561. Which statement about routing protocols is true?
- A. Link-state routing protocols choose a path by the number of hops to the destination.
- B. OSPF is a link-state routing protocol.*
- C. Distance-vector routing protocols use the Shortest Path First algorithm.
- D. IS-IS is a distance-vector routing protocol.
562. Which dynamic routing protocol uses only the hop count to determine the best path to a destination?
- A. IGRP
- B. RIP*
- C. EIGRP
- D. OSPF
563. In which situation would the use of a static route be appropriate?
- A. To configure a route to the first Layer 3 device on the network segment.
- B. To configure a route from an ISP router into a corporate network.
- C. To configure a route when the administrative distance of the current routing protocol is too low.
- D. To reach a network is more than 15 hops away.
- E. To provide access to the Internet for enterprise hosts*
564. What are two drawbacks of implementing a link-state routing protocol? (Choose two)
- A. the sequencing and acknowledgment of link-state packets
- B. the high volume of link-state advertisements in a converged network
- C. the requirement for a hierarchical IP addressing scheme for optimal functionality*
- D. the high demand on router resources to run the link-state routing algorithm*
- E. the large size of the topology table listing all advertised routes in the converged network
565. Refer to the exhibit. Router edge-1 is unable to establish OSPF neighbor adjacency with router ISP-1. Which two configuration changes can you make on edge-1 to allow the two routers to establish adjacency? (Choose two)
- A. Set the subnet mask on edge-1 to 255 255.255.252.
- B. Reduce the MTU on edge-1 to 1514.
- C. Set the OSPF cost on edge-1 to 1522.
- D. Reduce the MTU on edge-1 to 1500.*
- E. Configure the ip ospf mtu-ignore command on the edge-1 Gi0/0 interface.*
+ Area ID
+ Hello and Dead Intervals
+ Stub Flag
+ MTU Size
Therefore we need to adjust the MTU size on one of the router so that they are the same. Or we can tell OSPF to ignore the MTU size check with the command “ip ospf mtu-ignore”.
566. Which EIGRP for IPv6 command can you enter to view the link-local addresses of the neighbors of a device?
- A. show ipv6 eigrp 20 interfaces
- B. show ipv6 route eigrp
- C. show ipv6 eigrp neighbors*
- D. show ip eigrp traffic
567. Which routing protocols are compatible with stubs? (Choose two)
- A. OSPF*
- B. EIGRP*
- C. EGP
- D. BGP
- E. IS-IS
- F. RIP
568. Which feature or utility enables a switch or router to monitor network performance and availability using a responder?
- A. NetFlow
- B. ping
- C. traceroute
- D. IP SLA*
569. Which command can you enter to display the hits counter for NAT traffic?
- A. show ip nat statistics*
- B. debug ip nat
- C. show ip debug nat
- D. clear ip nat statistics
570. Which NAT function can map multiple inside addresses to a single outside address?
- A. PAT*
- B. SFTP
- C. RARP
- D. ARP
- E. TFTP
571. Under which circumstance should a network administrator implement one-way NAT?
- A. when the network must route UDP traffic
- B. when traffic that originates outside the network must be routed to internal hosts *
- C. when traffic that originates inside the network must be routed to internal hosts
- D. when the network has few public IP addresses and many private IP addresses require outside access
572. Which three options are the HSRP states for a router? (Choose three)
- A. initialize
- B. learn*
- C. secondary
- D. listen*
- E. speak*
- F. primary
|Initial||This is the beginning state. It indicates HSRP is not running. It happens when the configuration changes or the interface is first turned on|
|Learn||The router has not determined the virtual IP address and has not yet seen an authenticated hello message from the active router. In this state, the router still waits to hear from the active router.|
|Listen||The router knows both IP and MAC address of the virtual router but it is not the active or standby router. For example, if there are 3 routers in HSRP group, the router which is not in active or standby state will remain in listen state.|
|Speak||The router sends periodic HSRP hellos and participates in the election of the active or standby router.|
|Standby||In this state, the router monitors hellos from the active router and it will take the active state when the current active router fails (no packets heard from active router)|
|Active||The router forwards packets that are sent to the HSRP group. The router also sends periodic hello messages|
Please notice that not all routers in a HSRP group go through all states above. In a HSRP group, only one router reaches active state and one router reaches standby state. Other routers will stop at listen state.
