Vous êtes sur la page 1sur 232

200-310 CCDA - Designing for Cisco Internetwork Solutions

Number: 000-000
Passing Score: 800
Time Limit: 120 min
File Version: 4.0

http://www.gratisexam.com/

Sections
1. Multiple choice
2. Select and Place
3. Single choice

http://www.gratisexam.com

Exam A
QUESTION 1
Which two statements about designing the Data Center Access layer are correct? (Choose two.)
A.
B.
C.
D.
E.

Multiport NIC servers should each have their own IP address


Layer 3 connectivity should never be used in the access layer
Layer 2 connectivity is primarily implemented in the access layer
Multiport NIC servers should never be used in the layer access
Layer 2 clustering implementation requires servers to be Layer 2 adjacent

Correct Answer: CE
Section: Multiple choice
Explanation
Explanation/Reference:
User access is primarily layer 2 in nature, layer 2 clustering is possible only in layer 2.

http://www.gratisexam.com

Defining the DC Access Layer


The data center access layers main purpose is to provide Layer 2 and Layer 3 physical port density for various servers in the data center. In addition, data center
access layer switches provide high-performance, low-latency switching and can support a mix of over subscription requirements. Both Layer 2 and Layer 3 access

http://www.gratisexam.com

(also called routed access) designs are available, but most data center access layers are built using Layer 2 connectivity. The Layer 2 access design uses VLAN
trunks upstream, which allows data center aggregation services to be shared across the same VLAN and across multiple switches. Other advantages of Layer 2
access are support for NIC teaming and server clustering that requires network connections to be Layer 2 adjacent or on the same VLAN with one another.
QUESTION 2
An organization needs a WAN Transport technology that meets these criteria:
- has a low initial cost
- provides low-to-medium BW
- has medium-to-high latency and jitter
Which technology should the organization use?
A.
B.
C.
D.
E.

DSL
X.25
ISDN
Wireless
Analog Modem

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 3
Which two of these are scalability benefits of designing a network that utilizes VPNs? (Choose two.)

http://www.gratisexam.com/

A. Extends the network to remote users


B. Allows networks to be set up and restructured quickly

http://www.gratisexam.com

C. reduces dial infrastructure expenditures


D. Reduces the number of physical connections
E. Simplifies the underlying structure of a customer WAN
Correct Answer: DE
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 4
A standard Layer 2 campus network design is pictured:

http://www.gratisexam.com

Which numbered box represents the core layer?


A.
B.
C.
D.
E.

#1
#2
#3
#4
#5

Correct Answer: C

http://www.gratisexam.com

Section: Single choice


Explanation
Explanation/Reference:
QUESTION 5
Which two design criteria require VLANs in a proposed solution? (Choose two.)
A.
B.
C.
D.
E.
F.

Video streaming on the LAN


Security between departments
The segmenting of collision domains
The segmenting of broadcast domains
The use of multi vendor equipment
A limited corporate budget

Correct Answer: BD
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 6
Which three sources does a network designer use to collect information for characterizing an existing network? (Choose three.)
A.
B.
C.
D.
E.

Staff input
Visual inventory
Network audit
Traffic analysis
Server statistics

Correct Answer: ACD


Section: Multiple choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 7
Which Cisco security mechanism has the attributes listed below?
- It is a sensor appliance
- It searches for potential attacks by capturing and analyzing traffic
- It is a "purpose-built device"
- It is installed passively
- It introduces no delay or overhead

http://www.gratisexam.com/

A.
B.
C.
D.
E.

IKE
PIX
HIPS
NIDS
HMAC

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
HIPS = Host based Intrusion Prevention System
HMAC = Hashed Message Authentification Code
IKE = Internet Key Exchange
NIDS = Network based Intrusion Detection System
PIX = Private Internet eXchange
QUESTION 8
Which three pieces of information should be documented for each step in a design implementation plan? (Choose three.)
A. Step description
B. Design document references

http://www.gratisexam.com

C.
D.
E.
F.

Easy guidelines in case of failure


Estimated implementation time
Simple implementation guidelines
Estimated rollback time in case of failure

Correct Answer: ABD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 9
A company is implementing an Identity Management solution with these characteristics:
- Existing AAA Server
- Cisco Catalyst switches
- Minimal added investments
Which Cisco Trust and Identity Management solution would you recommend?
A.
B.
C.
D.

NAC Appliance
Cisco IBNS
CSM
Cisco Security MARS

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
CSM = Cisco Security Manager
IBNS = Identity Based Networking Services
Cisco MARS = (Cisco Security) Monitoring Analysis and Response System
NAC = Network Admission Control
QUESTION 10
Which Cisco device management feature is most suited to metering network traffic and providing data for billing network usage?

http://www.gratisexam.com

A.
B.
C.
D.
E.

BGP
Cisco Discovery Protocol
QoS
RMON
NetFlow

Correct Answer: E
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 11
What are the three valid methods of gathering information about an existing data network? (Choose three.)
A.
B.
C.
D.
E.
F.

Use organizational input


Perform a traffic analysis
Analyze the user-mapping of a running application
Perform a packet-level audit to verify carrier service guarantees
Perform a network audit to gather more detail about the network
Use reports that analyze the metrics of the customer's existing network

Correct Answer: ABE


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 12
Which two routing protocols converge most quickly? (Choose two.)
A.
B.
C.
D.
E.

RIPv1
RIPv2
BGP
OSPF
EIGRP

http://www.gratisexam.com

Correct Answer: DE
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 13
What is the benefit of VLSM?
A.
B.
C.
D.
E.

Reduces configuration complexity by using the same subnet mask length


Reduces the routing table size by using automatic route summarization
Reduces the routing table size by using manual route summarization
Allows the subnet mask and classful routing updates to be advertised
Secures the hosts on a subnet by using RFC 1918 addresses

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 14
You want to gather as much detail as possible during a network audit with a minimal impact on the network devices themselves. Which tool would you use to
include data time stamping across a large number of interfaces while being customized according to each interface?
A.
B.
C.
D.

RMON
SNMPv3
NetFlow
Cisco Discovery Protocol

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
RMON = Remote network Monitoring

http://www.gratisexam.com

NetFlow provides extremely granular and accurate traffic measurements and a high-level collection of aggregated traffic. The output of NetFlow information is
displayed via the show ip cache flow command on routers. The Table shows a description of the fields for NetFlow output.

