacency
D. It verifies a reverse path via the FIB to the source
Correct Answer: D
Section: part 4
Explanation
When a packet is received at the interface where Unicast RPF and ACLs have been configured, the
following actions occur:
Step 1: Input ACLs configured on the inbound interface are checked.
Step 2: Unicast RPF checks to see if the packet has arrived on the best return path to the source, which it
does by doing a reverse lookup in the FIB table
QUESTION 169
A network engineer applies the command ip tcp adjust-mss <bytes> under interface configuration mode.
What is the result?
A. The probability of SYN packet truncation is increased.

B. The UDP session is inversely affected.
C. The probability of dropped or segmented TCP packets is decreased.
D. The optimum MTU value for the interface is set.
Correct Answer: C
Section: part 4
Explanation
QUESTION 170
Which access list entry check for an ACK within a packet TCP header?
A. access-list 49 permit ip any any eq 21 tcp-ack
B. access-list 49 permit tcp any any eq 21 tcp-ack
C. access-list 149 permit tcp any any eq 21 established
D. access-list 149 permit tcp any any eq 21 established
Correct Answer: C
Section: part 4
Explanation
QUESTION 171
Refer to Exhibit. Which two reasons for IP SLA tracking failure are likely true? (Choose Two.)
A. The source-interface is configured incorrectly.

B. The destination must be 172.30.30.2 for icmp-echo.
C. A route back to the R1 LAN network is missing in R2.
D. The default route has wrong next hop IP address.
E. The threshold value is wrong.
Correct Answer: AC
Section: part 4
Explanation
QUESTION 172
Which two commands must you configure in the calling router to support the PPPoE client? (Choose Two)
A. peer default ipaddress pool

B. mtu
C. bba-group pppoe
D. pppoe enable group
E. pppoe-clientdialer-pool-number
Correct Answer: BE
Section: part 4
Explanation
QUESTION 173
WHich DHCP option provides a TFTP server that Cisco phones can use to download a configuration?
A. DHCP Option 66
B. DHCP Option 68
C. DHCP Option 82
D. DHCP Option 57
Correct Answer: A
Section: part 4
Explanation
QUESTION 174
Which two statements about IP access-lists are true? (Choose two)
A. They support wildcard masks to limit the address bits to which entries are applied.
B. Extended access lists must include port numbers
C. IP access list without at least one deny statement permit all traffic by default
D. They end with an implicit permit
E. Entries are applied to traffic in the order in which they appear
Correct Answer: AE
Section: part 4
Explanation
QUESTION 175
What is the default authentication in RIPv2 when authentication is enabled
A. SHA1 authentication
B. Enable password authentication
C. Plain text authentication
D. MD5 authentication
Correct Answer: C
Section: part 4
Explanation
QUESTION 176
Which value determines the amount of traffic that a network path can hold in transit?
A. route cache setting

B. maximum windows size
C. bandwidth delay product
D. MSS
Correct Answer: D
Section: part 4
Explanation
QUESTION 177
A. The device sends SNMP traps related to BGP operations to host 192.168.1.128
B. It configures an ACL to protect SNMP manager from receiving BGP traps
C. it configures the device to use string ciscotest for read and write access to any SNMP manager on the
network
D. it configures the device to communicate with other devices in the ciscotest community using SNMPv3
Correct Answer: A
Section: part 4
Explanation
QUESTION 178
What happens when unicast flood protection is triggered on a VLAN?
A. The VLAN is shut down

B. Traffic on the VLAN is load-balanced across multiple links
C. The VLAN is removed from the VLAN database
D. Traffic on the VLAN is passed to another VLAN with lower load
Correct Answer: A
Section: part 4
Explanation
QUESTION 179
Which address is an IPv6 multicast addreess?
A. 2002 0 :0: 0 :0 :0 :0: 2

B. 00020 0 :0:0: 0:0:2
C. FF02:0:0 :0 :0:0 :0 :2
D. FE02 0:0 :0 :0 :0:0:2
Correct Answer: C
Section: part 4
Explanation
QUESTION 180
Which task must you perform to implement EIGRP for IPv6 on a device?
A. Use the ipv6 cef command to enable Cisco Express Forwarding on the device.
B. Configure a loopback interface on the device.
C. Manually configure the router ID
D. Statically configure a neighbor statement
Correct Answer: C
Section: part 4
Explanation
QUESTION 181
Under which circumstance can TCP starvation occur?
A. when DNS and TFTP traffic are transmitted on the same link
B. when TCP traffic is blocked by an ACL
C. when UDP traffic is processed in a policy-map before TCP traffic
D. when Http and Https traffic are transmitted on the same link
E. when TCP and UDP traffic are mixed in the same class of service
Correct Answer: E
Section: part 4
Explanation
QUESTION 182
Which two protocols can cause TCP starvation?(choose two)
A. TFTP
B. SNMP
C. SMTP
D. HTTPS
E. FTP
Correct Answer: AB
Section: part 4
Explanation
QUESTION 183
Which two types of threshold can you configure for tracking objects? (Choose Two)
A. percentage
B. MTU
C. bandwidth
D. weight
E. delay
F. administrative distance
Correct Answer: AD
Section: part 4
Explanation
QUESTION 184
You notice that traffic from R1 to the 192.168.10.0/24 network prefers the path throught R3 instead of the
least-cost path throught R2. What is the most likely reason for this router selection?
A. OSPF prefers external routers over interarea router.

B. OSPF prefers interarea routers over intra-area routers.
C. OSPF prefers external routers over intra-area routers
D. OSPF prefers intra-area routers over interarea routers
Correct Answer: D
Section: part 4
Explanation
QUESTION 185
After reviewing the EVN configuration, a network admin notice that a predefined EVN,
which is know as vnet global was configured. What is the purpose of this EVN?
A. It defines the routing scope for each particular EVN edge interface.
B. It aggregates and carries all dot1q tagged traffic.
C. It refers to the global routing context and corresponds to the default RIB.
D. It safeguards the virtual network that is preconfigured to avoid mismatched routing instances.
Correct Answer: C
Section: part 4
Explanation
QUESTION 186
A user is attempting to authentication on the device connected to a TACACS+ server but the server require
more information from the user to complete authentication. Which response does the TACACS+ daemon
return?
A. ACCEPT
B. ERROR
C. REJECT
D. CONTINUE
Correct Answer: D
Section: part 4
Explanation
QUESTION 187
A network engineer execute the show ip cache flow command. Which two types of
information are displayed in the report that is generated? (Choose two)
A. MLS flow traffic

B. flow samples for specific protocols
C. IP packets distribution flow expert statistic
D. top takers
Correct Answer: BD
Section: part 4
Explanation
QUESTION 188
Which three benefits does the Cisco Easy Virtual Network provide to an enterprise network? (Choose
three.)
A. simplified Layer 3 network virtualization

B. improved shared services support
C. enhanced management, troubleshooting, and usability
D. reduced configuration and deployment time for dot1q trunking
E. increased network performance and throughput
F. decreased BGP neighbor configurations
Correct Answer: ABC

Section: part 4
Explanation
QUESTION 189
A network engineer executes the commands logging host 172.16.200.225 and logging trap
5. Which action results when these two commands are executed together?
A. Logging messages that have a debugging severity level are sent to the remote server 172.16.200.225
B. Logged information is stored locally, showing the sources as 172.16.200.225
C. Logging messages that have any severity level are sent to the remote server 172.16.200.225
D. Logging messages that have a severity level of "notifications" and above (numerically lower) are sent to
the remote server 172.16.200.225
Correct Answer: D
Section: part 4
Explanation
QUESTION 190
Which feature can be used to reduce the number of ICMP unreachable message egressing a router
A. uRPF
B. ICMP rate-limiting(upendra)
C. ip unreachables command
D. Asymmetric routing
Correct Answer: B
Section: part 4
Explanation
QUESTION 191
What command can you enter to configure an enable password that uses an encrypted
password
from another configuration?
A. enable secret $abc%!e.Cd34$!ao0

