Q1. You are configuring a DMVPN spoke to use IPsec over a physical interface that is located within a VRF. For which three configuration sections must you specify the VRF name? (Choose three.)
A. the ISAKMP profile
B. the crypto keyring
C. the IPsec profile
D. the IPsec transform set
E. the tunnel interface
F. the physical interface
Answer: B,E,F
Explanation:
ip vrf forwardingvrf-name
Example:
Router(config-if)# ip vrf forwarding green
Associates a virtual private network (VPN) routing and forwarding (VRF) instance with an interface or subinterface.
. vrf-name is the name assigned to a VRF.
Router(config-if)# tunnel vrfvrf-name
Example:
Router(config-if)# tunnel vrf finance1
Associates a VPN routing and forwarding (VRF) instance with a specific tunnel destination. vrf-name is the name assigned to a VRF.
Router(config)# crypto keyringkeyring-name [vrf fvrf-name]
Defines a crypto keyring to be used during IKE authentication and enters keyring configuration mode.
. keyring-name—Name of the crypto keyring.
. fvrf-name—(Optional) Front door virtual routing and forwarding (FVRF) name to which the keyring will be referenced. fvrf-name must match the FVRF name that was defined during virtual routing and forwarding (VRF) configuration
Q2. Which statement is true about IGMP?
A. Multicast sources send IGMP messages to their first-hop router, which then generates a PIM join message that is then sent to the RP.
B. Multicast receivers send IGMP messages to their first-hop router, which then forwards the IGMP messages to the RP.
C. IGMP messages are encapsulated in PIM register messages and sent to the RP.
D. Multicast receivers send IGMP messages to signal their interest to receive traffic for specific multicast groups.
Answer: D
Explanation:
In the example shown above, the receivers (the designated multicast group) are interested in receiving the video data stream from the source. The receivers indicate their interest by sending an Internet Group Management Protocol (IGMP) host report to the routers in the network. The routers are then responsible for delivering the data from the source to the receivers.
Reference:
http://www.cisco.com/c/en/us/td/docs/ios/solutions_docs/ip_multicast/White_papers/mcst_o vr.html
Q3. Which two features does the show ipv6 snooping features command show information about? (Choose two.)
A. RA guard
B. DHCP guard
C. ND inspection
D. source guard
Answer: A,C
Explanation:
The show ipv6 snooping features command displays the first-hop features that are configured on the router. Examples
The following example shows that both IPv6 NDP inspection and IPv6 RA guard are configured on the router:
Router# show ipv6 snooping features
Feature name priority state
RA guard 100 READY
NDP inspection 20 READY
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/command/ipv6-cr-book/ipv6-s5.html
Q4. Refer to the exhibit.
All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP link metrics.
After STP converges, you discover that traffic from switch SWG toward switch SWD takes a less optimal path. What can you do to optimize the STP tree in this switched network?
A. Change the priority of switch SWA to a lower value than the default value.
B. Change the priority of switch SWB to a higher value than the default value.
C. Change the priority of switch SWG to a higher value than the default value.
D. Change the priority of switch SWD to a lower value than the default value.
Answer: D
Explanation:
In this topology, we see that all port paths and priorities are the same, so the lowest MAC address will be used to determine the best STP path. From SWG, SWE will be chosen as the next switch in the path because it has a lower MAC address than SWF. From SWE, traffic will go to SWC because it has a lower MAC address, and then to SWD, instead of going from SWE directly to SWD. If we lower the priority of SWD (lower means better with STP) then traffic will be sent directly to SWD.
Q5. When the BGP additional-paths feature is used, what allows a BGP speaker to differentiate between the different available paths?
A. The remote BGP peer prepends its own next-hop address to the prefix.
B. A unique path identifier is encoded into a dedicated field to the NLRI.
C. A route distinguisher is appended to the prefix by the receiving BGP speaker.
D. The additional path information is encoded in an extended community.
Answer: B
Q6. Refer to the exhibit.
You must complete the configuration on R1 so that a maximum of three links can be used and fragmentation is supported.
Which additional configuration accomplishes this task?
