option
Cuestiones
ayuda
daypo
CREAR TEST
buscar.php

Nuevas1

COMENTARIOS ESTADÍSTICAS RÉCORDS
REALIZAR TEST
Título del Test:
Nuevas1

Descripción:
nuevas preguntas

Fecha de Creación: 2022/12/20

Categoría: Otros

Número Preguntas: 130

Valoración:(0)
COMPARTE EL TEST
Nuevo ComentarioNuevo Comentario
Comentarios
NO HAY REGISTROS
Temario:

Which feature minimizes DoS attacks on an IPv6 network?. IPv6 Destination Guard. IPv6 Router Advertisement Guard. IPv6 Prefix Guard. IPv6 Binding Security Table.

Which action resolves the adjacency issue?. Configure the same autonomous system numbers. Match the authentication keys. Configure the same EIGRP process IDs. Match the hello interval timers.

Refer to the exhibit. The network administrator configured BGP as the backup route for 10.0.0.0/8 and it should work only when EIGRP 10.0.0.0/8 failed to install for site S4266T8E713F6. Which configuration resolves the issued?. configure terminal ! router eigrp 1 distance eigrp 90 170. configure terminal ! ip route 10.0.0.0 269.0.0.0 192.168.90.2. configure terminal ! router eigrp 1 distance eigrp 10 170. configure terminal ! router eigrp 1 redistribute bgp metric 10000 1 255 1 1500.

Refer to the exhibit. AS111 router bgp 111 neighbor 195.1.1.1 remote-as 100 neighbor 195.1.1.1 allowas-in neighbor 195.1.2.2 remote-as 200 neighbor 195.1.2.2 allowas-in. router bgp 111 neighbor 195.1.1.1 as-override neighbor 195.1.2.2 allowas-in. router bgp 111 neighbor 195.1.2.2 as-override no neighbor 195.1.1.1 allowas-in. router bgp 111 neighbor 195.1.1.1 as-override neighbor 195.1.2.2 as-override. router bgp 111 no neighbor 195.1.1.1 allowas-in no neighbor 195.1.2.2 allowas-in.

Refer to the exhibit. The administrator is trying to overwrite an existing file on the TFTP server that was previously uploaded by another router. However, the attempt to update the file fails. Which action resolves this issue?. Make the package.conf file writable by all on the TFTP server. Make the package.conf file executable by all on the TFTP server. Make sure to run the TFTP service on the TFTP server. Make the TFTP folder writable by all on the TFTP server.

Refer to the exhibit. An engineer implemented an access list on R1 to allow anyone to Telnet except R2 Loopback0 to R1 Loopback4. How must sequence 20 be replaced on the R1 access list to resolve the issue?. sequence 20 deny tcp host 400A:0:400C::1 host 1001:ABC:2011:7::1 eq telnet. sequence 20 deny tcp host 1001:ABC:2011:7::1 host 400A:0:400C::1 eq telnet. sequence 20 permit tcp host 1001:ABC:2011:7::1 host 400A:0:400C::1 eq telnet. sequence 20 permit tcp host 400A:0:400C::1 host 1001:ABC:2011:7::1 eq telnet.

Refer to the exhibit. The network administrator can see the DHCP discovery packet in R1, but R2 is not replying to the DHCP request. The R1 related interface is configured with the DHCP helper address. If the PC is directly connected to the Fa0/1 interface on R2, the DHCP server assigns as IP address from the DHCP pool to the PC. Which two commands resolve this issue? (Choose two). ip dhcp relay information enable command on R1. service dhcp-relay command on R1. ip dhcp option 82 command on R2. service dhcp command on R1. ip dhcp relay information trust-all command on R2.

Refer to the exhibit. P 172.29.0.0/16, 1 successors, FD is 307200, serno 2 via 192.168.254.2 (307200/281600), FastEthernet0/1 via 192.168.253.2 (410200/352300), FastEthernet0/0 When the FastEthernet0/1 goes down, the route to 172.29.0.0/16 via 192.168.253.2 is not installed in the RIB. Which action resolves the issue?. Configure feasible distance greater than the reported distance. Configure feasible distance greater than the successor’s feasible distance. Configure reported distance greater than the successor’s feasible distance. Configure reported distance greater than the feasible distance.

Refer to the exhibit. Mutual redistribution is enabled between RIP and EIGRP on R2 and R5. Which configuration resolves the routing loop for the 192.168.1.0/24 network?. router eigrp 10 network 181.16.0.0 redistribute rip metric 1 1 1 1 1 distribute-list 1 in s1 ! router rip network 178.1.0.0 redistribute eigrp 10 metric 2 ! access-list 1 deny 192.168.1.0 access-list 1 permit any R5: router eigrp 10 network 181.16.0.0 redistribute rip metric 1 1 1 1 1 distribute-list 1 in s0 ! router rip network 178.1.0.0 redistribute eigrp 10 metric 2 ! access-list 1 deny 192.168.1.0 access-list 1 permit any. R2: router eigrp 10 network 181.16.0.0 redistribute rip metric 1 1 1 1 1 distribute-list 1 in s0 ! router rip network 178.1.0.0 redistribute eigrp 10 metric 2 ! access-list 1 deny 192.168.1.0 access-list 1 permit any R5: router eigrp 10 network 181.16.0.0 redistribute rip metric 1 1 1 1 1 distribute-list 1 in s0 ! router rip network 178.1.0.0 redistribute eigrp 10 metric 2 ! access-list 1 deny 192.168.1.0 access-list 1 permit any. R2: router eigrp 10 network 181.16.0.0 redistribute rip metric 1 1 1 1 1 distribute-list 1 in s0 ! router rip network 178.1.0.0 redistribute eigrp 10 metric 2 ! access-list 1 deny 192.168.1.0 access-list 1 permit any R5: router eigrp 10 network 181.16.0.0 redistribute rip metric 1 1 1 1 1 distribute-list 1 in s1 ! router rip network 178.1.0.0 redistribute eigrp 10 metric 2 ! access-list 1 deny 192.168.1.0 access-list 1 permit any. R2: router eigrp 7 network 181.16.0.0 redistribute rip metric 1 1 1 1 1 distribute-list 1 in s1 ! router rip network 178.1.0.0 redistribute eigrp 7 metric 2 ! access-list 1 deny 192.168.1.0 access-list 1 permit any R5: router eigrp 7 network 181.16.0.0 redistribute rip metric 1 1 1 1 1 distribute-list 1 in s1 ! router rip network 178.1.0.0 redistribute eigrp 7 metric 2 ! access-list 1 deny 192.168.1.0 access-list 1 permit any.

An engineer configured routing between multiple OSPF domains and introduced a routing loop that caused network instability. Which action resolves the problem?. Set a tag using the network command in a domain and use the route-map command to deny the matching tag when exiting toward a different domain. Set a tag using the redistribute command toward a domain and deny inbound in the other domain by a matching tag. Set a tag using the network command in a domain and use the route-map command to deny the matching tag when entering into a different domain. Set a tag using the redistribute command toward a different domain and deny the matching tag when exiting from that domain.

Refer to the exhibit. Why is user authentication being rejected? TAC+: TCP/IP open to 171.68.118.101/49 failed — Destination unreachable; gateway or host down AAA/AUTHEN (2546660185): status = ERROR AAA/AUTHEN/START (2546660185): Method=LOCAL AAA/AUTHEN (2546660185): status = FAIL As1 CHAP: Unable to validate Response. Username chapuser: Authentication failure. The TACACS+ server refuses the user because the user is set up for CHAP. The TACACS+ server expects “user” but the NT client sends “domain\user”. The TACACS+ server is down and the user is not in the local database. The TACACS+ server is down and the user is in the local database.

Refer to the exhibit. R1# show policy-map control-plane Control plane service-plane input: CoPP class-map: PERMIT (match-all) 50 packets, 3811 bytes 5 minute offered rate 0000 bps Match: access-group 100 class-map: ANY (match-all) 210 packets, 19104 bytes 5 minute offered rate 0000 bps, drop rate 0000bps Match: access-group 199 drop class-map: class-default (match-any) 348 packets, 48203 bytes 5 minute offered rate 0000 bps, drop rate 0000 bps Match: any R1#show access-list 100 Extended IP access list 100 10 permit udp any any eq 23 (100 matches) 20 permit tcp any any eq telnet (5 matches) 30 permit tcp any eq telnet any (10 matches) R1#show access-list 199 Extended IP access 199 10 deny tcp any eq telnet any (50 matches) 50 permit ip any any (1 match) R1# show run | section line vty line vty 0 4 login transport input telnet ssh transport output telnet ssh Which two actions restrict access to router R1 by SSH? (Choose two). Configure transport input ssh on line vty and remove sequence 30 from access list 100. Configure transport output ssh on line vty and remove sequence 10 from access list 199. Remove class-map any from service-policy CoPP. Remove sequence 10 from access list 100 and add sequence 20 deny tcp any any eq telnet to access list 199. Configure transport output ssh on line vty and remove sequence 20 from access list 100.