B. enable secret 7 Sabc%!e.Cd34$!ao0
C. enable secret 0 Sabc%U*.Cd34$!ao0
D. enable secret 5 $abc%!e.Cd34$!ao0
E. enable secret 15 $abc%ie.Cd34$!ao0
F. enable secret 6 $abc%!e.Cd34$!ao0
Correct Answer: D
Section: part 4
Explanation
Router(config)#enable secret aaa
QUESTION 192
Which two configurations can a PPPoE client support? (Choose Two)
A. Eight clients are configured on a single CPE

B. The client is connected to multiple hosts over DMVPN
C. The client is installed on the same network device as the server.
D. The client is connecting over an ATM PVC
E. The client is installed on a native IPv6 network.
Correct Answer: AB
Section: part 4
Explanation
QUESTION 193
Which SNMP model and level can provide DES encryption?
A. SNMPV2 noAuthNoPriv
B. SNMPV3 authNoPriv
C. SNMPV3 authPriv
D. SNMPV3 noAuthNoPrv
Correct Answer: C
Section: part 4
Explanation
QUESTION 194
Which feature mitigates fragmentation issues caused by endpoint hosts?
A. ICMP DF bit
B. PMTU
C. TCP Flow Control
D. TCP MSS
Correct Answer: D
Section: part 4
Explanation
QUESTION 195
Which two statements about OSPFv3 are true?(Choose two)
A. The router ID is configured as an IPv6 address.

B. It uses loopback IPv6 addresses to from neighbor relationships.
C. The router ID is configured as an IPv4 address.
D. It uses LSA type 6 for intra-area prefixes.
E. It is backwards-compatible with OSPFv2 throught the use od sham link.
F. It uses link-local addresses to from neighbor relationships.
Correct Answer: CF
Section: part 4
Explanation
QUESTION 196
Refer to exhibit. A user calls from another branch office with a request to establish a simple VPN
tunel to test a new router's tunneling capability Based on the configuration in the exhibit, which
type of tunnel was configured?
A. PPTP
B. IPsec site-to-site
C. 6to4
D. EZVPN
Correct Answer: C
Section: part 4
Explanation
QUESTION 197
A network engineer executes the show ip flow interface command. Which type of information is displayed
on the interface?
A. route cache information

B. IP Cisco Express Forwarding statistics
C. error statistics
D. NetFlow configuration
Correct Answer: D
Section: part 4
Explanation
QUESTION 198
What are two impotant differences between OSPFv2 and OSPFv3 (Choouse two.)
A. Only OSPFv3 provides support for IPv6.

B. Only OSPFv3 automatically chooses a router ID for the local device.
C. Only OSPFv3 supports multiple OSPF instances on a single link.
D. Only OSPFv3 automatically enable interfaces when you create them in device configuration mode.
E. Only OSPFv3 automatically detects OSPF neighbors on an NBMA interface.
Correct Answer: AC
Section: part 4
Explanation
QUESTION 199
Which LSA type does R3 propagate into Area 1 for the 192.168.10.0/24 network?
A. type 3 LSA
B. type 5 LSA
C. type 7 LSA
D. type 10 LSA
Correct Answer: C
Section: part 4
Explanation
QUESTION 200
Which option is a perquisite for stateful NAT64?
A. IPsec for IPv6

B. DNS64
C. Application Level Gateway
D. ICMP64
Correct Answer: B
Section: part 4
Explanation
QUESTION 201
Which option is one way to mitigate symmetric routing on an active/active firewall setup for TCP-based
connections?
A. performing packet captures

B. disabling asr-group commands on interfaces that are likely to receive asymetric traffic
C. replacing them with redundant routers and allowing load balancing
D. disabling stateful TCP checks
Correct Answer: D
Section: part 5
Explanation
QUESTION 202
Which option is the best for protecting CPU utilization on a device?
A. fragmentation
B. COPP
C. ICMP redirects
D. ICMP unreachable messages
Correct Answer: B
Section: part 5
Explanation
QUESTION 203
Which two statements about EVNs are true? (Choose two)
A. VRFs using MPLS require a trunk interface that uses EVN

B. VRF-Lite requires a trunk interface tha uses EVN
C. All EVNs within a trunk interface can share the same IP infrastructure
D. Each EVN within a trunk interface must be congfigured separately
E. commands that are specified once under trunk interface can be inherited by all EVNs
Correct Answer: CE
Section: part 5
Explanation
QUESTION 204
Which two statements about Frame Relay Point-to-Point connections are true? (Choose two.)
A. Changing a point-to-point sub interface to a different type requires the device to be reloaded.
B. They use two DLCIs to communicate with multiple endpoints over the Frame Relay cloud.
C. The device can establish a point-to-point connection to the cloud without a DLCI.
D. They can operate normally without a DLCI map.
E. Each physical interface that extends to the Frame Relay cloud can support a single SVC.
Correct Answer: AB
Section: part 5
Explanation
QUESTION 205
Which statement about the IP SLA feature is true?
A. It ensures that there are appropriate levels of service for network applications.
B. It classifies various traffic types by examining information within Layers 3 trough 7.
C. It measures how the network treats traffic for specific applications by generating traffic that bears
similar characteristics to application traffic.
D. It keeps track of the number of packets and bytes that are observed in each flow by storing information
in a cache flow.
Correct Answer: C
Section: part 5
Explanation
QUESTION 206
Which two tasks does a DHCP relay agent perform? (Choose two.)
A. It forwards DHCPHELLO and DHCPREQUEST messages to the DHCP server

B. It forwards DHCPREQUEST and DHCPACK messages to the DHCP server.
C. It forwards DHCPOFFER and DHCPCOMPLETE messages to the DHCP client.
D. It forwards DHCPDISCOVER and DHCPREQUEST messages to the DHCP server.
E. t forwards DHCPOFFER and DHCPACK messages to the DHCP client.
Correct Answer: DE
Section: part 5
Explanation
QUESTION 207
Which two statements about VRF-Lite configurations are true? (Choose two.）
A. They support the exchange of MPLS labels.

B. Different customers can have overlapping IP addresses on different VPNs
C. They support a maximum of 512.000 routes
D. Each customer has its own dedicated TCAM resources.
E. Each customer has its own private routing table.
F. They support IS-IS
Correct Answer: BE
Section: part 5
Explanation
QUESTION 208
Which technology is required on an EVN trunk interface?
A. 802.1q
B. NAT
C. VRF-Lite
D. IS-IS
Correct Answer: A
Section: part 5
Explanation
QUESTION 209
What does stateful NAT64 do that stateless NAT64 does not do?
A. Stateful NOT64 maintains bindings of IPv4 to IPv6 link-local addresses

B. Stateful NAT64 translates IPv4 to IPv6.
C. Stateful NAT64 translates IPv6 to IPv4.
D. Stateful NAT64 maintains bindings or session state while performing translation.
Correct Answer: D
Section: part 5
Explanation
QUESTION 210
What does the following access list, which is applied on the external interface FastEthernet 1/0 of the
perimeter router, accomplish?
router(config)#access-list 101 deny ip 10.0.0.0 0.255.255.255 any log
router (config)#access-list 101 deny ip 192.168.0.0 0.0.255.255 any log
router (config)#access-list 101 deny ip 172.16.0.0 0.15.255.255 any log
router (config)#access-list 101 permit ip any any
router (config)#interface fastEthernet 1/0
router (config-if)#ip access-group 101 in
A. It prevents incoming traffic from IP address ranges 10.0.0.0-10.0.0.255, 172.16.0.0-172.31.255.255,

