300-320 389 Q&S Cisco Designing Cisco Network Service Architectures ARCH By Kerwin

How does ERS use the VLAN tag?

A. to provide service internetworking
B. to support transparency for Layer 2 frames
C. as a connection identifier to indicate destination
D. as a mapping to the DLCI in service internetworking
E. to provide a trunk by which all VLANs can navigate from one site to one or multiple sites

Answer Clike
Which QoS mechanism uses RSVP?

A. IntServ
B. DiffServ
C. CoS
D. ToS

Answer Clike
Which path selection protocol is used by Fibre Channel fabrics?

A. IVR
B. VoQ
C. FSPF
D. VSANs
E. SANTap

Answer Clike
Refer to the exhibit. Which recommended practice is applicable?
Exhibit:


A. If no core layer is deployed, the design will be easier to scale.
B. A dedicated campus core layer should be deployed for connecting three or more buildings.
C. If no core layer is deployed, the distribution switches should not be fully meshed
D. A dedicated campus core layer is not needed for connecting fewer than five buildings

Answer Clike
Which three of these are major scaling, sizing, and performance considerations for an IPsec design? (Choose three.)

A. connection speed
B. number of remote sites
C. features to be supported
D. types of devices at the remote site
E. whether packets are encrypted using 3DES or AES
F. number of routes in the routing table at the remote site

Answer Clike
When a Cisco ASA adaptive security appliance is configured for active/standby failover, which MAC address is used for the active unit?

A. the MAC address of the primary unit
B. the MAC address of the secondary unit
C. the virtual MAC address
D. the standby MAC address

Answer Clike
Which one of these could you implement to sustain a large DDoS attack?

A. Stateful firewall
B. uRPF
C. Connections limits and timeouts
D. Access-lists

Answer Clike
A company needs to configure a new firewall and have only one public IP address to use in this firewall. The engineer need to configure the firewall with NAT to handle inbound traffic to the mail server in addition to internet outbound traffic. Which options could he use ? (Choose Two)

A. Static NAT for inbound traffic on port 25
B. Dynamic NAT for outbound traffic
C. Static NAT for outbound traffic on port 25
D. Dynamic NAT for inbound traffic
E. NAT overload for outbound traffic
F. NAT overload for inboud traffic on port 25

Answer Clike
Why is QoS important for in-band management?

A. It supports remote management when traffic volume is high.
B. It supports proper routing
C. It supports network security against DoS attacks and worm outbreaks
D. It supports network redundancy

Answer Clike
Refer to the exhibit. Based on the configuration, why are routers R1 and R2 not exchanging OSPF routes?
Exhibit:


A. The OSPF process numbers are different.
B. There is no backbone area configured.
C. The router IDs are different.
D. OSPF is not enabled on the interfaces.

Answer Clike
Which of the following is a recommended practice of a data center core?

A. Server-to-server traffic always remains in the core layer
B. The core infrastructure should be in Layer 3.
C. Core layer should run BGP along with an IGP because iBGP has a lower administrative distance than any IGP
D. The Cisco Express Forwarding hashing algorithm is the default, based on the IP address and Layer 4 port

Answer Clike
Which two statements about both FCIP and iSCSI are correct? (Choose two.)

A. They support file-level storage for remote devices.
B. They require high throughput with low latency and low jitter
C. Their purpose is to provide connectivity between host and storage
D. They support block-level storage for remote devices
E. Their purpose is to provide connectivity between separate wide-area SANs

Answer Clike
An engineer have to design a multicast domain for some application. This multicast network should be secured. Which option should he take ?

A. ASM with an addressing of 224.0.0.0/8
B. ASM with an addressing of 232.0.0.0/8
C. SSM with an addressing of 224.0.0.0/8
D. SSM with an addressing of 232.0.0.0/8

Answer Clike
Which three statements about 802.1X are true? (Choose three)

A. It is IEEE standard
B. It can allow and deny port access based on device identity
C. It works only with wired device
D. It can allow and deny port access based on user identity

Answer Clike
Which type of application traffic typically requires prioritization across networks and may use a DSCP value of 34 (AF41)?

A. voice
B. interactive video
C. call signaling
D. routing
E. streaming video
F. network management

Answer Clike
Which two physical components can enable high availability on a Cisco 6500 device? (Choose two.)

A. dual supervisor modules
B. bundled Ethernet Interconnects
C. line modules with DFCs
D. redundant power supplies
E. VSS interlink cables

Answer Clike
An engineer is attempting to improve OSPF network performance and discovers that the entire SPT recomputes whenever a type 1 or type 2 LSA is received within an area. Which action can optimize SPT operations?

A. Tune LSA throttling thresholds
B. Enable incremental SPF
C. Configure totally stubby areas throughout the domain
D. Summarize networks on all ABRs

Answer Clike
Which of these statements best describes VPLS?

A. Neither broadcast nor multicast traffic is ever flooded in VPLS
B. Multicast traffic is flooded but broadcast traffic is not flooded in VPLS
C. VPLS emulates an Ethernet switch, with each EMS being analogous to a VLAN
D. Because U-PE devices act as IEEE 802.1 devices, the VPLS core must use STP
E. When the provider experiences an outage, IP re-routing restores PW connectivity and MAC re-learning is needed.

Answer Clike
What is one reason to implement Control Plane Policing?

A. allow OSPF routing protocol to advertise routes
B. protect the network device route processor from getting overloaded by rate limiting the incoming control plane packets
C. allow network devices to generate and receive packets
D. protect the data plane packets

Answer Clike
Which unique EIGRP feature allows for faster Layer 3 convergence?

A. fast EIGRP timers
B. feasible successors
C. hybrid routing protocol
D. Cisco proprietary protocol

Answer Clike
Which two ways to manage scalability issues inside an IBGP domain with 20 or more routers are recommended? (Choose two.)

A. Configure route reflectors
B. Use OSPF instead of EIGRP as an underlying routing protocol
C. Create a full mesh at Layer 1.
D. Configure confederations
E. Configure static routes between all routers.

Answer Clike
What is the correct state between two BGP peers that are neighbors?

A. active
B. operational
C. established
D. up

Answer Clike
Which two options are advantages of having a modular design instead of an EOR design in a data center? (Choose two.)

A. cooling constraints
B. cable bulk
C. decreased STP processing
D. redundancy options
E. cost minimization
F. low-skilled manager

Answer Clike
When designing the routing for an Enterprise Campus network it is important to keep which of the following route filtering aspects in mind?

A. Filtering is only useful when combined with route summarization
B. It is best to filter (allow) the default and summary prefixes only in the Enterprise Edge to remote sites or site-to-site IPsec VPN networks
C. IGPs (for example EIGRP or OSPF) are superior to route filtering in avoiding inappropriate transit traffic through remote nodes or inaccurate or inappropriate routing updates
D. The primary limitation of router filtering is that it can only be applied on outbound updates

Answer Clike
What is the primary benefit of implementing Virtual Device Contexts on Nexus hardware In a multi-tenant environment?

A. resource isolation
B. software partitioning
C. resource allocation
D. granular monitoring

Answer Clike
Which option is correct when using VSS to combine two physical switches into one logical switch? (Choose two)

A. Both data planes forward traffic simultaneously
B. Only one data plane forwards traffic, while the other data plane is on standby
C. Both control planes forward traffic simultaneously
D. Control planes are combined into one virtual control plane

Answer Clike
Uplink floating state ( up and down ) .what you can do to solve this problem ?

A. route summary
B. Cisco Express Forwarding
C. BFD
D. UDLD

Answer Clike
Which of these is a recommended practice with trunks?

A. use ISL encapsulation
B. use 802.1q encapsulation
C. set ISL to desirable and auto with encapsulation negotiate to support ISL protocol negotiation
D. use VTP server mode to support dynamic propagation of VLAN information across the network

Answer Clike
Which option is used as a top-of-rack device that is managed by its parent device, providing ease of management?

A. Cisco Nexus 2000
B. Cisco Nexus 5000
C. Cisco Nexus 7000
D. Cisco Nexus 9000

Answer Clike
Which two statements about Layer 3 access designs are correct? (Choose two.)

A. IP address space is difficult to manage
B. Broadcast and fault domains are increased
C. Convergence time is fractionally slower than STP
D. Limits on clustering and NIC teaming are removed
E. Fast uplink convergence is supported for failover and fallback

Answer Clike
Which option is a common cause of congestion found in a campus network?

A. input serialization delay
B. output serialization delay
C. Rx-queue starvation
D. Tx-queue starvation

Answer Clike
Which technology is an example of the need for a designer to clearly define features and desired performance when designing advanced WAN services with a service provider?

A. FHRP to remote branches
B. Layer 3 MPLS VPNs secure routing
C. Control protocols (for example Spanning Tree Protocol) for a Layer 3 MPLS service
D. Intrusion prevention, QoS, and stateful firewall support network wide

Answer Clike
Which practice is recommended when designing scalable OSPF networks?

