Q1. Your company plans to implement an Internet gateway router that is performing NAT. This same gateway will be terminating various IPsec tunnels to other remote sites. Which
address type isappropriate for the ACL that will govern the sources of traffic entering the tunnel in the inside interface?
A. inside local
B. inside global
C. outside local
D. outside global
Answer: B
Q2. You are designing a Group Encrypted Transport virtual private network solution for an existing branch network. The existing network has the following characteristics:
. 50 remote sites (with an additional 30 remote sites expected over the next 3 years) . Connectivity between all sites is via Multiprotocol Label Switching Layer 3 virtual private network service from a single provider . Open Shortest Path First is the routing protocol used between provider edge and customer edge routers . The customer edge routers will become group members performing the encryption between sites
Which additional routing protocol would you use for the overlay routing between the group members?
A. Open Shortest Path First (with a different process ID)
B. Enhanced Interior Gateway Routing Protocol
C. No additional protocol is necessary.
D. External Border Gateway Protocol
E. Routing Information Protocol Version 2
F. Next Hop Resolution Protocol
Answer: C
Q3. A company plans to establish a new network using Cisco Catalyst switches for its multicast applications. What is the disadvantage when two multicast applications are using the multicast IP addresses 234.17.4.5 and 234.145.4.5 inside the same network?
A. Multicast packets from both applications are flooded to all Layer 2 ports in a segment where a multicast receiver is located.
B. Multicast packets from both applications are flooded to ports where one multicast receiver from one application is located.
C. Only one multicast stream is received at the port where the receivers from both applications are located.
D. Both multicast senders will always receive the multicast packets from the other multicast application.
E. The routers doing PIM-SM cannot distinguish between the two multicast applications.
Answer: B
Q4. A customer is using a service provider to provide a WAN backbone for a 30-site network. In establishing the network, the customer must work within these constraints:
The customer has a self-managed MPLS backbone.
The VPLS WAN backbone of the service provider does not support PIM snooping.
Multicast VPN must be used for multicast support inside some VRFs.
What can the customer do so that multicast traffic is NOT flooded to all sites?
A. Configure static GRE tunnels and run the MPLS and multicast VPN inside these GRE tunnels.
B. Use Label Switched Multicast for the multicast transport.
C. Use PIM-SSM as the multicast routing protocol with IETF Rosen Draft multicast VPN.
D. Configure a static mapping between multicast addresses and MAC addresses.
E. Use GET VPN to encrypt the multicast packets inside the WAN.
Answer: A
Q5. Company A has grown nationwide in the U.S., and each new remote branch has a Metro Ethernet circuit provisioned back to the data center at the headquarters on the West Coast. The operations team says that it cannot manage hundreds of circuits as the company continues to grow. You review the topology and notice that many of the branches are close to each other in geographical zones. How can you redesign this network to improve manageability and increase scalability?
A. Add an aggregation layer router in each geographical zone.
B. Add a redundant data center on the East Coast to serve some of the traffic there.
C. Add a default route in each branch toward the data center on the West Coast.
D. Use Optimized Edge Routing at the data center.
E. Build an overlay MPLS network with Layer 3 VPN.
Answer: A
Q6. After the recent implementation of a new design that incorporated GRE tunnels into the network, the network operations staff is seeing the following syslog message in multiple routers on the network - %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing.
From a design perspective, what was not taken into account prior to implementing the solution?
A. The neighboring routers cannot respond within the specified hold time.
B. The interface on the router that is the source of the tunnel is down.
C. The interface on the neighboring router that is the source of the tunnel is down.
D. The router is learning the route to the tunnel destination address using the tunnel interface.
E. The tunnel interface on the router is not receiving any keepalives within the specified hold time.
Answer: D
Q7. Refer to the exhibit.
Assume that no multicast optimization is done on LAN switches A and B. Which feature can be used to optimize multicast traffic forwarding in this situation?
A. Enable IGMP snooping querier on both switches.
B. Configure a static MAC entry for the multicast server.
C. Disable IGMP snooping on both switches.
D. Disable the IGMP query election process.
E. Enable PIM Snooping on both switches.
Answer: A
Q8. In a network design using carrier Ethernet, which three mechanisms can be used to improve Layer 2 down detection and thereby reduce routing convergence time? (Choose three.)
A. BFD
B. Ethernet port debounce timers
C. link-state tracking
D. object tracking
E. fast IGP hello
Answer: ADE
Q9. The network administrator of a branch office network has decided to deploy Unicast RPF at the access layer. He insists that the design must guarantee that all the packets arriving on the router interfaces are assigned to the same interface subnet.
Which mode of Unicast RPF would you recommend as the lead network designer?
A. uRPF strict mode
B. uRPF loose mode
C. uRPF VRF mode
D. RPF feasible mode
Answer: A
Q10. You need to redesign your NMS system so that it can collect information without causing adverse effects in the network, such as high CPU utilization on network devices and network instability. Which two options will minimize the impact of the trusted NMS polling your network in this situation? (Choose two.)
A. Implement SNMP community restrictions that are associated with an ACL.
B. Unload unused MIBs from the network devices.
C. Prevent polling of large tables through the use of SNMP OID restrictions.
D. Disable unused OIDs and MIBs on the NMS systems.
Answer: CD