400-101 V29.75

IT Certification Guaranteed, The Easy Way!
Exam : 400-101
Title : CCIE Routing and Switching

Written Exam v5.1
Vendor : Cisco
Version : V29.75
1
NO.1 A floating static route appears in the routing table of an interface even when the interface is
unusable.
Which action can you take to correct the problem?
A. Remove the permanent option from the static route.
B. Correct the administrative distance.
C. Configure the floating static route to point to another route
in the routing table.
D. Correct the DHCP-provided route on the DHCP server.
Answer: A
NO.2 Which technology does OSPFv3 use to authenticate packets

A. SHA256
B. 3DES
C. AES
D. IPsec
Answer: D
NO.3 You are implementing new addressing with EIGRP routing and must secondary address.
Which are from the routing tablE.Which action is the most efficient solution to the problem?
A. Disable split-horizon inside the EIGRP process on the router with the secondary addresses
B. Use a different routing protocol and redistribute the routes between EIGRP and the new protocol.
C. Disable split-horizon on the interface with secondary address.
D. Add additional router interface and move the secondary addresses to the new interface.
Answer: C
NO.4 Which three fields are part of a TCN BPDU? (Choose three.)
A. protocol ID
B. version
C. type
D. max-age
E. flags
F. message age
Answer: A,B,C
NO.5 Which three protocols are permitted by IEE802.1x port-based authentication before the client
is successfully authenticatedby the RADIUSserver?
A. BOOTP
B. CDP
C. EAPOL
D. TCP
E. STP
F. IP
Answer: B,C,E
2
NO.6 DRAG DROP

Drag and Drop
Answer:
NO.7 DRAG DROP

Drag and drop each multicast protocol from the left onto the matching description on the right.
Select and Place:
Answer:
3
NO.8 Which three security controls would you take into consideration when implementing IoT
capabilities? (Choose three)
A. Implementing Intrusion Detection Systems on IoT devices
B. Change passwords every 90 days
C. Privacy Impact Assessment
D. Define lifecycle controls for IoT devices
E. Layered Security Approach
F. Place security above functionality
Answer: C,D,E
NO.9 DRAG DROP

Drag and Drop to corresponding items
Answer:
4
NO.10 hosts------------------------R1-----------R2------------------R3------------Internet R1
int f0/0
ip add 192.168.12.1 255.255.255.0
router ospf1
nwtwork 192,168.0.0 0.0.255.255
R2
int f0/0
ip add 192.168.12.2 255.255.255.0
router ospf1
nwtwork 192,168.0.0 0.0.255.255
default-information originate
ip route 0.0.0.0 0.0.0.0 F0/1
Refer to the above. You notice that router R2 is experiencing high CPU usage. which action can you
take to correct the problem?
A. Configure the next-hop address for the R2 default route
B. Configure OSPF on the connection between R2 and the ISP
C. Configure R2 to advertise an area summary route between R2 and R1
D. Remove the default-information originate command from the R2 configuration
Answer: A
NO.11 which BGP feature allows a router to maintain its current BGP configuration while it
advertises a different AS number to new connections?
A. locall-AS
B. soft reset
C. allow-AS in
D. next-hop-self
Answer: A
NO.12 Exhibit:
5
Refer to the exhibit. If a console port is configured as shown, which response is displayed when you
connect to the console port?
A. the message "Authorized users only"
B. the username prompt
C. a blinking cursor.
D. three username name prompts followed by a timeout message.
E. the message "Connection refused."
Answer: C
NO.13 Refer to the exhibit.
Which two conclusions can you draw from this putput?(Choose two)
A. The packet was source-routed.
B. The device that produced the output uses the same interface to send and receive traffic to and
C. from the device at 10.9.132.254
D. The device at 192.168.5.119 is on the same subnet as the next hop for the device at
E. 10.9.132.254
F. The device that produced the output uses different interfaces to send and receive traffic to and
G. from the device at 10.9.132.254
H. The device at the 192.168.5.119 routing table has an ARP entry for the device at 10.9.132.254.
Answer: B,C
NO.14 Which two items must be defined to capture packet data with the embedded packet capture
feature? (Choose two)
A. the buffer memory size.
B. the capture file export location
C. the capture point
D. the capture filter
6
E. the capture buffer

Answer: A,E
NO.15 What is the main function of VRF-lite?

A. To segreagate multiple routing tables on a single device.
B. To connect different autonomous systems together to share routes.
C. To allow device to use lables to make layer 2 path decisions.
D. To route IPv6 traffic across an IPv4 backbone.
Answer: A
NO.16 Which two options about PIM-DM are true? (Choose two)
A. In a PIM-DM network, routers that have no upstream neighbors prune back unwanted traffic
B. PIM-DM initially floods multicast traffic throughout the network.
C. PIM-DM supports only shared trees.
D. PIM-DM uses a pull model to deliver multicast traffic.
E. PIM-DM cannot be used to build a shared distribution tree.
Answer: B,E
NO.17 What are two reasons for an OSPF neighbor relationship to be stuck in exstart/exchange
state? (Choose two.)
A. There is an area ID mismatch
B. There is an MTU mismatch
C. Both routers have the same router ID.
D. There is an authentication mismatch
E. Both routers have the same OSPF process ID
Answer: B,C
NO.18 Which two options are benefits of moving the application development workload to the
cloud?(Choose two.)
A. The application availability is not affected by the loss of a single virtual machine.
B. The workload can be moved or replicated easily.
C. it provides you full control over the software packages and vendor used.
D. :High availability and redundancy is handled by the hypervisor.
E. it provides a more secure environment.
Answer: A,B
NO.19 Which two statements about the client -identifier in a DHCP pool are true? (Choose two)
A. lt specifies a unique identifier that is used only for BOOTP requests.
B. lt specifies a unique identifier that is used only for DHCP requests.
C. lt requires that you specify the hardware protocol.
D. It is specified by appending 01 to the MAC address of a DHCP client.
E. lt specifies a hardware address for the client.
Answer: B,D
7
NO.20 Which IPv6 migration method relies on dynamic tunnels that uses the 2002::/16 reserved
address space?
A. 6RD
B. 6to4
C. ISATAP
D. GRE
Answer: B

Oct 1 13:08:10.635: OSPF-1 HELLO Fa0/0: Send hello to 224.0.0.5 area 0 from 172.16.1.1 Oct 1
13:08:11.095: OSPF-1 HELLO Fa0/0: Send hello to 172.16.1.2 area 0 from 172.16.1.1
Oct 1 13:08:11.098: OSPF-1 HELLO Fa0/0: Mismatched hello to 172.16.1.2 area 0 from 1 72.16.1.2
Oct 1 13:08:11.099: OSPF-1 HELLO Fa0/0: Send R 40 C 40, Hello R 10 C 10 Mask R 255.255.255.248 C
255.255.255.240
Oct 1 13:08:12.407: OSPF-1 ADJ Fa0/0: end of wait on interface
Oct 1 13:08:12.407: OSPF-1 ADJ Fa0/0: DR/BDR election
Oct 1 13:08:12.407: OSPF-1 ADJ Fa0/0: Elect BDR 172.16.1.1
Oct 1 13:08:12.411: OSPF-1 ADJ Fa0/0: Elect DR 172.16.1.1
Oct 1 13:08:12.411: OSPF-1 ADJ Fa0/0: Elect BDR 0.0.0.0
Oct 1 13:08:12.411: OSPF-1 ADJ Fa0/0: Elect DR 172.16.1.1
Oct 1 13:08:12.411: OSPF-1 ADJ Fa0/0: DR: 172.16.1.1 (1d) BDR: none
Oct 1 13:08:19.751: OSPF-1 HELLO Fa0/0: Send hello to 224.0.0.5 area 0 from 172.16.1.1 Oct 1
13:08:21.490: OSPF-1 HELLO Fa0/0: Send hello to 172.16.1.2 area 0 from
172.16.1.1
Oct 1 13:08:21.015: OSPF-1 HELLO Fa0/0: Mismatched hello to 172.16.1.2 area 0 from 172.16.1.2
After observing that an OSPF neighbor relationship failed to form, you executed a debug that
returned the given output. Which configuration issue prevented the OSPF neighbor relationship from
forming?
A. The stub flag is set on the neighboring device.
B. The devices are on different subnets.
C. The hello and hold timers are mismatched.
D. The area IDs are mismatched.
Answer: C
NO.22 router ospf 20

network 10.10.1.0 0.0.0.255 area 0
redistribute eigrp 10
Refer to the exhibit. What is the effect of the given configuration?
A. OSPF and EIGRP will perform mutual redistribution
B. Network 10.10.1.0/24 will be redistributed in EIGRP
C. The routing table will show a metric of 10 for routes redistributed from EIGRP
D. Unless the subnets keyword is added to the redistribute command, subnetted networks will be
excluded
from OSPF
8
Answer: D
NO.23 Which two statementsabout MSDP are true?(choose two)

A. It requires multicast receivers to be in the same domain
B. It uses loopback interfaces for anycast RPaddress
C. It requires multicast sources to be in the same domain
D. It uses 32-bit anycast RP address
E. All MSDP domains on a given network can share a common RP
F. It uses UDP to establish peering sessions
Answer: B,D
NO.24 Refer the exhibit.
What are two effects of the given network configuration? (Choose two)
A. The 192.168.12.0/24 network is added to the R3 database.
B. R1 and R2 fail to form an adjacency.
C. R2 and R3 fail to form an adjacency.
D. R2 advertises the 192.168.23.0/24 network.
E. R2 advertise the 198.168.23.0/24 network.
F. The 192.168.12.0/24 network to the R3 route table.
Answer: C,D
NO.25 Which three options must be configured when deploying OSPFv3 for authentication?
(Choose threE.
A. encryption algorithm
B. authentication key
C. IPsec transform-set
D. authentication method
E. encryption key
F. crypto map
G. IPsec peer
9
H. Security parameter index

Answer: B,D,H
NO.26 What is the main difference between GETVPN and traditional IPsec encryption techniques?
A. Only GETVPN uses three types ofencryption keys.
B. Only GETVPN uses group SA.
C. Only traditional IPsec uses ISAKMP forauthentication.
D. Only traditional IPsec uses PSKs.
Answer: B
NO.27 Which two statements about redistribution are true?((choose two)

A. When BGP traffic is redistributed into OSPF, Ebgp and iBGP routes are advertised
B. When EIGRP routes on a CE are redistributed through a PE into BGP, the Cost Community POI is
set
automatically
C. When BGP traffic is redistributed into OSPF, the metric is set to 1 unless the metric is defined
D. When OSPF traffic is redistributed into BGP , internal and external routes are redistributed
E. iBGP routes automatically redistribute into the IGP if the routes are in the routing table
F. When EIGRP traffic is redistributed into BGP, a default metric is required
Answer: B,C
NO.28 Which two statements about Embedded Packet Capture are true? (Choose two)
A. Multicast packets are captured only on ingress
B. It can capture Ipv4 packets only
C. Cisco Express Forwarding must be enabled
D. Captures must be decoded offline
E. Only a single capture point can be activated per interface
Answer: A,C
NO.29 Refer to exhibit.
Which AS paths are matched by this access list?

A. the directly attached AS 65596 and any
B. the origin AS 64496 only
C. the origin AS 64996 and any ASs after AS 64496
D. the directly attached AS 64496 and any ASs directly attached to AS 64496
Answer: D
NO.30 Which IGMP snooping feature tracks IGMPv3 hosts on a per-port basis?
A. IGMPv3 querier
B. IGMPv3 static-group
C. fast-leave
D. explicit tracking
10
E. membership report
Answer: A
NO.31 Refer to the exhibit. Which network script automation option or tool is used in the exhibit?
A. EEP
B. Python
C. Bash script
D. NETCONF
E. RESET
Answer: B
NO.32 For which two conditions is Cisco Express Forwarding recursion disables by default when the
BGP Prefix independent Convergence functionality is enabled? (Choose two)
A. next hops that are directly connected
B. next hops learned with any mask shorter than /32
C. next hops learned with a/32 mask
D. next hops learned with a/24 mask
Answer: A,C
NO.33 Which option is a core event publisher for EEM?

A. Policy Director
B. Applet
C. Script
D. Timer
Answer: D
NO.34 which two statements about IP SLAs are true? {Choose two)
A. They are used primarily in the distribution layer.
B. Data for the delay performance metric can be collected both one-way and round-trip
C. Statistics are collected and stored in the RIB
D. Data can be collected with a physical probe.
E. They are layer 2 transport independent.
Answer: B,E
NO.35 Which statement is true about conditional advertisements?

A. Conditional advertisements create routes when a predefined condition is met.
B. Conditional advertisements create routes when a predefined condition is not met.
C. Conditional advertisements delete routes when a predefined condition is met.
D. Conditional advertisements create routes and withhold them until a predefined condition is met.
E. Conditional advertisements do not create routes, they only withhold them until a predefined
condition is met.
11
Answer: E
NO.36 Which two statements about the OSPF two-way neighbor state are true? (Choose two)
A. It is valid only on NBMA networks.
B. Each neighbor receives its own router ID in a hello packet from the other neighbor.
C. Each neighbor receives an acknowledgement of its own hello packet from the other neighbor.
D. Each neighbor receives the router ID of the other neighbor in a hello packet from the other
neighbor
E. It is valid only on point-to-point networks.
F. Each neighbor receives a hello message from the other neighbor.
Answer: B,C
NO.37 What is a major difference between Unidirectional Link Detection (UDLD. and Bidirectional
Forwarding Detection (BFD.?
A. UDLD operates at Layer 3 and detects the failure of the Layer 3 connectivity between two routers.
BFD operates at Layer 3 and detects forwarding path failures over multiple Layer 2 hops between two
routers.
B. UDLD operates at Layer 2 and detects failure of physical links. BFD operates at Layer 3 and detects
failure of forwarding paths, which may transit multiple Layer2 hops, between two routers.
C. UDLD operates at Layer 2 and detects failure of physical links BFD operates at Layer 2 and detects
failure of a direct link between two routers or switches.
D. UDLD operates at Layer 3 and detects failure of physical links between adjacent routers.
BFD operates at Layer 3 and detects failure of a forwarding path, which may transit multiple Layer 2
hops , between two routers.
Answer: B
Which effect of this configuration is true?

A. Users can enter user EXEC mode without a user name using password cisco4
B. Users in user EXEC mode can enter privileged EXEC mode without a user name or password.
C. Users can enter privileged EXEC mode using user name ciscol and password cisco2
D. Users in user EXEC mode can enter privileged EXEC mode without a user name using password
12
Answer: C
NO.39 Which statement about the OSPF Loop-Free Alternate feature is true?
A. It is supported when traffic can be redirected to a primary neighbor
B. It is supported on routers that that are configured with virtual links
C. It is supported in VRF OSPF instances.
D. It is supported when a traffic engineering tunnel interface is protected
Answer: C
NO.40 Which feature forces a new Diffie-Hellman key exchange each time data is transmitted over a
IPsec tunnel?
A. PFS
B. rsa-encr authentication
C. rsa-sig authentication
D. 802.1x
E. CRACK authentication
Answer: A
NO.41 Which three statements are true about the spanning-tree loop guard feature? (Choose
three.. )
A. Loop guard affects UplinkFast operation.
B. Loop guard can be enabled on PortFast ports
C. Loop guard operation is not affected by the spanning-tree timers.
D. Loop guard must be enabled on point-to-point link only
E. Loop guard cannot be enabled on a switch that also has root guard enabled.
F. Loop guard can detect a unidirectional link in the same way as UDLD
Answer: C,D,E
NO.42 router bgp 65500

neighbor LocalSite ebgp-multihop 2
neighbor LocalSite update-source Loopback0
neighbor LocalSite next-hop-self
neighbor LocalSite route-map CheckCommunity in
neighbor LocalSite route-map CPodPeer out
route-map CPodPeer permit 10
match as-path 1
route-map CPodPeer permit 20
match as-path 33
route-map CPodPeer deny 30
ip as-path access-list 1 permit ^$
ip as-path access-list 33 permit _65006$
Refer to the exhibit. Considering a stable neighborship has been established with multiple eBGP
peers, which routers are advertised by the router?
A. Only BGP routes sourced on this router
13
B. Only BGP routes from AS 65006

C. BGP routes that passed through AS 65006 and BGP routes sourced on this router
D. All routes
Answer: C
Between which router is an LDP session established?

A. R1, R2 and R3
B. R1 and R3
C. R1 and R2
D. R2 and R3
Answer: C
NO.44 Which two statements about the host address 172 150 100 10/18 are true?(Choose two)
A. The network address is 172.150 0 0
B. The network address is 172.150.64.0
C. The network address is 172 150 100 0
D. The broadcast address is 172.150.127.255
E. The broadcast address is 172 150 255 255
F The broadcast address is 172.150.100 255
Answer: B,D
NO.45 DRAG DROP

Select and Place the best match.
14
Answer:
NO.46 Which two statements about the various types of DevOps tools are true?(Choose two.)
A. Chef and Puppet are much more attuned to the needs of system administrators.
B. Puppet and Chef are written in Python . Python skills are a must to operate these two.
C. Salt cannot communicate with clients through general SSH. it use minions client agents only.
D. Puppet requires the installation of a master (server) and agents (clients) architecture for
15
configuring systems.
E. Ansible does not require agent node installation and users SSH for performing all tasks.
Answer: D,E

Which two statements about the output are true?(Choose two)
A. BFD last failed 476ms ago on interface GigabitEthernet 0/3.

B. BGP on RT1 has negotiated the BFD capability with its peer.
C. BFD is active on interface GigabitEthernet0/3 and is using ICMP.
D. BFD is active on interface GigabitEthernet0/3 and is using UDP.
E. BFD is active for BGP on RT1
Answer: B,E
NO.48 R1#showip ospfinterface FastEthernet0/0.12

...Network Type
Non_BROADCAST...
...
R2#showip ospfinterface FastEthernet0/0.12
...Network Type
BROADCAST...
...
Refer to the exhibit. OSPF is configured on R1 and R2 as shown. which action can you take to allow a
neighbor relationship to be established.
A. On R1, change the process ID to 1
B. On R1, set the network type of the FastEthernet0/0.12 interface to broadcast
C. Configure R1 and R2 as neighbors using interface addresses
16
D. Configure R1 and R2 as neighbors using router IDs

Answer: B
NO.49 In an MPLS-VPN environment, what is the effect of configuring an identical set of route
targets for a particular VRF but then configuring nonidentical RD across multiple PE devices?
A. The routes are rejected by remote PE because they have a different RD than its routes.
B. The routes propagate to the remote PE, but the PE never installs them in its forwarding table.
C. The routes are correctly managed by the control plane, but there are instances where routes take
up twice as much memory.
D. The routes are not sent to any remote PE with a different RD.
Answer: C
NO.50 what is the source MAC address of a BPDU frame that is sent out of a port ?
A. the lowest MAC address on the switch
B. the higest MAC address on the switch
C. the MAC address of the individual port that is sending the BPDU
D. the same as the MAC address in the brigdge ID
Answer: C
NO.51 Which two statements about VTPv3 are true?(Choose two)

A. VTPv3 accepts configuration information only from VTPv2 devices.
B. VTPv3 must receive VTPv2 packets before it can send VTPv2 packets.
C. VTPv3 sends VTPv2 packets when they are detected on a trunk port.
D. VTPv3 regions can communicate in server mode only over a VTPv2 region.
E. Extended VLANs prevent VTPv3 switches from becoming VTPv2
Answer: B,E
Which statement is true?

A. The output shows an IPv6 multicast address with link-local scope.
B. The output shows an IPv6 multicast address that is used for unique local sources only.
C. The output shows an IPv6 multicast address that can be used for BIDIR-PIM only.
17
D. The output shows an IPv6 multicast address with embedded RP.

Answer: D
NO.53 What is the correct binary equivalent of DSCP value AF41?

A. 101001
B. 100001
C. 100010
D. 001010
Answer: C
NO.54 Refer to the Exhibit.
Which technology can allow Site A and Site B to run OSPF between sites ?
A. Point-to point circuit.
B. BGP
C. GRE Tunnel
D. Cisco MPLS TE
Answer: C
Which two statements about the 192.168.23.0/24 prefix are true?(Choose two.)
A. Router 192.168.45.4 cannot act as a feasible successor.
B. Router 192.168.35.3 is the only successor.
C. Only router 192.168.45.4 is a feasible successor.
D. Routers 192.168.35.3 and 192.168.45.4 are successors.
E. Routers 192.168.35.3 and 192.168.45.4 are feasible successors.
F. Only router 192.168.35.3 is a feasible successor.
Answer: A,B
18
NO.56 Which two factors contribute to traffic starvation when TCP and UDP flows are included in a
single traffic class? (Choose two)
A. TCP flows continually lower their transmission rates when congestion occurs in a link.
B. UDP flows continually reduce the window size when congestion occurs on a link.
C. TCP flows maintain a consistent transmission rate when congestion occurs on a link.
D. TCP flows continually reduce the window size when congestion occurs on a link.
E. UDP flows maintain a consistent transmission rate when congestion occurs on a link
F. UDP flows continually lower their transmission rates when congestion is detected.
Answer: A,E
NO.57 Which two methods do IPsec VTIs use to identify and transmit encrypted traffic through the
tunnel? (choose two)
A. static routing
B. object groups
C. ACLs
D. NAT
E. dynamic routing
Answer: A,E
NO.58 Which two statements about TCP MSS are true? (Choose two.)
A. The two endpoints in a TCP connection report their MSS values to one another.
B. H operates at layer 3.
C. MSS values are sent in TCP SYN packets
D. It sets the maximum amount of data that a host sends in an individual datagram
E. It sets the minimum amount of data that a host accepts in an individual datagram
Answer: A,C
NO.59 Which two statements about BIDIR-PIM are true? (Choose two)
A. It uses implicit join messages to signal membership.
B. It is designed to support one-to-many applications within a PIM domain.
C. It uses (*,G) multicast routing entries to make forwarding decisions.
D. It uses a designated forwarder to maintain a loop-free SPT.
E. Traffic can be passed downstream from the shared tree toward the RP.
Answer: C,E
NO.60 DRAG DROP
Answer:
19
NO.61 Which two statements about BGP confederation architecture are true?Choose two
A. The intraconfederation EBGP default TTL value between sub-ASes is 255.
B. The intraconfederation EBGP default TTL value between sub-ASes is 1.
C. The ASN of a confederation is exclueded from the AS_PATH path length calculation.
D. The AS_SET and AS_SEQ components help prevent loops inside a sub-AS.
E. IBGP sessions inside a sub-AS have a default TTL of 1.
Answer: B,C
NO.62 Which set of commands conditionally advertises 172.16.0.0/24 as long as 10.10.10.10/32 is in

the routing table?
A.
B.
C.
D.
E. Option A
F. Option B
G. Option C
H. Option D
Answer: B
Explanation:
Advertise maps are used for conditional routing to advertise specified prefixes if something which is
specified in exist map exists. In our question we need to advertise 172.16.0.0/24 if
10.10.10.10/32 exists in the routing table so we have to use commanD. "neighbor x.x.x.x advertise-
map <prefix-list of 172.16.0.0/24> exist-map <prefix-list of 10.10.10.10/32>".
Therefore B is correct.
NO.63 Which command address learning on the configures port security on a switch to enable
permanent MAC interface?
A. switchport port-security mac-address-learning enable
B. switchport port-security mac-address timer 0
C. switchport port-security mac-address sticky
D. switchport port-security mac-address maximum 1 sticky
E. switchport port-security mac-address permanent
Answer: C
NO.64 In a typical three-node OpenStack deployment, which two components are part of the
controller note ? (Choose two)
A. Neutron server plugin
B. Neutron DHCP agent
20
C. Neutron layer 2 agent

D. Identify Service
E. Neutron Layer 3 agent
Answer: A,D
NO.65 On which three options can Cisco PfR base its traffic routing?(Choose threE.
A. Time of day
B. Network performance
C. Router IOS version
D. User-defined link capacity thresholds.
E. An access list with permit or deny statements.
F. Load-balancing requirements.
Answer: B,D,F
NO.66 Which tunneling method can transmit IPv6 traffic over an MPLS infrastructure?
A. 6RD
B. ISATAP
C. 6to4
D. 6PE
Answer: D
NO.67 You are implementing new addressing with EIGRP routing and must use secondary addresses
which are missing from the routing table. Which action is the most efficient soJution to the problem?
A. Disable split-horizon on the interfaces with secondary addresses. /
B. Dlsable split-horizon inside the' EIGRp procBss on the router with the secondary
interfaceaddresses
C. Add additional roulter interfaces and move the secondary addresses to the new interfaces
D. Use a different routing protocol and redistribute the routes between EIGRP and the new protocol
Answer: A
NO.68 Which BGP attribute is used to influence inbound traffic?

A. Multi-exit discriminator
B. Local preference
C. Origin
D. Weight
Answer: A
NO.69 Which two statements about SNMP are true? (Choose two)
A. SNMPvl and SNMPv2c use encrypted community strings.
B. SNMPv3 uses encrypted community strings.
C. SNMPv3 provides privacy and access control.
D. All SNMP versions use get, getNext, and getBulk operatinos.
E. All SNMP versions support bulk retrieval and detailed error messages.
21
Answer: C,D
What fee of ISIS is configured on R1?

A. VRF-aware ISIS
B. multi-process IS-I
C. single-topology I SIS
D. IS-I S version 2
Answer: D
22
Which additional configuration statement is required on R3 in order to allow multicast traffic sourced
from 192.168.13.3 to flow along the shared-tree?
A. ip route 192.168.14.0 255.255.255.0 Tunnel 0
B. ip route 10.4.4.4 255.255255.255 Tunnel 0
C. ip mroute 10.4.4.4 255.255.255.255 Tunnel 0
D. ip mroute 192.168.14.0 255.255.255.0 Tunnel 0
Answer: C
NO.72 Which two statements about asymmetric routing are true? (Choose two)
A. It can cause packet loss over stateful ICMP and UDP connections
B. It can cause packet loss when a stateful firewall is in use.
C. It can cause TCP connections to close.
D. It can cause packet loss when NAT is in use.
E. It is uncommon in large networks.
Answer: B,D
23
Which three statements about the R1 configuration are true? (Choose threE.
A. The virtual circuit identifier is 4006 and the virtual circuit is down.
B. This circuit is using MPLS VC type 4.
C. The local label for the circuit is 1611.
D. The virtual circuit identifier is 1611 and the virtual circuit is down.
E. The targeted LDP session to the remote peer is up.
F. The local label for the circuit is 4006.
Answer: D,E,F
NO.74 DRAG DROP

Drag and drop each step in the uRPF packet-forwarding process from the left into of operations on
the right. Select and Place:
24
Answer:
NO.75 Which two items must be confined to caputure packet data with the Embedded Packet
Caputure feature ? (Choose two)
A. the capture point
B. the capture buffer
C. the coputure file export location
D. the caputure filter
E. the capture rate
F. the buffer memory size
Answer: A,B
NO.76 Which enhancement does IGMP version 3 offer over IGMP version 2?
A. support for Source Specific Multicast
B. a mechanism to decrease leave latency
C. authentication of multicast streams
D. backward compatibility with IGMP version 1
Answer: A
NO.77 Which two statements about Cisco IOS XE are true? (Choose two)
A. It is deployed in a Linux-based environment
B. Separate images are required for platform-dependent code
C. It uses a service blade outside Cisco IOS XE to integrate and run applications
D. The FED feature provides separation between the control plane and the data plane
E. Its functions run as multiple separate processes in the OS
Answer: A,E
NO.78 Which technology can be used to prevent flooding of ipv6 multicast traffic on a switch?
A. MLD filtering
B. IGMP snooping
25
C. MLD snooping
D. IGMP filtering
Answer: C
NO.79 DRAG DROP

Select and Place:
Answer:
26
How can you configure this network this network so that customers can transparently extend their
networks through the provider?
A. Configure eBGP peering among the CE routers.
B. Configure OSPF peering between the CE and PE routers.
C. Configure eBGP peering between the CE and PE routers.
D. Configure OTP on the CE routers.
Answer: D
NO.81 Which three statements are functions that are performed by IKE phase 1? (Choose three)
A. It builds a secure tunnel to negotiate IKE phase 1 parameters
B. It establishes IPSec security associations
C. It authenticates the identity of the IPsec peers
D. It protects the IKE exchange by negotiating a matching IKE SA policy
E. It protects the identity of IP sec peers
F. It negotiates IPsec SA parameters
Answer: C,D,E
NO.82 Which three message type are used for prefix delegation in DHCPv6?(Choose threE.
A. Solicit
B. Renew
C. Advertise
D. DHCP Discover
E. DHCPAck
F. DHCP Offer
Answer: A,B,C
NO.83 With which protocol is CoAP designed to be used?

A. TCP
B. SNMP
C. UDP
D. XMPP
Answer: C
NO.84 Which two options are the two main phases of PPPoE? (Choose two.)
A. Active Discovery Phase
27
B. IKE Phase
C. Main Mode Phase
D. PPP Session Phase
E. Aggressive Mode Phase
F. Negotiation Phase
Answer: A,D
NO.85 What are two of the commands that you can enter to gracefully shut down OSPF and notify
neighbors?(Choose two)
A. router(config-router)#shutdown
B. router(config-router)#graceful shutdown
C. router(config)#ip notify
D. router(config-if)#ip ospf shutdown
E. router(config-if)#ip ospf graceful shutdown
Answer: A,D
NO.86 which three statements about automatic 6to4 tunneling are true?(choose threE.
A. It allows an IPV6 domain to be connected over an IPV4 network
B. 6to4 tunnels are configured only in a point-point configuration
C. It allows an IPV4 domain to be connected over an IPV6 network
D. The IPV4 address embedded into the IPV6 address is used to find other of the tunnel
E. The MAC address embedded into the IPV6 address is used to find the other end of the tunnel
F. 6to4 tunnels are configured in a point-to-mulitipoint configuration
Answer: A,D,F
28
Which statement about the effect of this configuration is true ?

A. The 192.168.2.1/24 network is summarized and advertised as 192.168.2.0/24
B. The 192.168.2.1/32 network appears in the route table on R1 ,but it is missing from its OSPF
database.
C. The 192.168.2.1/32 network is missing from the OSPF database and the route table on R1.
D. The 192.168.2.1/32 network appears in the Rl OSPF database , but it is missing from its route
table.
Answer: D
NO.88 Which feature can you implement to reduce global synchronization?

A. marking
B. NBAR
C. WRED
D. policing
Answer: C
NO.89 DRAG DROP
Answer:
NO.90 what terminal line command can you enter to prevent a router from attempting a Telnet
connection in response to an incorrect host name entry at the EXEC prompt?
A. Transport preferred none
B. Transport output none
C. Logging synchronous
D. Transport input none
E. No ip domain-lookup
Answer: A
29
Which two statements about the given NetFlow configuration are

true?(Choose two)
A. It supports both IPv4 and IPv6 flows.
B. It uses the default port to send flows to the exporter.
C. It supports only IPv6 flows.
D. It supports only IPv4 flows.
E. It supports a maximum of 2048 entres.
Answer: B,D
NO.92 ...
event manager applet OSPF
event syslog parttern "%OSPF-S-ADJCHG: Process 1 , Nbr 10.0.0.2 on GigabitEthernet0/1 from FULL t
o
DOWN,..." ...
Refer to exhibit. which two statementsabout the network environment must be true?(choose two)
A. If the administrator enters the show ip ospf neighbor gigabitEthernet0/1 command, the output is
blank
B. The applet runs only after OSPF neighbors are verified
C. An OSPF neighbor relationship is established when the interface recovers
D. A BGP neighbor relationship is established over GigabitEthernet0/1
E. The applet runs befor any commands are executed
Answer: A,B
The ISIS router type settings on all routers are left at the default value. Which two statements
correctly describe the ISIS adjacencies that will form? (Choose two.)
A. The R1 to R2 adjacency will be L2 only
B. The R1 to R3 adjacency will be L1 and L2
30
C. The R1 to R2 adjacency will be L1 and L2

D. The R2 to R3 adjacency will be L1 and L2
E. The R2 to R3 adjacency will be L1 only
Answer: A,D
NO.94 Which option is an incorrect design consideration when deploying OSPF areas?
A. area 0 - area 2-MPLS VPN superbackbone - area 1
B. area 2 - area 0 MPLS VPN backbone - area 1
C. area 1 - MPLS VPN backbone - area 2
D. area I - area 0 - MPLS VPN backbone - area 0 - area 2
E. area 1-MPLS VPN backbone-area 1
Answer: A
NO.95 Which two options are reasons to manipulate the delay metric instead of the bandwidth
metric for EIGRP routing ? (Choose two)
A. because manipulating the bandwidth metric can also affect QoS.
B. because changes to the delay metric are propagated to all neighbors on a segment.
C. because the delay metric provides better handling for busty traffic.
D. because manipulating the bandwidth affects only a particular path.
Answer: A,B
NO.96 Which statement about Auto-RP is true ?

A. All interface s must be configured in sparse modE.
B. All interfaces must be configured in sparse-dense mode.
C. All interfaces must be configured in dense modE.
D. An RP that it tied to a loopback address must be configured.
Answer: B
NO.97 Exhibit:
31
Refer to the exhibit. What is the DSCP value that egresses SW2 toward R2?
A. 0
B. 2
C. 8
D. 10
E. 16
Answer: A
NO.98 How does an IPv6 host automatically generate a global address?

A. It prepends its interface identifier to the network prefixs contained in Router Advertisement
messages
B. It appends its interface identifier to the network prefixs contained in Router Advertisement
messages
C. It appends its interface identifier to the network prefixs contained in Router Solicitation messag s
D. It prepends its interface identifier to the network prefixs contained in Router Solicitation message
s
Answer: B
NO.99 Which two statement about BPDU guard are true ?

A. BPDU guard can be used to prevent an invalid BPDU from propagating through the network.
B. BPDU guard can be used to prevent an access port from participating in the spanning tree in the
service provider environment.
C. The global configuration command spanning-tree portfast bpduguard default shuts down interface
that are in the PortFast-operational state when a BPDU is received on that port.
32
D. BPDU guard can be used to protect the root port.