A. Maximize the number of routers in an area
B. Minimize the number of ABRs
C. Minimize the number of areas supported by an ABR
D. Maximize the number of router adjacencies

Answer Clike
OTV relies on which underlying protocol?

A. EIGRP
B. IS-IS
C. OSPF
D. BGP

Answer Clike
What are two benefits of using 6to4 as an IPv6 transition method? (Choose two.)

A. 6to4 tunnels allow isolated IPv6 domains to be remotely connected over IPv4 networks.
B. Manual configuration (scalability) is easier
C. Point-to-multipoint automatic tunneling (automatic 6to4) is available
D. An infinite number of address spaces are allocated to an IPv6 subnet
E. Globally unique IPv4 addresses are not required

Answer Clike
When considering the design of the E-Commerce topology which of the following are true?

A. One-armed SLB design with multiple security contexts removes the need for a separate firewall in the core layer
B. Two-firewall-layer SLB design considers the aggregation and access layers to be trusted zones, requiring no security between the web, application, and database zones
C. One-armed SLB design with two firewall layers ensures that non load-balanced traffic still traverses the ACE so that the health and performance of the servers is still being monitored
D. In all cases there will be configuration requirements for direct access to any servers or for non load-balanced sessions initiated by the servers

Answer Clike
Which of these Layer 2 access designs does not support VLAN extensions?

A. FlexLinks
B. loop-free U
C. looped square
D. looped triangle
E. loop-free inverted U

Answer Clike
"High Availability and Cisco NSF with SSO The main objective in building a highly available data center network design is to avoid TCP session breakage while providing convergence that is unnoticeable, or as fast as possible. Cisco nonstop forwarding (NSF) with stateful switchover (SSO) are supervisor redundancy mechanisms that provide intrachassis SSO at Layers 2 to 4."
QUESTION NO: 161 When designing remote access to the Enterprise Campus network for teleworkers and mobile workers, which of the following should the designer consider?


A. It is recommended to place the VPN termination device in line with the Enterprise Edge firewall, with ingress traffic limited to SSL only
B. Maintaining access rules, based on the source IP of the client, on an internal firewall drawn from a headend RADIUS server is the most secure deployment
C. VPN Headend routing using Reverse Route Injection (RRI) with distribution is recommended when the remote user community is small and dedicated DHCP scopes are in place
D. Clientless SSL VPNs provide more granular access control than SSL VPN clients (thin or thick), including at Layer7

Answer Clike
Which statement about vPC technology is true?

A. It allows a device to connect to two separate upstream devices as if they were a single device
B. It provides the ability to pair two servers in the data center
C. It promotes better STP designs in the switching infrastructure
D. It supports IEEE 802.1Q

Answer Clike
A campus network utilizes EIGRP to connect to several remote branch offices. Which configuration should be established on all branch routers to improve routing scalability and performance?

A. Configure authentication between the campus and branch offices
B. Enable stub routing on all branch routers
C. Adjust EIGRP k-values to utilize delay
D. Utilize offset lists to direct traffic more efficiently

Answer Clike
Addressing QoS design in the Enterprise Campus network for IP Telephony applications means what?

A. It is critical to identify aggregation and rate transition points in the network, where preferred traffic and congestion QoS policies should be enforced
B. Suspect traffic should be dropped closest to the source, to minimize wasting network resources
C. An Edge traffic classification scheme should be mapped to the downstream queue configuration
D. Applications and Traffic flows should be classified, marked and policed within the Enterprise Edge of the Enterprise Campus network

Answer Clike
Which of these statements is correct regarding Stateful Switchover and Cisco Nonstop Forwarding?

A. Utilizing Cisco NSF in Layer 2 environments can reduce outages to one to three seconds
B. Utilizing SSO in Layer 3 environments can reduce outages to one to three seconds
C. Distribution switches are single points of failure causing outages for the end devices
D. Utilizing Cisco NSF and SSO in a Layer 2 environment can reduce outages to less than one second
E. NSF and SSO with redundant supervisors have the most impact on outages at the access layer.

Answer Clike
Which of the following facts must be considered when designing for IP telephony within an Enterprise Campus network?

A. Because the IP phone is a three-port switch, IP telephony extends the network edge, impacting the Distribution layer.
B. Video and voice are alike in being bursty and bandwidth intensive, and thus impose requirements to be lossless, and have minimized delay and jitter
C. IP phones have no voice and data VLAN separation, so security policies must be based on upper layer traffic characteristics.
D. Though multi-VLAN access ports are set to dot1q and carry more than two VLANs they are not trunk ports.

Answer Clike
Support of vPC on the Cisco Nexus 5000 access switch enables various new design options for the data center Access layer, including which of the following?

A. The vPC peer link is not required for Access layer control traffic, and can instead be used to span VLANs across the vPC access switches
B. A single switch can associate per-interface with more than one vPC domain
C. vPC can be used on both sides of the MEC, allowing a unique 16-link EtherChannel to be built between the access and aggregation switches
D. Allows an EtherChannel between a server and a access switch while still maintaining the level of availability that is associated with dual-homing a server to two different access switches

Answer Clike
A network design engineer has been asked to reduce the size of the SPT on an IS-IS broadcast network.
Which option should the engineer recommend to accomplish this task?


A. Configure the links as point-to-multipoint
B. Configure QoS in all links
C. Configure a new NET address
D. Configure the links as point-to-point

Answer Clike
Which statement is correct regarding NBAR and NetFlow?

A. NetFlow uses five key fields for the flow.
B. NBAR examines data in Layers 3 and 4.
C. NetFlow examines data in Layers 3 and 4.
D. NBAR examines data in Layers 2 through 4.
E. NetFlow examines data in Layers 2 through 4.

Answer Clike
Which Cisco NAC Appliance design is the most scalable in large Layer 2-to-distribution implementation?

A. Layer 2 out-of-band
B. Layer 2 in-band
C. Layer 3 out-of-band
D. Layer 3 in-band

Answer Clike
Which three statements about zoning are correct? (Choose three.)

A. Zoning increases security
B. DNS queries are used for software zoning
C. Software zoning is more secure than hardware zoning
D. When using zones and VSANs together, the zone is created first
E. Zoning requires that VSANs be established before it becomes operational

Answer Clike
Which VRF component ensures control plane separation between the different Layer 3 VPNs?

A. FIB
B. routing protocol instance
C. RIB
D. a subset of the router interfaces

Answer Clike
An engineer is designing a multi-tenant network that requires separate management access and must share a single physical firewall. Which two features support this design? (Choose 2)

A. Site-to-Site VPN
B. dynamic routing protocols
C. multicast routing
D. threat detection
E. quality of service
F. unified communications

Answer Clike
EIGRP uses which algorithm to build a routing table?

A. Dijkstra's algorithm
B. Floyd-Warshall algorithm
C. Diffusing Update Algorithm
D. Johnson's algorithm

Answer Clike
Which two design recommendations are most appropriate when OSPF is the data center core routing protocol? (Choose two.)

A. Never use passive interfaces
B. Use NSSA areas from the core down
C. Use totally stub areas to stop type 3 LSAs
D. Use the lowest Ethernet interface IP address as the router ID
E. Manipulate the reference bandwidth.

Answer Clike
Refer to the exhibit.
A network engineer manually reconfigures the BGP configuration on newly upgraded router R1. However, the BGP neighbor relationship does not come up with the directly connected neighbor router.
What is causing the failure of the BGP neighbor relationship between routers R1 and R2?
Exhibit:


A. An incorrect neighbor IP address for router R2 is configured on router R1.
B. An incorrect neighbor AS number is configured on router R1 for router R2.
C. The wrong BGP authentication password is configured on router R1.
D. Router R1 must configure the R2 loopback address as the neighbor IP address.

Answer Clike
Two recently merged companies are using EIGRP and RIP. Which two strategies can facilitate a smooth migration? (Choose two.)

A. Create an OSPF instance between EIGRP and RIP routing domains
B. Redistribute routing information between the RIP and EIGRP protocols
C. Add EIGRP and then remove RIP on the acquired company network
D. Use the EIGRP administrative distance to migrate one site at a time
E. Use static routes in place of dynamic routing between companies

Answer Clike
In what situation must spanning-tree be implemented?

A. when first hop redundancy protocol exists with redundant Layer 2 links between distribution switches
B. when a VLAN spans access layer switches to support business applications
C. when trunks need to extend multiple VLANs across access switches
D. when it is necessary to speed up network convergence in case of link failure

Answer Clike
The requirement for high availability within the Data Center network may cause the designer to consider which one of the following solutions?

