Q1. When you migrate a network from PVST+ to rapid-PVST+, which two features become inactive? (Choose two.)
A. Root guard
B. Loop guard
C. UplinkFast
D. UDLD
E. BackboneFast
F. Bridge Assurance
Answer: C,E
Explanation:
It is good to know the UplinkFast and BackboneFast behavior before you start the migration process.
Here, the Access1 switch runs Cisco IOS. This output is taken before migration to the rapid-PVST+ mode:
Access1#show spanning-tree vlan 10
VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 24586
Address 0015.63f6.b700
Cost 3019
Port 107 (FastEthernet3/0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 49162 (priority 49152 sys-id-ext 10)
Address 000f.f794.3d00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
Uplinkfast enabled
Interface Role Sts Cost Prio.Nbr Type
Fa3/0/1 Root FWD 3019 128.107 P2p
Fa3/0/2 Altn BLK 3019 128.108 P2p
Access1#show spanning-tree summary
Switch is in pvst mode
Root bridge for: none
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is enabled
Portfast BPDU Filter Default is disabled
Loopguard Default is disabled
EtherChannel misconfig guard is enabled
UplinkFast is enabled
BackboneFast is enabled
Configured Pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
VLAN0010 1 0 0 1 2
VLAN0020 1 0 0 1 2
2 vlans 2 0 0 2 4
This output is taken after the mode is changed to rapid-PVST+:
Access1#show spanning-tree vlan 10
VLAN0010
Spanning tree enabled protocol rstp
Root ID Priority 24586
Address 0015.63f6.b700
Cost 3019
Port 107 (FastEthernet3/0/1)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 49162 (priority 49152 sys-id-ext 10)
Address 000f.f794.3d00
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300
UplinkFast enabled but inactive in rapid-pvst mode
Interface Role Sts Cost Prio.Nbr Type
Fa3/0/1 Root FWD 3019 128.107 P2p
Fa3/0/2 Altn BLK 3019 128.108 P2p
Access1#show spanning-tree summary
Switch is in rapid-pvst mode
Root bridge for: none
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is enabled
Portfast BPDU Filter Default is disabled
Loopguard Default is disabled
EtherChannel misconfig guard is enabled
UplinkFast is enabled but inactive in rapid-pvst mode
BackboneFast is enabled but inactive in rapid-pvst mode
Configured Pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
VLAN0010 1 0 0 1 2
VLAN0020 1 0 0 1 2
2 vlans 2 0 0 2 4
You can see in the show spanning-tree summary command output that UplinkFast and BackboneFast are enabled, but are inactive in rapid-PVST mode.
Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/72836-rapidpvst-mig-config.html#upback1
Q2. Which statement about WAN Ethernet Services is true?
A. Rate-limiting can be configured per EVC.
B. Point-to-point processing and encapsulation are performed on the customer network.
C. Ethernet multipoint services function as a multipoint-to-multipoint VLAN-based connection.
D. UNIs can perform service multiplexing and all-in-one bundling.
Answer: A
Explanation:
The MEF has defined a set of bandwidth profiles that can be applied at the UNI or to an EVC. A bandwidth profile is a limit on the rate at which Ethernet frames can traverse the UNI or the EVC.
Reference: http://www.ciscopress.com/articles/article.asp?p=101367&seqNum=2
Q3. Which option is a core event publisher for EEM?
A. Timer
B. Policy Director
C. Applet
D. Script
Answer: A
Explanation:
EEM is a flexible, policy-driven framework that supports in-box monitoring of different components of the system with the help of software agents known as event detectors. The figure below shows the relationship between the EEM server, core event publishers (event detectors), and the event subscribers (policies). Basically, event publishers screen events and publish them when there is a match on an event specification that is provided by the event subscriber. Event detectors notify the EEM server when an event of interest occurs. The EEM policies that are configured using the Cisco command-line interface (CLI) then implement recovery on the basis of the current state of the system and the actions specified in the policy for the given event. EEM offers the ability to monitor events and take informational or corrective action when the monitored events occur or when a threshold is reached. An EEM policy is an entity that defines an event and the actions to be taken when that event occurs. There are two types of EEM policies: an applet or a script. An applet is a simple form of policy that is defined within the CLI configuration. A script is a form of policy that is written in Tool Command Language (Tcl).
Figure 1. Embedded Event Manager Core Event Detectors
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/configuration/15-mt/eem-15-mt-book/eem-overview.html
Q4. Which option is a correct match criterion for policy-based routing?
A. length
B. interface type
C. interface
D. cost
Answer: A
Q5. You are configuring Wireshark on a Cisco Catalyst 4500E Switch with a Supervisor 8. Which three actions can you take to prevent the capture from overloading the CPU? (Choose three.)
A. Attach the specific ports that are part of the data path.
B. Use an in-line filter.
C. Use an appropriate ACL.
D. Add memory to the Supervisor.
E. Reconfigure the buffers to accommodate the additional traffic.
F. Configure a policy map, class map, and an access list to express the match conditions.
Answer: A,B,C
Explanation:
Because packet forwarding typically occurs in hardware, packets are not copied to the CPU for software processing. For Wireshark packet capture, packets are copied and delivered to the CPU, which causes an increase in CPU usage. To avoid high CPU, do the following:
. Attach only relevant ports.
. Use a class map, and secondarily, an access list to express match conditions. If neither is viable, use an explicit, in-line filter.
. Adhere closely to the filter rules. Restrict the traffic type (such as, IPv4 only) with a restrictive, rather than relaxed ACL, which elicits unwanted traffic.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/15-1-2/XE_340/configuration/guide/config/wireshrk.pdf
Q6. Which three modes are valid for forming an EtherChannel between the ports of two switches? (Choose three.)