E. The interface configuration command spanning-tree portfast bpduguard enable shuts down only
interface with PortFast enabled when a BPDU is received.
Answer: B,C
NO.100 DRAG DROP
Answer:
You are configuring Router1 and Router2 for L2TPv3 tunneling. Which two additional configurations
are required to enable Router1 and Router2 to establish the tunnel?(choose two)
33
A. Router1 must be configured to encapsulate traffic by using L2TPv3 under thepseudowire-class

R1toR2.
B. An IP address must be configured on interface FastEthernet1/0 on Router1.
C. Loopback 0 on Router1 must be advertised to Router2.
D. Cisco Express Fowarding must be disabled on Router1.
E. Cisco Discovery Protocol must be enabled on interface FastEthernet1/0 on Router1.
Answer: A,C
NO.102 Which two options are requirements for AToM support? (Choose two)
A. Cisco Express Forwarding must be disabled
B. MPLS must be configured with an LSP in SP core
C. MPLS must be enabled between the PE and CE routers
D. The PE routers must be able to communicate with each other over IP
E. IP routing must be configured between the PE and CE routers
Answer: B,D
NO.103 DRAG DROP

Drag and drop each IP traffic plane-packet type from left onto its description on the right Select and
Place:
Answer:
34
NO.104 Which keychain cryptographic algorithm is supported by the IS-IS routing protocol?
A. MD5
B. HMAC-SHA1-12
C. HMAC-SHA1-20
D. HMAC-MD5
Answer: D
NO.105 Which statement describes the operation of the Generalized TTL Security Mechanism
(GTSM), used by routing protocols to prevent some types of attack?
A. An MD5 hash of the received TTL, source IP, destination IP, protocol , and shared key must match
B. The TTL in a received packet must be a low value (typically 1-2)
C. The TTL in a received packet must be a high value (typically 254-255)
D. Both end systems compute an MD5 hash based on the TTL and a shared secret. If the received and
local value differ, the packet is dropped
Answer: C
NO.106 You are performing a system diagnostics on a CSU in local loop mode and notice that the
mineseen counter has failed to increment. Which type of problem does this behavior indicate?
A. a cabling problem
B. an encoding problem
C. a framing problem
D. a timing problem
Answer: D
NO.107
35
Refer to the exhibit.The router sets local-preference to which option when it receives a BGP route
with a community string 1000:130 from a neighbor in the LocalSite peer-group?
A. 80
B. 130
C. no setting
D. 110
E. the default value
Answer: E
NO.108 Which feature monitors network events and takes automated action based on scripts
configured by the administrator?
A. NetFlow
B. Performance Monitoring
C. EPC
D. EEM
Answer: D
NO.109 Which three statements are true about PPP CHAP authentication? (Choose three.)
A. PPP encapsulation must be enabled globally.
B. The LCP phase must be complete and in closed state.
C. The hostname used by a router for CHAP authentication cannot be changed.
D. PPP encapsulation must be enabled on the interface.
E. The LCP phase must be complete and in open state.
F. By default, the router uses its hostname to identify itself to the peer.
36
Answer: D,E,F
NO.110 Which two statements about the passive-interface command issued under EIGRP are true?
(Choose two)
A. It configures the interface to use unicast messages to establish EIGRP neighbor relationships
B. It disables processing of incoming hello messages
C. It allows incoming routing updates to be received but disables outing routing updates
D. If it is enabled globally under EIGRP on the device, it can be disabled for individual interfaces to
allow those interfaces to remain active
E. It configures the device to advertise only connected interfaces to neighbors with EIGRP
Answer: B,D
NO.111 Refer to eh exhibit.
You organization has two offices, Site 1 and Site 2, which are connected by a provider backbone, as
shown where must you configure an attachment circuit to allow the two sites to connect over a Layer
2 network using L2TPv3?
A. PE Site 1 Se0/0 and PE Site 2 Se0/0
B. PE Site 1 Fe1/0 and PE Site 2 Fe0/0
C. PE Site 1 Fe0/0 and PE Site 2 Se0/0
D. PE Site 1 Fe0/0 and PE Site 2 Fe0/0
Answer: B
NO.112 Which two statements about NBAR classification are true?(choose two)
A. It requires CEF to be enable on the router
B. It is recommended for capacity planning
C. It can classify IP packets
D. It cannot distinguish UDP flows
E. It can classify MPLS packets
Answer: A,D
37
Which statement describes how a router with this configuration treats packets if the devices at
172.16.12.5 and 192.168.3.2 are unreachable ?
A. It routes the packet using the default routing table.
B. It routers the packet into a loop and drops it when the TTL reaches zero.
C. It drop the packet immediately.
D. It sends an ICMP source quench message.
Answer: A
Switch A is connected to two MST domains for the first time. The error is observed on Switch A
%SPANTREE-2-PVSTIM_FAIL: Blocking designated port Fa0/1: Inconsistent superior PVST BPDU
received onVLAN 10
How can this error be resolved?
A. Map VLAN 10 to instance 0 in all MST regions.
B. Remove the 1ST root form MST Region 2
C. Configure PVST+ to allow MST Region 1 to be root for VLAN 10
D. Map VLAN 10 into an appropriate instance on switch A
Answer: C
NO.115 For which reason car two OSPF neighbor routers on the same LAN segment be stuck in the
two-way state?
A. The two routers have different MTUs on the interface.
B. The two routers are configured with different priorities.
C. The interface priority is set to zero on both routers.
D. Both routers have the same OSPF router ID. Correct
Answer: C
NO.116 What command can you enter to configure NBAR to recognize VNC traffic?
A. Ipnbar custom-map VNC tcp-udp 5900 5901
B. Ipnbar application-map VNC udp 5900 5901
C. Ipnbar port-to-application seq 5 VNC tcp 5900 5901
38
D. Ipnbar port-map VNC hex 0xAA 0x1B

E. Ipnbar port-map VNC tcp 5900 5901
Answer: E
NO.117 Which statement about MSS is true?

A. It is negotiated between sender and receiver.
B. It is sent in all TCP packets.
C. It is 20 bytes lower than MTU by default.
D. It is sent in SYN packets.
E. It is 28 bytes lower than MTU by default.
Answer: D
When you apply these configurations to R1 and R2. which two effects occur? (Choose two)
A. The 172.16.1.1 network is reachable via OSPF on R1
B. RI authenticates using the username Cisco
C. R1 and R2 successfully authenticates using CHAP
D. Authentication between R1 and R2 fails.
E. R1 and R2 authentications using PAP
Answer: B,D
NO.119 which two configurations must you perform on a router so that you can use SCP to send
configuration files to an external server?(choose two)
A. Configure the crypto key encrypt rsa command
B. Configure the ip scp server enable command
C. Configure the login local command under the VTY lines
D. Define a domain-name
E. Configure the ip ssh version 2 command
Answer: A,C
NO.120 DRAG DROP

Drag and Drop
39
Answer:
With BGP always-compare-med enabled, which BGP entry is installed in the RIB?
A. Entry 1 because it was installed first (oldest) in the BGP table.
B. Entry 1 because it has the best MED of the external routes.
C. Entry 2 because it has the lowest router ID.
D. Entry 3 because it has the lowest MED.
Answer: D
NO.122 1 Which two statement sabout marking fields are true?(Choose two)
40
A. The IP Precedence field is in the IP header and is 4 bits long

B. The Tos 6 bits are in the IP header
C. The 3 priority bits are in 802.1Q/P
D. The IP DSCP field is in the IP header and is 6 bits long
E. The Frame Relay DE field is in the IP header and is 1 bit long
Answer: C,D
NO.123
Refer to the exhibit .Which two statements about the output are true?(Choose two)
A. BFD on RT1 has negotiated the BFD capability with its pe r
B. BFD is active on interface GigabitEthernet0/3 and is using ICMP
C. BFD is active on interface GigabitEthernet0/3 and is using UDP
D. BFD last failed 476 ms ago on interface GigabitEthernet0/3 /
E. BFD is active for BGP on RT1
Answer: D,E
NO.124 Which ISAKMP feature can protect a GDOI from a hacker using a network sniffer while a
security association is established?
A. An ISAKMP phase 1 security association
B. An ISAKMP phase 2 security association
C. The Proof of Possession(POP)
D. A ISAKMP phase 2 GROUPKEY-PUSH exchange
E. An ISAKMP phase 2 GROUPKEY-PULL exchange
Answer: A
NO.125 What are the two types of Embedded Event Manager policies?
A. action
B. event
41
C. script
D. applet
E. set
F. label
Answer: C,D
NO.126 R1------------------------R2-----------------------R3---------------------------R4
10.10.38.0
route prefix
R2
ip prefix-list ccie seq 5 permit 10.10.32.0/22 le 24
route-map ccie permit 10
match ip address prefix-list ccie
set tag 10
route-map cce permit 20
set tag 20
R3
ip prefix-list ccie seq 5 permit 10.10.32.0/23 le 24
route-map ccie permit 10
match ip address prefix-list ccie
set tag 30
route-map cce deny 20
Refer to eh exhibit. which statement about the 10.10.38.0/22 route is true?
A. It arrives at router R4 with the tag 20
B. It arrives at router R4 without a tag
C. It arrives at router R4 with the tag 10
D. It arrives at router R4 with the tag 30
Answer: C
NO.127 Which two commands should you enter to enable IP Source Guard with source IP and MAC
address filtering?(Choose two)
A. ip verify source tracking
B. switchport port-security
C. ip verify unicast source
D. ip verify source
E. ip verify source port-security
Answer: B,E
NO.128 Which action does route poisoning take that serves as a loop-prevention method?
A. It prohibits a router from advertising back onto the interface from which it was learned.
B. lt advertises a route with an unreachable metric back onto the interface from which it was
learned.
C. It immediately sends routing updates with unreachable metric to all devices.
D. It poisons the route by tagging it uniquely within the network.
42
Answer: C
NO.129
The OSPF adjacency between two routers cannot be established. What is the root cause of the
problem?
A. Both routers are designated routers.
B. different area ID
C. mismatched OSPF network types
D. authentication error
E. area type mismatch
Answer: E
NO.130 DRAG DROP

Drag and drop the OSPF network type on the left to the correct category of timers on the right.
Answer:
43
NO.131 Which command configures port secrity on a switch to enable permanent MAC address
learning on the interface?
A. switchportport-security mac-9ddress permanent
B. switchport port-security mac-address-learning enable
C. switcport port-security mac-address maximum 1 sticky
D. switchport port-security mac-address timer 0
E. switchport port-security mac-address sticky
Answer: E
NO.132 which type of IPv6 address is 2001:DB8::FFFF:FFFF/32?

A. multicast address
B. host address
C. broadcast address
D. anycast address
Answer: B
NO.133 DRAG DROP

Drag and Drop
44
Answer:
NO.134 Which two options are EIGRP route authentication encryption modes? (Choose two)
A. MD5
B. HMAC-AES
C. ESP-AES
D. HMAC-SHA2-256bit
Answer: A,D
NO.135 What characteristic of OSPFv3 LSAs enables support for prefix suppression?
A. Router-LSAs and Network-LSAs do not contain topology information
B. Router LSAs and Network-LSAs do not contain prefix information
C. Router-LSAs and Network-LSAs are flooded into the entire OSPF domain
D. Router-LSAs and Network-LSAs are flooded only on the local link
Answer: B
NO.136 which two options are two problems that Bridge Assurance can protect against?(choose
two)
A. BPDU flooding
B. The forwarding of data traffic after the spanning tree algorithm is stopped
C. Ports being put into a root-inconsistent state
D. Slow convergence time after a topology change
45
E. unidirectional link failures

Answer: C,E
NO.137 Which statement is true about PIM?

A. PIM SM uses shared trees
B. In Bidir-PIM, sources register to RP as in PM SM
C. The PIM DM flood and prune process is repeated every five minutes
D. PIM SM mode, by default, always forwards multicast traffic on shared tree
Answer: A
NO.138 Which OpenStack component implements role-based access control?

A. Horizon
B. Nova
C. Neutron
D. Keystone
Answer: D
NO.139 Which SlP feature can protect the network environment from loops in case of software
failure?
A. RootGuard
B. BPDU Guard
C. Bridge Assurance
D. Portfast
Answer: B
NO.140 Which 1Pv4 mitigation method allows 1Pv4-only devices to communicate with 1Pv6-only
devices?
A. GRE tunnel
B. Dual stack
C. ISA TAP tunnel
D. NAT64
Answer: D
46
What type of IS-IS is configured on R1?

A. VRF-aware IS-IS
B. ISIS version 2
C. single-topology IS-IS
D. mufti-process IS-IS
Answer: C
NO.142 If you configure a router interface both IPv4 and IPv6 on an IS-IS network in single- topology
mode, what
additional configuration is required?
A. IPv4 and IPv6 addresses must be configured with the same prefix length
B. IPv4 and IPv6 must be configured with different metric types
C. IPv4 and IPv6 must be configured to run the same IS-IS level
D. IPv4 and IPv6 must be configured on different routing protocols
Answer: C
NO.143 Which two statements about QoS classification and marking are true? (Choose two)
A. After classification of a packet, the device can only transmit the packet as is, or discard it
B. It can classify packets based on their source IP and MAC addresses only
C. Through the use of traffic policing, CAR provides rate limiting capabilities
D. CAR is capable of classifying and reclassifying packets as they are processed
E. It can classify packets based on their source and destination IP and MAC addresses only
F. CAR rate policies use CoS, IP precedence, and prefix lists to match traffic
Answer: B,F
NO.144 Which regular expression will match prefixes from the AS 200 that directly connected to our
AS?
47
A. A$
B. A200)
C. _200$
D. A200_ E- _200_
Answer: D
What conclusion can you draw from the given ping output?
A. The ping operation sent packets ranging from 505 to 1500 bytes in size.
B. Fragmentation failed during the ping operation.
C. The packet life was exceeded in 5 percent of the operations.
D. The Verbose option was set in the IP header.
Answer: B
NO.146 Which two options are restrictions of BGP ORF? (Choose two)
A. It can be used only with IPv4 multicast.
B. It requires access lists to match routes.
C. It can be used only with eBGP.
D. Multicast is not supported.
E. It can be used only with iBGP.
Answer: C,D
NO.147 Which two statements are true about 6to4 tunneling? (Choose two)
A. It works by appending the public IPv4 address (converted into hexadecimal format) to the
2002::/16 prefix.
B. It embeds the IPv6 packet into the IPv4 payload with the protocol type set to 51.
C. It works by appending the private IPv4 address (converted into hexadecimal format) to the
2002::/16 prefix.
D. It embeds the IPv6 packet into the IPv4 payload with the protocol type set to 41.
Answer: A,D
48
NO.148 Which two statements about MLD snooping are true?

A. MLD protocol messages can be sent in both IGMPv4 and ICMPv4 formats.
B. It supports private VLANs.
C. It limits the Layer 2 multicast traffic that is generate by routing protocols.
D. PFC modes support MLD version 2 only.
E. The MLD snooping querier requires the VLAN interface to be configured with an 1Pv6 address.
Answer: B,E
Which traffic gets set to AF41 by the marking policy on interface

GigabitEthernet0/0
A. Only traffic matching access-list streaming
B. No traffic gets set to AF41
C. Any traffic matching access-list tp-rooms and access-list streaming
D. Only traffic matching access-list tp-rooms
Answer: C
NO.150 When multiple AAA authentication methods are specified in a method list and all working
normally, how is the user authenticated?
A. The user is authenticated against all provided authentication sources and granted the most
restricted set of access privileges
B. The user is authenticated against the first listed authentication source only
C. The user is authenticated against the provided authentication sources in order until a match is
found
49
D. The user is authenticated against all provided authentication sources and granted the least
restricted set of access privileges
Answer: C
NO.151 DRAG DROP

Drag and drop each statement about EtherChannel protocols on the left to the matching
EtherChannel protocol on the right.
Answer:
50
NO.152
Refer to the exhibit .

What tag will be applied to the 172.16.130.0/24 route?
A. 10
B. 20
C. 30
D. 40
Answer: B
NO.153 DRAG DROP

Drag and drop each description from the left into the matching protocol category on the right.
Select and Place:
Answer:
51
NO.154 Which three configuration settings must match for switchs to be in the same MST
region?(Choose threE.
A. VLAN names
B. Revision number
C. Region name
D. Domain name
E. Password
F. VLAN-to-instance assignment
Answer: B,C,F
NO.155 Which two statements about the max-age time in IS-IS are true ?(Choose two)
A. The IS-IS max-age time is 20 minutes by default.
B. The IS-IS max-age time decrements from max-age to zero.
C. The IS-IS max-age time is 60 minutes by default.
D. The IS-IS max-age time increments from zero to max-age.
Answer: A,B
NO.156 Which two statements about PIM-DM are true? (Choose two.)
A. It forwards multicast packets on a source tree.
B. It requires an RP.
C. It forwards multicast packets on a shared distribution tree.
D. It floods multicast packets to neighbors that have requested the data.
E. It floods multicast packets throughout the network.
F. It forwards multicast packets to neighbors that have requested the data.
Answer: A,E
52
NO.157 Which two options are required parts of an EEM policy?(choose two)
A. Exit status
B. Event register keyword
C. Namespace import
D. Body
E. Entry status
Answer: B,D
NO.158 Which two statements about lANA-reserved addresses are true?(Choose two.)
A. The prefix FF9::/32 is reserved for source-specific multicast on IPv6.
B The address range 239 0.0.0/8 is reserved for source-specific multicast on IPv4.
B. The address range 232.0.0.0/8 is reserved for source-specific multicast on IPv4.
C. The prefix FF3x::/32 is reserved for source-specific multicast on IPv6.
E The address range 225.0.0.0/8 is reserved for source-specific multicast on IPv4.
D. The prefix FF00::/32 is reserved for source-specific multicast on IPv6.
Answer: C,D
NO.159 Which two statements are true about an EVPL? (Choose two )
A.it does not allow for service multiplexing
B.It has a high degree of transparency
C.The EVPL service is also referred to as E-line
D.It is a point-to-point Ethernet connection between a pair 01UNls
Answer: CD
NO.160 Which option describes how a router responds is configured and it receives theidentical LSA
before the interval is set?
A. The LSA is added to the OSPF a notification is sent to the sending router to slow down its
LSA packet updates.
B. The LSA is added to the database.
C. The LSA is ignored notification is sent to the sending router to slow down its LSA packet updates.
Answer: C
NO.161 Which three statements about IS-IS are true? (Choose three.)
A. IS-IS is a cisco proprietary routing protocols.
B. IS-IS has the capability to provide address summarization between areas.
C. IS-IS is an IETF standard.
D. IS-IS has three different levels of authentication: interface level, process level, and domain level.
E. IS-IS can be used to route both IP and CLNP.
F. IS-IS can be used only in the service provider network.
Answer: C,D,E
NO.162 Which statement about Cisco StacWise technology is true?

A. AII switches in a stack share configuration and routing informabon to behaves a single unit
53
B. Removing switches can affect stack permance /

C. Every switch in a stack has its own independent ... configuration filewhich enables it to become
the stack master if the previious master fails
D. Only the master switch acts as a for Narding processor
Answer: C
NO.163 Which command can you enter to prevent a router from displaying Telnet connection
messages on the terminal?
A. service telnet-zeroldle
B. ip telnet hidden hostname
C. ip telnet hidden address
D. no ip domain-lookup
E. ip telnet quiet
Answer: E
NO.164 Which information is contained in an OSPF Type 7 Not-So-Stubby Area NSSA External LSA?
A. The paths and costs to all OSPF NSSA areas that are external to the current area.
B. The path and costs to reach other stub area border routers in the OSPF routing domain.
C. The address of routers that connect the current area to other areas and the cost to reach those
routers.
D. External network address,mask,and cost to reach each network that is external to the OSPF
domain and only within the NSSA
E. The external network address,mask,and cost to reach networks that are external to the OSPF
NSSA,including the default route.
Answer: D
NO.165 Which two statements about enhanced object tracking are true?(Choose two)
A. With HSRP, it can track only the line-protocol state.
B. It can track over 200 objects at once.
C. It supports stateful switchover with HSRP
D. It supports stateful switchover with GLBP
E. Tracking objects are identified with unique numbers
Answer: B,E
NO.166 Which three sets of fields that can be included in a NetFlow export template? (Choose
three.
A. IGP
B. IPv4 main cache
C. ODR
D. BGP PIC
E. PfR
F. MPLS labels
Answer: B,D,F
54
NO.167 Which measure does ISIS use to avoid sending traffic with a wrong MTU configuration?
A. ISIS does not protect from MTU mismatch.
B. MTU value is communicated in ISIS Sequence Number PDUs (SNP) and ISIS adjacency is not
established if an MTU mismatch is detected
C. ISIS uses path MTU discovery as specified in RFC 1063.
D. ISIS uses padding of hello packets to full MTU.
Answer: D
NO.168
Refer to the exhibit R1 is unable to ping the device at 10.3.3.3.Which two options are possible
reasons for the problem?(Choose two.)
A. The static route is configured as a host route.
B. The static route points to a broadcast interface without a next-hop.
C. IP CEF is disabled on the local router.
D. Proxy ARP is disabled on the next-hop router.
E. The dynamic routing protocol configuration is missing.
F. IP CEF is disabled on the remote router
Answer: B,D

A. R1 is using an MPLS TE tunnel for this pseudowire, because the IP path is not avialable.
55
B. The default route 0.0.0.0/0 is available in the IPv4 routing table.

C. R1 has preferred-path configured for the pseudowire.
D. R1 routes this pseudowire over MPLS TE tunnel1 with transport label 20
Answer: D
NO.170 Which two statements about apportioned dual-tier WAN rate-based Ethernet circuits are
true? (Choose two)
A. The service provider deploys an advanced CPE device to the subscriber, which provides enhanced
Layer 3 QoS functionality.
B. It requires the subscriber to implement egress QoS.
C. It requires the subscriber to implement ingress QoS.
D. The service provider deploys a simple CPE device to the subscriber, which providers fast circuit
access.
E. The service provider supports classification and queuing, while the subscriber marks and re-marks
packets on ingress.
F. It requires ingress re-marking.
Answer: A,E
NO.171 Which two statements about GLBP are true? (Choose two.)
A. It uses Hello, Request and Reply packet reply.
B. Each GLBP group supports up to 4 MAC address.
C. It support stateful switchover.
D. It communities to multicast address 244.0.0.18.
E. It allows members to elect up to two gateways as the AVG.
Answer: B,C
NO.172 Which two statements about Cisco Express Forwarding load balancing are true?(choose
two)
A. Each hash maps directly to a single entry in the RIB
B. Cisco Express Forwarding can load-balance over o maximum of two destinations
C. It combines the source and destination IP address to create a hash for each destination
D. It combines the source IP address subnet mask to create a hash for each destination
E. Each hash maps directly to a single entry in the adjacency table
Answer: C,E
NO.173 Exhibit:
56
Refer to the exhibit. Which three statements about the output are true? (Choose three.)
A. Group 224.0.1.40 is a reserved address , and it should not be used for multicast user data transfer.
B. One or more multicast groups are operating in PIM multicast user data transfer.
C. Group 239.192.1.1 is reserved address, and it should not be used for multicast user data transfer.
D. A multicast receiver has requested to join one or more of the multicast groups.
E. This switch is currently receiving a multicast data stream that is being forwarded out VLAN 150.
F. One or more of multicast data streams will be forwarded out to neighbor 10.85.20.20.
Answer: A,D,E
NO.174 DRAG DROP

Drag and drop the OTV component on the left to the function it performs on the right.
Answer:
57
NO.175 UESTION NO: 301

Which two statements about the Cisco Express Forwarding glean adjacency type are true?
(Choose two)
A. Packets destined for the interface are discarded and the prefix is checked.
B. The router FIB table maintains a prefix for the subnet instead of individual hosts.
C. The adjacency database is used to [gather specific prefixes when packets are destined to a specific
host.
D. Packets destined for the interface can be dropped, which provide a form of access filtering.
E. Packets destined for the interface are discarded and the prefix check is skipped.
Answer: B,C
NO.176 Which two statements about route redistribution are true? (Choose two.)
A. Redistributing the entire BGP table from the Internet works well when using multiple OSPF
areas.
B. IS-IS does not no support Layer 2 routes that leak into a Layer 1 domain.
C. Mutual redistribution at multiple points can create a routing loop.
D. IBGP is used within the AS to Carry EBG P attributes that otherwise would be lost if EBG P was
redistributed into IGP.
E. The unequal cost multipath load-balancing characteristic is lost when redistributing OSPF into
EIGRP.
Answer: C,D
NO.177
58
Refer to the exhibit. All routers are running EIGRP and the network has R3 to R4 are configured as
EIGRP stub, if when the R2 goes down,which statement is true?
A. R1 sends traffic destined to 192.168.0.100 via R2
B. R2 does not have a router to 192.168.0.0/24 in the routing table.
C. The prefix 192.168.0.0/24 becomes stuck-in-active on R4
D. R3 does not advertise 192.168.0.0/24 to R4 anymore
1 00% Valid Cisco Exams
Answer: B
NO.178 Which authentication types does OSPF support?

A. Null (or no authentication), clear text and MD5.
B. Clear text only
C. MD5only
D. MD5 and clear text
E. Null( or no authentication) and clear text
Answer: A
NO.179 which two statements about root guard and loop guard are true?(choose two)
A. Loop guard uses its own keep alives to prevent loops by detecting failures
B. Root guard disables an interface only when a superior BPDU is received
C. Loop guard uses BPDU keep alives to determine unidirectional traffic
59
D. When loop guard is enabled, the port is transitioned to the root-inconsistent state
E. Root guard should be enabled on an upstream interface
F. Loop guard uses its own keep alives to determine unidirectional traffic
Answer: B,C
NO.180 Which IP SLA operation requires Cisco endpoints?

A. UDP Jitter for VoIP
B. ICMP Path Echo
C. ICMP Echo
D. UDP Jitter
Answer: A
NO.181 Which three actions are required when configuration NAT-PT? (Choose threE.
A. Specify a ::/48 prefix that will map to a MAC address.
B. Specify a::/32 prefix that will map to an IPV6 address.
C. Specify an IPv6-to-IPv4 translation.
D. Enable NAT-PT Globally.
E. Specify a ::/96 prefix that will map to an IPv4 address.
F. Specify an IPv4-to-IPv6 translation.
Answer: C,E,F
when packets are transmitted from R1 to R2, where are they encrypted?
A. within the crypto map
B. on the E0/0 interface on R1
C. on the outside interface
D. on the E1/0 interface on R2
E. in the forwarding engine
F. in the tunnel
Answer: F
NO.183
60
Refer to the exhibit. R1 and R2 have been configured as BGP neighbors, but their session is stuck in
active. Which action can you take that will enable a session to beestablished?
A. Enable synchronization on R1 R2
B. Issue the neighbor 10.1.12 .2 activate command on R'1
C. Configure 10.1.12.1 as the BGP router 10 on R1
D. Configure a neighbor relation ship with the Loopback0 address of R1 on R2
Answer: D
NO.184 Which option describes the characteristics of a public infrastructure as a service cloud
service cloud?
A. It is a cloud service where the underlying hardware is managed by the cloud service provider.
B. It is a cloud computing platform that facilitates the creation of web application without the need
to maintain
the supporting software applications
C. It is a cloud computing platform that facilitates the creation of web applications without the need
to maintain
the supporting software operating systems.
D. It is a way of delivering cloud computing infrastructure (servers, storage, network and operating
systems) as
an on demand service.
Answer: D
NO.185 Which technology allows several switches to operate together as one device?
A. HSRP
B. VRRP
C. LACP
D. Stack Wise.
Answer: D
NO.186 Which two events occur when a packets is decapsulated in a GRE tunnel? (Choose two.)
A. The source IPv4 address in the IPv4 payload is used to forward the packet.
61
B. The destination IPv4 address in the IPv4 payload is used to forward of the packets.
C. The version field of the GRE header is incremented.
D. The GRE keepalive mechanism is reset.
E. The TTL of the payload packet is incremented.
F. The TTL of the payload is discremented.
Answer: B,E
NO.187 On a network using DiffServ, which option refers to the actions that applied to a packet as it
moves through the network?
A. DSCP
B. PHB
C. Code-point
D. IP-precedence
Answer: A
SW1 and SW2 are connected to routers R1 and R2 via their L2 trunk ports. Which command can you
enter on the switches to allow the hosts on VLAN 20 to join the multicast group 239.10.10.10
via the upstream L2 ports?
A. ip igmp snooping vlan 20 mrouter interface gigabitethernet0/0
B. ip igmp snooping vlan 20 static 239.10.10.10 interface gigabitethernet0/0
C. igmp snooping querier 239.10.10.10
D. ip igmp snooping vlan 20 mrouter learn cgmp
Answer: B
NO.189 Which technology does Cisco PfR use to collect passive monitoring statics?
A. NBAR
B. SNMP
C. Syslog
62
D. NetFlow
Answer: D
NO.190 Which two statements about 802.1Q tunneling are true? (Choose two.)
A. It requires a system MTU of at least 1504 bytes.
B. The default configuration sends Cisco Discovery Protocol, STP: and VTP information.
C. Traffic that traverses the tunnel is encrypted.
D. It is supported on private VLAN ports.
E. MAC-based QoS and UDLD are supported on tunnel ports.
F. Its maximum allowable system MTU is 1546 bytes.
Answer: A,E
What is wrong with the configuration of this tunnel interface ?

A. ISATAP tunnels cannot use the EUI-64 address format.
B. The tunnel source of an ISATAP tunnel must always point to a loopback interface.
C. Router advertisements are disabled on this tunnel interface.
D. No tunnel destination has been specified.
Answer: C
NO.192 In Which 802.1D port state are the root bridge, the root part, and the designated ports
elected?
A. Disabled
B. Blocking
C. Learning
D. Forwarding
E. Listening
Answer: D
NO.193 Which two statements about Metro Ethernet services are true?(choose two)
A. EPLAN is a point-to-point service from one customer site to another across an MPLS backbone
B. EVPL is a multipoint service that emulates a LAN over an MPLS backbone
C. EVPL is a multipoint service with a root node that is suitable for multicast services
D. EVPL is a point-to-point service from one customer site to another across an MPLS backbone
E. EPLAN is a multipoint service that emulates a LAN over an MPLS backbone
F. EVPL is a point-to-point service from one customer site to another across an MPLS backbone
Answer: D,E
63
Which statement about the Rlmulticastcast network environment is true?

A. . RPF builds the topology using the unicast data for source address 10.1.108.10.
B. A static mrouteis configured to point multicast traffic for 10.30.30.32 through Ethernet 1/0.
C. RPF uses the OSPF 100 table for source address 10.1.108.10.
D. The default mroute uses Tunnel 10 as the next hop for 10.1.108.10.
Answer: B
NO.195 Which three protocols are permitted by IEEE 802.1x port-based authentication before the
client is successfully
authenticated by the RADIUS server?
A. EAPOL
B. BOOTP
C. STP
D. CDP
E. TCP
F. IP
Answer: A,C,D
NO.196 which option describes the characteristics of a publiC.infrastructure as a Service cloud

service model?
A. It ia way of delivering cloud-computing infratructure (servers, storage, network, and operating
systems) as an on-demand service
B. It is a cloud service where the underlying hardware is managed by the cloud service provider
C It is a cloud-computing platform that facilitaes the creation of web applications without the need to
maintain the supporting software application
D. It is a cloud-computing platform that facilitaes the cJeation of web applications without the need
to maintain the supporting software operating systems
Answer: A
64

A. The Cisco PfR state is UP; however, the external interface Et0/1 of border router
10.1.1.1 has exceeded the maximum available bandwidth threshold.
B. The Cisco PfR state is UP; however, an issue is preventing the border router from establishing a
TCP session to the master controller.
C. The Cisco PfR state is UP and is able to monitor traffic flows; however, MD5 authentication has not
been successful between the master controller and the border routers.
D. The Cisco PfR State is UP; however, the receive capacity was not configured for inbound traffic.
E. The Cisco PfR state is UP, and the link utilization out-of-policy threshold is set to 90 percent for
traffic exiting the external links.
Answer: E
Explanation:
All three interfaces show as UP, and the capacity is set to 500 kbps, with the max threshold set to 450
kbps (90% of 500kbps).
NO.198 You are configuring CoS-to-DSCP mappings with three requirements:

*COS 1 must be translated into AF 13 *COS 2 must be translated into AF 22.
*COS 5 must be translated into EF.
Which configuration command can you use to implement the requirements?
A. mls qos map cos-dscp 0 10 18 24 32 46 48 56
B. mls qos map cos-dscp 0 12 18.24 32 46 48 56
C. mls qos map cos-dscp 0 14 20 24 32 46 48 56
D. mls qos map cos-dscp 0 12 18 24 32 40 46 56
Answer: C
NO.199 Which two statements about EIGRP load balancing are true? (Choose two.)
A. EIGRP supports 6 unequal-cost paths
B. A path can be used for load balancing only if it is a feasible successor
65
C. EIGRP supports unequal-cost paths by default.

D. Any path in the EIGRP topology table can be used for unequal-cost load balancing.
E. Cisco Express Forwarding is required to load-balance across interfaces.
Answer: A,B
NO.200 What are three valid HSRP states? (Choose threE.

A. listen
B. learning
C. full
D. established
E. speak
F. IN IT
Answer: A,E,F
NO.201 which two statements about asymmetric routing are true?(choose two)
A. It can cause TCP nonnections to close
B. It can cause packet loss when a stateful firewall is in use
C. It can cause packet loss over statefull ICMP and UDP connections
D. It can cause packet loss when NAT is in use
E. It is uncommon in large networks
Answer: B,D
NO.202 DRAG DROP

STION NO: 366 DRAG DROP
Drag and Drop
Answer:
66
If this network is in the process of being migrated from EIGRP to OSPF, and all routers are now
running both protocols, which action must you perform to complete the migration?
A. Change the EIGRP administrative distance to 95
B. Change the OSPF administrative distance to 95
C. Change the OSPF administrative distance to 115
D. Change the EIGRP administrative distance to 115
Answer: D
NO.204 Which TCP feature allows a client to request a specific packet that was lost?
A. Selective acknowledge
B. Flow control
C. Fast recovery
D. Sliding window
Answer: A
NO.205
67
Refer to the exhibit. Which two conclusions can you draw from this command and its output?(choose
two)
A. Rl0 has a missing label binding (or 192.168.40.171/32
B. The MPLS ping failed
C. 192.168.40.171/32 exists in the global routing table
D. A valid LSP exists and it matches the corresponding MPLS FEC
E. The MPLS ping was successful
F. R10 has a valid lablel binding for 192.168.40.171/32
Answer: A,B
NO.206 Which two BGP attributes are optional, non-transitive attributes? (Choose two)
A. cluster list
B. local preference
C. AS path
D. MED
E. weight
Answer: A,D
NO.207 Exhibit:
With BGP always-compare-med enabled, which BGP entry is installed in the RIB?
A. Entry 1 because it was installed first (oldest) in the BGP table.
B. Entry 1 because it has the best MED of the external routes.
C. Entry 2 because it has the lowest router ID.
D. Entry 3 because it has the lowest MED.
Answer: D
NO.208 Which command can you enter to set a default route match tag for internal EIGRP routes?
A. eigrp route-tag 25.25.25.25
B. eigrp default-route-tag 25.25.25.25
C. route-map EIGRP 25
D. match-tag list EIGRP_Default
Answer: B
68
NO.209 Which command can you enter to disable logging for VTY lines?
A. No logging monitor
B. No logging buffer
C. No logging console
D. No logging trap
E. No logging count
Answer: A
NO.210 Which three options are the main security features in SNMPv3? (choose threE.
A. authentication
B. MIB persistence
C. message integrity
D. authorization
E. encryption
F. accounting
Answer: A,C,E
NO.211 Exhibit:
A. The PPP multilink protocol header is omitted on delay-sensitive packets.

B. The maximum number of fragments is 1.
C. Small real-time packets are multilink-encapsulated.
D. A transmit queue is provided for smaller packets
Answer: A,D
NO.212 Which technology can be used to secure the core of an STP domain?
A. UplinkFast
B. BPDU guard
C. BPDU filter
D. root guard
Answer: D
NO.213 Which three conditions can cause excessive unicast flooding? (Choose three.)
A. Asymmetric routing
B. Repeated TCNs
69
C. The use of HSRP

D. Frames sent to FFFF.FFFF.FFFF
E. MAC forwarding table overflow
F. The use of Unicast Reverse Path Forwarding
Answer: A,B,E
Which two effects of this configuration are true? (Choose two.)