A. Construct a hierarchical network design using EtherChannel between a server and two VDCs from the same physical switch
B. Utilize Cisco NSF with SSO to provide intrachassis SSO at Layers 2 to 4
C. Define the Data Center as an OSPF NSSA area, advertising a default route into the DC and summarizing the routes out of the NSSA to the Campus Core
D. Implement network services for the Data Center as a separate services layer using an active/active model that is more predictable in failure conditions

Answer Clike
Which statement about NIC teaming configurations is true?

A. With ALB, all ports use one IP address and multiple MAC addresses
B. With AFT, two NICs connect to the different switches
C. With SFT, all ports are active
D. With AFT, all ports use one IP address and multiple MAC addresses.

Answer Clike
HSRP has been implemented on distribution switches but no priority has been defined.
Which one of the two switches will be active ?


A. The one with the higher IP address configured on the interface
B. The one with the higher MAC address configured on the interface
C. The one which booted the last
D. The one with the higher bandwith configured on the interface

Answer Clike
What are the two methods of ensuring that the RPF check passes? (Choose two.)

A. implementing static mroutes
B. implementing OSPF routing protocol
C. implementing MBGP
D. disabling the interface of the router back to the multicast source
E. disabling BGP routing protocol

Answer Clike
What are two advantages of a L2 looped data center design model? (Choose two.)

A. promotes Layer 2 high availability
B. prevents VLAN propagation
C. allows sharing of service modules
D. eliminates the use of STP
E. improves data transfer speeds

Answer Clike
What are two characteristics of Server Load Balancing router mode? (Choose two.)

A. The design supports multiple server subnets
B. An end-user sees the IP address of the real server
C. SLB routes between the outside and inside subnets
D. The source or destination MAC address is rewritten, but the IP addresses left alone
E. SLB acts as a "bump in the wire" between servers and upstream firewall or Layer 3 devices

Answer Clike




Answer Clike
An engineer want to ensure that of the PEs are discovery in VPLS discover PS. use signaling and access to across PE router without having manually provision VPLS neighbors, What solution must be implemented?

A. BGP autodiscovery with BGP signalling
B. BGP autodiscovery with LDP signalling
C. H-VPLS with PW-access
D. BGP-based VPLS autodiscovery

Answer Clike
Distinct, physical redundancy within a network layer is a key characteristic that contributes to the high availability of the hierarchical network design. Which of the following is not an examples of this model?

A. SAN extension with dual fabrics such as a yellow VSAN and a blue VSAN utilized via multipath software
B. Redundant power supplies and hot-swappable fan trays in Aggregate switches
C. A single SAN fabric with redundant uplinks and switches
D. Servers using network adapter teaming software connected to dual-attached access switches

Answer Clike
A network engineer is building a LAN design that includes Cisco NAC. What two characteristics of an outof-band NAC deployment are important to consider when evaluating it for the design? (Choose two.)

A. supported by a limited number of switch models
B. never in-line with user traffic
C. aggregate client traffic is constrained to NAC server port speed
D. recommended if sharing ports between IP phones and PCs
E. supports real IP gateway (routed mode)

Answer Clike
Which action can be taken on a multi-access segment with OSPF speakers to reduce the performance impact during widespread convergence events?

A. Separate the network into multiple areas for each new multiaccess segment.
B. Enable LSA throttling in the core to slow link state advertisement updates during times of network instability.
C. Ensure that the elected DR or BDR router can support high-volume convergence events
D. Verify that fewer than 50 OSPF speakers are on the segment

Answer Clike
Which statement best describes Cisco OTV internal interfaces?

A. They are Layer 2 interfaces that are configured as either access or trunk interfaces on the switch.
B. They are interfaces that perform Layer 3 forwarding with aggregation switches.
C. They are the interfaces that connect to the ISP.
D. They are tunnel interfaces that are configured with GRE encapsulation.

Answer Clike
Which algorithm does IS-IS use to determine the shortest path through a network?

A. Bellman-Ford routing algorithm
B. Johnson's algorithm
C. Dijkstra's algorithm
D. Floyd-Warshall algorithm

Answer Clike
The network designer needs to consider the number of multicast applications and sources in the network to provide the most robust network possible.
Which of the following is a consideration the designer must also address?


A. The IGPs should utilize authentication to avoid being the most vulnerable component
B. With SSM source or receiver attacks are not possible
C. With Shared Trees access control is always applied at the RP
D. Limit the rate of Register messages to the RP to prevent specific hosts from being attacked on a PIMSM network

Answer Clike


Select and Place:


Answer Clike
Which two statements are correct regarding Flex Links? (Choose two.)

A. An interface can belong to multiple Flex Links
B. Flex Links operate only over single pairs of links
C. Flex Link pairs must be of the same interface type
D. Flex Links automatically disable STP so no BPDUs are propagated
E. Failover from active to standby on Flex Links takes less than a second.

Answer Clike
Which statement about the ToR design model is true?

A. It can shorten cable runs and simplify rack connectivity.
B. Each ToR switch must be individually managed
C. Multiple ToR switches can be interconnected to provide a loop-free spanning-tree infrastructure.
D. It can connect servers that are located in separate racks

Answer Clike
Which option is a benefit of site-to-site VPNs?

A. Less configuration required than a WAN circuit
B. More secure than a dedicated WAN circuit
C. Less expensive than a dedicated WAN circuit
D. More reliable than a dedicated WAN circuit

Answer Clike


Select and Place:


Answer Clike
A network design team tasked to address congestion, QoS has been implemented but no longer effective?

A. Bundle additional uplinks into logical etherchannels
B. Configure selective packet discard to drop non-critical network traffic
C. Implement highspeed uplink interfaces
D. Reconfigure QoS based on intserv
E. Utilize random early detection

Answer Clike
You are given the 192.168.2.0/24 network and you should divide it in 4 subnets. Which statements are true regarding the first subnet? (Choose tree)

A. 62 hosts in subnet
B. 255.255.255.192 mask
C. 192.168.2.62 last host
D. 255.255.255.128 mask
E. 126 hosts in subnet
F. 192.168.2.126 last host

Answer Clike
When designing a layer 2 STP-based LAN with Layer 3 FHRP, which design recommendation should be followed?

A. Avoid modifying default STP and FHRP timers.
B. Assign the native VLAN to the lowest number in use
C. Avoid configuring router preemption
D. Align the STP root with the active FHRP device

Answer Clike
Which three options are features of IP SLAs? (Choose three.)

A. enables verification of service guarantees
B. dynamically adjusts QoS parameters
C. validates network performance and metrics
D. initiates failover for saturated links
E. proactively identifies network related issues

Answer Clike
Which of these is least important when determining how many users a NAS can support?

A. bandwidth
B. number of plug-ins per scan
C. total number of network devices
D. number of checks in each posture assessment

Answer Clike
What two features are inherent advantages of MPLS VPN services? (Choose two.)

A. service providers can provide additional services
B. virtual private networks segment traffic and ensure privacy
C. easier to troubleshoot than Layer 2 WAN technologies
D. faster data transfer speeds at lower costs
E. functions without Cisco Express Forwarding

Answer Clike
What are two of Cisco's best practices at the access layer to ensure rapid link transitions and VLAN consistency? (Choose two.)

A. Deploy RPVST
B. Deploy MSTP
C. Utilize VTP in server/client mode
D. Utilize VTP in transparent mode
E. VLANs span entire network
F. Portfast applied on distribution uplinks

Answer Clike
Which security mechanism can you implement to protect the OSPF" information that a router receives?

A. privilege 15 credentials
B. administrator username and password authentication
C. RADIUS authentication
D. cryptographic authentication

Answer Clike
Summary address blocks can be used to support which network application?

A. QoS
B. IPsec tunneling
C. Cisco TrustSec
D. NAT
E. DiffServ

Answer Clike
A company implemented VoIP in a campus network and now wants a consistent method to implement using AutoQoS. Which two parameters must be considered before AutoQoS is configured? (Choose two.)

A. CEF must be enabled
B. AutoQoS is available only on routers
C. Traffic discovery must be performed manually
D. No service policy can be applied already
E. Manual traffic analysis must be performed

Answer Clike
Which two design concerns must be addressed when designing a multicast implementation? (Choose two.)

A. only the low-order 23 bits of the MAC address are used to map IP addresses
B. only the low-order 24 bits of the MAC address are used to map IP addresses
C. only the high-order 23 bits of the MAC address are used to map IP addresses
D. only the low-order 23 bits of the IP address are used to map MAC addresses
E. the 0x01004f MAC address prefix is used for mapping IP addresses to MAC addresses
F. the 0x01005e MAC address prefix is used for mapping IP addresses to MAC addresses

Answer Clike
A network engineer is implementing virtualization into the enterprise network. Which system should be used to address policy enforcement at the distribution layer?

A. Cisco IOS based firewall
B. multilayer switches
C. integrated firewall services
D. identity services engine
E. intrusion protection systems

Answer Clike
Which configuration represents resiliency at the hardware and software layers?

