Q1. Refer to the exhibit. The DHCP client is unable to receive a DHCP address from the DHCP server. Consider the following output:
hostname RouterB ! interface fastethernet 0/0
ip address 172.31.1.1 255.255.255.0 interface serial 0/0 ip address 10.1.1.1 255.255.255.252
! ip route 172.16.1.0 255.255.255.0 10.1.1.2
Which configuration is required on the Router B fastethernet 0/0 port in order to allow the DHCP client to successfully receive an IP address from the DHCP server?
A. RouterB(config-if)# ip helper-address 172.16.1.2
B. RouterB(config-if)# ip helper-address 172.16.1.1
C. RouterB(config-if)# ip helper-address 172.31.1.1
D. RouterB(config-if)# ip helper-address 255.255.255.255
Answer: A
Explanation:
Q2. Two aspects of an IP SLA operation can be tracked: state and reachability. Which statement about state tracking is true?
A. When tracking state, an OK return code means that the track's state is up; any other return code means that the track's state is down.
B. When tracking state, an OK or over threshold return code means that the track's state is up; any other return code means that the track's state is down.
C. When tracking state, an OK return code means that the track's state is down; any other return code means that the track's state is up.
D. When tracking state, an OK or over threshold return code means that the track's state is down; any other return code means that the track's state is up.
Answer: A
Explanation:
Q3. An engineer executes the ip flow ingress command in interface configuration mode. What is the result of this action?
A. It enables the collection of IP flow samples arriving to the interface.
B. It enables the collection of IP flow samples leaving the interface.
C. It enables IP flow while disabling IP CEF on the interface.
D. It enables IP flow collection on the physical interface and its subinterfaces.
Answer: A
Explanation:
Q4. An organization decides to implement NetFlow on its network to monitor the fluctuation of traffic that is disrupting core services. After reviewing the output of NetFlow, the network engineer is unable to see OUT traffic on the interfaces. What can you determine based on this information?
A. Cisco Express Forwarding has not been configured globally.
B. NetFlow output has been filtered by default.
C. Flow Export version 9 is in use.
D. The command ip flow-capture fragment-offset has been enabled.
Answer: A
Explanation:
We came across a recent issue where a user setup a router for NetFlow export but was unable to see the
OUT traffic for the interfaces in NetFlow Analyzer. Every NetFlow configuration aspect was checked and
nothing incorrect was found. That is when we noticed the `no ip cef' command on the router. CEF was
enabled at the global level and within seconds, NetFlow Analyzer started showing OUT traffic for the
interfaces. This is why this topic is about Cisco Express Forwarding.
What is switching?
A Router must make decisions about where to forward the packets passing through. This decision-making
process is called "switching". Switching is what a router does when it makes the following decisions:
1.Whether to forward or not forward the packets after checking that the destination for the packet is
reachable.
2.If the destination is reachable, what is the next hop of the router and which interface will the router use to
get to that destination.
What is CEF?
CEF is one of the available switching options for Cisco routers. Based on the routing table, CEF creates its
own table, called the Forwarding Information Base (FIB). The FIB is organized differently than the routing
table and CEF uses the FIB to decide which interface to send traffic from. CEF offers the following
benefits:
1.Better performance than fast-switching (the default) and takes less CPU to perform the same task.
2.When enabled, allows for advanced features like NBAR
3.Overall, CEF can switch traffic faster than route-caching using fast-switching
How to enable CEF?
CEF is disabled by default on all routers except the 7xxx series routers. Enabling and Disabling CEF is
easy. To enable CEF, go into global configuration mode and
enter the CEF command.
Router# config t
Router(config)# ip cef
Router(config)#
To disable CEF, simply use the `no' form of the command, ie. `no ip cef`.
Why CEF Needed when enabling NetFlow ?
CEF is a prerequisite to enable NetFlow on the router interfaces. CEF decides through which interface
traffic is exiting the router. Any NetFlow analyzer product will calculate the OUT traffic for an interface
based on the Destination Interface value present in the NetFlow packets exported from the router. If the
CEF is disabled on the router, the NetFlow packets exported from the router will have "Destination
interface" as "null" and this leads NetFlow Analyzer to show no OUT traffic for the interfaces. Without
enabling the CEF on the router, the NetFlow packets did not mark the destination interfaces and so
NetFlow Analyzer was not able to show the OUT traffic for the interfaces. Reference: https://
blogs.manageengine.com/network-2/netflowanalyzer/2010/05/19/need-for-cef- in-netflow-data-export.html
Q5. A network engineer has left a NetFlow capture enabled over the weekend to gather information regarding excessive bandwidth utilization. The following command is entered:
switch#show flow exporter Flow_Exporter-1 What is the expected output?