Refer to the exhibit. R1(config)#ip prefix-list EIGRP seq 10 deny 0.0.0.0/0 le 32 R1(config)#ip prefix-list EIGRP seq 20 permit 10.0.0.0/8 R1(config)#router eigrp 10 R1(config-router)#distribute-list prefix EIGRP in Ethernet0/0 A prefix list is created to filter routes inbound to an EIGRP process except for network 10 prefixes. After the prefix list is applied no network 10 prefixes are visible in the routing table from EIGRP. Which configuration resolves the issue?. ip prefix-list EIGRP seq 20 permit 10.0.0.0/8 ge 9 ip prefix-list EIGRP seq 10 permit 0.0.0.0/0 le 32. ip prefix-list EIGRP seq 20 permit 10.0.0.0/8 ge 9. ip prefix-list EIGRP seq 5 permit 10.0.0.0/8 ge 9 no ip prefix-list EIGRP seq 20 permit 10.0.0.0/8. ip prefix-list EIGRP seq 10 permit 0.0.0.0/0 le 32.

What are the two goals of micro BFD sessions? (Choose two). Run the BFD session with 3×3 ms hello timer. Continuity for each member link of a link aggregation group must be verified. Each member link of a link aggregation group must run BFD. The high bandwidth member link of a link aggregation group must run BFD. Eny member link on a link aggravation group must run BFD.

What is the purpose of the DHCPv6 Guard?. It messages between a DHCPv6 server and a DHCPv6 client (or relay agent). It shows that clients of a DHCPv6 server are affected. It allows DHCPv6 replay and advertisements from (rouge) DHCPv6 servers. It block DHCPv6 messages from relay agents to a DHCPv6 server.

Refer to the exhibit. The network administrator can see the DHCP discovery packet in R1, but R2 is not replying to the DHCP request. The R1 related interface is configured with the DHCP helper address. If the PC is directly connected to the Fa0/1 interface on R2, the DHCP server assigns as IP address from the DHCP pool to the PC. Which two commands resolve this issue? (Choose two). ip dhcp relay information trust-all command on R2. service dhcp-relay command on R1. ip dhcp relay information enable command on R1. ip dhcp option 82 command on R2. service dhcp command on R1.

Refer to the exhibit. After a new regional office is set up, not all guests can access the internet via guest Wi Fi. Clients are getting the correct IP address from guest Wi-Fi VLAN 364. Which action resolves the issue?. Allow DNS traffic through the inbound ACL. Allow DNS traffic through the outbound ACL. Allow 10.66.46.0/23 in the outbound ACL. Allow 10.66.46.0/23 in the inbound ACL.

Refer to the exhibit. A client is concerned that passwords are visible when running this show archive log config all. Which router configuration is needed to resolve this issue?. MASS-RTR(config)#aaa authentication arap. MASS-RTR(config)#service password-encryption. MASS-RTR(config-archive-log-cfg)#hidekeys. MASS-RTR(config-archive-log-cfg)#password encryption aes.

What is the purpose of an OSPF sham-link?. to correct OSPF backdoor routing when OSPF is used as the PE-PE connection protocol in an MPLS VPN network. to allow intra-area routing when OSPF is used as the PE-CE connection protocol in an MPLS VPN network. to correct OSPF backdoor routing when OSPF is used as the PE-CE connection protocol in an MPLS VPN network. to allow inter-area routing when OSPF is used as the PE-CE connection protocol in a MPLS VPN network.

What are two MPLS label characteristics? (Choose two). A maximum of two labels can be imposed on an MPLS packet. The label edge router swaps labels on the received packets. An MPLS label is a short identifier that identifies a forwarding equivalence class. Labels are imposed in packets after the Layer 3 header. LDP uses TCP for reliable delivery of information.

Refer to the exhibit. A network administrator notices these console messages from host 10.11.110.12 originating from interface E1/0. The administrator considers this an unauthorized attempt to access SNMP on R1. Which action prevents the attempts to reach R1 E1/0?. Configure IOS control plane protection using ACL 90 on interface E1/0. Add a permit statement including the host 10.11.110.12 into ACL 90. Configure IOS management plane protection using ACL 90 on interface E1/0. Create an inbound ACL on interface E1/0 to deny SNMP from host 10.11.110.12.

Refer to the exhibit. Router R2 should be learning the route for 10.123.187.0/24 via EIGRP. Which action resolves the issue without introducing more issues?. Remove route redistribution in R2 for this route in OSPF. Redistribute the route in EIGRP with metric, delay, and reliability. Use distribute-list to modify the route as an internal EIGRP route. Use distribute-list to filter the external routes in OSPF.

Refer to the exhibit. aaa new-model aaa group server radius RADIUS-SERVERS aaa authentication login default group RADIUS-SERVERS local aaa authentication enable default group RADIUS-SERVERS enable aaa authorization exec default group RADIUS-SERVERS if-authenticated aaa authorization network default group RADIUS-SERVERS if-authenticated aaa accounting send stop-record authentication failure aaa session-id common line con 0 logging synchronous stopbits 1 line vty 0 4 logging synchronous transport input ssh A network administrator successfully logs in to a switch using SSH from a RADIUS server. When the network administrator uses a console port to access the switch, the RADIUS server returns “shell:priv-lvl=15” and the switch asks to enter the enable command. When the command is entered, it gets rejected. Which command set is used to troubleshoot and resolve this issue?. line con 0 aaa authorization console authorization priv15 ! line vty 0 4 transport input ssh. line con 0 aaa authorization console priv15 ! line vty 0 4 authorization exec. line con 0 aaa authorization console ! line vty 0 4 authorization exec. line con 0 aaa authorization console authorization exec ! line vty 0 4 transport input ssh.

Which two solutions are used to overcome a flapping link that causes a frequent label binding exchange between MPLS routers? (Choose two). Create link dampening on links to protect the session. Increase a session delay to protect the session. Create targeted hellos to protect the session. Increase input queue on links to protect the session. Increase a hold-timer to protect the session.

Refer to the exhibit. DSW1#sh run int f0/0 Building configuration... Current configuration : 174 bytes ! interface FastEthernet 0/0 ip address 10.4.10.1 255.255.255.0 ip helper-address 4.4.4.4 duplex auto speed auto ipv6 address 2002:A04:A01::A04:A01/120 ipv6 enable end Clients on ALS2 receive IPv4 and IPv6 addresses, but clients on ALS1 receive only IPv4 addresses and not IPv6 addresses. Which action on DSW1 allows clients on ALS1 to receive IPv6 addresses?. DSW1(config)#ipv6 route 2002:404:404::404:404/128 FastEthernet 1/0. DSW1(config-if)# ipv6 helper address 2002:404:404::404:404. DSW1(config)# ipv6 dhcp relay destination 2002:404:404::404:404 GigabitEthernet 1/2. DSW1(dhcp-config)# default-router 2002:A04:A01::A04:A01.

A customer requested a GRE tunnel through the provider network between two customer sites using loopback to hide internal networks. Which configuration on R2 establishes the tunnel with R1?. R2(config)#interface Tunnel1 R2(config-if)#ip address 172.20.1.2 255.255.255.0 R2(config-if)#ip mtu 1400 R2(config-if)#ip tcp adjust-mss 1360 R2(config-if)#tunnel source 192.168.20.1 R2(config-if)#tunnel destination 192.168.10.1. R2(config)#interface Tunnel1 R2(config-if)#ip address 172.20.1.2 255.255.255.0 R2(config-if)#ip mtu 1400 R2(config-if)#ip tcp adjust-mss 1360 R2(config-if)#tunnel source 10.10.2.2 R2(config-if)#tunnel destination 10.10.1.1. R2(config)#interface Tunnel1 R2(config-if)#ip address 172.20.1.2 255.255.255.0 R2(config-if)#ip mtu 1500 R2(config-if}#ip tcp adjust-mss 1360 R2(config-if)#tunnel source 192.168.20.1 R2(config-if)#tunnel destination 10.10.1.1. R2(config)#interface Tunnel1 R2(config-if)#ip address 172.20.1.2 255.255.255.0 R2(config-if)#ip mtu 1500 R2(config-if)#ip tcp adjust-mss 1360 R2(config-if)#tunnel source 10.10.2.2 R2(config-if)#tunnel destination 10.10.1.1.

Drag and drop the descriptions from the left onto the corresponding MPLS components on the right. Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left. routers that connect to the customer routers known as PE routers. routers in the core of the provider network known as P routers. path along which the traffic flows across an MPLS network. all traffic to be forwarded using the same path and same label. used for exchanging label mapping information between MPLS enabled routers.