A. multiple connections and FHRP
B. HSRP and GLBP
C. redundant supervisor and power supplies
D. dual uplinks and switches

Answer Clike




Answer Clike
Two company want to merge their OSPF networks , but they run different OSPF domains , Which is option must be created to accomplished this requirement?

A. OSPF virtual link to bridge the backbone areas of the two company together
B. Route Summarization
C. Static OSPF
D. Redistribute routes between domains

Answer Clike
Which option is a primary requirement for the deployment of an IPv6-enabled network via the native method (dual-stack model) within the enterprise campus environment?

A. Hardware-based switching support for IPv6 forwarding on all campus switches
B. Restriction of IPv6-enabled devices to the core layer
C. Manual implementation of tunneling between IPv6-incompatible devices in an IPv4-over- IPv6 tunnel
D. Disabling of multicast in the distribution layer prior to implementation of IPv6

Answer Clike
Which two options are two benefits of a Layer 2 looped model? (Choose two.)

A. extends VLANs between switches that are connected to a common aggregation module
B. prevents uplink ports from entering the spanning-tree blocking state
C. provides quick convergence with Rapid Spanning Tree Protocol
D. increases performance to end hosts using directly connected, bonded Layer 2 links

Answer Clike
What are two advantages of using Cisco FEX devices in the data center design? (Choose two.)

A. Traffic-forwarding decisions are made by the Cisco FEX device
B. Cisco FEX devices must be upgraded when the parent switch is upgraded
C. Traffic-forwarding decisions are made by the parent switch, resulting in easier troubleshooting and centralized management.
D. Cisco FEX devices do not have to be upgraded when the parent switch is upgraded, resulting in cost
E. Cisco FEX devices can be part of two different VDCs

Answer Clike
Two companies recently merged and want to integrate their networks. Both utilize EIGRP to support their complex enterprise networks.
Which action can improve the performance of these two separate EIGRP domains?


A. Enable route summarization at redistribution points
B. Adjust the administrative distance to prefer the best routes to each destination
C. Remove EIGRP and utilize OSPF instead
D. Utilize EIGRP stub routing between the network boundaries of the companies

Answer Clike
Which option maximizes EIGRP scalability?

A. route redistribution
B. route redundancy
C. route filtering
D. route summarization

Answer Clike


Select and Place:


Answer Clike
In which multicast configuration is MSDP most useful?

A. Interdomain IPv4 PIM sparse-Mode
B. Interdomain IPv4 PIM dense-Mode
C. Intra-domain IPv4 PIM dense-Mode
D. Intra-domain IPv4 PIM sparse-Mode

Answer Clike
If your enterprise is connected to 2 ISP, which method could you use to prevent being used as a transit network? (Choose Two)

A. filter outbound
B. filter inbound
C. throw both ISP
D. choose only one ISP
E. Allow every routes inbound

Answer Clike
In which multicast configuration is MSDP most useful?

A. Interdomain IPv4 PIM sparse-Mode
B. intradomain IPv4 PIM SSM
C. IPv6 multicast
D. PIM Dense-Mode

Answer Clike
Which two key components are related to one firewall per ISP design option for e- commerce? (Choose two.)

A. It is a common approach to single-homing
B. This approach is commonly used in large sites
C. Any failure on an edge router results in a loss of session
D. It has one NAT to two ISP-assigned blocks
E. It is difficult to set up and administer

Answer Clike
A network engineer must create a Layer 2 switch block design that has deterministic convergence and is loop-free at Layer 2. Which two switch block elements are needed to meet the requirements? (Choose two.)

A. Layer 3 link between distribution switches
B. HSRP with interface tracking on uplinks to core switches
C. RPVST with equal bridge priority on distribution switches
D. VLANs that do not span access switches
E. Layer 2 link between distribution switches

Answer Clike
A e-commerce network has many devices that often need to be upgraded on a regular basis. What technology will ensure IP packets continue to be forwarded even during a device failover?

A. stateful switchover
B. nonstop forwarding
C. route processor redundancy
D. optimized edge routing
E. enhanced object tracking

Answer Clike
Which security Mechanism can you implement to protect the OSPF?

A. Cryptographic authentication
B. Access-lists
C. Route-maps
D. Passive interfaces

Answer Clike
From a design perspective which two of the following OSPF statements are most relevant? (Choose two)

A. OSPF stub areas can be thought of as a simple form of summarization
B. OSPF cannot filter intra-area routes
C. An ABR can only exist in two areas - the backbone and one adjacent area
D. Performance issues in the Backbone area can be offset by allowing some traffic to transit a non-backbone area
E. The size of an area (the LSDB) will be constrained by the size of the IP MTU

Answer Clike
What are three primary components in IS-IS fast convergence? (Choose three.)

A. event propagation
B. LSP flooding
C. fast hellos
D. matching MTUs
E. updating RIB and FIB
F. SPF calculation

Answer Clike
Which two ways to support secure transport of multicast traffic are true? (Choose two.)

A. Use spoke-to-spoke design
B. Use IPsec over GRE tunnel
C. Use GET VPN
D. Use NBMA instead of broadcast
E. Disable encryption for multicast traffic.

Answer Clike
Which two statements correctly describe an IPS device? (Choose two.)

A. It resembles a Layer 2 bridge.
B. Traffic flow through the IPS resembles traffic flow through a Layer 3 router
C. Inline interfaces which have no IP addresses cannot be detected
D. Malicious packets that have been detected are allowed to pass through, but all subsequent traffic is blocked
E. Traffic arrives on the detection interface, is inspected, and exits via the same interface

Answer Clike
Which OSPF option can you configure to connect two parts of a partitioned backbone through a nonbackbone area?

A. route summarization
B. a virtual link
C. an NSSA
D. a static OSPF neighbor

Answer Clike
Which statement is the most accurate regarding IPsec VPN design for an Enterprise Campus environment?

A. VPN device IP addressing must align with the existing Campus addressing scheme.
B. The choice of a hub-and-spoke or meshed topology ultimately depends on the number of remotes.
C. Sizing and selection of the IPsec VPN headend devices is most affected by the throughput bandwidth requirements for the remote offices and home worker
D. Scaling considerations such as headend configuration, routing protocol choice, and topology have the broadest impact on the design

Answer Clike
Which Cisco NAC Appliance component is optional?

A. NAC Appliance Manager
B. NAC Appliance Server
C. NAC Appliance Agent
D. NAC Appliance Policy Updates

Answer Clike
Design for data center where you don't have to dedicate one switch per rack?

A. Top of rack
B. End of row
C. Blade Switch
D. Middle of row

Answer Clike
You need to use source specific multicast, which addressing should you use ?

A. 224.0.0.0/8
B. 232.0.0.0/8
C. 248.0.0.0/8
D. 254.0.0.0/8

Answer Clike
Which STP feature allows an access port to bypass the learning and listening?

A. PortFast
B. BPDU Guard
C. BPDU Filter
D. UplinkFast

Answer Clike
Which option describes the purpose of the auto-cost reference bandwidth 10000 command under the OSPF process?

A. Recognize redundant 10 Megabit links
B. Differentiate cost on a 10 Gigabit Ethernet trunk link
C. Change the default bandwidth for a 100 Megabit link
D. Adjust the link bandwidth for routing protocols

Answer Clike
Which IPv4 multicast technical component measure provides architectural security?

A. IGMP max groups
B. access lists
C. scoped addresses
D. state limit

Answer Clike
Port security supports which type of port?

A. SPAN destination port
B. EtherChannel port-channel port
C. Non-negotiating trunk port
D. DTP-enabled trunk port

Answer Clike
Which two statements correctly identify considerations to take into account when deciding on Campus QoS Design elements? (Choose two.)

A. Voice needs to be assigned to the hardware priority queue
B. Voice needs to be assigned to the software priority queue
C. Call signaling must have guaranteed bandwidth service
D. Strict-priority queuing should be limited to 50 percent of the capacity of the link
E. At least 33 percent of the link bandwidth should be reserved for default best-effort class

Answer Clike
What are two characteristics of Cisco Global Site Selector? (Choose two.)

A. It helps verify end-to-end path availability
B. It provides traffic rerouting in case of disaster
C. HSRP, GLBP, and VRRP can be clients of GSS
D. BGP must be the routing protocol between the distributed data centers.
E. DNS responsiveness is improved by providing centralized domain management

Answer Clike
An engineer is designing a multi cluster bgp network, each cluster has 2 RRs and 4 RR clients which 2 options must be considered?

A. Clients from all clusters should peer with all RRs
B. All route reflectors should be non client peers & topology partially meshed
C. All RRs must be non client peers in a fully meshed topology
D. Clients must not peer with IBGP speakers outside the client router
E. Clients should peer with at least one other client outside it's cluster

Answer Clike
To which switch or switches should you provide redundant links in order to achieve high availability with reliable fast convergence in the enterprise campus?