QUESTION 15
What is the primary consideration when choosing a routed network design over a traditional Campus Network design?

http://www.gratisexam.com/

http://www.gratisexam.com

A.
B.
C.
D.

Layer 3 service support at the Network Edge


The routing protocol choice: open (OSPF) or proprietary (EIGRP)
The routing abilities of the host devices
The need to control the broadcast domains within the Campus Core

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
Layer 3 ability at network edge should be available to leverage the benefits of routed network design.
QUESTION 16
Which statement is true concerning the Data Center Access layer design?
A.
B.
C.
D.

The access layer in the data center is typically built at Layer 3, which allows for better sharing of services across multiple servers
With Layer 2 access, the default gateway for the servers can be configured at the access or aggregation layer
A dual-homing NIC requires a VLAN trunk between the two access switches to support the dual IP addresses on the two servers links to two separate switches
The access layer is normally not required, as dual homing is standard from the servers to the aggregation layer

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 17
Which statement is true concerning the Data Center Distribution (Aggregation) layer design?
A.
B.
C.
D.

With Layer 3 at the aggregation layer, the physical loops in the topology must still be managed by STP
The boundary between Layer 2 and Layer 3 must reside in the multilayer switches, independent of any other devices
A mix of both Layer 2 and Layer 3 access is sometimes the most optimal
In a small data center, the aggregation layer can connect directly to the campus core, exchanging IP routes and MAC address tables

Correct Answer: C
Section: Single choice
Explanation

http://www.gratisexam.com

Explanation/Reference:
QUESTION 18
When considering the three VoIP design models - single site, centralized multisite, and distributed multisite - which question below would help to eliminate one of
the options?
A.
B.
C.
D.

Will the witches be required to provide inline power?


Will users need to make offsite calls, beyond the enterprise?
Will users require applications such as voice mail and interactive voice response?
Are there users whose only enterprise access is via a QoS-enabled WAN?

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 19
With deterministic Wireless LAN Controller redundancy design, the different options available to the designer have their own strengths. Which statement is an
example of such a strength?
A.
B.
C.
D.

Dynamic load balancing, or salt-and-pepper access point design, avoids the potential impact of oversubscription on aggregate network performance
N+N redundancy configuration allows logically grouping access points on controllers to minimize intercontroller roaming events
N+N+1 redundancy configuration has the least impact to system management because all of the controllers are colocated in an NOC or data center
N+1 redundancy configuration uses Layer 3 intercontroller roaming, maintaining traffic on the same subnet for more efficiency

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
With such an arrangement there is no complex mesh of access points & controllers.
N+N WLC Redundancy
With N+N redundancy, shown in figure, an equal number of controllers hack up each other. For example, a pair of WLCs on one floor serves as a backup to a
second pair on another floor. The top WLC is primary for API and AP2 and secondary for AP3 and AP4. The bottom WLC is primary for AP3 and AP4 and
http://www.gratisexam.com

secondary for API and AP2. There should be enough capacity on each controller to manage a failover situation.

N+N+1 WLC Redundancy


With N+N+1 redundancy, shown in figure, an equal number of controllers back up each other (as with N+N), plus a backup WLC is configured as the tertiary WLC
for the APs. N+N+1 redundancy functions the same as N+N redundancy plus a tertiary controller that backs up the secondary controllers. The tertiary WLC is
placed in the data center or network operations center.

http://www.gratisexam.com

QUESTION 20
When there is a need for immunity to EMI for connecting locations that are greater than 100 meters apart, which two solutions can be utilized?

http://www.gratisexam.com

A.
B.
C.
D.
E.
F.

Multimode fiber
Fibre Channel
HVDC transmission lines
Single-mode fiber
Serial RS-232
Gigabit Ethernet 1000Base-CX

Correct Answer: AD
Section: Multiple choice
Explanation
Explanation/Reference:
EMI = ElectroMagnetic Intererence
HVDC = High Voltage Direct Current
QUESTION 21
Which mode is used to exclusively look for unauthorized access points?
A.
B.
C.
D.

Monitor mode
Sniffer mode
Rogue detector mode
Local mode

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 22
OSPF will be used as the IGP within a campus network. Which two things should you consider before deployment? (Choose two.)
A.
B.
C.
D.
E.

All areas need to connect back to area 0


The OSPF process number on each router should match
NSSA areas should be used when an area cannot connect directly to area 0
Stub areas should be connected together using virtual links
ECMP may cause undesired results depending on the environment

Correct Answer: AE
Section: Multiple choice
Explanation
Explanation/Reference:
ECMP = Equal Cost Multi-Path
QUESTION 23
Which is the North American RIR for IPv4 addresses?
A.
B.
C.
D.

RIPE
ARIN
IANA
IEEE

http://www.gratisexam.com

E. APNIC
Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
APNIC = Asia-Pacific Network Information Center
ARIN = American Registry for Internet Numbers
IANA = Internet Assigned Numbers Authority
IEEE = Institute of Electrical and Electronic Engineers
RIPE = Rseaux IP Europens
RIR = Regional Internet Registry
QUESTION 24
An Enterprise Campus module is typically made up to four submodules, as described by the Cisco Enterprise Architecture Model. Which two submodules are part
of this module? (Choose two.)
A.
B.
C.
D.
E.

DMZ
Entreprise branch
Building distribution
Server Farm / Data Center
MAN

Correct Answer: CD
Section: Multiple choice
Explanation
Explanation/Reference:
MAN = Metropolitan Area Network
QUESTION 25
WAN backup over the Internet is often used to provide primary connection redundancy. Which is the most important consideration when passing corporate traffic
over the public Internet?
A.
B.
C.
D.

Security
Static versus dynamic routing
Bandwidth
QoS

http://www.gratisexam.com

E. Latency
Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
WAN Backup over the Internet
Another alternative for WAN backup is to use the Internet as the connectivity transport between sites. However, keep in mind that this type of connection does not
support bandwidth guarantees. The enterprise also needs to work closely with the ISP to set up the tunnels and advertise the company's networks internally so that
remote offices have reachable IP destinations.
Security is of great importance when you rely on the Internet for network connectivity, so a secure tunnel using IPsec needs to be deployed to protect the data
during transport.
QUESTION 26
Which type of area should you use in an enterprise OSPF deployment if you want to prevent propagation of type 5 LSAs but still allow the redistribution of external
routes?
A.
B.
C.
D.
E.

Stub
Totally stubby
Backbone
NSSA
Virtual link

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 27
Which protocol is used for voice bearer traffic?

http://www.gratisexam.com

http://www.gratisexam.com/

A.
B.
C.
D.
E.

MGCP
RTP
SCCP
CDP
ICMP

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
Voice bearer = voice carrier
ICMP = Internet Control Message Protocol
MGCP = Media Gateway Control Protocol
RTP = Real-Time Transport Protocol
SCCP = Skinny Client Control Protocol
VoIP Control and Transport Protocols
A number of different protocols are used in a VoIP environment for call control, device provisioning, and addressing.

http://www.gratisexam.com

QUESTION 28

On which router should you configure redistribution?