573. Which two statements about the “tunnel mode ipv6ip” command are true? (Choose two)
- A. It enables the transmission of IPv6 packets within the configured tunnel.*
- B. It specifies IPv4 as the encapsulation protocol.*
- C. It specifies IPv6 as the encapsulation protocol.
- D. It specifies IPv6 as the transport protocol.
- E. It specifies that the tunnel is a Teredo tunnel.
An example of configuring using this command is shown below:
R1(config)#int tunnel 1 R1(config-if)#ipv6 address 1cde:7ea:348:1::3/127 R1(config-if)#tunnel source 10.1.1.1 R1(config-if)#tunnel destination 10.1.1.2 R1(config-if)#tunnel mode ipv6ip
574. In which three ways is an IPv6 header simpler than an IPv4 header? (Choose three)
- A. Unlike IPv4 headers, IPv6 headers have a fixed length.*
- B. IPv6 uses an extension header instead of the IPv4 Fragmentation field.*
- C. IPv6 headers eliminate the IPv4 Checksum field.*
- D. IPv6 headers use the Fragment Offset field in place of the IPv4 Fragmentation field.
- E. IPv6 headers use a smaller Option field size than IPv4 headers.
- F. IPv6 headers use a 4-bit TTL field, and IPv4 headers use an 8-bit TTL field.
IPv6 eliminates the Header Checksum field, which handles error checking in IPv4. IPv6 depends on reliable transmission in the data link protocols and on error checking in upper-layer protocols instead -> Answer C is correct.
While IPv4 header’s total length comprises a minimum of 20 octets (8 bits per octet), IPv6 header has only 8 fields with a fixed length of 40 octets -> Answer A is correct.
|IPv4 header does not have a fixed length because of the Options fields. This field is used to convey additional information on the packet or on the way it should be processed. Routers, unless instructed otherwise, must process the Options in the IPv4 header. The processing of most header options pushes the packet into the slow path leading to a forwarding performance hit.|
IPv4 Options perform a very important role in the IP protocol operation therefore the capability had to be preserved in IPv6. However, the impact of IPv4 Options on performance was taken into consideration in the development of IPv6. The functionality of Options is removed from the main header and implemented through a set of additional headers called extension headers. The “Next Header” field in IPv6 can be used to point to the extension headers.
575. You enter the “show ipv6 route” command on an OSPF device and the device displays a route. Which conclusion can you draw about the environment?
- A. OSPF is distributing IPv6 routes to BGP.
- B. The router is designated as an ABR.
- C. The router is designated as totally stubby.
- D. OSPFv3 is in use.*
576. What is one requirement for interfaces to run IPv6?
- A. An IPv6 address must be configured on the interface.*
- B. An IPv4 address must be configured.
- C. Stateless autoconfiguration must be enabled after enabling IPv6 on the interface.
- D. IPv6 must be enabled with the ipv6 enable command in global configuration mode.
IPv6 must be enabled first but with the “ipv6 unicast-routing”, not “ipv6 enable” command -> D is not correct.
577. What is the correct command for floating static ipv6 route?
- A. ipv6 route 2001:DB8::/32 serial 2/0 201*
- B. ipv6 route 2001:DB8::/32 serial 2/0 1
- C. ?
- D. ?
578. Which command sets and automatically encrypts the privileged enable mode password?
- A. enable password cisco
- B. secret enable cisco
- C. password enable cisco
- D. enable secret cisco*
579. The enable secret command is used to secure access to which CLI mode?
- A. user EXEC mode
- B. global configuration mode
- C. privileged EXEC mode *
- D. auxiliary setup mode
580. Refer to the exhibit. What is the result of setting the no login command?
Router#config t Router(config)#line vty 0 4 Router(config-line)#password c1sc0 Router(config-line)#no login
- A. Telnet access is denied.