A. Active/active
B. Active/passive
C. Passive/passive
D. Auto/auto
E. Auto/desirable
F. Desirable/on
Answer: A,B,E
Explanation:
To configure an EtherChannel using LACP negotiation, each side must be set to either active or passive; only interfaces configured in active mode will attempt to negotiate an EtherChannel. Passive interfaces merely respond to LACP requests. PAgP behaves the same, but its two modes are refered to as desirable and auto.
Reference: http://packetlife.net/blog/2010/jan/18/etherchannel-considerations/
Q7. Which two mechanisms can be used to eliminate Cisco Express Forwarding polarization? (Choose two.)
A. alternating cost links
B. the unique-ID/universal-ID algorithm
C. Cisco Express Forwarding antipolarization
D. different hashing inputs at each layer of the network
Answer: B,D
Explanation:
This document describes how Cisco Express Forwarding (CEF) polarization can cause suboptimal use of redundant paths to a destination network. CEF polarization is the effect when a hash algorithm chooses a particular path and the redundant paths remain completely unused.
How to Avoid CEF Polarization
. Alternate between default (SIP and DIP) and full (SIP + DIP + Layer4 ports) hashing inputs configuration at each layer of the network.
. Alternate between an even and odd number of ECMP links at each layer of the network.The CEF load-balancing does not depend on how the protocol routes are inserted in the routing table. Therefore, the OSPF routes exhibit the same behavior as EIGRP. In a hierarchical network where there are several routers that perform load-sharing in a row, they all use same algorithm to load-share.
The hash algorithm load-balances this way by default:
1: 1
2: 7-8
3: 1-1-1
4: 1-1-1-2
5: 1-1-1-1-1
6: 1-2-2-2-2-2
7: 1-1-1-1-1-1-1
8: 1-1-1-2-2-2-2-2
The number before the colon represents the number of equal-cost paths. The number after the colon represents the proportion of traffic which is forwarded per path.
This means that:
For two equal cost paths, load-sharing is 46.666%-53.333%, not 50%-50%.
For three equal cost paths, load-sharing is 33.33%-33.33%-33.33% (as expected).
For four equal cost paths, load-sharing is 20%-20%-20%-40% and not 25%-25%-25%-25%.
This illustrates that, when there is even number of ECMP links, the traffic is not load-balanced.
.Cisco IOS introduced a concept called unique-ID/universal-ID which helps avoid CEF polarization. This algorithm, called the universal algorithm (the default in current Cisco IOS versions), adds a 32-bit router-specific value to the hash function (called the universal ID - this is a randomly generated value at the time of the switch boot up that can can be manually controlled). This seeds the hash function on each router with a unique ID, which ensures that the same source/destination pair hash into a different value on different routers along the path. This process provides a better network-wide load-sharing and circumvents the polarization issue. This unique -ID concept does not work for an even number of equal-cost paths due to a hardware limitation, but it works perfectly for an odd number of equal-cost paths. In order to overcome this problem, Cisco IOS adds one link to the hardware adjacency table when there is an even number of equal-cost paths in order to make the system believe that there is an odd number of equal-cost links.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/express-forwarding-cef/116376-technote-cef-00.html
Q8. Which two hashing algorithms can be used when configuring SNMPv3? (Choose two.)
A. MD5
B. SHA-1
C. Blowfish
D. DES
E. AES
F. SSL
Answer: A,B
Explanation:
Note that SNMPv3 does not send passwords in clear-text and uses hash-based authentication with either MD5 or SHA1 functions (HMAC authentication – the packet conted is hashed along with authentication key to produce the authentication string).
Reference: http://blog.ine.com/2008/07/19/snmpv3-tutorial/
Q9. You are installing a new device to replace a device that failed. The configuration of the failed device is stored on a networked server, and the new device has an RXBOOT image installed. Under which condition does the streamlined Setup mode fail?
A. The last four bits of the configuration register are not equal to the decimal value 0 or 1.
B. The startup configuration file was deleted.
C. Bit 6 is set in the configuration register.
D. The startup configuration is corrupt.
Answer: A
Explanation:
The lowest four bits of the configuration register (bits 3, 2, 1, and 0) form the boot field. The boot field determines if the router boots manually, from ROM, or from Flash or the network. To change the boot field value and leave all other bits set to their default values, follow these guidelines:
. If you set the configuration register boot field value to 0x0, you must boot the operating system manually with the boot command.
. If you set the configuration register boot field value to 0x1, the router boots using the default ROM software.
. If you set the configuration register boot field to any value from 0x2 to 0xF, the router uses the boot field value to form a default boot filename for booting from a network server. For more information about the configuration register bit settings and default filenames, refer to the appropriate router hardware installation guide.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/command/reference/ffun_r/frf010. html
Q10. Refer to the exhibit.
You are bringing a new MPLS router online and have configured only what is shown to bring LDP up. Assume that the peer has been configured in a similar manner. You verify the LDP peer state and see that there are no neighbors. What will the output of show mpls ldp discovery show?
A. Interfaces:
Ethernet0/0 (ldp): xmit
B. Interfaces:
Ethernet0/0 (ldp): xmit/recv
LDP Id: 25.25.25.2:0; IP addr: 192.168.12.2
C. Interfaces:
Ethernet0/0 (ldp): xmit/recv
LDP Id: 192.168.12.2:0; no route
D. Interfaces:
Ethernet0/0 (ldp): xmit/recv
LDP Id: 25.25.25.2:0; no route
Answer: D