A. It creates an administratively scoped boundary for ACL 60
B. It sets the TTL for discovery messages to 60 hops.
C. It prevent the device from falling back to dense mode.
D. It sets announcement interval to 60 seconds.
E. It configure the router as the rendezvous point
Answer: B,E
NO.215 How long will the root bridge continue to send configuration BPDUs to notify all bridges to
age out their MAC
address tables?
A. The max-age time
B. The forward delay + max-age time
C. The forward delay time
D. Three times the hello interval
Answer: B
70
After you applied this configuration to R1 and R 2 they failed to form an ISIS adjacency.
Which reason for the problem is most likely true?
A. The network statements are mismatched
B. The IP subnets are mismatched
C. T he bandwidth is mismatched
D. The MTUs are mismatched
Answer: D
NO.217 Which extended ping IP header option allows you to specify one or more hops over which
the packets will travel without specifying the full path?
A. verbose
B. loose
C. strict
D. record
Answer: B
NO.218 Which two Cisco Express Forwarding tables are located in the data plane? (Choose two)
A. the forwarding information base
B. the label information table
C. the label forwarding information base
D. the IP routing table
E. the adjacency table
Answer: A,C
71
All routers are running EIGRP and the network has converged. R3 and R4 are configured as EIGRP
stub. If the link between R1 and R3 goes down, Which statement is true?
A. R3 does not advertize 192.168.0.0/24 to R4 anymore.
B. R2 does not have a route to 192.168.0.0/24 in the routing table.
C. The prefix 192.168.0.0/24 becomes stuck-in-active on R4.
D. R1 sends traffic destined to 192.168.0.100 via R2
Answer: B
NO.220 Which two statements about MSDP are true? (Choose two)
A. It is supported both for IPV4 and IPV6 multicast deployments
B. It is encapsulated into UDP segments
C. It is encapsulated into PIM packets
D. It interconnects into PIM-SM domains
E. MSDP peers are established using multiprotocol BGP
F. MPLS is required to establish MSDP peering
Answer: D,E
NO.221 Which two statements about IS-IS neighbor adjacencies are true?(Choose two )
A. Each device must have the same 6-type systemID
B. Neighboring devices must have the same level.
72
C. If the ignore-mtu command is configured on both devices.the devices can have different MTU
settings
D. Each device's 4-type router ID must be unique.
E. Level 1 devices must be in the same area
Answer: B,E
Which two configurations must you apply to R2 so that it correctly translates the internal network to
a public IP address?
A. access-list 1 permit 10.2.0.0 0.0.0.255
ip nat inside source list 1 interface GigabitEthernet0/1
interface GigabitEthernet0/0
ip nat inside
ip nat outside
B. access-list 1 permit 10.2.0.0 0.0.0.255
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat outside
ip nat inside
C. ip nat pool NAT 209.165.201.9 209.165.201.14 netmask 255.255.255.248 access-list 1 permit
10.2.0.0 0.0.0.255
ip nat inside source list 1 pool NAT
ip nat inside
ip nat outside
D. ip nat inside source static 10.1.2.100 209.165.201.9
ip nat inside source static 10.1.2.110 209.165.201.10
73
ip nat inside
ip nat outside
E. access-list 1 permit 10.2.0.0 0.0.0.255
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat inside
ip nat outside
F. ip nat inside source static 10.1.2.100 209.165.201.9
ip nat outside
ip nat inside
Answer: C,D
NO.223 DRAG DROP

Drag and Drop
Answer:
74
NO.224 Which IP SLA operation type uses IP to measure the round-trip time between a router and a
device?
A. UDP Jitter for VoIP
B. HTTP
C. ICMP Echo
D. ICMP Path Jitter
Answer: C
NO.225 Which two statements about 6to4 tunnels are true? (Choose two)
A. They allow isolated IPv6 domains to connect over an IPv4 network
B. The IPv4 infrastructure acts as a virtual NBMA link
C. There is no requirement for dual-stack(IPv4 and IPv6) on the border routers
D. They require routers to be configured in pairs
E. They support point-to-point automatic tunnels
Answer: A,B
NO.226 Which three mode are valid PfR monitoring modes of operation? (Choose threE.
A. passive mode (based on Cisco IP SLA probes)
B. route monitor mode (based on BGP route changes)
C. RMON mode (based on RMONv 1 and RMONv2 datA.
D. active mode (based on Cisco IP SLA probes)
E. passive mode (based on NetFlow datA.
F. fast mode (based on Cisco IP SLA probes)
Answer: D,E,F
NO.227 Which difference between IGMP Snooping and PIM Snooping is true
A. IGMP Snooping is a Cisco-proprietary technology,while PIM snooping is standard-based
B. IGMP Snooping controls multicast traffic to multicast listeners,while PIM snooping blocks multicast
traffic from multicast listeners
C. IGMP Snooping replicates multicast traffic to multicast listeners,while PIM snooping blocks
multicast traffic from multicast listeners.
D. IGMP Snooping allows traffic designed to 239.0.0.0/24 destination group only,while PIM snooping
filters multicast traffic ro all hosts.
Answer: B
NO.228 What command can you enter on a Cisco router so that it can both polled a time server and
be polled by a time server
A. ntp server
B. ntp broadcast client
C. ntp broadcast destination
D. ntp peer
Answer: D
75
NO.229 How many address families can a single OSF P\13 instance support?
A. 1
B. 2
C. 5
D. 10
Answer: A
NO.230 DRAG DROP

Drag each set action for policy-based routing on the left to the matching statement on the right.
Answer:
NO.231 Which two EtherChannel modes can create an LACP EtherChannel?(Choose two)
A. on
B. active
C. passive
D. auto
E. desirable
Answer: B,C
NO.232 Which two options are requirements for Control-Plane Policing? (Choose two.)
A. Cisco Express Forwarding must be enabled globally.
B. Cisco Discovery Protocol must be disabled in the control plane.
76
C. A crypto policy must be installed.

D. A loopback address must be configured for device access.
E. A class map must be configured to identify traffic.
Answer: A,E
Router A must reach router X.

Which option describes how router A decides which interface to use to forward packets ?
A. Router A relies on RIB to select the desired interface
B. Router A does per-flow load-balance across the two interfaces
C. Router A relies on FIB to select the desired interface
D. Router A does per-packet load-balance across the two interfaces
Answer: C
NO.234 which statement about the BGP scope of the cost community is true?
A. It is shared with IBGP neighbors and route reflectors
B. It is shared with IBGP and EBGP neighbor
C. It is shared with IBGP neighbors only
D. It is shared with IBGP and confederation peers
E. It is shared with EBGP neighbors only
Answer: D
What is the PHB class on this?

A. EF
B. CS4
C. none
D. AF21
Answer: B
NO.236 Which two authentication options were new in SNMPv3 (Choose two)
77
A. noAuth
B. Auth
C. noAuthNopriv
D. authNoPriv
E. authPriv
F. Priv
Answer: C,D
NO.237 If the default-information originate always command is configured on R4 what route type is
assigned to the default route in R1's
A. O
B. E2
C. O IA
D. E1
Answer: C
NO.238 Which two statements about the spanning-tree timers in a switched network are true?
(Choose two)
A. The root bridge sends out a configuration BPDU every hello interval
B. The default hello time is two seconds
C. After receiving a BPDU from the root bridge, a non-root bridge waits for the hello interval before
forwarding
it out
D. The root bridge sends out a TCN every max-age interval
Answer: A,B
NO.239 ON NO: 402

Refer to the exhibit.
Which two statements about the output are true? (Choose two.)
A. 802.1D spanning tree is being used.
B. Setting the priority of this switch to 0 for VLAN 1 would cause it to become the new root.
C. The hello, max-age, and forward delay timers are not set to their default values.
78
D. Spanning-tree PortFast is enabled on GigabitEthernet1/1.

Answer: A,B
Explanation:
8 02.1D is the standard for Spanning tree, which is being used here. For priority, The priority order
starts from 0 (yes, 0 is valiD. and then increases in 4096.
0 , 4096, 8192, 12288, .... Etc.
The lower the number is, the higher is the priority. Here we see that the current root has a priority of
8192, so configuring this with a priority of 0 will make it the new root.
NO.240 Which statement about PMTUD is true?

A. It increases the connection's send MSS value to prevent fragmentation.
B. It is used to prevent fragmentation of packets at the endpoint of a TCP connection.
C. It is used to prevent fragmentation of packets travelling across a smaller MTU link between.
D. It is supported by TCP and UDP
E. GRE tunnels are use PMTUD to fragment data packets by default.
Answer: C
NO.241 trace 1 interface Serial 1/0/1 ip routing

trace 2 ...
trace 3...
int g0.0
...
glbp 29 weighting track 1
glbp 29 weighting track 2 decrement 30
glbp 29 weighting track 3 decrement 5
...
Refer to the exhibit. after you configured R1 as an AVF in GLBP group 29 as shown, IP routing was lost
on
interface Serial 1/0/1, Serial 1/0/2 and GigabiEthernet0/2, causing R1 to lose its AVF minimum action
you must
take so that R1 can regainits AVF status?
A. Restore IP routing on Serial 1/0/2 only
B. Restore IP routing on both GigabitEthernet 0/2 and Serial 1/0/2
C. Restore IP routing on Serial 1/0/1 only
D. Restore IP routing on GigabitEthernet 0/2 only
E. Restore IP routing on both GigabitEthernet 0/2 and Serial 1/0/1
F. Restore IP routing on both Serial 1/0/1 and Serial 1/0/2
Answer: C
79
R1 has an OSPF path to R2 and R3 for 10.1.0.0/24, but R1 has a routing entry for
10.1.0.0/24 from only one router at a time.
Which option is the most likely cause?
A. The R1 maximum-path is set to 1.
B. R2 has a higher administrative distance.
C. R2 is using a filter list.
D. R2 is using an offset-list.
Answer: A
NO.243 What is a requirement for BFD static route support?

A. CEF must be configured on all routers that will carry traffic.
B. BFD must be configured on all Ethernet, virtual-template, and dialer interfaces that will carry
traffic.
C. All routers that will carry traffic must have the same software version.
D. All routers that will carry traffic must be the same model.
Answer: A
NO.244 Which TCP features allows a client to request a specific packet that was lost?
A. flow control
B. sliding window
C. fast recovery
D. selective acknowledgment
Answer: D
NO.245
80
Refer to exhibit. R1, R2, and R3 are in different statellite offices of the same organization. A multiast
vido source is located behind R1. R3 frequently receives video streams interded for R2. These streams
saturate the available bandwidth of R3. Which configuration change can alleviate the congestion on
R3?
A. Configure R3 to send an immediate-leave message when necessary 10 stop receiving unwanted
traffic
B. Configure IGMP snooping on R1 R 2 and R3
C. Place a PIM filter on the switches and interfaces that connect 10 R1R2 and R3
D. Enable IGMP snooping On all switches that contect to R1 R2 and R3
E. Place a PIM filter on the switch and interface that connect to R1 only
Answer: D
NO.246 DRAG DROP

Drag and drop each IPv6 tunnelign mechanism form the left onto the correct characteristic on the
right
Answer:
81
NO.247 which IS-IS feature allows an IS-IS router to determine a prefix without performing an SPF
compilation?
A. SFP throtting
B. isis retransmit-throttle-interval command
C. Isp-gen-interval command
D. Partial route Computation
E. overload bit
Answer: D
NO.248 Which metric vectors are stored but are not used by default in EIGRP?
A. Reliability and delay
B. Bandwidth and delay
C. Load and reliability
D. Load and bandwidth
Answer: C
NO.249
Refer to the exhibit . While reviewing a log file on a router with this NTP configuration you note that
the log entries of the router display a different time than the NTP time. Which action can you take to
correct the problem?
A.Add the local time keyword to the service timestamps log datetime statement
B.Add the msec keyword to the service timestamps log datetime statement
C.Add the statement ntp broadcast to the NTP configuration of the neighboring router
D.Configure the router to be the NTP master
82
E.Remove the datetime keyword from the service time stamps log datetime statement
Answer: A
R1 and R2 advertise 10.50.1.0/24 to R3 and R4 as shown.R1 is the primary path. Which path does
traffic take from the data center to the file server?
A. All traffic travels from R4 to R2 to R1 to the file server.
B. Traffic is load-balanced from R4 to R2 and R3. Traffic that is directed to R3 then continues to R1 to
the file server. Traffic that is directed to R2 continues to the file server.
C. All traffic travels from R4 to R2 to the files server.
D. All traffic travels from R4 to R3 to R1 to the file server.
Answer: A
Notice that debug ip bgp updates has been enables. What can you conclude from the debug output?
A. BGP neighbor 10.1.3.4 established a new BGP session.
B. This is result of clear ip bgp 10.1.2.3 in command.
C. This is result of the clear ip bgp 10.1.3.4 out command.
D. BGP neighbor 10.1.3.4 performed a graceful restart.
Answer: B
NO.252 Which technology can be used to secure the edge of an STP domain?
A. root guard
B. BPDU guard
C. UplinkFast
D. BPDU filter
Answer: A
83
Which two statements about the given MPLS VPN ate true? (Choose two.)
A. It includes four CE routers.
B. Router A and router 1 must be BGP neighbors.
C. It includes four P routers.
D. It includes two CEs and two Pes.
E. Only one connection is outside the ISP network.
Answer: C,D
NO.254 Which metric vectors are stored but are not used by default in EIG RP?
A. Reliability and delay
B. Load and reliability
C. Load and bandwidth
D. Bandwidth and del
Answer: B
NO.255 Which two IP packet types always traverse to the route processor CPU? (Choose two)
A. Data-plane packets.
B. Forwarding-plane packets
C. Control-plane packets
D. Services-plane packets
E. Management-plane packets
Answer: C,E
NO.256 DRAG DROP

Drag and drop the NETCNF layers on the left onto their appropriate description on the right.
Select add Place:
84
Answer:
To which undesirable condition can router R1 be vulnerable?

A. IP address spoofing
B. asymrnetric routing
C. man-in-the-middle attacks
D. denial of service attacks
E. unicast flooding
Answer: D
85
Between which routers is an LDP session established?

A. R1 and R3
B. R1, R2 and R3
C. R2 and R3
D. R1 and R2
Answer: D
NO.259 Which statement about STP port states is true?

A. port in the blocking state remains in that state for 30 seconds before transitioning to the listening
state
B. Listening and learning are transitory port states that use the forward delay timer
C. When a port transitions to the learning state ,it can send and receive data franes
D. A port in the blocking state learns addresses and receives BPDUs
Answer: B
NO.260 Which three values are used to generate a unique bridge ID for each VLAN in PVST+?
(Choose three)
A. port cost
B. max age
C. spanning-tree MAC address
D. port priority
E. switch priority
F. extended system ID
Answer: C,E,F
NO.261 Which two features are incompatible with loopguard on a port ?(Choose two)
A. BPDU skew detection
B. root guard
C. PortFast
D. uplink fast
E. backbone fast
Answer: B,C
NO.262 Which two statements about IS-IS metrics are true?(choose two)
86
A. The default metric style is narrow

B. The default metric for the IS-IS interface is 63
C. The default metric style is wide
D. The default metric for the IS-IS interface is 64
E. The default metric for the IS-IS interface is 10
Answer: A,E
NO.263 What are three required attributes in a BGP update message? (select threE.
A. AGGREGATOR
B. AS_PATH
C. ORIGIN
D. MED
E. NEXT_HOP
Answer: B,C,E
NO.264 Which options is the default LACP load-balancing algorithm for IP traffic on Layer 3?
A. the source and destinnation IP port
B. the destination IP port
C. the source and destination IP address
D. the destination port
E. the source IP port
Answer: C
NO.265 For which two purposes can RTCP be used (Choose two)
A. Collecting information about VoIP service quality
B. Authenticating RTP sessions
C. Providing encryption for RTP flows
D. Providing resource reservation service for VoIP traffic
E. Providing resource reservation service for VoIP traffic
F. Providing out-of-band statistics and control information for RTP sessions
Answer: A,F
NO.266 You are configuring Wireshark on a Cisco Catalyst 4500E Switch a Supervisor 8. Which three
action can you take to prevent the capture from overloading the CPU? {Choose threE.
A. Use an in-line filter.
B. Reconfigure the buffers to accommodate the additional traffic.
C. Attach the specific ports that are part of the data path.
D. Configure a policy a policy map, class map, and an access list to express the match conditions.
E. Use an appropriate ACL
F. Add memory to the Supervisor.
Answer: A,C,E
NO.267 You have been asked to connect a remote network with different DSCP mappings to the
87
primary network of
your organization. How can you configure the network devices so that the two networks work
together
seamlessly?
A. Configure the mls qos trust command on the trunk ports that internetwork two networks
B. Configure VLAN-based QoS on all switchs on both networks
C. Configure an aggregate policewr on the ingres interfaces of the trunk ports that interconnect the
two
networks
D. Configure a mutation map on the devices on the primary network that connect to the network
Answer: A
NO.268 Which two characteristics of an loT network are true ? (Choose two)
A. loT networks must be designed for low-powered devices
B. loT network are 100% reliable.
C. The transmission rate in an loT network is consistent.
D. loT networks are bandwidth constrained.
E. loT networks use IS-IS for routing.
Answer: A,C
NO.269 which condition must be true to allow an access port to trust QoS markings on an incoming
frame?
A. The switch must be configured globally with the vlan dot1q tag native command
B. The switch must be configured globally with the mls qos trust cos command
C. The port must be configured with the mls qos trust dscp command
D. The port must be configured with the mls qos cos command
Answer: C
NO.270
Refer to the exhibit If R1 and R2 cannot establish an OSPF neighbor relationshipwhich two action can
you take to Choose two
A. Configuration PPP authentication under the R2 Gigabitethernet 0/1 interface
B. Change the ip local pool command on R2 to ip local pool pool! 192 168 12 192 168 1.5 I"
88
C. Configuration R1 to send the username and password on the Dialer 1 interface

D. Change the PPP authentication to CHAP authentication
E. Configure PPP encapsulation under the R1 virtual-templat interface
Answer: C,E
NO.271 Which two statements about NAT are true? (Choose two)
A. Static NAT supports a one-to-one address mapping
B. Dynamic NAT allows hosts inside a network to use a pool of addresses to access hosts outside the
network
C. PAT uses destination port numbers identity address mappings
D. Static NAT release the translated address for use by another device when it is inactive
E. One-to-one mapping denies outside traffic from accessing an inside host
Answer: A,B
NO.272 Which three steps are required to enable SSH access on a Cisco routers?(choose three)
A. generating an RSA or DSA cryptographic key
B. configuring VTY lines for use with SSH
C. configuring a domain name
D. configuring the version of SSH
E. configuring the port for SSH to listen for connections
F. generating an AES or SHA cryptographic key
Answer: A,B,C
NO.273 Refer to the exhibit. Which two possible reasons why the administrator is unable to log into
the
switch remotely are true? (Choose two)
A. An ACL is configured to reject connections from PC1
B. The user is using the incorrect username
C. SSH is disabled
D. The Telnet VTY lines are busy
E. The Baud rate is misconfigured
Answer: C,D
NO.274 which option describes how the IP address is assigned when you configure a Layer3
EtherChannel
interface?
A. The first IP address added to the EtherChannel is used automatically
B. You must assign the IP address to a port channel logical interface
C. The last IP address added to the EtherChannel is used automatically
D. You must assign the IP address to the tunnel interface
Answer: B
NO.275
89
Refer to the exhibit. Which two route types advertised by a router with this configuration?
(Choose two)
A. connected
B. summary
C. static
D. redistributed
E. external
Answer: A,B
NO.276 Which two statements are true about control plane policing?(Choose two.)
A. Control plane policing will affect only traffic that is destined to the route processor.
B. Access lists that are used in policies for control plane policing must not use the log keyword.
C. Access lists that use the deny rule in control plane policing do n ogress to the next class.
D. The log keyword can be used but the be used in policing.
Answer: A,B
NO.277 On an MPLS L3VPN, which two tasks are performed by the PE router? (Choose two.)
A. It exchanges VPNv4 routes with other PE routers.
B. It typically exchanges iBGP routing updates with the CE device.
C. It distributes labels and forwards labeled packets.
D. It exchanges VPNv4 routes with CE devices.
E. It forwards labeled packets between CE devices.
Answer: A,C
NO.278 DRAG DROP
Answer:
90
Which statement describes what the authoritative flag indicates?

A. The registration request had the same flag set.
B. Authentication was used for the mapping.
C. R1 learned about the NHRP mapping from a registration request.
D. Duplicate mapping in the NHRP cache is prevented.
Answer: C
NO.280 Which two statements about the STP dispute function are true? (Choose two)
A. It compares the downstream port states reported in received BPDUs.
B. The upstream switch uses received BPDUs to detect unidirectional link failures.
C. The downstream switch uses received BPDUs to detect unidirectional link failures.
D. When a designated port detects a conflict, it changes its role by reverting to a discarding state
Answer: A,B
91
The PC is experiencing intermittent connectivity failures to the internet. If ADSL-R1 uses a PPPoE
connection, what action can you take to correct the problem.
A. Configure a system MTU of 1512 on ADSL-R1
B. Configure OSPF on the connection between PC1 and HomeS1
C. Replace the dialer interface with a virtual template.
D. Configure an MTU of 1492 on the dialer interface on ADSL-R1
E. Configure the same OSPF process on HomeR1 and HomeS1
Answer: D
NO.282 Which condition must be satisfied before a Cisco router running RIP can poison a route ?
A. The invalid timer must expire.
B. The hold down timer must expire.
C. The flush timer must expire.
D. The flush timer must reach 240 seconds.
E. The metric must equal! 6.
Answer: A
Which tag will be applied to the 172.16.50.0/24 route?

A. 10
B. 20
C. 30
D. 40
Answer: A
NO.284 DRAG DROP

Drag and drop the PPPoE packet type on the left of the corresponding description on the right.
92
Answer:
NO.285 Which option describes the effect of the command ip route vrf DMZ
192.168.0.0.255.255.0.0
172.16.5.5 global?
A. It creates a s1atic default route in the "lh1 DMZ, and the next hop is in the global routing table.
B. It creates a static route in the VRF DMZ for 192.168.0.0 255.255.0.0, and the next hop is in the
global routing table.
C. It creates a static route in the global routing table for 192.168.0.0 255.255.0.0, and the next hop
is in the global routing table.
D. It creates a s1atic route in the global routing for 192.168.0.0 255.255.0.0, and the next hop is in
The VRF DMZ.
93
E. lt creates a static route in the VRF DMZ for 192.168.0.0 255.255.0.0, and the next hop is in the
VRFDMZ.
Answer: B
NO.286 Which three criteria are used for stackwise election of a master switch?
A. VLAN revision number
B. longest uptime
C. highest MAC address
D. user-selected priority
E. IOS version number
F. lowest MAC address
Answer: B,D,F
NO.287 Which two statements about SNMP are true?(Choose two.)

A. SNMPv3 uses the SHA encryption algonthm to provide authorization.
B. SNMPv2c can provide authentication as well as encryption.
C. SNMFV3 uses the 3DES encryption algonthm to provide data privacy.
D. The SNMP agent is responsible for collecting data from the MIB
E. The SNMP manager is responsible for collecting data from the MIB.
F. SNMPv2c supports only 32-bit counters
Answer: C,E
NO.288 Which PIM feature allows the same multicast group address to be reused in different
administrative domains?
A. Proxy Registering
B. IP Multicast Helper
C. IP Multicast Boundary
D. CGMP
Answer: B
NO.289
Refer to exhibit. Which statement about the 192.168.100.0/24 destination network is true?
A. The Reported distance for the Successor is 128256
B. The metric installed into the route tabel is 4352
C. The metric installed into the route table is 126256
D. The Reported Distance for the Feasible Successor is 409600
Answer: A
94
NO.290 Which two statements about IP source guard are true?(Choose two.)
A. It must be applied to EtherChannel port members
B. It is available only on L2 ports.
C. It is supported in software only.
D. It is not supported on private VLANS.
E. It blocks DHCP packets
Answer: B,D
NO.291 A packet from network 10.0.1.0/24 destined for network 10.0.2.0/24 arrives at Rl on
interface GiO/0, but the router drops the packet instead of transmitting it out interface Gi0/1.
Which feature that is configured on R1 can cause this problem?

A. UDLC
B. split horizon
C. uRPF
D. spanning tree
Answer: C
Routers A and B are the edge devices at two different sites as shown. If each site contains an IPv6
network that must be able to communicate over an IPsec tunnel, which type of authentication can be
in
use between the two sites?
A. MD5
B. pre-shared key
C. 802.1x
D. CHAP
Answer: B
NO.293 Which type of ACL can be applied only to Layer 2 ports?
95
A. portACLs
B. standard ACLs
C. reflexive ACLs
D. dynamic ACLs
E. VLANACLs
Answer: A
NO.294 You have noticed that a switch on your network that is configured for PIM snooping is
flooding multicast traffic
excessively. What action can you take to correct the problem without disabling PIM?
A. Disable designated-route flooding
B. Enable IGMP filtering
C. Enable unknown unicast flood blocking
D. Disable IGMP on the VLANs
Answer: B
NO.295 Which feature can protect against broadcast DoS attacks?

A. storm control
B. DHCP snooping
C. DAI
D. IP Source Guard
Answer: A
NO.296 Two routers are connected on a PPP link using CHAP authentication by default which value
will
the routers use as t identification on the link?
A. Their host names
B. Their IP address on the connected link
C. Their interface numbers
D. Their serial numbers
Answer: A
NO.297 which mechanism can be used on Layer 2 switches so that only multicast packets with
downstream receivers are sent on the multicast router-connected ports?
A. Router Guard
B. IGMP snooping
C. multicast filtering
D. PIM snooping
Answer: D
NO.298 DRAG DROP
96
Answer:
NO.299 Which two statements about IPsec VTIs are true? (Choose two)
A. Dynamic VTIs allow you to mix proxy types.
B. The dynamic VTI is a multipoint interface that can support multiple IPsec SAs.
C. The IKE SA can be bound to both the VTI and the crypto map in the router.
D. Static VTIs can use the "IP any any" traffic selector only.
E. The IPsec transform set must be configured in transport mode.
F. Static VTIs can encapsulate both IPv4 and IPv6 packets, but IPv4 can carry IPv4 packets and IPv6
can carry IPv6 packets.
Answer: C,D
NO.300 what are three ways to increase traceroute performance?(choose three)

A. Disable DNS lookups
B. Use the same value for both the minimum and maximum TTL
C. Use a probe count of 2 or lower
D. Set a timeout value of 0 seconds
E. Force the traceroute to use TCP
F. Set a timeout value of less than 3 seconds
Answer: A,C,F
Router A and B are the edge device at two different sites as shown. The two edge devices use public
addresses on their WAN interfaces, and both sites use RFC1918 for all other addresses.if routers A
97
and B have established an IPsec tunnel, which statement about the

network environment must be true?
A. Router A1 and Router b1 are using NAT translation to allow private-address traffic to traverse the
tunnel.
B. The tunnel terminates on the ISP routers.
C. Each site is capable of routing private addressing over the IPsec tunnel.
D. Router A and router B are using BGP to share routes between the two sites.
Answer: C
NO.302 which feature prevents the formation of interarea routing loops?

A. shortest-path trees
B. stub areas
C. the backbone area
D. redistribution
Answer: C
NO.303 which three session tables does NAT64 maintain?

A. UDP
B. TCP
C. 6rd
D. 464XLAT
E. ICMP Query
F. SIP
Answer: A,B,E
NO.304 Which encryption algorithm is enabled by the Cisco IOS command service
password-encryption?
A. Cisco Type-7
B. Cisco Type-5
C. TKIP
D. MD5
E. Cisco AES
Answer: A
NO.305 What are two major requirements for configuring an extended VLAN with VTPv2 (Choose
two)
A. VLAN pruning must be enabled
B. The device must be operating in VTP transparent mode
C. The configuration must be made in global configuration mode
D. The VLAN must be configured in VLAN database mode
E. The reduced MAC address feature must be disabled
Answer: B,C
98
Why is the OSPF state in 2WAY/DROTHER?

A. There is a duplicate router ID
B. This is the expected output when R1 is the DR.
C. There is an MTU mismatch.
D. This is expected output when the interface EthernetO/0 of RI is configured with OSPF Priority 0.
E. There is an OSPF timer (hello/deaD. mismatch.
Answer: D
Which kind of ICMPv6 packet is shown in the output?

A. Neighbor advertisement
B. Time exceeded
C. Neighbor solicitation
D. Router advertisement
E. Router discovery
Answer: C
NO.308 Which command can you enter to configure a Cisco router running OSPF to propagate the
static default route 0.0.0.0 0.0.0.0 172.31.15.1 within the OSPF process?
A. default-information originate
B. redistribute static subnets
C. redistribute static metric 1 subnets
99
D. redistribute static
Answer: B
NO.309 Which three components are in a MPLS header?

A. A 4-bit experimental use field
B. An 8-bit TTL
C. A 4-bit label stack entry
D. A 2-bit bottom of stack
E. A 3-bit experimental use field
F. A 20-bit label
Answer: B,E,F
NO.310 DRAG DROP

Drag each QoS application-traffic on the left to the matching definition on the right.
Answer:
NO.311 DRAG DROP

Which statement about EIGRP neighbor peering on the left to matching peering type on the right.
100
Answer:
NO.312
Refer to the exhibit After you configure the given IP SLA on a Cisco router.you note that the device is
unable to fialover to the backup route even when pings to 10.12.34.5 fail.What action can you take to
correct the problem?
A. Change the ip route 0.0.0.0.0.0.0.0.192.168.1.1.53.200 command to ip route
0.0.0.0.0.0.0.0 192.168.1.153.12.
B. Change the ip sla schedule 12 life forever start-time now comman to ip sla schedule 12 life forever
101
start-time 00:12 00
C. Change the track 12 ip sla 12 state command to track 12 ip sla 12 reachability.
D. Change the frequency 2 command to frequency 12.
Answer: C
NO.313 Which two options are examples of Northbound and/or Southbound protocols?(Choose vo)
A. OpenStack
B. 1S1S
C. NETCONF
D. JSON
E. BGP-LS
Answer: A,C
NO.314 DRAG DROP

Drag and drop each BGP attribute on the left into the priority order in which the attributes are
preferred when determining the best path on the right.
Answer:
NO.315 Which two statements about NetFlow version 9 are true? (Choose two.)
A. It supports up to two exporters per cache
B. It supports both encryption and authentication
C. It supports up to six exporters per cache
D. It supports export over TCP and UDP
E. It supports export over UDP only
F. Each flow monitor supports up to 10 exporters
102
Answer: D,F
NO.316 External EIGRP route exchange on routers R1 and R2 was failing because the routers had
duplicate router IDs. You changed the eigrp router-id command on R1, but the problem persists. With
additional action must you take to enable the routers to exchange routes?
A. Change the corresponding loopback address.
B. Change the router ID on R2.
C. Reset the EIGRP neighbor relationship.
D. Clear the EIGRP process.
Answer: D
NO.317 Which two statements about IPv6 6to4 tunnels are true? (Choose two)
A. Sites use addresses from the 2002::/16 prefix
B. Sites use addresses from link-local scope
C. They are point-to-multipoint tunnels
D. They are point-to-point tunnels
E. They rely on GRE encapsulation
Answer: A,C
NO.318
Refer to the exhibit. R1 has an OSPF path to R2 and R3 for 10.1.0.0/24but R1 has a routing entry for
10.1.0.0/24 from only one router at a time. Which option is the most likely cause?
A. The R1 maximum path is set to 1.
B. R2 has a higher administrative distance.
C. R2 is using a filter list
D. R2 is using an offset list.
Answer: A
103
NO.319 DRAG DROP

Drag each statement about file-transfer protocols on the left to the matching file-transfer technology
on the right.
Answer:
NO.320 What are two requirements for BFD static route support? (Choose two)
A. CEF must be configured on all routers that will carry traffic.
B. BFD must be configured on all Ethernet, virtual-template, and dialer interfaces that will carry
traffic.
C. All routers that will carry traffic must have the same software version.
D. All routers that will carry traffic must be the same model.
E. Parameters must be configured on all routers that will carry traffic.
F. Parameters must be configured on all interfaces that will carry traffic.
Answer: A,F
NO.321 DRAG DROP
104
Answer:
NO.322 Which two protocols are used by the management plane? Choose two?
A. Telnet
B. BGP
C. OSPF
D. ISSU
E. DTP
F. FTP
Answer: A,F
NO.323 Which two statements about AAA authentication are true? (Choose two)
A. RADIUS authentication queries the router's local username database.
B. TACASCS+ authentication uses an RSA server to authenticate users.
C. Local user names are case-insensitive.
D. Local authentication is maintained on the router.
E. KRB5 authentication disables user access when an incorrect password is entered.
Answer: D,E
NO.324 which two statements about MLD are true?(choose two)

A. The code section in the MLD message is set to 1 by the sender and ignored by receivers
B. MLD is a subprotocol of PIMv6
C. There are three subtypes of MLD query messages
D. MLD is a subprotocol of ICMPv6
E. When a single link supports multiple interfaces, only one interface is required to send MLD
messages
F. When a single link supports multiple interfaces, all supported interface is required to send MLD
messages
105
Answer: D,E
NO.325 Which two statements about 6PE are true? (choose two)
A. iBGP peering between the PE routers should be done using an IPv6 address
B. It does not require MPLS between the PE routers
C. It requires a VRF on the IPv6 interface
D. It requires BGP to exchange labeled IPv6 unicast between PE routers
E. Uses an IPv4-mapped IPv6 address as the IPv4 next-hop on PE router
Answer: D,E
NO.326 Which protocol enables routers in an MPLS environment to use labels to move traffic?
A. FTP
B. POP
C. LLDP
D. PPP
E. L2TP
F. LOP
Answer: F
According to the given show line output, which type of line is connected to the router?
A. auxiliary
B. Telnet
C. terminal
D. Console
E. SSH
Answer: A
NO.328 Which IS-IS router type can have neighbors in any area?
A. Level 1/Level 2 Intermediate System only
B. Both Level 1 Intermediate Systems and Level 2 Intermediate Systems
C. Level 2 Intermediate System only
D Both Level 1/Level 2 Intermediate Systems and Level 2 Intermediate Systems
D. Level 1 Intermediate System only
Answer: A
NO.329 Which two statements aretrue about control plane policing?(Choose two)
106
A. Access list that are used in po|1cies for control plane policing must not use the l g keyword
B. The log keyword can be used but the log-input keyword must not be used in policies for control
plane policing
C. Packets denied by an explicit access control list entry do not progress to the next class in control
plane policing
D. Control plane policing will affect only traffic that is destined to the route processor
Answer: A,C
NO.330 How can you reduce latency on a VoIP network?

A. Set the IP SLA timeout to 1000 milliseconds
B. Implement fast retransmission
C. Configure an SLA to collect information on packet loss
D. Implement low-latency queuing
E. Implement a congestion-avoidance algorithm
Answer: D
NO.331 Which 1Pv6 solution provides network information to clients without providing an 1Pv6
host address?
A. autoconfiguration
B. stateless DHCPv6
C. stateful DHCPv6
D. prefix delegation
Answer: A
NO.332 What are two potential drawbacks of VPLS?(Choose two)

A. When more devices are added to the VPLS packet reqlication is significantly increased
B. VPLS increases the risk of routing loops
C. VPLS devices drop all VLAN-tagged packet
D. VPLS is poorly suited for large flat network implementations
E. VPLS requires manual configuration for loop prevention
Answer: A,D
107
You must complete the configuration on R1 so that a maximum of three links can &e used and
fragmentation is supported.
You must complete the configuration on R1 so that a maximum of three links can be used and
fragmentation is supported.
Which additional configuration accomplishes this task?
A. interface Multilink19
ip address 192.168.1.1 255.255.255.0
ppp multilink
ppp multilink group 19
ppp multilink links minimum 1
ppp multilink links maximum 3
ppp multilink interleave
B. interface Multilink19
ip address 192.168.1.1 255.255.255.0
ppp multilink
ppp multilink fragment delay 20
C. interface Multilink19
ip address 192.168.1.1 255.255.255.0
ppp multilink
ppp multilink fragment delay 20
D. interface Multilink19
ip address 192.168.1.1 255.255.255.252
ppp multilink
108
Answer: A
Explanation:
The "ppp multilink interleave" command is needed to enable link fragmentation and Interleaving
(LFI). The Cisco IOS Link Fragmentation and Interleaving (LFI) feature uses Multilink PPP (MLP). MLP
provides a method of splitting, recombining, and sequencing datagrams across multiple logical data
links. MLP allows packets to be fragmented and the fragments to be sent at the same time over
multiple point-to-point links to the same remote address.
ppp multilink links maximum
To limit the maximum number of links that Multilink PPP (MLP) can dial for dynamic allocation, use
the ppp multilink links maximum command in interface configuration mode.
Reference:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/configuration/guide/fqos_c/qcflfi.html
NO.334 Which two statements about 1Pv4 and 1Pv6 networks are true? (Choose two.)
A. ln IPv6, hosts perform fragmentation.
B. IPv6 uses a UDP checksum to verify packet integrity.
C. ln IPv6, routers perform fragmentation.
D. In IPv4 fragmentation is performed by the source of the packet.
E. IPv4 uses an optional checksum at the transport layer.
F. IPv6 uses a required checksum at the network layer.
Answer: A,B
This network is undergoing a migration from pvst+ to mst. S1 is the MSTO root bridge and S2 is the
MSTO secondary root
A. Interface G0/1 is blocked on S3 for VLAN40 and VLAN 50 and load balancing fails until S3 is
migrated to
MST
B. Interface G0/0 is blocked on S3 for VLAN40 and VLAN50 unless it is configured for load balancing
with
PVST+
C. Interface G0/0 is blocked on S3 for VLAN40 and VLAN 50 and load balancing fails until S3 is
109
migrated to
MST
D. VLAN traffic automatically load balances between G0/0 and G0/1 on S3 using PVST+
E. PVST+ inherits the load-balancing configuration from MST
Answer: A
NO.336 Which command can you enter on an interface so that the interface will notify the sender of
a packet that the packet that the path is sub-optimal?
A. ip nhrp record
B. ip nhrp set-unique-bit
C. ip nhrp shortcut
D. ip nhrp redirect
E. ip nhrp cost 65535
Answer: D
NO.337 Which three statements about EVCs are true? (Choose three.)
A. Spanning Tree must use MST mode on EVC ports.
B. PAGP is supported on EVC ports.
C. Spanning Tree must use RSTP mode on EVC ports.
D. LACP is supported on EVC ports.
E. Layer 2 multicast framing is supported.
F. Bridge domain routing is required.
Answer: A,B,D
NO.338 Which IPv4 feature prevents multicast joins on a per-port basis?