Refer to the exhibit. The network administrator has configured the Customer Edge router (AS 64511) to send only summarized routes toward ISP-1 (AS 100) and ISP-2 (AS 200). router bgp 64511 network 172.16.20.0 mask 255.255.255.0 network 172.16.21.0 mask 255.255.255.0 network 172.16.22.0 mask 255.255.255.0 network 172.16.23.0 mask 255.255.255.0 aggregate-address 172.16.20.0 255.255.252.0 After this configuration, ISP-1 and ISP-2 continue to receive the specific routes and the summary route. Which configuration resolves the issue?. router bgp 64511 neighbor 192.168.100.1 summary-only neighbor 192.168.200.2 summary-only. ip prefix-list PL_BLOCK_SPECIFIC deny 172.16.20.0/22 ge 22 ip prefix-list PL_BLOCK_SPECIFIC permit 172.16.20.0/22 ! route-map BLOCK_SPECIFIC permit 10 match ip address prefix-list PL_BLOCK_SPECIFIC ! router bgp 64511 aggregate-address 172.16.20.0 255 255.252.0 suppress-map BLOCK_SPECIFIC. interface E0/0 ip bgp suppress-map BLOCK_SPECIFIC ! interface E0/1 ip bgp suppress-map BLOCK_SPECIFIC ! ip prefix-list PL_BLOCK_SPECIFIC permit 172.16.20.0/22 ge 24 ! route-map BLOCK_SPECIFIC permit 10 match ip address prefix-list PL_BLOCK_SPECIFIC. router bgp 64511 aggregate-address 172.16.20.0 255.255.252.0 summary-only.

An engineer configured access list NON-CISCO in a policy to infuence routes. route-map PBR, deny, sequence 5 Match clauses: ip address (access-list): NON-CISCO Set clauses: Policy routing matches: 0 packets, 0 bytes route-map PBR, permit, sequence 10 Match clauses: Set clauses: ip next-hop 192.168.1.5 Policy routing matches: 389202995 packets, 222006352077 bytes What are the two effects of this route map configuration? (Choose two). Packets are evaluated by sequence 10. Packets are not evaluated by sequence 10. Packets are forwarded using normal route lookup. Packets are dropped by the access list. Packets are forwarded to the default gateway.

Which two methods use IPsec to provide secure connectivity from the branch office to the headquarters office? (Choose two). PPPoE. MPLS VPN. DMVPN. SSL VPN. Virtual Tunnel Interface (VTI).

Which protocol does VRF-Lite support?. ODR. IGRP. EIGRP. IS-IS.

Refer to the exhibit. A bank ATM site has difficulty connecting with the bank server. A network engineer troubleshoots the issue and finds that R4 has no active route to the bank ATM site. Which action resolves the issue?. Advertise 10.10.30.0/24 subnet in R1 EIGRP AS. Advertise 10.10.30.0/24 subnet in R3 EIGRP AS. EIGRP peering between R1 and R2 to be fixed. EIGRP peering between R3 and R4 to be fixed.

What are two functions of IPv6 source guard? (Choose two). It uses the populated binding table for allowing legitimate traffic. It works independent from IPv6 neighbor discovery. It denies traffic by inspecting neighbor discovery packets for specific patterns. It blocks certain traffic by inspecting DHCP packets for specific sources. It denies traffic from unknown sources or unallocated addresses.

The network administrator must implement IPv6 in the network to allow only devices that not only have registered IP addresses but are also connecting from assigned locations. Which security feature must be implemented?. IPv6 Snooping. IPv6 Router Advertisement Guard. IPv6 Destination Guard. IPv6 Prefix Guard.

Refer to the exhibit. interface GigabitEthernet0/0 description FTP SERVER no ip address ipv6 address 2001:DB8::F/33 ipv6 enable ipv6 traffic-filter FTP-SERVER in ! interface GigabitEthernet0/1 description FTP CLIENT no ip address ipv6 address 2001:DB8:8000::F/33 ipv6 enable ipv6 traffic-filter FTP-CLIENT in ipv6 access-list FTP-CLIENT permit tcp host 2001:DB8:8000::1 host 2001:DB8::1 eq ftp permit tcp host 2001:DB8:8000::1 host 2001:DB8::1 eq ftp-data ! ipv6 access-list FTP-SERVER permit tcp host 2001:DB8::1 host 2001:DB8:8000::1 eq ftp established permit tcp host 2001:DB8::1 host 2001:DB8:8000::1 eq ftp-data established. Modify traffic filter FTP-SERVER in to the outbound direction. Configure to permit TCP ports higher than 1023. Configure active FTP traffic. Modify FTP-SERVER access list to remove established at the end.

Refer to the exhibit. An administrator that is connected to the console does not see debug messages when remote users log in. Which action ensures that debug messages are displayed for remote loggings? R1(config)#do show running-config | section line|username username cisco secret 5 $l$^e/o$I3G5cXODxpYMSJ70PzEyoO line con 0 logging synchronous line vty 0 4 login local transport input telnet R1(config)# logging console 7 R1(config)# do debug aaa authentication R1(config)#. Enter the aaa new-model configuration command. Enter the terminal monitor exec command. Enter the transport input ssh configuration command. Enter the logging console debugging configuration command.

Refer to the exhibit. A network administrator configured an IPv6 access list to allow TCP return frame only, but it is not working as expected. Which changes resolve this issue?. option a. option b. option c. option d.

Refer to the exhibit. R1(config)#ip access-list standard EIGRP-FILTER R1(config-std-nacl)# permit 10.10.10.0 0.0.0.255 R1(config)#router eigrp 10 R1(config-router)#distribute-list route-map EIGRP in ! R1(config)#route-map EIGRP permit 10 R1(config-route-map)#match ip address EIGRP-FILTER ! R1#show ip route eigrp D 10.10.10.0/24 An engineer must filter incoming EIGRP updates to allow only a set of specific prefixes. The distribute list is tested, and it filters out all routes except network 10.10.10.0/24. How should the engineer temporarily allow all prefixes to be learned by the router again without adjusting the existing access list?. An extended access list must be used instead of a standard access list to accomplish the task. A permit any statement should be added before completing the ACL with the required prefixes, and then the permit any statement can be removed. A permit 20 statement should be added before completing the ACL with the required prefixes, and then the permit 20 statement can be removed. A continue statement should be added within the permit 10 statement before completing the ACL with the required prefixes, and then the continue statement can be removed.

A network administrator is trying to switch to the privileged EXEC level on R1 but failed. Which configuration resolves the issue?. tacacs server enable-password Cisco@123. enable password Cisco@123. enable-password Cisco@123. tacacs-server enable-password Cisco@123.

Question 36 Refer to the exhibit. The engineer configured and connected Router2 to Router1. The link came up but could not establish a Telnet connection to Router1 IPv6 address of 2001:DB8::1. Which configuration allows Router2 to establish a Telnet connection to Router1?. permit ip any any on access list EGRESS2 on Router1. permit ICMPv6 on access list INGRESS for Router2 to obtain IPv6 address. ipv6 unicast-routing. IPv6 address on GigabitEthernet0/0.

Refer to the exhibit. Which configuration enables OSPF for area 0 interfaces to establish adjacency with a neighboring router with the same VRF?. router ospf 1 vrf CCNP interface Ethernet1 ip ospf 1 area 0.0.0.0 interface Ethernet2 ip ospf 1 area 0.0.0.0. router ospf 1 vrf CCNP network 10.1.1.1 0.0.0.0 area 0 network 10.2.2.2 0.0.0.0 area 0. router ospf 1 vrf CCNP network 10.0.0.0 0.0.255.255 area 0. router ospf 1 interface Ethernet1 ip ospf 1 area 0.0.0.0 interface Ethernet2 ip ospf 1 area 0.0.0.0.

Drag and drop the OSPF adjacency states from the left onto the correct descriptions on the right. Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left. Exchange. 2-way. Loading. Exstart. Init. Down.

Refer to the exhibit. What does the imp-null tag represent in the MPLS VPN cloud? Router#show tag-switching tdp bindings (...) tib entry: 10.10.10.1/32, rev 31 local binding: tag: 18 remote binding: tsr: 10.10.10.1:0, tag:imp-null remote binding: tsr: 10.10.10.2:0, tag:18 remote binding: tsr: 10.10.10.6:0, tag:21 tib entry: 10.10.10.2/32, rev 22 local binding: tag: 17 remote binding: tsr: 10.10.10.2:0, tag:imp-null remote binding: tsr: 10.10.10.1:0, tag:19 remote binding: tsr: 10.10.10.6:0, tag:22. Pop the label. Include the EXP bit. Exclude the EXP bit. Impose the label.

Which two protocols work in the control plane of P routers across the MPLS cloud? (choose two). MPLS OAM. RSVP. LDP. LSP. ECMP.

Refer to the exhibit. During ISP router maintenance, the network produced many alerts because of the flapping interface. Which configuration on R1 resolves the issue?. no snmp trap link-status. ip verify drop-rate notify hold-down 60. snmp trap link-status down. snmp trap ip verify drop-rate.

Drag and drop the DHCP messages from the left onto the correct uses on the right. Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left. DHCPNAK. DHCPDECLINE. DHCPACK. DHCPINFORM.

Refer to the exhibit. Configuration output: aaa new-model aaa group server tacacs+ admin server name admin ! ip tacacs source-interface GigabitEthernet1 aaa authentication login admin group tacacs+ local enable aaa session-id common ! tacacs server admin address ip 10.11.15.6 key 7 01150F165E3C17032D ! line vty 0 4 login authentication admin Debug Output: Oct 22 12:38 57 587 AAA/BIND(0000001A): Bind I/f Oct 22 12:38:57.587: AAA/AUTHEN/LOGIN (0000001A) Pick method list ‘admin’ Oct 22 12:38:57 587: AAA/AUTHEN/ENABLE(0000001A): Processing request action LOGIN Oct 22 12:38 57 587: AAA/AUTHEN/ENABLE(0000001A): Done status GET_PASSWORD Oct 22 12:39:02.327: AAA/AUTHEN/ENABLE(0000001A): Processing request action LOGIN Oct 22 12:39:02.327: AAA/AUTHEN/ENABLE(0000001A): Done status FAIL – bad password An administrator configured a Cisco router for TACACS authentication, but the router is using the local enable password instead. Which action resolves the issue?. Configure the aaa authentication login default group admin local if-authenticated command instead. Configure the aaa authentication login admin group tacacs+ local if-authenticated command instead. Configure the aaa authentication login admin group admin local enable command instead. Configure the aaa authentication login admin group tacacs+ local enable none command instead.

What is a function of IPv6 Source Guard?. It works with address glean or ND to find existing addresses. It inspects ND and DHCP packets to build an address binding table. It notifies the ND protocol to inform hosts if the traffic is denied by it. It denies traffic from known sources and allocated addresses.

An engineer configured SNMP noticiations sent to the management server using authentication and encryption data with DES. An error in the response PDU is received as “UNKNOWNUSERNAME, WRONGDIGEST”. Which action resolves the issue?. Configure correct authentication and privacy passwords using SNMPv3 authNoPriv. Configure the correct authentication password using SNMPv3 authPriv. Configure the correct authentication password using SNMPv3 authNoPriv. Configure correct authentication and privacy passwords using SNMPv3 authPriv.

Refer to the exhibit An engineer is troubleshooting BGP on a device but discovers that the clock on the device does not correspond to the time stamp of the log entries. Which action ensures consistency between the two times? *Feb 28 12:41:57: %BGP-5-ADJCHANGE: neighbor 192.168.2.2 Down User reset *Feb 28 12:41:57: %BGP_SESSION-5-ADJCHANGE : neighbor 192.168.2.2 IPv4 Unicast topology base removed from session User reset *Feb 28 12:41:57: %BGP-5-ADJCHANGE: neighbor 192.168.2.2 Up R1#show clock *13:42:00.506 CET Feb 28 2019. Configure the logging clock synchronize command in global configuration mode. Make sure that the clock on the device is synchronized with an NTP server. Configure the service timestamps log uptime command in global configuration mode. Configure the service timestamps log datetime localtime command in global configuration mode.

Refer to the exhibit. An engineer configured IP SLA on R1 to avoid the ISP link flapping problem, but it is not working as designed. IP SLA should wait 30 seconds before switching traffic to a secondary connection and then revert to the primary link after waiting 20 seconds, when the primary link is available and stabilized. Which configuration resolves the issue?. R1(config)#track 700 ip sla 700 R1(config-track)#delay down 30 up 20. R1(config)#ip sla 700 R1(config-ip-sla)#delay down 30 up 20. R1(config)#track 700 ip sla 700 R1(config-track)#delay down 20 up 30. R1(config)#ip sla 700 R1(config-ip-sla)#delay down 20 up 30.

An engineer plans to use Python to convert text files that contain device information to JSON. Drag and drop the code snippets from the bottom onto the blanks in the code to construct the request. Not all options are used. Please type the corresponding numbers of each item on the bottom to the blank below. For example: 136 (which means 1 for first box, 3 for second box and 6 for third group). Please type your answer here:

A network engineer must configure a DMVPN network so that a spoke establishes a direct path to another spoke if the two must send traffic to each other. A spoke must send traffic directly to the hub if required. Which configuration meets this requirement?. At the hub router: interface tunnel 10 ip nhrp nhs dynamic multipoint ip nhrp nhs shortcut tunnel mode gre multicast On the spokes router: interface tunnel 10 ip nhrp nhs multicast dynamic ip nhrp nhs redirect tunnel mode gre multicast. At the hub router: interface tunnel 10 ip nhrp map dynamic multipoint ip nhrp redirect tunnel mode gre multicast On the spokes router: interface tunnel10 ip nhrp map multicast dynamic ip nhrp shortcut tunnel mode gre multicast. At the hub router: interface tunned10 ip nhrp nhs multicast dynamic ip nhrp nhs shortcut tunnel mode gre multipoint On the spokes router: interface tunnel10 ip nhrp nhs multicast dynamic ip nhrp nhs redirect tunnel mode gre multipoint. At the hub router: interface tunnel10 ip nhrp map multicast dynamic ip nhrp redirect tunnel mode gre multipoint On the spokes router: interface tunnel 10 ip nhrp map multicast dynamic ip nhrp shortcut tunnel mode gre multipoint.

Refer to the exhibit. interface GigabitEthernet2 no ip address ip helper-address 192.168.255.3 no shutdown ! interface GigabitEthernet2.10 encapsulation dot1Q 210 ip address 192.168.210.1 255.255.255.0 ip ospf 1 area 0 no shutdown. Configure the ip dhcp pool 1 and network 192.168.210.0 255.255.255.0 commands. Configure the ip dhcp excluded-address 192.168.255.3 command on the Gi2.10 subinterface. Configure the ip helper-address 192.168.255.3 command on the Gi2.10 subinterface. Configure a valid IP address on the Gi2 interface so that DHCP requests can be forwarded.

Refer to the exhibit. Redistribution is enabled between the routing protocols, and now PC2 PC3, and PC4 cannot reach PC1. What are the two solutions to fix the problem? (Choose two). Filter all routes except RIP routes when redistributing into EIGRP in R2. Filter OSPF routes into RIP from EIGRP when redistributing into RIP in R2. Filter RIP routes back into RIP when redistributing into RIP in R2. Filter RIP and OSPF routes back into OSPF from EIGRP when redistributing into OSPF in R2. Filter all routes except EIGRP routes when redistributing into OSPF in R3.

Refer to the exhibit. Which control plan policy limits BGP traffic that is destined to the CPU to 1 Mbps and ignores BGP traffic that is higher rate? Cat3850-Stack-2#show policy-map Policy Map LIMIT_BGP Class BGP drop Policy Map SHAPE_BGP Class BGP Average Rate Traffic Shaping cir 10000000 (bps) Policy Map POLICE_BGP Class BGP police cir 1000k bc 1500 conform-action transmit exceed-action transmit Policy Map COPP Class BGP police cir 1000k bc 1500 conform-action transmit exceed-action drop. policy-map COPP. policy-map POLICE_BGP. policy-map SHAPE_BGP. policy-map LIMIT_BGP.

A network administrator is troubleshooting OSPF adjacency issue by going through the console logs in the router, but due to an overwhelming log messages stream, it is impossible to capture the problem. Which two commands reduce console log messages to relevant OSPF neighbor problem details so that the issue can be resolved? (Choose two). debug condition interface. debug condition session-id ADJCHG. debug condition ospf neighbor. debug condition ip. debug condition all.

Refer to the exhibit. router ospf 1 redistribute eigrp 1 subnets route-map EIGRP->OSPF ! router eigrp 1 network 10.0.106.0 0.0.0.255 ! route-map EIGRP->OSPF permit 10 match ip address WAN_PREFIXES route-map EIGRP->OSPF permit 20 match ip address LOCAL_PREFIXES route-map EIGRP->OSPF permit 30 match ip address VPN_PREFIXES ! ip prefix-list LOCAL_PREFIXES seq 5 permit 172.16.0.0/12 le 24 ip prefix-list VPN_PREFIXES seq 5 permit 192.168.0.0/16 le 24 ip prefix-list WAN_PREFIXES seq 5 permit 10.0.0.0/8 le 24 ! The network administrator configured redistribution on an ASBR to reach to all WAN networks but failed. Which action resolves the issue?. The route map EIGRP->OSPF must have the 10.0.106.0/24 entry to exist in one of the three prefix lists to pass. The route map must have the keyword prefix-list to evaluate the prefix list entries. EIGRP must redistribute the 10.0.106.0/24 route instead of using the network statement. The OSPF process must have a metric when redistributing prefixes from EIGRP.

Which IPv6 first hop security feature controls the traffic necessary for proper discovery of neighbor device operation and performance?. RA Throttling. ND Multicast Suppression. IPv6 Snooping. Source or Destination Guard.

Refer to the exhibit. The branch router is configured with a default route toward the Internet and has no routes configured for the HQ site that is connected through interface G2/0. The HQ router is fully configured and does not require changes. Which configuration on the branch router makes the intranet website (TCP port 80) available to the branch office users?. access-list 100 permit tcp host intranet-webserver-ip eq 80 any ! route-map pbr permit 10 match ip address 100 set ip next-hop 192.168.2.2 ! interface G1/0 ip policy route-map pbr. access-list 101 permit tcp any any eq 80 access-list 102 permit tcp any host intranet-webserver-ip ! route-map pbr permit 10 match ip address 101 set ip next-hop 192.168.2.2 route-map pbr permit 20 match ip address 102 set ip next-hop 192.168.2.2 ! interface G2/0 ip policy route-map pbr. access-list 101 permit tcp any any eq 80 access-list 102 permit tcp any host intranet-webserver-ip ! route-map pbr permit 10 match ip address 101 102 set ip next-hop 192.168.2.2 ! interface G1/0 ip policy route-map pbr. access-list 100 permit tcp any host intranet-webserver-ip eq 80 ! route-map pbr permit 10 match ip address 100 set ip next-hop 192.168.2.2 ! interface G2/0 ip policy route-map pbr.

Refer to the exhibit. An engineer configured BGP and wants to select the path from 10.77.255.57 as the best path instead of current best path. Which action resolves the issue?. Configure AS_PATH prepend for the desired best path. Configure lower LOCAL_PREF to select as the best path. Configure AS_PATH prepend for the current best path. Configure higher MED to select as the best path.

Which failure detection mechanism is used for BFD?. variable rate. consistent rate. Layer 2 protocol failure. routing protocol failure.

The authentication is not working as desired and the user drops into user-exec mode. Which configuration resolves the issue?. aaa new-model aaa authentication login local default local aaa authorization exec default local ! line vty 0 4 login authentication default authorization exec default. aaa new-model aaa authentication login local default local aaa authorization priv default 15 ! line vty 0 4 login authentication default authorization exec priv 15. aaa new-model aaa authentication login local aaa authorization exec local ! line vty 0 4 login authentication local authorization exec default. aaa new-model aaa authentication common-id default aaa authorization exec default local ! line vty 0 4 login authentication default authorization exec default.

What is a prerequisite for configuring BFD?. Jumbo frame support must be configured on the router that is using BFD. Cisco Express Forwarding must be enabled on all participating BFD endpoints. All routers in the path between two BFD endpoints must have BFD enabled. To use BFD with BGP, the timers 3 9 command must first be configured in the BGP routing process.

Which component of MPLS VPN is used to extend the IP address so that an engineer is able to identify to which VPN it belongs?. LDP. RD. RT. VPNv4 address family.

Refer to the exhibit. Packets arriving from source 209.165.200.215 must be sent with the precedence bit set to 1, and packets arriving from source 209.165.200.216 must be sent with the precedence bit set to 5. Which action resolves the issue?. set ip precedence priority in route-map Texas permit 20. set ip precedence immediate in route-map Texas permit 10. set ip precedence critical in route-map Texas permit 10. set ip precedence critical in route-map Texas permit 20.

qos vaues. critical. flash. flash-override. immediate. internet. network. priority. routine.

In which two ways does the IPv6 First-Hop Security Binding Table operate? (Choose two). by IPv6 HSRP to make sure neighbors are authenticated before being used as gateways. by various IPv6 guard features to validate the data link layer address. by storing hashed keys for IPsec tunnels for the built-in IPsec features. by IPv6 routing protocols to securely build neighborships without the need of authentication. by the recovery mechanism to recover the binding table in the event of a device reboot.

Refer to the exhibit. An engineer configures an IPv6 ACL to allow TACACS access to 2001:DB8:B:B::7 and denies any other host. The ACL does not appear to be working. Which action resolves the issue?. Allow the NA and NS messages, which are denied by the implicit deny. Modify the IPv6 destination address to a valid address. Apply the ipv6 traffic-filter command to the interface. Apply the ACL to the interface.

Refer to the exhibit. Router R2 should be learning the route for 10.123.187.0/24 via EIGRP. Which action resolves the issue without introducing more issues?. Redistribute the route in EIGRP with metric, delay, and reliability. Use distribute-list to modify the route as an internal EIGRP route. Remove route redistribution in R2 for this route in OSPF. Use distribute-list to filter the external routes in OSPF.

What does the PE router convert the IPv4 prefix to within an MPLS VPN?. VPN-IPv4 prefix combined with the 64-bit route distinguisher. prefix that combines the ASN, PE router-id, and IP prefix. 48-bit route combining the IP and PE router-id. eBGP path association between the PE and CE sessions.

Which function does LDP provide in an MPLS topology?. It provides a means for LSRs to exchange IP routes. It exchanges routes for MPLS VPNs across different VRFs. It provides hop-by-hop forwarding in an MPLS topology for LSRs. It enables a MPLS topology to connect multiple VPNs to P routers.

Drag and drop the MPLS VPN device types from me left onto the definitions on the right. device in the enterprise network that connects to other customer devices. device in the core of the provider network that switches MPLS packets. device that attaches and detaches the VPN labels to the packets in the provider network. device at the edge of the enterprise network that connects to the SP network.

Refer to the exhibit. R6 should reach R1 via R5>R2>R1. Which action resolves the issue?. Increase the cost to 61 between R2 and R3. Decrease the cost to 2 between R6-R5-R2. Decrease the cost to 41 between R2 and R1. Increase the cost to 61 between R2-R3-R1.

Which mechanism provides traffic segmentation within a DMVPN network?. MPLS. RSVP. BGP. IPsec.

Routers R1 and R2 have established a network adjacency using EIGRP, and both routers are advertising subnets to its neighbor. After issuing the show ip EIGRP topology all-links command in R1, some prefixes are not showing R2 as a successor. Which action resolves the issue?. Configure the network statement on the neighbor. Rectify the incorrect router ID in R2. Resolve the incorrect metric on the link. Enable split-horizon.

The eBGP neighbor 10.1.1.1 of router R2 receives and installs the prefix, but the community value is not found in the BGP routing table. How must this issue be resolved?. Community values are nontransitive and R2 is an eBGP peer, configure R2 to send community. R2 is not sending the community value to neighbor R1, configure R2 to send community. R1 must have a route map assigned to neighbor R2, which is not matching the community values. R1 must have a route map assigned to neighbor R2, which is clearing the community values.

Refer to the exhibit. Switch(config)# ip vrf 70 Switch(config-vrf)# rd 70:1 Switch(config-vrf)# route-target export 70:1 Switch(config-vrf)# route-target import 70:1 Switch(config-vrf)# exit Switch(config)# ip vrf 80 Switch(config-vrf)# rd 80:1 Switch(config-vrf)# route-target export 80:1 Switch(config-vrf)# route-target import 80:1 An engineer must extend VRF-Lite over a trunk to another switch for VLAN 70 (10.70.70.0/24) on port GigabitEthernet0/0 and VLAN 80 (10.80.80.0/24) on port GigabitEthernet0/1. Which configuration accomplishes this objective?. interface GigabitEthernet0/0 switchport mode access switchport access vlan 70 ! interface GigabitEthernet0/1 switchport mode access switchport access vlan 80 !. interface GigabitEthernet0/0 switchport trunk encapsulation dot1q switchport mode trunk switchport trunk allowed vlan 70 ! interface GigabitEthernet0/1 switchport trunk encapsulation dot1q switchport mode trunk switchport trunk allowed vlan 80. interface GigabitEthernet0/0 switchport mode access switchport access vlan 70 ip vrf forwarding 70 ! interface GigabitEthernet0/1 switchport mode access switchport access vlan 80 ip vrf forwarding 80 !. interface GigabitEthernet0/0 no switchport ip vrf forwarding 70 ip address 10.70.70.1 255.255.255.0 ! interface GigabitEthernet0/1 no switchport ip vrf forwarding 80 ip address 10.80.80.1 255.255.255.0.

An engineer received a ticket about a router that has reloaded. The monitoring system graphs show different traffic patterns between logical and physical interfaces when the router is rebooted. Which action resolves the issue?. Configure the snmp ifindex persist command on the physical interfaces. Configure the snmp ifindex persist command globally. Trigger a new snmpwalk from the monitoring system to synchronize interface OIDs. Clear the logical interfaces with snmp ifindex clear command.

An engineer must configure a LAN-to-LAN IPsec VPN between R1 and the remote router. Which IPsec Phase 1 configuration must the engineer use for the local router?. crypto isakmp policy 5 authentication pre-share encryption 3des hash sha group 2 ! crypto isakmp key cisco123 address 200.1.1.3. crypto isakmp policy 5 authentication pre-share encryption 3des hash md5 group 2 ! crypto isakmp key cisco123 address 200.1.1.3. crypto isakmp policy 5 authentication pre-share encryption 3des hash md5 group 2 ! crypto isakmp key cisco123 address 199.1.1.1. crypto isakmp policy 5 authentication pre-share encryption 3des hash md5 group 2 ! crypto isakmp key cisco123! address 199.1.1.1.

An engineer must configure OSPF with R9 and R10 and configure redistribution between OSPF and RIP, causing a routing loop. Which configuration on R9 and R10 meets this objective?. router ospf 1 redistribute rip subnets tag 20 ! route-map deny_tag20 deny 10 match tag 20 route-map deny_tag20 permit 20 !. router ospf 1 distribute-list route-map deny_tag20 in router ospf 1 redistribute rip subnets tag 20 ! route-map deny_tag20 permit 10 match tag 20 route-map deny tag20 permit 20 !. router ospf 1 distribute-list route-map deny_tag20 in router ospf 1 redistribute rip subnets tag 20 ! route-map deny_tag20 deny 10 match tag 20 route-map deny tag20 deny 20 ! router ospf 1 distribute-list route-map deny_tag20 in. router ospf 1 redistribute rip subnets tag 20 ! route-map deny_tag20 deny 10 match tag 20 route-map deny_tag20 permit 20 ! router rip 1 distribute-list route-map deny_tag20 in.