A. to a core switch running Cisco NSF and SSO from redundant distribution switches connected with a Layer 2 link
B. to a core switch running Cisco NSF and SSO from redundant distribution switches connected with a Layer 3 link
C. to two core switches from redundant distribution switches connected with a Layer 2 link
D. to two core switches from redundant distribution switches connected with a Layer 3 link
E. to two core switches running Cisco NSF and SSO from two redundant distribution switches running Cisco NSF and SSO

Answer Clike
Which two design recommendations are most appropriate when EIGRP is the data center core routing protocol? (Choose two.)

A. Summarize data center subnets
B. Use passive interfaces to ensure appropriate adjacencies
C. Tune the EIGRP timers to enable EIGRP to achieve quicker convergence
D. Adjust the default bandwidth value to ensure proper bandwidth on all links
E. Advertise a default summary route into the data center core from the aggregation layer

Answer Clike
A well-designed IP addressing scheme supporting role-based functions within the subnet will result in the most efficient use of which technology?

A. Layer 3 switching in the core
B. Network Admission Control (NAC)
C. IP telephony (voice and video) service
D. ACLs

Answer Clike
Which of the following two statements about Cisco NSF and SSO are the most relevant to the network designer? (Choose two.)

A. You can reduce outages to 1 to 3 seconds by using SSO in a Layer 2 environment or Cisco NSF with SSO in a Layer 3 environment.
B. SSO and NSF each require the devices to either be graceful restart-capable or graceful restart-aware.
C. In a fully redundant topology adding redundant supervisors with NSF and SSO may cause longer convergence times than single supervisors with tuned IGP timers
D. The primary deployment scenario for Cisco NSF with SSO is in the Distribution and Core layers.

Answer Clike
Which two characteristics are most typical of a SAN? (Choose two.)

A. NICs are used for network connectivity.
B. Servers request specific blocks of data
C. Storage devices are directly connected to servers
D. A fabric is used as the hardware for connecting servers to storage devices
E. The TCO is higher because of the cost of director class storage switches.

Answer Clike




Answer Clike
IP multicast packets when designing IPSec VPN?

A. IPSec forwarding using tunnel mode
B. Encapsulation of traffic with GRE or VTI
C. Additional bandwidth for headend
D. IPSec forwarding using transport mode

Answer Clike
What is an advantage of using the Virtual Device Contexts feature in a data center environment?

A. The same VLAN cannot be configured in separate Virtual Device Contexts
B. This feature provides fault domain separation
C. Supervisor modules are shared between Virtual Device Contexts.
D. Fabric modules are shared between Virtual Device Contexts

Answer Clike
Which three options are recommended practices when configuring VTP? (Choose three.)

A. Set the switch to transparent mode
B. Set the switch to server mode
C. Enable VLAN pruning
D. Disable VLAN pruning
E. Specify a domain name
F. Clear the domain name

Answer Clike
For which engine an IPS can use its reputation awareness? (Choose two)

A. Reputation filtering
B. Reputation subscriptions
C. Correlation rules
D. Global correlation inspection

Answer Clike
Which two modes does LACP support? (Choose two.)

A. on
B. passive
C. associated
D. link

Answer Clike
What is the recommended subnet between two sites that have a point-to-point connection to conserve IP addresses?

A. 255.255.255.0
B. 255.255.252.0
C. 255.255.255.252
D. 255.255.255.240

Answer Clike
Which two of these are recommended practices with trunks? (Choose two.)

A. use ISL encapsulation
B. use 802.1q encapsulation
C. set ISL to desirable and auto with encapsulation negotiate to support ISL protocol negotiation
D. use VTP server mode to support dynamic propagation of VLAN information across the network
E. set DTP to desirable and desirable with encapsulation negotiate to support DTP protocol negotiation

Answer Clike
When is a first-hop redundancy protocol needed in the distribution layer?

A. when the design implements Layer 2 between the access and distribution blocks
B. when multiple vendor devices need to be supported
C. when preempt tuning of the default gateway is needed
D. when a robust method of backing up the default gateway is needed

Answer Clike
Which protocol is used in an in-band network and why?

A. UDP, because it is connectionless
B. SSH, because the username and password are encrypted
C. Telnet, because the username and password are sent in clear
D. MSDP, because it uses TCP as its transport protocol

Answer Clike
Refer to the exhibit.


A. 10.3.2.4
B. 10.2.2.2
C. 10.2.2.1
D. 10.2.2.3

Answer Clike
Which statement about IPS and IDS solutions is true?

A. IDS and IPS read traffic only in inline mode
B. IDS and IPS read traffic only in promiscuous mode
C. An IDS reads traffic in inline mode, and an IPS reads traffic in promiscuous mode
D. An IDS reads traffic in promiscuous mode, and an IPS reads traffic in inline mode.

Answer Clike
Which type of connectivity is required for VPLS?

A. Full mesh
B. Partial mesh
C. Star
D. Bus
E. Ring

Answer Clike
A network designer needs to explain the advantages of route summarization to a client. Which two options are advantages that should be included in the explanation? (Choose Two)

A. Increases security by advertising fake networks.
B. Reduces routing table size
C. Advertises detailed routing size
D. Utilizes the routers full CPU capacity
E. Reduces the upstream impact of a flapping interface.

Answer Clike


Select and Place:


Answer Clike
Which two technologies provide web and URL filtering and mitigate zero-day malware? (Choose two)

A. Cisco CWS
B. Cisco WSA
C. Cisco GETVPN
D. Cisco ESA
E. NAT/PAT

Answer Clike
Which three statements about Network Attached Storage are correct? (Choose three.)

A. Data is accessed using NFS or CIFS.
B. Data is accessed at the block level
C. NAS is referred to as captive storage
D. Storage devices can be shared between servers
E. A NAS implementation is not as fast as a DAS implementation.

Answer Clike


Select and Place:


Answer Clike
Refer to the exhibit.

The Cisco Nexus 1000V in the VMware vSphere solution effectively creates an additional access layer in the virtualized data center network; which of the following 1000V characteristics can the designer take advantage of?


A. Offloads the STP requirement from the external Access layer switches
B. If upstream access switches do not support vPC or VSS the dual-homed ESX host traffic can still be distributed using virtual port channel host mode using subgroups automatically discovered through CDP
C. Allows transit traffic to be forwarded through the ESX host between VMNICs
D. Can be divided into multiple virtual device contexts for service integration, enhanced security, administrative boundaries, and flexibility of deployment

Answer Clike
An organization is using a link state routing that is not dependent on IP addressing .Which action enable information across area boundaries in this organization ?

A. Assign level 1 router interface
B. Assign level 1 routers to different areas
C. Assign level 2 router interface to the backbone area
D. Assign level 2 router to different areas
E. Assign level 2 router interface to different area

Answer Clike
Which four primary attributes define a WAN service? (Choose four.)

A. bandwidth
B. bursting capacity
C. memory
D. CPU
E. QoS classes and policies
F. latency
G. multicast support

Answer Clike
Which three virtualization categories are in campus networks? (Choose three.)

A. Layer 2 virtualization
B. Layer 3 clustering
C. network virtualization
D. device virtualization
E. network clustering
F. device clustering

Answer Clike
Which option describes why duplicate IP addresses reside on the same network in Cisco network design?

A. HSRP designed network
B. Using Cisco ACE in active/passive mode
C. VRRP designed network
D. Running multiple routing protocols

Answer Clike
When designing layer 2 STP based LAN with FHRP, what design recommendation should be followed?

A. Assign STP root with active FHRP device
B. Assign native VLAN to lowest number in use
C. Avoid configuring router preempt
D. Avoid modifying STP & FHRP default timers

Answer Clike
With which of the following could EIGRP and OSPF achieve sub second convergence ? (Choose Two)

A. Bidirectional Forwarding Detection (BFD)
B. Triangle topology
C. Square topology
D. Ring topology
E. Tuning timers
F. IP SLA

Answer Clike
Seven sites are connected via OTV, what is the best practice to connect more than tree sites using OTV?

A. Filter MAC address at the join interface
B. Use multicast-enabled transport
C. Use Unicast-only transport
D. Configure one edge device for each data center

Answer Clike
What is the next action taken by the Cisco NAC Appliance after it identifies a vulnerability on a client device?

A. denies the client network resource access
B. repairs the effected devices
C. generates a Syslog message
D. permits the client but limits to guest access

Answer Clike
Which two services are provided at the aggregation layer in a data center design? (Choose two.)

A. service module integration
B. default gateway redundancy
C. high-speed packet switching backplane
D. network interface card teaming
E. Layer 3 domain definitions

Answer Clike
Which three Layer 2 access designs have all of their uplinks in an active state? (Choose three.)