192.168.0.0-192.168.255.255 and logs any intrusion attempts.
B. It prevents the internal network from being used in spoofed denial of service attacks and logs any exit
to the Internet
C. It filters incoming traffic from private addresses in order to prevent spoofing and logs any intrusion
attempts.
D. It prevents private internal addresses to be accessed directly from outside.
Correct Answer: C
Section: part 5
Explanation
The private IP address ranges defined in RFC 1918 are as follows:
10.0.0.0 — 10.255.255.255
172.16.0.0 — 172.31.255.255
192.168.0.0 — 192.168.255.255
These IP addresses should never be allowed from external networks into a corporate network as they
would only be able to reach the network from the outside via routing problems or if the IP addresses were
spoofed. This ACL is used to prevent all packets with a spoofed reserved private source IP address to
enter
the network. The log keyword also enables logging of this intrusion attempt.
QUESTION 211
A network engineer executes the show crypto ipsec sa command. Which three pieces of information are
displayed in the output? (Choose three.)
A. inbound crypto map
B. remaining key lifetime
C. path MTU
D. tagged packets
E. untagged packets
F. invalid identity packets
Correct Answer: ABC

Section: part 5
Explanation
This command shows IPsec SAs built between peers. The encrypted tunnel is built between 12.1.1.1 and
12.1.1.2 for traffic that goes between networks 20.1.1.0 and 10.1.1.0. You can see the two Encapsulating
Security Payload (ESP) SAs built inbound and outbound. Authentication Header (AH) is not used since
there are no AH SAs.
This output shows an example of the show crypto ipsec sa command (bolded ones found in answers for
this question).
interface: FastEthernet0
Crypto map tag: test, local addr. 12.1.1.1
local ident (addr/mask/prot/port): (20.1.1.0/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (10.1.1.0/255.255.255.0/0/0)
current_peer: 12.1.1.2
PERMIT, flags={origin_is_acl,}
#pkts encaps: 7767918, #pkts encrypt: 7767918, #pkts digest 7767918
#pkts decaps: 7760382, #pkts decrypt: 7760382, #pkts verify 7760382
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0,
#pkts decompress failed: 0, #send errors 1, #Recv errors 0
local crypto endpt.: 12.1.1.1, remote crypto endpt.: 12.1.1.2
path mtu 1500, media mtu 1500
current outbound spi: 3D3
inbound esp sas:
spi: 0x136A010F(325714191)
transform: esp-3des esp-md5-hmac ,
in use settings ={Tunnel, }
slot: 0, conn id: 3442, flow_id: 1443, crypto map: test
sa timing: remaining key lifetime (k/sec): (4608000/52)
IV size: 8 bytes
replay detection support: Y
inbound ah sas:
inbound pcp sas:
inbound pcp sas:
outbound esp sas:
spi: 0x3D3(979)
transform: esp-3des esp-md5-hmac ,
in use settings ={Tunnel, }
slot: 0, conn id: 3443, flow_id: 1444, crypto map: test
sa timing: remaining key lifetime (k/sec): (4608000/52)
IV size: 8 bytes
replay detection support: Y
outbound ah sas:
outbound pcp sas:
Reference: http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-
ipsec-debug-00.htm
QUESTION 212
Which two steps must you perform to allow access to a device when the connection to a remote TACACS+
authentication server fails? (Choose two)
A. Include the local keyword in the AAA configuration

B. Configure a local username and password on the device
C. Configure the device to accept Telnet and SSH connections
D. Configure accounting to reference the log of previously authenticated connections
E. Remove the aaa new model command from the gloabl configuration
Correct Answer: AB
Section: part 5
Explanation
QUESTION 213
Which option is the minimum privilege level that the allows the user to execute all user-level commands but
prohibits enable-level commands by default?
A. Level 1
B. Level 0
C. Level 14
D. Level 15
Correct Answer: A
Section: part 5
Explanation
QUESTION 214
Which routing protocol routers traffic through the best path and second best path at the same time?
A. OSPF
B. EIGRP
C. RIP
D. BGP
Correct Answer: B
Section: part 5
Explanation
QUESTION 215
Which task must you perform to enable a point-to-point Frame Relay connection ?
A. Configure the encapsulation type

B. Disable inverse ARP
C. Enable inverse ARP
D. Configure static address mapping
Correct Answer: A
Section: part 5
Explanation
QUESTION 216
Which interface type does a PPPoE client use to establish a session?
A. Physical
B. loopback
C. visual-template
D. dialer
Correct Answer: D
Section: part 5
Explanation
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/bbdsl/configuration/xe-3s/bba-pppoe-client.html
QUESTION 217
A router receives a routing advertisement for 10.1.1.0/24 from an EIGRP peer and from an OSPF peer,
Which route does the router install in the routing table, and for which reason?
A. the OSPF route, because the administative distancve is lower.

B. the EIGRP route, because the metric is lower.
C. the OSPF route, because the metric is lower.
D. The EIGRP route, because the administative distance is lower.
Correct Answer: D
Section: part 5
Explanation
QUESTION 218
Which three NTP operating modes must the trusted-Key command be configured on for authentication to
operate properly? (Choose Three)
A. interface
B. client
C. peer
D. server
E. broadcast
Correct Answer: BDE

Section: part 5
Explanation
QUESTION 219
Which condition must be met before you can configure SSH on a device running Cisco IOS?
A. The device must have an auxilary port

B. The device must have a modem connection
C. The IOS must be a crypto in
D. Telnet must be disabled on the device
Correct Answer: C
Section: part 5
Explanation
QUESTION 220
A network engineer wants to implement an SNMP notification process for host machines using the
strongest security available Which command accomplishes this task?
A. router(config)#snmp-server host 172 16 200 225 traps v2c auth

B. router(config)#snmp-server host 172 16 200 225 traps v1
C. router(config)#snmp-server host 172 16 200.225 traps v3
D. router(config)#snmp-server host 172 16 200 225 traps v2c
Correct Answer: C
Section: part 5
Explanation
QUESTION 221
A router was configured with the eigrp stub command. The router advertises which types of routes?
A. connected, static, and summary

B. static and summary
C. connected and static
D. connected and summary
Correct Answer: D
Section: part 5
Explanation
QUESTION 222
Which security level is supported throughout all snmp versions?
or
Which SNMP security level is available across all versions of the protocol?
A. authPriv
B. authNoPriv
C. NoAuthNoPriv
D. NoAuthNoEgress
Correct Answer: C
Section: part 5
Explanation
QUESTION 223
In which network environment is AAA with RADIUS most appropriate?
A. when Apple Talk Remote Access is in user

B. when NetBIOS Frame Control Protocol is in use
C. when users require access to only one device at a time
D. when you need to separate all AAA services
Correct Answer: C
Section: part 5
Explanation
QUESTION 224
Which feature can automatically assign IP addresses in a PPPoE environment?
A. DHCP
B. BOOTP
C. PPP
D. APPA
Correct Answer: C
Section: part 5
Explanation
QUESTION 225
Which fallback method can you configure to allow all AAA authorization requests to be granted if the other
methods do not respond or return an error?
A. RADIUS
B. enable
C. TACACS+
D. none
Correct Answer: D
Section: part 5
Explanation
QUESTION 226
What other action does an IPv6 filter do when it drops a packet?
A. generates an ICMP unreachable message

