Get Full Version of the Exam
In a PfR environment, which two statements best describe the difference between active mode monitoring and fast mode monitoring? (Choose two.)
Active mode monitoring can monitor and measure actual traffic via NetFlow data collection.
Fast mode monitoring can measure bursty traffic better than active mode.
Active mode monitoring uses IP SLA probes for the purpose of obtaining performance characteristics of the current WAN exit link.
Fast mode monitoring uses IP SLA probes via all valid exits continuously to quickly determine an alternate exit link.
Correct Answer: CD
PfR uses Cisco IOS IP Service Level Agreements (SLAs) to enable active monitoring. IP SLAs support is enabled by default. IP SLAs support allows PfR to be configured to send active probes to target IP addresses to measure the jitter and delay, determining if a prefix is out-of-policy and if the best exit is selected. The border router collects these performance statistics from the active probe and transmits this information to the master controller.
Fast Failover Monitoring
Fast failover monitoring enables passive and active monitoring and sets the active probes to continuously monitor all the exits (probe-all). Fast failover monitoring can be used with all types of active probes: Internet Control Message Protocol (ICMP) echo, jitter, TCP connection, and UDP echo.
Which two statements about static NAT are true? (Choose two.)
An outside local address maps to the same outside global IP address.
An inside local address maps to a different inside global IP address.
An outside local address maps to a different outside global IP address.
An inside local address maps to the same inside global IP address.
Correct Answer: AD
Example found at the reference link below:
Reference: http://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/4606- 8.html
Which option is the default number of routes over which EIGRP can load balance?
Correct Answer: B
By default, EIGRP load-shares over four equal-cost paths. For load sharing to happen, the routes to load-share over must show up in the IP forwarding table or with the show ip route command.
Only when a route shows up in the forwarding table with multiple paths to it will load sharing occur.
What is the destination MAC address of a BPDU frame?
C. FF-FF-FF-FF-FF-FF D. 01-80-C6-00-00-01
Correct Answer: A
The root-bridge election process begins by having every switch in the domain believe it is the root and claiming it throughout the network by means of Bridge Protocol Data Units (BPDU). BPDUs are Layer 2 frames multicast to a well-known MAC address in case of IEEE STP (01-80-C2-00- 00-00) or vendor-assigned addresses, in other cases.
Refer to the exhibit. If EIGRP is configured between two routers as shown in this output, which statement about their EIGRP relationship is true?
The routers will establish an EIGRP relationship successfully.
The routers are using different authentication key-strings.
The reliability metric is enabled.
The delay metric is disabled.
Correct Answer: C
The 5 K values used in EIGRP are: K1 = Bandwidth modifier
K2 = Load modifier K3 = Delay modifier
K4 = Reliability modifier
K5 = Additional Reliability modifier
However, by default, only K1 and K3 are used (bandwidth and delay). In this output we see that K1, K3, and K4 (Reliability) are all set.
Which three message type are used for prefix delegation in DHCPv6? (Choose three.)
Correct Answer: BCE
DHCPv6 Message Types
For a client to get an IPv6 address successfully from a DHCPv6 server, the Client-Server Conversation happens using the following messages.
Client-gt;Server Messages Server-gt;Client Messages
Solicit, Request, Confirm, Renew, Rebind, Release, Decline, Information-Request Advertise, Reply, Reconfigure
Lets look at each message types in detail : SOLICIT
This is the first step in DHCPv6, where a DHCPv6 client sends a Solicit message to locate DHCPv6 servers.
Upon receiving a Solicit Message from the client, the DHCPv6 server sends an Advertise message to indicate that it is available for DHCP service, in response to a Solicit message received from a client.
This message is sent by the DHCPv6 client.Client sends a Request message to request configuration parameters which includes IP addresses or delegated prefixes, from a specific server.