A. Flex Links
B. loop-free U
C. looped square
D. looped triangle
E. loop-free inverted U

Answer Clike
Which of these is true of IP addressing with regard to VPN termination?

A. addressing designs need to allow for summarization
B. termination devices need routable addresses inside the VPN
C. IGP routing protocols will update their routing tables over an IPsec VPN
D. designs should not include overlapping address spaces between sites, since NAT is not supported

Answer Clike
The Cisco Nexus 1000V is intended to address which disadvantage of the VMware vSphere solution?

A. Inability to deploy new functional servers without requiring physical changes on the network
B. Complexity added by the requirement for an ESX host for each virtual machine
C. Network administrators lack control of the access layer of the network
D. To increase the number of physical infrastructure and the virtual machines that can be managed

Answer Clike
Which OSPF concept is used to relate areas to the backbone area through another area?

A. Virtual Links
B. Backup Links
C. Inter-backbone Links
D. Point-to-point Links

Answer Clike
Which QoS mechanism uses PHBs?

A. DiffServ
B. IntServ
C. CoS
D. ToS

Answer Clike
Which two features can you implement to control which networks are advertised by a BGP router? (Choose two.)

A. prefix lists
B. route maps
C. policy maps
D. router SNMP statements
E. crypto maps

Answer Clike
Which two benefits are achieved if a network is designed properly with a structured addressing scheme?
(Choose two.)


A. efficient ACLs
B. improved redundancy
C. hardened security
D. easier troubleshooting
E. added resiliency

Answer Clike
Which option must be included in the design when implementing a triangle looped access layer design?

A. first hop redundancy protocol
B. Single uplinks between access and distribution switches
C. Layer 2 links between access switches
D. Layer 3 links between distribution switches

Answer Clike
A client security policy requires separate management control planes for different divisions with the company, which technology can be used to achieve this requirement while minimizing physical devices?

A. Virtual routing and forwarding
B. Virtual device contexts
C. Virtual Switching System
D. Virtual Local Area Networks
E. Virtual port channels

Answer Clike
Which option provides software modularity in Cisco NX-OS software in the data center design?

A. The ip routing command enables all of the features in the Cisco NX-OS.
B. All of the features are enabled by default in the Cisco NX-OS.
C. Individual features must be manually enabled to start the process
D. The Cisco NX-OS has a management VRF that is enabled by default

Answer Clike
OSPF stub areas are an important tool for the Network designer; which of the following two should be considered when utilizing OSPF stub areas? (Choose two)

A. OSPF stub areas increase the size of the LSDB with the addition of Type 3 and 5 LSAs
B. OSPF not so stubby areas are particularly useful as a simpler form of summarization
C. OSPF stub areas are always insulated from external changes
D. OSPF totally stubby areas cannot distinguish among ABRs for the best route to destinations outside the area
E. OSPF stub areas can distinguish among ASBRs for destinations that are external to the OSPF domain

Answer Clike
A link state routing protocol wants to connect two separate domains, what should be configured (it's a question about IS-IS)?

A. Level 1 router
B. Level 1 router interface
C. Level 2 router interface
D. Level 2 router

Answer Clike
The WAN link between HQ and Branch ... What Technology that to be routed in a more informed way , ...

A. Policy base routing
B. On demand routing
C. Static routing
D. Performance routing

Answer Clike
In what situation must spanning-tree be implemented?

A. When redundant Layer 2 links, that are not part of a single EtherChannel or bundle, exist between distribution switches
B. When redundant Layer 3 links, that are not part of a single EtherChannel or bundle, exist between distribution switches
C. Between Distribution and Core switches when interfaces are configured with "no switchport"
D. Between Distribution and Core switches when VSS is configured

Answer Clike
What is an advantage of using the Cisco FabricPath feature in a data center environment?

A. VSS does not have to be configured
B. Transparent Interconnection of Lots of Links can be configured simultaneously
C. Equal-Cost Multipath can be used to choose the forwarding path
D. The control plane and management plane remain separate

Answer Clike
In which OSI layer does IS-IS operate?

A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4

Answer Clike
Which statement about data center access layer design modes is correct?

A. The access layer is the first oversubscription point in a data center design
B. The data center access layer provides the physical-level connections to the server resources and only operates at Layer 3
C. When using a Layer 2 looped design, VLANs are not extended into the aggregation layer
D. When using a Layer 3 design, stateful services requiring Layer 2 connectivity are provisioned from the aggregation layer

Answer Clike


Select and Place:


Answer Clike
Refer to the exhibit.

Which statement about the ASA is true?


A. The management interface is reachable only from VLAN 30.
B. The management interface is reachable only from VLAN 40.
C. It is running in transparent mode
D. It is running in routed mode.

Answer Clike
Which of the following two are effective and simple means of employing route summarization within the Enterprise Campus network? (Choose two)

A. A default route (0.0.0.0 /0) advertised dynamically into the rest of the network
B. Route filtering to manage traffic flows in the network, avoid inappropriate transit traffic through remote nodes, and provide a defense against inaccurate or inappropriate routing updates
C. Use manual split horizon
D. Use a structured hierarchical topology to control the propagation of EIGRP queries
E. Open Shortest Path First (OSPF) stub areas

Answer Clike
Which two options improve BGP scalability in a large autonomous system? (Choose two.)

A. route reflectors
B. route redistribution
C. confederations
D. communities

Answer Clike
Which two of these are characteristics of multicast routing? (Choose two.)

A. multicast routing uses RPF.
B. multicast routing is connectionless
C. In multicast routing, the source of a packet is known
D. When network topologies change, multicast distribution trees are not rebuilt, but use the original path
E. Multicast routing is much like unicast routing, with the only difference being that it has a a group of receivers rather than just one destination

Answer Clike
Which two options regarding the Cisco TrusSec Security Group Tag are true? (Choose Two.)

A. It is assigned by the Cisco ISE to the user or endpoint session upon login.
B. Best practice dictates it should be statically created on the switch
C. It is removed by the Cisco ISE before reaching the endpoint
D. Best Practice dictates that deployments should include a guest group allowing access to minimal
E. Best Practice dictates that deployments should include a security group for common services such as DNS and DHCP

Answer Clike
Which three options are benefits of using VRFs within an enterprise network? (Choose three.)

A. simplifies configuration and troubleshooting
B. enables partitioning of network resources
C. enhances security between user groups
D. provides additional redundancy at Layer 3
E. allows for routing and forwarding separation
F. improves routing protocol convergence

Answer Clike
Which option is a recommended firewall topology?

A. using two firewalls with stateful failover switched mode
B. using one firewall with NAT enabled in transparent mode
C. using two firewalls in active/active mode
D. using one firewall with stateful failover enabled in routed mode

Answer Clike
Which two protocol characteristics should be most considered when designing a single unified fabric for the Data Center? (Choose two.)

A. FCIP or FCoE allow for easier integration by using the Fibre Channel Protocol (FCP) and Fibre Channel framing
B. iSCSI uses a special EtherType and an additional header containing additional control information
C. FCIP and iSCSI has higher overhead than FCoE owing to TCP/IP
D. FCoE was initially developed to be used as a switch-to-switch protocol, while FCIP is primarily meant to be used as an access layer protocol to connect hosts and storage to a Fibre Channel SAN
E. FCoE requires gateway functionality to integrate into an existing Fibre Channel network

Answer Clike
Which of the following is a result when designing multiple EIGRP autonomous systems within the Enterprise Campus network?

A. Improves scalability by dividing the network using summary routes at AS boundaries
B. Decreases complexity since EIGRP redistribution is automatically handled in the background
C. Reduces the volume of EIGRP queries by limiting them to one EIGRP AS
D. Scaling is improved when a unique AS is run at the Access, Distribution, and Core layers of the network

Answer Clike
Which option is correct when using Virtual Switching System?

A. Both control planes forward traffic simultaneously
B. Only the active switch forward traffic
C. Both data planes forward traffic simultaneously
D. Only the active switch handle the control plane

Answer Clike
What to configure in BGP so that other BGP neighbours cannot influence the path of a route.

A. Lower MED
B. Higher Local pref
C. Higher weight
D. Lower router ID

Answer Clike
Which three statements about firewall modes are correct? (Choose three.)

A. A firewall in routed mode has one IP address
B. A firewall in transparent mode has one IP address.
C. In routed mode, the firewall is considered to be a Layer 2 device
D. In routed mode, the firewall is considered to be a Layer 3 device.
E. In transparent mode, the firewall is considered to be a Layer 2 device
F. In transparent mode, the firewall is considered to be a Layer 3 device

Answer Clike
Which of the following is true concerning best design practices at the switched Access layer of the traditional layer 2 Enterprise Campus Network?

