Q1. Which command can you enter to inject BGP routes into an IGP?
A. redistribute bgp
B. redistribute static
C. redistribute static subnet
D. default-information originate
Answer: A
Q2. Private lines make use of which connection type based on cell switching?
A. ATM
B. ISP MPLS VPN
C. VTI
D. VPLS
Answer: A
Q3. Which two key components are related to one firewall per ISP design option for e-commerce? (Choose two.)
A. It is a common approach to single-homing.
B. This approach is commonly used in large sites.
C. Any failure on an edge router results in a loss of session.
D. It has one NAT to two ISP-assigned blocks.
E. It is difficult to set up and administer.
Answer: C,D
Q4. Recently, the WAN links between the headquarters and branch offices have been slow under peak congestion, yet multiple alternate WAN paths exist that are not always congested. What technology can allow traffic to be routed in a more informed manner to utilize transport characteristics such as delay, loss, or link load?
A. performance routing
B. static routing
C. on demand routing
D. policy based routing
Answer: A
Q5. A network engineer is designing an access layer that requires all uplinks to be active. Furthermore, VLANs must span across the entire switch block. What design fulfills this requirement?
A. Layer 2 looped triangle
B. Layer 2 looped square
C. Layer 2 loop-free U
D. Layer 2 loop-free inverted U
Answer: D
Q6. Which protocol is best when there are circuit connections with two different ISPs in a multihoming scenario?
A. VRRP
B. BGP
C. IPsec
D. SSL
Answer: B
Q7. When considering the design of the E-Commerce topology which of the following are true?
A. One-armed SLB design with multiple security contexts removes the need for a separate firewall in the core layer
B. Two-firewall-layer SLB design considers the aggregation and access layers to be trusted zones, requiring no security between the web, application, and database zones
C. One-armed SLB design with two firewall layers ensures that non load-balanced traffic still traverses the ACE so that the health and performance of the servers is still being monitored
D. In all cases there will be configuration requirements for direct access to any servers or for nonload-balanced sessions initiated by the servers
Answer: A
Q8. What is the next action taken by the Cisco NAC Appliance after it identifies a vulnerability on a client device?
A. denies the client network resource access
B. repairs the effected devices
C. generates a Syslog message
D. permits the client but limits to guest access
Answer: B
Q9. Which technology is an example of the need for a designer to clearly define features and desired performance when designing advanced WAN services with a service provider?
A. FHRP to remote branches
B. Layer 3 MPLS VPNs secure routing
C. Control protocols (for example Spanning Tree Protocol) for a Layer 3 MPLS service
D. Intrusion prevention, QoS, and stateful firewall support network wide
Answer: B
Q10. In base e-Commerce module designs, where should firewall perimeters be placed?
A. core layer
B. Internet boundary
C. aggregation layer
D. aggregation and core layers
E. access and aggregation layers
Answer: A