Refer to the exhibit. ipv6 inspect udp idle-time 3600 ipv6 inspect name ipv6-firewall tcp ipv6 inspect name ipv6-firewall udp ipv6 access-list ipv6-internet deny ipv6 any DEC0::/10 deny ipv6 any FF00::/8 permit ipv6 any FF02::/16 permit ipv6 any FF0E::/16 permit udp any any eq domain ! interface gi0/1 ipv6 traffic-filter ipv6-internet in ipv6 inspect ipv6-firewall in ipv6 inspect ipv6-firewall out A network administrator configured name resolution for IPv6 traffic to be allowed through an inbound access list. After the access list is applied to resolve the issue, name resolution still did not work. Which action does the network administrator take to resolve the name resolution problem?. Remove ipv6 inspect ipv6-firewall in from interface gi0/1. Inspect ipv6 inspect name ipv6-firewall udp 53 in global config. Add permit udp any eq domain any log in the access list. Add permit any eq domain 53 any log in the access list.

Which list defines the contents of an MPLS label?. 32-bit label; 3-bit traffic class; 1 -bit bottom stack; 8-bit TTL. 32-bit label; 3-bit flow label; 1-bit bottom stack; 8-bit hop limit. 20-bit label; 3-bit flow label; 1-bit bottom stack; 8-bit hop limit. 20-bit label; 3-bit traffic class; 1 -bit bottom stack; 8-bit TTL.

A network engineer finds that PC1 is accessing the hotel website to do the booking but fails to make payment. Which action resolves the issue?. Allow stub network 10.10.202.168/30 on router R3 OSPF. Decrease the AD to 5 of OSPF route 192.168.94.0 on R1. Increase the AD to 200 of static route 192.168.94.0 on R3. Configure a reverse route on R1 for PC1 172.16.1.0/24.

A NOC team receives a ticket that data traffic from RA to RF is not forwarded when the link between the RC-RE path goes down. All routers learn loopback IP through the IGP protocol. Which configuration resolves the issue?. RB(config)#router bgp 65101 RB(config-router)#neighbor 10.10.10.3 update-source loopback 0. RD(config)#router bgp 65201 RD(config-router)#neighbor 10.10.10.2 ebgp-multihop 3. RD(config)#router bgp 65201 RD(config-router)#neighbor 10.10.10.2 update-source loopback 0. RB(config)#router bgp 65101 RB(config-router)#neighbor 10.10.10.3 ebgp-multihop 3.

Users report issues with reachability between areas as soon as an engineer configured summary routes between areas in a multiple area OSPF autonomous system. Which action resolves the issue?. Configure the summary-address command on the ASBR. Configure the summary-address command on the ABR. Configure the area range command on the ABR. Configure the area range command on the ASBR.

Refer to the exhibit. A router receiving BGP routing updates from multiple neighbors for routers in AS 690. What is the reason that the router still sends traffic that is destined to AS 690 to a neighbor other than 10.222.1.1? ! neighbor 10.222.1.1 route-map SET-WEIGHT in neighbor 10.222.1.1 remote-as 1 ! ip as-path access-list 200 permit ^690$ ip as-path access-list 200 permit ^1800$ ! route-map SET-WEIGHT permit 10 match as-path 200 set local-preference 250 set weight 200. The weight value in another statement is higher than 200. The local preference value should be set to the same value as the weight in the route map. The route map is applied in the wrong direction. The local preference value in another neighbor statement is higher than 250.

Which MPLS value is combined with the IP prefix to convert to a VPNv4 prefix?. 8-byte Route Distinguisher. 16-byte Route Target. 8-byte Route Target. 16-byte Route Distinguisher.

An engineer configured a leak-map command to summarize EIGRP routes and advertise specifically loopback 0 with an IP of 10.1.1.1 255.255.255.252 along with the summary route. After finishing configuration, the customer complained not receiving summary route with specific loopback address. Which two configurations will fix it? (Choose two) router eigrp 1 ! route_map Leak-Route deny 10 ! interface Serial 0/0 ip summary-address eigrp 1 10.0.0.0 255.0.0.0 leak-map Leak-Route. Configure route-map Leak-Route permit 20. Configure route-map Leak-Route permit 10 and match access-list 1. Configure access-list 1 permit 10.1.1.0 0.0.0.3. Configure access-list 1 and match under route-map Leak-Route. Configure access-list 1 permit 10.1.1.1 0.0.0.252.

What is a function of IPv6 ND inspection?. It learns and secures binding for stateless autoconfiguration addresses in Layer 2 neighbor tables. It learns and secures bindings for stateful autoconfiguration addresses in Layer 3 neighbor tables. It learns and secures bindings for stateful autoconfiguration addresses in Layer 2 neighbor tables. It learns and secures bindings for stateless autoconfiguration addresses in Layer 3 neighbor tables.

Which table is used to map the packets in an MPLS LSP that exit from the same interface, via the same next hop, and have the same queuing policies?. LDP. RIB. FEC. CEF.

The ISP router is fully configured for customer A and customer B using the VRF-Lite feature. What is the minimum configuration required for customer A to communicate between routers A1 and A2?. A1 interface fa0/0 description To->ISP ip add 172.31.100.1 255.255.255.0 no shut ! router ospf 100 net 172.31.100.1 0.0.0.255 area 0 A2 interface fa0/0 description To->ISP ip add 172.31.200.1 255.255.255.0 no shut ! router ospf 100 net 172.31.200.1 0.0.0.255 area 0. A1 interface fa0/0 description To->ISP ip vrf forwarding A ip add 172.31.100.1 255.255.255.0 no shut ! router ospf 100 net 172.31.100.1 0.0.0.255 area 0 A2 interface fa0/0 description To->ISP ip vrf forwarding A ip add 172.31.200.1 255.255.255.0 no shut ! router ospf 100 net 172.31.200.1 0.0.0.255 area 0. A1 interface fa0/0 description To->ISP ip add 172.31.200.1 255.255.255.0 no shut ! router ospf 100 net 172.31.200.1 0.0.0.255 area 0 A2 interface fa0/0 description To->ISP ip add 172.31.100.1 255.255.255.0 no shut ! router ospf 100 net 172.31.100.1 0.0.0.255 area 0. A1 interface fa0/0 description To->ISP ip vrf forwarding A ip add 172.31.100.1 255.255.255.0 no shut ! router ospf 100 vrf A net 172.31.200.1 0.0.0.255 area 0 A2 interface fa0/0 description To->ISP ip vrf forwarding A ip add 172.31.100.1 255.255.255.0 no shut ! router ospf 100 vrf A net 172.31.200.1 0.0.0.255 area 0.

An engineer must establish a connection between two CE routers for two customers with overlapping IP addresses. Customer_a is connected to interfaces Gig0/0, and Customer_b is connected to interfaces Gig0/1. Routers CE1 and CE2 are configured as follows: ip vrf customer_a rd 1:1 route-target both 1:1 ! ip vrf customer_b rd 2:2 route-target both 2:2 Drag and drop the code snippets from the right onto the boxes in the configuration to establish the needed connection. Snippets may be used more than once.

Refer to the exhibit. BGP_source.jpg PE1# show run | sec router bgp router bgp 65000 bgp log-neighbor-changes neighbor 10.255.255.3 remote-as 65000 neighbor 10.255.255.3 update-source Loopback0 PE1# debug ip tcp transactions PE1# debug ip icmp [...snip...] *Feb 22 14:04:12.374: TCP: sending SYN, seq 379810712, ack 0 *Feb 22 14:04:12.374: TCP0: Connection to 10.255.255.3:179, advertising MSS 1460 *Feb 22 14:04:12.374: TCP0: state was CLOSED -> SYNSENT [21381 - > 10.255.255.3(179)] *Feb 22 14:04:12.375: ICMP: dst (10.255.255.1) administratively prohibited unreachable rcv from 10.0.12.2 *Feb 22 14:04:12.375: TCP0: ICMP destination unreachable received *Feb 22 14:04:12.375: Released port 21381 in Transport Port Agent for TCP IP type 1 delay 240000 *Feb 22 14:04:12.375: TCP0: state was SYNSENT -> CLOSED [21381 - > 10.255.255.3(179)] *Feb 22 14:04:12.375: TCB 0xE35A92B8 destroyed The administrator is troubleshooting a BGP peering between PE1 and PE3 that is unable to establish. Which action resolves the issue?. Remove the traffic filtering rules on P2 blocking the BGP communication between PE1 and PE3. Ensure that the PE3 loopback address is used as a source for BGP peering to PE1. P2 must have a route to PE3 to establish a BGP session to PE1. Disable sending ICMP unreachables on P2 to allow PE1 to establish a session with PE3.