A. Cisco NSF with SSO and redundant supervisors has the most impact on the campus in the Access layer
B. Provide host-level redundancy by connecting each end device to 2 separate Access switches
C. Offer default gateway redundancy by using dual connections from Access switches to redundant Distribution layer switches using a FHRP
D. Include a link between two Access switches to support summarization of routing information from the Access to the Distribution layer

Answer Clike
What is an advantage of having an out-of-band management?

A. It is less expensive to have an out-of-band management.
B. Network devices can still be managed, even in case of network outage
C. There is no separation between the production network and the management network
D. SSH protocol must be used to manage network devices

Answer Clike
You are assigned the network of 192.168.1.0/24. You want to split the network into four subnets that are all the same size. Which three statements about the first subnet that you create are true? (Choose three.)

A. The subnet mask is 255.255.255.192
B. The last host IP address is 192.168.164
C. The subnet mask is 255.255.255.224
D. The subnet has up to 64 hosts
E. The last host IP address is 192.168.1.62
F. The subnet has up to 62 hosts

Answer Clike
Which option prevents the dropping of asymmetrically routed packets in active/active failover paired firewalls?

A. Nothing can be done to prevent this from happening.
B. Configure different policies on both firewalls.
C. Assign similar interfaces on each firewall to the same asymmetric routing group.
D. Assign similar interfaces on each firewall to a different asymmetric routing group.

Answer Clike

Which two practices will avoid Cisco Express Forwarding polarization?(Choose two.)


A. The core layer should use default Layer 3 hash information.
B. The core layer should use default Layer 4 hash information
C. The distribution layer should use default Layer 3 hash information
D. The distribution layer should use default Layer 4 hash information.
E. The core layer should use Layer 3 and Layer 4 information as input to the Cisco Expressing Forwarding hashing algorithm.
F. The distribution layer should use Layer 3 and Layer 4 information as input into the Cisco Expressing Forwarding hashing algorithm.

Answer Clike
Which of these practices should you follow when designing a Layer 3 routing protocol?

A. Never peer on transit links
B. Build squares for deterministic convergence
C. Build inverted U designs for deterministic convergence
D. Summarize routes at the distribution to the core to limit EIGRP queries or OSPF LSA propagation

Answer Clike
Two Cisco switches with 1 SUP and many 10G line-card ports for each switch, run in VSS mode. In which case or for what reason you don't connect all VSL to SUP?

A. The need for hardware diversity
B. Bandwidth congestion at SUP
C. In case the sup fail
D. Qos must be configured on both

Answer Clike
Which option can be implemented to manipulate the election of PIM DR to force multicast traffic to a certain path?

A. Assign a lower PIM DR priority to the PIM DR interface
B. Assign a lower IP address to the PIM DR interface
C. Assign a higher PIM DR priority to the PIM DR interface
D. Increase the cost on the PIM DR interface.

Answer Clike
Which two of these are correct regarding the recommended practice for distribution layer design? (Choose two.)

A. use a redundant link to the core
B. use a Layer 2 link between distribution switches
C. never use a redundant link to the core because of convergence issues
D. use a Layer 3 link between distribution switches with route summarization
E. use a Layer 3 link between distribution switches without route summarization

Answer Clike
Which option is an advantage of using PIM sparse mode instead of PIM dense mode?

A. No RP is required.
B. There is reduced congestion in the network.
C. IGMP is not required.
D. It floods all multicast traffic throughout the network.

Answer Clike




Answer Clike
There are 3 steps to confirm whether a range of IP addresses can be summarized. Which of the following is used in each of these 3 steps?

A. The first number in the contiguous block of addresses
B. The last number in the contiguous block of addresses
C. The size of the contiguous block of addresses
D. The subnet mask of the original network address

Answer Clike
Which two design principles should be followed to scale EIGRP properly? (Choose two.)

A. Ensure that the network design follows a structured hierarchical topology.
B. Utilize route summarization on edge devices.
C. Implement multiple autonomous systems, regardless of the size of the network.
D. Tune EIGRP delay metric on all core devices.
E. Configure offset lists on the network border.

Answer Clike
What three benefits exist when utilizing Cisco Nexus technology for implementing a unified fabric design? (Choose three.)

A. reduced cabling
B. fewer adapters
C. consolidated switching
D. increased bandwidth
E. enhanced redundancy
F. improved convergence

Answer Clike
Which two types of authentication mechanisms can be used by VRRP for security? (Choose two.)

A. SHA-1
B. MD5
C. SHA-256
D. plaintext authentication
E. PEAP

Answer Clike
Which three options are basic design principles of the Cisco Nexus 7000 Series for data center virtualization? (Choose three.)

A. easy management
B. infrastructure scalability
C. cost minimization
D. upgrade of technology
E. transport flexibility
F. operational continuity

Answer Clike
Transition to Named EIGRP without causing an outage?

A. router eigrp NAME
B. router eigrp 1 named NAME
C. router eigrp 1 eigrp upgrade-cli NAME
D. interface fa0/1 ip router eigrp 1 named NAME

Answer Clike
When a router has to make a rate transition from LAN to WAN, what type of congestion needs should be considered in the network design?

A. RX-queue deferred
B. TX-queue deferred
C. RX-queue saturation
D. TX-queue saturation
E. RX-queue starvation
F. TX-queue starvation

Answer Clike
Which of the following is true regarding the effect of EIGRP queries on the network design?

A. EIGRP queries will be the most significant issue with respect to stability and convergence
B. EIGRP queries are not a consideration as long as EIGRP has a feasible successor with a next hop AD that is greater than the FD of the current successor route
C. EIGRP queries will only increase the convergence time when there are no EIGRP stubs designed in the network
D. EIGRP queries will be stuck-in-active if there are no EIGRP stubs

Answer Clike
Which unique characteristics of the Data Center Aggregation layer must be considered by an Enterprise Campus designer?

A. Layer 3 routing between the Access and Aggregation layers facilitates the ability to span VLANs across multiple access switches, which is a requirement for many server virtualization and clustering technologies
B. "East-west" server-to-server traffic can travel between aggregation modules by way of the core, but backup and replication traffic typically remains within an aggregation module.
C. Load balancing, firewall services, and other network services are commonly integrated by the use of service modules that are inserted in the aggregation switches.
D. Virtualization tools allow a cost effective approach for redundancy in the network design by using two or four VDCs from the same physical switch.

Answer Clike
Out of band management. What is the best practice Cisco design?

A. Data traffic should never pass or enter the management network
B. In-band management as backup
C. Enforce QoS
D. Enable dynamic routing

Answer Clike
Design QoS (traffic regulation mechanisms ? )(Choose Two)

A. Classification
B. Shaping
C. Policing
D. Queuing

Answer Clike
Which command can you enter to inject BGP routes into an IGP?

A. redistribute bgp
B. redistribute static
C. redistribute static subnet
D. default-information originate

Answer Clike
When designing data centers for multitenancy, which two benefits are provided by the implementation of VSAN and zoning? (choose two)

A. VSAN provides a means of restricting visibility and connectivity among devices connected to a zone
B. VSANs have their own set of services and address space, which prevents an issue in one VSAN from affecting others
C. Zones provide the ability to create many logical SAN fabrics on a single Cisco MDS 9100 family switch
D. VSANs and zones use separate fabrics
E. Zones allow an administrator to control which initiators can see which targets

Answer Clike
About DDOS attack .What you can do on device to block DDOS attack ?

A. Policy map
B. ACL
C. Control plane policy
D. Used zoned firewall on router

Answer Clike
Which of the following features might be used by the Enterprise Campus network designer as a means of route filtering?

A. IPv4 static routes
B. Route tagging using a route map in an ACL
C. Tagging routes using the BGP MED
D. EIGRP stub networks

Answer Clike
Which three of these Metro service types map to E-Line (versus E-LAN) services that are defined by the Metro Ethernet Forum (MEF)? (Choose three.)

A. Ethernet Private Line
B. Ethernet Wire Service
C. Ethernet Relay Service
D. Ethernet Multipoint Service
E. Ethernet Relay Multipoint Service

Answer Clike
Which two of these correctly describe asymmetric routing and firewalls? (Choose two.)

A. only operational in routed mode
B. only operational in transparent mode
C. only eight interfaces can belong to an asymmetric routing group
D. operational in both failover and non-failover configurations
E. only operational when the firewall has been configured for failover

Answer Clike
Which option describes the effect of using softphones instead of VoIP handsets on QoS implementation for the voice traffic?

A. It provides a Layer 2 CoS marking in the frames that can be used for QoS implementation.
B. Using softphones means that 802.1Q tagging must be configured between the PC and the switch
C. The voice traffic of softphones is mixed with data traffic of PC on the access VLAN
D. By using softphones, the implementation of a QoS depends only on trusting DSCP markings set by the PC.

Answer Clike
Which of the following is most accurate with respect to designing high availability within the Enterprise Campus network?