- B. Telnet access requires a new password at the first login.
- C. Telnet access requires a new password.
- D. no password is required for telnet access.*
581. Which protocol authenticates connected devices before allowing them to access the LAN?
- A. 802.1d
- B. 802.11
- C. 802.1w
- D. 802.1x*
582. What is the best way to verify that a host has a path to other hosts in different networks?
- A. Ping the loopback address.
- B. Ping the default gateway.
- C. Ping the local interface address.
- D. Ping the remote network.*
583. While you were troubleshooting a connection issue, a ping from one VLAN to another VLAN on the same switch failed. Which command verifies that IP routing is enabled on interfaces and the local VLANs are up?
- A. show ip interface brief*
- B. show ip nat statistics
- C. show ip statistics
- D. show ip route
The “show ip statistics” command does not exist.
In the Troubleshoot part of “How to configure InterVLAN Routing on Layer 3 switches” (http://www.cisco.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/41860-howto-L3-intervlanrouting.html) Cisco recommends to use the “show ip interface brief” command as follows:
Also verify the interface VLAN status by issuing the show ip interface brief command.
+ If the interface status is administratively down, enter the no shutdown command in the VLAN interface configuration mode.
+ If the interface status is down/down, verify the VTP configuration and that the VLANs have been added to the VLAN database. Check to see if a port is assigned to the VLAN and whether it is in the Spanning Tree forwarding state.
Initiate a ping from an end device in one VLAN to the interface VLAN on another VLAN in order to verify that the switch routes between VLANs. In this example, ping from VLAN 2 (10.1.2.1) to Interface VLAN 3 (10.1.3.1) or Interface VLAN 10 (10.1.10.1). If the ping fails, verify that IP routing is enabled and that the VLAN interfaces status is up with the show ip interface brief command.
Also in the above link Cisco only mentions about the “show ip route” in the “Verify” part, not “Troubleshooting” part so “show ip interface brief” is a better answer.
584. Which version of SNMP first allowed user-based access?
- A. SNMPv3 with RBAC
- B. SNMPv3*
- C. SNMPv1
- D. SNMPv2
585. What is the first step you perform to configure an SNMPv3 user?
- A. Configure server traps.
- B. Configure the server group.*
- C. Configure the server host.
- D. Configure the remote engine ID.
Router(config)# snmp-server group MyGroup v3 auth access snmp_ac
In this example, the SNMP server group MyGroup is configured to enable user authentication for members of the named access list snmp_acl.
586. Which command can you enter to configure the switch as an authoritative NTP server with a site id: 13999902?
- A. Switch(config)#ntp master 3 *
- B. Switch(config)#ntp peer 188.8.131.52
- C. Switch(config)#ntp server 184.108.40.206
- D. Switch(config)#ntp source 220.127.116.11
587. What are three broadband wireless technologies? (Choose three)
- A. WiMax*
- B. satellite Internet*
- C. municipal Wi-Fi*
- D. site-to-site VPN
- E. DSLAM
- F. CMTS
Satellite Internet provides Internet access via satellite. It is a form of wireless broadband technology. But it is usually slower than DSL and cable modem.
Municipal wireless network is a city-wide wireless network. This is usually done by providing municipal broadband via Wi-Fi to large parts or all of a municipal area by deploying a wireless mesh network. The typical deployment design uses hundreds of wireless access points deployed outdoors, often on poles.
DSLAM (Digital Subscriber Line Access Multiplexer) is a network device, usually at a telephone company central office, that receives signals from multiple customer Digital Subscriber Line (DSL) connections and puts the signals on a high-speed backbone line using multiplexing techniques. It is a cable technology, not a wireless technology.
Cable Modem Termination Systems (CMTS) is a piece of equipment, typically located in a cable company’s headend or hubsite, which is used to provide high speed data services, such as cable Internet or Voice over Internet Protocol, to cable subscribers. It is a cable technology, not a wireless technology.