B. https://bbs.hh010.com
C. https://bbs.hh010.com
D. https://bbs.hh010.com
Correct Answer: A
Section: part 5
Explanation
QUESTION 227
What is the minimum log level for the event generated when an ACL drops a packet?
A. 3
B. 4
C. 5
D. 6
Correct Answer: D
Section: part 5
Explanation
QUESTION 228
Regarding a diagram with 3 routers (H1(with IPv6 IP and Loopback 1.1.1.1) +R1 (with IP
IPv6 and Loopback 2.2.2.2) +R2 (with IP IPv6 and Loopback 3.3.3.3) running with
EIGRP 100 on both routers and what command you will implement so that you will see
the loopback IP of R2 to be advertised at H1
A. H1(config t)#router eigrp 100

H1(config t)#no stub only
B. R2(config t)#router eigrp 100
R2(config t)#no stub receive only
C. H1(config t)#ipv6 router eigrp 100
H1(config t)#no stub only
D. R2(config t)#ipv6 router e
Correct Answer: A
Section: part 5
Explanation
QUESTION 229
question regarding command the enables BGP to support multiprotocol
A. no bgp default ipv4 unicast

B. bgp default ipv4 multicast
C. bgp default ipv4 unicast
D. bgp address family ipv4 unicast
Correct Answer: A
Section: part 5
Explanation
QUESTION 230
Which option prevents routing updates from being sent to the access layer switches?
A. DWS1(config-router)#passive-interface default
DWS2(config-router)#passive-interface default
B. ALS1(config-router)#passive-interface gi0/1
ALS1(config-router)#passive-interface gi0/2
C. ALS1 (config-router)#passive-interface default
ALS2 (config-router)#passive-interface default
D. DWS1(config-router)#passive-interface gi1/1
DWS1(config-router)#passive-interface gi1/2
Correct Answer: D
Section: part 5
Explanation
QUESTION 231
Refer to exibit.
OI 2001:DB8:0:7::/64 [110/20]
via FE80::A8BB:CCFF:FE00:6F00, Ethernet0/0
OI 2001:DB8:0:8::/64 [110/100]
OI 2001:DB8:0:9::/64 [110/20]
When summarizing these routes, which route is the summarized route?
A. OI 2001:DB8::/48 [110/100] via FE80::A8BB:CCFF:FE00:6F00, Ethernet0/0

B. OI 2001:DB8::/24 [110/100] via FE80::A8BB:CCFF:FE00:6F00, Ethernet0/0
C. OI 2001:DB8::/32 [110/100] via FE80::A8BB:CCFF:FE00:6F00, Ethernet0/0
D. OI 2001:DB8::/64 [110/100] via FE80::A8BB:CCFF:FE00:6F00, Ethernet0/0
Correct Answer: A
Section: part 5
Explanation
QUESTION 232
Which command can be entered on router R5 to configure 80 percent of the bandwidth of
a link for
EIGRP Autonomous System 55?
A. R5(config-if)#ip bandwidth percent eigrp bandwidth 55 80

B. R5(config-pmap-c)#priority percent 80
C. R5(config-if)#ip bandwidth percent eigrp 80 55
D. R5(config-if)#ipv6 bandwidth-percent eigrp 80 55
E. R5(config-if)#ipv6 bandwidth-percent eigrp 55 80
Correct Answer: E
Section: part 5
Explanation
QUESTION 233
Refer to the exhibit.Network users on the 10.1.2.0/24 subnet have a default gateway of
10.1.2.254. Which
command will configure this gateway?
A. router(config)#ip route vrf RED 0 0.0 0 0 0.0.0 10.1.2.254

B. router(config)#ip route 0.0.0.0 0.0.0.0 10.1.2.254
C. router(config)#ip route 0.0.0 0 0.0.0.0 fastethernet0/1
D. router(config)#ip route vrf BLUE 0.0.0.0 0.0.0.0 10.1.2.254
Correct Answer: D
Section: part 5
Explanation
QUESTION 234
What does SNMP v2c use for authentication?
A. community string
B. hash algorithm
C. SSL certificate
D. username and password
Correct Answer: A
Section: part 5
Explanation
QUESTION 235
Refer to the exhibit.R1 is configured with VRF-Lite and can ping R2. R2 is fully
configured, but it has no active EIGRP neighbors in vrf Yellow. If the configuration of R2
is complete, then which issue prevents the EIGRP 100 neighbor relationship in vrf Yellow
from forming?
A. The no auto-summary command is preventing the EIGRP neighbor relationship from

forming
B. There is a Layer 1 issue that prevents the EIGRP neighbor relationship from forming
C. The interface IP addresses are not in the same subnet
D. EIGRP 100 network 192 168 1 0/24 is configured in the global routing table on R1
Correct Answer: D
Section: part 5
Explanation
QUESTION 236
access-list 1 permit 10.1.1.0 0.0.0.255
access-list deny any
Which command us used to control the type of routes that are processed in incoming
route updates?
A. passive-interface
B. distribute-list 1 out
C. distribute-list 1 in
D. ip vrf forwarding
Correct Answer: C
Section: part 5
Explanation
QUESTION 237
A network administrator is attempting to configure IP SLA to allow one time stamp to be
logged when a packet arrives on the interface and one time stamp to be logged when a
packet leaves the interface. Which IP SLA accuracy tool enables this functionality?
A. Trap
B. RTT
C. Responder
D. Trigger
E. Logging
Correct Answer: B
Section: part 5
Explanation
QUESTION 238
Which statements best describes the following two OSPF commands, which are used to
summarize
routes?
area 0 range 192.168.110.0 255.255.0.0
summary-address 192.168.110.0 255.255.0.0
A. The area range command defines the area where the network resides. The summary-
address command enables autosummanzation
B. The area range command defines the area where the network resides. The summary-
address command summanzes a subnet for all areas
C. The area range command specifies the area where the subnet resides and
summarizes it to other
areas. The summary-address command summarizes external routes
D. The area range command summarizes subnets for a specific area. The summary-
address commandsummaries a subnet for all areas
Correct Answer: C
Section: part 5
Explanation
QUESTION 239
Refer to the following.
aaa new-model
aaa authentication login default local-case enable
aaa authentication login ADMIN local-case
username CCNP secret Str0ngP@ssw0rd!
line 0 4
login authentication ADMIN
How can you change this configuration so that when user CCNP logs in, the show run
command is
executed and the session is terminated?
A. Add the autocommand keyword to the aaa authentication command

B. Assign privilege level 15 to the CCNP username
C. Add the access-class keyword to the aaa authentication command
D. Assign privilege Ievel14 to the CCNP username
E. Add the access-class keyword to the username command
F. Add the autocommand keyword to the username command
Correct Answer: F
Section: part 5
Explanation
QUESTION 240
Refer to the Which statement about redistribution from BGP into OSPF process 10 is
true?
A. Network 172.16.1.0/24 is not redistributed into OSPF.