A. Router 1

http://www.gratisexam.com

B.
C.
D.
E.

Router 2
Router 3
Router 4
Router 5

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 29
Which three Cisco technologies can you use to detect and mitigate threats? (Choose three.)
A.
B.
C.
D.
E.

NetFlow
FWSM
ISE
VRRP
sFLOW

Correct Answer: ABC


Section: Multiple choice
Explanation
Explanation/Reference:
FWSM = Firewall Services Module
ISE= Identity Services Engine
sFLOW = packet sampling technology (open standard) versus NetFlow (Cisco proprietary)
QUESTION 30
Which technology allows remote networks to be connected via site-to-site tunnels?
A.
B.
C.
D.

IPSec VPN
AnyConnect VPN
SSL VPN
EasyConnect VPN

http://www.gratisexam.com

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 31
Which RFC defines the IPv6 standard?
A.
B.
C.
D.

RFC 1918
RFC 2338
RFC 2460
RFC 2740

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 32
What is the maximum RIPv2 hop count for a reachable route?
A.
B.
C.
D.

13
14
15
16

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 33
Which Cisco Wireless LAN Controller interface is used for out-of-band management?

http://www.gratisexam.com

A.
B.
C.
D.

Service port
Management port
Controller port
Virtual port

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
Service Port is used for OOB wireless management
QUESTION 34
In which operation mode does the AP act as a dedicated sensor for location-based and intrusion detection services?
A.
B.
C.
D.

Monitor mode
Promiscuous mode
Discovery mode
Sniffer mode

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 35
Which HSRP parameters must match to ensure proper functionality?
A.
B.
C.
D.

Group parameters
Priority parameters
Preempt parameters
Tracking parameters

Correct Answer: A
Section: Single choice

http://www.gratisexam.com

Explanation
Explanation/Reference:
QUESTION 36
What three primary sources of information are needed to perform a network audit? (Choose three.)
A.
B.
C.
D.
E.
F.

Existing documentation
New documentation
Existing network management software
New network management tools
Management personnel
Technical personnel

Correct Answer: ACD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 37
Which three layers comprise the traditional hierarchical model? (Choose three.)
A.
B.
C.
D.
E.
F.

Core layer
Distribution layer
Access layer
Aggregation layer
Network layer
Internet layer

Correct Answer: ABC


Section: Multiple choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 38
Which first-hop redundancy protocol dynamically distributes client traffic between multiple routers?

http://www.gratisexam.com/

A.
B.
C.
D.

HSRP
VRRP
GLBP
IGRP

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 39
Which three options are characteristics of data center evolution? (Choose three.)
A.
B.
C.
D.
E.
F.

Consolidation
Virtualization
Automation
Standardization
Optimization
Modulation

Correct Answer: ABC


Section: Multiple choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 40
Which option is a benefit of the modular approach to network design?
A.
B.
C.
D.

Higher availability
Repeatable scalability
Increased security
Improved resiliency

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 41
Which statement describes the methodology that supports the Cisco Enterprise Architecture models?
A.
B.
C.
D.

It divides the network into functional network modules


It divides the network into role-based network modules
It divides the network into regional network modules
It divides the network into operational network modules

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 42
Which design is the recommended geometric design for routed topologies?
A.
B.
C.
D.

Linear
Triangular
Rectangular
Circular

http://www.gratisexam.com

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 43
Which statement describes an advantage of the Layer 2 access model over the Layer 3 access model in the data center?
A.
B.
C.
D.

It enables NIC teaming


It removes STP dependency
It increases scalability
It decreases convergence

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 44
Router A has three feasible successors to the 192.168.1.0/24 network, which are listed here:
- Option 1 has a metric of 8123228
- Option 2 has a metric of 2195467
- Option 3 has a metric of 8803823
The variance 4 command was issued on Router A.
How many active entries does Router A have in its routing table for the 192.168.1.0/24 network?
A.
B.
C.
D.

0
1
2
3

Correct Answer: C
Section: Single choice
http://www.gratisexam.com

Explanation
Explanation/Reference:
QUESTION 45
Which two mechanisms are used by distance vector protocols to prevent routing loops? (Choose two.)
A.
B.
C.
D.

Split horizon
Route summarization
Route poisoning
Tuned timers

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 46
Which interior routing protocol has the most preferable administrative distance by default?
A.
B.
C.
D.
E.

RIP
OSPF
EIGRP
BGP
IS-IS

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 47
What are the three modes of unicast reverse path forwarding? (Choose three.)

http://www.gratisexam.com

A.
B.
C.
D.
E.
F.

Strict
Loose
VRF
Global
PIM
Local

Correct Answer: ABC


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 48
A network engineer has been asked to follow a top down design approach. Which layer of the OSI model is used to start the design?
A.
B.
C.
D.

Physical
Network
Transport
Application

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 49
Where in the network hierarchy should network access control be performed?
A.
B.
C.
D.

Backbone
Core
Access
Distribution

Correct Answer: C

http://www.gratisexam.com

Section: Single choice


Explanation
Explanation/Reference:
QUESTION 50
What are two advantages of employing scalability when designing a campus network? (Choose two.)
A.
B.
C.
D.
E.

Reduces operational cost


Higher port density
Investment protection
Consistent operation
Improved fault tolerance

Correct Answer: DE
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 51
A network engineer is using the traditional switched hierarchical design. The client has asked to increase uplink utilization from the access layer to the distribution.
How can the engineer attain this new requirement without adding new physical connections?
A.
B.
C.
D.

Enable spanning-tree portfast


Enable VSS at the distribution layer
Increase the MTU size on the uplink interfaces
Ensure the root bridge is equal on both distribution switches

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 52
Multicast has been enabled and configured in the Enterprise, and PIM Sparse-mode has been enabled on all VLANs.
What feature is required to stop multicast traffic from being broadcasted on the access layer switches?
A.
B.
C.
D.

IGMP snooping
Multicast boundary filter
PIM dense-mode
Dynamic ARP inspection

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 53
What two SAN protocols will allow a customer to utilize 10GbE for SAN access? (Choose two.)
A.
B.
C.
D.
E.

iSCSI
FCoE
SATA
Fiber Channel
AoE

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
AoE = ATA over Ethernet
QUESTION 54
Application servers require load balancing and security services. Where in the data center network should these services be provisioned?
A. Core
B. Aggregation
C. Layer 3 access
http://www.gratisexam.com

D. Distribution
Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 55
A data center is reaching its power and cooling capacity. What two virtualization technologies can address the problem by directly reducing the number of physical
devices? (Choose two.)
A.
B.
C.
D.
E.
F.

