100% latest and accurate Cisco 642-892 exam dumps.Test-talk.org ensures that you are equipped with the latest questions and answers, which give you a better chance of passing the Cisco 642-892 exam. Also free sharing Cisco 642-892 VCE test engine and PDF.
QUESTION 40
Refer to the exhibit. What statement is true about the configuration on switch CAT1?
A. The configuration overrides 802.1p priorities on packets entering ports Fa0/11 and Fa0/12 with a value of
B. The configuration establishes policed DSCP on ports Fa0/11 and Fa0/12 with values ranging from 8 to
56.
C. The configuration overrides the Quality of Service value in packets entering ports Fa0/11 and Fa0/12 with value of 45.
D. Two IP phones with the MAC addresses of 0008.8595.d1a7 and 0007.8595.d2b7 are connected to CAT1 ports Fa0/11 and Fa0/12, respectively.
E. Security violation shutdown mode has been activated for ports Fa0/11 and Fa0/12.
F. Untagged Port VLAN ID (PVID) frames will carry voice traffic on VLAN 40.
Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 41
Refer to the exhibit. Both host stations are part of the same subnet but are in different VLANs. On the basis of the information presented in the exhibit, which statement is true about an attempt to ping from host to host?
A. A trunk port will need to be configured on the link between Sw_A and Sw_B for the ping command to be successful.
B. The two different hosts will need to be in the same VLAN in order for the ping command to be successful.
C. A Layer 3 device is needed for the ping command to be successful.
D. The ping command will be successful without any further configuration changes.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 42
Refer to the exhibit. What is the correct output of the command show ip route on router R2?
A. R2# show ip route <output omitted> 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0
i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1
i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0
i L1 10.1.2.0/24 is directly connected, Serial1/0
i L2 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1
i L2 10.1.0.0/24 is directly connected, Serial1/1
B. R2# show ip route <output omitted> 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks i L2 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0 i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1 i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0 C 10.1.2.0/24 is directly connected, Serial1/0 i L2 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1 C 10.1.0.0/24 is directly connected, Serial1/1
C. R2# show ip route <output omitted> 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0 i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1 i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0 C 10.1.2.0/24 is directly connected, Serial1/0 i L2 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1 C 10.1.0.0/24 is directly connected, Serial1/1
D. R2# show ip route <output omitted> 10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0 i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1 i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0 C 10.1.2.0/24 is directly connected, Serial1/0 i su 10.1.2.0/23 [115/10] via 0.0.0.0, Null0 C 10.1.0.0/24 is directly connected, Serial1/1 i L2 10.1.0.0/23 [115/20] via 10.1.0.1, Serial1/1
E. R2# show ip route <output omitted> 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0 i L1 10.200.200.13/32 [115/30] via 10.1.2.4, Serial1/0 [115/30] via 10.1.0.1, Serial1/1 i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0 C 10.1.2.0/24 is directly connected, Serial1/0 i L1 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1 C 10.1.0.0/24 is directly connected, Serial1/1
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 43
Refer to the exhibit. Routers R1 and R2 have established a neighbor relationship and are exchanging
routing information. The network design requires that R1 receive routing updates from R2, but not advertise
any routes to R2. Which configuration command sequence will successfully accomplish this task?
A. R1(config)# router eigrp 1 R1(config-router)# passive-interface serial 0
B. R2(config)# router eigrp 1 R2(config-router)# passive-interface serial 0
C. R1(config)# access-list 20 deny any R1(config)# router eigrp 1 R1(config-router)# distribute-list 20 out serial 0
D. R2(config)# access-list 20 deny any R2(config)# router eigrp 1 R2(config-router)# distribute-list 20 out serial 0
E. R1(config)# access-list 20 permit any R1(config)# router eigrp 1 R1(config-router)# distribute-list 20 in serial 0
F. R2(config)# access-list 20 permit any R2(config)# router eigrp 1 R2(config-router)# distribute-list 20 in serial 0
Correct Answer: C Section: (none) Explanation
Refer to the exhibit. All multilayer switches are running PIM dense mode. Recipient A and Recipient B are sending IGMPv2 join messages to their respective multilayer switches. Which statement is true?
A. The Multicast Server is the root of the multicast tree. Switches 4 and 5 will participate in the multicast tree once pruning has taken place.
B. The Multicast Server is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the multicast tree once pruning has taken place.
C. Switch 3 is the root of the multicast tree. Switches 3,4, and 5 will participate in the multicast tree once pruning has taken place.
D. Switch 1 is the root of the multicast tree. Switches 1,4, and 5 will participate in the multicast tree once pruning has taken place.
E. Switch 1 is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the multicast tree once pruning has taken place.
F. Switch 3 is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the multicast tree once pruning has taken place.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 45
Refer to the exhibit. All multilayer switches are running PIM sparse mode. Host B and Host F are
sending IGMPv2 join messages to their respective multilayer switches. Which statement is true?
A. The multicast server is the rendezvous point of the multicast tree.
B. Switches 1, 2, 3, and 6 will participate in the multicast tree once pruning has taken place.
C. Switches 2 and 6 will participate in the multicast tree once pruning has taken place.
D. Switches 1, 2, 3, and 6 will participate in the multicast tree.
E. Switch 1 is the rendezvous of the multicast tree.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 46
Refer to the network of Layer 3 switches in the exhibit. The RPI Multicast Server only multicasts to
hosts connected to multilayer switches 5 and 6. The CMU Multicast Server multicasts to hosts on multilayer switches 1-6. Given the number of configuration steps involved, what is the most efficient way to configure the network while meeting the requirements for multicast data flow?
A. Configure each switch with PIM dense mode.
B. Configure each switch with PIM sparse mode.
C. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode. Leave each multicast server as the root of its own multicast tree.
D. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode. Allow the switches to elect their own root for each multicast tree.
E. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode. Specify switch 1 as the root for the RPI Multicast Server. Specify switch 2 as the root for the CMU Multicast Server.
F. Configure each switch with PIM sparse-dense mode. Configure switch 3 as a rendezvous point for the RPI multicast stream.
Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 47
A router is running BGP and receives more than one route for a particular prefix. Assume all the routes
for this prefix have the same attributes. Which three path features would be reasons be for the router to
ignore some of the routes and not consider them as candidates for the best path? (Choose three.)
A. paths that are marked as synchronized in the show ip bgp output
B. paths that are marked as not synchronized in the show ip bgp output
C. paths for which the NEXT_HOP is accessible
D. paths for which the NEXT_HOP is inaccessible
E. paths from an external BGP (eBGP) neighbor if the local autonomous system (AS) appears in the AS_PATH
F. paths from an internal BGP (iBGP) neighbor if the local autonomous system (AS) appears in the AS_PATH
Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 48
Refer to the exhibit. What two statements are true? (Choose two.)
A. Interface FastEthernet 0/0 was configured with the ipv6 ospf 1 area 1 command.
B. OSPF version 2 has been enabled to support IPv6.
C. The IP address of the backup designated router (BDR) is FE80::205:5FFF:FED3:5808.
D. The output was generated by the show ip interface command.
E. The router was configured with the commands: router ospf 1 network 172.16.6.0 0.0.0.255 area 1
F. This is the designated router (DR) on the FastEthernet 0/0 link.
Correct Answer: AC Section: (none) Explanation Explanation/Reference:
QUESTION 49
Which three route filtering statements are true? (Choose three.)
A. After the router rip and passive-interface s0/0 commands have been issued, the s0/0 interface will not send any RIP updates, but will receive routing updates on that interface.
B. After the router eigrp 10 and passive-interface s0/0 commands have been issued, the s0/0 interface will not send any EIGRP updates, but will receive routing updates on that interface.
C. After the router ospf 10 and passive-interface s0/0 commands have been issued , the s0/0 interface will not send any OSPF updates, but will receive routing updates on that interface.
D. When you use the passive-interface command with RIPv2, multicasts are sent out the specified interface.
E. When you use the passive-interface command with EIGRP, hello messages are not sent out the specified interface.
F. When you use the passive-interface command with OSPF, hello messages are not sent out the specified interface.
Correct Answer: AEF Section: (none) Explanation
Explanation/Reference:
QUESTION 50
Which two statements are true about IS-IS routing? (Choose two.)
A. IS-IS is more efficient than OSPF in the use of CPU resources.
B. Based on the default timers, OSPF detects a failure faster than IS-IS does.
C. OSPF default timers permit more tuning than IS-IS does.
D. OSPF is more scalable than IS-IS because of its ability to identify normal, stub, and NSSA areas.
E. IS-IS and OSPF are both Open Standard, link-state routing protocols which support VLSM.
Correct Answer: AE Section: (none) Explanation
Explanation/Reference: Exam D QUESTION 1
Refer to the exhibit. OSPF has been configured on all routers in the network and Area 1 has been configured as a NSSA. Which statement is true about the NSSA Area 1?
A. Redistributed RIP and IGRP routes will appear in Area 1. They will be advertised via type 5 LSAs.
B. Only redistributed RIP routes will appear in Area 1. They will be advertised via type 7 LSAs.
C. Only redistributed IGRP routes will appear in Area 1. They will be advertised via type 7 LSAs.
D. No redistributed routes can appear in Area 1, only summary routes.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Refer to the exhibit. All routers have Protocol Independent Multicast (PIM) enabled interfaces. On the basis of the configuration provided on routers R1 and R2, which router will take on the function of rendezvous point (RP) for the multicast network?
A. router R1
B. router R2
C. both routers R1 and R2
D. none of the routers since they are not configured with static RP
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Which two statements are true about the rendezvous point (RP) in a multicast network? (Choose two.)
A. An RP is required only in networks running Protocol Independent Multicast dense mode (PIM DM).
B. An RP is required only in networks running Protocol Independent Multicast sparse mode (PIM SM).
C. An RP is required only in networks running Protocol Independent Multicast sparse-dense mode (PIM-SDM).
D. The multicast sources must register with the RP to form the multicast distribution tree.
E. The multicast receivers must register with the RP to form the multicast distribution tree.
F. To form the multicast distribution tree, the multicast sources register with and the receivers join the RP.
Correct Answer: BF Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Refer to the exhibit. IP multicast for group address 224.1.1.1 has been enabled on all routers in the network. Hosts on Network A receive the multicast traffic. However, hosts on Network B do not. On the basis of outputs provided, what could be the cause of the problem?
A. Router R2 does not have an RP configured on the multicast network.
B. Router R2 does not see the upstream router R1 as a PIM neighbor.
C. Because of RPF failure, Router R2 does not forward multicast packets to Network B.
D. The multicast packets are sourced from a server with an unspecified IP address.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 5
If no metric is specified for the routes being redistributed into IS-IS, what metric value is assigned to the routes?
A. 0
B. 1
C. 10
D. 20
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Refer to the exhibit. Which statement is true about where trust boundaries should be established in a network?