A. High availability at and between the Distribution and Access layers is as simple as redundant switches and redundant Layer 3 connections
B. Non-deterministic traffic patterns require a highly available modular topology design
C. Distribution layer high availability design includes redundant switches and Layer 3 equal-cost load sharing connections to the switched Access and routed Core layers, with a Layer 3 link between the distribution switches to support summarization of routing information from the Distribution to the Core
D. Default gateway redundancy allows for the failure of a redundant Distribution switch without affecting endpoint connectivity

Answer Clike
In a base e-Commerce module design, which routing statement is correct?

A. Routing is mostly static
B. Hardcoded IP addresses are used to support failover
C. Inbound servers use the CSM or ACE as the default gateway.
D. VLANs between the access layer switches are used for FHRP protocols.

Answer Clike
What are the three configuration requirements for implementing Modular QoS on a router? (Choose three.)

A. CoS
B. class map
C. precedence
D. service policy
E. priority
F. policy map

Answer Clike
Port Security supports which type of port?

A. IEEE 802.1Q tunnel port
B. Dynamic trunk
C. Port-channel
D. Routed port

Answer Clike
In a collapsed core design, which three benefits are provided by a second-generation Cisco MDS director? (Choose three.)

A. a higher fan-out ratio
B. fully redundant switches
C. 100 percent port efficiency
D. all ISLs contained within a single chassis
E. higher latency and throughput than a core-edge design switch

Answer Clike
Given the addresses 10.10.16.0/24 and 10.10.23.0/24, which option is the best summary?

A. 10.10.0.0/16
B. 10.10.8.0/23
C. 10.10.16.0/23
D. 10.10.16.0/21

Answer Clike
Refer to the exhibit.

Which of the following two are advantages of Server virtualization using VMware vSphere? (Choose two)


A. Retains the one-to-one relationship between switch ports and functional servers
B. Enables the live migration of a virtual server from one physical server to another without disruption to users or loss of services
C. The access layer of the network moves into the vSphere ESX servers, providing streamlined vSphere management
D. Provides management functions including the ability to run scripts and to install third- party agents for hardware monitoring, backup, or systems management
E. New functional servers can be deployed with minimal physical changes on the network

Answer Clike
Which two of these correctly describe Fibre Channel? (Choose two.)

A. supports multiple protocols
B. works only in a shared or loop environment
C. allows addressing for up to 4 million nodes
D. allows addressing for up to 8 million nodes
E. provides a high speed transport for SCSI payloads
F. may stretch to a distance of up to 100 km before needing extenders

Answer Clike
What are two benefits of migrating from a vPC design to FabricPath? (Choose two.)

A. infrastructure scalability
B. lower latency
C. ease of configuration
D. network stability
E. easy to manage

Answer Clike
Explain to a customer 2 advantages of the routing summarization.(Choose two)

A. small routing table
B. small upstream impact of a flapping interface
C. fast convergence
D. security
E. enhance view of the architecture

Answer Clike
Which VPN technology is tunnel-less

A. GET VPN
B. DMVPN
C. MPLS
D. IPsec VPN

Answer Clike
What is an advantage of using the vPC feature in a data center environment?

A. VSS is a requirement
B. Multiple instances of control plane are formed
C. The control plane and management plane remain separate
D. Cisco FabricPath technology does not have to be configured

Answer Clike
In base e-Commerce module designs, where should firewall perimeters be placed?

A. core layer
B. Internet boundary
C. aggregation layer
D. aggregation and core layers
E. access and aggregation layers

Answer Clike
Which option is the primary reason to implement security in a multicast network?

A. maintain network operations
B. allow multicast to continue to function
C. optimize multicast utilization
D. ensure data streams are sent to the intended receivers

Answer Clike
Which of the following should the Enterprise Campus network designer consider with respect to Video traffic?

A. While it is expected that the sum of all forms of video traffic will grow to over 90% by 2017, the Enterprise will be spared this rapid adoption of video by consumers through a traditional top-down approach
B. Avoid bandwidth starvation due to video traffic by preventing and controlling the wide adoption of unsupported video applications
C. Which traffic model is in use, the flow direction for the traffic streams between the application components, and the traffic trends for each video application
D. Streaming video applications are sensitive to delay while interactive video applications, using TCP as the underlying transport, are fairly tolerant of delay and jitter

Answer Clike
A network engineer has implemented a looped triangle switch block design. What element must be included in the design?

A. first hop redundancy protocol
B. Layer 2 links between access switches
C. single uplinks between access and distribution switches
D. VLANs that span access switches
E. Layer 3 links between distribution switches

Answer Clike
Which statement about Fibre Channel communications is correct?

A. N_Port to N_Port connections use logical node connection points.
B. Flow control is only provided by QoS
C. It must be implemented in an arbitrated loop.
D. Communication methods are similar to those of an Ethernet bus.

Answer Clike
Which three options are the three layers of the Cisco design in the data center architecture? (Choose three.)

A. core layer
B. distribution layer
C. service layer
D. aggregation layer
E. Layer 2 domain sizing
F. access layer

Answer Clike
In which OSI layer does IS-IS operate?

A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4

Answer Clike
Which mechanism is enabled by default in the OTV technology to conserve bandwidth?

A. Automatic unicast flooding is suppressed over the OTV link.
B. BPDUs are allowed to traverse the OTV link.
C. Control plane traffic is prevented from traversing the OTV link
D. Data plane traffic is prevented from traversing the OTV link.

Answer Clike
HSRP. Router 1 (master) and Router 2 (standby), same priority. When router 1 f0/1 (outside interface) down. With which tracking commands the Router 2 will be able to preempt ? (Choose Two)

A. Track 50
B. Track 50 decrement 20
C. ip tracking 50 interface f0/1 reachability
D. ip tracking 50 Interface f0/1 ip routing (or line protocol)

Answer Clike
What feature is a benefit of using Cisco UCS blade servers for data center virtualization?

A. guest VM high availability
B. converged LAN and SAN infrastructure
C. host based etherchannel
D. built-in hypervisor

Answer Clike
With respect to address summarization, which of the following statements concerning IPv4 and IPv6 is true?

A. The potential size of the IPv6 address blocks suggests that address summarization favors IPv6 over IPv4.
B. Role based addressing using wildcard masks to match multiple subnets is suitable for IPv4, but unsuitable for IPv6.
C. In order to summarize, the number of subnets in the IPv4 address block should be a power of 2 while the number of subnets in the IPv6 address block should be a power of 64.
D. WAN link addressing best supports summarization with a /31 subnet for IPv4 and a /126 for IPv6.

Answer Clike
Which two features provide resiliency in a data center? (Choose two.)

A. Cisco FabricPath
B. VTP
C. encryption
D. vPC
E. VRF

Answer Clike
What is an advantage of using the vPC feature in data center environment ?

A. All available uplinks bandwidth is used.
B. FHRP is not required
C. A single IP is used for management of both devices
D. The two switches form a single control plane

Answer Clike
Which three options are basic technical metrics that a good SLA includes? (Choose three.)

A. packet loss
B. devices
C. latency
D. clients
E. IP availability
F. distance

Answer Clike
What is the purpose of an OTV edge device?

A. connect to other data centers
B. connect to the access layer
C. connect to the end users
D. connect to mobile devices

Answer Clike
A network engineer must perform posture assessments on Cisco ASA remote access VPN clients and control their network access based on the results. What mode is the Cisco best practice NAC deployment design for this situation?

A. Layer 2 in-band real IP gateway mode
B. Layer 2 out-of-band real IP gateway mode
C. Layer 3 in-band virtual gateway mode
D. Layer 3 out-of-band virtual gateway mode

Answer Clike
Which option is a benefit of the vPC+ feature?

A. Cisco FabricPath is not required in the network domain.
B. This feature provides fault domain separation
C. Nonfabric devices, such as a server or a classic Ethernet switch, can be connected to two fabric switches that are configured with vPC.
D. The control plane and management plane are combined into one logical plane.

Answer Clike
What two sensor types exist in an IDS/IPS solution? (Choose two.)

A. host
B. anomaly based
C. policy based
D. network based
E. signature

Answer Clike
Which two elements comprise the backbone area while designing a new network utilizing IS-IS as the interior gateway protocol (choose two)

A. contiguous chain of Level 2 capable routers
B. contiguous chain of Level1/Level 2 capable routers
C. set of Level 2 configured interfaces
D. contiguous Level 1 capable routers
E. set of Level 1 configured interfaces

Answer Clike
What is the recommended radius of a cell for a voice-ready wireless network?

A. 6 dBm
B. 7 dBm
C. 19 dBm
D. 5 dBm
E. -67 dBm
F. 86 dBm

Answer Clike
What is one limitation of MPLS Layer 3 VPN networks?

A. They require less powerful routers with limited capabilities
B. They require the customer to control routing
C. They support only IP traffic
D. PE routers are underutilized

Answer Clike