Virtual switching systems


Virtual device contexts
Virtual servers
Virtual routing and switching
Virtual port channels
Virtual LANs

Correct Answer: BC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 56
A dynamically routed private line and a statically routed IPsec tunnel connect two offices.
What routing configuration prefers the IPsec tunnel only in the event of a private line failure?
A.
B.
C.
D.

Floating static entry


EIGRP variance
Bandwidth metric
OSPF maximum path

Correct Answer: A
Section: Single choice

http://www.gratisexam.com

Explanation
Explanation/Reference:
QUESTION 57
When designing a new Enterprise Campus Network, what topology should be used for maximum scalability?

http://www.gratisexam.com/

A.
B.
C.
D.
E.

Flat
Three-layer
Star
Partial mesh
Full mesh

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 58
A spanning tree topology can be simplified by deploying what Cisco IOS technology in the distribution block?
A.
B.
C.
D.
E.

VDC
vPC
Rapid PVST+
VSS
Flex Links

Correct Answer: D
http://www.gratisexam.com

Section: Single choice


Explanation
Explanation/Reference:
QUESTION 59
An organization is deciding what routing protocol to use throughout their network.
What must be considered if routing is to be performed at the access layer?
A.
B.
C.
D.

Reduced scalability of the network when introducing a large number of switch blocks into the routing table
Centralized management of access control lists at the distribution layer
Reliability when implementing routing over spanning-tree at the access layer
Performance differences between core, distribution and access layer equipment

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 60
A routing protocol neighbor relationship has been established between two routers across the public Internet using GRE. What technology can be used to encrypt
this communication channel?
A.
B.
C.
D.

Access list
IP security
Context based access
Intrusion prevention system

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 61
Which statement correctly describes queuing in environments supporting teleworkers?
A.
B.
C.
D.
E.

CQ is for time sensitive protocols


Queuing occurs on the outbound interface
Priority queuing guarantees some level of service to all traffic
Hardware queues are configured for appropriate PQ, CQ, or WFQ
WFQ is the Cisco IOS default on all WAN links regardless of speed

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 62
Which first-hop redundancy protocol dynamically distributes traffic across multiple gateways?
A.
B.
C.
D.

HSRP
GLBP
VRRP
iBGP

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 63
A network engineer must collect application-level information passing through a router.
What two tools can provide this information? (Choose two.)
A. NBAR
B. CiscoWorks
C. SNMP collector
http://www.gratisexam.com

D. NetFlow collector
E. Syslog
Correct Answer: AD
Section: Multiple choice
Explanation
Explanation/Reference:
NBAR = network based application recognition
QUESTION 64
What information should be utilized to identify network applications that are running on an existing network infrastructure?
A.
B.
C.
D.
E.

Customer information
Existing documentation
Traffic analysis
External feedback
User feedback

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 65
A design engineer must send management information messages across the public internet.
What solution provides a secure and encrypted method for passing these messages?
A.
B.
C.
D.
E.

SNMP v3
NetFlow v9
Syslog traps
Secure Shell v2
SNMP v2

Correct Answer: A
Section: Single choice
http://www.gratisexam.com

Explanation
Explanation/Reference:
QUESTION 66
A network engineer is designing a solution that will monitor IP traffic through corporate routers with the ability to export the flows to a collection engine without using
network probes.
Which technology meets this requirement?
A.
B.
C.
D.
E.

RMON
NetFlow
SNMP
Syslog
IP SLA

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 67
A network engineer is following the Cisco enterprise architecture model.
Where are aggregation switches found?
A.
B.
C.
D.

Enterprise Campus
Enterprise Edge
SP Edge WAN
Remote Module

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 68
What two configurations are Cisco recommended best practices for user access interfaces? (Choose two.)
A.
B.
C.
D.
E.

VTP transparent mode


BPDU guard
Root Guard
Portfast
Trunk mode

Correct Answer: BD
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 69
What Cisco product is designed to improve the performance of Windows file and exchange services in remote data centers?
A.
B.
C.
D.

Application Control Engine


Wide Area Application Services
Cisco Application Policy Infrastructure Controller
Cisco Prime Network Services Controller

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
ACE = Application Control engine
WAAS = Wide Area Application Services
QUESTION 70
What design feature should be considered when accessing resources from a remote data center over a WAN connection?
A. Security
B. Bandwidth

http://www.gratisexam.com

C. Reliability
D. Management
Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 71
What two addresses are defined under RFC 1918? (Choose two.)
A.
B.
C.
D.
E.

19.22.37.1
10.1.7.19
127.0.0.1
172.31.1.1
239.15.12.1

Correct Answer: BD
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 72
What IPv4 addressing technique is used for proper address planning to reduce the number of entries in a routing table?
A.
B.
C.
D.
E.

Filtering
Tunneling
Summarization
Translation
Supernetting

Correct Answer: C
Section: Single choice
Explanation

http://www.gratisexam.com

Explanation/Reference:
QUESTION 73
What two components are used when creating an endpoint's modified EUI-64 format IPv6 address?
A.
B.
C.
D.
E.

IPv6 Prefix
64-bit MAC address
48-bit MAC address
IPv4 address
Link Local Suffix

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 74
A network engineer requires that an OSPF ASBR must only flood external LSAs only within its own area. What OSPF area type should be configured?
A.
B.
C.
D.

Backbone area
Totally Stub area
Not so Stubby area
Stub area

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 75
What two factors should be considered when deploying an enterprise campus network? (Choose two.)
A. Employees

http://www.gratisexam.com

B.
C.
D.
E.

Geography
Applications
Administration
Throughput

Correct Answer: BC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 76
The spanning tree topology can be simplified by deploying what Cisco NX-OS technology is the distribution and access layer?
A.
B.
C.
D.
E.

VDC
vPC
Rapid PVST+
VSS
Flex Links

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 77
What network technology consolidates network and storage traffic in the data center?
A.
B.
C.
D.

Virtual storage-area network


Unified fabric
Unified computing system
Virtual switching system

Correct Answer: B
Section: Single choice

http://www.gratisexam.com

Explanation
Explanation/Reference:
QUESTION 78
What type of topology supports WAN redundancy when a balance is required between cost, high availability, and performance?

http://www.gratisexam.com/

A.
B.
C.
D.
E.
F.

Partial mesh
Full mesh
Star
Ring
Bus
Point-to-point

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 79
What is the key limitation of using Internet circuits as a backup to a private enterprise WAN?
A.
B.
C.
D.

Circuit bandwidth
Prioritization
Security
Operational expense

Correct Answer: B
http://www.gratisexam.com

Section: Single choice


Explanation
Explanation/Reference:
QUESTION 80
A network design engineer is seeking a dynamic routing protocol that supports fast convergence in a Cisco environment.
What protocol allows for this?
A.
B.
C.
D.
E.

EIGRP
OSPF
RIP
BGP
IS-IS

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 81
What are two benefits of the bottom-up design approach? (Choose two.)
A.
B.
C.
D.
E.

Allows a quick response to a design request


Facilitates design that is based on previous experience
Requires little or no notation of actual requirements for implementation
Incorporates organizational requirements
Provides a broader overview to the organization and the designer

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 82
Which network layer is the best fit fro security features such as DAI and DHCP snooping?
A.
B.
C.
D.
E.
F.

Campus core
Enterprise edge
Campus distribution
Remote-access VPN
Enterprise data center
Campus access

Correct Answer: F
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 83
Directory services and electronic messaging are performed at which layer of the network?
A.
B.
C.
D.

Core
Application
Distribution
Network

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 84

http://www.gratisexam.com

Which configuration can be used to implement FHRP protocol and load balancing at the same time?
A. R1
interface Ethernet0
ip address 171.16.6.5 255.255.255.0
standby 1 preempt
standby 1 ip 171.16.6.100
standby 1 track Serial0
standby 2 preempt
standby 2 ip 171.16.6.200
standby 2 track Serial0
standby 2 priority 95
!
R2
interface Ethernet0
ip address 171.16.6.6 255.255.255.0
standby 1 preempt
standby 1 ip 171.16.6.100

http://www.gratisexam.com

standby 1 track Serial0


standby 2 preempt
standby 2 ip 171.16.6.200
standby 2 track Serial0
B. R1
interface Ethernet0
ip address 171.16.6.5 255.255.255.0
standby 1 preempt
standby 1 ip 171.16.6.100
standby 1 track Serial0
standby 1 priority 95
!
R2
interface Ethernet0
ip address 171.16.6.6 255.255.255.0
standby 1 preempt
standby 1 ip 171.16.6.100
standby 1 track Serial0
standby 1 priority 95
C. R1
interface Ethernet0
ip address 171.16.6.5 255.255.255.0
standby 1 preempt
standby 1 ip 171.16.6.100
standby 1 track Serial0
standby 1 priority 95
standby 2 preempt
standby 2 ip 171.16.6.200
standby 2 track Serial0
standby 2 priority 95
!
R2
interface Ethernet0
ip address 171.16.6.6 255.255.255.0
standby 1 preempt
standby 1 ip 171.16.6.100
standby 1 track Serial0
standby 2 preempt
standby 2 ip 171.16.6.200
standby 2 track Serial0
D. R1
interface Ethernet0
ip address 171.16.6.5 255.255.255.0

http://www.gratisexam.com

standby 1 preempt
standby 1 ip 171.16.6.100
standby 1 track Serial0
standby 1 priority 95
!
R2
interface Ethernet0
ip address 171.16.6.6 255.255.255.0
standby 1 preempt
standby 1 ip 171.16.6.100
Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 85
Cisco FabricPath brings the benefits of routing protocols to Layer 2 network Ethernet environments.
What are two advantages of using Cisco FabricPath technology? (Choose two.)
A.
B.
C.
D.
E.

Cisco FabricPath provides MAC address scalability with conversational learning


Loop mitigation is provided by the TTL field in the frame
Cisco FabricPath technology is supported in all Cisco platforms and can replace legacy Ethernet in all campus networks
Cisco FabricPath relies on OSPF to support Layer 2 forwarding between switches, which allows load balancing between redundant paths
Cisco FabricPath is IETF-standard and is not used with Cisco products

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 86
A network design shows two routers that are directly connected to an Ethernet switch using optical connections. There is an OSPF Adjacency between the routers.
In this design, which solution ensures that interface-down detection is reported as quickly as possible to the IGP?

http://www.gratisexam.com

A.
B.
C.
D.
E.

Optimized OSPF SPF timers


Bidirectional Forwarding Detection
Automatic protection switching
Optimized OSPF LSA timers
Ethernet OAM CFM monitoring

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 87
Which statement is true about using a DNS server to discover a controller IP?
A.
B.
C.
D.

The AP sends a discovery request to the first controller on the list and then goes down the list chronologically until it receives a discovery response
The AP sends a discovery request to the last controller on the list and then goes up the list chronologically until it receives a discovery response
The AP sends a discovery request to all controllers on the list simultaneously
Multiple controller IP addresses in a DNS response are not supported

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 88

http://www.gratisexam.com

A network engineer at a technical call center receives a call from a customer complaining that only 56 kbps of data can be transferred over the T1 Frame Relay
WAN circuit at a remote site. The engineer checks the Frame Relay switch and confirms that only 56 kbps is being transferred over the circuit. The engineer
requests the router configuration of the customer headquarters site router.
What is causing this issue to occur?
A.
B.
C.
D.

The wrong CIR is configured


The BECN configuration is causing this issue
The class name is spelled wrong under the interface
The wrong DLCI number is assigned to the interface

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 89
Which option is an advanced congestion management mechanism?
A.
B.
C.
D.

Weighted fair queuing


Policing
Payload compression
Header compression

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 90
Which option is an example of physical device virtualization?
A.
B.
C.
D.

VSS
VPN
VRF
VLAN

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 91
A data center is being deployed, and one design requirement is to be able to readily scale server virtualization.
Which IETF standard technology can provide this requirement?
A.
B.
C.
D.

Transparent Interconnection of Lots of Links


Cisco FabricPath
Data center bridging
Cisco Unified Fabric
http://www.gratisexam.com

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 92
A company would like to distribute a VM hosting cluster between three data centers with the capability to move VMs between sites. The connectivity between data
centers is IP only, and the new design should use existing WAN.
Which layer 2 tunneling technology should be used?
A.
B.
C.
D.

VPLS
L2TPv3
OTV
AToM

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
AToM = Any Transport over MPLS
L2TPv3 = Layer 2 Tunneling Protocol Version 3 (IETF - RFC 3931)
OTV = Overlay Transport Virtaulization
VPLS = Virtual Private LAN Service
QUESTION 93
In which two places is redundancy recommended in an Enterprise Campus Network design? (Choose two.)
A.
B.
C.
D.
E.

Building distribution
Campus core
Building access
E-commerce
Internet connectivity

Correct Answer: AB

http://www.gratisexam.com

Section: Multiple choice


Explanation
Explanation/Reference:
QUESTION 94
What are two purposes of route redundancy? (Choose two.)
A.
B.
C.
D.
E.

Minimize the effect of link failures


Minimize the effect of internetworking device failures
Minimize the convergence time of STP
Load balance across redundant paths
Save network costs

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 95
Which two statements are true regarding a hierarchical network? (Choose two.)
A.
B.
C.
D.
E.

Facilitates choosing the type of routing protocols to be used in the network


Provides scalability without affecting other layers and functionality
Provides better performance as network resources are efficiently utilized
Limits redundancy at the distribution layer
Complicates manageability because of the added security

Correct Answer: BC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 96

http://www.gratisexam.com

Which two Cisco data center can participate in Cisco FabricPath? (Choose two.)
A.
B.
C.
D.
E.

Cisco Nexus 5500 Series Switches


Cisco Nexus 1000V Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 4900 Series Switches
Cisco MDS 9500 Series Multilayer Directors

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 97

Assuming that a network will grow exponentially for the next 24 months, what is the main limitation that must be addressed?
A. Scalability

http://www.gratisexam.com/

http://www.gratisexam.com

B. Serviceability
C. Redundancy
D. Resiliency
Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 98
A network engineer is tasked with summarizing the routes to a remote site. What is the optimal route statement to connect to the 192.168.101.0/24 and
192.168.102.0/24 networks across the corporate WAN?
A.
B.
C.
D.

ip
ip
ip
ip

route
route
route
route

192.168.100.0
192.168.100.0
192.168.100.0
192.168.101.0

255.255.254.0
255.255.252.0
255.255.255.0
255.255.254.0

10.1.1.1
10.1.1.1
10.1.1.1
10.1.1.1

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 99

http://www.gratisexam.com

Where should routes in the routing table be aggregated or summarized?


A. In the core toward the data center

http://www.gratisexam.com

B. In the distribution toward the access


C. In the core toward the distribution
D. In the distribution toward the core
Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 100
Which option is used by OSPF to reduce the flooding domain of database updates in a network?
A.
B.
C.
D.

Hello packets
Virtual links
Interface cost
Areas

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 101

http://www.gratisexam.com

http://www.gratisexam.com

Which three OSPF routers are the only routers that may perform summarization with the current network layout? (Choose three.)
A.
B.
C.
D.
E.
F.

Router 2
Router 3
Router 4
Router 5
Router 7
Router 8

Correct Answer: ACE


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 102
Which two options should be used to achieve fast convergence in an OSPF network? (Choose two.)
A.
B.
C.
D.
E.

Bidirectional Forwarding Detection


Fast hellos
LSA retransmission interval
SPF throttle timers
LSA group pacing

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 103

http://www.gratisexam.com

Which next hop will the router select if given an IP packet with the dstination address 19.48.254.3?
A.
B.
C.
D.

Router 1
Router 2
Interface 0
Interface 1

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 104

http://www.gratisexam.com

In this suboptimal design of homogeneous Cisco network, which version of spanning tree provides the fastest convergence?

http://www.gratisexam.com

A.
B.
C.
D.
E.

PVST+
CST
RPVST
VSTP
PVST

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 105

http://www.gratisexam.com

The red lines refer to STP blocked ports. What happens if the HSRP active moves to the right distribution, and the STP root remains on the left distribution?

http://www.gratisexam.com

A.
B.
C.
D.
E.

The STP root becomes the gateway


The interdistribution link is used for transit
The HSRP standby becomes the gateway
The interaccess link is used for transit
Host traffic is unable to reach the HSRP active

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 106

The organization is migrating away from HSRP. VSS has been implemented on a pair of Cisco Catalyst 6500 Series Switches. In order to avoid changes to end
hosts, the default gateway is carried over to the SVI on the VSS.
Why does the implementation plan require a four-hour wait after removing the FHRP configuration?
http://www.gratisexam.com

A.
B.
C.
D.
E.

The VLAN interface MAC address and the FHRP MAC address are different. It takes four hours for the VLAN interface to come up
The SVI IP address and the FHRP IP address are different. It takes four hours for the SVI to come up
The VLAN interface MAC address and the FHRP MAC address are different. It takes four hours for the ARP cache to time out
The VLAN interface IP address and the FHRP address are different. It takes four hours for the VLAN interface to come up
The VLAN interface IP address and the FHRP IP address are different. It takes four hours for the ARP cache to time out

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 107
Which command is correct for creating a virtual interface on Cisco wireless controller?
A.
B.
C.
D.

config create interface


tag interface
config interface address
untag interface

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 108
Which three series of Cisco wireless controllers support wireless Bidirectional Rate Limiting?
A.
B.
C.
D.
E.
F.

Cisco 2500 Series Wireless Controllers


Cisco 5500 Series Wireless Controllers
Cisco 5700 Series Wireless Controllers
Cisco 7500 Series Wireless Controllers
Cisco 8500 Series Wireless Controllers
Cisco 7200 Series Wireless Controllers

http://www.gratisexam.com

Correct Answer: BDE


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 109
Which option cause deep-packet examination to determine the specific nature of an attack?
A.
B.
C.
D.

Network IPS
Netflow collector
Stateful firewall
Syslog server

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 110

http://www.gratisexam.com

Which location is the best for placing a monitor-only IPS that has visibility into the most data center traffic?
A.
B.
C.
D.

(A) Inline before the firewall


(B) Inline after the firewall
(C) Passive off the firewall
(D) Passive off the internal switch

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 111
A remote user for a company must periodically connect to the company network to access internal resources using a company laptop with software that was
preinstalled by the IT department. Which VPN method is used for connectivity?

http://www.gratisexam.com

A.
B.
C.
D.

DMVPN
SSL VPN
IPsec VPN
GET VPN

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 112
Which statement is true about the Cisco NAC Appliance?
A.
B.
C.
D.

recognize users, their devices, and their roles in the network


Does not offer audit and reporting features
Must be placed inline with other network devices
Does not recognize guest users

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 113
Which two Cisco products can be used in a data center to support OTV technology? (Choose two.)
A.
B.
C.
D.
E.

Cisco Nexus 5500 Series Switches


Cisco Nexus 7000 Series Switches
Cisco ASR 1000 Series Routers
Cisco ASR 9000 Series Routers
Cisco Nexus 3000 Series Switches

Correct Answer: BC

http://www.gratisexam.com

Section: Multiple choice


Explanation
Explanation/Reference:
QUESTION 114
Which IETF standard technology can be used with data center design to readily scale server virtualization?
A.
B.
C.
D.

Transparent Interconnection of Lots of Links


OTV
vPC
FCoE

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 115
Which three options are examples of network logical virtualization? (Choose three.)
A.
B.
C.
D.
E.