A. Endpoint 1 is the only acceptable place to establish a trust boundary.
B. Endpoint 1 is the optimal place to establish a trust boundary.Endpoints 2 and 3 are acceptable places to establish a trust boundary.
C. Endpoint 2 is the only acceptable place to establish a trust boundary.
D. Endpoint 2 is the optimal place to establish a trust boundary.Endpoints 1 and 3 are acceptable places to establish a trust boundary.
E. Endpoints 1 and 2 are optimal places to establish a trust boundary. Endpoint 3 is an acceptable place to establish a trust boundary.
F. Endpoints 2 and 3 are optimal places to establish a trust boundary. Endpoint 1 is an acceptable place to establish a trust boundary.
Correct Answer: E Section: (none) Explanation
Explanation/Reference: QUESTION 7
Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on both switch S2 and S5. The global configuration command spanning-tree uplinkfast has been configured on both switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able to reach Host B?
A. Yes. Traffic can pass either from switch S6 to S3 to S2 to S1, or, from switch S6 to S5 to S2 to S1.
B. No. Traffic will pass from switch S6 to S5 and dead-end at interface Gi 0/0.
C. No. Traffic will loop back and forth between switch S5 and S2.
D. Yes. Traffic will pass from switch S6 to S3 to S2 to S1.
E. No. Traffic will either pass from switch S6 to S5 and dead-end, or traffic will pass from switch S6 to S3 to S2 and dead-end.
Correct Answer: D Section: (none) Explanation
Explanation/Reference: Answer:D
QUESTION 8
Refer to exhibit. BGP is configured on all routers, synchronization is turned off, and none of the default attributes have been changed except the local preference attribute on R4. Which path will be preferred by R2 to reach the network 100.100.100.0/24?
A. R2 R3 R4 R5 because it has a lower admin distance
B. R2 R3 R4 R5 because it has a higher local preference
C. R2 R1 because it has the shortest AS-path
D. R2 R1 because it has a lower local preference
Correct Answer: B Section: (none) Explanation
Explanation/Reference: Answer:B
QUESTION 9
Refer to the exhibit. On the basis of the information that is presented, what condition exists?
A. authenticating with AP
B. poor link status with AP
C. no valid radio for ADU
D. no association to AP
Correct Answer: C Section: (none)
Explanation
Explanation/Reference: Answer:C QUESTION 10
What is the effect of enabling a voice VLAN on a Catalyst switch port?
A. PortFast is disabled on the port.
B. Untagged traffic is sent according to the default CoS priority of the port.
C. Port security is automatically enabled on a voice VLAN port.
D. The CoS is trusted for 802.1P or 802.1Q tagged traffic.
Correct Answer: B Section: (none) Explanation
Explanation/Reference: Answer:B
QUESTION 11
A. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with a superior root bridge parameter and no traffic is forwarded across the ports. Once the inaccurate BPDUs have been stopped, the interfaces will need to be administratively shut down, and brought back up, to resume normal operation.
B. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with a superior root bridge parameter,but traffic is still forwarded across the ports.
C. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with a superior root bridge parameter and no traffic is forwarded across the ports. Once the inaccurate BPDUs have been stopped, the interfaces automatically recover and resume normal operation.
D. Interfaces FastEthernet3/1 and FastEthernet3/2 are candidates for becoming the STP root port, but neither can realize that role until BPDUs with a superior root bridge parameter are no longer received on at least one of the interfaces.
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Answer:C
QUESTION 12
Which two statements are true about the operation of voice VLANs on a Catalyst switch? (Choose two.)
A. Enabling voice VLANs enables the switch to create multiple queues for traffic that is entering a port.
B. Enabling voice VLANs enables the switch to forward frames with a specific 802.1P marking.
C. Voice VLANs are configured to enable the switch to forward frames marked with the proper CoS values over separate physical links.
D. When voice VLANs are configured on a trunk link, UplinkFast must also be enabled.
E. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port.
Correct Answer: BE Section: (none) Explanation
Explanation/Reference: Answer:BE
QUESTION 13
What is one method that can be used to prevent VLAN hopping?
A. Configure ACLs.
B. Enforce username/password combinations.
C. Configure all frames with two 802.1Q headers.
D. Explicitly turn off Dynamic Trunking Protocol (DTP) on all unused ports.
E. Configure VACLs.
Correct Answer: D Section: (none) Explanation
Explanation/Reference: Answer:D
QUESTION 14
Refer to the exhibit. Static WEP keys have been configured on all devices in the wireless LAN. What will happen if the access point receives packets sent by the wireless client adapter that are not encrypted with the appropriate key?
A. The wireless client adapter will be authenticated by the authentication server and the access point will deliver the packets to the intended receiver.
B. The wireless client adapter will not be authenticated by the authentication server, but the access point will deliver the packets to the intended receiver.
C. The access point will discard the packets and never deliver them to the intended receiver.
D. The wireless client adapter will not be able to send any packets to the access point.
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Answer:C
QUESTION 15
What three statements are true for networks that are enabled for voice as well as data traffic? (Choose three.)
A. An uptime of 99.999 percent is achieved using a 4-hour service response contract for system problems.
B. Auxiliary VLANs provide the ability to apply QoS to voice traffic without affecting the flow of data from the client PC.
C. Redundant hardware, redundant links, UPS, and proactive network management are data network standards that do not apply to voice networks.
D. The increased costs of voice enabled networks are offset by increased worker productivity.
E. For ease of implementation, most VoIP phones use in-line power to get power through the same cable on which data is sent.
F. High availability networks must be created to avoid network congestion and overcome a lack of redundancy and poor engineering.
Correct Answer: BEF Section: (none) Explanation Explanation/Reference: Answer:BEF
QUESTION 16
Refer to the exhibit. Which two statements are true about the required switch configurations to support a
A. CDP must be disabled on the switch port to prevent interference between CDP messages and voice traffic.
B. CDP must be enabled on the switch port to allow configuration information to be passed to the IP phone.
C. Static secure MAC addresses should be configured on voice vlan ports to prevent access by devices other than IP phones.
D. Portfast must be enabled on the switch port.
E. 802.1x authentication cannot be configured on a port configured for a voice vlan.
F. Port security cannot be configured on a port that is configured for a voice vlan.
Correct Answer: BD Section: (none) Explanation
Explanation/Reference: Answer:BD
QUESTION 17
When an attacker is using switch spoofing to perform VLAN hopping, how is the attacker able to gather information?
A. The attacking station uses DTP to negotiate trunking with a switch port and captures all traffic that is allowed on the trunk
B. The attacking station tags itself with all usable VLANs to capture data that is passed through the switch, regardless of the VLAN to which the data belongs.
C. The attacking station will generate frames with two 802.1Q headers to cause the switch to forward the frames to a VLAN that would be inaccessible to the attacker through legitimate means.
D. The attacking station uses VTP to collect VLAN information that is sent out and then tags itself with the domain information in order to capture the data.
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Answer:A
QUESTION 18
Refer to the exhibit. Based upon the information that is given, how will voice traffic from the phone and data traffic from the PC be handled by SW_1?
A. The switch port will trust the CoS value of the ingress voice and data traffic that comes into the switch port.
B. The switch port will perform marking for the ingress voice and data traffic by using the default CoS value at the switch port.
C. The switch port will trust the CoS value of the ingress voice traffic. Data traffic will be marked at the switch port with the default CoS value.
D. The switch port will trust the CoS value of the ingress data traffic. Voice traffic will be marked at the switch port with the default CoS value.
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Answer:A
QUESTION 19
A router has two paths to reach another network in a different autonomous system. Neither route was generated by the local router and both routes have the same default weight and local preference values. Which statement is true about how BGP would select the best path?
A. If the command bgp always-compare-med has been given, then the router will prefer the route with the highest MED.
B. The router will prefer the route with the lower MED.
C. The router will prefer the shortest autonomous system path.
D. To influence one route to be preferred, its default local preference value will be changed via the use of the command bgp default local-preference 50.
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Answer:C
QUESTION 20
Which two statements about 6to4 tunneling are accurate? (Choose two.)
A. Prepending a reserved IPv6 code to the hexadecimal representation of 192.168.0.1 facilitates 6to4 tunneling.
B. Each 6to4 site receives a /48 prefix in a 6to4 tunnel.
C. 2002::/48 is the address range specifically assigned to 6to4.
D. Prepending 0x2002 with the IPv4 address creates an IPv6 address that is used in 6to4 tunneling.
E. 6to4 is a manual tunnel method.
Correct Answer: BD Section: (none) Explanation
Explanation/Reference: Answer:BD
QUESTION 21
Refer to the exhibit. On the basis of the configuration that is provided, how would the BGP updates that
A. All BGP updates that are received on router R2 will be sent to routers R3 and R4. Routers R3 and R4 will then forward those BGP updates to router R5.
B. All BGP updates that are received on router R2 will not be sent to routers R3 and R4.
C. All BGP updates that are received on router R2 will be sent directly to router R5.
D. None of the BGP updates that are received on router R2 will ever be received by router R5. Testinside
Correct Answer: D Section: (none) Explanation Explanation/Reference: Answer:D
QUESTION 22
Refer to the exhibit. Router RTR is attempting to establish BGP neighbor relationships with routers RT1 and RT3. On the basis of the information that is presented in the exhibit, which two statements are true?
A. RTR has a BGP password set but neighbor 10.0.0.1 does not.
B. RTR has a BGP password set but neighbor 10.0.0.5 does not.
C. RTR has a BGP password set but neighbor 10.0.0.1 has an incorrect password set.
D. RTR has a BGP password set but neighbor 10.0.0.5 has an incorrect password set.
E. Neighbor 10.0.0.1 has a BGP password set but RTR does not.
F. Neighbor 10.0.0.5 has a BGP password set but RTR does not.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference: Answer:AD
QUESTION 23
Refer to the exhibit. Router RT-1 and router RT-2 both advertise network 131.25.0.0/16 to router RT-3 via internal BGP. What is the reason that router RT-3 chose router RT-1 as its best path to network 131.25.0.0/16.
A. It advertises the best AS-path.
B. It advertises the best origin code.
C. It advertises the best MED.
D. It advertises the best local preference.
E. It has a better router ID.
F. It advertises a lower autonomous system.
Correct Answer: E Section: (none) Explanation
Explanation/Reference: Answer: E
QUESTION 24
Which three of the following are features of the IS-IS routing protocol? (Choose three)
A. link-state routing protocol
B. inefficient use of bandwidth not appropriate for an ISP
C. supports VLSM
D. uses spanning tree algorithm for fast convergence
E. supports two routing levels within an autonomous system
F. operation is similar to BGP
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference: Answer:ACE
QUESTION 25
What is the MAC address that would be derived from the multicast address 239.255.0.1?
A. 01-00-5e-7f-00-01
B. 00-00-00-7f-00-01
C. 10-00-5e-7f-00-01
D. 10-00-ef-ff-00-01
E. 01-01-ef-ff-00-01
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Answer:A
QUESTION 26
Refer to the exhibit. Which statement is correct regarding the operation of NAT-PT between the IPv4 and IPv6 networks shown?
A. The router will determine the IPv4 destination address.
B. The source IPv6 host can use DNS to determine the IPv6-to-IPv4 address mapping.
C. The host is statically configured with the IPv6-to-IPv4 address mapping.
D. ICMP can be used to determine the IPv6-to-IPv4 address mapping.
Correct Answer: B Section: (none) Explanation
Explanation/Reference: Answer:B
QUESTION 27
Refer to the exhibit. Which interoperability technique implemented on the router would allow Host-1 to communicate with Host-2?
A. Dual Stack
B. NAT-PT
C. 6to4 tunnel
D. GRE tunnel
E. ISATAP tunnel
Correct Answer: B Section: (none) Explanation
Explanation/Reference: Answer:B
QUESTION 28
Refer to the exhibit. Which two statements are correct regarding the routes to be redistributed into
A. The network 192.168.1.0 will be allowed and assigned a metric of 100.
B. The network 192.168.1.0 will be allowed and assigned a metric of 200.
C. All networks except 10.0.0.0/8 will be allowed and assigned a metric of 200.
D. The network 172.16.0.0/16 will be allowed and assigned a metric of 200.
E. The network 10.0.10.0/24 will be allowed and assigned a metric of 200.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference: Answer:AD
QUESTION 29
Refer to the exhibit. Which two statements are true? (Choose two.)
A. This switch is the STP root bridge.
B. This switch is not the STP root bridge.
C. A spanning-tree loop exists in this network.
D. The default STP timers have been changed.
E. Port Fa0/11 is facing the root bridge.
F. Port Fa0/11 is facing away from the root bridge.
Correct Answer: BE Section: (none) Explanation
Explanation/Reference: Answer:BE
QUESTION 30
Refer to the exhibit. What additional commands should be used to configure OSPF area 5 as a T otally Stubby area?
A. area 0 stub on routers R4 and R5
B. area 5 stub on routers R4 and R5
C. area 5 stub no-summary on routers R4 and R5
D. area 0 stub no-summary on router R4 and area 5 stub no-summary on router R5
E. area 5 stub no-summary on router R4 and area 5 stub on router R5
Correct Answer: E Section: (none) Explanation
Explanation/Reference: Answer: E
QUESTION 31
A hacker is interested in seeing traffic from all switch ports on the switch that he is connected to, including the ports belonging to other VLANs. What type of attack is he likely to implement?
A. MAC address flooding
B. ARP attack
C. spoofing attack
D. DHCP attack
E. VLAN hopping
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Answer:A QUESTION 32
Which statement is true about OSPF Network LSAs?
A. They are originated by every router in the OPSF network. They include all routers on the link, interfaces, the cost of the link, and any known neighbor on the link.
B. They are originated by the DR on every multi-access network. They include all attached routers including the DR itself.
C. They are originated by Area Border Routers and are sent into a single area to advertise destinations outside that area.
D. They are originated by Area Border Router and are sent into a single area to advertise an Autonomous System Border Router.
Correct Answer: B Section: (none) Explanation
Explanation/Reference: Answer:B
QUESTION 33
Refer to the exhibit. OSPF is configured on all routers in the network. Area 5 is configured as an NSSA area. The RIPv2 routes are redistributed into the OSPF domain on router R5. What two types of LSAs will
A. type 1 Router LSA
B. type 2 Network LSA
C. type 3 Network Summary LSA
D. type 4 ASBR Summary LSA
E. type 5 AS External LSA
F. type 7 NSSA External LSA
Correct Answer: AF Section: (none) Explanation
Explanation/Reference: Answer:AF
QUESTION 34
In a customer’s network, VLAN Trunking Protocol (VTP) is running with a domain named main1. VLANs 1,2,3,4,5,10,20 are active on the network. Suddenly the whole network goes down. No traffic is being passed on VLANs 2,3,4,5,10,20, however traffic passes on VLAN 1 and indicates all switches are operational. Right before the network problem occurred, a switch named TEST1 was added to the network. What three conditions must exist on TEST1 to cause this network outage? (Choose three.)
A. TEST1 is configured as a VTP server with a different domain name.
B. TEST1 is not configured to participate in VTP .
C. TEST1 is configured as a VTP server with the domain name main1.
D. TEST1 has a lower VTP configuration revision than the current VTP revision.
E. TEST1 has a higher VTP configuration revision than the current VTP revision.
F. TEST1 is configured with only VLAN1.
Correct Answer: CEF Section: (none) Explanation
Explanation/Reference: Answer:CEF
QUESTION 35
What is a characteristic of a static VLAN membership assignment?
A. VMPS server lookup
B. easy to configure
C. ease of adds, moves, and changes
D. based on MAC address of the connected device
Correct Answer: B Section: (none) Explanation
Explanation/Reference: Answer:B
QUESTION 36
Given the network diagram, which address would successfully summarize only the networks seen?
A. 192.168.0.0/24
B. 192.168.8.0/20
C. 192.168.8.0/21
D. 192.168.12.0/20
E. 192.168.16.0/21
F. These networks cannot be summarized.
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Answer:C
QUESTION 37
Given the network diagram, which routers currently make up the IS-IS backbone?
A. R3,R4,R6
B. R3,R4,R5,R6
C. R2,R3,R6,R7
D. R2,R3,R4,R6,R7
E. R1 through R8
Correct Answer: D Section: (none) Explanation
Explanation/Reference: Answer:D
QUESTION 38
Which statement is correct about 802.1Q trunking?
A. Both switches must be in the same VTP domain.
B. The encapsulation type on both ends of the trunk does not have to match.
C. The native VLAN on both ends of the trunk must be VLAN 1.
D. 802.1Q trunking can only be configured on a Layer 2 port.
E. In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN.
Correct Answer: E Section: (none) Explanation
Explanation/Reference: Answer: E QUESTION 39
Given the above diagram and assuming that STP is enabled on all switch devices, which two
A. DSW11will be elected the root bridge.
B. DSW12 will be elected the root bridge.
C. ASW13 will be elected the root bridge.
D. P3/1 will be elected the nondesignated port.
E. P2/2 will be elected the nondesignated port.
F. P3/2 will be elected the nondesignated port.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference: Answer:AD
QUESTION 40
Which three statements about STP timers are true? (Choose three.)
A. STP timers values (hello, forward delay, max age) are included in each BPDU.
B. A switch is not concerned about its local configuration of the STP timers values. It will only consider the value of the STP timers contained in the BPDU it is receiving.
C. To successfully exchange BPDUs between two switches, their STP timers value (hello, forward delay, max age) must be the same.
D. If any STP timer value (hello, forward delay, max age) needs to be changed, it should at least be changed on the root bridge and backup root bridge.
E. On a switched network with a small network diameter, the STP hello timer can be tuned to a lower value to decrease the load on the switch CPU.
F. The root bridge passes the timer information in BPDUs to all routers in the Layer 3 configuration.
Correct Answer: ABD Section: (none) Explanation
Explanation/Reference: Answer:ABD QUESTION 41
Which command lists the system IDs of all known IS-IS routers?
A. show clns neighbors
B. show isis database
C. show isis topology
D. show clns neighbors detail
E. show is-is neighbors detail
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Answer:C
QUESTION 42
Refer to the exhibit. Routers R2, R3, R4, and R5 have OSPF enabled. What should be configured on the routers in area 1 to ensure that all default summary routes and redistributed EIGRP routes will be forwarded from R6 to area 1, and only a default route for all other OSPF routes will be forwarded from R5 to area 1.
A. R5(config-router)# area 1 stub R6(config-router)# area 1 stub
B. R5(config-router)# area 1 stub no-summary R6(config-router)# area 1 stub
C. R5(config-router)# area 1 nssa R6(config-router)# area 1 nssa
D. R5(config-router)# area 1 nssa no-summary R6(config-router)# area 1 nssa
Correct Answer: D Section: (none) Explanation
Explanation/Reference: Answer:D
QUESTION 43
Which two are characteristics of the IS-IS protocol but not OSPF? (Choose two.)
A. provides for network scalability by allowing the network to be separated into areas
B. provides routing support for multiple network layer protocols
C. three layers of hierarchical routing
D. utilizes SPF algorithm
E. forms adjacencies with all neighbors
F. supports demand circuit routing
Correct Answer: BE Section: (none) Explanation
Explanation/Reference: Answer:BE
QUESTION 44
Which three are benefits of IS-IS over OSPF? (Choose three.)
A. supports more routers in an area
B. does not require Hello packets to establish neighbor relationships
C. produces fewer link state advertisements for a given network
D. supports route tags
E. supports network layer protocols other than IP
F. requires fewer neighbor relationships in a broadcast multiaccess network
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference: Answer:ACE
QUESTION 45
Which two conditions can cause BGP neighbor establishment to fail? (Choose two.)
A. There is an access list blocking all TCP traffic between the two BGP neighbors.
B. The IBGP neighbor is not directly connected.
C. BGP synchronization is enabled in a transit autonomous system with fully-meshed IBGP neighbors.
D. The BGP update interval is different between the two BGP neighbors.
E. The BGP neighbor is referencing an incorrect autonomous system number in its neighbor statement.
Correct Answer: AE Section: (none) Explanation
Explanation/Reference: Answer:AE
QUESTION 46
Refer to the exhibit. All network links are FastEthernet. Although there is complete connectivity throughout the network, Front Line users have been complaining that they experience slower network performance when accessing the server farm than the Reception office experiences. Based on the exhibit, which two statements are true? (Choose two.)
A. Changing the bridge priority of S1 to 4096 would improve network performance.
B. Changing the bridge priority of S1 to 36864 would improve network performance.
C. Changing the bridge priority of S2 to 36864 would improve network performance.
D. Changing the bridge priority of S3 to 4096 would improve network performance.
E. Disabling the Spanning Tree Protocol would improve network performance.
F. Upgrading the link between S2 and S3 to Gigabit Ethernet would improve performance.
Correct Answer: BD Section: (none) Explanation
Explanation/Reference: Answer:BD
QUESTION 47
What is the effect of configuring the following command on a switch? Switch(config) # spanning-tree portfast bpdufilter default
A. If BPDUs are received by a port configured for PortFast, then PortFast is disabled and the BPDUs are processed normally.
B. If BPDUs are received by a port configured for PortFast, they are ignored and none are sent.
C. If BPDUs are received by a port configured for Portfast, the port will transition to forwarding state.
D. The command will enable BPDU filtering on all ports regardless of whether they are configured for BPDU filtering at the interface level.
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Answer:A QUESTION 48
Which two multicast IP addresses can be represented by the multicast MAC address 0100.5e0A.0A07? (Choose two.)
A. 228.10.10.7
B. 228.10.10.8
C. 228.10.138.7
D. 229.11.10.7
E. 229.138.10.7
F. 229.138.10.8
Correct Answer: AE Section: (none) Explanation
Explanation/Reference: Answer:AE
QUESTION 49
When authentication is required, where must 802.1x be configured in order to connect a PC to a switch?
A. client PC only
B. switch port only
C. switch port and client PC
D. switch port and local router port
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Answer:C
QUESTION 50
Refer to the exhibit. What does the command channel-group 1 mode desirable do?
A. enables LACP unconditionally
B. enables PAgPonly if a PAgPdevice is detected
C. enables PAgPunconditionally
D. enables Etherchannel only
E. enables LACP only if a LACP device is detected
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Answer:C
QUESTION 51
Which two statements about multicast addressing are true? (Choose two.)
A. To calculate the Layer 2 multicast address, the host maps the last 24 bits of the IP address into the last 24 bits of the MAC address. The high-order bit is set to 0.
B. To calculate the Layer 2 multicast address, the host maps the last 23 bits of the IP address into the last 24 bits of the MAC address. The high-order bit is set to 0.
C. To calculate the Layer 2 multicast address, the host maps the last 23 bits of the IP address into the last 24 bits of the MAC address. The high-order bit is set to 1.
D. The first 3 bytes (24 bits) of the multicast MAC address are 0x01-00-5E. This is a reserved value that indicates a multicast application.
E. The last 3 bytes (24 bits) of the multicast MAC address are 0x01-00-5E. This is a reserved value that indicates a multicast application.
F. The first 23 bits of the multicast MAC address are 0x01-00-5E. This is a reserved value that indicates a multicast application.
Correct Answer: BD Section: (none) Explanation
Explanation/Reference: Answer:BD
QUESTION 52
Refer to the exhibit. Which statement is true?
A. IP traffic matching access list ABC is forwarded through VLANs 5-10.
B. IP traffic matching VLAN list 5-10 will be forwarded, and all other traffic will be dropped.
C. All VLAN traffic matching VLAN list 5-10 will be forwarded, and all traffic matching access list ABC is dropped.
D. All VLAN traffic in VLANs 5-10 that match access list ABC will be forwarded, and all else will be dropped.
Correct Answer: D Section: (none) Explanation
Explanation/Reference: Answer:D
QUESTION 53
Which two statements about the IS-IS routing protocol are true? (Choose two.)
A. In the IS-IS routing domain, routers may have adjacencies with other routers on multipoint links.
B. IS-IS metrics are based on delay, bandwidth, reliability,load, and MTU.
C. Level 1 routers learn about paths within the areas that the routers are connected to.
D. Level 2 routers are equivalent to ABRs in OSPF and learn about paths both within and between areas.
E. Level 1 and Level 2 routing is a function of ES-IS.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference: Answer:AC
QUESTION 54
Refer to the exhibit. Autonomous systems 200 and 300 have EBGP sessions established with their directly connected routers in autonomous system 100. IGP has been configured on all routers in autonomous system 100 and they successfully exchange routing updates. Traffic originated in autonomous system 200 cannot reach the destination autonomous system 300. What configuration should be done on the routers in autonomous system 100 in order for the traffic coming from autonomous system 200 to be forwarded to autonomous system 300?
A. IBGP session must be established between routers R1 and R3, and the synchronization must be turned on.
B. IBGP session must be established between routers R1 and R3, and the synchronization must be turned off.
C. IBGP session must be established between routers R1 R2 and R2 R3, and the synchronization must be turned on.
D. IBGP session must be established between routers R1 R2 and R2 R3, and the synchronization must be turned off.
E. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned on.
F. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned off.
Correct Answer: F Section: (none) Explanation
Explanation/Reference: Answer: F
QUESTION 55
Refer to the exhibit. Routers R1 and R2 are IPv6 BGP peers that have been configured to support a neighbor relationship over an IPv4 internetwork. Which three neighbor IP addresses are valid choices to use in the highlighted section of the exhibit? (Choose three.)
A. ::0A43:0002
B. 0A43:0002::
C. ::10.67.0.2
D. 10.67.0.2::
E. 0:0:0:0:0:0:10.67.0.2
F. 10.67.0.2:0:0:0:0:0:0
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference: Answer:ACE
QUESTION 56
An IPv6 overlay tunnel is required to communicate with isolated IPv6 networks across an IPv4 infrastructure. There are currently five IPv6 overlay tunnel types. Which three IPv6 overlay tunnel statements are true? (Choose three.)
A. Overlay tunnels can only be configured between border routers capable of supporting IPv4 and IPv6.
B. Overlay tunnels can be configured between border routers or between a border router and a host capable of supporting IPv4 and IPv6.
C. Cisco IOS supports manual, generic routing encapsulation (GRE), IPv6-compatible, 4to6, and Multiprotocol Label Switching (MPLS) overlay tunneling mechanisms.
D. Cisco IOS supports manual, generic routing encapsulation (GRE), IPv4-compatible, 6to4, and Intra-Site Automatic TunnelAddressing Protocol (ISATAP)overlay tunneling mechanisms.
E. A manual overlay tunnel supports point-to-multipoint tunnels capable of carrying IPv6 and Connectionless Network Service (CLNS) packets.
F. Overlay tunneling encapsulates IPv6 packets in IPv4 packets for delivery across an IPv4 infrastructure.
Correct Answer: BDF Section: (none) Explanation
Explanation/Reference:Answer:BDF
QUESTION 57
Which statement describes the difference between a manually configured IPv6 in IPv4 tunnel versus an automatic 6to4 tunnel?
A. A manually configured IPv6 in IPv4 tunnel allows multiple IPv4 destinations.
B. An automatic 6to4 tunnel allows multiple IPv4 destinations.
C. A manually configured IPv6 in IPv4 tunnel does not require dual-stack (IPv4 and IPv6) routers at the tunnel endpoints.
D. An automatic 6to4 tunnel does not require dual-stack (IPv4 and IPv6) routers at the tunnel endpoints.
Correct Answer: B Section: (none) Explanation
Explanation/Reference: Answer:B
QUESTION 58
Which two statements about the IS-IS routing protocol are true? (Choose two.)
A. IS-IS is capable of supporting IPv4 and IPv6.
B. IS-IS is only capable of supporting IPv4 and CLNS.
C. IS-IS routers use ES-IS hellos (ESH) to establish and to maintain neighbor relationships.
D. IS-IS routers run the Bellman-Ford algorithm against their LSDBs to pick the best paths.
E. Level 1 routers learn about paths within the area of which they are a part.
F. Level 2 routers learn about paths both within areas and between areas.
Correct Answer: AE Section: (none) Explanation
Explanation/Reference: Answer:AE
Exam E QUESTION 1
Refer to the exhibit. Which statement is true?
A. Router RAR1 will accept only route 10.10.0.0/19 from its BGP neighbor.
B. Router RAR1 will send only route 10.10.0.0/19 to its BGP neighbor.
C. Only traffic with a destination from 10.10.0.0/19 will be permitted.
D. Only traffic going to 10.10.0.0/19 will be permitted.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Refer to the exhibit. Which statement is true about the 6.6.6.0/24 prefix?
A. If another path advertises the 6.6.6.0/24 path and has the default local preference, that path is more preferred.
B. The command neighbor send-community is configured on BGP neighbor 10.10.23.3.
C. The route 10.10.23.3 is not being advertised to other BGP neighbors.
D. Route 6.6.6.0/24 is learned by an IBGP peer.
Correct Answer: B Section: (none) Explanation
Explanation/Reference: QUESTION 3
Into which two types of areas would an area border router (ABR) inject a default route? (Choose two.)
A. the autonomous system of a different interior gateway protocol (IGP)
B. area 0
C. totally stubby
D. NSSA
E. stub
F. the autonomous system of an exterior gateway protocol (EGP)
Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 4
What are the two reasons for the appearance of 0.0.0.0 as the next hop for a network in the show ip bgp
command output? (Choose two.)
A. The network was originated via redistribution of an interior gateway protocol into BGP.
B. The network was defined by a static route.
C. The network was originated via a network or aggregate command.
D. The network was learned via EBGP.
E. The network was learned via IBGP.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Refer to the exhibit. Which two statements are true about the partial configuration that is provided.
(Choose two.)
A. All the configured neighbors are in autonomous system 100.
B. The peer group shortens the IBGP configuration.
C. The peer group shortens the EBGP configuration.
D. Only the outgoing filters are applied to BGP updates.
E. Three AS-path filters are applied to each BGP neighbor.
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Refer to the exhibit. Which two statements are correct? (Choose two.)
A. All six routes will be installed in the routing table.
B. Two routes will be installed in the routing table.
C. Four routes will be installed in the routing table.
D. All the routes were redistributed into BGP from an IGP.
E. All the routes were originated by BGP with the network command.
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Which three IP multicast related statements are true? (Choose three.)
A. Multicast addresses 224.0.1.0 through 238.255.255.255 are called globally scoped addresses. They are used to multicast data between organizations and across the Internet.
B. The multicast address 224.0.0.1 is a globally scoped address that has been reserved for the Network Time Protocol (NTP) by the IANA.
C. Multicast addresses 239.0.0.0 through 239.255.255.255 are called limited scope addresses. They are constrained to a local group or organization.
D. Multicast addresses 224.0.0.5 and 224.0.0.6 are limited scoped addresses that have been reserved for OSPF.
E. Multicast addresses 224.0.0.0 through 224.0.0.255 are used for network protocols on local LAN segments. Because they are always transmitted with a Time to Live (TTL) of 1, they are never forwarded by a router.
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Which three IP multicast address related statements are true? (Choose three.)
A. Multicast addresses 224.0.0.0 through 224.0.0.255 are always forwarded because they are transmitted with Time to Live (TTL) greater than 1.
B. Multicast addresses 224.0.0.5 and 224.0.0.6 are source multicast addresses for OSPF routers.
C. Multicast addresses 224.0.0.13 and 224.0.0.22 are reserved link-local addresses used by PIMv2 and IGMPv3.
D. Because they would map to overlapping IP multicast MAC addresses, multicast addresses 224.0.1.1 and 238.1.1.1 could not be used together.
E. Multicast address 224.0.1.1 has been reserved for the Network Time Protocol (NTP) by the IANA.
F. The administratively scoped multicast addresses 239.0.0.0 through 239.255.255.255 are similar in purpose to RFC 1918 private unicast addresses.
Correct Answer: CEF Section: (none) Explanation
Explanation/Reference:
QUESTION 9
Which three IP multicast group concepts are true? (Choose three.)
A. If a packet is sent to a multicast group address, all members of the multicast group will receive it.
B. If a packet is sent to a multicast group address, the multicast frame contains the source multicast address.
C. A router does not have to be a member of a multicast group to receive multicast data.
D. A router does not have to be a member of a multicast group to send to the group.
E. A router must be a member of a multicast group to receive multicast data.
F. A router must be a member of a multicast group to send to the group.
Correct Answer: ADE Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Which two multicast protocol statements are true? (Choose two.)
A. Dense mode multicast requires explicit join messages from their members.
B. Dense mode multicast uses a push model to flood traffic throughout the network and then prunes the unwanted traffic.
C. Sparse mode multicast uses a pull model to send multicast traffic to where it is requested.
D. Sparse mode uses reverse path forwarding (RPF) to prune off redundant flows.
E. The primary use of sparse mode multicast is for test labs and router performance testing.
Correct Answer: BC Section: (none) Explanation
Explanation/Reference: QUESTION 11
Which command enables OSPF for IPv6?
A. router ospf process-id
B. ipv6 ospf process-id
C. ipv6 router ospf process-id
D. router ospf ipv6 process-id
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 12
Refer to the exhibit. Which statement is true about a voice VLAN?
A. Physically the voice network and the data network are separate.
B. The voice traffic will normally be on a different IP subnet than will the data traffic.
C. End user intervention is necessary to place the phone into the proper VLAN.
D. The same security policy should be implemented for both voice and data traffic.
E. The data VLAN must be configured as the native VLAN.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 13
Refer to the exhibit. What is the effect on the trust boundary of configuring the command mls qos trust
cos on the switch port that is connected to the IP phone?
A. Effectively the trust boundary has been moved to the IP phone.
B. The host is now establishing the CoS value and has effectively become the trust boundary.
C. The switch is rewriting packets it receives from the IP phone and determining the CoS value.
D. The switch will no longer tag incoming voice packets and will trust the distribution layer switch to set the CoS.
E. RTP will be used to negotiate a CoS value based upon bandwidth utilization on the link.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 14
Refer to the exhibit. What is the effect when the switchport priority extend cos 3 command is configured
on the switch port interface connected to the IP phone?
A. Effectively, the trust boundary has been moved to the PC attached to the IP phone.
B. The computer is now establishing the CoS value and has effectively become the trust boundary.
C. The IP phone is enabled to override with a CoS value of 3 the existing CoS marking of the PC attached to the IP phone.
D. The switch will no longer tag incoming voice packets and will extend the trust boundary to the distribution layer switch.
E. RTP will be used to negotiate a CoS value based upon bandwidth utilization on the link.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 15
Which three WLAN statements are true? (Choose three.)
A. A lightweight AP receives control and configuration from a WLAN controller to which it is associated.
B. A WLAN client that is operating in half-duplex mode will delay all clients in that WLAN.
C. Ad hoc mode allows mobile clients to connect directly without an intermediate AP.
D. Another term for infrastructure mode is independent service set (IBSS).
E. The Aironet 1230 access point is an example of an access point that operates solely as a lightweight access point.
F. WLANs are designed to share the medium and can easily handle an increased demand of channel contention.
Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 16
Which statement is true about IP telephony calls?
A. A Voice over IP (VoIP) packet consists of the voice payload, IP header, TCP header, RTP header, and Layer 2 link header.
B. The voice carrier stream uses H.323 to set up, maintain, and tear down call endpoints.
C. Call control signaling uses Real-Time Transport Protocol (RTP) packets that contain actual voice samples.
D. The sum of bandwidth necessary for each major application, including voice, video, and data, should not exceed 75 percent of the total available bandwidth for each link.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Which three statements are true about the voice VLAN feature on a Catalyst 2950 switch? (Choose
three.)
A. The CoS value is trusted for 802.1p or 802.1q tagged traffic.
B. The voice VLAN feature is disabled by default.
C. The IP phone accepts the priority of all tagged and untagged traffic and sets the CoS value to 4.
D. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port.
E. PortFast is automatically disabled when a voice VLAN is configured.
F. The default CoS value for incoming traffic is set to 0.
Correct Answer: BDF Section: (none) Explanation
Explanation/Reference:
QUESTION 18
In what three ways is QoS applied in the campus network? (Choose three.)
A. No traffic marking occurs at the core layer. Layer 2/3 QoS tags are trusted from distribution layer switches and used to prioritize and queue the traffic as it traverses the core.
B. IP precedence, DSCP, QoS group, IP address, and ingress interface are Layer 2 characteristics that are set by the access layer as it passes traffic to the distribution layer. The distribution layer, once it has made a switching decision to the core layer, strips these off.
C. MAC address, Multiprotocol Label Switching (MPLS), the ATM cell loss priority (CLP) bit, the Frame Relay discard eligible (DE) bit, and ingress interface are established by the voice submodule (distribution layer) as traffic passes to the core layer.
D. The distribution layer inspects a frame to see if it has exceeded a predefined rate of traffic within a certain time frame, which is typically a fixed number internal to the switch. If a frame is determined to be in excess of the predefined rate limit, the CoS value can be marked up in a way that results in the packet being dropped.
E. The access layer is the initial point at which traffic enters the network. Traffic is marked (or remarked) at Layers 2 and 3 by the access switch as it enters the network, or is “trusted” that it is entering the network with the appropriate tag.
F. Traffic inbound from the access layer to the distribution layer can be trusted or reset depending upon the ability of the access layer switches. Priority access into the core is provided based on Layer 3 QoS tags.
Correct Answer: AEF Section: (none) Explanation
Explanation/Reference: QUESTION 19
Which two Aironet enterprise solution statements are true? (Choose two.)
A. A Cisco Aironet AP handles the transmission of beacon frames and also handles responses to probe-request frames from clients.
B. A Cisco Aironet solution includes intelligent Cisco Aironet access points (APs) and Cisco Catalyst switches.
C. In the Cisco Aironet solution, each AP is locally configured by the use of either a web interface or the command line interface.
D. The Cisco Aironet AP handles real-time portions of the LWAPP protocol, and the WLAN controller handles those items which are not time sensitive.
E. Virtual MAC architecture allows the splitting of the 802.11 protocol between the Cisco Aironet AP and a LAN switch.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Which statement about the Lightweight Access Point Protocol (LWAPP) is true?
A. LWAPP encrypts control traffic between the AP and the controller.
B. LWAPP encrypts user traffic with a x.509 certificate using AES-CCMP.
C. LWAPP encrypts both control traffic and user data.
D. When set to Layer 3, LWAPP uses a proprietary protocol to communicate with the Cisco Aironet APs.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 21
Refer to the exhibit. Which three statements accurately describe this GLBP topology? (Choose three.)
A. Router A is responsible for answering ARP requests sent to the virtual IP address.
B. If Router A becomes unavailable, Router B will forward packets sent to the virtual MAC address of Router A.
C. If another router were added to this GLBP group, there would be two backup AVGs.
D. Router B is in GLBP listen state.
E. Router A alternately responds to ARP requests with different virtual MAC addresses.
F. Router B will transition from blocking state to forwarding state when it becomes the AVG.
Correct Answer: ABE Section: (none) Explanation
Explanation/Reference:
QUESTION 22
Refer to the exhibit. Which Virtual Router Redundancy Protocol (VRRP) statement is true about the
roles of the master virtual router and the backup virtual router?
A. Router A is the master virtual router, and Router B is the backup virtual router. When Router A fails, Router B will become the master virtual router. When Router A recovers, Router B will maintain the role of master virtual router.
B. Router A is the master virtual router, and Router B is the backup virtual router. When Router A fails, Router B will become the master virtual router. When Router A recovers, it will regain the master virtual router role.
C. Router B is the master virtual router, and Router A is the backup virtual router. When Router B fails, Router A will become the master virtual router. When Router B recovers, Router A will maintain the role of master virtual router.
D. Router B is the master virtual router, and Router A is the backup virtual router. When Router B fails, Router A will become the master virtual router. When Router B recovers, it will regain the master virtual router role.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 23
Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address?
A. reduction of processing in wireless controllers
B. distributed approach to authentication, encryption, and policy enforcement
C. provides security by blocking communication between access points and wireless clients
D. access point discovery, information exchange, and configuration
Correct Answer: D Section: (none)
Explanation Explanation/Reference:
QUESTION 24
Refer to the exhibit. Which three statements are true about trust boundaries in the campus network? (Choose three.)
A. A device is trusted if it correctly classifies packets.
B. A device is trusted if it correctly declassifies packets.
C. The outermost trusted devices represent the trust boundary.
D. Classification and marking occur using 802.1ab QoS bits before reaching the trust boundary.
E. Network trust boundaries are automatically configured in IOS version 12.3 and later.
F. For scalability, classification should be done as close to the edge as possible.
Correct Answer: ACF Section: (none) Explanation
Explanation/Reference:
QUESTION 25
Refer to the exhibit. The command spanning-tree bpdufilter enable is configured on interface Fa0/1 on
A. Fifty percent of the traffic will successfully reach Host B, and fifty percent will dead-end at switch S3 because of a partial spanning-tree loop.
B. No. Traffic will pass from switch S6 to S2 and dead-end at S2.
C. No. Traffic will loop back and forth between switch S6 and Host A.
D. No. Traffic will loop back and forth between switches S2 and S3.
E. Yes. Traffic will pass from switch S6 to S2 to S1.
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 26
Refer to the exhibit. A Cisco Aironet Wireless LAN Client Adapter has been installed and configured through the ADU on the PC. The Aironet System Tray Utility (ASTU) has been enabled during the installation and the icon appears in the system tray area in the lower right of the desktop. What is the significance of the icon?
A. It indicates that the radio of the client adapter is disabled.
B. It indicates that the client adapter is not associated to an access point or another client.
C. It indicates that the client adapter is associated to an access point or another client, but the user is not EAP authenticated.
D. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is excellent or good.
E. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is fair.
F. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is poor.
Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 27
What are three required steps to configure DHCP snooping on a switch? (Choose three.)
A. Configure DHCP snooping globally.
B. Configure DHCP snooping on an interface.
C. Configure DHCP snooping on a VLAN or range of VLANs.
D. Configure the switch as a DHCP server.
E. Configure all interfaces as DHCP snooping trusted interfaces.
F. Configure the switch to insert and remove DHCP relay information (option-82 field) in forwarded DHCP request messages.
Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 28
A client is searching for an access point (AP). What is the correct process order that the client and
access point go through to create a connection?
A. probe request/response, authentication request/response, association request/response
B. association request/response, authentication request/response, probe request/response
C. probe request/response, association request/response, authentication request/response
D. association request/response, probe request/response, authentication request/response
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 29
Which two statements are true about voice VLANs? (Choose two.)