A. interface Multilink19
ip address 192.168.1.1 255.255.255.0
ppp multilink
ppp multilink group 19
ppp multilink links minimum 1
ppp multilink links maximum 3
ppp multilink interleave
B. interface Multilink19
ip address 192.168.1.1 255.255.255.0
ppp multilink
ppp multilink group 19
ppp multilink links maximum 3
ppp multilink fragment delay 20
C. interface Multilink19
ip address 192.168.1.1 255.255.255.0
ppp multilink
ppp multilink group 19
ppp multilink links maximum 3
ppp multilink fragment delay 20
ppp multilink interleave
D. interface Multilink19
ip address 192.168.1.1 255.255.255.252
ppp multilink
ppp multilink group 19
ppp multilink links maximum 3
ppp multilink interleave
Answer: A
Explanation:
The “ppp multilink interleave” command is needed to enable link fragmentation and Interleaving (LFI). The Cisco IOS Link Fragmentation and Interleaving (LFI) feature uses Multilink PPP (MLP). MLP provides a method of splitting, recombining, and sequencing datagrams across multiple logical data links. MLP allows packets to be fragmented and the fragments to be sent at the same time over multiple point-to-point links to the same remote address.
ppp multilink links maximum
To limit the maximum number of links that Multilink PPP (MLP) can dial for dynamic allocation, use the ppp multilink links maximum command in interface configuration mode.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/configuration/guide/fqos_c/qcflfi.html
Q7. RIPv2 is enabled on a router interface. The "neighbor" command is also configured with a specific IP address. Which statement describes the effect of this configuration?
A. RIP stops sending multicast packets on that interface.
B. RIP starts sending only unicast packets on that interface.
C. RIP starts ignoring multicast packets on that interface.
D. RIP starts sending unicast packets to the specified neighbor, in addition to multicast packets.
Answer: D
Q8. Which two 802.1D port states are expected in a stable Layer 2 network? (Choose two.)
A. forwarding
B. learning
C. listening
D. blocking
E. disabled
Answer: A,D
Q9. Which two statements are true about an EVPL? (Choose two.)
A. It has a high degree of transparency.
B. It does not allow for service multiplexing.
C. The EVPL service is also referred to as E-line.
D. It is a point-to-point Ethernet connection between a pair of UNIs.
Answer: C,D
Explanation:
Following the MEF approach, the services that comprise the Metro Ethernet (ME) solution can be classified into the following two general categories:
. Point-to-point (PtP) — A single point-to-point Ethernet circuit provisioned between two User Network Interfaces (UNIs).
. Multipoint-to-multipoint (MPtMP) — A single multipoint-to-multipoint Ethernet circuit provisioned between two or more UNIs. When there are only two UNIs in the circuit, more UNIs can be added to the same Ethernet virtual connection if required, which distinguishes this from the point-to-point type. In the MEF terminology, this maps to the following Ethernet service types:
. Ethernet Line Service Type (E-Line) — Point-to-point Ethernet service
. Ethernet LAN Service Type (E-LAN) — Multipoint-to-multipoint Ethernet service
Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/HA_Clusters/HA_C lusters/HA_ME3_6.pdf
Q10. Which three statements are true about PPP CHAP authentication? (Choose three.)
A. PPP encapsulation must be enabled globally.
B. The LCP phase must be complete and in closed state.
C. The hostname used by a router for CHAP authentication cannot be changed.
D. PPP encapsulation must be enabled on the interface.
E. The LCP phase must be complete and in open state.
F. By default, the router uses its hostname to identify itself to the peer.
Answer: D,E,F
Explanation:
Point-to-Point Protocol (PPP) authentication issues are one of the most common causes for dialup link failures. This document provides some troubleshooting procedures for PPP authentication issues.
Prerequisites
. Enable PPP encapsulation
. The PPP authentication phase does not begin until the Link Control Protocol (LCP) phase is complete and is in the open state. If debug ppp negotiation does not indicate that LCP is open, troubleshoot this issue before proceeding.
Note. By default, the router uses its hostname to identify itself to the peer. However, this CHAP username can be changed through the ppp chap hostname command.
Reference: http://www.cisco.com/c/en/us/support/docs/wan/point-to-point-protocol-ppp/25647-understanding-ppp-chap.html