B. Network 10.10 10.0/24 is not redistributed into OSPF
C. Network 172.16.1.0/24 is redistributed with administrative distance of 1.
D. Network 10.10.10.0/24 is redistributed with administrative distance of 20.
Correct Answer: A
Section: part 5
Explanation
QUESTION 241
Which two statements about redistributing EIGRP into OSPF are true? (Choose two)
A. The redistributed EIGRP routes appear as type 3 LSAs in the OSPF database
B. The redistributed EIGRP routes appear as type 5 LSAs in the OSPF database
C. The administrative distance of the redistributed routes is 170
D. The redistributed EIGRP routes appear as OSPF external type 1
E. The redistributed EIGRP routes as placed into an OSPF area whose area ID matches
the EIGRP
autonomous system numb
F. The redistributed EIGRP routes appear as OSPF external type 2 routes in the routing
table
Correct Answer: BF
Section: part 5
Explanation
QUESTION 242
Which two statements are differences between AAA with TACACS+ and AAA with
RADIUS? (Choose two)
A. Only RADIUS uses TCP

B. Unlike TACACS+, RADIUS sends packets with only the password encrypted
C. Unlike TACACS+, RADIUS supports accounting and authorization only
D. Only TACACS+ uses TCP
E. Only TACACS+ combines authentication and authorization
Correct Answer: BD
Section: part 5
Explanation
QUESTION 243
Which IOS commands can you use to limit the CPU impact of log generation and
transmission on an IOS router?
A. You can use the ip access-list logging interval command in conjunction with the
logging rate-limit command
B. You can use the ip access-list logging limit command in conjunction with the logging
rate-interval command
C. You can use the ip access-list syslog-logging interval command in conjunction with the
D. You can use the ip access-list logged interval command in conjunction with the
Correct Answer: A
Section: part 5
Explanation
QUESTION 244
TCP traffic is blocked on port 547 between a DHCPv6 relay agent and a DHCPv6 server
that is
configured for prefix delegation. Which two outcomes with result when the relay agent is
rebooted?
(Choose two.)
A. Hosts will not obtain DHCPv6 addresses

B. The DHCPv6 relay agent will resume distributing addresses
C. DHCFM3 address conflicts will occur on downstream clients
D. Routers will not obtain DHCPv6 prefixes
E. DHCPv6 clients will be unreachable
Correct Answer: AD
Section: part 5
Explanation
QUESTION 245
Which issue is important to address when integrating two networks with different routing
protocols?
A. preventing UDP starvation

B. handing IPv4 fragmentation
C. controlling unicast flooding
D. mitigating UDP latency
E. preventing asymmetric routing
Correct Answer: E
Section: part 5
Explanation
QUESTION 246
Refer to the exhibit。A network engineer is modifying configurations for a customer that
currently uses VPN connectivity between their sites. The customer has added a new
spoke site but is does not have reachability to
servers located at the hub Based on the output, which statement describes the cause?
A. The interface of VRF HUB and VRF SPOKE do not match

B. The HUB VRF is not exporting Route-Target 200:20
C. The default VPNID is not set on VRF HUB or VRF SPOKE
D. The SPOKE VRF is not importing Route-Target 100:10
Correct Answer: D
Section: part 5
Explanation
QUESTION 247
Which statement about the metric calculation in EIGRP is true?
A. The maximum delay along the path is used

B. The mean value of bandwidth between the source and destination is used
C. The minimum bandwidth between the source and destination is used
D. The minimum delay along the path is used
Correct Answer: C
Section: part 5
Explanation
QUESTION 248
A network engineer enables OSPF on a Frame Relay WAN connection to various remote
sites, but no OSPF adjacencies come up.Which two actions are possible solutions for
this issue? (Choose Two)
A. Change the network type to point-to-multipoint under WAN interface.

B. Enable virtual links
C. Change the network type to nonbroadcast multipoint access.
D. Configure the neighbor command under OSPF process for each remote site
E. Ensure that the OSPF process number matches among all remote sites
Correct Answer: AD
Section: part 5
Explanation
QUESTION 249
Which two addresses types are included in NAT?
A. inside global
B. global outside
C. outside internet
D. inside internet
E. outside local
Correct Answer: AE
Section: part 5
Explanation
QUESTION 250
–options were little bit modifie
Which of the following are characteristics of TACACS+? (Choose two.)
A. Uses UDP
B. Encrypts an entire packet
C. Offers robust accounting
D. Cisco-proprietary
Correct Answer: BD
Section: part 5
Explanation
QUESTION 251
Which two statements about password-protecting device access are true? (Choose Two)
A. The more system:running-config command displays encrypted passwords in clear text

B. The service password-encryption command forces a remote device to encrypt the
password
C. A network administrator can recover an encrypted password
D. The privilege level command controls the commands a specific user can execute
E. The password can be encrypted in the running configuration
Correct Answer: DE
Section: part 6
Explanation
QUESTION 252
A network engineer is unable to make VRF lite EIGRP adjacency work.There is nothing
wrong with
communication between R1 and R2. What command will eliminate the issue when
executed on both
routers?
A. (config-router-af)# autonomous-system 100

B. (config)# ip-multicast-routing
C. (config-vrf)# route-target both 100:1
D. (config-router-af)# network 209.165.202.128 0.0.0.31
Correct Answer: A
Section: part 6
Explanation
QUESTION 253
Which version or versions of NetFlow support MPLS?
A. all versions of NetFlow

B. NetFlow version 9
C. NetFlow version 8
D. NetFlow version 5
E. NetFlow version 8 and 9
Correct Answer: B
Section: part 6
Explanation
QUESTION 254
Which type of Netflow information is displayed when the show ip flow export command is
executed?
A. sent status and statistics
B. top talkers
C. export interface configurations
D. local status and statistics
Correct Answer: D
Section: part 6
Explanation
QUESTION 255
Which configuration can you apply to a device so that it always blocks outbound web
traffic on Saturdays and Sundays between the hours of 1:00 AM and 11:59 PM?
A. time-range SATSUN periodic Saturday Sunday 1:00 to 23:59

access-list 102 permit udp any any eq 80 time-range SATSUN
access-list 102 permit tcp any any eq 443 time-range SATSUN
interface Vlan303
ip address 10.9.5.3 255.255.255.0
ip access-group 102 out
B. time-range SATSUN periodic Saturday Sunday 1:00 to 23:59
interface Vlan303
ip address 10.9.5.3 255.255.255.0
ip access-group 102 in
C. time-range SATSUN periodic Saturday Sunday 1:00 to 11:59
interface Vlan303
ip address 10.9.5.3 255.255.255.0
D. time-range SATSUN absolute Saturday Sunday 1:00 to 23:59
interface Vlan303
ip address 10.9.5.3 255.255.255.0
Correct Answer: B
Section: part 6
Explanation
QUESTION 256
Refer to the exhibit.For which reason is EIGRP failing to redistribute the default route?
A. The EIGRP process is missing the default metric.

B. The EIGRP process is missing the no auto-summary command.
C. The EIGRP process is missing the router ID.
D. The route-map statement is missing the match any keyword.
Correct Answer: A
Section: part 6
Explanation
QUESTION 257
Question on PPPoE ? (Choose Two)
A. A PADI (PPPoE Active Discovery Initiation) broadcast signal is sent by the host to the remote devices
B. A PADR (PPPoE Active Discovery Request) unicast signal is sent to confirm the remote device.
(Confirmation done on PADS)
C. A PADR (PPPoE Active Discovery Request) broadcast signal is sent by the host to the remote device.
D. A PADO (PPPoE Active Discovery Offer) signal is sent by the remote device back to the host
E. A PADT (PPPoE Active Discovery Terminate) signal
Correct Answer: AD
Section: part 6
Explanation
QUESTION 258
What is the default maximum segment size for TCP traffic
A. 536
B. 1492
C. 1500
D. 1508
E. 3340
F. 4096
Correct Answer: A
Section: part 6
Explanation
QUESTION 259
A network engineer wants to baseline the network to determine suitablilty for real-time voice
applications.Which IP SLA operation is best
suited for this task?
A. udp-jitter
B. tcp-jitter
C. ip sla logging traps
D. ip sla reaction-configuration
Correct Answer: A
Section: part 6
Explanation
QUESTION 260
Which SNMP version provides both encryption and authentication?
A. SNMPv4
B. SNMPv2c
C. SNMPv3
D. SNMPv1
Correct Answer: C
Section: part 6
Explanation
QUESTION 261
Refer to Exhibit. R1 is unable to ping interface S0/0 of R2.What is the issue the configuration that is shown
here?
A. The route-target configuration command is missing