A. Voice VLANs are only used when connecting an IP phone and a host to distinct switch ports.
B. Access ports that are configured with voice VLANs will always trust the CoS that is received from IP phones.
C. Access ports that are configured with voice VLANs may or may not override the CoS value that is received from an IP phone.
D. Voice VLANs are configured using the switchport voice vlan vlan-ID interface configuration command.
E. Voice VLANs provide a trunking interface between an IP phone and an access port on a switch to allow traffic from multiple devices that are connected to the port.
F. Enabling Voice VLAN on a switch port will automatically configure the port to trust the incoming CoS markings.
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 30
Which two types of activities does the Lightweight Access Point Protocol (LWAPP) define? (Choose
two.)
A. access point certification and software control
B. compression and Layer 3 address mapping
C. Layer 3 addressing and distribution
D. packet encapsulation, fragmentation, and formatting
E. SNMP monitoring services
Correct Answer: AD Section: (none) Explanation Explanation/Reference:
QUESTION 31
Which statement about the Lightweight Access Point Protocol (LWAPP) protocol is true?
A. The processing of 802.11 data and management protocols and access point capabilities is distributed between a lightweight access point and a centralized WLAN controller.
B. LWAPP aggregates radio management forward information and sends it to a wireless LAN solution engine.
C. LWAPP authenticates all access points in the subnet and establishes a secure communication channel with each of them.
D. LWAPP advertises its WDS capability and participates in electing the best WDS device for the wireless LAN.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 32
Which statement describes the function of a trust boundary?
A. Trust boundaries determine whether certain types of traffic can pass.
B. Trust boundaries are a point in the network where decisions about CoS markings on incoming packets are made.
C. Trust boundaries are a point in the network where QoS functionality begins and ends.
D. Trust boundaries are points in the network where Layer 2 CoS markings are converted to Layer 3 DSCP or IP precedence markings.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 33
Which two statements about voice VLANs are correct? (Choose two.)
A. Voice VLANs eliminate the need for QoS configuration.
B. Voice VLANs are used on trunk links to eliminate the need for QoS CoS markings.
C. Voice VLANs are mainly used to reduce the number of access switch ports that are used in the network.
D. Voice VLANs can be configured to forward existing CoS priorities or override them.
E. Voice VLANs are mainly used between access layer switches and distribution layer switches.
F. Voice VLANs can be configured on Layer 2 ports only.
Correct Answer: DF Section: (none) Explanation
Explanation/Reference:
QUESTION 34
Refer to the exhibit. Which switch interface configuration command would automatically configure
quality of service (QoS) for voice over IP (VoIP) within a QoS domain?
A. auto qos voip cisco-phone
B. mls qos trust
C. switchport priority extend cos 7
D. switchport priority extend trust
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 35
Refer to the exhibit. Which Catalyst switch interface command would be used to cause the switch to instruct the phone to override the incoming CoS from the PC before forwarding the packet to the switch?
A. switchport priority extend trust
B. switchport priority extend cos 2
C. switchport priority extend cos 11
D. mls qos cos 2
E. mls qos cos 2 override
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 36
Refer to the exhibit. Dynamic ARP inspection (DAI) is enabled on switch SW_A only. Both Host_A and
Host_B acquire their IP addresses from the DHCP server connected to switch SW_A. What would the
outcome be if Host_B initiated an ARP spoof attack toward Host_A ?
A. The spoof packets will be inspected at the ingress port of switch SW_A and will be permitted.
B. The spoof packets will be inspected at the ingress port of switch SW_A and will be dropped.
C. The spoof packets will not be inspected at the ingress port of switch SW_A and will be permitted.
D. The spoof packets will not be inspected at the ingress port of switch SW_A and will be dropped.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 37
On an Aironet card, LED 0 and LED 1 are blinking alternately. What does this indicate?
A. The Aironet card is in power save mode.
B. The Aironet card is looking for a network association.
C. The Aironet card is joined to a network, but there is no network activity.
D. The Aironet card is joined to a network, and there is network activity.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 38
Refer to the exhibit. Which two Lightweight Access Point statements are true? (Choose two.)
A. An AP that has been upgraded from an autonomous AP to lightweight AP will only function in conjunction with a Cisco Wireless LAN controller.
B. Autonomous APs receive control and configuration information from a WLAN controller.
C. LWAPP increases the amount of processing within the APs, enabling them to support filtering and policy enforcement features.
D. Real time events such as authentication, security management, and mobility are handled by the lightweight AP.
E. Lightweight APs require local configurations using local management.
F. WLAN controllers provide a single point of management.
Correct Answer: AF Section: (none) Explanation
Explanation/Reference:
QUESTION 39
Which two WLAN client utility statements are true? (Choose two.)
A. In a Windows XP environment, a client adapter can only be configured and managed with the Microsoft Wireless Configuration Manager.
B. The Aironet Desktop Utility (ADU) can be used to enable or disable the adapter radio and to configure LEAP authentication with dynamic WEP.
C. The Cisco Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can both be enabled at the same time to setup WLAN client cards.
D. The Microsoft Wireless Configuration Manager can be configured to display the Aironet System Tray Utility (ASTU) icon in the Windows system tray.
Correct Answer: BD Section: (none) Explanation Explanation/Reference:
QUESTION 40
Refer to the exhibit. Router R1 is being used as a relay device for autoconfiguration of switch S1. Which configuration will accomplish this?
A. S1(config)# interface fastethernet 0/1 S1(config-if)# ip helper-address 10.0.0.2
B. S1(config)# interface fastethernet 0/1 S1(config-if)# ip helper-address 20.0.0.1
C. R1(config)# interface fastethernet 0/0 R1(config-if)# ip helper-address 20.0.0.2 R1(config-if)# ip helper-address 20.0.0.3
R1(config-if)# ip helper-address 20.0.0.4 R1(config-if)# exit R1(config)# interface fastethernet 0/1 R1(config-if)# ip helper-address 10.0.0.1
D. R1(config)# interface fastethernet 0/0 R1(config-if)# ip helper-address 20.0.0.1 R2(config)# interface fastethernet 0/0 R2(config-if)# ip helper-address 20.0.0.1 R3(config)# interface fastethernet 0/0 R3(config-if)# ip helper-address 20.0.0.1 R4(config)# interface fastethernet 0/0 R4(config-if)# ip helper-address 20.0.0.1
E. S1(config)# interface fastethernet 0/1 S1(config-if)# ip helper-address 10.0.0.2 R2(config)# interface fastethernet 0/0 R2(config-if)# ip helper-address 20.0.0.1 R3(config)# interface fastethernet 0/0 R3(config-if)# ip helper-address 20.0.0.1
R4(config)# interface fastethernet 0/0
R4(config-if)# ip helper-address 20.0.0.1
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 41
Which statement is true about Layer 2 security threats?
A. MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable attack points.
B. DHCP snooping sends unauthorized replies to DHCP queries.
C. ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection.
D. Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP snooping attacks.
E. MAC spoofing attacks allow an attacking device to receive frames intended for a different network host.
F. Port scanners are the most effective defense against dynamic ARP inspection.
Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 42
A Cisco Aironet Wireless LAN Adapter CB21AG is inserted into a PC cardbus slot. Both the green
status LED and the amber activity LED are blinking slowly. What is the condition of the adapter?
A. The adapter is not receiving power.
B. The adapter is in power save mode.
C. The adapter is scanning for the wireless network for which it is configured.
D. The adapter is associated to an access point or another client.
E. The adapter is transmitting or receiving data while associated to an access point or another client.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 43
What does the global configuration command ip arp inspection vlan 10-12,15 accomplish?
A. validates outgoing ARP requests for interfaces configured on VLAN 10, 11, 12, or 15
B. intercepts all ARP requests and responses on trusted ports
C. intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings
D. discards ARP packets with invalid IP-to-MAC address bindings on trusted ports
Correct Answer: C Section: (none) Explanation
Explanation/Reference: QUESTION 44
Refer to the exhibit. The wireless user is moving from right to left towards AP2. What are three reasons that the wireless client would initiate roaming? (Choose three.)
A. The client has missed too many beacons from AP1.
B. The client has received too many beacons from AP2.
C. The client data rate from AP1 has been reduced.
D. The client data rate from AP2 has been increased.
E. The maximum data retry count from AP1 is exceeded.
F. The minimum data retry count from AP1 is exceeded.
Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 45
Which two statements about WLAN components are true? (Choose two.)
A. Cisco Aironet autonomous access points cannot be supported by the Cisco Unified Wireless Network.
B. Cisco Aironet lightweight access points cannot be supported by the Cisco Unified Wireless Network.
C. In the autonomous access point solution, control is provided by the Wireless Domain Services (WDS).
D. In the autonomous access point solution, control is provided by the WLAN controller.
E. In the lightweight access point solution, WLAN management is provided by the WLAN Solution Engine (WLSE).
F. In the lightweight access point solution, WLAN management is provided by the WLAN Control System (WCS).
Correct Answer: CF Section: (none) Explanation
Explanation/Reference:
QUESTION 46
Which two statements about voice traffic are true? (Choose two.)
A. Voice packets are typically around 60 to 120 bytes.
B. Voice packets are typically around 600 to 1200 bytes.
C. Voice packets are typically around 60 to 120 KB.
D. For voice quality, packet loss should be less than 1 percent and delay should be no more than 150 ms.
E. For voice quality, packet loss should be less than 2 percent and delay should be no more than 250 ms.
F. A typical voice call requires 17 kbps to 106 kbps of guaranteed priority bandwidth plus an additional 15 kbps per call for voice-control traffic.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 47
What are three characteristics of the wireless repeater topology? (Choose three.)
A. Lightweight access points are required.
B. Autonomous access points are required.
C. The recommended overlap of the access point on the wired LAN and the wireless repeater is 50%.
D. The recommended overlap of the access point on the wired LAN and the wireless repeater is 25%.
E. The SSID of the root access point must be configured on the repeater access point.
F. The SSID of the root access point must be distinct from that of the repeater access point.
Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 48
Refer to the exhibit. What radio button option on the Aironet Desktop Utility (ADU) Security tab includes
the option of Advanced Encryption Standard (AES) and Extensible Authentication Protocol-Flexible
Authentication via Secure Tunneling?
A. WPA/WPA2/CCKM
B. WPA/WPA2 Passphrase
C. 802.1x
D. Pre-Shared Key (Static WEP)
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 49
What are two methods of mitigating MAC address flooding attacks? (Choose two.)
