Q1. A network engineer wants to add a new switch to an existing switch stack. Which configuration must be added to the new switch before it can be added to the switch stack?
A. No configuration must be added.
B. stack ID
C. IP address
D. VLAN information
E. VTP information
Answer: A
Q2. Which statement about NAT64 is true?
A. NAT64 provides address family translation and translates IPv4 to IPv6 and IPv6 to IPv4.
B. NAT64 provides address family translation and can translate only IPv6 to IPv4.
C. NAT64 should be considered as a permanent solution.
D. NAT64 requires the use of DNS64.
Answer: A
Q3. Refer to the exhibit.
Which two statements about this egress queue are true? (Choose two.)
A. The queue 3 buffer is allocated 20 percent, its drop threshold is 100 percent, and it is guaranteed 400 percent of memory.
B. The queue 1 buffer is allocated 30 percent, its drop threshold is 25 percent, and it is guaranteed 100 percent of memory.
C. The queue 1 buffer is allocated 30 percent, its drop threshold is 100 percent, and it is guaranteed 150 percent of memory.
D. The queue 2 buffer is allocated 30 percent, its drop threshold is 200 percent, and it can use at maximum 400 percent of memory.
E. The queue 3 buffer is allocated 30 percent, its drop threshold is 100 percent, and it can use at maximum 400 percent of memory.
Answer: B,D
Q4. Which three statements are functions that are performed by IKE phase 1? (Choose three.)
A. It builds a secure tunnel to negotiate IKE phase 1 parameters.
B. It establishes IPsec security associations.
C. It authenticates the identities of the IPsec peers.
D. It protects the IKE exchange by negotiating a matching IKE SA policy.
E. It protects the identities of IPsec peers.
F. It negotiates IPsec SA parameters.
Answer: C,D,E
Explanation:
The basic purpose of IKE phase 1 is to authenticate the IPSec peers and to set up a secure channel between the peers to enable IKE exchanges. IKE phase 1 performs the following functions:
. Authenticates and protects the identities of the IPSec peers
. Negotiates a matching IKE SA policy between peers to protect the IKE exchange
. Performs an authenticated Diffie-Hellman exchange with the end result of having matching shared secret keys
. Sets up a secure tunnel to negotiate IKE phase 2 parameters
Reference: http://www.ciscopress.com/articles/article.asp?p=25474&seqNum=7
Q5. Refer to the exhibit.
Which two configuration changes enable the user admin to log in to the device? (Choose two.)
A. Configure the login authentication to be case-insensitive.
B. Configure the user admin with a password and appropriate privileges.
C. Configure the login authentication to be case-sensitive.
D. Modify the configuration to use a named group.
E. Configure additional login authentication under the terminal lines.
Answer: A,B
Explanation:
Usernames and passwords are case-sensitive. Users attempting to log in with an incorrectly cased username or password will be rejected. If users are unable to log into the router with their specific passwords, reconfigure the username and password on the router.
Reference: http://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-110/45843-configpasswords.html
Q6. Which option describes the purpose of the PPP endpoint discriminator?
A. It identifies the maximum payload packet.
B. It notifies the peer that it prefers 12-bit sequence numbers.
C. It identifies the system attached to the link.
D. It determines whether a loopback is on the link.
Answer: C
Explanation:
In situations in which many clients use the same username to initiate an MP connection, or when interoperating with non-Cisco routers, you need to control the order in which the bundle name is created. It is necessary to configure the access server to create a bundle name based on the endpoint discriminator first, the username second, or both. The endpoint discriminator identifies the system transmitting the packet and advises the network access server (NAS) that the peer on this link could be the same as the peer on another existing link. Because every client has a unique endpoint discriminator, only multiple links from the same client are bundled into a single unique MP connection. For example, consider when two PC clients initiate a multilink connection to an access server using the same username. If the multilink bundle name is established based on the endpoint discriminator first, then on the username or on both, the NAS can accurately bundle the links from each client using the endpoint discriminator as a bundle name. This bundle name is unique to the peer system transmitting the packet.
Reference: http://www.cisco.com/c/en/us/support/docs/wan/point-to-point-protocol-ppp/10238-mppp-bundle-name.html
Q7. Which statement about the feasible distance in EIGRP is true?
A. It is the maximum metric that should feasibly be considered for installation in the RIB.
B. It is the minimum metric to reach the destination as stored in the topology table.
C. It is the metric that is supplied by the best next hop toward the destination.
D. It is the maximum metric possible based on the maximum hop count that is allowed.
Answer: B
Explanation:
An EIGRP router advertises each destination it can reach as a route with an attached metric. This metric is called the route's reported distance (the term advertised distance has also been used in older documentation). A successor route for any given destination is chosen as having the lowest computed feasible distance; that is, the lowest sum of reported distance plus the cost to get to the advertising router. By default, an EIGRP router will store only the route with the best (lowest) feasible distance in the routing table (or, multiple routes with equivalent feasible distances).
Reference: http://packetlife.net/blog/2010/aug/9/eigrp-feasible-successor-routes/
Q8. Refer to the exhibit.
Which statement is true?
A. This is an MPLS TE point-to-multipoint LSP in an MPLS network.
B. This is an MPLS TE multipoint-to-point LSP in an MPLS network.
C. This is a point-to-multipoint LSP in an MPLS network.
D. This is a multipoint-to-multipoint LSP in an MPLS network.
Answer: D
Explanation:
Same example of this provided on slide 24 at the reference link below:
Reference: “mVPN Deployment Models” Cisco Live Presentation
http://d2zmdbbm9feqrf.cloudfront.net/2014/eur/pdf/BRKIPM-2011.pdf, slide 24
Q9. Which trunking configuration between two Cisco switches can cause a security risk?
A. configuring different native VLANs on the switches
B. configuring different trunk modes on the switches
C. configuring mismatched VLANs on the trunk
D. disabling DTP on the trunk ports
E. configuring incorrect channel-groups on the switches
Answer: A
Q10. An access switch at a remote location is connected to the spanning-tree root with redundant uplinks. A network engineer notices that there are issues with the physical cabling of the current root port. The engineer decides to force the secondary link to be the desired forwarding root port. Which action accomplishes this task?
A. Adjust the secondary link to have a lower priority than the primary link.
B. Change the link type to point-to-point.
C. Apply a BPDU filter on the primary interface of the remote switches.
D. Enable Rapid Spanning Tree to converge using the secondary link.
Answer: A