A customer is running an mGRE DMVPN tunnel over WAN infrastructure between hub and spoke sites. The existing configuration allows NHRP to add spoke routers automatically to the multicast NHRP mappings. The customer is migrating the network from IPv4 to the IPv6 addressing scheme for those spokes’ routers that support IPv6 and can run DMVPN tunnel over the IPv6 network. Which configuration must be applied to support IPv4 and IPv6 DMVPN tunnels on spoke routers?. tunnel mode ipv6ip 6rd. tunnel mode ipv6ip isatap. tunnel mode ipv6ip 6to4. tunnel mode ipv6ip auto-tunnel.

Which two statements about redistributing EIGRP into OSPF are true? (Choose two). The redistributed EIGRP routes appear as type 3 LSAs in the OSPF database. The redistributed EIGRP routes appear as OSPF external type 2 routes in the routing table. The administrative distance of the redistributed routes is 170. The redistributed EIGRP routes as placed into an OSPF area whose area ID matches the EIGRP autonomous system number. The redistributed EIGRP routes appear as type 5 LSAs in the OSPF database. The redistributed EIGRP routes appear as OSPF external type 1.

An engineer must configure PBR on R1 to reach to 10.2.2.0/24 via R3 AS64513 as the primary path and a backup route through default route via R2 AS64513. All BGP routes are in the routing table of R1, but a static default route overrides BGP routes. Which PBR configuration achieves the objective?. access-list 100 permit ip 10.1.1.0 255.255.255.0 10.2.2.0 255.255.255.0 ! route-map PBR permit 10 match ip address 100 set ip next-hop recursive 10.3.3.1. access-list 100 permit ip 10.1.1.0 0.0.0.25510.2.2.0 0.0.0.255 ! route-map PBR permit 10 match ip address 100 set ip next-hop 10.3.3.1. access-list 100 permit ip 10.1.1.0 0.0.0.255 10.2.2.0 0.0.0.255 ! route-map PBR permit 10 match ip address 100 set ip next-hop recursive 10.3.3.1. access-list 100 permit ip 10.1.1.0 255.255.255.0 10.2.2.0 255.255.255.0 ! route-map PBR permit 10 match ip address 100 set ip next-hop 10.3.3.1.

While BGP internet routes are redistributed to a lower class of router via RIP, packets are being dropped and routes are failing to be distributed in RIP. Which action resolves the issue?. Use the input-queue command to prevent the loss of packets. Use WFQ in the output queue of the high-performance router. Use RIP V2 to be able to use classless networks from BGP. Use OSPF instead of RIP to accept all BGP routes.

What is the minimum time gap required by the local system before putting a BFD control packet on the wire?. Required Min RX Interval. Required Min Echo RX Interval. Desired Min TX Interval. Detect Mult.

Refer to the exhibit. R2#sh ipv6 route ospf O 2002:ABCD::/64 [110/1] via FastEthernet0/1, directly connected O 2004:BBAB::/64 [110/1] via FastEthernet0/0, directly connected O 2004:BBAC::/64 [110/1] via FastEthernet1/0, directly connected O 3010:2:4:0:15::/128 [110/1] via FE80::C804:1DFF:FB20:8, FastEthernet0/0 A network engineer applied a filter for LSA traffic on OSPFv3 interarea routes on the area 5 ABR to protect advertising the internal routes of area 5 to the business partner network. All other areas should receive the area 5 internal routes. After the respective route filtering configuration is applied on the ABR, area 5 routes are not visible on any of the areas. How must the filter list be applied on the ABR to resolve this issue?. in the “in” direction for area 5 on router R1. in the “in” direction for area 20 on router R2. in the “out” direction for area 5 on router R1. in the “out” direction for area 20 on router R2.

A loop occurs between R1, R2, and R3 while EIGRP is run with poison reverse enabled. Which action prevents the loop between R1, R2, and R3?. Configure route tagging. Configure R3 as stub receive-only. Enable split horizon. Configure route filtering.

Refer to the exhibit. Which two actions should be taken to access the server? (Choose two). Add a sequence 20 in the route map to permit access list 1. Add a floating static route to reach to 192.168.2.2 with administrative distance higher than OSPF. Modify the access list to deny the route to 192.168.2.2. Modify the access list to add a second line of permit ip any any. Modify distribute list seq 10 to permit the route to 192.168.2.2.

Drag and drop the LDP features from the left onto the descriptions on the right. Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left. packet is encapsulated in MPLS with the option of copying the IP precedence to EXP bits. provides ways of improving load balancing by eliminating the need for DPI at transit LSRs. LSR receives an MPLS header with the label set to 3. controls the amount of memory used to store LDP label bindings advertised by other devices.

Refer to the exhibit. aaa new-model ! aaa authentication login default line enable aaa authorization commands 15 default local aaa authorization network default local ! username admin privilege 15 password cisco123! ! ip ssh version 2 ! access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 22 access-list 101 permit tcp 192.168.5.0 0.0.0.255 any range 22 smtp ! line vty 0 4 access-class 101 in password cisco transport input all ! line vty 5 15 access-class 101 in password cisco transport input all The administrator successfully logs into R1 but cannot access privileged mode commands. What should be configured to resolve the issue?. enable secret or enable password commands to enter into privileged mode. aaa authorization reverse-access. secret cisco123! at the end of the username command instead of password cisco123!. matching password on vty lines as cisco123!.

The network administrator configured CoPP so that an SNMP traffic from Cisco Prime located at 192.168.1.11 toward the router CPU is limited to 1000 kbps. Any traffic that exceeds this limit must be dropped. The network administrator is not getting the desired result for the SNMP traffic and SNMP traffic is getting dropped frequently. Which set of configurations resolves the issue?. no access-list 100 access-list 100 permit udp host 192.168.1.11 any eq 161 ! policy-map PM-COPP class CM-SNMP no police 1000 conform-action transmit police 1000000 conform-action transmit. no access-list 100 access-list 100 permit tcp host 192.168.1.11 any eq 161. no access-list 100 access-list 100 permit tcp host 192.168.1.11 any eq 161 ! policy-map PM-COPP class CM-SNMP no police 1000 conform-action transmit police 1000000 conform-action transmit ! control-plane no service-policy input PM-COPP ! interface E0/0 service policy input PM-COPP ! interface E0/1 service policy input PM-COPP. policy-map PM-COPP class CM-SNMP no police 1000 conform-action transmit police 1000000 conform-action transmit.

Refer to the exhibit. B(config-if)# do sh run int e0/1 | b int B(config-if)# interface Ethernet0/1 B(config-if)# ip address 78.1.1.8 255.255.255.0 B(config-if)# ipv6 enable B(config-if)# ospfv3 1 ipv4 area 1 C(config)# interface Ethernet0/1.78 C(config-subif)# encap dot1q 78 C(config-subif)# ip add 78.1.1.7 255.255.255.0 C(config-subif)# ospfv3 1 ipv4 area 0 D(config-if)# do sh run int e0/1 | b int D(config-if)# interface Ethernet0/1 D(config-if)# no ip address D(config-if)# ipv6 address 37::3/64 D(config-if)# ipv6 enable D(config-if)# ipv6 ospf 1 area 0 A network engineer receives a report that Spoke 1 users can perform bank transactions with the server located at the Center site, but Spoke 2 users cannot. Which action resolves the issue?. Configure IPv6 on the routers B and C interfaces. Configure encapsulation dot1q 78 on the router C interface. Configure OSPFv2 on the routers B and C interfaces. Configure the Spoke 2 users IP on the router B OSPF domain.

Refer to the exhibit. Chicago Router ip route 192.168.1.0 255.255.255.0 10.1.1.2 ip route 192.168.2.0 255.255.255.0 10.1.1.2 ! router eigrp 100 redistribute static LA router ip route 0.0.0.0 0.0.0.0 10.1.1.1 A user on the 192.168.1.0/24 network can successfully ping 192.168.3.1, but the administrator cannot ping 192.168.3.1 from the LA router. Which set of configurations fixes the issue?. Chicago Router router eigrp 100 redistribute static metric 10 10 10 10 10. Chicago Router router eigrp 100 redistribute connected. Chicago Router ip route 192.168.3.0 255.255.255.0 10.1.2.2 ip route 192.168.4.0 255.255.255.0 10.1.2.2. LA Router ip route 192.168.3.0 255.255.255.0 10.1.1.1 ip route 192.168.4.0 255.255.255.0 10.1.1.1.

Refer to the exhibit. Which action resolve intermittent connectivity observed with the SNMP trap packets?. Add one new entry in the ACL 120 to permit the UDP port 161. Decrease the committed burst size of the mgmt class map. Add a new class map to match TCP traffic. Increase the CIR of the mgmt class map.

