Q1. Which two options are EIGRP route authentication encryption modes? (Choose two.)
A. MD5
B. HMAC-SHA-256bit
C. ESP-AES
D. HMAC-AES
Answer: A,B
Explanation:
Packets exchanged between neighbors must be authenticated to ensure that a device accepts packets only from devices that have the same preshared authentication key. Enhanced Interior Gateway Routing Protocol (EIGRP) authentication is configurable on a per-interface basis; this means that packets exchanged between neighbors connected through an interface are authenticated. EIGRP supports message digest algorithm 5 (MD5) authentication to prevent the introduction of unauthorized information from unapproved sources. MD5 authentication is defined in RFC 1321. EIGRP also supports the Hashed Message Authentication Code-Secure Hash Algorithm-256 (HMAC-SHA-256) authentication method.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-xe-3s-book/ire-sha-256.html
Q2. Which two values comprise the VPN ID for an MPLS VPN? (Choose two.)
A. an OUI
B. a VPN index
C. a route distinguisher
D. a 16-bit AS number
E. a 32-bit IP address
Answer: A,B
Explanation:
Each MPLS VPN ID defined by RFC 2685 consists of the following elements:
. An Organizational Unique Identifier (OUI), a three-octet hex number: The IEEE Registration Authority assigns OUIs to any company that manufactures
components under the ISO/IEC 8802 standard. The OUI is used to generate universal LAN MAC addresses and protocol identifiers for use in local and metropolitan area network applications. For example, an OUI for Cisco Systems is 00-03-6B (hex).
. A Virtual Private Network (VPN) index: a four-octet hex number, which identifies the VPN within the company.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/15-mt/mp-l3-vpns-15-mt-book/mp-assgn-id-vpn.html
Q3. What is the most secure way to store ISAKMP/IPSec preshared keys in Cisco IOS?
A. Use the service password-encryption command.
B. Encrypt the ISAKMP preshared key in secure type 5 format.
C. Encrypt the ISAKMP preshared key in secure type 7 format.
D. Encrypt the ISAKMP preshared key in secure type 6 format.
Answer: D
Explanation:
Using the Encrypted Preshared Key feature, you can securely store plain text passwords in type 6 format in NVRAM using a command-line interface (CLI). Type 6 passwords are encrypted. Although the encrypted passwords can be seen or retrieved, it is difficult to decrypt them to find out the actual password. This is currently the most secure way to store keys.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_ikevpn/configuration/xe-3s/asr1000/sec-ike-for-ipsec-vpns-xe-3s-asr1000-book/sec-encrypt-preshare.html
Q4. Which two statements about VRRP are true? (Choose two.)
A. It is assigned multicast address 224.0.0.18.
B. The TTL for VRRP packets must be 255.
C. It is assigned multicast address 224.0.0.9.
D. Its IP protocol number is 115.
E. Three versions of the VRRP protocol have been defined.
F. It supports both MD5 and SHA1 authentication.
Answer: A,B
Q5. Which two statements about MLD are true? (Choose two.)
A. MLD is a subprotocol of ICMPv6.
B. When a single link supports multiple interfaces, only one interface is required to send MLD messages.
C. MLD is a subprotocol of PIMv6.
D. When a single link supports multiple interfaces, all supported interfaces are required to send MLD messages.
E. There are three subtypes of MLD query messages.
F. The code section in the MLD message is set to 1 by the sender and ignored by receivers.
Answer: A,B
Q6. DRAG DROP
Drag and drop the VLAN number on the left to the corresponding default VLAN name on the right.
Answer:
Q7. Which two statements about VPLS are true? (Choose two.)
A. Split horizon is used on PE devices to prevent loops.
B. Spanning tree is extended from CE to CE.
C. IP is used to switch Ethernet frames between sites.
D. PE routers dynamically associate to peers.
E. VPLS extends a Layer 2 broadcast domain.
Answer: A,E
Q8. MPLS LDP IGP synchronization is configured on a link. The OSPF adjacency on that link is UP but MPLS LDP synchronization is not achieved. Which statement about this scenario is true?