A. MLD filtering
B. IGMP filtering
C. IGMP snooping
D. PIM snooping
Answer: B
NO.339
110
Refer to the exhibit. This routes is advertising which routes via BGP?
A. BGP routes that originated on RT1
B. AJI routes
C. all BGProutes from AS 65006
D. BGP routes that originated from AS 65006 and BGP routes that originated on this router
E. No routes
Answer: D
NO.340 Exhibit:
Which option describes the meaning of this console message?

A. An EIGRP hold timer has expired.
B. FastEthernetO/O has interface errors.
C. An EIGRP process has been shut down.
D. An interface has gone down.
Answer: C
NO.341 Which two statements about PfR are true? (Choose two)
A. lt manages traffic classes
B. lt provides a narrower scope of route control than OER.
C. lt provides intelligent route control on a per-application basis.
D. lt supports split tunneling and spoke-to-spoke links.
E. lt always prefers the least cost path.
111
Answer: A,C
NO.342 UESTION NO: 295

Which two statements about BGP PIC are true? (Choose two)
A. PIC Core supports fast convergence with external neighbor links.
B. It is prefix-dependent for Internet routes.
C. When the path to a distant PE router changes, PIC is independent of the number of VRFs on the
router.
D. It achieves subsecond convergence in the BGP FIB.
E. PIC Edge provides fast convergence when an external neighbor node fails.
Answer: A,D
NO.343 When you implement CoPP on your network, what is its default action?
A. Drop management ingress traffic to the control plane.
B. Monitor ingress and egress traffic to the control plane by using access groups that are applied to
the interface
C. Block all traffi
D. Rate-limit bidirectional traffic to the control plane.
E. Permit all traffi
Answer: E
NO.344 Which option descripbes a difference between Ansible and Puppet?

A. Ansible is client-server based and Puppet is not
B. Ansible requires an agent and Puppet does not
C. Ansible is Python based and Puppet is Ruby based
D. Ansible automates repetitive tasks and Puppet allow you to run plain ssh commands
Answer: C
R2 is configured with an IP helpler address on Gi0/0/0 and it is sharing routes with R1 using OSPF. If
PC1 is configured to request an IP address from the DHCP server, which two statements
correctly describe communications between the devices on the netwok?(choose two)
A. R1 forwards DHCPREQUEST messages to IP address 172.16.1.100
B. PC1 sends DHCPDISCOVER messages to IP address 255.255.255.255
C. R1 forwards DHCPDISCOVER messages to IP address 255.255.255.255
D. PC1 sends DHCPREQUEST messages to IPaddress 255.255.255.255
E. R1 forwards DHCPOFFER messages to IP address 172.16.1.100
Answer: A,B
112
NO.346 Company A have two remote sites, which are connected to a common ISP by BGP. At each
site, company
A is using the same autonomous system number. Which BGP feature can you implement to enable
routing between the two site?
A. allowas-in
B. AS path prepending
C. communities
D. peer groups
Answer: A
NO.347 DRAG DROP

Drag and drop the EIGRP query condition on the left to the corresponding action taken by the router
on the right.
Answer:
113
Which router on the given network generates the IS-IS pseudonode?

A. R4
B. R2
C. R1
D. R3
Answer: A
NO.349 Which statement about the RPF interface in a BIDIR-PIM network is true?
A. In a BIDIR-PIM network the RPF interface can be the interface that is used reach the PIM
rendezvous or the interface that is used to reach the source.
B. In a BIDIR-PIM network the RPF interface is always the interface that is used to reach the source.
C. There is no RPF interface concept in BIDIR-PIM networks
D. In a BIDIR network the RPF interface is always the interface that is used to reach the PIM
rendezvous point.
Answer: D
NO.350 Which three pieces of information are carried on OSPF type-3 LSAs? (Choose threE.
A. metric
B. authentication type
C. link state
D. IP subnet
E. externaI route tag
F. subnet mask
Answer: A,D,F
NO.351
114
Refer to exhibit R2 is configured as the R1 neighbor in area 51, but R2 fails to receive the configured
summary route. Which action can you take to correct the problem?
A. Replace the summary .address command with the area-range command
B. Configure a summary address under R1interfate GigabitEthernet0/0
C. Configure a summary address under R1 interface GigabREthernet1/0
D. Configure the no discard-route command in the OSPF process of R1
E. Gonfigure ip ospf network broadcast under the Loopback0 interface of R1
Answer: A
NO.352 Which two statements about RTF and RTCP are true? (Choose two)
A. An RTP port is a random even-numbered TCP port between 16,384 and 32,767 and the associated
RTCP
port is the sequential odd-numbered port
B. RTCP provides encryption and authentication for RTP flows
C. RTCP packets contain application-level information about the RTP source
D. An RTP session includes TCP port numbers for both RTP and the associated RTCP session
E. RTCP provides QoS information about data delivered over RTP
F. RTCP supports multiple packet types, including sender reports, receiver reports, and application-
specific
packets
Answer: A,E
NO.353 which three security controls would you take into consideration when implementing IoT
capabilities? (choose three)
A. Layered Security Approach
B. Define lifecycle controls for IoT devices
115
C. Implement Intrusion Detection Systems on IoT devices

D. Privacy impact Assessment
E. Place security above functionality
F. Change passwords every 90 days
Answer: A,B,D
NO.354 which configuration command identifies a dynamic IPsec VTI?

A. interface virtual-template number
B. tunnel protection ipsec profile profile-name
C. tunnel mode ipsec ipv4
D. crypto isakmp profile profile-name
Answer: A
NO.355 Under which two circumstances is IPsec transport mode appropriate ? (Choose two)
A. When both hosts are behind IPsec peers.
B. When the hosts are transmitting router management traffic.
C. When only one host is behind an IPsec peer.
D. When only IP header encryption is needed.
E. When IPsec peers are the source and the destination of the traffic.
F. When only IP header authentication is needed.
Answer: B,E
NO.356 Which two statements about the host address 10.88.100.10/13 are true?(Choose two.)
A. The network address is 10.64.0.0
B. The network address is 10.88.100.0
C. The network address is 10.88.0.0
D. The broadcast address is 10.95.255.255
E. The broadcast address is 10.88.255.255
F. The broadcast address is 10.64.255.255
Answer: C,D
NO.357 Which two statements about debugging on Cisco routers are true? (Choose two)
A. Using console logging can reduce the performance impact of the debug command
B. The debug command can be run in privileged exec mode only
C. By default, the router logs debug command output to vty lines
D. The terminal monitor command copies debug output to the terminal
E. The debug ip packet command can debug IP traffic that is fast-switched on the router
F. The debug command can be run in user exec mode
Answer: B,D
NO.358 Which statement is true about trunking?

A. DTP only supports autonegotiation on 802.1q and does not support autonegotiation for ISL
B. Cisco switches that run PVST+ do not transmit BPDUS on nonnative VLANs when using a
116
C. dot1q trunk.
D. DTP os a point-to-point protocol.
E. When removing VLAN 1 from a trunk,management traffic such as CDP is no longer passed
in that VLAN.
Answer: C
NO.359 Which PIM mode can forward traffic by using only (*.G) routing table entries?
A. Space-dese mode
B. Bidirectional mode
C. Deuce mode
D. Sparse mode
Answer: B
NO.360 Which congestion-avoidance or congestion-management technique can cause global

synchronization?
A. Tail drop
B. Random early detection
C. Weighted random early detection
D. Weighted fair queuing
Answer: A
You organization has two offices, Site 1 and Site 2, which are connected by provider backbone, as
shown. Where must you
configure an attachment circuit to allow the two sites to connect over a Layer 2 networking using
L2TPv3?
A. PE Site 1 SE0/0 and PE Site 2 Se0/0
B. CE Site 1 Fa0/0 and PE Site 2 Se0/0
117
C. CE Site 1 Fa0/0 and CE Site 2 Fa0/0

D. PE Site 1 Fa1/0 and PE Site 2 Fa0/0
Answer: D
Which two statements are true? (Choose two.)

A. This is the output of the show ip ospf command.
B. This is the output of the show ip protocols command.
C. This router is an ABR.
D. This router is an ASBR.
E. Authentication is not configured for the area.
Answer: A,E
Explanation:
The following is sample output from the show ip ospf command when entered without a specific
OSPF process ID with no authentication.
Router# show ip ospf
118
Routing Process "ospf 201" with ID 10.0.0.1 and Domain ID 10.20.0.1

Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 100 secs
Interface flood pacing timer 55 msecs
Retransmission pacing timer 100 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 2. 2 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0)
Number of interfaces in this area is 2
Area has no authentication
SPF algorithm executed 4 times
Area ranges are
Number of LSA 4. Checksum Sum 0x29BEB
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 3
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/command/iro-cr-
book/ospf-s1.html#wp8749965360
NO.363 Which three actions are required when configuring NAT-PAT? (Choose threE.
A. Specify an 1Pv4-to-1Pv6 translation.
B. Enable NAT-PT globally.
C. Specify a: :/96 prefix that will map to an IP4 address.
D. Specify a: :/48 prefix that will map to a MAC address.
E. Specify a ::/32 prefix that will map to an 1Pv6 address.
F. Specify an 1Pv6-to-1Pv4 translation.
Answer: A,C,F
119

A. BFD and SPF throttling are configured
B. Only BFD is enabled
C. BFD, SPF, and LSA timers are turned for faster convergence
D. Fast convergence is not configured
Answer: A
Between which router is an LOP session established?

A. R1,R2and R3
B. R1 and R3
C. R1 andR2
D. R2andR3
Answer: C
NO.366 which two statements about route summarization are true?(choose two)
A. When a packet is routed to a destination, the router chooses the most specific prefix from the
routing table
B. Routes are automatically summarized to their classful boundary with OSPF
C. BGP sends both specific and aggregate routes unless the keyword "summary-only" is configured
D. It is recommended for use on discontinuous networks
120
E. EIGRPlearned routes are automatically summarized

Answer: A,E
NO.367 Which three factors does Cisco PFR use to calculate the best exit path?(Choose threE.
A. Reachability
B. Delay
C. Quality of service
D. Packet size
E. Adminstrative distance
F. Loss
Answer: A,B,F
NO.368 DRAG DROP

Drag and drop the description on the left to the correct Eigrp term on the right. Not all options are
used.
Answer:
NO.369 which two actions can you take to allow the network 172.29.224.0/24 to be reachable from
peer 192.168.250.53? (Choose two)
121
A. Modify the community list to match community 64513:64090 attached to

172.29.224.0124
B. Configure soft reconfiguration to peering 192.168.250.53
C. Modify the outbound route map to permit all additional routes
D. Configure additional address families1to peering 192.1682 .53.
E. Modify the inbound route map 10 permit all additional routes
Answer: A,C
NO.370 Which interior gateway protocol is based on open standards, uses a shortest-path first
algorithm , provides native protocols, and operates at the data link layer?
A. IS-IS
B. EIGRP
C. BGP
D. OSPF
Answer: A
NO.371 Which QoS policy is recommended to support an MPLS network with six classes?
A. map Flow-label bits into the Exp field
B. map IP precedence bits into the DSCP field
C. map DSCP bits into the Exp field
D. map IP CoS bits into the IP Precedence field
Answer: D
How can you configure R6 so that traffic returns to subnet 172.16.6.0/24 via R5?
A. Advertise prefix 172.16.6.0/24 to neighbor R5 with AS 65006 prepended.
B. Configure the neighbor 1 0.5.6.5 send-community standard command.
C. Advertise prefix 172.16.6.0/24 to neighbor R5 with metric 80.
D. Set local preference for all prefixes received from neighbor R5 to 200.
Answer: B
122
NO.373 DRAG DROP
Answer:
NO.374 Which two conditions must be before IS-IS Level1 routers will become adjacent?(ChoosE.
A. The routers must share a common Autonomous 8ystem Number
B. The routers must share a common process ID
C. The routers must be in different areas
D. The routers must share a common NETWORK SEGMENT
E. The routers must be configured with the neighbor command
F. The routers must be in same area
Answer: D,F
NO.375 What is the function of the command ip pim autorp listener?

A. It allows the mapping agents to accept autorp information from the PIM rendezvous point.
B. It allows a BSR to accept autorp information and translate it into BSR messages.
C. It allows the routers to flood the atuorp information in a sparse-mode-only network.
D. It allows a border PIM spare-mode router to accept autorp information from another autonomous
system.
Answer: C
NO.376 Which two statements about PPP CHAP authentication are true? (Choose two)
A. lt is a one-way authentication method
B. lt uses a secret password, which is sent across the link for authentication
123
C. it supports clear-text passwords

D. it is configurable only on PPP callout links
E. lt uses a configured username and password to authenticated a host
Answer: A,E
NO.377 What are the two variants of NTPv4? (Choose two.)

A. client/server
B. broadcast
C. multicast
D. asymmetric
E. unicast
Answer: A,B
NO.378 Which two statements about logging are true? (Choose two)
A. When you enable sequence numbers, the date timestamp is disabled automatically by default
B. A log message can include both uptime and the date timestamps
C. A log message's facility value indicates the hardware on which the log message was generated
D. Logs can be displayed on the console or on a remote terminal
E. Log messages include a mnemonic that describes the message
F. The mnemonic can refer to a hardware device, a protocol, or a software module
Answer: D,E
NO.379 DRAG DROP

Drag into proper boxes.
Answer:
124
NO.380 which two statements about MLD are true?(choose two)

A. MLD is a subprotocol of PIMv6
B. When a single link supports multiple interfaces, only one interface is required to send MLD
messages
C. MLD is a subprotocol of ICMPv6
D. When a single link supports multiple interfaces, all supported interface are required to send MLD
messages
E. There are three subtypes of MLD query messages
F. The code section in the MD message is sent to 1 by the sender and ignored by receivers
Answer: B,C
Which router will be used to forward traffic to destinations unknown in the area?
A. R4
B. R5
C. R2
D. R1
E. R6
F. R3
125
Answer: D
NO.382 O: 252
Refer to the exhibit. Which twostatementsabout the device configuration are 1rue?
(Choose two)
A. The device has control-plane protection enabled
8 .The device implicitly allows Telnet connections
B. The GigabitEthernet0/1 interface of the device allows incoming SSH and SNMP connections
C. The device has management-plane protection enabled
D. The device allows SSH connections to its loopback interface
Answer: C,D
NO.383 Which three components are in an MPLS header? (Choose threE.

A. 4-bit experimental use field
B. 4-bit label stack entry
C. an 8-bit TTL
D. 2-bottom of stack
E. 3-bit experimental use field
F. 20-bit label
Answer: C,E,F
NO.384 Which two statements about IGMP are true?(Choose two.)

A. IGMPv2 supports explicit source signaling.
B. IGMPv3 is the first version of IGMP to support a basic query-response mechanism.
C. IGMPv2 supports IGMP querier election.
D. IGMPvl supports group-specific queries.
E. IGMPv3 uses 224.0.0.22 as destination address for reports.
Answer: C,E
NO.385
126

router eigrp 100
passive-interface FastEthernet0/0
network 192.168.35.0
network 192.168.45.0
no auto-summary
neighbor 192.168.35.3 FastEthernet0/0
When you apply this configuration to the router, which effect is true?
A. The router multicasts hello packets via interface F0/0
B. The router sends hello packets to neighbor 192.168.35.3 via unicast
C. The router broadcasts hello packets via interface F0/0
D. The router stops sending hello packets to neighbor 192.168.35.3
Answer: D
NO.386 Which two message types allow PIM snooping to forward multicast traffic? (Choose two)
A. membership query messages
B. leave messages
C. bidirectional PIM DF election messages
D. Hello messages
Answer: C,D
NO.387 Which Queuing strategy ignores packet markings?

A. WFQ
B. CBWFQ
C. CQ
D. LLQ
E. FIFO
F. WRED
Answer: E
NO.388 Which tunnel type can be used with encryption to provide security for IPv6 over IPv4?
A. 6RD
B. 6to4
C. ISATAP
127
D. IPv4-compatible
E. GRE
Answer: E
Which traffic gets set to AF41 by marking policy on interface GigabitEthernet0/0?

A. Any traffic matching access-list-tp-rooms and access-list stream in g.
B. No Traffic gets set to AF41.
C. Only traffic matching access-list tp-rooms.
D. Only traffic matching access-list streaming.
Answer: A
NO.390 which two statements about IP SLA are true?(choose two)

A. It uses NetFlow for passive traffic monitoring
B. SNMP access is not supported
C. It can measure MOS
D. It is Layer 2 transport-independent
E. The IP SLA responder is component in the source Cisco device
F. It uses active traffic monitoring
Answer: D,F
NO.391 Which command can you use to redistribute IBGP routes into the IGP?
A. no synchronization
B. redistribute protocol process-number
128
C. bgp redistribute-internal
D. synchronization
Answer: C
NO.392 Which two statements about LISP encapsulation with EIGRP OTP are true ( Choose 2)
A. It supports dynamic multipoint tunneling
B. It supports dynamic point-to-point tunneling
C. It uses the instance ID to support virtualisation
D. It supports manual point-to-point tunneling
E. The LISP control plane exchanges routes and determines the next hop
Answer: A,C
What tag will be applied to the 172.16.130.0124 route?

A. 10
B. 20
C. 30
D. 40
Answer: B
129
Router A is connected as a BGP neighbor to routers B and C.

which path does router A use to get to AS 65010?
A. through router B because it has the shortest AS path
B. through router B because the default local preference is 500 and higher than router C
C. will load balance because both routers have the same Med value
D. through router C because it has a higher local preference
Answer: D
NO.395 DRAG DROP

Drag and drop each extended ping IP header option from the left onto "the corresponding
description on the right
Select and Place:
Answer:
130
NO.396 Which three statements describe the characteristics of a VPLS architecture? (Choose three )
A. It can suppress the flooding of traffic
B. It forwards Ethernet frames
C. It supports MAC address aging
D. It maps MAC address destinations to IP next hops
E. It conveys MAC address reachability information in a separate control protocol
F. It replicates broadcast and multicast frames to multiple ports
Answer: B,C,F
NO.397 STION NO: 15

Which PIM multicast type requires IGMPv3 and operates without using rendezvous point messages?
A. PIM-DM
B. PIM-SM
C. SSM
D. BIDIR-PIM
Answer: A
Which two route types are advertised by a router with this configuration? (Choose two.)
A. connected
B. external
C. summary
D. static
E. redistributed
131
Answer: A,C
NO.399 An IPv6 network has different MTUs on different segments, if the network is experiencing
reliability issues,
which option is the most likely reason ?
A. HSRPv6 is configured inly
B. The MTU size is greater than 1470 bytes
C. The do not fragment bit is marked
D. ICMPv6 is filtered
Answer: D
NO.400 Which two statements are true about IS-IS? (Choose two.)
A. IS-IS DIS election is nondeterministic.
B. IS-IS SPF calculation is performed in three phases.
C. IS-IS works over the data link layer, which does not provide for fragmentation and reassembly.
D. IS-IS can never be routed beyond the immediate next hop.
Answer: C,D
NO.401 Which command sets the maximum segment size for a TCP packet initiated from a router?
A. ip tcp window-size
B. ip tcp mss
C. ip mtu
D. ip tcp adjust-mss
Answer: B
NO.402 Which TCP feature allows a client to request a specific packet that was lost?
A. Flow control
B. Sliding window
C. Fast recovery
D. Selective acknowedgment
Answer: D
132
Which effect of this configuration is true?

A. R1 and R2 from an adjacency.
B. R2 interface FO/1 accepts Hello packets from R3.
C. R2 and R3 form an adjacency.
D. R3 advertises the 192.168.12.0/24 network.
E. R2 interface FO/1 accepts routing updates from R3.
Answer: A
NO.404 What are three core Features of GET VPN? (Choose three.)
A. The rekey mechanism.
B. Time-based anti-replay
C. AES
D. MPLS
E. Partial mesh
F. Cooperative keys
Answer: A,B,F
NO.405 Which two statements about a flat single-hub DMVPN with NHRP are true?(choose two)
A. NHRP shortens the configuration 01the hub router
B. NHRP dynamically provides informatlon about the spoke routers to the hub
C. NHRP disables multicast
D. The hub muter uses NHRP to initiate the GRE tunnel with spokes
E. The spoke routers act as the NHRP servers
Answer: A,B
133
NO.406 Which protocol allows connections made by an NBMA network to dynamically learn
connected address
A. PPP
B. NHRP
C. HDLC
D. POP
Answer: B
NO.407 Which trunking configuration between two Cisco switches can cause a security risk?
A. configuring incorrect channel-groups on the switches.
B. disabling DTP on the trunk ports.
C. configuring different trunk modes on the switches.
D. configuring different native VLANs on the switches.
E. configuring mismatched VLANs on the trunk.
Answer: D
NO.408 how does an EIGRProuter respond when it receives a query for a route it is in the process of
poisoning?
A. It forwards the query to other neighbors
B. It adds the route to its route table
C. It sends a posion squash message to the to the querying neighbor
D. It notifies the querying neighbor to add the route
Answer: C
NO.409 When you cpnfigure an IPv6 IPSec tunnel which two fields can represent the ISAKMP
identity of a peer?(Choose Jwo)
A. encryption algorithm
B. DH group identifier
C. hostname
D. IPv6 address
Answer: C,D
NO.410 DRAG DROP
134
Answer:
NO.411 DRAG DROP

Drag and drop the routing protocol on the left to the correct statement on the right.
Answer:
135
If interface FastEthernetO/1 goes down,how does router R5 respond?

A. It sends query packets to neighbor 192.168.35.3 for destination 192.168.24.0/24.
B. It sends update packets to neighbor 192.168.35.3 for destination 192.168.24.0/24
C. It is stuck in active for destination 192.168.24.0/24
D. It uses interface F0/0 and neighbor 192.168.35.3 as the new path to destination
192.168.24.0/24
Answer: A
NO.413 Which IS-IS process is responsible for flooding local link information to adjacent routers ?
A. decision
B. receive
C. forward
D. update
Answer: D
NO.414 Which two statements about IS-IS authentication are true ?(Choose two.)
A. Level 2 LSPs transmit the password encrypted inside the IS-IS PDU.
B. Area and domain authentication must be configured together.
C. Passwords can be configured on a per-interface basis.
D. If LSP authentication is in use , unauthorized devices can form neighbor adjacencies.
E. Lever 1 LSPs use the domain password.
Answer: A,C
NO.415 how does control plane policing protect the route processor?
A. It treats the route processor as a separate entity within MQC
B. It disables access to the control plane during an attack
C. It dynamically enables ingress ACLs on selected interfaces
D. It marks non-essential traffic and moves it to the Scavenger class
Answer: C
136
NO.416 What is the function of the rendezvous point in PIM?

A. It acts as a shared root for a multicast tree
B. It is the main source of the multicast traffic
C. It redistributes the multicast configuration to its connected neighbors
D. It will redistribute the unicast routes to avoid an RPF failure
Answer: A
NO.417 Which three statements about bridge assurance are true?

A. Bridge assurance can be enabled on one end of a link or on the both ends.
B. If a bridge assurance ports failed to receive a BPDU after a timeout, the port is put into an error
disabled state.
C. If a bridge assurance ports failed to receive a BPDU after a timeout, the port is put into a blocking
state.
D. Bridge assurance is enabled on STP multipoint links only.
E. Bridge assurance must be enabled on both the ends of a link.
F. Bridge assurance is enabled on STP point-to-point links only.
Answer: C,E,F
The Main 1 and Branch 1 switches are connected directly over over an MPLS pseudowire, and both
runn UDLD. After router B1 reloads because of a power failure, the pseudowire.
However the Branch 1 switch is unable to reach the Main 1 switch. Which two actions can you take to
restore connectivity and problem from recurring? (Choose two)
A. Configure a backup pseudowire between the Main 1 and Branch I Switchs.
B. Issue the shutdown and no shutdown commands on the Branch 1 switch uplink to the B1 router
only.
137
C. Configure a backup GRE tunnel between the Main I and Branch 1 switches.
D. Issue the shutdown and no shutdown commands on both the Branch 1 switch uplink to the B1
router and the Main 1 switch's uplink to the M1 router
E. Enable errdisable recovery on both the Main I and Branch I switches.
F. Enable UDLD recovery on both the Main I and Branch I switches.
Answer: B,E
NO.419 In which way does the Bridge Assurance mechanism modify the default spanning-tree
behavior
in an effort to prevent bridging loops?
A. IF BPDUs are no longer received on a port, the switch immediately sends a out a TCN BPDU.
B. Extended topology information is encoded into all BPDUs.
C. BPDUs are sent bidirectional on all active networks ports, including blocked and alternate ports.
D. Received BPDUs are looped back toward the sender to ensure that link is bidirectional.
Answer: C
NO.420 Exhibit:
if the web server has been configured to listen only to TCP port 8080 for all HTTP requests
, which command can you enter to how internet users to access the web server on HTTP port 80?
A. ip nat inside source static tcp 10.1.1.100 80 10.1.1.100 8080
B. ip nat outside source static tcp 10.1.1.100 80 10.1.1.100 8080
C. ip nat outside source static tcp 10.1.1.100 8080 10.1.1.100 80
D. ip nat inside source static tcp 10.1.1.100 8080 10.1.1.100 80
Answer: D
NO.421 DRAG DROP

Drag and drop the NAT operations on the left into the correct sequential order on the right.
Answer:
138
NO.422 Which feature prevents multicast flooding to routers on a common VLAN that are not a part
of the multicast distribution tree for the particular group?
A. IGMP Snooping Querier
B. PIM Snooping
C. IGMP Proxy
D. PIM-SM
Answer: B
NO.423 Which two features are incompatible with Loop Guard on a port? (Choose two.)
A. Root Guard
B. PortFast
C. UplinkFast
D. BackboneFast
E. BPDU skew detection
Answer: A,B
NO.424 With which protocol is COAP designed to be used?

A. SNMP
B. XMPP
C. TCP
D. UDP
Answer: D
NO.425 Which two statements about native VLANs are true? (Choose two.)
A. They require VTPv3.
B. They are used to forwarded untagged traffic only.
C. They are used to forward tagged traffic only.
D. They are configured in VLAN database mode.
E. They are configured under the trunk interface.
F. They are used to forward both tagged and untagged traffi
Answer: B,E
139
Which IPv6 migration method is in use on this network?

A. 6to4 tunnel
B. NAT-PT
C. ISATAP tunnel
D. dual stack
Answer: D
NO.427 Which value does VPLS use to make forwarding decision?

A. Destination MAC of the the Ethernet
B. Destination IP address of the packet
C. Source MAC of the Ethernet frame
D. Source IP address of the packet
Answer: A
NO.428 DRAG DROP

Drag and drop each IPv6 tunneling mechanism from the left onto the correct characteristic on the
right.
Answer:
140
NO.429 When do summary black holes occur in eigrp?

A. when a summary is created for security purposes to draw undesired traffic to a termination point
B. when a summary is advertised that contains components that the advertising router cannot reach
C. when the summary is removed due to the last component disappearing
D. when components of the summary are present at multiple summary points
Answer: B
NO.430 0n which three options can Cisco PfR base its traffic routing? (Choose threE.
A. Time of day
B. Network performance
C. Router lOS version
D. User-defined link capacity thresholds.
E. An access list with perm it or deny statements.
F. Load-balancing requirements.
Answer: B,D,F
NO.431 Which option is can example of SaaS?

A. Google Apps
B. Amazon AWs
C. Google App Engine
D. Microsoft Azure
Answer: A
NO.432 DRAG DROP

Select and Place:
141
Answer:
NO.433 Which 2 statements about SNMP are true? (choose two)

A. The SNMP agent is responsible for collecting data from the MIB
B. SNMPv2c can provide authentication as well as encryption
C. The SNMP manager is responsible for collecting data for the MIB
D. SNMPv3 uses the SHA encryption algorithm to provide authorization
E. SNMPv2c supports only 32-bit counters
F. SNMPv3 uses the 3DES encryption algorithm to provide data privacy
142
Answer: A,F
Which two possible network conditions can you infer from this configuration? (Choose two)
A. R2 is configured as the NTP master with a stratum of 7
B. R1 is using the default NTP source configuration
C. The authentication parameters on R1 and R2 mismatched.
D. RI and R2 have established an NTP session
Answer: B,C
NO.435 How does EIGRP derive the metric for manual summary routes ?
A. It uses the worst metric vectors of all component routes in the topology table.
B. It uses the best metric vectors of all component routes in the topology table.
C. It uses the best composite metric of any component route in the topology table
D. It uses the worst composite metric of any component route in the topology table
Answer: C
NO.436 Which topology allows the split-horizon rule to be safely disabled when using EIGRP?
A. Hub and spoke
B. Ring
C. Full mesh
D. Partial mesh
Answer: A
NO.437 Which PIM multicast type is designed to be used for many-to-many applications Within
individual
PIM domains?
A. PIM-DM
B. Bidir-PIM
C. PIM-SM
D. SSM
Answer: B
NO.438 Which two statements about out-of-order packet transmission are true? (Choose two.)
A. It can occur when packets are duplicated and resent
143
B. It occurs only over TCP connections

C. It can occur when packets are dropped and resent
D. It can occur when packets take the same path to arrive at the same destination
E. It can occur when packets use different paths to arrive at the same destination.
Answer: B,E
NO.439 Which mechanism does GET VPN use to preserve IP header information?
A. IPsec tunnel mode
B. GRE
C. MPLS X
D. IPsec transport mode
Answer: A
NO.440 NO: 39
Which two statements about IGMP filters that are operating in access mode are true?
(Choose two)
A. A filter that is applied on the SVI must use the same setting as a same filter that is applied to the
trunk port.
B. They can be applied to the access point only.
C. The port filter is always checked first.
D. The SVI filter is always checked first.
E. They can be applied on both the SVI and the access port.
Answer: C,E
NO.441 Ping and Traceroute extended options are very useful. What is the difference between using
the Record option with the ping command vs. the traceroute command?
A. The record option is not supported with the ping command
B. The record option is not supported with the traceroute command
C. When leveraged with the ping command, the Record option of this command not only informs you
of the hops that the echo request (ping) went through to get the destination, but is also informs you
of the hops it visited on the return path
D. When leveraged with the traceroute command, the Record option of this command not only
informs you of the hops that the echo request (ping) went through to get the destination, but is also
informs you of the hops it visited on the return path
Answer: C
NO.442 DRAG DROP

Drag and Drop
144
Answer:
NO.443 Which two pieces of information are returned by the show ipv6 mid snooping querier
command? (Choose two)
A. Learned group information
B. IPv6 address information
C. MLD snooping querier configuration
D. incoming interface
Answer: B,D
NO.444 Which type of QoS is used on the CE device to rate-limit the aggregate traffic towards the
WAN Ethernet circuit?
A. CBWFQ
B. WRED
C. LLQ
D. FIFO
Answer: C
145
Which two statements are true? (Choose two)

A. This router is 4-byte autonomous system aware.
B. This router is not 4-byte autonomous system aware.
C. The prefix 10.100.1.1/32 was learned through an autonomous system number with a length of 4
bytes, and this router is not 4-byte autonomous system aware.
D. The prefix 10.100.1.1/32 was learned through an autonomous system number with a length of 4
bytes, and this router is 4-byte autonomous system aware.
E. The prefix 10.100.1.1/32 was originated from a 4-byte autonomous system
Answer: B,C
NO.446 NO: 140

Which BGP feature is being used?

A. graceful shutdown
B. graceful restart
C. PIC
D. fast session deactivation
Answer: D
NO.447 Which two authentication mechanisms are supported by SNMPv3 ?{Choose two)
A. SHA
B. username without password
C. username and password
D. DES
E. a community string
F. 265-bit AES
Answer: A,C
146
Which data format is used in this REST API call?

A. HRMLv5
B. XML
C. JSON
D. BASH
E. HTML
Answer: C
NO.449 What does reverse path forwarding ensure in a multicast network?

A. It ensures that any multicast host can receive the multicast stream.
B. It ensures that the source of the multicast can forward the multicast stream.
C. It ensures a loop-free multicast network.
D. It ensures that multicast hosts can join the intended multicast groups.
Answer: C
NO.450 Which two are best practices when configuring VLAN and switch port ?{Choose two)
A. Assign an unused VLAN to all unsed ports.
B. Always use MST to ensure a loop-free topology.
C. Use a dedicated native VLAN ID for all trunk ports.
D. Use VLAN1 as the network management VLAN
E. Set the default port status to Enable.
Answer: A,C
147
When a user attempted to log in to R1 via the console, the logon was successful but the user was
placed in user EXEC mode instead of privileged EXEC mode. What action can you take to correct the
problem?
A. Configure the privilege level 15 command under line console 0
B. Configure the username jdoe privilege 15 password 0 cisco command under the global
configuration
C. Configure the aaa authentication login default local enable command under the global
configuration
D. Configure the enable secret level 15 cisco command under the global configuration
E. Configure the aaa authentication console command under the global configuration
Answer: B
NO.452
Refer to the exhibit Which statement about the R1 multicast network environment is true?
A. RPF builds the topolog y using the unicast data for source address 101.108.10
B. The default mroute uses Tunnel10 as the exit interface for 10.1.108.10
C. RPF uses the OSPF'100 table for source address 10.1.108 .10
D. A static mroute is configured to poin multicast traffic for 10.30.30.32 through Ethernet1/0
Answer: B
NO.453 In a DMVPN solution, which component can the GRE tunnel source and destination
generate automatically?
A. pre-shared keys
B. crypto ACLs
C. QoS markings
D. policy maps
Answer: B
148
NO.454 Which statement about route summarization is true?

A. EIGRP can summarize routes at the classful network boundary
B. It can be disabled in RIP, RIPv2 and EIGRP
C. RIPv2 can summarize-routes beyond the classful network boundary
D. EIGRP and RIPv2 route summarize are configured with the ip summary-address command under
the route
process
Answer: A
NO.455 How can you configure Wireshark captures to help you troubleshoot output drops on your
network?
A. File the captures to show TCP errors
B. Reduce the time axis to subsecond intervals
C. Collect traffic that is both entering and leaving the affected subnet
D. Collect traffic only when output exceeds the interface rate
Answer: C
NO.456 In a Cisco ACL environment .which option best describes "contracts"?

A. named group of related endpoints
B. a set of interaction rules between endpoint groups
C. to determine endpoint group membership status
D. a layer 3 forwarding domain
Answer: B
NO.457 when EIGRP Auto-summary is enable, what does Auto Summarization do in EIGRP?
A. Summarizes networks from different network boundaries crossing the same major boundary
B. Summarizes networks from same network boundaries
C. Summarizes all network boundaries
D. Summarizes networks from different network boundaries Crossing the different major boundary
Answer: D
NO.458 Which two statements about VRF-lite are true? (Choose two)
A. An isolated VRF routing table is created for each VRF
B. A single customer VRF can support overlapping IP addresses
C. Multiple ISP customers can be supported on one customer edge device.
D. Two or more VRFs can be assigned to a single Layer 3 interface
E. At least one physical interface must be configured to enable a VRF
Answer: A,B
NO.459 Which option describes how the IP address is assigned when you configure a Layer 3
EtherChannel interface?
A. You must assign the IP address to the tunnel interface.
149
B. The last IP address added to the EtherChannel is used

automatically.
C. You must assign the IP address to a port channel logical
interface.
D. The first IP address added to the EtherChannel is used
automatically.
Answer: C
NO.460 Which three configuration settings must match for switches to be in the same MST region?
(Choose threE.
A. VLAN names
B. password
C. revision number
D. VLAN-to-instance assignment
E. region name
F. domain name
Answer: C,D,E
NO.461 Refer to the exhibit,

enable secret cisco
username cisco1 password 0 cisco1
aaa new-model
aaa authentication enable default group radius enable
aaa authentication login default group radius line
radius-server host 192.168.1.1 auth-port 1812 acct-port 1646
radius-server key cisco4
line con 0
password cisco2
line vty 0 4
password cisco3
If the RADIUS server is inaccessible, which password can the user enter to access user mode during a
Telnet session?
A. cisco2
B. cisco4
C. cisco
D. cisco3
E. cisco1
Answer: D
NO.462 Which three fields are present in the IPv6 header? (Choose threE.
A. Next Header
B. Traffic Class
C. Options
D. Time to Live
150
E. Flags
F. Flow Label
Answer: A,B,F
NO.463 Which statement is true about LLDP?