Refer to the exhibit. admin@linux:~$ scp script.py admin@198.51.100.64:script.py Password: Administratively disabled. admin@linux:~$ Connection to 198.51.100.64 closed by remote host. A network administrator has developed a Python script on the local Linux machine and is trying to transfer it to the router. However, the transfer fails. Which action resolves this issue?. The Python interpreter must first be enabled with the guestshell enable command. The SCP service must be enabled with the ip scp server enable command. The SSH access must be allowed on the VTY lines using the transport input ssh command. The SSH service must be enabled with the crypto key generate rsa command.

Refer to the exhibit. ipv6 access-list INTERNET permit ipv6 2001:DB8:AD59:BA21::/64 2001:DB8:C0AB:BA14::/64 permit tcp 2001:DB8:AD59:BA21::/64 2001:DB8:C0AB:BA13::/64 eq telnet permit tcp 2001:DB8:AD59:BA21::/64 any eq http permit ipv6 2001:DB8:AD59::/48 any deny ipv6 any any log While monitoring VTY access to a router, an engineer notices that the router does not have any filter and anyone can access the router with username and password even through the ACL is configured. Which command resolves this issue?. ipv6 traffic-filter INTERNET in. ipv6 access-class INTERNET in. access-class INTERNET in. ip access-group INTERNET in.

An engineer is configuring a network and needs packets to be forwarded to an interface for any destination address that is not in the routing table. What should be configured to accomplish this task?. set ip next-hop recursive. set ip next-hop verify-availability. set ip next-hop. set ip default next-hop.

What is considered the primary advantage of running BFD?. Reduction in time needed to detect Layer 2 switch neighbor failures. Reduction in CPU needed to detect Layer 3 switch neighbor failures. Reduction in CPU needed to detect Layer 2 switch neighbor failures. Reduction in time needed to detect Layer 3 switch neighbor failures.

What are two characteristics of IPv6 Source Guard? (Choose two). used in service provider deployments to protect DDoS attacks. requires the user to configure a static binding. requires that validate prefix be enabled. requires IPv6 snooping on Layer 2 access or trunk ports. recovers missing binding table entries.

What are two characteristics of VRF instance? (Choose two). It is defined by the VPN membership of a customer site attached to a P device. All VRFs share customers routing and CEF tables. A customer site can be associated to different VRFs. An interface must be associated to one VRF. Each VRF has a different set of routing and CEF tables.

Refer to the exhibit. Site1 must perform unequal cost load balancing toward the segments behind Site2 and Site3. Some of the routes are getting load balanced but others are not. Which configuration allows Site1 to load balance toward all the LAN segments of the remote routers?. Site2 router eigrp 100 variance 3. Site2 router eigrp 100 variance 2. Site1 router eigrp 100 variance 3. Site3 router eigrp 100 variance 2.

How is VPN routing information distributed in an MPLS network?. The top level of the customer data packet directs it to the correct CE device. It is controlled through the use of RD. It is controlled using of VPN target communities. It is established using VPN IPsec peers.

What are the two prerequisites to enable BFD on Cisco routers? (Choose two). Cisco Express Forwarding and IP Routing must be enabled on all participating routers. OSPF Demand Circuit must run BFD on all participating routers. UDP port 1985 must be allowed on all participating routers. ICMP must be allowed on all participating routers. A supported IP routing protocol must be configured on the participating routers.

Drag and drop the packet from the left onto the correct descriptions on the right. Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left. data plane packets. control plane packets. management plane packets. services plane packets.

Refer to the exhibit. The network administrator configured the Chicago router to mutually redistribute the LA and NewYork routes with OSPF routes to be summarized as a single route in EIGRP using the longest summary mask: router eigrp 100 summary-address 172.16.8.0 255.255.252.0. router eigrp 100 summary-address 172.16.0.0 255.255.0.0. interface E 0/1 ip summary-address eigrp 100 172.16.8.0 255.255.252.0. interface E 0/1 ip summary-address eigrp 100 172.16.0.0 255.255.0.0.

An engineer is creating a policy that overrides normal routing behavior. If the route to a destination of 10.100.100.0/24 is withdrawn from the routing table, the policy must direct traffic to a next hop of 10.1 1.1. If the route is present in the routing table, then normal forwarding must occur. Which configuration meets the requirements?. access-list 100 permit ip any 10.100.100.0 0.0.0.255 ! route-map POLICY permit 10 match ip address 100 set ip next-hop 10.1.1.1 ! route map POLICY permit 20. access-list 100 permit ip any 10.100.100.0 0.0.0.255 ! Route-map POLICY permit 10 match ip address 100 set ip default next-hop 10.1.1.1. access-list 100 permit ip any 10.100.100.0 0.0.0.255 ! route map POLICY permit 10 match ip address 100 set ip next-hop recursive 10.1.1.1 ! route-map POLICY permit 20. access-list 100 permit ip any any ! route-map POLICY permit 10 match ip address 100 set ip next-hop recursive 10.1.1.1.

The network administrator must configure R1 to authenticate Telnet connections based on Cisco ISE using RADIUS. ISE has been configured with an IP address of 192.168.1.5 and with a network device pointing toward R1 (192.168.1.1) with a shared secret password of Cisco123. The administrator has configured this on R1: aaa new-model ! radius server ISE1 address ipv4 192.168.1.5 key Cisco123 ! aaa group server tacacs+ RAD-SERV server name ISE1 ! aaa authentication login default group RAD-SERV The network administrator cannot authenticate to access R1 based on ISE. Which set of configurations fixes the issue?. line vty 0 4 login authentication default. aaa group server radius RAD-SERV server name ISE1. line vty 0 4 login authentication RAD-SERV. aaa group server tacacs+ ISE1 server name RAD-SERV.

When provisioning a device in Cisco DNA Center, the engineer sees the error message “Cannot select the device. Not compatible with template.”. What is the reason for the error?. The software version of the template is different from the software version of the device. The template has an incorrect configuration. The changes to the template were not committed. The tag that was used to filter the templates does not match the device tag.

Although summarization is configured for R1 to receive 10.0.0.0/8, more specific routes are received by R1. How should the 10.0.0.0/8 summary route be received from the neighbor, attached to R1 via Fast Ethernet0/0 interface?. R1 should configure the ip summary-address eigrp <AS number> 10.0.0.0.255.0.0.0 command under the Fast Ethernet 0/0 interface. The summarization condition is not met. The network 10.1.100.0/24 should be changed to 172.16.0.0/24. The summarization condition is not met. Router 10.1.100.10 requires a route for 10 0.0.0/8 that points to null 0. R1 should configure the ip summary-address eigrp <AS number> 10.0.0.0 0.0.0.255 command under the Fast Ethernet 0/0 interface.

Refer to the exhibit. BGP is flapping after the CoPP policy is applied. What are the two solutions to fix the issue? (Choose two) policy-mapp COPP-7600 class COPP-CRITICAL-7600 police cir 2000000 bc 62500 conform-action transmit exceed-action transmit ! class class-default police cir 2000000 bc 6250 conform-action transmit exceed-action drop ! class-map match-all COPP-CRITICAL-7600 match access-group name COPP-CRITICAL-7600 ! ip access-list extended COPP-CRITICAL-7600 permit ip any any eq http permit ip any any eq https. Configure a higher value for CIR under the default class to allow more packets during peak traffic. Configure IP CEF to CoPP policy and BGP to work. Configure a higher value for CIR under the class COPP-CRITICAL-7600. Configure BGP in the COPP-CRITICAL-7600 ACL. Configure a three-color policer instead of two-color policer under class COPP-CRITICAL-7600.

Drag and drop the MPLS VPN concepts from the left onto the correct descriptions on the right. Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left. multiprotocol BGP. Resource Reservation Protocol. route distinguisher. route target.

Refer to the exhibit. A junior engineer updated a branch router configuration. Immediately after the change, the engineer receives calls from the help desk that branch personnel cannot reach any network destinations. Which configuration restores service and continues to block 10.1.1.100/32?. route-map FILTER-IN deny 5. ip prefix-list 102 seq 15 permit 0.0.0.0/32 le 32. route-map FILTER-IN permit 20. ip prefix-list 102 seq 5 permit 0.0.0.0/32 le 32.

When determining if a system is capable of support, what is the minimum time spacing required for a BFD control packet to receive once a control packet is arrived?. Desired Min TX Interval. Required Min RX Interval. Detect Mult. Required Min Echo RX Interval.

What is considered the primary advantage of running BFD?. Reduction in CPU needed to detect Layer 3 switch neighbor failures. Reduction in CPU needed to detect Layer 2 switch neighbor failures. Reduction in time needed to detect Layer 2 switch neighbor failures. Reduction in time needed to detect Layer 3 switch neighbor failures.

Refer to the exhibit. Which action makes R3 traffic take a direct route between R3 and R4 to reach network A?. Move the R3-R4 link from area 0 to area 1. Configure multiarea adjacency between R3 and R4. Increase the OSPF overall cost in area 1 to higher than 40. Reduce the cost of the R3-R4 link in area 0 to less than 30.

Refer to the exhibit. Which action resolves the failed authentication attempt to the router?. Configure aaa authorization console global command. Configure aaa authorization console command on line vty 0 4. Configure aaa authorization login command on line vty 0 4. Configure aaa authorization login command on line console 0.
Denunciar Test