A. Place unused ports in a common VLAN.
B. Implement private VLANs.
C. Implement DHCP snooping.
D. Implement port security.
E. Implement VLAN access maps.
Correct Answer: DE Section: (none) Explanation
Explanation/Reference: Exam F
QUESTION 1 lab Answer:AB
A. ALswitch#conf t ALswitch(config)#vtp mode client ALswitch(config)#vtp domain CISCO ALswitch(config)#end ALswitch#copy run start DLswitch#conf t DLswitch(config)#vtp mode server DLswitch(config)#vtp domain CISCO DLswitch(config)#vlan 20 DLswitch(config-vlan)#vlan 21 DLswitch(config-vlan)#exit DLswitch(config)#int vlan 20 DLswitch(config-if)#ip add 172.64.200.1 255.255.255.0 DLswitch(config-if)#int vlan 21
B. DLswitch(config-if)#ip add 192.162.39.1 255.255.255.0 DLswitch(config-if)#exit DLswitch(config)#ip routing DLswitch(config)#end DLswitch#copy run start
C.
D.
Correct Answer: AB Section: (none) Explanation Explanation/Reference: Answer:AB
QUESTION 2
A. ALswitch#conf t ALswitch(config)#vtp mode client ALswitch(config)#vtp domain CISCO ALswitch(config)#end ALswitch#copy run start DLswitch#conf t DLswitch(config)#vtp mode server DLswitch(config)#vtp domain CISCO DLswitch(config)#vlan 20 DLswitch(config-vlan)#vlan 21 DLswitch(config-vlan)#exit DLswitch(config)#int vlan 20
DLswitch(config-if)#ip add 172.64.200.1 255.255.255.0 DLswitch(config-if)#int vlan 21
DLswitch(config-if)#ip add 192.162.39.1 255.255.255.0
DLswitch(config-if)#exit DLswitch(config)#ip routing DLswitch(config)#end DLswitch#copy run start
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 3
A. ASW1#conf t ASW1(config)#aaa new-model ASW1(config)#radius-server host 172.120.39.46 key rad123 ASW1(config)#aaa authentication dot1x default group radius ASW1(config)#dot1x system-auth-control ASW1(config)#int f0/1 ASW1(config-if)#switchport mode access ASW1(config-if)#switchport access vlan 20 ASW1(config-if)#dot1x port-control auto ASW1(config-if)#end
ASW1#copy run start DSW1#conf t DSW1(config)#ip access-list standard 10 DSW1(config-std-nacl)#permit 172.120.40.0 0.0.0.255 DSW1(config-std-nacl)#exit
DSW1(config)#vlan access-map PASS 10
DSW1(config-access-map)#match ip address 10 DSW1(config-access-map)#action forward DSW1(config-access-map)#exit DSW1(config)#vlan access-map PASS 20 DSW1(config-access-map)#action drop DSW1(config-access-map)#exit DSW1(config)#vlan filter PASS vlan-list 20 DSW1(config)#end DSW1#copy run start
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 4
A. R2(config)#ipv6 router ospf 1 R2(config-router)#area 11 virtual-link 3.3.3.3 R2(config-router)#end R2#copy run start R3(config)#ipv6 router ospf 1 R3(config-router)#area 11 virtual-link 2.2.2.2 R3(config-router)#no area 54 virtual-link 4.4.4.4
R3(config-router)#end R3#copy run start R4(config)#ipv6 router ospf 1 R4(config-router)#no area 54 virtual-link 3.3.3.3 R4(config-router)#end
R4#copy run start
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 5
A. DSW1#conf t DSW1(config)#spanning-tree vlan 20 priority 61440 DSW1(config)#int g1/0/5 DSW1(config-if)#spanning-tree vlan 40 cost 1 DSW1(config-if)#exit DSW1(config)#int g1/0/6 DSW1(config-if)#spanning-tree vlan 30 port-priority 64 DSW1(config-if)#end DSW1#copy run start
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 6
A. R3#conf t R3(config)#router eigrp 123 R3(config-router)#no eigrp stub receive-only R3(config-router)#eigrp stub R3(config-router)#end
R3#copy run start R4#conf t R4(config)#int s0/0 R4(config-if)#ip summary-address eigrp 123 10.0.0.0 255.0.0.0
R4(config-if)#no shut R4(config-if)#end R4#copy run start
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 7
A. Blockade#conf t
Blockade(config)#router isis Blockade(config-router)#redistribut eigrp 100 level-1 metric 50 Blockade(config-router)#router eigrp 100 Blockade(config-router)#redistribut isis level-1 metric 512 10 255 1 1500 Blockade(config-router)#redistribut connected Blockade(config-router)#end Blockade#copy run start
Correct Answer: A Section: (none)
Explanation Explanation/Reference:
QUESTION 8
LAB1:
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 9
LAB2:
Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 10
LAB3:
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 11
LAB4:
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 12
LAB5:
A.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 13
LAB6
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 14
LAB7:
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 15
A. ASW1#conf t
ASW1(config)#aaa new-model ASW1(config)#radius-server host 172.120.39.46 key rad123 ASW1(config)#aaa authentication dot1x default group radius ASW1(config)#dot1x system-auth-control ASW1(config)#int f0/1
ASW1(config-if)#switchport mode access ASW1(config-if)#switchport access vlan 20 ASW1(config-if)#dot1x port-control auto ASW1(config-if)#end ASW1#copy run start DSW1#conf t DSW1(config)#ip access-list standard 10 DSW1(config-std-nacl)#permit 172.120.40.0 0.0.0.255 DSW1(config-std-nacl)#exit DSW1(config)#vlan access-map PASS 10 DSW1(config-access-map)#match ip address 10 DSW1(config-access-map)#action forward DSW1(config-access-map)#exit DSW1(config)#vlan access-map PASS 20 DSW1(config-access-map)#action drop DSW1(config-access-map)#exit DSW1(config)#vlan filter PASS vlan-list 20 DSW1(config)#end DSW1#copy run start
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 16
A. R2(config)#ipv6 router ospf 1 R2(config-router)#area 11 virtual-link 3.3.3.3 R2(config-router)#end R2#copy run start R3(config)#ipv6 router ospf 1 R3(config-router)#area 11 virtual-link 2.2.2.2 R3(config-router)#no area 54 virtual-link 4.4.4.4 R3(config-router)#end R3#copy run start R4(config)#ipv6 router ospf 1
R4(config-router)#no area 54 virtual-link 3.3.3.3 R4(config-router)#end R4#copy run start
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 17
A. DSW1#conf t DSW1(config)#spanning-tree vlan 20 priority 61440 DSW1(config)#int g1/0/5 DSW1(config-if)#spanning-tree vlan 40 cost 1 DSW1(config-if)#exit DSW1(config)#int g1/0/6 DSW1(config-if)#spanning-tree vlan 30 port-priority 64 DSW1(config-if)#end
DSW1#copy run start Correct Answer: A
Section: (none) Explanation Explanation/Reference:
QUESTION 18
A. R3#conf t R3(config)#router eigrp 123 R3(config-router)#no eigrp stub receive-only R3(config-router)#eigrp stub R3(config-router)#end R3#copy run start R4#conf t R4(config)#int s0/0 R4(config-if)#ip summary-address eigrp 123 10.0.0.0 255.0.0.0 R4(config-if)#no shut R4(config-if)#end R4#copy run start
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Exam G QUESTION 1
Select and Place:
Correct Answer:
Section: (none) Explanation Explanation/Reference:
QUESTION 2
Select and Place:
Correct Answer:
Section: (none) Explanation Explanation/Reference:
QUESTION 3
Select and Place:
Correct Answer:
Section: (none) Explanation Explanation/Reference:
QUESTION 4
Select and Place:
Correct Answer:
Section: (none) Explanation Explanation/Reference:
QUESTION 5
Select and Place:
Correct Answer:
Section: (none) Explanation
Explanation/Reference: Exam H
QUESTION 1
-DS1( Distribute switch 1)is the primary device for Vlan 101, 102, 105 -DS2 ( Distribute switch 2)is the primary device for Vlan 103 and 104
During routine maintenance, it became necessary to shutdown G1/0/1 on DS1. All otherinterface were up. During this time, DS1 remained the active device for Vlan 102’s HSRP group. You have determined that there is an issue with the decrement value in the track command in Vlan 102’s HSRP group. What need to be done to make the group function properly ?
A. The DS1’s decrement value should be configured with a value from 5 to 15
B. The DS1’s decrement value should be configured with a value from9 to 15
C. The DS1’s decrement value should be configured with a value from11 to 18
D. The DS1’s decrement value should be configured with a value from 195 to less than 205
E. The DS1’s decrement value should be configured with a value from200 to less than 205
F. The DS1’s decrement value should be greater than190 and less200
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Explanation:
Use “show run” command to show. The left Vlan102 is console1of DS1. Priority value is 200, we should decrement value in the track command from 11 to 18. Because 200 – 11 = 189 < 190 ( priority of Vlan102 on DS2 ).
QUESTION 2 During routine maintenance, G1/0/1 on DS1 was shutdown. All otherinterface were up. DS2 became the active HSRP device for Vlan101 as desired. However, after G1/0/1 on DS1 was reactivated. DS1 did notbecome the active HSRP device as desired. What need to be done to make the group for Vlan101 function properly ?
A. Enable preempt on DS1’s Vlan101 HSRP group
B. Disable preempt on DS1’s Vlan101 HSRP group
C. Decrease DS1’s priority value for Vlan101 HSRP group to a value that is less than priority value configured onDS2’s HSRP group for Vlan101
D. Decrease the decrement in the track command for DS1’s Vlan 101 HSRP group to a value less than the value in the track command for DS2’s Vlan 101 HSRP group.
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Explanation:
A is correct. All other answers is incorrect. Because Vlan101 on DS1 ( left ) disable preempt. We need enable preempt to after it reactive , it will be active device. If not this command, it never become active device.
QUESTION 3 DS2 has not become the active device for Vlan103’s HSRP group even though allinterfaces are active. As related to Vlan103’s HSRP group. What can be done to make the group function properly ?
A. On DS1, disable preempt
B. On DS1, decrease the priority value to a value less than 190 and greater than 150
C. On DS2, increase the priority value to a value greater 241 andless than 249
D. On DS2, increase the decrement value in the track command to a value greater than 10 and less than50.
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Explanation:
( update soon ….)
QUESTION 4
If G1/0/1 on DS1 is shutdown, what will be the current priority value of the Vlan105’s group on DS1 ?
A. 95
B. 100
C. 150
D. 200
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Explanation:
Priority is configured 150, Track is 55. So, if shutdown interface G1/0/1 –> 150 – 55 = 95.
QUESTION 5
What is the configured priority value of the Vlan105’s group on DS2 ?
A. 50
B. 100
C. 150
D. 200
Correct Answer: B Section: (none) Explanation
Explanation/Reference: Explanation:
Use “show stantby brieft” command on console2 . Very easy to see priority of Vlan105 is 100.
QUESTION 6
During routine maintenance, it became necessary to shutdown G1/0/1 on DS1 and DS2. All otherinterface were up.During this time, DS1 became the active device for Vlan104’s HSRP group. As related to Vlan104’s HSRP group. What can be done to make the group function properly ?