A. The router excludes the link from its OSPF LSA type 1.
B. The router flushes its own router LSA.
C. The router advertises the link in its router LSA with max-metric.
D. The router advertises an LSA type 2 for this link, with the metric set to max-metric.
E. The router advertises the link and OSPF adjacency as it would when the synchronization is achieved.
Answer: C
Explanation:
To enable LDP-IGP Synchronization on each interface that belongs to an OSPF or IS-IS process, enter the mpls ldp sync command. If you do not want some of the interfaces to have LDP-IGP Synchronization enabled, issue the no mpls ldp igp sync command on those interfaces. If the LDP peer is reachable, the IGP waits indefinitely (by default) for synchronization to be achieved. To limit the length of time the IGP session must wait, enter the mpls ldp igp sync holddown command. If the LDP peer is not reachable, the IGP establishes the adjacency to enable the LDP session to be established. When an IGP adjacency is established on a link but LDP-IGP Synchronization is not yet achieved or is lost, the IGP advertises the max-metric on that link.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/fsldpsyn.html
Q9. Which three routing protocols utilize TLVs? (Choose three.)
A. BGP
B. IS-IS
C. ODR
D. OSPF
E. EIGRP
F. RIP
Answer: A,B,E
Explanation:
IS-IS, originally designed for Open System Interconnection (OSI) routing, uses TLV parameters to carry information in Link State Packets (LSPs). The TLVs make IS-IS extendable. IS-IS can therefore carry different kinds of information in the LSPs. Several routing protocols use TLVs to carry a variety of attributes. Cisco Discovery Protocol (CDP), Label Discovery Protocol (LDP), and Border Gateway Protocol (BGP) are examples of protocols that use TLVs. BGP uses TLVs to carry attributes such as Network Layer Reachability Information (NLRI), Multiple Exit Discriminator (MED), and local pReference: The IP header of the EIGRP packet specifies IP protocol number 88 within it, and the maximum length of the packet will be the IP MTU of the interface on which it is transmitted, most of the time 1500 octets. Following the IP header is the various Type/Length/Value (TLV) triplets. These TLVs will not only carry the route entries but also provide fields for the management of the DUAL process, multicast sequencing, and IOS software versions from the router.
References: http://www.cisco.com/c/en/us/support/docs/ip/integrated-intermediate-system-to-intermediate-system-is-is/5739-tlvs-5739.html http://ericleahy.com/index.php/eigrp-packets-neighborships/
Q10. Which two statements describe characteristics of HDLC on Cisco routers? (Choose two.)
A. It supports multiple Layer 3 protocols.
B. It supports multiplexing.
C. It supports only synchronous interfaces.
D. It supports authentication.
Answer: A,C
Explanation:
Cisco High-Level Data Link Controller (HDLC) is the Cisco proprietary protocol for sending data over synchronous serial links using HDLC. Cisco HDLC also provides a simple control protocol called Serial Line Address Resolution Protocol (SLARP) to maintain serial link keepalives. Cisco HDLC is the default for data encapsulation at Layer 2 (data link) of the Open System Interconnection (OSI) stack for efficient packet delineation and error control. The absence of a protocol type field in the HDLC header posed a problem for links that carried traffic from more than one Layer 3 protocol. Cisco, therefore, added an extra Type field to the HDLC header, creating a Cisco-specific version of HDLC. Cisco routers can support multiple network layer protocols on the same HDLC link. For example an HDLC link between two Cisco routers can forward both IPv4 and IPv6 packets because the Type field can identify which type of packet is carried inside each HDLC frame.
Reference: http://www.cisco.com/c/en/us/td/docs/routers/access/800/819/software/configuration/Guide/
819_SCG/6ser_conf.html#pgfId-1073734