Confirm message is sent by the client to any available server in the network to confirm that the client is still on the same link or it has to be removed. This message also confirms the IPv6 addresses that are assigned to the link are still valid. This could happen in case when a client detects a change in link-layer connectivity or if the device is powered on and it is found that one or more leases are still valid. Note that only the prefix portion of the addresses are validated and not the actual leases.
A client sends a Renew message to the server when it wants to extend the lifetimes on the addresses and other configuration parameters assigned to the client and also to update other configuration parameters.
In case of No response from the DHCPv6 Server for the Renew message, the client sends a Rebind message to any available server to extend the lifetimes on the address and to update other configuration parameters.
A Reply message is sent by the DHCPv6 Server in response to a Solicit, Request, Renew, Rebind message received from a client. The reply message is sent by the server in response to a confirm message (either confirming or denying) that the addresses assigned to the client are appropriate.In short the server acknowledge receipt of a Release or Decline message by sending a REPLY message.
Release message as the name implies, is sent by the client to the server that has assigned the addresses, to indicate that the client will no longer use the assigned addresses(one or more). DECLINE
Client sends a Decline message to the DHCPv6 server to tell that the one or more addresses assigned by the server is already in use
The Reconfigure Message is sent by the DHCPv6 server to the client when the server has new or updated information of configuration parameters. It tells the client to initiate a information- request/reply message to the server so as to receive the updated information.
Information-Request message is sent by the client to the server to update the configuration parameters
Which three statements about GET VPN are true? (Choose three.)
It encrypts WAN traffic to increase data security and provide transport authentication.
It provides direct communication between sites, which reduces latency and jitter.
It can secure IP multicast, unicast, and broadcast group traffic.
It uses a centralized key server for membership control.
It enables the router to configure tunnels.
It maintains full-mesh connectivity for IP networks.
Correct Answer: ABD
Cisco GET VPN Features and Benefits Feature
Description and Benefit Key Services
Key Servers are responsible for ensuring that keys are granted to authenticated and authorized devices only. They maintain the freshness of the key material, pushing re-key messages as well as security policies on a regular basis. The chief characteristics include:
Key Servers can be located centrally, granting easy control over membership.
Key Servers are not in thequot;;line of firquot;; – encrypted application traffic flows directly between VPN end points without a bottleneck or an additional point of failure.
Supports both local and global policies, applicable to all members in a group – such asquot;;Permit any anyquot;, a policy to encrypt all traffic.
Supports IP Multicast to distribute and manage keys, for improved efficiency; Unicast is also supported where IP Multicast is not possible.
Scalability and Throughput
The full mesh nature of the solution allows devices to communicate directly with each other, without requiring transport through a central hub; this minimizes extra encrypts and decrypts at
the hub router; it also helps minimize latency and jitter.
Efficient handling of IP Multicast traffic by using the core network for replication can boost effective throughput further
Provides data security and transport authentication, helping to meet security compliance and internal regulation by encrypting all WAN traffic
Reference: http://www.cisco.com/c/en/us/products/collateral/security/group-encrypted-transport- vpn/product_data_sheet0900aecd80582067.html
When BGP route reflectors are used, which attribute ensures that a routing loop is not created?
Correct Answer: D
As the iBGP learned routes are reflected, routing information may loop. The route reflector model has the following mechanisms to avoid routing loops:
Originator ID is an optional, nontransitive BGP attribute. It is a 4-byte attributed created by a route reflector. The attribute carries the router ID of the originator of the route in the local autonomous system. Therefore, if a misconfiguration causes routing information to come back to the originator, the information is ignored.
Cluster-list is an optional, nontransitive BGP attribute. It is a sequence of cluster IDs that the route has passed. When a route reflector reflects a route from its clients to nonclient peers, and vice versa, it appends the local cluster ID to the cluster-list. If the cluster-list is empty, a new cluster-list is created. Using this attribute, a route reflector can identify if routing information is looped back to the same cluster due to misconfiguration. If the local cluster ID is found in the cluster-list, the advertisement is ignored.