B. The interface IP addresses are not in the same subnet.
C. the syntax of the ping command is wrong.
D. The default route configuration is missing.
E. The serial interfaces belong to the global table instead of vrf Yellow
Correct Answer: E
Section: part 6
Explanation
QUESTION 262
Which option must be configured on a target device to use time stamping to accurately represent response
times using IP SLA?
A. Responder
B. Jitter value
C. TCP Connect
D. ICMP Echo
Correct Answer: A
Section: part 6
Explanation
QUESTION 263
A network engineer is troubleshooting connectivity issues with a directly connected RIPng neighbor. Which
command should directly connected RIPng neighbor adjacencies only?
A. router#show ipv6 rip next-hops

B. router#show ip rip neighbors
C. router#show ipv6 routers
D. router#show ipv6 rip database
Correct Answer: A
Section: part 6
Explanation
QUESTION 264
What is the optimal location from which to execute a debug command that produces an
excessive amount of information?
A. Vty lines
B. SNMP commands
C. A console port
D. An AUX port
Correct Answer: A
Section: part 6
Explanation
QUESTION 265
In which state do DR and BDR establish adjacency with each ospf router in the
network？
A. Exstart State
B. Loading State
C. Exchange State
D. Init State
Correct Answer: A
Section: part 6
Explanation
QUESTION 266
What is supported radius server? (choose two)
A. telnet
B. authentication
C. accounting
D. authorization
E. SSH
Correct Answer: BD
Section: part 6
Explanation
QUESTION 267
Which two routers can do OSPF route summarization?. (Choose Two)
A. ABR
B. ASBR
C. Summary router
D. internal router
E. Backbone router
Correct Answer: AB
Section: part 6
Explanation
QUESTION 268
Configuration snippet that looks similar to this:
ip access-list 1 permit xx xx
ip nat inside source list 1 int fa0/0 overload
What is this an example of ?
A. static NAT
B. NAT64
C. PAT
D. dynamic NAT
E. NPTv6
Correct Answer: C
Section: part 6
Explanation
QUESTION 269
What from the following can cause an issue for URPF?
OR
Reasons why urpf may fail:
A. Assymetrcfasic routing
B. Cef not enabled
C. Urpf not applied to the traffic source
D. If it is usedas ingress filtering
Correct Answer: A
Section: part 6
Explanation
QUESTION 270
The OSPF which type of Router can be aggregated? (Choose two)
A. the ABR
B. the ASBR
C. Backbone Router
D. Intra Router
Correct Answer: AB
Section: part 6
Explanation
QUESTION 271
Which command will display all the EIGRP feasible successor routes known to a router?
A. show ip routes
B. show ip eigrp summary
C. show ip eigrp topology
D. show ip eigrp adjacencies
Correct Answer: C
Section: part 6
Explanation
QUESTION 272
What show command is used here?
TCB Local Address Foreign Address (state)
6523A4FC 10.1.25.3.11000 10.1.25.3.23 ESTAB
65239A84 10.1.25.3.23 10.1.25.3.11000 ESTAB
653FCBBC *.1723 *.* LISTEN
A. show tcp brief

B. show tcp brief all
C. show tcp brief numeric
D. show tcp brief ip
Correct Answer: C
Section: part 6
Explanation
QUESTION 273
You need the IP address of the devices with which the router has established an adjacency. Also, the
retransmit interval and the queue counts for the adjacent routers need to be checked. What command will
display the required information?
A. show ip eigrp adjacency

B. show ip eigrp topology
C. show ip eigrp interfaces
D. show ip eigrp neighbor
Correct Answer: D
Section: part 6
Explanation
QUESTION 274
You get a call from a network administrator who tells you that he typed the following into his router:
Router(config)#router ospf 1
Router(config-router)#network 10.0.0.0 255.0.0.0 area 0
He tells you he still can’t see any routes in the routing table. What configuration error did the administrator
make?
A. The wildcard mask is incorrect

B. The OSPF area is wro
C. The OSPF process ID is incorrect
D. The AS configuration is wrong
Correct Answer: A
Section: part 6
Explanation
QUESTION 275
If routers in a single area are configured with the same priority value, what value does a
router use for
the OSPF Router ID in the absence of a loopback interface?
A. The lowest IP address of any physical interface
B. The highest IP address of any physical interface
C. The lowest IP address of any logical interface
D. The highest IP address of any logical interface
Correct Answer: B
Section: part 6
Explanation
QUESTION 276
Where are EIGRP successor routes stored?
A. In the routing table only

B. In the neighbor table only
C. In the topology table only
D. In the routing table and the topology table
E. In the routing table and the neighbor table
Correct Answer: D
Section: part 6
Explanation
QUESTION 277
Which location is traffic from IP SLAs
A. core edge
B. access edge
C. WAN edge
D. Distribution edge
E. User edge
Correct Answer: C
Section: part 6
Explanation
QUESTION 278
How to set up IP SLA to monitor Bandwidth between the certain limits?
A. Timer
B. Frequency
C. Threshold
D. Queue-limit
Correct Answer: C
Section: part 6
Explanation
QUESTION 279
Which routing protocol does DMVPN support? (Choose three)
A. ISIS
B. RIP
C. EIGRP
D. OSPF
E. BGP
Correct Answer: CDE

Section: part 6
Explanation
QUESTION 280
A route map was configured and it was distributing OSPF external routes
A. Distributing E1 onlyB. Distributing E1 and E2 using prefix list

B. Distributing E1 and E2 using access list
C. Distributing E2 routes
D. Distributing E2 routes
Correct Answer: B
Section: part 6
Explanation
QUESTION 281
Engineer has to enable RIP on a link. Where he will issue the command
A. Ipv6
B. Global
C. Router sub command
D. Interface sub command
Correct Answer: C
Section: part 6
Explanation
QUESTION 282
Which command is used to check IP SLA when an interface is suspected to receive lots
of traffic with options?
A. show track
B. show threshold
C. show timer
D. show delay
Correct Answer: A
Section: part 6
Explanation
QUESTION 283
What is the output of the following command:
show ip vrf
A. Show's default RD values

B. Displays IP routing table information associated with a VRF
C. Show's routing protocol information associated with a VRF.
D. Displays the ARP table (static and dynamic entries) in the specified VRF
Correct Answer: A
Section: part 6
Explanation
QUESTION 284
Technologies used in preparing Service Provider IPv6? (Choose Two)
A. 6ND
B. 6RD
C. 6VPE
D. VRF-Lite
E. DS-Lite
F. Dual-stackA
Correct Answer: BE
Section: part 6
Explanation
QUESTION 285
What is the output of the "show ntp associations" command?
A. Authentication mode
B. Facility configured
C. Shows the NTP synchronized servers configured on the device
D. Security key config
Correct Answer: C
Section: part 6
Explanation
QUESTION 286
Which two statements about route targets that are configured with VRF-Lite are true?
(Choose two)
A. Route targets uniquely identify the customer routing table

B. Route targets control the import and export of routes into a customer routing table
C. Route targets are supported only when BGP is configured
D. When IS-IS is configured, route targets identify the circuit level in which the customer
resides
E. When BGP is configured, route targets are transmitted as BGP standard communities
F. Route targets allos customers to be assigned overlapping adresses
Correct Answer: BC
Section: part 6
Explanation
QUESTION 287
Which type of message does a device configured with the eigrp stub command send in
response to EIGRP queries?
A. invalid request
B. unavailable
C. stuck in active
D. stub-only
E. reject
F. inaccessible
Correct Answer: F
Section: part 6
Explanation
QUESTION 288
Which are new LSA types in OSPF for IPv6 (OSPFv3)? (Choose two)
A. LSA Type 8
B. LSA Type 9
C. LSA Type 10
D. LSA Type 12
Correct Answer: AB
Section: part 6
Explanation
QUESTION 289
What command would you use to set EIGRP routes to be prioritized?
A. distance 100
B. distance 89
C. distance eigrp 100
D. distance eigrp 89
Correct Answer: D
Section: part 6
Explanation
QUESTION 290
You have a router has some interface configured with 10Gb interface and gigabit
interface. Which
command you use to optimize higher BW
A. (config)#router ospf 1
(config-router)auto-cost reference-bandwidth 10000
B. (config)#router ospf 1
(config-router)auto-cost reference-bandwidth 1000
C. (config)#int f0/0
(config-int)auto-cost reference-bandwidth 1000
D. (config)#int f0/0
(config-int)auto-cost reference-bandwidth 10000
Correct Answer: A
Section: part 6
Explanation
QUESTION 291
how route tags can be set (choose two)
A. only with route-maps