A. configuration of the specified flow exporter
B. current status of the specified flow exporter
C. status and statistics of the specified flow monitor
D. configuration of the specified flow monitor
Answer: B
Explanation:
show flow exporter exporter-name (Optional) Displays the current status of the specified flow exporter.
Example:
Device# show flow exporter
FLOW_EXPORTER-1
Reference: http://www.cisco.com/en/US/docs/ios-xml/ios/fnetflow/configuration/15-mt/cfg-de- fnflowexprts.
html
Q6. You have been asked to evaluate how EIGRP is functioning in a customer network.
Which key chain is being used for authentication of EIGRP adjacency between R4 and R2?
A. CISCO
B. EIGRP
C. key
D. MD5
Answer: A
Explanation: R4 and R2 configs are as shown below:
Clearly we see the actual key chain is named CISCO.
Q7. Refer to the following command: router(config)# ip http secure-port 4433
Which statement is true?
A. The router will listen on port 4433 for HTTPS traffic.
B. The router will listen on port 4433 for HTTP traffic.
C. The router will never accept any HTTP and HTTPS traffic.
D. The router will listen to HTTP and HTTP traffic on port 4433.
Answer: A
Explanation:
To set the secure HTTP (HTTPS) server port number for listening, use the ip http secure-port
command in global configuration mode. To return the HTTPS server port number to the default, use the no
form of this command. ip http secure-port port-number no ip http secure-port Syntax Description port-
Integer in the range of 0 to 65535 is accepted, but the port number must be number higher than 1024
unless the default is used. The default is 443. Reference: http://www.cisco.com/en/US/docs/ios-xml/ios/
https/command/nm-https-cr-cl- sh.html#wp3612805529
Q8. What is a function of NPTv6?
A. It interferes with encryption of the full IP payload.
B. It maintains a per-node state.
C. It is checksum-neutral.
D. It rewrites transport layer headers.
Answer: C
Explanation:
RFC 6296 describes a stateless IPv6-to-IPv6 Network Prefix Translation (NPTv6) function,
designed to provide address independence to the edge network. It is transport-agnostic with respect to
transports that do not checksum the IP header, such as SCTP, and to transports that use the TCP/UDP/
DCCP (Datagram Congestion Control Protocol) pseudo-header and checksum NPTv6 provides a simple
and compelling solution to meet the address-independence requirement in IPv6. The addressindependence
benefit stems directly from the translation function of the network prefix translator. To avoid
as many of the issues associated with NAPT44 as possible, NPTv6 is defined to include a two-way,
checksum-neutral, algorithmic translation function, and nothing else. Reference: http://tools.ietf.org/html/
rfc6296
Q9. What are the three modes of Unicast Reverse Path Forwarding?
A. strict mode, loose mode, and VRF mode
B. strict mode, loose mode, and broadcast mode
C. strict mode, broadcast mode, and VRF mode
D. broadcast mode, loose mode, and VRF mode
Answer: A
Explanation:
Network administrators can use Unicast Reverse Path Forwarding (Unicast RPF) to help limit
the malicious traffic on an enterprise network. This security feature works by enabling a router to verify the
reachability of the source address in packets being forwarded. This capability can limit the appearance of
spoofed addresses on a network. If the source IP address is not valid, the packet is discarded. Unicast
RPF works in one of three different modes: strict mode, loose mode, or VRF mode. Note that not all
network devices support all three modes of operation. Unicast RPF in VRF mode will not be covered in this
document. When administrators use Unicast RPF in strict mode, the packet must be received on the
interface that the router would use to forward the return packet. Unicast RPF configured in strict mode may
drop legitimate traffic that is received on an interface that was not the router's choice for sending return
traffic. Dropping this legitimate traffic could occur when asymmetric routing paths are present in the
network. When administrators use Unicast RPF in loose mode, the source address must appear in the
routing table. Administrators can change this behavior using the allow-default option, which allows the use
of the default route in the source verification process. Additionally, a packet that contains a source address
for which the return route points to the Null 0 interface will be dropped. An access list may also be
specified that permits or denies certain source addresses in Unicast RPF loose mode. Care must be taken
to ensure that the appropriate Unicast RPF mode (loose or strict) is configured during the deployment of
this feature because it can drop legitimate traffic. Although asymmetric traffic flows may be of concern
when deploying this feature, Unicast RPF loose mode is a scalable option for networks that contain
asymmetric routing paths. Reference: http://www.cisco.com/web/about/security/intelligence/unicastrpf.
html
Q10. Which Cisco VPN technology can use multipoint tunnel, resulting in a single GRE tunnel interface on the hub, to support multiple connections from multiple spoke devices?
A. DMVPN
B. GETVPN
C. Cisco Easy VPN
D. FlexVPN
Answer: A
Explanation: