QUESTION 61
Which router translates the customer routing information into VPNv4 routes to exchange VPNv4 routes with other devices through MP-BGP?
A. P
B. CE
C. VPNV4 RR
D. PE
Correct Answer: D
QUESTION 62
A newly installed router starts establishing an LDP session from another MPLS router to which it is not directly connected. Which LDP message type responds by target router to the initiating router using UDP protocol?
A. extended discovery message
B. advertisement message
C. notification message
D. session message
Correct Answer: A
QUESTION 63
How does the swap operation perform in an MPLS core?
A. It goes hop-by-hop through the LSP with a new label at each P router.
B. It happens at the ingress LSR when the label stack is first imposed on the packet.
C. It switches the LSP used to forward traffic when a link fails.
D. It load balances traffic when multiple paths exist to the destination.
Correct Answer: A
QUESTION 64
Which control plane process allows the MPLS forwarding state to recover when a secondary RP takes over from a failed primary RP?
A. MP-BGP uses control plane services for label prefix bindings in the MPLS forwarding table.
B. FEC uses a control plane service to distribute information between primary and secondary processors.
C. LSP uses NSF to recover from disruption in control plane service.
D. LDP uses SSO to recover from disruption in control plane service.
Correct Answer: D
QUESTION 65
Which two features are required for MPLS forwarding on which types of routers? (Choose two.)
A. MPLS on PE and core routers
B. LDP on PE and CE routers
C. MPLS on CE and core routers
D. LDP on PE and core routers
E. CEF on PE and CE routers
Correct Answer: AD
QUESTION 66
Which Layer 3 VPN attribute installs customer routes in the VRF?
A. RT
B. MPLS label
C. RD
D. extended-community
Correct Answer: A
QUESTION 67
Which Layer 3 VPN attribute allows different customers to connect to the same MPLS network with overlapping IP ranges?
A. RD
B. VRF
C. MP-BGP
D. RT
Correct Answer: A
QUESTION 68
A network administrator opens a telnet connection to the router and gets the message:
R1#telnet 10.1.1.2
Trying 10.1.1.2 … Open
[Connection to 10.1.1.2 closed by foreign host]
Router R2 is configured with enable secret and password commands. Which action resolves the issue?
A. Configure the logging synchronous command on line vty.
B. Configure the exec command on line vty.
C. Configure the login local command on line vty.
D. Configure the enable password command on line vty.
Correct Answer: C
QUESTION 69
How many labels are present in an MPLS Layer 3 packet traversing through the network without traffic engineering?
A. 1
B. 2
C. 3
D. 4
Correct Answer: A
QUESTION 70
What is an advantage of MPLS Layer 3 VPN deployment?
A. Security is provided at the edge of the provider network through encryption.
B. Planning and modifications are required for the customer intranet before migrating to Layer 3 VPN.
C. Scalable VPNs are created using connection-oriented, point-to-point, or multipoint overlay connections.
D. QoS provides performance with policy and support for a best-efort service level in an MPLS VPN.
Correct Answer: C
QUESTION 71
A network administrator cannot connect to a device via SSH. The line vty configuration is as follows:
line vty 0 4
session-timeout 10
transport preferred ssh
transport input all
transport output telnet ssh
stopbits 1
Which action resolves this issue?
A. Increase the session timeout.
B. Change the stopbits to 10.
C. Initialize the SSH key.
D. Configure the transport input SSH.
Correct Answer: C
QUESTION 72
The network administrator configured R1 to authenticate Telnet connections based on Cisco ISE using TACACS+. ISE has been configured with an IP address of 192.168.1.5 and with a network device pointing toward R1 (192.168.1.1) with a shared secret password of Cisco123.
aaa new-model
!
tacacs server ISE1
address ipv4 192.168.1.5
key Cisco123
!
aaa group server tacacs+ TAC-SERV
server name ISE1
!
aaa authentication login telnet group TAC-SERV
The administrator cannot authenticate to R1 based on ISE. Which configuration fixes the issue?
A. ip tacacs-server host 192.168.1.5 key Cisco123
B. line vty 0 4
login authentication TAC-SERV
C. line vty 0 4
login authentication telnet
D. tacacs-server host 192.168.1.5 key Cisco123
Correct Answer: C
QUESTION 73
What is a characteristic of IPv6 RA Guard?
A. It is unable to protect tunneled traffic.
B. It filters rogue RA broadcasts from connected hosts.
C. It is supported on the egress direction of the switch.
D. RA messages are allowed from the host port to the switch.
Correct Answer: A
QUESTION 74
How is a preshared key “Test” for all the remote VPN routers configured in a DMVPN using GRE over IPsec set up?
A. authentication pre-share Test address 0.0.0.0 0.0.0.0
B. set pre-share Test address 0.0.0.0 0.0.0.0
C. crypto ipsec key Test address 0.0.0.0 0.0.0.0
D. crypto isakmp key Test address 0.0.0.0 0.0.0.0
Correct Answer: D
QUESTION 75
An engineer configured routing between multiple OSPF domains and introduced a routing loop that caused network instability. Which action resolves the problem?
A. Set a tag using the redistribute command toward a domain and deny inbound in the other domain by a matching tag.
B. Set a tag using the redistribute command toward a different domain and deny the matching tag when exiting from that domain.
C. Set a tag using the network command in a domain and use the route-map command to deny the matching tag when exiting toward a different domain.
D. Set a tag using the network command in a domain and use the route-map command to deny the matching tag when entering into a different domain.
Correct Answer: B
QUESTION 76
The IPv6 network is under attack by an unknown source that is neither in the binding table nor learned through neighbor discovery. Which feature helps prevent the attack?
A. IPv6 Snooping
B. IPv6 Router Advertisement Guard
C. IPv6 Prefix Guard
D. IPv6 Destination Guard
Correct Answer: A
QUESTION 77
Which failure detection mechanism is used for BFD?
A. variable rate
B. consistent rate
C. routing protocol failure
D. Layer 2 protocol failure
Correct Answer: B
QUESTION 78
The network administrator configured R1 to authenticate Telnet connections based on Cisco ISE using TACACS+. ISE has been configured with an IP address of 192.168.1.5 and with a network device pointing toward R1 (192.168.1.1) with a shared secret password of Cisco123.
aaa new-model
!
tacacs server ISE1
address ipv4 192.168.1.5
key Cisco123
!
aaa group server tacacs+ RAD-SERV
server name ISE1
!
aaa authentication login default group RAD-SERV
The administrator cannot authenticate to R1 based on ISE. Which configuration fixes the issue?
A. ip tacacs-server host 192.168.1.5 key Cisco123
B. line vty 0 4
login authentication RAD-SERV
C. line vty 0 4
login authentication default
D. tacacs-server host 192.168.1.5 key Cisco123
Correct Answer: C
QUESTION 79
A customer is running an mGRE DMVPN tunnel over WAN infrastructure between hub and spoke sites. The existing configuration allows NHRP to add spoke routers automatically to the multicast NHRP mappings. The customer is migrating the network from IPv4 to the IPv6 addressing scheme for those spokes’ routers that support IPv6 and can run DMVPN tunnel over the IPv6 network. Which configuration must be applied to support IPv4 and IPv6 DMVPN tunnels on spoke routers?
A. tunnel mode ipv6ip 6to4
B. tunnel mode ipv6ip 6rd
C. tunnel mode ipv6ip isatap
D. tunnel mode ipv6ip auto-tunnel
Correct Answer: C
QUESTION 80
How are CE advertised routes segmented from other CE routers on an MPLS PE router?
A. by enabling multiple instances of BGP, one for each CE router
B. by pushing MPLS labels advertised by LDP on customer routes
C. by assigning CE-facing interfaces to different VRFs
D. with a combination of VRF-Lite and MP-BGP
Correct Answer: C
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.