B. only with taglists
C. can be set with route-maps
D. can be set with taglist
E. only used on link state RPs
Correct Answer: CD
Section: part 6
Explanation
QUESTION 292
What attribute is used to influence traffic from AS200 and AS300 so that it uses link1 to
reach AS100
A. MED
B. AS_path
C. weight
D. local preference
Correct Answer: A
Section: part 6
Explanation
QUESTION 293
If you want to migrate an IS-IS network to another routing protocol with a lower AD?
Which two
protocol do you consider?
A. UDP
B. internal BGP
C. TCP/IP
D. EIGRP
E. OSPF
F. RIP
Correct Answer: DE
Section: part 6
Explanation
QUESTION 294
What to configure on routes if TACACS+ authentication fails? (Choose two)
A. Configure local username and password

B. Include ‘local’ keyword in AAA con
C. http://bbs.hh010.com
D. http://bbs.hh010.com
Correct Answer: AB
Section: part 6
Explanation
QUESTION 295
What does an Cisco router use as default username for CHAP authentication?
A. chap
B. Hostname
C. cisco
D. ppp
Correct Answer: B
Section: part 6
Explanation
QUESTION 296
Which statement is true about EBGP?
A. An internal routing protocol can be used to reach an EBGP neighbor.

B. The next hop does not change when BGP updates are exchanged between EBGP
neighbors.
C. A static route can be used to form an adjacency between neighbors
D. EBGP requires a full mesh.
Correct Answer: C
Section: part 6
Explanation
QUESTION 297
Which two statements are true of the OSPF link-state routing protocol? (Choose two.)
A. Using the Bellman-Ford algorithm, each OSPF router independently calculates its best
paths to all destinations in the network
B. Using the DUAL algorithm, each OSPF router independently calculates its best paths
to all destinations in the network.
C. OSPF sends summaries of individual link-state entries every 30 minutes to ensure
LSDB synchronization.
D. OSPF sends triggered updates when a network change occurs
E. OSPF sends updates every 10 seconds
F. When a link changes state, the router that detected the change creates a link-state
advertisement (LSA) and propagates it to all OSPF devices using the 224.0.0.6
multicast address.
Correct Answer: CD
Section: part 6
Explanation
QUESTION 298
Your network consists of a large hub-and-spoke Frame Relay network with a CIR of 56
kb/s for each
spoke.Which statement about the selection of a dynamic protocol is true?
A. EIGRP would be appropriate if LMI type ANSI is NOT used.

B. EIGRP would be appropriate, because the Frame Relay spokes could be segmented
into their own areas
C. EIGRP would be appropriate, because by default, queries are not propagated across
the slow speed Frame
Relay links.
D. EIGRP would be appropriate, because you can manage how much bandwidth is
consumed over the Frame
Relay interface.
Correct Answer: D
Section: part 6
Explanation
QUESTION 299
Congestion in the network. What is the effect on UDP?
A. Sender will have to buffer more data

B. Receiver will have to buffer more data. Before sending packets to higher layers
C. There will be latency
D. https://bbs.hh010.com
Correct Answer: C
Section: part 6
Explanation
QUESTION 300
How route tags can be set?(choose two)
A. ONLY within route tags

B. within tag lists
C. can be set with ONLY route-maps
D. can be set DIRECTLY within route maps.
E. only used on link state RPs
Correct Answer: BD
Section: part 6
Explanation
QUESTION 301
What is the viable successor of NAT_PT?
A. NAT64
B. IPv6
C. NATv6
D. DHCPv6
Correct Answer: A
Section: part 6
Explanation
QUESTION 302
What are two BGP neigbourship states?(choose two)
A. Full
B. Open Sent
C. 2WAY
D. Connect
E. DROTHER
F. Stuck in active
Correct Answer: BD
Section: part 6
Explanation
QUESTION 303
which the Valid range for BGP private ASNs?
A. 64512-65535
B. 62464-65534
C. 64512-65024
D. 62464-64511
Correct Answer: A
Section: part 6
Explanation
QUESTION 304
which phase of dmpvn spoke to spoke communications?
A. phase2
B. phase4
C. phase5
D. phase6
E. phase1
Correct Answer: A
Section: part 6
Explanation
QUESTION 305
OSPF chooses routes in which order, regardless of route's administrative distance and metric?
A. Intra-Area (O) - Inter-Area (O IA) - External Type 1 (E1) - External Type 2 (E2) - NSSA Type 1 (N1) -
NSSA Type 2 (N2)
B. Intra-Area (O) - Inter-Area (O IA) - NSSA Type 1 (N1) - NSSA Type 2 (N2) - External Type 1 (E1) -
External Type 2 (E2)
C. Intra-Area (O) - Inter-Area (O IA) - NSSA Type 1 (N1) - External Type 1 (E1) - NSSA Type 2 (N2) -
D. Intra-Area (O) - NSSA Type 1 (N1) - External Type 1 (E1) - Inter-Area (O IA) - NSSA Type 2 (N2) -
E. Intra-Area (O) - Inter-Area (O IA) - NSSA Type 1 (N1) - External Type 1 (E1) - NSSA Type 2 (N2) -
F. NSSA Type 1 (N1) - NSSA Type 2 (N2) - Intra-Area (O) - Inter-Area (O IA) - External Type 1 (E1) -
Correct Answer: A
Section: part 6
Explanation
QUESTION 306
Where the output will be shown of the command debug condition interface fa0/1 ?
A. it will show on interface f0/1

B. it will show on interface f0/0
C. both interfaces will show debugging ouput
D. an interface cannot be used as condition
Correct Answer: A
Section: part 6
Explanation
QUESTION 307
Router 1 cannot ping router 2 via the Frame Relay between them. Which two statements
describe the problems? (Chooses two.)
A. Encapsulation is mismatched.
B. Frame Relay map is configured
C. DLCI is active.
D. DLCI is inactive or deleted.
E. An access list is needed to allow ping
Correct Answer: AD
Section: part 6
Explanation
QUESTION 308
which access list used to filter upper layer protocol ?
A. extended acl
B. standart acl
C. reflexive acl
D. time based acl
E. dynamic acl
Correct Answer: A
Section: part 6
Explanation
QUESTION 309
ip sla network with a configuration snippet
A. apply the ipv6 acl under a vty

B. ip access-class
C. ipv6 access class
D. Access-list IN
E. Access-list OUT
Correct Answer: AD
Section: part 6
Explanation
QUESTION 310
Which allowing website access between certain times？
A. Filters using Time-Based ACLs

B. http://bbs.hh010.com/
C. http://bbs.hh010.com/
D. http://bbs.hh010.com/
Correct Answer: A
Section: part 6
Explanation
QUESTION 311
Which three restrictions apply to OSPF stub areas? (Choose three.)
A. No virtual links are allowed.