A. LLDP provides VTP support.
B. LLDP does not use a multicast address to communicate.
C. LLDP can indicate only the duplex setting of a link, and not the speed capabilities.
D. LLDP does not support native VLAN indication.
Answer: D
NO.464 Which two options are pruposes of MSDP SA filtering?(Choose two)

A. to improve the scalability of an MSDP multicast environment
B. to reduce the number of multicast addresses that are distributed to other devices in the same
multicast domain
C. to allow all SA messages to be processed by MSDP peers
D. to reduce the number of multicast addresses that are shared to MSDP peers
E. to allow the filtering of IGMP messages between peers
F. to allow the filtering of PIM messages between peers
Answer: A,D
NO.465 What does the DIS on a LAN periodically transmit in multicast to ensure that the.IS-IS link-
state Database is accurate?
A. ISH
B. CSNP
C. IIH
D. PSNP
E. LIP
Answer: B
151
After you configure the given IP SLA on a Cisco router, you note that the device is unable to failover
to the backup route even when pings to 10.12.34.5 fail. What action can you take to correct the
problem?
A. Change the ip route 0.0.0.0.0.0.0.0 192.168.1.153 200 command to ip route
0.0.0.0.0.0.0.0
192.168.1.153 12.
B. Change the ipsla schedule 12 life forever start-time now command to ipsla schedule 12 life
forever start- time 00:12:00.
C. The track 12 ipsla 12 state command to track 12 ipsla 12 reachability.
D. Change the frequency 2 command to frecuency 12.
Answer: C
NO.467 Which two conditions can cause unicast flooding? (Choose two)
A. RIB table overflow
B. Forwarding table overflow
C. Symmetric routing
D. Multiple MAC addresses in the Layer 2 forwarding table
E. Recurring TCNs
Answer: B,E
NO.468 For what reason might you choose to use an SVTI interface instead of a crypto map on a
tunnel interface?
A. SVTIs support dynamic routing protocols without GRE headers.
B. SVTIs can support multiple IPSec SAs.
C. SVTIs can carry non-IP traffic.
D. SVTIs support CEF-switched traffic shaping.
Answer: A
NO.469 Which two statements about 6to4 tunnels are true? (Choose two.)
A. They support point-to-point multipoint traffic.
B. They encapsulate IPv6 packets, which allow the packets to travel over Ipv4 infrastructure.
C. They support point-to-point traffic.
D. The support OSPF and EIGRP traffic.
E. They generate an IPv6 prefix using a common IPv4 address.
F. They allow IPv4 packets to travel over Ipv6 infrastructure without modification.
Answer: A,B
152
What are two effects of the given configuration?(Choose two)

A. The router will fail to form neighbor adjacencies over all EIGRP interfaces except F0/0
B. The router will fail to form neighbor adjacencies over interface F0/0
C. The router will advertise the 192.168.12.0/27 network
D. The router will manuallu summarize the 192.168.12.0/27 network
E. Auto-summarization will be enabled on the F0/0 interface
Answer: B,C
NO.471 When you deploy DMVPN,what is the purpose of the command crypto isakmp key ciscotest
address 0.0.0.0 0.0.0.0?
A. It is configured on the hub and spoke routers to establish peering.
B. It is configured on the hub to sent the pre-shared key for the spoke routers
C. It is configured on the Internet PE routers to allow traffic to traverse the ISP core
D. It is configured on the spokes to indicate the hub router.
Answer: B
NO.472
Refer to the exhibit Which IPv6 OSPF network type is applied to interface Fa0/0 of R2 by default ?
A.broadcast
B.Ethernet
C.multipoint
D.point-to-point
Answer: A
NO.473 Which two statements about cisco Express Forwarding are time? (Choose two)
153
A. Adjacency tables and Cisco Express Forwarding tables require packet switching.
B. Cisco Express Forwarding tables contain forwarding information on and adjacency tables contain
reachability information.
C. Adjacency tables and Cisco Express forwarding tables can be separately.
D. Changing MAC header rewrite strings requires cache validation.
E. Cisco Express Forwarding tables contain reach ability information and adjacency tables contain
forwarding information.
Answer: C,E
NO.474 Which three features require Cisco Express Forwarding? (Choose three.)
A. NBAR
B. AutoQoS
C. fragmentation
D. MPLS
E. UplinkFast
F. BackboneFast
Answer: A,B,D
If R1 uses EIGRP to learn route 192.168.10.0/24 from R2, which interface on R1 uses split horizon for
route 192.168.10.0/24?
A. Se0/0
B. Fa0/0
C. Se1/0
D. Fa0/1
Answer: B
NO.476 If you configure EIGRP redistribution on a router without specifying metric values.how the
router respond?
A. It assigns the lowest possible metrics
B. It uses K Values to assign new metrics
C. It uses the originating protocol metrics
D. It fails to enter redistributed routes into the route table
154
Answer: D
NO.477 DRAG DROP
Answer:
NO.478 Which description of Infrastructure as a Service is true?

A. a cloud service that delivers on-demand resources like networking and storage.
B. a cloud service that delivers on-demand internet connection between sites
C. a cloud service that delivers on-demand software services on a subscription
D. a cloud service that delivers on-demand internet connection between sites
Answer: A
NO.479 which two options are valid IPv6 extension header types?(choose two)
A. Flow Label
B. Version
C. Encapsulating security Payload
D. Mobility
E. Traffic Class
Answer: C,D
NO.480 Refer To the exhibit.
When pockets are transmitted from r1 to r2, where are they encrypted?
A. on the EO/0 interface on R1
B. on the outside interface
C. in the forwarding engine
155
D. in the tunnel
E. within the crypto map
F. on the EO/1 interface on R2
Answer: A
NO.481 DRAG DROP

Select and Place:
Answer:
156
NO.482 If running an OSPF process without the capability vrf-lite command in a VRF, which value
does the router
additionally check on an OSPF Type 3 LSA?
A. the tag
B. the Max Age timer
C. the prefix length
D. the DN bit
Answer: D
NO.483
Refer to the exhibit. If R1 contacts the RADIUS server but is unable to find the user name in the server
database, how will R1 respond?
A. It will attempt to authenticate the user against the local database
B. It will attempt to contact the TACACS+ server
C. It will prompt the user to enter a new username
D. It will deny the user access
Answer: A
If R1 and R2 are on the same network, what is the effect on the network when you apply the given
configuration to R 1 and R2?
A. A symmetric routing occurs because the bandwidth and delay K value settings are mismatched.
B. The interface bandv.4dlh and delay settings adjust automatically to match the new metric
settings.
C. The neighbor adjacency between R1 and R2temporarily resets and then reestablishes itself.
157
D. R1 and R2 fail to form a neighbor adjacency.

Answer: D
NO.485 How are the Cisco Express Forwarding table and the FIB related to each other?
A. Cisco Express Forwarding use a FIB to make IP destination prefix-based switching decisions.
B. The FIB is used to population the Cisco Express Forwarding table.
C. There can be only FIB but multiple Cisco Express Forwarding tables on IOS devices.
D. The Cisco Express Forwarding table allows route lookups to be forwarding to be route processor
for processing before they are sent to the FIB
Answer: A
NO.486 What command can you enter to enable client autoconfiguration over an ISATAP tunnel?
A. tunnel mode ipv6ip isatap
B. no ipv6 nd ra suppress
C. ipv6 nd ra suppress
D. tunnel mode ipv6ip 6rd
Answer: B
NO.487 When is it useful to disable split horizon on an EIGRP interface?

A. Disable it when you want to provide additional backup paths in your network.
B. Disable it when you want to send routes that are learned from another routing protocol to peer on
the same interface.
C. Disable it when you need to send updates to peers on the interface on which the updates were
received.
D. It is never advisable to disable split horizon on an EIGRP interface.
Answer: C
NO.488 which value does IS-IS use for Partial Route Computation?
A. IPv4
B. change routes
C. multi area routes
D. variable-length subnets
Answer: B
NO.489 Which two statements about PfR are true?(Choose two)

A. It manages traffic classes
B. It provides a narrower scope of route control than OER
C. It provides intelligent route control on a per-application basis
D. It supports split tunneling and spoke-to-spoke links.
E. It always prefers the least cost path.
Answer: A,E
NO.490 Refer the exhibit.
158
What are two effects of the given configuration? (Choose two)

A. Sources for the 239.1.1.1 multicast stream will register with 172.1.1.1.
B. Multicast stream 244.1.1.1 will operate in sparse mode.
C. Multicast stream 244.1.1.1 will operate in dense mode.
D. It configures 172.1.1.1 as the Bidir - PIM rendezvous point.
E. Sources for the 224.1.1.1 multicast stream will register with 172.1.1.1.
F. It configures 172.1.1.1 as a sparse-mode rendezvous point.
Answer: A,D
NO.491 Which two operating mode does VPLS support?(Choose two)

A. transport mode
B. dynamic mode
C. strict mode
D. port mode
E. loose mode
F. VLAN mode
Answer: D,F
NO.492
Refer to the exhibit.Which configuration must you apply to a router so that it can generate a log
message in the given format?
A. service sequence-numbers
159
B service timestamps log datetime

B. service timestamps log uptime
C. service alignment logging
Answer: C
NO.493 Where must the spanning-tree timers be configured if they are not using the default timers?
A. Changing the default timers is not allowed
B. They must be on any non-root bridge
C. Timers must be modified manually in each switch
D. They must be on the root bridge
Answer: D
NO.494 Which type of traffic requires NAT Application Level Gateways?

A. Telnet
B. HTTP
C. IPsec
D. TFTP
Answer: D
NO.495 Which two conditions must be met before IS-IS Level 1 routers will become
adjacent?(choose two)
A. The router must share a common process ID
B. The routers must be in the same area
C. The routers must be configured with eh neighbor command
D. The router must be in different areas
E. The routers must share a common network segment
F. The routers must share a common Autonomous System Number
Answer: B,E
NO.496 Which three technologies can be used to implement redundancy for IPv6? (Choose threE.
A. IPv6 NA
B. NHRP
C. HSRP
D. DVMRP
E. GLBP
F. IPv6 RA
Answer: C,E,F
NO.497 DRAG DROP

Drag and drop each IS-IS router type from the left onto the best matching OSPF router type on the
right.
Select and Place:
160
Answer:
After you apply the given configurations to R1 and R2.which networks does R2 advertise to R1?
A. both 172 16.32.0/20 and 172 16.33.0/24
B. 172.16.32.0/20 only
C. 172.16.0.0/16 only
D. 172.16.33.0/24 only
Answer: C
161
NO.499 Which two operating modes does VPLS support? (Choose two)
A. Transport mode
B. Loose mode
C. VLAN mode
D. Strict mode
E. Port mode
F. Dynamic mode
Answer: C,E
NO.500 Which statement about Cisco Express Forwarding is true

A. The FIB tables resides on the route processor and the adjacency table resides on the line cards
when Cisco Express Forwarding is enabled.
B. Layer 2 next-hop address information is maintained in the adjacency table.
C. The FIB table and the adjacency table reside on the line cards when Cisco Express Forwarding is
enabled.
D. Layer 2 next-hop address information is maintained in the FIB table.
Answer: A
NO.501 What is the cause of ignores and overruns on an interface, when the overall traffic rate of
the interface is low?
A. a hardware failure of the interface
B. a software bug
C. a bad cable
D. microbursts of traffic
Answer: D
NO.502 Which two statements about DHCP operations are true? (Choose two)
A. When the DHCP relay agent receives a DHCP messages, If generates a new DHCP message to
transmit
B. The client uses option 125 in a DHCPDISCOVER message to discover the DHCP server
C. The DHCP server inserts option 150 when it sends a DHCPOFFER message
D. The client uses TTL to discover a DHCP server and obtain a leased IP address
E. The DHCP relay agent can insert option 82 with additional information about the client identity
Answer: B,E
NO.503 Which feature must be enabled to support IGMP snooping on a VLAN that is operating
without a multicast router?
A. PIM snooping
B. Auto-RP
C. The IGMP snooping querier
D. MLD
Answer: C
162
NO.504 When the BGP additional-paths feature is used, what allows a BGP speaker to differentiate
between the different available paths?
A. The remote BGP peer prepends its own next-hop address to the prefix.
B. A unique path identifier is encoded into a dedicated field to the NLRI.
C. A route distinguisher is appended to the prefix by the receiving BGP speaker.
D. The additional path information is encoded in an extended community.
Answer: B
NO.505 What mechanism should you choose to prevent unicast flooding?

A. Make sure that all end systems are connected to the network with a single physical connection.
B. Use control plane policing (CPP) to limit unicast flooding.
C. Configure the ARP cache timers to be longer than the switch forwarding cache (CAM) timers.
D. Configure the switch forwarding cache (CAM) timers to be longer than the ARP cache timers.
Answer: D
NO.506 Which 1ype of ACL can be applied only to Layer 2 ports?

A. Reflexive ACLs
B. VLAN ACLs
C. Standard ACLs
D. PortACLs
E. Dynamic ACLs
Answer: D
NO.507 Which two items must be confined to caputure packet data with the Embedded Packet
Caputure feature ? (Choose two)
A. the capture point
B. the capture buffer
C. the coputure file export location
D. the caputure filter
E. the capture rate
F. the buffer memory size
Answer: A,B
NO.508 Which two statements about PPP PAP are true? (Choose Two)
A. It can protect against playback attacks.
B. Login attempts are controlled by the remote node.
C. It is supported only on synchronous interface.
D. It requires two way authentication.
E. It is vulnerable to trial and error attacks.
Answer: B,E
NO.509 In a simple MPLS L3VPN. which two tasks are performed by a PE router?(Choose two)
163
A. It establishes pseudowires with other PEs

B. It exchanges VPNv4 or VPNv6 routes with CE devices
C. It assigns labels to routes in individual VPNs...
D. It forwards labeled packets to CE devices
E. It exchanges VPNv4 or VPNv6 routes with oth.er PE routers
Answer: C,E
NO.510 Which command sequence will configure an auto IP SLA scheduler that starts at 12:45AM on
January 1,
ends after 1hour of inactivity, and repeats every 3 hours for one week?
A. ip sla auto schedule Jan1 start-time 00:45 jan 1 frequency 360 life forever porbe-interval
43200
B. ip sla schedule Jan1 start-time 12:45 jan 1 frequency 60 life 10800 porbe-interval 43200
C. ip sla schedule Jan1 start-time 00:45 jan 1 frequency 360 life 10800 porbe-interval
10800
D. ip sla schedule Jan1 start-time 12:45 jan 1 ageout 360 life 604800 porbe-interval 43200
E. ip sla auto schedule Jan1 start-time 00:45 jan 1 ageout 360 life 604800 porbe-interval
10800
Answer: E
NO.511 In a simple MPLS L3VPN, which two tasks are performed by the PE router?
(Choose two.)
A. It establishes pseudo wires with other PEs.
B. It exchanges VPNv4 and VPNv6 routes with CE Devices.
C. It assigns labels to routes in individual VPNs.
D. It forwards labeled packets to CE devices.
E. It exchanges VPNv4 or VPNv6 route with other PE routers.
Answer: C,E
NO.512 Which technology uses MPLS to provide 1Pv6 connectivity o customers in the core network
without the need for dual stack?
A. 6to4
B. NAT64
C. NAT
D. SPE
Answer: D
NO.513 which feature can be used to allow hosts with routes in the global routing table to access
hosts in a VRF?
A. route target communities
B. address families
C. route leaking
D. extended communities
164
Answer: C
If router R1 sends traffic marked with IP precedence 3 to R2's Loopback 0 address, which class would
the traffic match on R2's Gi1/0 interface?
A. CM-CLASS-3
B. class-default
C. CM-CLASS-2
D. CM-CLASS-1
Answer: B
NO.515 which two statements about route redistribution default metrics are true?(choose two)
A. When IGP is redistributed into RIP, it has a default metric of 1
B. When IGP is redistributed into IS-IS, it has a default metric of 115
C. When IGP is redistributed into OSPF, it has a default metric of 110
D. When EIGRP is redistributed into OSPF as E2, it has a default metric of 20
E. When BGP is redistributed into OSPF, it has a default metric of 1
Answer: D,E
165
Edge 1 and Edge 2 are running OTV across the transport Network. When an Ethernet frame destined
for MAC address BB arrives at Edge 1, how is the frame encapsulated?
A. Edge 1 encapsulates the frame in an OTV packet after removing the layer 2 preamble and FCS
B. Edge 1 encapsulates the frame in an OTV packet preserving the layer 2 preamble and FCS
C. Edge 1 encapsulates the frame in an OTV packet after recalculating the FCS
D. Edge 1 encapsulates the frame in an OTV after updating the layer 2 preamble with Edge2's MAC
address
Answer: B
NO.517 How is a targeted LDP session different from a standard LOP session?
A. Targeted LDP is used only for neighbors on different segments.
B. Targeted LDP requires SDP to be enabled.
C. Targeted LDP requires RSVP to be enabled.
D. Targeted LDP uses unicast hello messages to peer with other devices
Answer: C
NO.518 Which two statements about OSPF route filtering are true? (Choose two)
A. It can be based on the source router ID.
B. It can be based on the external route tag.
C. It affects LSA flooding.
D. It can be based on the as-path.
E. It can be based on distance-
Answer: A,B
NO.519 Which statement about EIGRP request packets is true?

A. They determine whether a destination is reachable
B. They are transmitted unreliably
C. They are transmitted via broadcast
D. They are sent in response to queries
Answer: B
166
Routers A and B are the edge devices at two different sites such as shown.
'The two edge devices use public addresses on their WAN interfaces and the both sites use RFC
1918 for all other addresses. If routers A and B have established an IP sec tunnel, which statement
about the network environment must be true?
A. Router A1 and router 81 are using NAT translation to allow private-address traffic to traverse
the tunnel.
B. Router A and router Bare using BGP to share routes between the two sites
C. The tunnel terminates on the ISP routes
D. Each site is capable of routing private addressing over the IPsec tunnel
Answer: D
NO.521 When you implement the EIGRPadd-paths feature, which configuration can cause routing
issues on a
DMVPN circuit?
A. disabling the default variance under the EIGRPprocess
B. enable synchronization under the EIGRPprocess
C. disabling ECMP mode under the EIGRPprocess
D. disabling automatic summarization
E. disabling NHRPwhen deploying EIGRPover DMVPN
F. enabling next-hop-self under the EIGRPprocess
Answer: A
NO.522 Which two options are parts of an EEM policy? (Choose two.)
A. event register
167
B. body
C. environment must defines
D. namespace import
E. entry status
F. exit status
Answer: A,B
NO.523 DRAG DROP

Drag and drop each multicast protocol from the left onto the matching description on the right.
Select and Place:
Answer:
168
NO.524 DRAG DROP

Drag each NTP command on the left to its effect on the right.
Answer:
169
Which two options are two benefits of this configuration? (Choose two)
A. increased security
B. redundancy
C. reduced jitter
D. reduced latency
E. load sharing
Answer: B,E
NO.526 Which two statements about the Add path support in EIGRP feature are true ? (Choose two)
A. The next-hop-self command should be disabled to prevent interference with the add- paths
command
B. It uses the variance command to alter the metrics of routes
C. It is supported with both DMVPN and GETVPN
D. It is supported in both classic EIGRP and EIGRP named mode configurations
E. It allows a DMVPN hub to advertise as many as five best paths
Answer: A,E
Which is the effect of the given configuration?

A. The router stops SNMP logging.
B. The router logs messages only to the console.
C. The router stops logging messages to the syslog server only.
D. The router log message only to the buffer.
Answer: C
NO.528 Which technology must be enabled on an interface before L2TPv3 can operate correctly?
170
A. OSPF
B. MPLS
C. CEF
D. STP
Answer: C
NO.529 Which two statements about OSPFv3 are true? (Choose two.)
A. lt supports the use of a cluster ID for loop prevention.
B. It supports unicast address families for IPv6 only.
C. lt supports unicast address families for 1Pv4 and 1Pv6
D. lt supports only one address family per instance.
E. It supports multicast address families for 1Pv4
F. lt supports multicast address families for 1Pv6
Answer: C,D
NO.530 Which two statements about the BGP community attribute are true?(Choose two.)
A. Routers send the community attribute to all BGP neighbors automatically.
B. A router can change a received community attribute before advertising it to peers.
C. It is a well-known, discretionary BGP attribute.
D. It is an optional transitive BGP attribute.
E. A prefix can support only one community attribute.
Answer: B,D
NO.531 According to the networking best practices .which network device should be used for
optimization and rate limiting?
A. the provider core device
B. the provider edge device
C. the customer core device
D. the coustomer edge device
Answer: D
NO.532 DRAG DROP

Drag and drop the NETCONF layers on the left onto their appropriate description on the left.
Answer:
171
What are two effects of the given configuration?(Choose two)

A. Source for the 224.1.1.1 multicast stream will register with 172.1.1.1.
B. It configures 172.1.1.1 as a spare-mode rendezvous point.
C. Multicast stream 224.1.1.1 will operate in spare mode.
D. It configures 172.1.1.1 as the Bidir-PIM rendezvous point.
E. Multicast stream 224.1.1.1 will operate in dense mode.
F. Sources for the 239.1.1.1 multicast stream will register with 172.1.1.1.
Answer: D,F
When R2 attempted to copy a file the TFTP server, it received this error messagE. When action can
172
you take to correct the problem?

A. configure the ip tftp source-interface FaO/1 command on R2
B. configure the ip tftp source-interface FaO/1 command on R1
C. configure the ip tftp source-interface LoopbackO command on R2
D. configure the ip tftp source-interface LoopbackO command on RI
E. Change the access-list configuration on R1 to access-list 1 permit 172.16.1.0 0.0.0.255.
Answer: C
Which statement about the R3 network environment is true?

A. 172.1.20.0/24 has an administrative distance of 20
B. The administrative distance for 172.16.X.X addresses is 110
C. OSPF external routes are preferred over OSPF internal routes
D. RIP, OSPF and IS-IS are running
Answer: C
173
Which two options are effects of the given configuration? (Choose two)
A. It enables Cisco Express Forwarding on interface FastEthernetO/0
B. It sets the data export destination to 209.165.200.227 on UDP port 49152
C. It enables NetFlow switching on interface FastEthernetO/0
D. It configures the export process to include the BGP peer AS of the router gathering the data.
E. It sets the data export destination to 209.165.200.227 on TCP port 49152.
Answer: B,C
NO.537 which two statement about EIGRPload balancing are true?(choose two)
A. EIGRPsupports unequal-cost paths by default
B. Any path in the EIGRPtopology table can be used for unequal-cost load balancing
C. EIGRPsupports 6 unequal-cost paths
D. Cisco Express Forwarding is required to load-balance across interfaces
E. A path can be used for load balancing only if it is a feasible successor
Answer: C,E
NO.538 which three types of traffic are protected when you implement IPsec within an IPv6-in-IPv4
tunnel?(choose three)
A. IPv6 multicast traffic
B. IPv6 link-local traffic
C. IPv6 unicast traffic
D. IPv6 broadcast traffic
E. IPv4 broadcast traffic
F. IPv4 tunnel control traffic
Answer: A,B,C
NO.539 DRAG DROP

Drag and Drop each statement about routing protocols from the left onto the correct routing
protocol on the light
174
Answer:
NO.540 DRAG DROP

Drag each OSPFv2 a meter on the left to its corresponding description on the right?
175
Answer:
176
After you apply the given configurations to R1 and R2, which network does R2 advertise to R1?
A. 172.16.0.0 /16 only
B. Both 172.16.32.0/20 and 172.16.33.0/24
C. 172.16.32.0/20 only
D. 172.16.33.0/24 only
Answer: A
NO.542 DRAG DROP

Drag and Drop
Answer:
177

interface ethernet 0/0
ip policy route-map PBR
route-map PBR
match ip address 144
set ip next-hop 172.16.12.5
set ip next-hop recursive 192.168.3.2
Which statement correctly describes how a router with this configuration treats packets that matches
access-list 144 if it does not know a path to 172.16.12.5, and does not know a path 192.168.3.2?
A. It send an ICMP source quench message.
B. It drops the packet immediately.
C. It routes the packet into a loop and drops it when the TTL reaches zero.
D. It routes the packet based on the packet's destination using the routing table.
Answer: D
Which two statements about this CoS mapping are true? (Choose two.)
A. It maps the first queue and first threshold to CoS2 and CoS3 .
B. It maps the second queue and first threshold to CoS 2.
C. It maps the second queue and first threshold to CoS 3.
D. It maps CoS values to the transmit queue threshold.
E. It maps the second threshold to CoS 2 and CoS 3.
Answer: D,E
178
Which router on the given network generate the IS-IS pseudonode?

A. R1
B. R3
C. R4
D. R2
Answer: A
NO.546 R2#router ospf 1

router-id 10.2.2.2
log-adjacency changes
network 192.168.19.0 0.0.0.255 area 0
R2#show ip ospf
Routing Process "ospf 1" with ID 10.1.1.1
Start time: 00:00:32.552, Time elapsed: 00:03:00.996
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 5000 msecs
Refer to the exhibit. After you applied a new configuration to router R2, you executed the show ip
ospf
command and noticed that the new router ID was missing. Which two actions can you take to resolve
the problem?
A. Reload the router
B. Wait for the hello-interval to elapse
C. Issue the clear ip route command
179
D. Issue the clear ip ospf command

E. Execute a shutdown followed by a no shutdown on the OSRF interfaces
F. Wait for the dead-interval to elapse
Answer: A,D
NO.547 Which two statements about route redistribution default metrics are true?(Choose two)
A. When an IGP is redistributed into OSPF,it has a default metric of 110.
B. When an IGP is redistributed into RIP,it has a default metric of 1.
C. When BGP is redistributed into OSPF,it has a default metric of 1.
D. When an IGP is redistributed into IS-IS,it has a default metric of 115.
E. When EIGRP is redistributed into OSPF as E2,it has a default metric of 20.
Answer: C,E
NO.548 ipv6 nd raguard policy TST-RAGUARD

device-role host
int gig0/1
switchport access vlan 100
ipv6 nd raguard attach-policy TST-RAGUARD
Refer to the exhibit. What is the effect of the given configuration?
A. The port rejects inbound router advertisements and router redirect messages
B. The port allows and inspects inbound NDP messages
C. The port blocks inbound tunneled Ipv6 traffic
D. If the Ipv6 RA Guard feature is enabled on VLAN 100, it takes precedence over port- level policy
E. The Ipv6 RA Guard feature is disabled on VLAN 100
Answer: A
Which IPv6 migration method is in use on this network ?

A. 6to4 tunnel
B. NAT-PT
C. ISATAP tunnel
D. dual stack
Answer: B
NO.550 which action must you take to configure encryption for a dynamic VPN ?
A. Configure an FQDN identity in the crypto key string.
B. Configure an FQDN on the router.
C. Configure an FQDN peer in the crypto profile.
D. Configure an FQDN in the crypto key string.
180
Answer: A
NO.551 what are two message types that are filtered by an IPv4 multicast boundary?(choose two)
A. PIM hello messages to 224.0.0.13
B. PIM Prune messages
C. PIM hello messages on the local segment
D. PIM Register messages
E. PIM Join messages
F. link-local message
Answer: A,B
NO.552 Which two hashing algorithms can be used when configuring SNMPv3? (Choose two)
A. MD5
B. SHA-1
C. Blowfish
D. DES
E. AES
F. SSL
Answer: A,B
NO.553 How is the MRU for a multilink bundle determined?

A. It is negotiated by LCP.
B. It is manually configured on the multilink bundle.
C. It is manually configured on all physical interfaces of a multilink bundle.
D. It is negotiated by NCP.
E. It is negotiated by IPCP.
Answer: A
NO.554 In an MPLS-VPN environment, what is the effect of configuration an identical set of route
targets for a particular VRF but then configuration a nonidentical RD across multiple PE devices?
A. The routes are not sent to any remote PE with different RD.
B. The routes are directly managed by the control plane, but there are instances where routes take
up twice as much memory.
C. The routes are rejected by the remote PE because they have a different RD than its routes.
D. The routes propagate to the remote PE, but the PE never installs the, in its forwarding table.
Answer: D
NO.555 DRAG DROP

Drag and drop the BGP attribute on the left to the correct category on the right. Not all options will
be used.
181
Answer:

You are configuring Router 1 and Routef2 for L2TPv3 tunneling.Which
two additional configurations are required to enable Router 1 and Routei'2 to establish the
tuimel?(choose two)
A. Cisco Express Forwarding must be disabled on Router1
182
B. Loopback 0 on Router1 must be advertised to Router2

C. Cisco Discovery Protocol must be enabled on interface Fast Ethernet1/0 on Router1
D. An IP address must be configured on interface FastEthernet1/0 on Router1
E. Router1 must be configured to encapsulate traffic by using L2TPv3 under the pseudowire-class
R1toR2.
Answer: B,E
Which three statements correctly describe the route reflectors behavior? (Choose three )
A. The route reflector will reflect routes from R1 to R2
B. The route reflector will not reflect routes from R1 to R2
C. The route reflector will reflect routes from R1 to R3
D. The route reflector will not reflect routes from R1 to R3
E. The route reflector will reflect routes from R3 to R1
F. The route reflector will not reflect routes from R3 to R1
Answer: A,C,E
After you configured DHCP snooping to block a rouge DHCP server from
assigning IP addresses to devices on your network you notice that all ports on the switch are still
trusted. Which action can you take to correct the problem?
183
A. Disable DHCP snooping on all VLANs

B. Disable DHCP snooping on VLAN 1 only
C. Remove the ipdhcp snooping trust command from all interface on the switch except the interface
that connects to the company DHCP server
D. Configure the ipdhcp snooping rate limited command to rate-limit the interface that connects
to the rouge DHCP server
Answer: D
NO.559 Which action does route poising take that serves as a loop-prevention method?
A. It prohibits a router from advertising back onto the interface from which it was learned.
B. It immediately sends routing updates with an unreachable metric to all devices.
C. It poisons the route by tagging it uniquely within the network.
D. It advertises a route with an unreachable metric back onto the interface from which it was
learned.
Answer: B

R1#sh ip eigrp top all
IP-EIGRP Topology Table for AS (192.168.13.1)
Codes: P - Passive, A - Active, U - Update, Q- Query, R - Reply,
r - reply Status, s - sia Status
P 10.0.0.0/8, 1 successors, FD is 3586560, serno 8
via 192.168.1.5 (3586560/3074560), Serial0/0
via 192.168.13.3 (409600/128256), FastEthernet0/1
Which statements about the 192.168.100.0/24 destination network is true?
A. Paths via 192.168.13.3 and 192.168.12.2 will be installed into the route table and load balanced
proportionally
B. The path through 192.168.12.2 is the feasible Successor route and will be automatically installed
into the
route table if the path through 192.168.13.3 goes down
C. The destination network is unable to determine a valid Feasible Successor because the Feasibility
Condition is unmet
D. The path through 192.168.13.3 is the Feasible Successor route and will be automatically installed
into the
route table if the path through 192.168.12.2 goes down
Answer: C
NO.561 Which three parameters must match to establish OSPF neighbor adjacency? (Choose three.)
A. the process ID
B. the hello interval
C. the subnet mask
D. authentication
184
E. the router ID
F. the OSPF interface priority
Answer: B,C,D
NO.562 Which two statements about the default SNMP configuration are true? (Choose two)
A. All SNMP notification types are sent
B. The SNMP trap receiver is congigured
C. SNMPv3 is the default version
D. The SNMP agent is enabled.
E. SNMPv1 is the default version.
Answer: A,E
NO.563 What are the two EEM event subscribers? (Choose two)
A. applet
B. script
C. syslog
D. CLI
E. none
Answer: A,B
Which data format is used in this REST API call?

A. XML
B. BASH
C. JSON
D. HTML
E. HTMLv5
Answer: C
NO.565 On a network with multiple VLANs, which three tasks must you perform to configure IP
source guard on
185
VLAN 50 only?(choose three)

A. Configure the ip dhcp snooping vlan 50 command on the interface
B. Configure the ip dhcp snooping vlan 50 command globally
C. Configure the ip dhcp snooping command on the interface
D. Configure the ip verify source command globally
E. Configure the ip dhcp snooping command global
F. Configure the ip verify source command on the interface
Answer: B,E,F
NO.566 You need to modify the IOS L3switch configuration for High Availability operation. What
additional configuration is needed, if any?
A. Modify the configuration to use VRRP, which has additional functionally that works better for High
Availability.
B. Enable HSRP preempt with a delay to allow time for he routing and switching protocols to
converge.
C. Enable HSRP preempt to force the primary L3 switch to resume th master role after a failure.
D. The shown configuration is sufficient for High functionally.
Answer: B
NO.567 How does MSTP maintain compatibility with RSTP?

A. The system ID of an RSTP BPDU is padded with extra bytes to match the format of an MSTP BPDU.
B. MSTP sends all spanning-tree information in one BPDU
C. RSTP encodes region information from an MSTP BPDU into a single instance.
D. MSTP supports five port states in the same way as RSTP.
E. RSTP implements a TTL that is compatible with the MSTP max age timer.
Answer: A
NO.568 What are the two BFD modes? "(Choose two)

A. active
B. asynchronous
C. passive
D. established
E. demand
F. synchronous
Answer: B,E
NO.569 N NO: 218

Which feature can mitigate hung management sessions?
A. Control Plane Policing
B. the service tcp-keepalives-in and service tcp-keepalives-out commands
C. the service tcp-small servers command
D. vty line ACLs
Answer: B
186
NO.570 Which two statements about AT0M are true? (Choose two)
A. When using AToM, the IP precedence field is not copied to the MPLS packet
B. It provides support for L2VPN features on ATM interfaces
C. It encapsulates Layer 2 frames at the egress PE
D. AToM supports connecting different L2 technologies using internetworking option
E. The loopback address of the PE router must be either /24 or /32
Answer: A,D
When R2 attempted to copy a file from the TFTP server, it received this error message.
A. Configure the iptftp source-interface Loopback0 command on R1.
B. Configure the iptftp source-interface Loopback0 command on R2.
C. Configure the iptftp source-interface Fa0/1 command on R2.
D. Change the access-list configuration on R1 to access-list 1 permit 172.16.1.0 0.0.0.255
E. Configure the iptftp source-interface Fa0/1 command on R1.
Answer: B
NO.572 Your NetFlow collector is not working due to a large amount of traffic entering your network
which is destined to a single IP address. Which NetFlow feature allows you to collect the top source
hosts for this traffic on the local router?
A. NetFlow can export flows only to.a external flow collector
187
B. ip flow-top-talkers
C. ip accounting
D. show ip cache flow
Answer: B
NO.573 What is the reason to send EIGRP SIA reply to a peer?

