Q1. A network administrator is in charge of multiple IPsec VPN headend devices that service thousands of remote connectivity, point-to-point, IPsec/GRE tunnels. During a recent power outage, in which it was found that a backup power supply in one of those headend devices was faulty, one of the headend routers suffered a complete shutdown event. When the router was successfully recovered, remote users found intermittent connectivity issues that went away after several hours. Network operations staff accessed the headend devices and found that the recently recovered unit was near 100% CPU for a long period of time. How would you redesign the network VPN headend devices to prevent this from happening again in the future?
A. Move the tunnels more evenly across the headend devices.
B. Implement Call Admission Control.
C. Use the scheduler allocate command to curb CPU usage.
D. Change the tunnels to DMVPN.
Answer: B
Q2. Refer to the exhibit.
When designing an MPLS-based LAN extension between DC-1 and DC-2, what are three advantages of deploying VSS? (Choose three.)
A. Layers 2, 3, and 4 flow-based load balancing
B. native VSS and MEC failover without using scripts
C. sub-second failover
D. required to configure VPLS
E. failover time depends on Cisco IOS EEM and STP convergence
F. limited VLAN-based VPLS traffic hashing
Answer: A,B,C
Q3. Which restriction prevents a designer from using a GDOI-based VPN to secure traffic that traverses the Internet?
A. Enterprise host IP addresses are typically not routable.
B. GDOI is less secure than traditional IPsec.
C. Network address translation functions interfere with tunnel header preservation.
D. The use of public addresses is not supported with GDOI.
Answer: C
Q4. To improve the stability of a global network, you have been tasked with changing the design to include link-state topology summarization. What are two issues that you should address as part of the design? (Choose two.)
A. slow convergence
B. suboptimal routing
C. traffic black-holing
D. packet reordering
Answer: BC
Q5. A company wants to connect two data center sites using a hub-and-spoke design with 2000 remote sites. One design consideration is the requirement to transfer MPLS packets over the public Internet. In addition, one router at each site should be used, and the MPLS packets must be encapsulated inside IP packets because the public Internet cannot transfer native MPLS packets. Which feature can be used to simplify the network design?
A. GET VPN can be used to encrypt the MPLS packets with IPsec.
B. DMVPN can be used to build up GRE tunnels dynamically with MPLS encapsulation inside.
C. L2TPv3 can be used to encapsulate the MPLS packets.
D. Site-to-site IPsec without GRE can be used to encapsulate the MPLS packets.
E. PPPoE can be used to encapsulate the MPLS packets.
Answer: B
Q6. What is a design aspect regarding multicast transport for MPLS Layer 3 VPNs using the Rosen Draft implementation?
A. LDP is the multicast control plane protocol.
B. Multicast traffic is forwarded over GRE tunnels.
C. Multicast traffic is forwarded over LDP or RSVP signaled LSPs.
D. Using the MDT SAFI in BGP ensures that PIM can be disabled in the core.
Answer: B
Q7. You are the SAN designer for the ABC Company. Due to budget constraints, there is increased pressure by management to further optimize server utilization by implementing virtualization technologies on all servers and increase virtual machines density. Faced with some SAN challenges, the server team requests your help in the design and implementation of the SAN in the new virtualized environment.
In which two ways can NPIV be used in your proposed design? (Choose two.)
A. NPIV is used to assign multiple FCIDs to a single N Port.
B. NPIV is used to define and bind multiple virtual WWNs (VIs) to a single physical pWWN.
C. You recommend NPIV so that hosts can be members of different zones.
D. NPIV can be used to allow multiple applications on the same port to use different IDs in the same VSAN.
Answer: AD
Q8. Refer to the exhibit.
You are developing a migration plan to enable IPv6 in your IPv4 network. Starting at R3 and assuming default IS-IS operations, what is likely to happen when you enable IPv6 routing on the link from R3 to R2?
A. Only R3 and R2 have IPv4 and IPv6 reachability.
B. R2 receives an IPv6 default route from R3.
C. Loopback reachability between all routers for IPv4 is lost.
D. All routers except R2 are reachable through IPv4.
E. R3 advertises the link from R3-R2 to R1, R4 and R5 only.
Answer: C
Q9. Refer to the exhibit.
Your junior design engineer presents this configuration design. What is the next-hop router for CE3, and why?
A. CE1. BGP weight is higher than CE2.
B. CE2. EBGP administrative distance is lower than RIP.
C. CE2. The link between CE2 and PE1 has more bandwidth than CE1-to-PE1.
D. CE1. HSRP on CE1 is in active state.
Answer: D
Q10. AS100 and AS200 each have two peering points in different parts of their network. AS100 would like to use one of the links and keep the other link as backup. What should be changed for the design inside AS100 for prefixes received from AS200?
A. MED
B. weight
C. AS-PATH
D. local preference
Answer: D