Q1. Which two statements about Layer 2 Frame Prioritization bits are true? (Choose two.)
A. 802.1Q frame headers carry the CoS value in the three most-significant bits of the 2-byte Tag Control Information field.
B. ISL frame headers carry an IEEE 802.1P CoS value in the three least-significant bits of the 2-byte User field.
C. ISL frame headers carry an IEEE 802.1P CoS value in the three most-significant bits of the 1-byte User field.
D. On 802.1Q trunks, traffic in the native VLAN is carried in 802.1Q frames.
E. Only 802.1Q and ISL frame types can carry CoS information.
F. On 802.1Q trunks, traffic in the native VLAN is carried in 802.1P frames.
Answer: A,E
Q2. Which service is disabled by the no service tcp-small-servers command?
A. the finger service
B. the Telnet service
C. the Maintenance Operation Protocol service
D. the chargen service
Answer: D
Explanation:
The TCP small servers are: . Echo: Echoes back whatever you type through the telnet x.x.x.x echo command.
. Chargen: Generates a stream of ASCII data. Use the telnet x.x.x.x chargen Command.
. DiscarD. Throws away whatever you type. Use the telnet x.x.x.x discard command.
. DaytimE. Returns system date and time, if it is correct. It is correct if you run Network Time Protocol (NTP), or have set the date and time manually from the exec level. Use the telnet x.x.x.x daytime command.
Reference: http://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-110/12815-23.html
Q3. Which statement about OSPF multiaccess segments is true?
A. The designated router is elected first.
B. The designated and backup designated routers are elected at the same time.
C. The router that sent the first hello message is elected first.
D. The backup designated router is elected first.
Answer: D
Explanation:
According to the RFC, the BDR is actually elected first, followed by the DR. The RFC explains why: “The reason behind the election algorithm’s complexity is the desire for an orderly transition from Backup Designated Router to Designated Router, when the current Designated Router fails. This orderly transition is ensured through the introduction of hysteresis: no new Backup Designated Router can be chosen until the old Backup accepts its new Designated Router responsibilities. The above procedure may elect the same router to be both Designated Router and Backup Designated Router, although that router will never be the calculating router (Router X) itself.”
Reference: http://www.ietf.org/rfc/rfc2328.txt – Page 76
Q4. Which technology can be used to secure the core of an STP domain?
A. UplinkFast
B. BPDU guard
C. BPDU filter
D. root guard
Answer: D
Explanation:
Since STP does not implement any authentication or encryption to protect the exchange of BPDUs, it is vulnerable to unauthorized participation and attacks. Cisco IOS offers the STP Root Guard feature to enforce the placement of the root bridge and secure the core of the STP domain.
STP root guard forces a port to become a designated port so that no switch on the other end of the link can become a root switch. If a port configured for root guard receives a superior BPDU, the port it is received on is blocked. In this way, STP root guard blocks other devices from trying to become the root bridge.
STP root guard should be enabled on all ports that will never connect to a root bridge, for example, all end user ports. This ensures that a root bridge will never be negotiated on those ports.
Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/Baseline_Security/secur ebasebook/sec_chap7.html
Q5. Refer to the exhibit.
Which statement about the R1 configuration is true?
A. It supports the service timestamps log uptime command to display time stamps.
B. The logging buffer command was used to increase the default of the buffer.
C. The logging of warning messages is disabled.
D. Log message sequence numbering is disabled.
Answer: D
Explanation:
To disable sequence numbers, use the no service sequence-numbers global configuration command.
This example shows part of a logging display with sequence numbers enableD. 000019: %SYS-5-CONFIG_I: Configured from console by vty2 (10.34.195.36)
In this example we see the absence of sequence numbers on the log messages.
Not A. In this example there are no time stamps or uptimes shown in the logs.
Not B. The default buffer size is 4096 bytes.
Not C. The logging level in this example is informational (level 6), which will display levels 0-6 in the logs. Warnings are level 4.
Q6. Refer to the exhibit.
Which additional configuration is necessary for R1 and R2 to become OSPF neighbors?
A. R1
!
router ospf 1
no passive-interface Fastethernet0/0
!
B. R2
!
router ospf 10
no network 10.1.1.6 0.0.0.0 area 0
network 10.1.1.6 0.0.0.0 area 1
!
C. R1
!
interface FastEthernet0/0
ip ospf mtu-ignore
!
R2
!
interface FastEthernet0/1
ip ospf mtu-ignore !
D. R1
!
no router ospf 1
router ospf 10
network 10.1.1.5 0.0.0.0 area 0
Answer: A
Explanation:
Because the passive interface default command is used, by default all interfaces are passive and no neighbors will form on these interfaces. We need to disable passive interface on the link to R2 by using the “no passive-interface Fastethernet0/0” on R1 under OSPF.
Q7. Which two statements about IOS and IOS XE are true? (Choose two.)
A. IOS XE can upgrade and restart applications independently of IOS.
B. Only IOS uses the FFM to provide separation between the control plane and the data plane.
C. IOS XE provides improved functionality and an enhanced UI.
D. Only IOS runs as a single daemon within the Linux OS.
E. IOS XE provides additional system functions that run as multiple separate processes in the OS.
Answer: A,E
Q8. Which two statements about the default behavior of IS-IS are true? (Choose two.)
A. The default IS-IS router type is L1/L2.
B. The default IS-IS metric type is wide.
C. The default IS-IS interface circuit type is L1/L2.
D. By default, two IS-IS routers must use the same hello interval and hold timer in order to become neighbors.
Answer: A,C
Q9. Refer to the exhibit.
Which statement describes what the authoritative flag indicates?
A. Authentication was used for the mapping.
B. R1 learned about the NHRP mapping from a registration request.
C. Duplicate mapping in the NHRP cache is prevented.
D. The registration request had the same flag set.
Answer: B
Explanation:
Show NHRP: Examples
The following is sample output from the show ip nhrp command:
Router# show ip nhrp
10.0.0.2 255.255.255.255, tunnel 100 created 0:00:43 expire 1:59:16
TypE. dynamic Flags: authoritative
NBMA address: 10.1111.1111.1111.1111.1111.1111.1111.1111.1111.11
10.0.0.1 255.255.255.255, Tunnel0 created 0:10:03 expire 1:49:56
TypE. static Flags: authoritative
The fields in the sample display are as follows:
Flags:
authoritative—Indicates that the NHRP information was obtained from the Next Hop Server or router that maintains the NBMA-to-IP address mapping for a particular destination.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_4/ip_addr/configuration/guide/hadnhrp.html
Q10. Which two technologies are supported by EIGRP? (Choose two.)
A. clear-text authentication
B. MD5 authentication
C. stub routing
D. multiple areas
Answer: B,C
Explanation:
The IP Enhanced IGRP Route Authentication feature provides MD5 authentication of routing updates from the EIGRP routing protocol. The MD5 keyed digest in each EIGRP packet prevents the introduction of unauthorized or false routing messages from unapproved sources. The EIGRP stub routing feature improves network stability, reduces resource utilization, and simplifies the stub device configuration. Stub routing is commonly used in hub-and-spoke network topologies. In a hub-and-spoke network, one or more end (stub) networks are connected to a remote device (the spoke) that is connected to one or more distribution devices (the hub). The remote device is adjacent to one or more distribution devices. The only route for IP traffic to reach the remote device is through a distribution device.
References: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-s/ire-15-s-book/ire-rte-auth.html http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-s/ire-15-s-book/ire-eigrp-stub-rtg.html