A. to respond to an SIA query that the router is still waiting on replies from its peers
B. to respond to a reply reporting that the prefix has gone stuck-in-active
C. to respond to a query reporting that the prefix has gone stuck-in-active
D. to respond to an SIA query with the alternative path requested
Answer: A
NO.574 R1
interface Loopback0
ip address 172.16.1.1 255.255.255.255
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
router eigrp 100
no auto-summary
redistribute connected metric 10000 1 255 1 1500
router ospf1
redistribute eigrp 100
network 192.168.12.0 0.0.0.255 area 0
R2
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
router ospf1
network 192.168.12.0 0.0.0.255 area 0
Refer to the exhibit. While troubleshooting a connectivity issue between R1 and R2, you determine
that R1's
Loopback0 network is missing from R2's route table. What is this likely cause the problem>
A. The router is configured to redistribute only broadcast networks
B. The router can redistribute only point-to-point networks
C. The route is excluding the Loopback0 interface fro redistribute because it si redistributing other
OSPF
interface
D. The subnets keywords is missing from the redistribute eigrp command on R1
Answer: D
NO.575 Which type of packet is sent by an HSRP router to advertise the virtual IP address?
A. Gratuitous ARP
B. ARP Request
C. HSRP Hello
D. HSRP Coup
188
Answer: A
NO.576 What are two ways DHCPv6 guard can mitigate man-in-the-middle attacks?
A. An interface in the server device role can use ACLs to filter authorized servers.
B. An interface in the server device role can drop all DHCPv6 server messages.
C. An interface in the client device role can use ACLs to filter authorized servers.
D. An interface in the server device role can use prefix-lists to filter authorized DCHP reply messages.
E. An interface in the client device role blocks all DCHPv6 server messages by default.
Answer: C,E
NO.577 Which is the maximum number of classes that MQC can support in a single policy map ?
A. 512
B. 256
C. 128
D. 64
Answer: B
NO.578 Which attribute is not part of the BGP extended ecommunity when a PE creates a.VPN- IPv4
route while running OSPF between PE-CE?
A. MED
B. OSPF network type
C. OSPF domain identifier
D. OSPF route type
E. OSPF router id
Answer: B
NO.579
Refer to the exhibit.Which two statements are true regarding prefix 10.1.0.0/24?(Choose two)
189
A. The prfix is in policyand Cisco PfR rerouted the.traffic' via 10.4.5.3 Et0/1 because of an OOP event
B. The prfix is in policyand Cisco PfR did not reroute the traffic via 10.4.5.3 Et0/1 because the traffic
was previously in policy
C. Cisco PfR is monitoring the prefix via active throughput IP SLA proble mode only
D. Cisco PfR is monitoring the pr fix via monitorwhich provides both NetFlow and IP SLA
measurements /
E. Cisco PfR is monitoring the prefix via passive NetFlow mode only
Answer: B,D
NO.580 Which two options are two problems that Bridge Assurance can protect against ? (Choose
two)
A. The forwarding of data traffic, after the spanning tree algorithm is stopped
B. BPDU flooding
C. Ports being put into a root-inconsistent state
D. Show convergence time after a topology change
E. Unidirectional link failures
Answer: C,E
NO.581 Which two route types are allowed to exit an EIGRP stub? (Choose two)
A. Host
B. Connected
C. Default
D. Static
E. Summary
Answer: B,E
NO.582 What is one requirement to support the IGMP proxy feature?

A. Devices on the unidirectional link must be in the same IP subnet.
B. Devices connected to a unidirectional link must disable Internet access.
C. IGMP snooping must be disabled.
D. PIM-DM must be enabled on all unidirectional links.
Answer: A
NO.583 Refer to the exhibit ,
while Reviewing a log file on a router with this NTP configuration ,you note that the log entries of the
router display a different time than the NTP timE.which action can u take to correct the
190
problem?
A. add the local time keyword to the service timestamps log datetime statement.
B. add the msec keyword to the service time stamps log datetime statement
C. add the statement ntp broadcast to the ntp configuration of the neighboring router
D. configure the router to be the NTP master
E. Remove the datetime keyword from the service time stamps log datetime statement.
Answer: A
NO.584 Which statement about the default QoS configuration on a.Cisco switch is true?
A. AII traffic is sent through four egress queues
B. Port trust is enabled
C. The Port CoS value is 0
D. The CoS value of each tagged packet is modified
Answer: C
NO.585 Which option is the common primary use case for tools such as Puppet.Chef.Ansible.and
Salt?
A. network function visualization
B. network orchestration
C. Configuration management
D. Policy assurance
Answer: C
NO.586 Which IPv6 tunneling mechanism requires a service provider to nude one of its own native
IPv6 blocks to guarantee that its IPv6 hosts will be reachable?
A. 6rd tunneling
B. Automatic 6to4 tunneling
C. manual ipv6ip tunneling
D. NAT-PT tunneling
E. Automatic 4to6 tunneling
F. ISATAP tunneling
Answer: F
NO.587
Refer to the exhibit. Which two effects of this configuration are true?(choose two)
A. The priority queue is disabled
B. Queue 1 is allocated 4 percent of the availabel bandwdith and queue 2 is allocated 2 percent of
the available bandwidth
C. Queue 1 is a priority queue that is allocated 1/3 of theailable bandwidth
D. Queue 1 is served twice as fast as queue 2
191
E. Queue 1 is .a priority queue that is allocated 2/3 of the available bandwidth

F. Queue 2 is served twice as fast as queue 1
Answer: A,D
NO.588 Which two solutions can reduce UDP latency? (Choose two)
A. low-latency queuing
B. congestion-avoidance algorithm
C. fast retransmission
D. IP service level agreements
E. fast start
F. fast recovery
Answer: A,D
NO.589 Which statement about WAN Ethernet Services is true?

A. UNIs can perform service multiplexing and all-in-one bundling
B. Point-to-point processing and encapsulation are performed on the customer network.
C. Ethernet multipoint service function as a multipoint-to-multipoint VLAN-based connection
D. Rate-limiting can be configured per EVC.
Answer: D
NO.590 Which options is the implicit access rule for IPv6 ACLs?
A. permit all
B permit neighbor discovery, deny everything else
B. deny all
C. permit all ICMP, deny everything else
Answer: B
NO.591 DRAG DROP

Drag each routing protocol on the left to the matching statement on the right.
Answer:
192
NO.592 Refer to exhibit:
Which two statements about the output are true? (Choose two.)
A. 802.1D spanning tree is being used.
B. Setting the priority of this switch to 0 for VLAN 1 would cause it to become the new root.
C. The hello, max-age, and forward delay timers are not set to their default values.
D. Spanning-tree PortFast is enabled on GigabitEthernet1/1.
Answer: A,B
Explanation:
8 02.1D is the standard for Spanning tree, which is being used here. For priority, The priority order
starts from 0 (yes, 0 is valid) and then increases in 4096.
0 , 4096, 8192, 12288, .... Etc.
The lower the number is, the higher is the priority. Here we see that the current root has a priority of
8192, so configuring this with a priority of 0 will make it the new root.
NO.593 DRAG DROP

Drag and drop each step in the performance-monitoring configuration process on the left into the
correct order on the right.
193
Answer:
NO.594 Refer to the exhibit .
Which action can you take to prevent loops and suboptimal routing on this network?
A. Configure the rfc2328compatibility command under the Cisco IOS OSPF routing process only
B. Configure the rfc2328compatibility command under the Cisco IOS OSPF NX-OS routing process
only
C. Configure the ref1583compatibility command under the Cisco NX-OS OSPF routing process only
D. Configure the ref1583compatibility command under the Cisco IOS OSPF routing process only
E. Configure the rfc2328compatibility command Cisco IOS and NX-OS OSPF routing processes
F. Configure the rfc2328compatibility command under the Cisco IOS and NX-OS OSPF routing
Answer: C
NO.595 Which two protocols are used by the management plane?(choose two)
194
A. oSPF
B. bGP
C. DTP
D. telnet
E. ISSU
F. TFTP
Answer: D,F
NO.596 For which r ason can two QSPF neighbor routers on the same LAN segment be stuck in the.
Wvo-way state?
A. The two routers have different MTUs on the interface.
B. The two routers are configured with different priorities
C. The intefface priority is set to zero on both routers.
D. Both routers have the same OSPF router 10.
Answer: C
NO.597 Which IPv6 migration allows IPv4-only devices to communicate with IPv6-only devices?
A. ISATAP tunnel
B. GRE tunnel
C. Dual stack
D. NAT64
Answer: D
NO.598 Which two statements about static routing are true?(Choose two)
A. It is highly scalable as networks grow.
B. It provides better security than dynamic routing.
C. It reduces configuration errors.
D. It requires less bandwidcth and fewer CPU cycles than dynamic routing protocols.
E. It can be implemented more quickly than dynamic routing.
Answer: B,D
NO.599 DRAG DROP
Answer:
195
NO.600 Which action enables passive interfaces in RIPv6 (RIPng)?

A. Enable passive-interface for each interface under the routing process
B. Use "passive-interface default" under the routing process
C. Passive interface are not supported in RIPng
D. Enable passive-interface on interface configuration
Answer: C
NO.601 which IPv6 first hop security feature blocks traffic sourced form ipv6 address that are
outside the prefix gleaned from router advertised
A. IPv6 source guard
B. IPv6 DHCP guard
C. IPv6 RA guard
D. IPv6 prefix guard
Answer: D
NO.602 Which two statements about EIGRP acknowledgement packets are true?(choose two)
A. They are unicast
B. They are Hello packets sent without data
C. They can combine multiple packs in a single packet
D. They are multicast
E. They are broadcast
F. They are required for every request packet
Answer: A,B
NO.603 What is the default console authentication method on the Cisco routers ?
A. Local
B. EAPol
C. open
D. TACACS+
E. no authentication
F. RADIUS
Answer: E
196
NO.604 DRAG DROP

Drag and drop each STP po role on the le to the matching statement on the right.
Select and Place:
Answer:
What is the reason that the two devices failed to form an EIGRP neighbor relationship?
A. The K-values are valid.
B. The two devices have different key IDs.
C. The hold timers are mismatched.
197
D. The advanced MD5 digest do not match between the devices.

Answer: B
NO.606 When you implement PfR, which IP SLA probes is used to determine the MOS?
A. throughput
B. jitter
C. latency
D. packet loss
Answer: B
NO.607 Which command can you enter on a device so that unsolicited log messages appear on the
console after solicited log messages?
A. logging bufferd 4096
B. no logging console
C. logging synchronous
D. service timestamps log uptime
Answer: C
NO.608 What are the three required attributed in a BGP update message?
A. Aggregator
B. Community
C. Next_hop
D. Origin
E. Med
F. AS_PATH
Answer: C,D,F
NO.609 Which two BGP attributes are optional non-transitive attributes? (Choose two.)
A. Weight
B. MED
C. Local preference
D. Cluster list
E. AS path
Answer: B,D
NO.610 DRAG DROP

Drag and drop the MPLS term on the left to the function it performs on the right.
198
Answer:
NO.611 which three statements about the route preference of IS-IS are true?(choose two)
A. An L1 path is preferred over an L2 path
B. Within each level, a path that supports optional metric is preferred over a path that supports only
the default metric
C. The Cisco IS-IS implementation usually performs equal cost path load balancing on up to eight
paths.
D. An L2 path is preferred over an L1 path
E. Both L1 and L2 routes will be installed in the routing table at the same time
F. Within each level of metric support, the path with the lowest metric is preferred.
Answer: A,B,F
NO.612 What can PfR passive monitoring mode measure for UDP flows?
A. loss
B. delay
C. reachability
D. throughput
199
Answer: D
If the route to 10.1.1.1 is removed from the R2 routing table, which server becomes the master NTP
server?
A. R2
B. The NTP server at 10.3.3.3
C. The NTP server at 10.4.4.4
D. The NTP server with the lowest stratum number
Answer: D
NO.614 Refer to the exhibit. What is the meaning of the asterisk (*) in the LSP Seq Num column of
this "show isis database" output?
A. The LSP originated on a router with an invalid hold time
B. The LSP originated on a L1-L2 type router
C. The LSP originated on the router where the command is being executed
D. The LSP originated on a router which is capable of wide metrics
Answer: D
NO.615 Which two statement about the EIGRP Over the Top feature are true?(Choose two.)
A. EIGRP routers traffic between the PE devices.
B. Traffic is USP-encapsulated on the control plane.
C. The neighbor command must be configured with LISP encapsulation on wach CE device.
D. The network statement must be configured on each PE device to connect separate EIGRP sites.
E. The network statement must be configured on each CE device to connect separate EIGRP sites
F. Traffic is LISP-encapsulated on the data plane.
Answer: C,F
NO.616 What command can you enter to enable client autoconfiguration over an ISATAP tunnel?
A. tunnel mode ipv6ip isatap
B. no ipv6 nd ra suppress
C. ipv6 nd ra suppress
D. tunnel mode ipv6ip 6rd
Answer: B
NO.617 What is the maximum size of a packet that can be sent successfully from R3 to 10.1.2.1
without enabling fragmentation?
A. 1490 bytes
B. 1501 bytes
200
C. 1480 bytes
D. 1479 bytes
E. 1500 bytes
F. 1521 bytes
Answer: C
NO.618 DRAG DROP

Drag and Drop
Answer:
NO.619 When you deploy DMVPN, what is the purpose of the command crypto isakmp key ciscotest
address
0.0.0.0?
A. It configured on hub to set the pre-shared key for the spoke routers
B. It configured on the Internet PE routers to allow traffic to traverse the ISP core
C. It configured on the spokes to indicate the hub router
D. It configured on hub and spoke router to establish peering
Answer: A
NO.620 Which two statements correctly describe MLD snooping? (Choose two.)
A. It is independent of IGMP snooping
B. It can be disabled globally and then enabled on individual VLANs
201
C. Global configurations override VLAN configurations

D. It can be enabled on VLANs 1 through 1001 only
E. VLAN query values override global values
Answer: D,E
NO.621 Which three responses can a remote RADIUS server return to a client? (Choose threE.
A. Reject-Access
B. Access-Accept
C. Access-Reject
D. Accept-confirmed
E. Reject-Challenge
F. Access-Challenge
Answer: B,C,F
When it attempted to register the EEM script, the device returned this error message.
A. Configure the end command at the end of the BACKUP EEM policy
B. Configure the event none command so that the event can be triggered manually
C. Configure the event action to run the applet
D. Configure the event manager run command to register the event
Answer: C
NO.623 Which IP SLA operation type is enhanced by the use of the IP SLAs Responder?
A. DNS
B. HTTP
C. ICMP Echo
D. UDP Echo
Answer: D
NO.624 What are two functions of an NSSA in an OSPF network design?(Choose two)
A. It overcomes issues with suboptimal routing when there are multiple exit points from the areas
B. It uses opaque LSAs
C. It allows ASBRs to inject external routing information into the area
D. An ASBR advertises type 7 LSAs into the area
E. An ABR advertises type 7 LSAs into the area
Answer: C,D
NO.625 which two statements about single-hub DMVPN are true?(choose two)
A. Two spokes that are behind different NAT devices that both use PAT can establish a poke-to-spoke
connection
202
B. Cisco best practices recommend that dynamic spoke-to-spoke tunnel connections use wildcard
preshared keys for ISAKMP authentication
C. Dynamic spoke-to-spoke tunnel connections support IKE certificates for ISAKMP authentication
D. Each DMPN spoke requires a unique IP address after NAT translation
E. DMVPN networks support GRE tunnel keepalives on multipoint GRE tunnels
F. DMVPN networks support GRE tunnel keepalives on point-to-point GRE tunnels
Answer: C,E
NO.626 Which two statements about HDLC operations in asynchronous balanced mode are true?
(Choose two.)
A. Either device can send frames at any time.
B. Each device must negotiate with its neighbor before sending frames.
C. Each device must negotiate with its neighbor to recover from framing errors.
D. Either device can initiate transmission of frames.
E. The initiating device sends a DTE frame.
Answer: C,D
NO.627 Which GDOI key is responsible for encrypting control plane traffic?
A. the traffic encryption key.
B. the preshared key
C. the key encryption key
D. the key-chain.
Answer: A
NO.628 How can you protect a device from Dos attacksdirected against its terminal and
management ports?
A. Enable AAA local authentication on the terminal and management ports
B. Configure TCP keepalives on the terminal and management ports
C. Reserve a terminal or management port with a highly restrictive ACL
D. Configure the max-login-attempts command on the terminal and management ports
Answer: D
NO.629 which two statements about the IS-IS cost metric are true?(choose two)
A. The cost is calculated automatically based on the interface bandwidth and delay
B. It is the only IS-IS metric supported on Cisco devices
C. The cost is calculated automatically based on the delay only
D. The cost is calculated automatically based on the interface bandwidth only
E. A default cost of 1 is automatically assigned to all interface
F. A default cost of 10 is automatically assigned to all interface
Answer: D,F
NO.630 DRAG DROP

Drag and drop the BGP attribute on the left to the correct category on the right.
203
Answer:
NO.631 Which routing protocol is not supported with VRF-lite?

A. IS-IS
B. OSPF
C. EIGRP
D. BGP
Answer: A
NO.632 Which two statements about logging are true? (Choose two)
A. The mnemonic can refer to a hardware device, a protocol, or a software module.
B. When you enable sequence numbers, the datetime timestamp is disabled automatically by
default.
C. Log messages include a mnemonic that describes the message.
D. A log message's facility value indicates the hardware on which the log message was generated.
E. Logs can be displayed on the console or on a remote terminal.
F. A log message can include both uptime and the datetime timestamp.
Answer: C,E

R1#sh ip eigrp top all
IP-EIGRP Topology Table for AS (192.168.13.1)
Codes: P - Passive, A - Active, U - Update, Q- Query, R - Reply,
r - reply Status, s - sia Status
via 192.168.1.5 (3586560/3074560), Serial0/0
204

Which statement about the 192.168.100.0/24 destination network is true.
A. The neighbors fail to meet the feasibility condition.
B. The reporting distance for the feasible successor is 49000
C. The reporting distance for the successor is 409600
D. The reported distance is too small to support a feasible successor route
Answer: A
NO.634 A network engineer implements ISIS for IPv6 and then discovers that ISIS adjacencies are
going down. Which action can be taken to fix this problem?
A. Enable multitopology on the ISIS domain
B. Configure link local IPv6 addresses on ISIS interfaces
C. Change the is-type on all ISIS routers to level-2-only
D. Enable ISIS for IPv6 on loopback interfaces
Answer: D
NO.635 Which data format is used in this RESET API call?

A. BASH
B. XML
C. HTML
D. HTML v5
E. JSON
Answer: E
NO.636 Which statement about the feasible distance in EIGRP is true?

A.It is metric that is support by the best next hop toward the destination
B.It is the maximum metric that should feasibly be considered for installation in the RIB
C.It is the smallest metric toward the destination enc'OuntereD... ... time the destination went from
Active to Passive state
D.It is the maximum metric possible based on the maximum hop count that is allowed
Answer: C
NO.637 DRAG DROP

Drag and drop each IPv6 migration method from the left onto the matching description on the right.
Select and Place:
205
Answer:
NO.638 username cisco1 password cisco 1

username cisco2...
username cisco3...
username cisco4 privilege 15 password cisco4
aaa new-model
aaa authentication login default group tacacs+ local
aaa authorization exec default group tacacs+ local
ip http server
ip http authentication aaa
...
Refer to the exhibit. if the TACACS+ server is unreachable, which user will be able to use HTTP to
configure the router?
A. cisco1
B. cisco2
C. cisco3
D. cisco4
206
Answer: D
You are configuring the S1 switch for the switch port that connects to the clients company- Which
configuration blocks users on the port from using more than 6 Mbps of traffic and marks the traffic
for a class of service of 1?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
NO.640 163 QUESTIN TEXT IS NOT AVAILABLEwhich three statements about EIGRP and BFD are true
? (choose threE.
A. BFD is independent of the routing protocol,so it can be used as a generic failure detection
mechanism for EIGRP.
207
B. Some parts of BFD can be distributed to the data plane,so it can be less CPU-intensive than
reduced timers, which exist wholly at the control plane.
C. Reduced EIGRP timers have an absolut minimum detection timer of 1-2 seconds; BFD can provide
sub-second failure detection
D. BFD is tied to specific routing protocols and can be used for generic fault detection for the
OSPF,EIGRP and BGP routing protocol
E. BFD is dependent on the EIGRP routing protocol,so it can be used as a specific failure detection
mechanism
F. BFD resides on the control plane,so it is less CPU-intensive than if it resided on the date plane
Answer: A,B,C
NO.641 Which IS-IS network type can operate in the absence of a DIS?
A. point-to-multipoint
B. Ethernet
C. NBMA
D. point-point
Answer: D
NO.642 Which two statements about DMVPN with NHRP are true? (Choose two)
A. NHRP shortens the configuration of the hub router.
B. NHRP dynamically provides information about the spoke routers to the hub.
C. NHRP disables multicast
D. The hub router uses NHRP to initiate the GRE tunnel with spokes.
E. The spoke routers act as the NHRP servers.
Answer: A,B
208
If the given network is in the process of being migrated from EIGRP to OSPF , includes external
routes, and all routers are currently running both protocol action must you perform to complete the
migration?
A. Change the EIGRP Administrative Distance to 111, wait until all routers are present, and then
change it back to the default value.
B. Change the OSPF Administrative Distance to 91, wait until all routers are present, and then change
it back to the default value.
C. Change the EIGRP Administrative Distance to match the OSPF Administrative Distance, wait until
all
Routers are present, and then change the EIGRP Administrative Distance back to the default value.
D. Change the OSPF Administrative Distance to 171, wait until all routers are present, and then
change it
back to the default value.
Answer: D
NO.644 Which two statements about scheduling multiple IP SLA operations are true?
A. You must configure IP SLA operations before you can schedule a group of operations.
B. The ip sla monitor group schedule command must be configured on the device.
C. You must configure the frequency of each IP SLA operation before it can start.
D. The IP SLA operations must be scheduled at a maximum interval of 30 seconds.
E. Every IP SLA operation in a single group must start at the same time.
Answer: A,C
NO.645 DRAG DROP

Drag and Drop
Answer:
209
NO.646 An IP SLA fails to generate statistics. How can you fix the problem?
A. Add the verify-data command to the router configuration
B. Reload the router configuration.
C. Remove the ip sla schedule statement from the router configuration and re-enter it.
D. Add the debug ip sla trace command to the router configuration.
E. Add the debug ip sla error command to the router configuration.
Answer: A
NO.647 DRAG DROP
Answer:
210
NO.648 which two methods are used to configure an RP in a PIM-SM network?(choose two)
A. PIM-DM
B. anycast
C. SSM
D. Auto-RP
E. BSR
Answer: D,E
NO.649 Which two OSPF network type require the use of a DR and BDR? {Choose two)
A. non-broadcast networks
B. point-to-point networks
C. point-to-point non-broadcast networks
D. broadcast networks
E. point-to-multipoint networks
Answer: A,D
NO.650 According to the networking best practices, which networ1< device should be used for
optimization and rate limiting?
A. The provider core device
B. The provider edge device
C. The customer core device
D. The customer edge device
Answer: D
NO.651 DRAG DROP

Drag each OSPFv2 SA parameter on the left to its corresponding description on the right.
Answer:
211
NO.652 Which three features does GETVPN support to improve deployment and scalability?
(Choose three.)
A. redundant IPsec tunnels between group members and the key server
B. allowing traffic to be discarded until a group member registers successfully.
C. GDOI protocol configuration between group members and the key server.
D. local exceptions in the traffic classification ACL.
E. redundant multicast replication streaming through the use of a bypass tunnel.
F. configuration of multiple key servers to work cooperatively.
Answer: A,E,F
You have noticed that when the link netween R2 and R3 goes down, traffic to route
1 92.168.1.0/24 continues to exit R1 through interface F0/0. If all routers on the given network are
running
EIGRP, what is the most likely reason for the problem?
A. R3 waits until the R2 hold time expires before advertising its path
B. R2 is failing to properly advertise 192.168.10.0/24 because it is configured as a hub router instead
of a Stub
router
C. R2 is still advertising the summary route because one child route exists
212
D. The R3 metric for 192.168.10.0/24 is too high to be the preferred path

Answer: C
Which two statements about the device configuration are true? (Choose two.)
A. The device has control-plane protection enabled.
B. The device implicitly allows Tel net connections.
C. The GigabitEthemet0/1 interface of the device allows incoming SSH and SNMP connections.
D. The device has management-plane protection enabled.
E. The device allows SSH connections to its loopback interface.
Answer: C,D
NO.655 Which mechanism does GET VPN use to preseNeIP header information?
A. MPLS
B. IPsec transpo mode
C. GRE
D. IPsec tunnel mode
Answer: D
NO.656 Which statement is true when using a VLAN ID from the extended VLAN range (1006-
4094)?
A. STP is disabled by default on extended-range VLANs.
B. VLANs in the extended VLAN range can only be used as private
C. VLANs in the extended VLAN range cannot be pruned
D. VLANs in the extended VLAN range can be used within either client or server mode
Answer: C
NO.657 What is the EUI 64-bit address corresponding to MAC address 0032F4C57781?
A. FFFE0032F4C57781
B. 0032F4FFFEC57781
C. 0032F4C57781FFFE
D. C57781FFFE0032F4
Answer: B
NO.658 Which two statements about IPv4 and IPv6 networks are true? ( Choose two)
A. IPv6 uses a required checksum at the network layer
213
B. In IPv4 fragmentation is permed by the source of the packet

C. IPv4 uses an optional checksum at the transport layer
D. IPv6 uses a UDP checksum to verify packet integrity
E. In IPv6routers perform fragmentation
F. In IPv6hosts perform fragmentation
Answer: D,F
NO.659 Which Catalyst switch feature configured on a per-port basis can be used to prevent
attached hosts from joining select multicast group?
A. IGMP Filtering
B. MLD Filtering
C. IGMP Snooping
D. PIM Snooping
Answer: A
NO.660 When is MAC authentication bypass enabled by default?

A. When 802.1x authentication times out
B. When 802.1x authentication fails
C. When two-factor authentication is configured
D. After 802.1x authentication verifies the client's identity
Answer: D
NO.661 Which option describes the purpose of the no ip next-hop-self eigrp configuration line in
DMVPN
deployment?
A. It allows the spoke routers to change the next hop value when sending EIGRPupdates to the hub
router
B. It enables EIGRPto dynamically assign the next hop value based on the EIGRPdatabase
C. It allows the spoke routers to change the next hop value when sending EIGRPupdates to the spoke
router
D. It preserves the original next hop value as learned by the spoke routers
E. It preserves the original next hop value as learned by the hub routers
Answer: D
NO.662 DRAG DROP

Statement on the right.
214
Answer:
NO.663 %CFIB-7-CFIB_EXCEPTIONS: FIB TCAM exception, Some entries will be software switched
Refer to the exhibit. If a Layer 3 switch running OSPF in a VRF-lite configuration reports this error,
which action can you take to correct the problem?
A. Add the vrf-lite capability to the OSPF configuration
B. Set mls cef maximum-routes in the global configuration
C. Configure the control plane with a large memory allocation to support the Cisco Express
Forwarding
Information Base
D. Upgrade the Layer 3 switch to a model that can support more routes
Answer: B
NO.664 when is it useful to disable split horizon on an EIGRP interface?

A. Disable it when you want to sent routes that are learned from another routing protocol to peer on
the same interface
B. Disable it when you want to provide additional backup paths in your network
C. It is never advisable to disable split horizon on an EIGRP interface
D. Disable it when you need to send updates to peers on the interface on which the updates were
received
Answer: D
NO.665 Which three options are capabilities of queuing and scheduling?(Choose three)
A. queue buffers
B. weighted tail drop
C. bandwidth limitation
D. CAR
E. PBR
F. policing
Answer: A,C,F
NO.666 which statement about MAC Authentication Bypass is true?

A. It relies on Cisco Discovery Protocol to learn MAC addresses
B. It authenticates by using MAC addresses when a switch port is turned up
C. It use the ARP and MAC tables to authenticate users
D. It can initiate after 802.1X authentication times out
Answer: D
215
NO.667 Which route types are redistributed from OSPF into BGP by default?
A. AII route types
B. External routes only
C. lnter-area routes only
D. lntra-area routes only
E. lntra-area routes and inter-area routes
Answer: E
NO.668 Which two statements about IPv6 PIM are true?(Choose two)
A. PIM-SM and PIM-SSM can be configured in the same network
B. PIM-SM bases its RPF checks on the unicast routing table
C. It supports both sparse mode and dense mode
D. It supports both Auto-RP and BSR
E. It works in conjunction with unicast routing protocols to send and receive multicast updates
Answer: A,B
NO.669 A floating static route pointing to an interface appears in the routing table even when the
interface
is down. Which action can you take to correct the problem?
A. Correct the DHCP-provided route on the DHCP server
B. Remove the permanent option form the static route
C. Correct the administrative distance
D. Configure the floating static route to point to another route the routing table
Answer: B
NO.670
216
Refer to the exhibit. Which routes are advertised by the router?

A. BGP routes sourced on this router
B. AII routes
C. BGP routes from AS 65006
D. BGP routes from AS 65006 and BGP routes sourced on this router
E. No routes
Answer: D
NO.671 Which statement about Type-4 LSA in OSPFv2 is true?

A. It is present only in the backbone area
B. It is generated by each ABR and forwarded in non-stub areas.
C. It is forwarded in NSSA areas.
D. It is generated by the ASBR and forwarded throughout the wholeOSPF domain.
Answer: B
NO.672 Which command must you configure on a device so it can establish an IPv6-in-IPv4 IPSec
tunnel?
A. vrf context vrf-name
B. mpls ip
C. ip cef
D. ipv6 unicast-routing
217
Answer: D
NO.673 which three management protocols doses MPP support?(choose three)

A. SSH
B. SMTP
C. SNMP
D. Telnet
E. NetFlow
F. SCP
Answer: A,C,D
If R1 and R2 cannot establish an EIGRP neighbor adjacency, which reason for the problem is most
likely true?
A. The auto-summary command under the route process is disabled
B. The hello-interval and hold-time values are invalid
C. The MTU value between R1 and R2 is too small
D. The primary networks are on different subnets
Answer: D
NO.675 Which option describes how a VTPv3 device responds when it detects a VTPv2 device on a
trunk
port?
A. It sends VTPv2 packets only
B. It sends a Special packet that contains VTPv3 and VTPv2 packets information.
C. It sends VTPv3 packets only.
D. It sends VTPv3 and VTPv2 packets.
Answer: D
NO.676 Which data plane protocol does EIGRP Over the Top use
A. GRE
B. MPLS
C. LISP
D. IP-in-IP
Answer: C
NO.677 Which mechanism does get vpn use to preserve ip header information?
218
A. GRE
B. MPLS
C. IPsec transport mode
D. IPsec tunnel mode
Answer: D
NO.678 Refer to the exhibit. Which EEM script can you apply to the device so that logged-in users
are recorded in syslog messages
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
219
NO.679 DRAG DROP
Answer:
Which option describes the purpose of the as-set argument of the aggregate-address command?
A. It provides a list of AS numbers top which the aggregate is advertised.
B. It provides a predefined AS path in the aggregate advertisement that is used to indicate and
aggregate
prefix.
C. It provides as AS path in the aggregate advertisement that contains only the local AS number.
D. It provides an AS path in the aggregate advertisement that includes the AS numbers of the
component
members.
Answer: D
NO.681 Which feature can be used to allow hosts with routes in the global routing table to access
hosts in a VRF?
A. Extended communities
B. Route target communities
C. Route leaking
D. Address families
Answer: C
NO.682 Which option describes show a network administrator prevents possible routing loops for
VLSM subnets that are missing from the routing table?
A. Create a route for the subnet to the null interface and then redistribute the static route into the
routing process.
B. Create a loopback interface with the correct subnet and then redistribute the connected interface
to the routing table
C. Create a loopback interface with the correct subnet and the routing protocol automatically injects
it into its routing process
220
D. Create a route for the subnet to the null interface and the routing protocol automatically injects it
into its routing process.
Answer: A
NO.683 When you deploy DMVPN, What is the purpose of the command key cisco test address
0.0.0.0.0.0.0.0.?
A. lt is configured on the hub and spoke routers to establish peering
B. It is configured on the hub to set the pre-shared key for the spoke routers.
C. It is configured on the internet PE routers to traverse the ISP core.
D. lt is configured on the spokes to router.
Answer: B
NO.684 Which component of a GETVPN deployment Is responsible for obtaining an IPsec SA to

encrypt
data within a group?
A. Group member
B. Key Server
C. GDOI
D. GRE
Answer: C
NO.685 Which cache aggregagation scheme is supported by NetFlow ToS-based router aggregation?
A. destination prefix
B. AS
C. protocol port
D. prefix-port
Answer: D
NO.686 Which EIGRP feature allows the use of leak maps?

A.address-family
B.offset-1ist
C.stub
D.neighbor
Answer: C
NO.687 Which statement is true when using a VLAN ID from the extended ULAN range (1006-
4094)?
A. STP is disabled by default on extended-range VLANs.
B. VLANs in the extended VLAN range can only be used as private VLANs.
C. VLANs in the extended VLAN range cannot be pruned.
D. VLANs in the extended VLAN range can be used with VTPV2 in either client or server mode.
Answer: C
221
NO.688 Which effect of configuring the passive-interface S0/0 command under the EIGRP routing
process is true?
A. It prevents EIGRP neighbor relationships from being formed over interface S0/0
B. It configures interface S0/0 to send hello packets with the passive-interface bit set
C. It configures interface S0/0 to suppress all outgoingrouting updates
D. It configures_interface S0/0 to reject al-I incoming routing updates
Answer: A
NO.689 Which statement about the bgp soft-reconfig-backup command is true?

A. When the peer is unable to store updates, the updates are implemented immediately.
B. It requires BGP to store all inbound and outbound updates.
C. It provides soft configuration capabilities for peers that are unable to support route refresh.
D. It provides outbound soft reconfiguration for peers.
E. It overrides soft reconfiguration for devices that support inbound soft reconfiguration.
Answer: C
NO.690 Which command can you enter to allow a multicast-enabled router to advertise itself to the
BSR router as PIMv2 c-RP?
A. ip pim autorp listener
B. ip pim send-rp-announce
C. ip pim rp-candidate
D. ip pim rp-address
E. ip pim send-rp- discovery
Answer: C
Which two statements about this configuration are true? (Choose two)
A. It creates summary routes and injects them into EIGRP
B. It prevent 172.16.0.0/16 from being distributed into EIGRP
C. It allows a default route to be distributed into EIGRP
D. It prevent a default route to being distributed into EIGRP
E. It allows 172.16.0.0/16 and larger students to be distributed into EIGRP
F. It allow 172.16.0.0/16 to be distributed into EIGRP
Answer: C,F
222
Which effect of this configuration is ture?

A. It configures a PPPoE server.
B. It configures a PPPoE client.
C. It configures a PPPoE neighbor relationship with a Layer 3 switch.
D. It configures a PPPoE session with an ISP.
Answer: A
NO.693 What is the default 1S-1S interface metric on a Cisco router?

A. 128
B. 64
C. 10
D. 255
Answer: C
223
Which two statements about this capture true? (Choose two)

A. It is set to run for five minutes
B. It is set to use the default buffer type
C. It captures data only until the buffer is full
D. It is set to run for a period of 00:03:26
E. It continues to captures to capture data after the buffer is full
Answer: A,E
NO.695 Which two protocols exclude the source and destination IPaddresses from the application
data stream?
(Choose two)
A. TFTP
B. NTP
C. SMTP
D. SSH
E. SNMP
Answer: B,C
Which prefixes will have their distance changed?