588. What are three characteristics of satellite Internet connections? (Choose three)
- A. Their upload speed is about 10 percent of their download speed.*
- B. They are frequently used by rural users without access to other high-speed connections.*
- C. They are usually at least 10 times faster than analog modem connections.*
- D. They are usually faster than cable and DSL connections.
- E. They require a WiMax tower within 30 miles of the user location.
- F. They use radio waves to communicate with cellular phone towers.
In general, the speeds of popular types of Internet connections are like this: DSL/cable > satellite Internet > dial-up (analog modem).
Satellite Internet uses satellite for Internet connection -> E is not correct
Satellites use radio waves to communicate with the customer’s gateway, also known as a ground station (like a customer’s satellite dish), but not with cellular phone towers -> F is not correct.
For your information, satellite Internet uses high frequency signals, which range from 18.3 gigahertz to 31 gigahertz (Ka band).
Answer A C are two options left and they are acceptable answers. Although in practical they may vary a lot.
589. Which command can you enter to verify echo request and echo reply?
- A. ping*
- B. traceroute
- C. tracert
- D. telnet
+ The echo request gets to the destination, and
+ The destination is able to get an echo reply back to the source within a predetermined time called a timeout. The default value of this timeout is two seconds on Cisco routers.
590. What utility is used for shadowed rules?
- A. Create an action plan
- B. Implement an action plan*
- C. Gather facts
- D. ?
Shadowed Rule: These are rules that will never be executed because of improper access-list order. A shadowed rule occurs when a general rule precedes a specific one. For example, if the first rule that says “allow all outbound web traffic” and then a second rule (lie under the first rule) says “deny all outbound traffic to Google” the second rule will never be executed.
The following is a simple example of shadowed rules:
access-list acl permit ip 18.104.22.168 255.0.0.0 any
access-list acl permit ip 22.214.171.124 255.255.0.0 any
-> The second rule never matches.
591. What feature you should use to analyse and monitor your traffic for troubleshooting?
- A. RSPAN
- B. SPAN
- C. Netflow*
- D. SNMP
592. Which command can you use to test whether a switch supports secure connections and strong authentication?
- Router#ssh –v 1 –l admin 10.1.1.1
- Switch>ssh –v 1 –l admin 10.1.1.1
- Switch#ssh –l admin 10.1.1.1
- Router>ssh –v 2 –l admin10.1.1.1*
593. Which functionality does split horizon provide?
- It prevents switching loops in distance-vector protocols.
- It prevents switching loops in link-state protocols.
- It prevents routing loops in distance-vector protocols.*
- It prevents routing loops in link-state protocols.
594. How many host addresses are available on the network 192.168.1.0 subnet 255.255.255 240?
595. Which VTP mode prevents you from making changes to VLANs?
596. Which three statements about DTP are true? (Choose three.)
- It is a proprietary protocol.*
- It is a universal protocol.
- It is a Layer 2-based protocol.*
- It is enabled by default.*
- It is disabled by default.
- It is a Layer 3-based protocol.
597. Refer to the exhibit. You have determined that computer A cannot ping computer B. Which reason for the problem is most likely true?
- The computer B default gateway address is incorrect.
- The computer B subnet mask is incorrect.
- The computer A subnet mask is incorrect.
- The computer A default gateway address is incorrect.*
598. Refer to the exhibit. What is the metric for the route from R1 to 192.168.10.1?
599. Which command can you enter to troubleshoot the failure of address assignments?
- show ip dhcp database
- show ip dhcp pool*
- clear ip dhcp server statistics
- show ip dhcp import
600. Which two EtherChannel PAgP modes can you configure? (Choose two.)
601. Which six-byte field in a basic Ethernet frame must be an individual address?
602. Which command can you enter to re-enable Cisco Discovery Protocol on a local router after it has been disabled?
- Router(config-if)#cdp run
- Router(config-if)#cdp enable
- Router(config)#cdp run*
- Router(config)#cdp enable