B. The area cannot be a backbone area.
C. Redistribution is not allowed unless the packet is changed to a type 7 packet
D. The area has no more than 10 routers.
E. No autonomous system border routers are allowed
F. Interarea routes are suppressed.
Correct Answer: ABE

Section: part 6
Explanation
QUESTION 312
You have implemented mutual route redistribution between OSPF and EIGRP on a border router. When
checking the routing table on one of the OSPF routers within the OSPF routing domain, you are seeing
some, but not all of the expected routes. Which two things should you verify to troubleshoot this problem?
(Choose two.)
A. The border router is using a proper seed metric for OSPF.

B. The border router is using a proper seed metric for EIGRP.
C. The administrative distance is set for OSPF and EIGRP
D. The missing EIGRP routes are present in the routing table of the border router
E. The subnet keyword on the border router in the redistribute EIGRP command
Correct Answer: DE
Section: part 6
Explanation
QUESTION 313
How is authentication handled with OSPFv3?
A. OSPFv3 for IPv6 authentication is supported by SHA-1 authentication

B. OSPFv3 for IPv6 authentication is supported by MD5 authentication
C. OSPFv3 for IPv6 authentication is supported by IPv6 IPsec
D. OSPFv3 for IPv6 authentication is supported by IPv4 IPsec
Correct Answer: C
Section: part 6
Explanation
QUESTION 314
When implementing OSPFv3, which statement describes the configuration of OSPF
areas?
A. In interface configuration mode, the OSPFv3 area ID combination assigns interfaces

to OSPFv3 areas.
B. In router configuration mode, the network wildcard area ID combination assigns
networks to OSPFv3 areas
C. In interface configuration mode, the IPv6 OSPF process area ID combination assigns
interfaces to OSPFv3 areas.
D. In router configuration mode, the IPv6 OSPF interface area ID combination assigns
interfaces to OSPFv3 areas
Correct Answer: C
Section: part 6
Explanation
QUESTION 315
Select and Place:

Correct Answer:
Section: part 7DD
Explanation
QUESTION 316
拖图题Drag and Drop for COPP and MPP.
Correct Answer:
Section: part 7DD
Explanation
QUESTION 317
拖图题mGER
Correct Answer:
Section: part 7DD
Explanation
IPSec---An encryption protocol used to secure tunnel

keepalive--A technology that prevents one side of the tunnel from going down while the
other stays up
mGRE--A technology that supports dynamic tunnel endpoints
MSS---A configurable value that prevents an interface from sending packets that are too
big for the tunnel
Tunnel Key---A clear text password that confirms the peer connection
QUESTION 318
Correct Answer:
Section: part 7DD
Explanation
QUESTION 319
拖图题
Correct Answer:
Section: part 7DD
Explanation
QUESTION 320
拖图题
Drag and drop the statements from the left onto the correct IPv6 router security features on the right.
on the right:
ANS:
***IPv6 Traffic Filter***
It filters traffic on the interface level
It supports tagged ACLs
***IPv6 Access Filter**
It controls traffic to and from the router
It requires the destination address for inbound traffic to be a local address
It filters management traffic
Correct Answer:
Section: part 7DD
Explanation
QUESTION 321
拖图题 Frame Relay LMI
answer:
Address registration – It allows neighbouring cisco devices to exchange the management ip
addresses
Global addressing – It enables the Frame Relay network to identify interfaces in same manner as a
LAN
Multicasting – It provides most efficient transmission of routing protocol messages and support
address resolution
simple flow control – It supports devices that are unable to use congestion notification
Virtual circuit – It Prevents data from being transmitted in Black Holes
Correct Answer:
Section: part 7DD
Explanation
QUESTION 322
Refer to the exhibit You are configuring the R1 SenalO interface for a point-to-point connection Drag and
drop the required configuration statements from the left onto the cooed locations from the diagram on the
right. Not all commands are used
Correct Answer:
Section: part 7DD
Explanation
QUESTION 323
Correct Answer:
Section: part 7DD
Explanation
QUESTION 324
You are configuring the R1 Serial0 interface for a multipoint connection.
Drag and drop the required configuration statements from the left onto the
corresponding locations from the diagram on the right.
Correct Answer:
Section: part 7DD
Explanation
QUESTION 325
Access-List Types (Drag & Drop)
answer:
Extended = ACL type that should be placed closest to the trafc source
Standard = ACL numbered from 1300 through 1999
Time-based = ACL that applied to trafc only during specifcally defined periods
Refexive= ACL that must be defined with a named ACL
Dyoamic = ACL that use Telnet for Authentication
Correct Answer:
Section: part 7DD
Explanation
QUESTION 326
Correct Answer:
Section: part 7DD
Explanation
QUESTION 327
拖图题
drag and drop the steps in the NAT process for IPV4-initiated packers from the left into the correct
sequence on the right
Correct Answer:
Section: part 7DD
Explanation
ANS:
The packet is routed to an NVI
The packet is assigned a dynamic or static binding
The IPV4 source address is translated to IPv6
The translation information is used to create a session
QUESTION 328
Correct Answer:
Section: part 7DD
Explanation

CCNP (300 101) 2019.02.26 320Qs PDF

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

CCNP (300 101) 2019.02.26 320Qs PDF

Încărcat de

Drepturi de autor:

Formate disponibile

CCNP(300-101)题库V2.0（2019.02.

A. On the interface that will receive the broadcasts

A. when you have a single point of redistribution

A. Area numbers match.

A. Mutual authentication between peers.

A. show snmp group

A. forwarding table overflow

Correct Answer: ABE

A. solicit and reply

A. Increase the OSPF cost

A. It defines the routing scope fr each particular EVN edge interface.

A. The default router through 10.0.1 is never used

A. Reconfigure the IP address on Gigabit Ethernet 1

A. a hub router can be behind a dynamic NAT on a device.

A. Implement offset lists at network boundaries

Correct Answer: ABE

A. routes for a global routing table

A. A router advertises a route to an unreachable network with an infinite metric.

A. rewriting of higher layer information

A. It can support only one condition at a time

A. information about tracking list 1

A. It supports IPv6 traffic.

Correct Answer: ABC

A. The local database can serve only as a backup authentication method

A. The two devices fail to from an adjacency

A. High bandwidth on a link

A. ppp authentication chap callin

A. specify a different TCP port

A. VRF without independent routing tables

A. access-list 49 permit ip any any eq 21 tcp-ack

A. An edge interface is used to differentiate VRF instances.

Which routes from OSPF process 5 are redistributed into EIGRP?

A. E1 and E2 subnets matching access list TO-OSPF

A. service timestamps log uptime

A. interface cannot be used as a debug condition

A. It extends the IP address to identify which VFP instance it belongs to.

A. allow self ping to router

A. Use the ip route command to specify the next-hop IP address only

A. R1(config-if)#ip nat enable

A. it is unable to route VRF traffic

A. Console line password

A. only accepts time requests from 192.168.1.1

Correct Answer: ACF

A. One VLAN interface must be configured between devices

A. Both stateless and stateful autoconfiguration require additional setup

A. Configure the encapsulation type

A. vulnerability to a man-in the - middle atack

A. A area 100 range 172.32.0.0 255.255.254 0

A. It designares the interface as a GRE tunnel endpoint

A. Link LSA type 5

A. Auto-QoS is blocking DHCP traffic.

A. HSRP is enabled on the spoke devices

A. Change the OSPF network type to nonbroadcast

A. Only NetFlow version 9 is template based

A. R1 redistributes network 10.1.80.0/24 into EIGRP without changing the mask

A. CEF is unable to get routing information for this route.

A. It creates a one-to-one mapping of inside addresses to a global address

A. It is set only for LSA types 3,5. and 7

A. It sends a DHCPHELLO meesage to the DHCP server IP address

A. Implement route tags.

A. It is set when OSPF routers are redistributed into BGP

A. ipv6 access-list VTY-ACCESS-IN

A. R6(config-router-af)#bgp additional-path install