Q1. What is the goal of Unicast Reverse Path Forwarding?
A. to verify the reachability of the destination address in forwarded packets
B. to help control network congestion
C. to verify the reachability of the destination address in multicast packets
D. to verify the reachability of the source address in forwarded packets
Answer: D
Explanation:
Network administrators can use Unicast Reverse Path Forwarding (Unicast RPF) to help limit the malicious traffic on an enterprise network. This security feature works by enabling a router to verify the reachability of the source address in packets being forwarded. This capability can limit the appearance of spoofed addresses on a network. If the source IP address is not valid, the packet is discarded.
Reference: http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html
Q2. Refer to the exhibit.
While troubleshooting high CPU utilization of a Cisco Catalyst 4500 Series Switch, you notice the error message that is shown in the exhibit in the log file.
What can be the cause of this issue, and how can it be prevented?
A. The hardware routing table is full. Redistribute from BGP into IGP.
B. The software routing table is full. Redistribute from BGP into IGP.
C. The hardware routing table is full. Reduce the number of routes in the routing table.
D. The software routing table is full. Reduce the number of routes in the routing table.
Answer: C
Explanation:
L3HWFORWADING-2
Error MessageC4K_L3HWFORWARDING-2-FWDCAMFULL:L3 routing table is full.
Switching to software forwarding.
The hardware routing table is full; forwarding takes place in the software instead. The switch performance might be degraded.
Recommended Action: Reduce the size of the routing table. Enter the ip cef command to return to hardware forwarding.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/31sg/system/message/message/emsg.html
Q3. DRAG DROP
Drag and drop each BGP attribute on the left to the matching description on the right.
Answer:
Q4. DRAG DROP
Drag and drop the RIP configuration command on the left to the function it performs on the right.
Answer:
Q5. Which three message types are used for prefix delegation in DHCPv6? (Choose three.)
A. DHCP Discover
B. Renew
C. Solicit
D. DHCP Offer
E. Advertise
F. DHCP Ack
Answer: B,C,E
Explanation:
DHCPv6 Message Types
For a client to get an IPv6 address successfully from a DHCPv6 server, the Client-Server Conversation happens using the following messages.
Client--->Server Messages
Server--->Client Messages
Solicit, Request, Confirm, Renew, Rebind, Release, Decline, Information-Request Advertise, Reply, Reconfigure
Lets look at each message types in detail:
SOLICIT
This is the first step in DHCPv6, where a DHCPv6 client sends a Solicit message to locate DHCPv6 servers.
ADVERTISE
Upon receiving a Solicit Message from the client, the DHCPv6 server sends an Advertise message to indicate that it is available for DHCP service, in response to a Solicit message received from a client.
REQUEST
This message is sent by the DHCPv6 client.Client sends a Request message to request configuration parameters which includes IP addresses or delegated prefixes, from a specific server.
CONFIRM
Confirm message is sent by the client to any available server in the network to confirm that the client is still on the same link or it has to be removed. This message also confirms the IPv6 addresses that are assigned to the link are still valid. This could happen in case when a client detects a change in link-layer connectivity or if the device is powered on and it is found that one or more leases are still valid. Note that only the prefix portion of the addresses are validated and not the actual leases.
RENEW
A client sends a Renew message to the server when it wants to extend the lifetimes on the addresses and other configuration parameters assigned to the client and also to update other configuration parameters.
REBIND
In case of No response from the DHCPv6 Server for the Renew message, the client sends a Rebind message to any available server to extend the lifetimes on the address and to update other configuration parameters.
REPLY
A Reply message is sent by the DHCPv6 Server in response to a Solicit, Request, Renew, Rebind message received from a client. The reply message is sent by the server in response to a confirm message (either confirming or denying) that the addresses assigned to the client are appropriate.In short the server acknowledge receipt of a Release or Decline message by sending a REPLY message.
RELEASE
Release message as the name implies, is sent by the client to the server that has assigned the addresses, to indicate that the client will no longer use the assigned addresses (one or more).