Virtual PortChannel
Virtual machine
Virtual Device Context
Virtual Switching System
Virtual device driver

Correct Answer: ACD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 116
Which type of structure consists of the addressing, routing protocols, QoS, and security components?

http://www.gratisexam.com

A.
B.
C.
D.

Logical
Physical
Layered
Virtual

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 117
What phase of Cisco's PPDIOO is the final test of the appropriateness of the design?

http://www.gratisexam.com/

A.
B.
C.
D.

Operate
Optimize
Design
Implement

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 118
what phase of Cisco's PPDIOO includes the identification and resolution of issues prior to moving the entire network to production?

http://www.gratisexam.com

A.
B.
C.
D.

Optimize
Operate
Implement
Design

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
Seems to be OK (p.14 of CCDA 640-864 Official Cert Guide).
QUESTION 119

Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
Classification is the process of partitioning traffic into multiple priority levels or classes of service. Information in the frame or packet header is inspected, and the
frames priority is determined. Marking is the process of changing the priority or class of service (CoS) setting within a frame or packet to indicate its classification.
Classification is usually performed with access control lists (ACL), QoS class maps, or route maps, using various match criteria.
Congestion-avoidance techniques monitor network traffic loads so that congestion can be anticipated and avoided before it becomes problematic. Congestionavoidance techniques allow packets from streams identified as being eligible for early discard (those with lower priority) to be dropped when the queue is getting
full. Congestion avoidance techniques provide preferential treatment for high priority traffic under congestion situations while maximizing network throughput and
capacity utilization and minimizing packet loss and delay.
Weighted random early detection (WRED) is the Cisco implementation of the random early detection (RED) mechanism. WRED extends RED by using the IP
Precedence bits in the IP packet header to determine which traffic should be dropped; the drop-selection process is weighted by the IP precedence.
Traffic conditioner consists of policing and shaping. Policing either discards the packet or modifies some aspect of it, such as its IP Precedence or CoS bits,
when the policing agent determines that the packet meets a given criterion. In comparison, traffic shaping attempts to adjust the transmission rate of packets that
match a certain criterion. Shaper typically delays excess traffic by using a buffer or queuing mechanism to hold packets and shape the flow when the sources data
rate is higher than expected. For example, generic traffic shaping uses a weighted fair queue to delay packets to shape the flow. Traffic conditioner is also referred
to as Committed Access Rate (CAR).
Congestion management includes two separate processes: queuing, which separates traffic into various queues or buffers, and scheduling, which decides from
which queue traffic is to be sent next. There are two types of queues: the hardware queue (also called the transmit queue or TxQ) and software queues. Software
queues schedule packets into the hardware queue based on the QoS requirements and include the following types: weighted fair queuing (WFQ), priority queuing
(PQ), custom queuing (CQ), class-based WFQ (CBWFQ), and low latency queuing (LLQ).

http://www.gratisexam.com

LLQ is also known as Priority QueuingClass-Based Weighted Fair Queuing (PQ-CBWFQ). LLQ provides a single priority but its preferred for VoIP networks
because it can also configure guaranteed bandwidth for different classes of traffic queue. For example, all voice call traffic would be assigned to the priority queue,
VoIP signaling and video would be assigned to a traffic class, FTP traffic would be assigned to a low-priority traffic class, and all other traffic would
be assigned to a regular class.
Link efficiency techniques, including link fragmentation and interleaving (LFI) and compression. LFI prevents small voice packets from being queued behind
large data packets, which could lead to unacceptable delays on low-speed links. With LFI, the voice gateway fragments large packets into smaller equal-sized
frames and interleaves them with small voice packets so that a voice packet does not have to wait until the entire large data packet is sent. LFI reduces and
ensures a more predictable voice delay.
(Reference: Cisco Press Designing for Cisco Internetwork Solutions)
QUESTION 120
Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
Trust and identity management solutions provide secure network access and admission at any point in the network and isolate and control infected or unpatched
devices that attempt to access the network. If you are trusted, you are granted access.
We can understand trust is the security policy applied on two or more network entities and allows them to communicate or not in a specific circumstance.
Identity is the who of a trust relationship.
The main purpose of Secure Connectivity is to protect the integrity and privacy of the information and it is mostly done by encryption and authentication. The
purpose of encryption is to guarantee confidentiality; only authorized entities can encrypt and decrypt data. Authentication is used to establish the subjects identity.
For example, the users are required to provide username and password to access a resource
QUESTION 121
Select and Place:

http://www.gratisexam.com

Correct Answer:

Section: Select and Place


Explanation
Explanation/Reference:
QUESTION 122

http://www.gratisexam.com

Select and Place:

Correct Answer:

Section: Select and Place


Explanation
Explanation/Reference:
QUESTION 123
Place Methodology in correct order
A.
B.
C.
D.

Prepare, Implement, Operate, Plan, Optimize, Design


Optimize, Operate, Design, Prepare, Implement, Plan
Prepare, Optimize, Design, Implement, Operate, Plan
Optimize, Design, Prepare, Implement, Operate, Plan

http://www.gratisexam.com

E. Prepare, Plan, Design, Implement, Operate, Optimize


F. Prepare, Plan, Design, Implement, Optimize, Operate
Correct Answer: E
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 124
Which is the equation used to derive a 64 Kbps bit rate?
A.
B.
C.
D.

2 x 8 kHz x 4-bit code words


8 kHz x 8-bit code words
2 x 4-bit code words x 8 kHz
2 x 4 kHz x 8-bit code words

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
While the human ear can sense sounds from 20 to 20,000 Hz, and speech encompasses sounds from about 200 to 9000 Hz, the telephone channel was designed
to operate at about 300 to 3400 Hz. This economical range carries enough fidelity to allow callers to identify the party at the far end and sense their mood. Nyquist
decided to extend the digitization to 4000 Hz, to capture higher-frequency sounds that the telephone channel may deliver. Therefore, the highest frequency for
voice is 4000 Hz. According to Nyquist theory, we must double the highest frequency, so 2x4kHz = 8kHz.
Each sample will be encoded into a 8-bit code. Therefore 8kHz x 8-bit code = 64 Kbps (notice about the unit Kbps: 8kHz = 8000 samples per second so 8000 x 8bit = 64000 bit per second = 64 Kilobit per second = 64 Kbps)
Note:
Nyquist theory: When sampling a signal (e.g., converting from an analog signal to digital), the sampling frequency must be greater than twice the bandwidth of the
input signal in order to be able to reconstruct the original perfectly from the sampled version.
QUESTION 125
Which three of these are components of the North American Numbering Plan? (Choose three.)
A. Numbering Plan Area

http://www.gratisexam.com

B.
C.
D.
E.
F.

Country Code
Prefix
Zone
Line Number
Trunk Channel

Correct Answer: ACE


Section: Multiple choice
Explanation
Explanation/Reference:
NANP has the address format of NXX-NXX-XXXX, where N is any number from 2 to 9 and X is any number from 0 to 9. The first three digits identify the numbering
plan area and are commonly called the area code. The address is further divided into the office code (also known as prefix) and line number. The prefix is three
digits, and the line number is four digits. The line number identifies the phone.
QUESTION 126
A customer has the following Enterprise Campus design requirements:
- at least 10 Gbps of bandwidth
- network runs of up to 40km
- no concern for transmission medium cost
Which transmission medium should you recommend to this customer?
A.
B.
C.
D.
E.