A. All prefixes in the range 10.1.12.0 - 10.1.12.255 learned from peers matching access- list 10
B. All prefixes matching access-list 10 learned from peers in the range 10.1.12.0 - 1 0.1.12.255
C. All internal prefixes matching access-list 10 learned from peers in the range 10.1.12.0 - 1 0.1.12.25
5
D. All internal prefixes in the range 10.1.12.0 - 10.1.12.255 learned from peers matching access-list 1
0
Answer: C
NO.697 DRAG DROP
224
Answer:
NO.698 Which feature can you implement to most efficiently protect customer traffic in a rate-
limited WAN Ethernet service
A. IntServ with RSVP
B. DiffServ
C. Q-in-Q
D. The IPsec VTI qos pre-classify command
E. HCBWFQ
Answer: B
NO.699 Which two route types are allowed to exit an EIGRPstub?(choose two)
A. summary
B. host
C. static
D. connected
E. default
Answer: A,D
NO.700 Which two statements about class maps are true? {Choose two)
A. As many as eight DSCP values can be included in a match dscp statement.
B. A policy map can be used to designate a protocol within a class map.
C. The match class command can nest a class map with more than one match command is match-
225
any.
Answer: A,C
multiple hosts on the 10.2.2.0/24 network are sending traffic to the web server, Which configuration
can you apply to R2 so that traffic from host 1 uses the path R2-R1-R3 to reach the web server,
without affecting other hosts?
A. access-list 1 permit 10.2.2.0 0.0.0.255
B. interface FastEthernet2/0 ip policy route-map POLICY-ROUTE
C. access-list 1 permit 10.2.2.3 255.255.255.255
D. access-list 1 permit 10.2.2.3 0.0.0.0
E. access-list 1 permit 10.2.2.4 0.0.0.0
F. ip local policy route -map PLICY-ROUTE
Answer: D
NO.702 DRAG DROP

Drag and drop the NAT operations on the left into the correct sequential order on the right.
Answer:
226
NO.703 Which option is the Cisco recommended method to secure access to the console port?
A. Set the privilege level to a value less than 15
B. Configure a very short timeout (less than 100 milliseconds) for the port
C. Configure the activation-character command
D. Configure an ACL
Answer: C
NO.704 What are the two requirements for BGP to install a classful network into the BGP routing
table?
(Choose two.)
A. Synchronization is disabled.
B. The AS contains the entire classful network.
C. Auto-summary is enabled.
D. A classful network is statement with a classful mask is in the routing table.
E. A classful network statement with a lower administrative distance ~he routing table.
F. Synchronization is enabled.
Answer: C,D
NO.705 Which statement about Cisco StackWise technology is true?

A. Every switch in a stack has its own independent and uncoordinated configuration file
B. All switches in a stack share configuration and routing information to behave as a single unit
C. Removing switches can affect stack performance
D. Only the master switch acts as a forwarding processor
Answer: B
NO.706 Which prefix list matches and permits all RFC 1918 network 10.0.0.0 routes that have masks
of /16 through /24?
A. ip prefix-list foo seq 10 permit 10.0.0.0/8 ge 15 le 25
B. ip prefix-list foo seq 10 permit 10.0.0.0/8 ge 16 le 24
C. ip prefix-list foo seq 10 permit 10.0.0.0/16 le 24
D. ip prefix-list foo seq 10 permit 10.0.0.0/16 ge 15 le 25
Answer: B
NO.707 DRAG DROP

Drag each statement about EIGRP neighbor peering on the left to the matching peering type on the
227
right
Answer:
NO.708 What command can you configure on a router so that traffic generated from the router is
policy-routed?
A. ip local policy
B. ip route-cache policy
C. ip policy
D. ip route-map
Answer: A
228
Which tag will be applied to 172.16.50.0/24 route?

A. 10
B. 20
C. 11
D. 40
Answer: A
NO.710 Which three options are there of the valid message types for DHCPv6? (Choose three.)
A. Request
B. Solicit
C. Discover
D. Advertise
E. Offer
F. Leave
Answer: A,B,D
NO.711 NO: 298

Which statement about NAT64 is true?
A. NAT64 should be considered as a permanent solution.
B. NAT64 requires the use of DNS64.
C. NAT64 provides address family translation and translates IPv4 to IPv6 and IPv6 to IPv4.
D. NAT64 provides address family translation and can translate only IPv6 to IPv4.
Answer: D
NO.712 An NSSA area has two ABRs connected to Area 0. Which statement is true?
A. Both ABRs translate Type-7 LSAs to Type-5 LSAs
B. No LSA translation is needed
229
C. Both ABRs forward Type-5 LSAs from the NSSA area to backbone are.
D. The ABR with the highest router ID translates Type-7 LSAs to Type-5 LSAs
Answer: D
The route-map wan2site is being used for redistributing BGP routes into the eigrp 28 process Which
option best describes the resulting redistribution of routes ?
A. policy routing matches 0 packets means that there are no matches and no routes are being
redistributed
B. all routes are being redistributed with a metric and a tag
C. The denysequence 5 is preventing any routes from and a tag
D. a default routes is being redistributed with a metric and a tag
Answer: C
NO.714 Which QoS mechanism is used to implement CoPP?

A. RSVP
B. rate limiting
C. FIFO
D. MQC
Answer: D
NO.715 Which option describes a difference between Ansible and Puppet?

A. Ansible is client-server based,and Puppet is not.
B. Ansible requires an agent,and Puppet does not.
C. Ansible is Python based,and Puppet is Ruby based.
D. Ansible autonates repetitive tasks,and Puppet allows you to run plain ssh command.
Answer: C
NO.716 Into which two pieces of information does the LISP protocol split the device
identity?(Choose two)
A. Enterprise Identifier
230
B. LISP ID
C. Resource Location
D. Device ID
E. Routing Locator
F. Endpoint Identifier
Answer: E,F
NO.717 You are using the limited scope multicast IP address 239.128.0.1 for a high volume data
distribution
application. what symptom would you expect to find in the network?
A. The video traffic cannot be handled by a limited scope multicast address
B. There is no problem and the network is performing smoothly , just as designed
C. The high volume traffic is being sent to the 224.128.0.1 multicast address as well as on the original
address, causing high network load on all multicast subnets
D. The high volume application creates high network traffic load on all systems on the subnets where
the video is being sent.
Answer: B
NO.718 Which three features support object tracking? (Choose threE.

A. OSPF
B. BFD
C. EEM
D. HSRP
E. PfR
F. vPC
Answer: C,D,F
NO.719 Exhibit:
Refer to the exhibit. While troubleshooting an issue with a blocked switch port. you find this error in
the switch log. Which action should you take first to locate the problem?
A. Execute the show interface command to check FastEthernet 0/1
B. Check the attached switch for a BPDU filter
C. Test the link for unidirectional failures.
D. Check the attached switch for an interface configuration issue.
Answer: B
NO.720 which two OSPF network type require the use of a DR and BDR?(choose two)
A. broadcast networks
B. point-to-multipoint network
C. point-to-point non-broadcast networks
231
D. non-broadcast networks
E. point-to-point networks
Answer: A,D
Which two statements about this route table are true?( Choose two).
A. The OSPF routes with the IA flag have their administrative distances incremented as they leave the
router.
B. The OSPF routes with the E2 flag retain the same metric as they leave the router.
C. The BGP routes are internal.
D. The BGP routes are external.
E. The OSPF routes with the E2 flag have their metrics incremented as they leave the router.
Answer: B,C
NO.722 Which routing protocol is incompatible with VRF-lite?

A. IS-IS
B. EIGRP
C. BGP
D. OSPF
Answer: B
NO.723 Which characteristic of an IS-IS single topology is true?

A. Its IPv4 and IPv6 interfaces must have a 1:1 correlation.
B. It supports asymmetric IPv4 and IPv6 interface.
C. It uses a separate SPF calculation than the IPv4 routing table
D. The metric-style wide command must be enabled.
Answer: A
NO.724 Which two statements about SNMP inform requests are true? (choose two)
A. For a particular event, an SNMP inform may be sent more than once
B. SNMP informs are sent to the SNMP manager and are acknowledged
C. SNMP informs are sent to the SNMP manager without acknowledgement
D. For a particular event, an SNMP inform is sent only once
E. SNMP informs are sent to the SNMP agent without acknowledgement
F. SNMP informs consume less bandwidth than SNMP traps
Answer: A,C
232
While troubleshooting the failure of two devices to establish an IPSec tunnel, you generated the
given debug output on R2. What is the most likely reason the tunnel failed?
A. Main mode processing failed on the peer
B. Main mode processing failed on R2
C. The ACLs are mismatched on the devices
D. R2 was unable to connect to the peer
Answer: C
NO.726 Which two options are potential impacts of microbursts? (Choose two.)
A. invalid checksum
B. tail drops
C. packet loss
D. unicast flooding
E. asymmetric routing
F. unnecessary broadcast traffic
Answer: B,C
NO.727 DRAG DROP
Answer:
233
NO.728 Which Cisco IOS XE component provides separation between the control plane and the data
plane?
A. Common Management Enabling Technology
B. Free and Open Source Software
C. POSIX
D. Forwarding and Feature Manager
Answer: D
NO.729 Which marking field is used only as an internal marking within a router?
A. QOS Group
B. Discard Eligiblity
C. IP Precedence
D. MPLS Experimental
E. CoS
Answer: A
NO.730 Refer to the Exhibit,
Which configuration can you implement on PE-1 to allow CE-1 to receive

delegated IP\16 prefixes?
A. ipv61ocal CE-12001:db8:4:8888::/48 32 ipv6 dhcp pool CE-1-DHCP
prefix-delegation pool CE-1-Iifetme infinite infinite interface GigabitEthernet0/0 ip\16 address
2001:4b8:4:822::1154 ip\16 dhcp server CE-1-DHCP
B. ipv61ocal pool CE-12001:db8:4:8888/56 48 ip\16 dhcp pool C-1-DHCP
prefix-delegation pool CE-1 lifetime infinite infinite interface GigabitEthernet0/0 interface
GigabitEthernet0/0
ip\16 address 2001:db8:4:822::1164 ipv6 dhcp server CE-1-DHCP
C. ip local pool CE-1 2001 :db8:4:8888::164 48 ip\16 dhcp pool CE-1 -DHCP prefix-delegation pool CE-
1 lifetime infinite infinite infinite interface.GigabitEthemet0/0 ip\16 address 2001:db8:4:822::1164
234
ipv6 dhcp server CE-1-DHCP

D. ipv61ocal pool CE-1 2001:db8:4:8888/49 56 ip\16 dhop pooll CE-1-DHCP interface
GigabitEthernet0/0
ip\16 address 2001:db8:4:822::1164 ipv6 dhcp server E-1
E. ipv61ocal pool CE-12001:db8:4:8888::/48 58v6 dhcp pool CE-1-DHCP
prefix-delegation pool CE-1 lifetime infinite infinite interface GlgabitEthemet0/0 ip\16 address 2001
:db8:4:822::1/64
ip\16 dhcp server CE-1-DHCP
Answer: E
Which two statements can this output verify? (Choose two)

A. The device will wait 200 ms before retransmitting an EIGRP packet
B. The device must recevice an ElGRP packet with in 24 seconds to maintain a neighbor relation ship
C. The EIGRP neighbor has been up for 28 seconds
D The device must receive an ElGRP packet with in 28 seconds to maintain a nelghbor relation ship
D. . The devcie will tear down and restart its EIGRP process in 24 seconds.
E. The EIGRP neighbor has been up for 28 ms.
Answer: A,C
Which two statements about this topology are true? (Choose two)
A. Destination 192.168.23.0/24 is unable to use interface Fa0/1 as the LFA.
B. Interface FastEthernet 0/1 is the primary path to destination 192.168.23.0/24.
235
C. The FastEthernet 0/0 and FastEthernet 0/1 interfaces are used as LFA for destination
192.168.23.0/24
D. Only interface FastEthernet 0/1 are used as the LFA for destination 192.168.23.0/24.
E. Interface FastEthernet 0/0 is the primary path to destination 192.168.23.0/24.
F. Only FastEthernet 0/0 is used as the LFA to destination 192.168.23.0/24.
Answer: A,E
NO.733 What are the three variants of NTPv4? (Choose three.)

A. client/server
B. broadcast
C. symmetric
D. multicast
E. asymmetric
F. unicast
Answer: A,B,C
NO.734 Which MLD message type does a host send to join rrulticast groups?
A. Join/prune
B. Hello
C. Query
D. Done
E. Report
F. Assert
Answer: E
Which two additional configuration lines must you add so that the device will capture data packets
using Embedded Packet Capture (EPC)? (Choose two.)
A. monitor capture buffer BUFFER_CAPTURE filter access-list CAPTURE_FILTER
B. monitor capture point ip process-switched POINT_CAPTURE from-us
C. monitor capture point associate POINT_CAPTURE BUFFER_CAPTURE
D. monitor capture buffer BUFFER_CAPTURE limit aIlow-nth-pak 100
E. monitor capture point start all
Answer: C,E
NO.736 which type of access-list will allow incoming traffic for sessions that originated from within
your network?
A. reflexive ACLs
B. time-based ACLs
236
C. dynamic ACLs
D. standard ACLs
Answer: A
NO.737
Refer to the exhibit.If the default-information originate always command is configured on R4,what
route type is assigned to the default route in RVs route table?
A. O
B. E2
C. OIA
D. E1
Answer: B
NO.738 Which are the two requirements for BGP to install a classful network into the BGP routing
table? (Choose two)
A. Synchronization is disabled
B. The AS contains the entire classful network
C. Auto-summary is enabled
D. A classful network statement with a classful mask is in the routing table
E. A classful network statement with a lower administrative distance is in the routing table
F. Synchronization is enabled
Answer: C,D
NO.739 Which circumstance can cause interface overruns?

A. microbursts
B. asymmetric routing
C. out-of-order packets
D. fragmentation
Answer: A
NO.740 Exhibit:
237
A. 2-WAY
B. ATTEMPT
C. LOADING
D. EXCHANGE
E. FULL
Answer: D
NO.741 Which feature must be enabled so that an IS-IS single topology can support IPv6 traffic?
A. extended metrics
B. adjacency checking
C. new-style TLVs only
D. both new-and old-style TLVs
E. old-style TLVs only
Answer: C
NO.742 Which data modeling language is commonly used by NETCONF?

A. HTML
B. XML
C. YANG
D. REST
Answer: C
NO.743 Which three statements about BGP soft reconfiguration are true? (Choose threE.
A. Outbound soft reconfiguration requires additional configuration on the BGP neighbor
B. Inbound soft reconfiguration requires additional memory
238
C. Outbound soft reconfiguration requires additional memory

D. Inbound soft reconfiguration stores an additional copy of the received from a neighbor before
routing policies take effect
E. Inbound soft reconfiguration requires additional memory
F. Outbound soft reconfiguration stores an additional copy of the routes advertised to a neighbor
before routing policies take effect
Answer: B,E,F
NO.744 Which two statements about VSS are true? (Choose two.)
A. It requires physical switches to be collocated.
B. It is dependent on spanning-tree.
C. It requires three IP addresses per ULAN.
D. Each VSS has a single management IP address
E. It can eliminate the need for HSRP.
Answer: D,E
which two configurations must you apply to the master controller and the border router to provide
then(choose two)?
A. Border#
key chain PFR
key 0
key-string Cisco
pfr border
logging
local loopback 0
B. Master#
key chain PFR
key 0
key-string Cisco
pfr master
logging
border 10.1.1.3 key-chain PFR
interface GigabitEthernet0/0/0 internal
interface GigabitEthernet0/0/1 external
C. Border#
key chain PFR
key 0
key-string Cisco
239
pfr border
logging
local loopback 0
master 10.1.1.1 key-chain PFR
D. Master#
key chain PFR
key 0
key-string Cisco
pfr master
logging
E. Master#
key chain PFR
key 0
key-string Cisco
pfr border
logging
local loopback 0
master 10.1.1.1 key-chain PFR
F. Border#
key chain PFR
key 0
key-string Cisco
pfr master
logging
Answer: B,C
NO.746 Which prefix List Matches and permits all RFC 1918 network 1 0.0.0.0 routes that have
subnet marks of /16 trough /24?
A. ip prefix-list foo seq 10 perm it 10.0.0.0/16 le 24.
B. ip prefix-list foo seq 10 permit 10.0.0.0/16 ge 15 le 25.
C. ip prefix-list foo seq 10 perm it 1 0.0.0.0/8 ge 15 le 25.
D. ip prefix-list foo seq 10 permit 10.0.0.0/8 ge 16 le 24.
Answer: D
NO.747 Which two statements about IGMP filtering are true? (Choose two)
A. It supports IGMPv3 join messages.
B. By default, an interface can join a maximum of 4 IGMP groups
C. It supports general IGMP Queries
240
D. It can be configured on SVIs and on a per-port basis

E. Multicast profiles can be configured to filter multicast joins
Answer: D,E
NO.748 Which two parameters does the Tunnel Mode Auto Selection feature select automatically?
(Choose two)
A. the tunneling protocol
B. the transport protocol
C. the ISAKMP profile
D. the tunnel peer
E. the transform-set
Answer: A,B
Which EIGRP routes will appear in the routing table of R2?

A. 2001:12::/64
B. 2001:112::/64,2001:12::1/64
C. 2001:112::/64,2001:12:1/128
D. 2001:12::1/128
Answer: D
NO.750 Which two statements about Cisco Express Forwarding are true? (Choose two)
A. The FIB table and the adjacency table reside on the line cards when distributed Cisco Express
Forwarding is enabled.
B. Layer 2 next-hop address information is maintained in the adjacency table.
C. The FIB table and the adjacency table reside on the line cards when Cisco Express Forwarding is
enabled.
D. Layer 2 next-hop address information is maintained in the FIB table.
E. The FIB table resides on the route processor and the adjacency table resides on the line cards
when Cisco Express Forwarding is enabled.
Answer: A,B
NO.751 DRAG DROP

Drag each IS-IS command on the left to its effect on the right.
241
Answer:
NO.752 Which PHB type allows for the best interoperability with IP Precedence already used in the
network?
A. Expedited Forwarding
B. Assured Forwarding
C. Class Selector
D. Default
Answer: C
NO.753 Which two statements about NAT are true? Choose two?
A. Static NAT supports a one to one address mapping
B. One to one mapping denies outside traffic from accessing an inside host
C. PAT uses destination port numbers identity address mapping
242
D. Static NAT release the translated address for use by another device when it is inactive
E. Dynamic NAT allows hosts inside a network to use a pool of addresses to access hosts outside the
network
Answer: A,E
If the route to 10.1.1.1 is removed from the R2 routing table, which server becomes the master NTP
server?
A. R2
B. the NTP server at 10.3.3.3
C. the NTP server at 10.4.4.4
D. the NTP server with the lowest stratum number
Answer: D
Explanation:
NTP uses a concept called "stratum" that defines how many NTP hops away a device is from an
authoritative time source. For example, a device with stratum 1 is a very accurate device and might
have an atomic clock attached to it. Another NTP server that is using this stratum 1 server to sync its
own time would be a stratum 2 device because it's one NTP hop further away from the source. When
you configure multiple NTP servers, the client will prefer the NTP server with the lowest stratum
value.
Reference: https://networklessons.com/network-services/cisco-network-time-protocol-ntp/
NO.755 What is the initial BFD state?

A. Init
B. Down
C. Admin/Down
D. Up
Answer: C
NO.756 Which IPv6 tunneling type establishes a permanent link between IPv6 domains over IPv4?
A. 6to4 tunneling
B. ISATAP tunneling
C. IPv4-compatible tunneling
D. manual tunneling
Answer: D
NO.757 When EIGRP Auto-Summary is enabled, what does Auto Summarization do in EIGRP ?
A. Summarizes all network boundaries
B. Summarizes network from different network boundaries crossing different major boundary
243
C. Summarize network from the same network boundaries

D. Summarizes networks from different network boundaries crossing the same major boundary
Answer: B
NO.758 Which three types of Layer 2 isolation do private VLANs provide? (Choose threE.
A. Community
B. Isolated
C. Blocking
D. Promiscuous
E. Private group
Answer: A,B,D
NO.759 DRAG DROP

Drag and drop each EIGRP packet type from the left onto the matching description on the right
Answer:
244
The route-map wan2site is being used to redistribute BGP routes into the eigrp 28 process.
Which option best describes the
resulting redistribution of routes?
A. The deny, sequence 5 is preventing any routes from and a tag
B. A default routes is being redistributed with a metric and a tag
C. Policy routing matches 0 packets means that there are no matches and no routes are being
redistributed
D. All routes are being redistributed with a metric and a tag
Answer: A
NO.761 What value does MAC Authentication Bypass use, by default, for the password attribute in
its RADIUS Access-Request message?
A. The MAC address of the switch
B. The password learned from the EAP Response
C. The MAC address of the endpoint to be authenticated
D. The password supplied for the RADIUS server
Answer: C
NO.762 ESTION NO: 280
245
Refer to the exhibit. The route-map wan2site is being used for redistributing BGP routes into the
eigrp 28 process Which option best describes the resulting redistribution of routes?
A. Policying routing matches: 0 packets means that there are no matches and no routes are being
redistributed
B. A default route is being redistributed with a metric and a tag
C. The deny sequence 5 is preventing any routes from being redistributed
D. AII routes are being redistributed with a metric and a tag
Answer: C
NO.763 Which Cisco PfR monitoring mode is recommended for Internet edge deployments?
A. active mode
B. fast mode
C. active throughput mode
D. passive mode
Answer: D
NO.764 Which feature must be enabled prior to enabling the IGM P Snooping Querier?
A. PIM-SM
B. SSM
C. IP helper
D. IGMP Snooping
246
Answer: D
When packets are transmitted from R1 to R2, where are they encrypted?
A. On the E0/1 interface on R2
B. On the outside Interface
C. In the tunnel
D. In the forwarding engine
E. Within the crypto map
F. On the E0/0 interface on R1
Answer: C
NO.766 Which option is an example of Saas?

A. Google apps
B. Google app engine
C. Microsoft Azure
D. Amazon AWS
Answer: A
NO.767 Which two options are benefits of Metro Ethernet?(Choose two.)

A. It supports CHAP authentication.
B. It includes a comprehensive framing mechanism.
C. It integrates seamlessly throughout the enterprise.
D. It can negate link parameters such as frame speed
E. It provides lower cost per-port than other WAN technologies
Answer: C,E
NO.768 Which two statements about IS-IS are true? {Choose two)
A. The default hello interval is 10 seconds and the default hold timer is 30 seconds.
B. Both IS-IS routers need to have the same capabilities in the hello packet in order to form
neighbors.
C. The hello interval can be changed on a per-interface basis with the command ISIS hello- multiplier.
D. Both routers need to have the same hello intervals and hello timers in order to form IS- IS
neighbors.
Answer: A,C
247
You have configured a VRF named Blue on R1 as shown. Which action must you take to enable uRPF
on the R1 interface E1/0?
A. Configure the ip verify Blue unicast source reachable-via rx allow-default command on interface
E0/1
B. Configure the ip verify Blue unicast source reachable-via rx allow-default command under the VRF
Blue process
C. Configure the ip verify unicast source reachable-via rx allow-default command under the VRF Blue
process
D. Configure the ip verify vrf Blue unicast source reachable-via rx allow-default command on
interface E0/1
E. Configure the ip verify unicast source reachable-via rx allow-default command on interface E1/0
Answer: E
NO.770 From which component does an IS-IS router construct its link-state database?
A. LSAs
B. LSPs
C. hello packets
D. SPTs
Answer: B
Which statement about the output is true?

A. The overload bit is set by R4 for IPv4 and IPv6
B. The overload bit is not set for any topology under router IS-IS on R4
C. The overload bit is set by R4 for IPv6 only
D. The overload bit is not set for any topology under router IS-IS on R5
E. The overload bit is set by R5 for IPv6 only
F. The overload bit is set by R5 for IPv4 and IPv6
Answer: C
NO.772 Which two statements about SSM are true? (Choose two)
248
A. It is designed to support many-to-many applications within a PIM domain.

B. It requires IGMPv3 for source filtering.
C. It uses (*, G) multicast routing entries to make forwarding decisions.
D. It can work in conjunction with the ISM service.
E. Its application and protocols use address 233.0.0.0 - 233.255.255.255.
Answer: B,D
Which configuration must you apply to a router so that it can generate a log message in this format?
A. Service timestamps log datetime localtime show-timezone
Service sequence-numbers
B. Service timestamps log datetime msec localtime
C. Service timestamps log datetime msec localtime show-timezone
D. Service timestamps log datetime msec localtime show-timezone
Service linenumber
E. Service timestamps log datetime msec localtime show-timezone
Service alignment logging
Answer: C
NO.774 What is the default time-out value of an ARP entry in Cisco IOS Software?
A. 720 minutes
B. 240 minutes
C. 60 minutes
D. 480 minutes
E. 120 minutes
Answer: B
NO.775 Which value does EIGRP use to determine the metric for a summary address?
A. The average of the component metrics
B. A default fixed value
C. The lowest metric among the component routes
D. The highest metric among the component routes
Answer: C
NO.776 Which two configuration options are available for PIM snooping? (Choose two.)
A. On a specific interface on the device.
B. On a range of interfaces on the device.
C. Under the VLAN in VLAN configuration mode.
D. Globally on the device.
E. Under the SVI for the corresponding VLAN.
249
Answer: D,E
NO.777 Refer to Exhibit:
Which two options are two problems that can occur with this configuration? (Choose two)
A. The MPLS path from R1 to R5 becomes unreachable.
B. R1 and R5 are unable to establish an LDP relationship.
C. The label for the R1 loopback address is filtered from other MPLS routers.
D. The label for the R5 loopback address is filtered from other MPLS routers
E. MPLS traffic from R1 to R5 takes a suboptimal path.
Answer: A,D
NO.778 Which command sequence must you enter to configure SSH access to a Cisco router?
A. A.ip ssh version ip domain-name crypto key zeroize
B. B.hostname ip domain-lookup crypto key generate rsa
C. C.hostname ip domain-name crypto key zeroize
D. D.ip ssh version ip domain-name crypto key generate rsa
E. E.ip shs version ip domain-lookup crypto key zeroize
F. F.hostname ip domain-name crypto key generate rsa
Answer: F
NO.779 Which two statements about private VLAN communications are true? (Choose two)
A. Primary VLAN traffic is passed across trunk interfaces.
B. Isolated ports communicate with other isolated ports.
C. Promiscuous ports communicate with all other ports.
D. Promiscuous ports connect only to routers.
250
Answer: A,C
NO.780 Which two services are used to transport Layer 2 frames across a packet-switched network?
(Choose two.)
A. Frame Relay
B. ATM
C. AToM
D. L2TPv3
Answer: C,D
NO.781 Which two statements about TCP MSS are true? (Choose two.)
A. The two endpoints in a TCP connection report their MSS values to one another.
B. It operates at Layer 3.
C. MSS values are sent in TCP SYN packets
D. It sets the maximum amount of data that a host sends in an individual datagram
E. It sets the minimum amount of data that a host accepts in an individual datagram
Answer: C,D
NO.782 Which two statements about LDP are true? (Choose two)
A. LDP sessions are established between LSRs
B. It enables LSRs to communicate label bindings
C. It sends hello messages over TCP
D. It uses a 16-byte identifier
E. It supports only directed-connected neighbors
F. It sends hello messages as UDP packets via unicast
Answer: A,B
NO.783 Which IPv6 migration method allows IPv4-only devices to communicate with IPv6-only
devices?
A. Dual stack
B. NAT64
C. ISATAP tunnel
D. GRE tunnel
Answer: B
NO.784 Which two statements about MPLS label stack encoding are true?(Choose two) Which two
statements about MPLS label stack encoding are true? ( Choose two)
A. When a device forwards a labeled packet, it must copy the TTL of the incoming label to the
outgoing label
B. When an MPLS label stack undergoes the swap operation, it swaps the top and bottom labels
C. When a device forwards a labeled packet, it must copy the TTL of the outgoing label to the top
label
D. MPLS labels are encoded in little-endian format
251
E. The TTL is significant only on the top label

Answer: A,E
NO.785 Which two events occur when a packet is decapsulated in a GRE tunnel?(Choose two)
A. The destination IPv4 address in the IPv4 payload is used to forward the packet
B. The source IPv4 address in the IPv4 payload is used to forward the packet
C. The GRE keepalive mechanism is reset
D. The version field in the GRE header is incremented
E. The TTL of the payload packet is decremented
F. The TTL of the payload packet is incremented
Answer: A,E
What is the effect of the given configuration?

A. The router stops SNMP logging.
B. The router logs messages only to the console.
C. The router stops logging messages to the syslog server only.
D. The router log message only to the buffer.
Answer: C
NO.787 DRAG DROP

Drag and drop each IPv6 neighbor discovery message type on the left to the corresponding
description on the right.
Answer:
252
NO.788
Refer to the exhibit. How is voice traffic entering this router on interface GigabitEthernet0/0 being
handled by the shown marking policy?
A. Any traffic matching access list voice is trusted and marking is not changed.
B. AII voice is being set to DSCP 0
C. AII voice is being set to AF21
D. Any traffic matching access-list voice is set to EF
Answer: A
253
A. R1 is performing mutual redistribution,but OSPF routes from R3 are

unable to reach R2.
B. The RIP version supports only classful subnet masks.
C. R3 and R1 have the same router 1
D. R1 requires a seed metric to redistribute RIP.
E. R1 and R3 have an MTU mismatch.
F. R2 is configured to offset OSPF routes with a metric of 16.
G. R1 is filtering OSPF routes when redistributing into RIP.
Answer: B,D,E
NO.790 In which 802.1D port state are the root bridge, the root port, and the designated port(s)
elected?
A. Listening
B. learning
C. forwarding
D. blocking
E. disabled
Answer: C
NO.791 Exhibit:
254
Which two statements about this network are true? (Choose two)
A. It allows successful traceroute operations from R3 to R2
B. It allows successful traceroute operation from R1 to R2
C. It generates syslog messages for all discarded packet
D. It is configured with control-plane policing in silent mode
E. It is configured as distributed control-plane services
Answer: B,E
NO.792 You are backing up a server with a 1 Gbps link and a latency of 2 ms. Which two statements
about the backup are true? (Choose two.)
A. The bandwidth delay product is 2 Mb.
B. The default TCP send window size is the limiting factor.
C. The default TCP receive window size is the limiting factor.
D. The bandwidth delay product is 500 Mb.
E. The bandwidth delay product is 50 Mb.
Answer: A,C
What is the PHB class on this flow?

A. EF
B. none
C. AF21
D. CS4
Answer: B
255
Which two statements about the R1 configuration are true? (Choose two)
A. Timestamp are disabled for log messages.
B. The service timestamps log uptime command is configured.
C. R1 is using the default format for log output.
D. Sequence numbers and timestamps for log output
E. The buffer is set to the default size of 4096 bytes.
Answer: D,E
NO.795 When you implement the EIGRP add-paths feature, which configuration can cause routing
issues on a DMVPN circuit?
A. disabling ECMP mode under the EIGRP process.
B. disabling automatic summarization
C. enabling next-hop-self under the EIGRP process.
D. enabling synchronization under the EIGRP process
E. disabling the default variance under the EIGRP process
F. disabling NHRP when deploying EIGRP over DMVPN
Answer: E
NO.796 DRAG DROP
Answer:
256
NO.797 Which two statements about logging are true?(Choose two)

A. Log messages are displayed in a Telnet session by default.
B. Interface status changes are logged at the Informational level.
C. Interface status changes are logged at the Notification level
D. Log messages are sent to the console port by default.
E. Reload requests are logged at the Notification level.
F. System restart messages are logged at the Critical level.
Answer: A,C
NO.798 interface GigabitEthernet0/0

ip address 10.10.10.1 255.255.255.0
duplex auto
speed auto
media-type RJ45
!i
nterface Tunnel0
ip address 192.168.1.1 255.255.255.252
tunnel source GigabitEthernet0/0
tunnel destination 192.168.1.240
Refer to the exhibit. What will be the IP MTU of tunnel0?
A. 1500
B. 1524
C. 1476
D. 1452
E. 1548
Answer: C
NO.799 For which feature is the address family "rtfilter" used?

A. Enhanced Route Refresh
B. MPLS VPN filtering
C. Route Target Constraint
D. Unified MPLS
Answer: C
NO.800 DRAG DROP

Drag each 0SPFv2 SA parameter on the left to its corresponding description on the right.
257
Select and Place:
Answer:
NO.801 Refer to the exhibit .
If R1 generated this response to the show debug command, which statement about its debug its
258
debug output is true?

A. As soon as interface Fa0/0 becomes active, it generate debug output because one condition has
been met.
B. When debug output is generated, only the user Cisco is permitted to view it.
C. R1 generates debug output as soon as IP address 192.168.0.0 is applied to interface Fa0/0.
D. RI generates debug output as soon as all three conditions are met.
Answer: A
NO.802 Which DHCP message type cloes the DHCP Server send to a client to confirm its allocated IP
address?
A. DHCPACK
B. DHCPOFFER
C. DHCPDISCOVER
D. DHCPREQUEST
Answer: A
NO.803 If you configure a router interface for both IPv4 and IPv6 on an IS-IS network in single-
topology mode.what additional configuration is required?
A. IPv4 and IPv6 must be configured on different routing protocols
B. IPv4 and IPv6 must be configured to run the same IS-IS level.
C. IPv4 and IPv6 must be configured with different metric types
D. IPv4 and IPv6 addresses must be configured with the same prefix length
Answer: B
NO.804 In which environment in uRPF in strict mode most appropriate?

A. When asymmetric routing is a concern
B. When traffic may traverse a default route
C. On a subnet comprised of end stations
D. When the destination IP address must traverse a specific interface
Answer: D
NO.805 DRAG DROP

Drag and drop each IS-IS PDU type from the left onto its purpose on the right.
Answer:
259
NO.806 which statement about NAT64 is true?

A. It uses one-to- one mapping between IPv6 addresses and IPv4 addresses
B. It re quires static address mapping between 1Pv6 addresses and 1pv4 addresses
C. It can be used to translate an IPv6 network to another J Pv6 network
D. It can be configured for stateless and stateful transtation
Answer: D
NO.807 Which two elements are required to define a class-map? (Choose two.)
A. A traffic-class name
B. A series of match commands.
C. A traffic policy name
D. A series of set command
E. A command such as bandwidth, fair-queue, or random-detect to enable a QoS option.
F. An attachment to an interface
Answer: A,B
NO.808 What feature can a device use to identify other members of the same IPv6 multicast group
on a network segment?
A. MLD
B. MSDP
C. source-specific multicast
D. rendezvous points
Answer: A
NO.809 Which set of commands conditionally advertises 172.16.0.0/24 as long as 10.10.10.10/32 is

the routing
table?
A. neighbor x.x.x.x advertise-map ADV exist-map EXT
route-map ADV
match IP address prefix-list ADV
route-map EXT
match IP address prefix-list EXT
ip prefix-list ADV permit 172.16.0.0/24
ip prefix-list EXT permit 10.10.10.10/32
B. neighbor x.x.x.x advertise-map ADV
260
route-map ADV
C. neighbor x.x.x.x advertise-map ADV
route-map ADV
D. neighbor x.x.x.x advertise-map ADV exist-map EXT
route-map ADV
route-map EXT
Answer: A
NO.810 Which two options are benefits of EIGRP OTP? {Choose two)
A. It fully supports multicast traffic.
B. It allow the administrator to use different autonomous system number per EIGRP domain.
C. It allow EIGRP routers to peer across a service provider without the service provider involvement.
D. It allows the customer EIGRP domain to remain contiguous.
E. It requires only minimal support from the service provider.
F. It allows EIGRP neighbors to be discovered dynamically.
Answer: C,D
261
If R1 and R2 cannot establish an OSF neighbor relationshipwhich two action can you take to (Choose
two)
A. Configuration PPP authentication under the R2 Gigabitethemet 0/1 interface
B. Change the ip local pool command on R2 to ip local pool pooh 192 168 1 2 192 168 15
C. Configuration R1 to send the username and password on the Dialer 1 interface
D. Change the PPP authentication to CHAP authentication
E. Configure PPP encapsulation under the R1 virtual-template interface
Answer: C,E
NO.812 Refer to the exhibit. An Ipv6 tunnel is configured between site A and site B.
Which feature does the tunnel support?
A. single policy
B. transport mode
C. site-to-site tunnel mode
D. OSPFv2
Answer: C
NO.813 Which statement about Control Plane Policing is true?

A. It queues egress packets that would otherwise be discarded.
B. It applies to packets that are generated locally.
C. It queues ingress packets that would otherwise be discarded.
262
D. It applies to packets that are punted to the route processor.

Answer: B
NO.814 What is the minimum link MTU value for IPv6?