A. On DS1, disable preempt
B. On DS2, decrease the priority value to a value less than 150
C. On DS1, increase the decrement value in the track command to a value greater than 6
D. On DS1, disable track command.
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Explanation:
We should NOT disable preempt on DS1. By do that, you will make Vlan104’s HSRP group fail function. Example: if we are disable preempt on DS1. It can not become active device when G1/0/1 on DS2 fail. In this question, G0/1/0 on DS1 & DS2is shutdown. Vlan104 (left) : 150 – 1 = 149. Vlan104 (right) : 200 – 155 = 145.Result is priority 149 > 145 ( Vlan104 on DS1 is active). If increase the decrement in the track value to a value greater than 6 ( > or= 6). Vlan104 (left) : 150 – 6 = 144. Result is priority 144 < 145 ( vlan104 on DS2 is active).
QUESTION 7 Which statement is correct about the use of the virtual interface on a WLC :
A. Used to relay DHCP messages
B. Used to communicate with LAPs
C. Used to bring up LWAPP tunnels
D. Used to extend into the wireless client VLAN
Correct Answer: A Section: (none) Explanation
Explanation/Reference: Exam I
QUESTION 1
The company and the company network have both been growing rapidly. Multiple adds, moves and changes have been applied to the network. Your boss at Certkiller .com, Miss Certkiller, has asked you to troubleshoot a recent OSPF synchronization problem that has arisen. There have been synchronization problems at separate locations in the OSPF area 0. There have been reported link failures during the rapid growth of the company network. You are required to resolve the OSPF problem. OSPF must be able to converge when the network changes. Refer to the information above to answer the following 4 questions:
Examine the following excerpt from the “show ip ospf” command on Certkiller A:
Area BACKBONE (0)
Number of interfaces in the this area is 1 Area has no authentication SPF algorithm last executed 00:00:31.280 ago SPF algorithm executed 5 times Area ranges are Number of LSA 13. Checksum Sum 0x16F0FD Number of opaque link LSA 0. Checksum Sum 0x000000 Number of DCbitless LSA 0 Number of indication LSA 0 Number of DoNotAge LSA 0 Flood list length 0
Area 16
Number of interfaces in this area is 2 Area has message digest authentication SPF algorithm last executed 00:00:34.928 ago SPF algorithm executed 7 times Area ranges are Number of LSA 5. Checksum Sum 0x02FCD3 Number of opaque link LSA 0. Checksum Sum 0x000000 Number of DCbitless LSA 0 Number of indication LSA 0 Number of DoNotAge LSA 0 Flood list length 0
Based on the information shown above, what is most likely causing the different missing routes throughout the network?
A. Area 16 is configured with authentication.
B. Area 16 has been configured to use the same interfaces as Area 0.
C. Area 0 and Area 32 have been configured with mismatched LSA numbers.
D. Area 16 has been configured as a total stub network
E. Area 16 has been configured as a stub network
F. Area 0 is discontiguous.
G. None of the above
Correct Answer: F Section: (none) Explanation
Explanation/Reference: Explanation:
In this example, Certkiller1 shows that it only has 1 interface in area 0, while the network diagram shows that there should be two. This means that the Fa0/1 link is most likely gone down, creating a discontiguous backbone area. The link needs to be restored, or a virtual link needs to be created to fix this.
QUESTION 2
configuration command on Certkiller1 (with a similar command on Certkiller 2) will provide an immediate solution to the missing route problem?
A. no area 16 stub
B. no area 16 authentication message-digest
C. area 16 virtual-link 8.187.175.82
D. area 16 virtual-link 172.16.4.2
E. no area 16 stub no-summary
F. network 172.16.0.0.0.0.255.255 area 16
G. None of the above
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Explanation:
A virtual link to an IP address (the loopback IP address in this case) on device Certkiller2 needs to be created. Similarly,Certkiller2 needs to also have this configured so that a virtual link to area 0 from area 16 can be created
QUESTION 3 The log of Certkiller1 reports the following:
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down %OSPF-5-ADJCHG: Process 1, Nbr 8.187.175.82/32 on FasstEthernet0/1 from FULL to DOWN, Neighbor Down: Interface down or detached This event was anticipated due to maintenance; however, it resulted in excessive lost routes. Which route should be the only one removed from the routing tables of the routers?
A. 8.187.175.82/32
B. 10.138.43.0/30
C. 10.206.180.0/30
D. 4.249.113.59/32
E. 10.201.0.0/30
F. None of the above
Correct Answer: E Section: (none) Explanation
Explanation/Reference: Explanation:
The FastEthernet 0/1 link was the only physical link that went down, so in this case the network administrator had meant to only remove the 10.201.1.10/30 route associated with that link. However, the loopback IP address of Certkiller2 is 8.187.175.82/32, which means that the neighbor relationship is down. When the FE 0/1 interface goes down, area 0 will effectively be cut in half creating a discontiguous backbone area.
QUESTION 4 The Certkiller 2 Router has lost connectivity to Certkiller 1. The following is Certkiller 1’s current route table:
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks O IA 172.16.240.0/24 [110/11] via 10.218.67.1, 00:00:03, FastEthernet0/0 O IA 172.16.209.0/24 [110/12] via 10.218.67.1, 00:00:03, FastEthernet0/0 O IA 172.16.4.0/30 [110/2] via 10.218.67.1, 00:00:03, FastEthernet0/0 10.0.0.0/30 is subnetted, 1 subnets C 10.218.67.0 is directly connected, FastEthernet0/0
Which expected route is missing from Certkiller 1’s route table based on the topology during the maintenance period?’
A. o 172.16.0.0 [110/2] via 10.218.67.1, 00:00:09, FastEthernet0/0
B. o IA 9.152.105.122 [110/3] via 10.218.67.1, 00:00:09, FastEthernet0/0
C. o IA 10.138.0.0 [110/3] via 10.218.67.1, 00:00:09, FastEthernet0/0
D. o IA 10.249.0.0 [110/2] via 10.218.67.1, 00:00:09, FastEthernet0/0
E. o IA 4.249.113.59 [110/2] via 10.218.67.1, 00:00:09, FastEthernet0/0
F. o 8.187.175.82 [110/3] via 10.218.67.1, 00:00:09, FastEthernet0/0
Correct Answer: F Section: (none) Explanation
Explanation/Reference: Explanation:
In this case, the missing route is the route to the loopback IP address of Certkiller 2. This loopback IP address was used for the virtual link, which was needed when the backbone area became discontiguous. If this route was missing, the virtual link would then go down and cause the additional routes to be missing.
Exam J QUESTION 1
You study the network topology carefully, see exhibit. Then you connect to theSW-c ; issue the show spanning tree command. Please refer to the exhibit for the output. You are then required to answer the scenario questions using the information that is available.
Which spanning Tree Protocol has been implemented on SW-B?
A. STP/IEEE 802.1D
B. MSTP/IEEE 802.1s
C. PVST+
D. PVRST
E. None of the above
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Explanation:
802.1D has not been implemented since this is CST (Common Spanning Tree) which only allows one instance to be run at a time per Network. In this scenario there are multiple instances. It must be PVST+ since each instance only contains one VLAN.
QUESTION 2
You study the network topology carefully, see exhibit. Then you connect to theSW-c ; issue the show spanning tree command. Please refer to the exhibit for the output. You are then required to answer the scenario questions using the information that is available.
Which bridge ID belongs to SW-B?
A. 32928 000d bd33 029b
B. 24623 000f 34f5 039b
C. 32928 000d bd03 029b
D. 32768 000d bd33 029b
E. 32769 000d 65db 01dd
F. 32815 000d bd03 029b
Correct Answer: B Section: (none) Explanation
Explanation/Reference: Explanation:
Root ports are ports that point to the Root Bridge. In the exhibit, under VLAN 47 we see that fa0/2 is a root port for VLAN 47. Since we assume that all paths have equal cost we can gather that the root ports destination is the root bridge itself. In this case the Root Bridge for VLAN 47 isSW-B and according the exhibit the MAC address is 24623 000f 34f5 039b
QUESTION 3
You study the network topology carefully, see exhibit. Then you connect to theSW-c ; issue the show spanning tree command. Please refer to the exhibit for the output. You are then required to answer the scenario questions using the information that is available.
Which port role has interface Fa0/2 ofSW-A adopted for VLAN 47?
A. Root port
B. Nondesigned port
C. Designated port
D. Backup port
E. Alternate port
Correct Answer: C Section: (none) Explanation
Explanation/Reference: Explanation:
Refer to Explanation for previous question. So far we know thatSW-B is the Root Bridge for VLAN 47. We also see thatSW-C is using fa0/2 as its root port. ThereforeSW-A will use fa0/1 for its Root port and fa0/2 will be designated since fa0/1 onSW-C is blocking. Note: If one segment of SPT is in blocking statusthe distantend port is not. Otherwise BPDUs could not be transmitted and would negate the redundancy.
QUESTION 4
You study the network topology carefully, see exhibit. Then you connect to theSW-c ; issue the show spanning tree command. Please refer to the exhibit for the output. You are then required to answer the scenario questions using the information that is available.
Which port state is interface Fa0/2 ofSW-B in for VLANs 1 and 160?
A. Listening
B. Learning
C. Disabled
D. Blocking
E. Forwarding
F. Discarding
Correct Answer: D Section: (none) Explanation
Explanation/Reference: Explanation:
For VLAN 1 and 160 we can conclude that the Root Bridge is SW-A. With this in mindSW-B will use fa0/1 for its root port and block the other since the Cost will be lower. In this case it will block fa0/2 for both VLANs (and most likely fa0/3 also sinceSW-D is using fa0/1 as its root port).
QUESTION 5
You study the network topology carefully, see exhibit. Then you connect to theSW-c ; issue the show spanning tree command. Please refer to the exhibit for the output. You are then required to answer the scenario questions using the information that is available.
Which bridge ID belongs to SW-A?
A. 32928 000d bd33 029b
B. 24623 000f 34f5 039b
C. 32928 000d bd03 029b
D. 32768 000d bd33 029b
E. 32769 000d 65db 01dd
F. 32815 000d bd03 029b
Correct Answer: E Section: (none) Explanation
Explanation/Reference: Explanation:
We see that in VLAN 1 and VLAN 160 that fa0/1 is the root port on SW-C. Aspreviously discussed we know that root ports point to the root bridge and assuming equal cost from switch to root and the fact that no other port is root for either VLAN thatSW-A is the Root Bridge and we can gleen the information for the exhibit which list the Bridge’s VLAN.
Flydumps Cisco 642-892 exam questions which contain almost 100% correct answers are tested and approved by senior lecturers and experts.The Microsoft-technet – Implementing Cisco 642-892 VCE and PDF give you the knowledge and the know how to affectively prepare for the Microsoft-technet that you will be tested on for Cisco 642-892 exam.