DECLINE
Client sends a Decline message to the DHCPv6 server to tell that the one or more addresses assigned by the server is already in use
RECONFIGURE
The Reconfigure Message is sent by the DHCPv6 server to the client when the server has new or updated information of configuration parameters. It tells the client to initiate a information-request/reply message to the server so as to receive the updated information.
INFORMATION-REQUEST
Information-Request message is sent by the client to the server to update the configuration parameters
Reference: https://supportforums.cisco.com/blog/153426/implementing-dhcpv6-introduction
Q6. Refer to the exhibit.
Which technology can be used on the switch to enable host A to receive multicast packets for 239.2.2.2 but prevent host B from receiving them?
A. IGMP filtering
B. MLD snooping
C. IGMP snooping
D. MLD filtering
Answer: C
Explanation:
IGMP snooping is the process of listening to Internet Group Management Protocol (IGMP) network traffic. The feature allows a network switch to listen in on the IGMP conversation between hosts and routers. By listening to these conversations the switch maintains a map of which links need which IP multicast streams. Multicasts may be filtered from the links which do not need them and thus controls which ports receive specific multicast traffic.
Q7. Which option is the Cisco recommended method to secure access to the console port?
A. Configure the activation-character command.
B. Configure a very short timeout (less than 100 milliseconds) for the port.
C. Set the privilege level to a value less than 15.
D. Configure an ACL.
Answer: A
Explanation:
The activation-character command defines a session activation character. Entering this character at a vacant terminal begins a terminal session. The default activation character is the Return key
To secure the console port, you should change this character to a different one as most people simply hit the enter key when trying to access the console.
Q8. Which two options describe two functions of a neighbor solicitation message? (Choose two.)
A. It requests the link-layer address of the target.
B. It provides its own link-layer address to the target.
C. It requests the site-local address of the target.
D. It provides its own site-local address to the target.
E. It requests the admin-local address of the target.
F. It provides its own admin-local address to the target.
Answer: A,B
Explanation:
Neighbor solicitation messages are sent on the local link when a node wants to determine the link-layer address of another node on the same local link (see the figure below). When a node wants to determine the link-layer address of another node, the source address in a neighbor solicitation message is the IPv6 address of the node sending the neighbor solicitation message. The destination address in the neighbor solicitation message is the solicited-node multicast address that corresponds to the IPv6 address of the destination node. The neighbor solicitation message also includes the link-layer address of the source node.
Figure 1. IPv6 Neighbor Discovery: Neighbor Solicitation Message
After receiving the neighbor solicitation message, the destination node replies by sending a neighbor advertisement message, which has a value of 136 in the Type field of the ICMP packet header, on the local link. The source address in the neighbor advertisement message is the IPv6 address of the node (more specifically, the IPv6 address of the node interface) sending the neighbor advertisement message. The destination address in the neighbor advertisement message is the IPv6 address of the node that sent the neighbor solicitation message. The data portion of the neighbor advertisement message includes the link-layer address of the node sending the neighbor advertisement message. After the source node receives the neighbor advertisement, the source node and destination node can communicate.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6_basic/configuration/xe-3s/ip6b-xe-3s-book/ip6-neighb-disc-xe.html
Q9. Refer to the exhibit.
You are bringing a new MPLS router online and have configured only what is shown to bring LDP up. Assume that the peer has been configured in a similar manner. You verify the LDP peer state and see that there are no neighbors. What will the output of show mpls ldp discovery show?
A. Interfaces:
Ethernet0/0 (ldp): xmit
B. Interfaces:
Ethernet0/0 (ldp): xmit/recv
LDP Id: 25.25.25.2:0; IP addr: 192.168.12.2
C. Interfaces:
Ethernet0/0 (ldp): xmit/recv
LDP Id: 192.168.12.2:0; no route
D. Interfaces:
Ethernet0/0 (ldp): xmit/recv
LDP Id: 25.25.25.2:0; no route
Answer: D
Q10. Refer to the exhibit.
Which two conditions can cause this error message to be displayed on the console? (Choose two.)
A. The EtherChannel is configured as desirable on both ends.
B. The port-channel on the adjacent device is misconfigured.
C. There is a speed and duplex mismatch on interface fa0/12.
D. The EtherChannel is configured as auto on one of the interfaces.
Answer: B,C