Q1. Which standard feature can be exploited by an attacker to perform network reconnaissance?
A. IP-directed broadcast
B. maintenance operations protocol
C. ICMP redirects
D. source quench
Answer: C
Q2. When you configure the ip pmtu command under an L2TPv3 pseudowire class, which two things can happen when a packet exceeds the L2TP path MTU? (Choose two.)
A. The router drops the packet.
B. The router always fragments the packet after L2TP/IP encapsulation.
C. The router drops the packet and sends an ICMP unreachable message back to the sender only if the DF bit is set to 1.
D. The router always fragments the packet before L2TP/IP encapsulation.
E. The router fragments the packet after L2TP/IP encapsulation only if the DF bit is set to 0.
F. The router fragments the packet before L2TP/IP encapsulation only if the DF bit is set to
0.
Answer: C,F
Explanation:
If you enable the ip pmtu command in the pseudowire class, the L2TPv3 control channel participates in the path MTU discovery. When you enable this feature, the following processing is performed:
– ICMP unreachable messages sent back to the L2TPv3 router are deciphered and the tunnel MTU is updated accordingly. In order to receive ICMP unreachable messages for fragmentation errors, the DF bit in the tunnel header is set according to the DF bit value received from the CE, or statically if the ip dfbit set option is enabled. The tunnel MTU is periodically reset to the default value based on a periodic timer.
– ICMP unreachable messages are sent back to the clients on the CE side. ICMP unreachable messages are sent to the CE whenever IP packets arrive on the CE-PE interface and have a packet size greater than the tunnel MTU. A Layer 2 header calculationis performed before the ICMP unreachable message is sent to the CE.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/l2tpv325.html
Q3. DRAG DROP
Drag and drop the NAT operations on the left into the correct sequential order on the right.
Answer:
Q4. Refer to the exhibit.
Why is the router not accessible via Telnet on the GigabitEthernet0 management interface?
A. The wrong port is being used in the telnet-acl access list.
B. The subnet mask is incorrect in the telnet-acl access list.
C. The log keyword needs to be removed from the telnet-acl access list.
D. The access class needs to have the vrf-also keyword added.
Answer: D
Explanation:
The correct command should be “access-class telnet-acl in vrf-also”. If you do not specify the vrf-also keyword, incoming Telnet connections from interfaces that are part of a VRF are rejected.
Q5. DRAG DROP
Drag each IS-IS command on the left to its effect on the right.
Answer:
Q6. Refer to the exhibit.
All of the routers on this network are running RIP. If you edit the R3 RIP process configuration to reduce the number of hops from R3 to R1, which statement about the configuration change is true?
A. Configuring no passive-interface for GigabitEthernet0/0 in the R3 RIP process reduces the number of hops to R1 by 2.
B. Configuring no passive-interface for GigabitEthernet0/0 in the R3 RIP process reduces the number of hops to R1 by 1.
C. Configuring no passive-interface for GigabitEthernet0/1 in the R3 RIP process reduces the number of hops to R1 by 3.
D. Configuring no passive-interface for GigabitEthernet0/1 in the R3 RIP process reduces the number of hops to R1 by 1.
Answer: A
Explanation:
By changing the link from R3 to R2 to not be passive, traffic can then take the direct route from R3-R2-R1 instead of the longer path of R3-R6-R5-R4-R1, resulting in two less hops.
Q7. DRAG DROP
Drag and drop each IPv6 neighbor discovery message type on the left to the corresponding description on the right.
Answer:
Q8. What is the new designation for the MPLS EXP (experimental) bits?
A. QoS bits
B. traffic class bits
C. flow bits
D. precedence bits
Answer: B
Explanation:
To avoid misunderstanding about how this field may be used, it has become increasingly necessary to rename this field. This document changes the name of the EXP field to the "Traffic Class field" ("TC field"). In doing so, it also updates documents that define the current use of the EXP field.
Reference: https://tools.ietf.org/html/rfc5462
Q9. DRAG DROP
Drag and drop the argument of the mpls ip cef load-sharing command on the left to the function it performs on the right.
Answer:
Q10. Which two statements about the passive-interface command are true? (Choose two.)
A. A RIP router listens to multicast updates from its neighbor but stops sending multicast updates on the passive interface.
B. In OSPF, configuring passive-interface at the interface level suppresses hello packets for the interface and all sub interfaces.
C. An EIGRP router can form neighbor relationship on the passive interface, but incoming and outgoing multicast updates are disabled on the interface.
D. A RIP router disables all incoming and outgoing multicast updates in the passive interface.
E. In EIGRP, the passive interface stops sending hello packets.
F. In OSPF, the passive interface can receive incoming routing updates and update the device routing table.
Answer: A,E