Q1. Which two devices would you place in your DMZ to ensure enterprise edge security? (Choose two.)
A. IPS
B. NAC
C. ASA
D. ACS
E. WCS
Answer: A,C
Q2. An organization is conducting an evaluation on the migration to IPv6 within the enterprise network and has requested clarification on recommended migration strategies. What three migration models would accomplish the organization's goal? (Choose three.)
A. Dual Stack
B. Service Block
C. Top-Down
D. Hybrid
E. Tunneled
F. Fork-Lift
Answer: A,B,D
Q3. A network engineer is following the three tiered Network Hierarchical Model. At which tier is
route summarization implemented?
A. core
B. distribution
C. backbone
D. access
Answer: B
Q4. Which Cisco security mechanism has the attributes listed below?
. It is a sensor appliance
. It searches for potential attacks by capturing and analyzing traffic
. It is a "purpose-built device"
. It is installed passively
. It introduces no delay or overhead
A. IKE
B. PIX
C. HIPS
D. NIDS
E. HMAC
Answer: D
Q5. Which three are associated with the distribution layer within the campus design? (Choose three.)
A. access layer aggregation
B. route summarization
C. network trust boundary
D. next-hop redundancy
E. layer 2 switching
F. port security
G. broadcast suppression
Answer: A,B,D
Q6. Which three options are valid Cisco STP tools used to ensure best-practice access layer design for the enterprise campus? (Choose three.)
A. Port fast
B. UDLD
C. Root Guard
D. BPDU Guard
E. Flex Links
F. SPAN
G. Ether Channel
Answer: A,C,D
Explanation:
Access layer Limit VLANs to a single closet when possible to provide the most deterministic and highly available topology.
Use RPVST+ if STP is required. It provides the best convergence.
Set trunks to ON and ON with no-negotiate
Manually prune unused VLANs to avoid broadcast propagation.
Use VTP Transparent mode, because there is little need for a common VLAN database in hierarchical networks.
Disable trunking on host ports, because it is not necessary. Doing so provides more security and speeds up Port Fast.
Consider implementing routing in the access layer to provide fast convergence and Layer 3 load balancing.
Use Cisco STP Toolkit, which provides Port Fast, Loop Guard, Root Guard, and BPDU Guard.
Q7. A network engineer is designing an enterprise managed VPN solution for a large number of remote offices that do not have on-site IT support and communicate only with the home office. What type of VPN solution should be implemented?
A. VPLS
B. GRE
C. IPsec
D. EVPN
E. DMVPN
F. SSL client
Answer: D
Q8. What characteristic separates link state routing protocols from a distance vector?
A. creates a topological view of the entire network
B. path calculation utilizes a more granular metric
C. does not scale well for large networks
D. constantly shares link state updates throughout the topology
Answer: A
Q9. Which three service categories are supported by an ISR? (Choose three.)
A. voice
B. security
C. data
D. Internet
E. storage
F. satellite
Answer: A,B,C
Q10. Which three layers comprise the traditional hierarchical model? (Choose three.)
A. core layer
B. distribution layer
C. access layer
D. aggregation layer
E. network layer
F. Internet layer
Answer: A,B,C