A. 68 bytes
B. 1280 bytes
C. 1200 bytes
D. 1500 bytes
Answer: B
NO.815 Which feature provides local database policy options that are similar to those ofTACACS-t-
and RADIUS servers?
A. authentication fallback
B. reflexive ACLs
C. AAA attributes
D. 802.1x
Answer: D
NO.816 Which three statements about Ansible are true? {Choose three.)
A. Ansible by default manages remote machines over SSL.
B. No ports other than the SSH port are required ; there is no additional PKI infrastructure to
maintain.
C. Ansible requires remote agent software.
D. Ansible by default manages remote machines over SSH.
E. Ansible does not require specific SSH keys or dedicated users.
F. Ansible requires server software running on a management machine.
Answer: B,D,F
NO.817 Which three elements compose a network entity title? (Choose three.)
A. area ID
B. domain ID
C. system ID
D. NSAP selector
E. MAC address
F. IP address
Answer: A,C,D
NO.818 Which statement describes Cisco PfR link group?

A. Link groups enable Cisco PfR Fast Reroute when NwtFlow is enabled on the external interfaces of
the border routers.
B. Link groups define a strict or loose hop-by-hop path preference.
C. Link groups are required only when Cisco PfR is configured to load-balance all traffic.
D. Link groups are enabled automatically when Cisco PfR is in Fast Reroute mode.
263
E. Link groups set a preference for primary and fallback (backup) external exit interfaces.
Answer: E
NO.819 Which statement about passive interfaces is true?

A. The interface with the IS-IS passive interface configuration sends the IP address of that interface in
the link-state protocol data units
B. The interface with the EIGRP passive interface configuration ignores routes after the exchange of
hello packets.
C. The interface with the OSPF passive interface configuration appears as a not-so-stubby network.
D. Passive interface can be configured on the interface for IS-IS.
Answer: A

interface fastethernet 0/0
ip address 10.1.1.1 255.255.255.0
ip ospf authentication message-digest
ip ospf network point-to-point
ip ospf priority 2
ip ospf area 1
Which change must you make to this configuration to enable the router to participate in a DR
election?
A. Configure the interface to be in area 0
B. Increase the OSPF priority for the interface
C. Remove authentication
D. Change the OSPF network type
Answer: D
NO.821 DRAG DROP

Drag and drop each NAT64 description from the left onto the corresponding NAT64 type on the right.
Select and Place:
264
Answer:
NO.822 What are two mechanisms that directed ARP uses to help resolve IP addresses to hardware
addresses? (Choose two)
A. It removes address-resolution restrictions, allowing dynamic protocols to advertise rou
information for the device loopback address.
B. It uses ICMP redirects to advertise next-hop addresses to foreign hosts
265
C. It uses series of ICMP echo messages to relay next-hop addresses.

D. It removes address-resolution restrictions, allowing dynamic protocols to advertise routing
information for the next-hop address.
E. t uses a proxy mechanism to allow a device to respond to ARP requests for the addresses of other
devices
Answer: B,D
NO.823 Which traffic-monitoring class allows Cisco PfR to run on platforms with limited border-
router functionality?
A. active monitoring
B. fast failover monitoring
C. passive monitoring
D. combined monitoring
E. special monitoring
Answer: B
NO.824 Which three statements about AToM are true?(Choose threE.

A. It requires Layer 3 routing between the PE and CE router.
B. It supports interworking for Frame Relay,PPP,andEthernet,but not ATM
C. It requires MPLS between the PE routers
D. The attachment circuit is configured with the xconnectcommand
E. IP CEF should be disabled in the PE routers.
F. The PE routers must share the same VC idenifier.
Answer: B,C,F
NO.825 Exhibit:
Your network is suffering excessive output drops. Which two actions can you take to resolve the
problem? (Choose two.)
A. Install a switch with larger buffers.
B. Configure a different queue set.
C. Reconfigure the switch buffers.
D. Configure the server application to use TCP.
E. Update the server operating system.
Answer: A,B
266
NO.826 Which statement about a type 4 LSA in OSPF is true?

A. It is an LSA that is originated by an ASBR that is flooded throughout the area and that describes a
route to
the ASBR.
B. It is an LSA that is originated by an ASBR that is flooded throughout the AS, and that describes a
route to
the ASBR.
C. It is an LSA that is originated by an ASBR that is flooded throughout the AS, and that describes a
route to
the ASBR.
D. It is an LSA that is originated by an ASBR that is flooded throughout the AS, and that describes a
route to
the ABR.
E. It is an LSA that is originated by an ABR, that is flooded throughout the area, and that describes a
route to
the ASBR.
Answer: E
If R41 configured as table?
267
A. 0.0.0.0/0, 4.4.4.4/32 and 10.2.4.0/24

B. 0.0.0.0/0 and 4.4.4.4/32 only .
C. 4.4.4.4/32 and 10.1.4.0/24 only
D. 4.4.4.4/32 and 10.2.4.0/24 only
E. 4.4.4.4/32,10.2.4.0/24 and 2.2.2.2/32
Answer: D
NO.828 Which two statements about TCP tail drop are true? (Choose two)
A. It increases the congestion window after each acknowledgement
B. It uses bandwidth efficiently along the entire link
C. It causes TCP flows to be dropped at different intervals
D. It decreases the congestion window after each acknowledgement
E. It causes TCP global synchronization
Answer: C,E
NO.829 R1#showip ospfinterface FastEthernet0/0.12

...Network Type
Non_BROADCAST...
...
R2#showip ospfinterface FastEthernet0/0.12
...Network Type
BROADCAST...
...
Refer to the exhibit. OSPF is configured on R1 and R2 as shown. which action can you take to allow a
neighbor relationship to be established.
A. On R1, change the process ID to 1
B. On R1, set the network type of the FastEthernet0/0.12 interface to broadcast
C. Configure R1 and R2 as neighbors using interface addresses
D. Configure R1 and R2 as neighbors using router IDs
Answer: B
NO.830 Which IPv6 tunneling method allows Host A to communicate with Host B within the same
site?
A. ISATAP
B. 6to4
C. GRE
D. Manual
Answer: A
NO.831 After you configure split horizon on an EIGRP hub-and-spoke network. You notice that some
routes are missing on the spoke routers. Which two actions can you take to correct the problem?
(Choose two)
A. lncrease the Hello and Hold timers on the connections between the routers
B. Configure unicast neighbor statements on both the hub and the spokes
268
C. Disable split horizon on the spoke router interfaces only

D. Disable split horizon on the hub router interface only
E. Configure the summary address command on the hub router
F. Define a separate subinterface on the hub router for each spoke
Answer: D,F
NO.832 Which two improvements do SIA-Query and SIA-Reply messages add to EIGRP? {Choose
two)
A. Stuck-in-active conditions are solves faster.
B. They prevent a route from going into the stuck-in-active state.
C. They help in the localization of the real failure in the network.
D. The EIGRP adjacency between two neighbors never goes down.
Answer: A,C
NO.833 Which option is the default LACP load-balancing algorithm for IP traffic on Layer 3?
A. the source and destination IP address
B. the source IP port
C. the source and destination MAC address
D. the destination port
E. the destination IP port
Answer: A
NO.834 DRAG DROP

Drag and Drop
Answer:
269
NO.835 R1 (config-router)#bgp bestpath ?

compare-routerid Compare router-id for identical EBGP paths
cost-community cost community
med MED attribute
Refer to the exhibit. When entering a question mark after bgp bestpath only three options are visible.
Which two options are valid BGP hidden options for the bgp bestpath command? (Choose two)
A. bgp bestpath as-path multipath relax
B. bgp bestpath as-path ignore
C. bgp bestpath compare-all
D. bgp bestpath localpref ignore
Answer: A,B
NO.836 n an STP domain. Which two topology are true a nonroot switch, when it reveives a
configuration BPDU from the root bridge with the TC bit set? (Choose two)
A. It does not recalculate the STP topology upon receiving change notification from the root switch.
B. It sets the MAC table aging time to max_age time.
C. It recalculates the STP topology upon receiving topology change notification from the root switch.
D. It sets the MAC table aging time to forward_delay time.
Answer: A,D
NO.837 Which IPv6 first-hop security feature blocks traffic sourced from IPv6 addresses that are
outside the prefix gleaned from router advertisements?
A. IPv6 RA guard
B. IPv6 DHCP guard
C. IPv6 source guard
D. IPv6 prefix guard
Answer: D
NO.838 Which option is the task of an IGMP Snooping Querier?

A. lt sends PIM-SM messages to all multicast routers
270
B. It coordinates the election of a mapping agent

C. lt can limit the number of multicast messages a host receives
D. lt facilitates populating the group membership tables on IGMP Snooping-enabled switches
Answer: C
NO.839 Which three service offer VLAN transparency for WAN Ethernet services? (Choose threE.
A. ERMS
B. EPL
C. ERS
D. MPLS
E. EMS
F. EWS
Answer: B,E,F
NO.840 which two conditions are required for tracking the interface IP routing state?(choose two)
A. The interface line protocol must be up
B. Cisco Express Forwarding must be disable on the interface
C. A VRF must be enabled on the interface
D. A known IP address must be configured on the interface
E. IP routing must be disabled on the interface
Answer: A,D
NO.841 What is a reason for an EIGRP router to send an SIA reply to a peer ?
A. To respond to an SIA query that the router is still waiting on replies from its peers
B. To respond to a reply reporting that the prefix has gone stuck-in-active
C. To respond to a query reporting that the prefix has gone stuck-in-active
D. To respond to an SIA query with the alternative path requested
Answer: A
If the Web Server has been configured to listen only to TCP port 8080 for all the HTTP requests, which
command can you enter to show internet users to access the web server on http port 80?
A. ip nat inside source static tcp 10.1.1.100 8080 10.1.1.100 80
B. ip nat outside source static tcp 10.1.1.100 8080 10.1.1.100 80
C. ip nat outside source static tcp 10.1.1.100 80 10.1.1.100 80
271
D. ip nat inside source static tcp 10.1.1.100 8080 10.1.1.100 80

Answer: A
NO.843 Which two statements about migrating a network from pvst+ to rapid pvst+ are true?
(Choose two)
A. Core switches must be migrated before the access layer switches
B. Because rapid-PVST+ is backward-incompatible with PVST+, all switches on the network must be
migrated
at once in a single maintenance window
C. Access layer switches must be migrated before the core switches
D. If the LAN runs in mixed mode automatically during the migration, convergence time is less than
when all
switches are in PVST+ mode
E. Root guard and BPDU guard are disabled automatically during the migration
F. UplinkFast and BackboneFast are disabled automatically during the migration
Answer: C,F
NO.844 What are two prerequisites for configuring Cisco Performance Monitor for IPv4 traffic? (
Choose two)
A. Cisco Express Forwarding or distributed Cisco Express Forwarding must be enabled on the
interface
B. Conditional debugging must be enabled on the router
C. Authenticated connection must be configured for at least one Syslog destination
D. IPv4 routing must be configured on the router
E. Netflow must be enabled on the interface
Answer: A,D
NO.845 Which LSA type is associated with the default route in a totally stubby area?
A. interarea-prefix LSA for ABRs (Type 3)
B. autonomous system external LSA (Type 5)
C. router LSA (Type 1)
D. interarea-router LSAs for ASBRs (Type 4)
Answer: A
NO.846 Which three statements about microbursts are true ? (choose threE.
A. They can occur when chunks of data are sent in quick succession
B. They occur only with UDP traffic
C. They appear as input errors on an interface counter
D. They appear as ignores and overruns on device buffers
E. They can be monitored by IOS software
F. They appear as misses and failures on device buffers
Answer: A,D,E
272
NO.847 A host on an Ethernet segment has a different subnet mask than the default gateway. What
can be done to allow it to communicate with devices outside of this subnet?
A. Configure a static route for the host on the default gateway
B. Configure a static ARP entry on the default gateway for the host IP address
C. Enable gratuitous ARP on the host
D. Enable proxy ARP on the default gateway
Answer: A
NO.848 Which two statements about QoS and marking are true? (Choose two)
A. The set-discard-class command can be configured for ATM and MPLS protocols
B. It can use a table map to mark traffic
C. It requires Cisco Express forwarding to be enabled on the sending interface and the receiving
interface
D. It is supported on tunnel interfaces
E. It is supported on Fast EthernetChannel and ATM SVC interfaces
Answer: A,D
NO.849 Which method can an IPv6 host to learn the RP in an IPv6 multicast-enabled network,
A. It receives it as part of the DHCP scope
B. It uses Autoj-RP
C. It extracts it from the multicast address
D. it receives an advertisement through MGBP
Answer: C
NO.850 Which option is the origin code when a route is redistributed into BGP?
A. IGP
B. EGP
C. External
D. Incomplete
E. Unknown
Answer: D
NO.851 Which two statements about RIPng are true? (Choose two)
A. IPv6 can support as many as 8 equal-cost routes.
B. IPv6 can support as many as 32 equal-cost routes.
C. A route with a metric of 15 is advertised as unreachable.
D. Both inbound and outbound route filtering can be implemented on a single interface.
E. 16 is the maximum metric it can advertise.
Answer: D,E
273
What is the effect on the network when you apply these configuration to RI and R2?
A. Asymmetric routing occurs because the bandwidth and delay K value settings are mismatched.
B. The interface bandwidth and delay settings adjust automatically to match the new metric settings
C. The neighbor adjacency between R1 and R2 temporarily resets and then reestablishes itself.
D. R1 and R2 fail to form a neighbor adjacency.
Answer: D
NO.853 What are the two Cisco recommended methods for reducing the size of the TCAM on a
Layer 3 switch?Choose two
A. Use the ip route profile command.
B. Adjust the output queue buffers.
C. Filter unwanted routes.
D. Optimize the SDM template.
E. Use summary routes.
Answer: C,E
NO.854 Which command can you enter to disable logging for terminal lines?
A. no logging trop
B. no logging monitor
C. no logging buffer
D. no logging console
E. no logging count
Answer: B
274
Router A is connected as a BGP neighbor to routers B and C.

Which path does router A use to get to AS 65010?
A. Through router C because it has a higher local preference
B. Will load balance because both routes have the same Med value
C. Through router B because it has the shortest AS path
D. Through router B because the default local preference is 500 and higher than router C
Answer: A
NO.856 : 34
Which two statements about WRED are true? (Choose two)
A. It is a packet-classification mechanism
B. It drops IP traffic before non-IP traffic
C. It is most useful with adaptive traffic
D. It is a congestion-management mechanism
E. It is a congestion-avoidance mechanism
F. It can be configured on the same interface as WFQ
Answer: C,E
NO.857 which routing protocol is used on PE routers to exchange VPNv4 routes?

A. OSPF
B. OSPFv3
C. MB-BGP
D. EIGRP
Answer: C
NO.858 Which two statements about VPLS are true? (Choose two)
A. The service provider provisions CE devices.
B. It transmits broadcast traffic more efficiently than Ethernet switches.
C. It uses broadcast replication to transmit Ethernet packets with multicast MAC addresses.
D. It enables CE devices to operate as part of an L3 VPN.
275
E. It enables CE devices on different networks to operate as if they were in the same LAN.
F. It enables PE and CE devices to operate as if they were routing neighbors.
Answer: C,E
NO.859 Which two statements about IPv6 RA guard are true? (Choose two)
A. It blocks unauthorized ICMPv6 Type 134 packets
B. It supports host mode and router mode
C. It provides security for tunneled I Pv6 traffic
D. It is supported in the ingress and egress directions
E. It blocks unauthorized ICMPv6 Type 133 packets
Answer: A,B
NO.860 If EIGRP and OSPF are configured within an administrative domain for the same network,
which value can you change so that the OSPF becomes the installed routing protocol for all routes?
A. Local preference
B. Metric
C. MED
D. Administrative distance
E. Prefix length
Answer: D
NO.861 Which two statements about DMVPN are true? (Choose two.)
A. It flows both the hub and the spokes to use dynamic IP addresses.
B. It supports mufticast and QoS within tunnels.
C. It provides a routable interface for terminating IPSec tunnels.
D. It is a tunnel-less VPN technology.
E. It is an open standard.
F. It uses automatic IPSec triggering to build IPSec tunnels.
Answer: B,F
NO.862 What are three of the key fields that define a unique NetFlow flow?(3)
A. Layer 3 protocol type
B. Type of service
C. Source MAC address
D. Canonical Format identifier
E. Input logical interface
F. Cyclic Redundancy Check
Answer: A,B,E
NO.863 Which two statements about IGPs are true? (Choose two)
A. RIPv2 and OSPF are distance vector protocols
B. OSPF and EIGRP have high resource usage
C. IS-IS and EIGRP are link-state protocols
276
D. OSPF and IS-IS are classless protocols

E. RIPv2 and EIGRP support VLSM
F. RIPv2 and IS-IS claculate the metric of a link based on the bandwidth of a link
Answer: D,E
NO.864 Which two loops-prevention mechanisms are implemented in BGP? (Choose two)
A. The command bgp bestpath as-path-ignore enables the strict checking of AS_PATH so that they
drop routes with their own AS in the AS_PATH.
B. A route with its own cluster ID in the CKUSTER_LIST is dropped automatically when the route
reenters its own AS.
C. The command bgpbestpath med missing-as-worst assigns the smallest possible MED, which
directly prevents a loop.
D. The command bgpallowa-in enables a route with its own AS_PATH to be dropped when it reenters
its own AS
E. A route with its own AS in the AS_PATH is dropped automatically if the routereenters its own AS.
Answer: B,E
NO.865 DRAG DROP

Drag and drop each description from the left into the matching description from the left into the
matching protocol category on the right.
Answer:
277
NO.866 Refer to :
Which statement is true about a valid IPv6 address that can be configured on tunnel interface0?
A. 2001:7DCB:5901::/128 is a valid IPv6 address
B. There is not enough information to calculate the IPv6 address
C. 6to4 tunneling allows you to use any IPv6 address
D. 2002:7DCB:5901::/128 is a valid IPv6 address
Answer: D
NO.867 Which option describes how a router responds if LSA throttling is configured and it receives
the identical LSA before the interval is set?
A. The LSA is added to the OSPF database and a notification is sent to the sending router to
slowdown its LSA packet updates.
B. The LSA is added to the OSPF database.
C. The LSA is ignored.
D. The LSA is ignored and a notification is sent to the sending router to slow down its LSA packet
Updates.
Answer: C
278
If you apply this configuration to a device on your network, which class map cannot match traffic?
A. CM-EXAMPLE-3
B. CM-EXAMPLE-4
C. CM-EXAMPLE-1
D. CM-EXAMPLE-5
E. CM-EXAMPLE-2
Answer: A
NO.869 An NASSA area has two ABRs connected to Area 0. Which statement is true?
A. Both ABRs translate Type-7 LSAs to Type-5 LSAs.
B. The ABR with the highest router ID translates Type-7 LSAs to Type-5 LSAs.
C. No LSAs translation is needed.
D. Both ABRs forward Type-5 LSAs from the NASA area to backbone area.
Answer: B
NO.870 DRAG DROP

Drag and drop each STP port role on the left to the matching statement on the right.
Answer:
279
NO.871 Which statement is true about IGMP?

A. Multicast source send IGMP messages to their first-hop router, which then generates a PIM join
message that is then sent to the RP.
B. Multicast receivers send IGMP message to signal their interest traffic multicast groups.
C. IGMP message are encapsulated in PIM register message and send to the RP.
D. Multicast receivers send IGMP message to their first-hop router, which then forwards the IGMP
message to the RP.
Answer: B
NO.872 Which two statement about VPLS are true? (Choose two)
A. Split horizon is used on PE devices to prevent loops.
B. IP is used to switch Ethernet frames between sites.
C. Spanning tree is extended from CE to CE
D. VPLS extends a layer 2 broadcast domain.
E. PE routers dynamic associate to peers.
Answer: A,D
NO.873 Which two methods can you use to limit the range for EIGRP queries? (Choose two.)
A. Use an access list to deny the multicast address 224.0.0.1 outbound from select EIGRP neighbor
and permit everything else.
B. Configure route tagging for all EIGRP routes.
C. Summarize routes at the boundary routers of the EIGRP domain.
D. Configure unicast EIGRP on all routers in the EIGRP domain.
E. Configure stub routers in the EIGRP domain.
F. Use an access list to deny the multicast address 224.0.0.10 outbound from select EIGRP neighbors
and permit everything else.
Answer: C,E
NO.874 What is the mechanism could be used to avoid the problem of TCP Starvation / UDP
Dominance?
A. Place UDP traffic in a dedicated traffic-class with the bandwidth keyword configured
B. Use policy routing to send the UDP and TCP traffic over different paths
280
C. Configure QoS to police UDP traffic to the desired volume

D. WRED to balance TCP and UDP utilization
Answer: D
NO.875 What are two differences between IPv6 ISATAP tunneling and IPv6 6to4 tunneling?
(Choose two)
A. Only ISATAP tunneling transfers unicast IPv6 packets between .sites.
B. Only 6to4 tunneling requires 2002::/16 addresses. -
C. Only ISATAP tunneling can transfer IPv6 multicast packets.
D. Only ISATAP tunneling transfers unicast IPv6 packets within a site
E. Only 6to4 tunneling transfers unicast IPv6 packets within a site.
Answer: B,D
NO.876 Which two statements about IGMP filtering are true?

A. It eliminates the need for a multicast RP.
B. It can be implemented on Layer-3 routed ports using the ipigmp access-list command.
C. It allows Anycast RP to operate within a single AS.
D. It supports IGMPv3 traffic only
E. It can be implemented on Layer-2 switchports using IGMP profiles.
Answer: B,C
NO.877 Which two statements are true about an EPL? (Choose two.)
A. It is a point-to-point Ethernet connection between a pair of NNls
B. It allows for service multiplexing.
C. It has a high degree of transparency.
D. The EPL service is also referred to as E-line
Answer: C,D
NO.878 Which IS-IS metric style is most suitable for MPLS traffic
engineering?
A. narrow
B. wide
C. transition
D. flat
Answer: A
NO.879 DRAG DROP

Drag and Drop - IPv4 host address on the left to the matching network address on the right
281
Answer:
NO.880 Which two options are types of EVCs?(Choose two)

A. GRE
B. NSSA
C. E-line
D. E-LAN
E. NMBA
Answer: C,D
282
Routers A and Bare the edge devices at two different sites as shown. If routers A and B have
established an IPsec tunnel, which two statements about the network environment must be true?
(Choose two)
A. The connection could have been authenticated with 802.1 x
B. The connection could have authenticated with a pre-shared key
C. RFC 1918 addresses are in use on the WAN interfaces on router A and router B
D. The connection could have been authenticated with MD5
E. Public IP addresses are in use on the WAN interfaces on router A and router B
Answer: B,E
If a DHCP server has generated the given debug output, which two statements about the network
environment are true?
A. Client 0050.4332 has been assigned an IP address on the 10.10.2.0/24 subnet
B. The DHCP server received a DHCPREQUEST from a client whose ID ends in
4574.302f.30
C. The DHCP pool for the 10.10.2.0/24 subnet is configured incorrectly
D. The DHCP server receives discover messages through a relay agent
E. The DHCP server assigned PC2 an address from the 10.10.3.0/24 subnet
Answer: A,D
NO.883 ESTION NO: 35

Which two conditions must be met by default to implement the BGP path feature? (Choose two)
A. MPLS must be enabled.
B. The next-hop routers must be different.
C. All attributes must have the same values.
D. Route reflectors must be enabled.
E. The next-hop routers must be the same.
Answer: B,C
283
NO.884 What technology allows a PE router to exchange VPNv4 routes with other PE routers?
A. MPLSL3VPN
B MPLSL2VPN
B. VPLS
C. Frame Relay to ATM AAL5 Interworking
Answer: A
NO.885 Which two are features of DMVPN?(Choose two)

A. It supports multicast traffic
B. It does not supports spoke routers behind dynamic NAT
C. It only supports remote peers with statically assigned addresses
D. It offers configuration reduction
E. It requires IPsec encryption
Answer: A,B
NO.886 Which three modes are valid for forming an EtherChannel between the ports of two
switches? {Choose threE.
A. passive/passive
B. active/active
C. active/passive
D. desirable/on
E. auto/auto
F. auto/desirable
Answer: B,C,F
NO.887
Refer to the exhibit.Which two options are effects of this configuration when the router is unable to
reach the TACACS+ server?(Choose two.)
A. Users cannot log in ti the router
B. Users can log in to the router EXEC mode without entering a password.
C. Users can log in to the router user EXEC mode with the username ciscol and the password cisco2.
284
D. Users can log in to the router privileged EXEC mode with the username ciscol and the password
cisco2
E. Users can log in to the router privileged EXEC mode without entering a password
F. Users can log in to the router privileged EXEC mode without a username and with the password
cisco3.
Answer: B,F
NO.888 Which two statements about VPLS are true? (Choose two)
A. Split horizon is used on PE devices to prevent loops
B. PE routers dynamically associate to peers
C. VPLS extends a Layer 2 broadcast domain
D. Spanning tree is extended from CE to CE
E. IP is used to switch Ethernet frames between sites
Answer: A,C
NO.889 Which two statements about root guard and loop guard are true? (Choose two)
A. Loop guard uses its own keepalives to determine unidirectional traffic.
B. Loop guard uses its own keepalives to prevent loops by detecting failures.
C. Loop guard uses BPDU keepalives to determine unidirectional traffic.
D. Root guard should be enabled on an upstream interface.
E. Root guard disables an interface only when a superior BPDU is received
F. When loop guard is enabled, the port is transitioned to the root-inconsistent state.
Answer: C,E
NO.890 Which type of port would have root guard enabled on it

A. a designated port
B. an alternate port
C. a blocked port
D. a root port
Answer: A
NO.891 Which statement about a Cisco APIC controller versus a more traditional SDN controller is
true?
A. APIC uses a policy agent to translate policies into instructions
B. APIC supports OpFlex as a Northbound protocol
C. APIC does suppoort a Southbound REST API
D. APIC uses an imperative model
Answer: A
NO.892 Which option describes the characteristics of a public Infrastructure as a Serveice cloud
service model?
A. It is a way of delivering cloud-computing infrastructure (servers , storage , network , and
B. operating systems ) as an on-demand service.
285
C. It is a cloud service where the underlying hardware is managed by the cloud service provider.
D. It is a cloud-computing platform that facilitates the creation of web applications without the
E. need to maintain the supporting software applications.
F. It is a cloud-computing platform that facilitates the creation of web applications without the
need to maintain the supporting software operating systems.
Answer: A
NO.893 Which two platforms provide hypervisor virtualization?(choose two)

A. Xen
B. Docker
C. KVM
D. OpenStack
E. DevStack
Answer: A,C
NO.894 Which two statements about QoS marking are true? (Choose two.)
A. It is supported on Fast EtherChannel and ATM SVC interfaces.
B. It is supported on tunnel interfaces.
C. It can use3 a table map to mark traffic.
D. The set discard-class command can be configured for ATM and MPLS protocols.
E. It requires Cisco Express Forwarding to be enabled on the sending interface and the receiving
interface.
Answer: B,E
NO.895 DRAG DROP
Answer:
NO.896 Which statement about the NHRP network ID is true ?

A. It is sent from the hub to the spoke to identify the hub as a member of the same NHRP domain
B. It is sent from the spoke to the hub to identify the spoke as member of the same NHRP domain
286
C. It is locally significant ID used to define the NHRP domain for an interface.

D. It is sent between spokes to identify the spokes as members of the same as NHRP domain.
Answer: C
NO.897 Which statements about the client-identifier in a DHCP pool are true?(Choose two)
A. It is specified by appending 01 to the MAC address of a DHCP client.
B. It specifies a hardware address for the client.
C. It specifies a unique identifier that is used only for BOOTP requests.
D. It specifies a unique identifier that is used only for DHCP request.
E. It requires that you specify the hardware protocol.
Answer: A,D
NO.898 What is used to acknowledge the receipt of LSPs on a point-to-point network in IS-IS?
A. hello
B. CSNP
C. PSNP
D. IIH
E. CSH
Answer: C
NO.899 DRAG DROP

Drag and drop the EIGRP query condition on the left to the corresponding action taken by the router
on the right.
Answer:
NO.900 What is the default behavior for a manual summary route when a component route of the
summary disappears?
287
A. Regardless of the metric of the component route ,the metric of the summary is unchanged in
order to keep stability
B. If the component route previously had the best composite metric, the same summary metric is
retained for stability /
C. If the component route previously had the best composite metric, the metric of the summary
changes to the next-best composite metric
D. If the component route previously dis not have the best composite metric, the summary metric is
updated and updates are sent to peers
Answer: A
NO.901 Refer to the exhibit.What are two effects of the given configurationChoose two
A. Track objiect 100 goes down if Ethernet1/0 goes down.

B. The aggregate weight of track object 100 is set to 30.
C. Track object 100 goes down if Ethernet1/2 goes down.
D. The aggregate weight of track object 100 is set to 40.
E. Track object 100 stays up as long as both Ethernet1/0 and Ethernet1/1 are up.
F. Track object 100 goes down if all three interfaces go down.
Answer: E,F
NO.902 Which two values are required to implement an EIGRP named configuration? (Choose two.)
A. Process-id
B. Router-id
C. Subnet-mask
D. Add ress-family
E. Virtual-instance-name
Answer: D,E
NO.903
288
Refer to the exhibit When traffic marked as CoS 5 arrives on the switch.what DSCP value does the
switch apply?
A. 0
B. 32
C. 40
D. 46
E. 48
Answer: B
NO.904 Which LSA type is associated with default route in a totally stubby area?
A. Router LSA(Type 1)
B. Autonomous system external LSA (Type 5)
C. Interarea-router LSAs for ASBRs (Type 4)
D. Interarea-prefix LSA for ABRs (Type 3)
Answer: D
NO.905 Which IPv4 feature can limit indiscriminate flooding of multicast traffic on a VLAN?
A. PIM Snooping
B. IGMP Filtering
C. MLD Filtering
D. IGMP Snooping
Answer: D
NO.906 DRAG DROP

Drag and Drop the OpenStack projects from the left onto their function on the right?
Answer:
289
NO.907 Which two statements about route summarization are true?(Choose two.)
A. EIGRP can summarize routes at the classful network boundary
B. EIGRP and RIPv2 route summarize are configured with the ip summary-address command under
the route..
C. It can be disabled in RIP,RIPv2 and EIGRP
D. It require a common set of high-order bits for all component routes
E. RIPv2 can summarize-routes beyond the classful network boundary
Answer: A,D
NO.908 Which statements about PMTUD is true?

A. It is supported by TCP and UDP.
B. It increases the connection's send MSS value to prevent fragmentation.
C. GRE tunnels use PMTUD to fragment data packets by default.
D. It is used to prevent fragmentation of packets at the endpoint of a TCP connection.
E. It is used to prevent fragmentation of packets traveling across a smaller MTU link between two
endpoints.
Answer: A
NO.909
Refer to the exhibit. Which statement correctly description how a router with this configuration
treats packets if it does not know a path 172.16.12.5 and 192.168 3 2?
A. it routes the packet based on the packet's destination using the routing table
B. It drop the packet immediately
C. It sends an ICMP source quench message
D. it routes the packet Into a loop and drops it when the JTL reaches zero
Answer: A
290
Your network uses an MPLS VPN backbone with OSPF routing between all PE and CE routers and on
the 10Mb backup links between the CE routers notice that traffic from CE3 to CE2 and C4 is flowing
over the backup links instead of the higher-bandwidth MPLS VPN backbone even when the backbone
is up. What can you make to ensure that traffic uses the MPLS VPN backbone instead?
A. Configure 1Gb sham links between PE3 and PE4 and between PE3 and PE2
B. Configure a lover cost metric on the provider netwok's OSPF-to-BGP redistribution
C. Configure 1Gb sham link between PE2 and PE4
D. Configure internal BGP on PE2, PE3, and PE4
Answer: A
NO.911 Which two statements about the command distance bgp 90 60 120 are true?(Choose two)
A. The local distance it sets may conflict with the RIP administrative distance
B. Implementing the command is a Cisco best practice
C. The internal distance it sets is preferred over the external distance
D. The internal distance it sets may conflict with the EIGRP administrative distance
E. The local distance it sets may conflict with the EIGRP administrative distance
F. The external distance it sets is preterred over the internal distance
Answer: A,C
NO.912 Which feature can be used to block traffic from one host to another within one VLAN on a
Layer 2 switch?
A. port security
B. dot1x
C. access list
D. protected ports
Answer: D
NO.913 DRAG DROP
291
Drag and Drop
Answer:
NO.914 Which three conditions must be met for the IP routing state of an interface to be
up?(choose threE.
A. The interface must have a known IP address
B. Active IP routing must be enabled
C. Cisco express forwarding must be enabled
D. Cisco discovery protocol must be enabled on the inter face
E. A backup interface must be defined
F. The interface line-protocol state must be up
Answer: A,B,F
NO.915 Which statement about NAT64 is true?

A. It can be used to translate an IPv6 network to another IPv6 network.
B. It uses one-to-one mapping between IPv6 addresses and IPv4 addresses.
C. It requires static address mapping between IPv6 addresses and IPv4 addresses.
292
D. It can be configured for stateless and stateful translation.

Answer: D
NO.916 Which two statements about CEF polarization are true? (Choose two)
A. The AND operation is performed on the higher-order bits of the source and destination IP address
B. A single link is chosen for all flows
C. The AND operation is performed on the lower-order bits of the source and destination IP address
D. After the XOR process, the flow is processed in the distribution Layer with a different hashing
algorithm
E. It can be prevented by alternating the hashing inputs
F. When enabled, it allows all links to be used efficiently for different traffic flows
Answer: B,E
293

400-101 V29.75

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

400-101 V29.75

Uploaded by

Copyright:

Available Formats

IT Certification Guaranteed, The Easy Way!

Title : CCIE Routing and Switching

NO.2 Which technology does OSPFv3 use to authenticate packets

NO.6 DRAG DROP

NO.7 DRAG DROP

NO.9 DRAG DROP

NO.13 Refer to the exhibit.

E. the capture buffer

NO.15 What is the main function of VRF-lite?

NO.21 Refer to the exhibit.

NO.22 router ospf 20

NO.23 Which two statementsabout MSDP are true?(choose two)

NO.24 Refer the exhibit.

H. Security parameter index

NO.27 Which two statements about redistribution are true?((choose two)

NO.29 Refer to exhibit.

Which AS paths are matched by this access list?

NO.33 Which option is a core event publisher for EEM?

NO.35 Which statement is true about conditional advertisements?

NO.38 Refer to the exhibit.

Which effect of this configuration is true?

NO.42 router bgp 65500

B. Only BGP routes from AS 65006

NO.43 Refer to the exhibit.

Between which router is an LDP session established?

NO.45 DRAG DROP

NO.47 Refer to the exhibit.

A. BFD last failed 476ms ago on interface GigabitEthernet 0/3.

NO.48 R1#showip ospfinterface FastEthernet0/0.12

D. Configure R1 and R2 as neighbors using router IDs

NO.51 Which two statements about VTPv3 are true?(Choose two)

NO.52 Refer to the exhibit.

Which statement is true?

D. The output shows an IPv6 multicast address with embedded RP.

NO.53 What is the correct binary equivalent of DSCP value AF41?

NO.54 Refer to the Exhibit.

NO.55 Refer to the exhibit.

NO.60 DRAG DROP

NO.62 Which set of commands conditionally advertises 172.16.0.0/24 as long as 10.10.10.10/32 is in

C. Neutron layer 2 agent

NO.68 Which BGP attribute is used to influence inbound traffic?

NO.70 Refer to the exhibit.

What fee of ISIS is configured on R1?

NO.71 Refer to the exhibit.

NO.73 Refer to the exhibit.

NO.74 DRAG DROP

NO.79 DRAG DROP

NO.80 Refer to the exhibit.

NO.83 With which protocol is CoAP designed to be used?

NO.87 Refer to the exhibit.

Which statement about the effect of this configuration is true ?

NO.88 Which feature can you implement to reduce global synchronization?

NO.89 DRAG DROP

NO.91 Refer to the exhibit.

Which two statements about the given NetFlow configuration are

NO.93 Refer to the exhibit.

C. The R1 to R2 adjacency will be L1 and L2

NO.96 Which statement about Auto-RP is true ?

NO.98 How does an IPv6 host automatically generate a global address?

NO.99 Which two statement about BPDU guard are true ?

D. BPDU guard can be used to protect the root port.

NO.100 DRAG DROP

NO.101 Refer to the exhibit.

A. Router1 must be configured to encapsulate traffic by using L2TPv3 under thepseudowire-class