Shielded twisted pair


Unshielded twisted pair
Multimode fiber
Single-mode fiber
Wireless

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
Below is the comparison of transmission media
Media
Twisted pair

Bandwidth
Up to 1 Gbps

Distance
100 m

http://www.gratisexam.com

Multimode fiber
Single-mode fiber
Wireless

Up to 1 Gbps
10 Gbps
54 Mbps (27 Mbps effective)

2 km (FE) 550 m (GE)


90 km (FE) 40 km (GE)
500 m at 1 Mbps

(Reference from CCDA Official Exam Certification Guide. Some other books have different figures but we should answer it according to the Official book)
QUESTION 127
In the Cisco branch office design, what categorizes an office as large?
A.
B.
C.
D.
E.

Between 50 and 100 users and a three-tier design


Between 50 and 100 users and a single-tier design
Between 100 and 200 users and a two-tier design
Between 100 and 200 users and a three-tier design
Over 200 users and a two-tier design

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 128

http://www.gratisexam.com

Which layer is the distribution layer?


A.
B.
C.
D.

Layer A
Layer B
Layer C
Layer A & B form a consolidated core and distribution layer

http://www.gratisexam.com

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 129
Which two implementation plan principles best describe how to deal with potential failures? (Choose two.)
A.
B.
C.
D.
E.

A good implementation plan


A successful test network test
A test should be included at every step
A detailed rollback procedure for each implementation step
A table of failure points, and estimated rollback times

Correct Answer: CE
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 130

http://www.gratisexam.com

A standard Layer 2 campus network design is pictured. Which numbered box represents the distribution layer?
A.
B.
C.
D.

#1
#2
#3
#4

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 131
Which three pieces of information should be documented for each step of each phase in a design implementation plan? (Choose three.)
A.
B.
C.
D.
E.
F.

Step description
Design document references
Easy guidelines in case of failure
Estimated implementation time
Simple implementation guidelines
Estimated rollback time in case of failure

Correct Answer: ABD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 132
Which three terms describe the primary functions of the distribution layer of the campus network design hierarchy? (Choose three.)
A.
B.
C.
D.
E.
F.

Provide end-user connectivity


Provide high speed transport
Provide QoS services
Enforce security policies
Provide WAN connections
Connect access devices to the core backbone

Correct Answer: CDF


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 133

http://www.gratisexam.com

Which two statements correctly identify the layers of the Enterprise Campus module? (Choose two)
A. A is the Data Center Module and C is the Campus Core layer
B. A is the Data Center Module and D is the Building Access layer

http://www.gratisexam.com

C.
D.
E.
F.

B is the Campus Core layer and C is the Building Distribution layer


B is the Building Distribution layer and C is the Campus Core layer
A is the Internet Connectivity layer and B is the Campus Core layer
B is the Building Distribution layer and D is the Building Access layer

Correct Answer: BC
Section: Multiple choice
Explanation
Explanation/Reference:
Data Center aka Server Farm
QUESTION 134

http://www.gratisexam.com

Which statement accurately represents the characteristics of the core layer in this design?
A.
B.
C.
D.

QoS should be performed only in the core


Load balancing should never be implemented or used in the core
Access lists should be used in the core to perform packet manipulation
It is acceptable to use a partial mesh in the core if it is connected to each device by multiple paths

http://www.gratisexam.com

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 135

http://www.gratisexam.com

Which element or elements of the existing network infrastructure does this network map emphasize?
A.
B.
C.
D.

Network services
Network protocols
OSI data link layer
Network applications

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 136
Which two of the following are benefits of using a modular approach to network design? (Choose two.)
A.
B.
C.
D.

Improve flexibility
Facilitates implementation
Lowers implementation costs
Improves customer participation in the design process

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 137
Data link switching is typically used in which Enterprise Campus Module layer?
A. Server Farm

http://www.gratisexam.com

http://www.gratisexam.com/
B.
C.
D.
E.

Campus Core
Building Access
Building Distribution
Internet Connectivity

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
In the most general model, the Building Access layer uses Layer 2 switching (or Data link switching), and the Building Distribution layer uses multi-layer switching.
The six modules of the Cisco Enterprise Architecture are:
+ Enterprise Campus module
+ Enterprise Edge module
+ Enterprise WAN module
+ Enterprise Data Center module
+ Enterprise Branch module
+ Enterprise Teleworker module
The purpose of the access layer is to grant end-user access to network resources.
The distribution layer provides aggregation for the access layer devices and uplinks to the core layer. It is also used to enforce policy within the network.
The core layer provides a high-speed, highly available backbone designed to switch packets as fast as possible.
QUESTION 138
Which two statements about designing the Enterprise Data Center Access submodule are correct? (Choose two)
A. Multiport NIC servers should each have their own IP address
B. Layer 3 connectivity should never be used in the access layer

http://www.gratisexam.com

C. Layer 2 connectivity is primarily implemented in the access layer


D. Multiport NIC servers should never be used in the access layer
E. Layer 2 clustering implementation requires servers to be Layer 2 adjacent
Correct Answer: CE
Section: Multiple choice
Explanation
Explanation/Reference:
Data link layer switches are often used to connect end devices in the access layer (while distribution and core layer typically use multilayer switches.
The use of Layer 2 clustering requires the servers to be Layer 2 adjacent.
QUESTION 139
Which two statements about the Enterprise Data Center Aggregation submodule are correct? (Choose two.)
A.
B.
C.
D.

it provides Layer 4-7 services


It should never support STP
It is the critical point for control and application services
It typically provides Layer 2 connectivity from the data center to the core

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
This submodule provides Layer 4 through Layer 7 services through security and application service devices such as load-balancing devices, SSL offloading
devices, firewalls, and IDS devices.
The Data Center Aggregation (distribution) layer aggregates the uplinks from the access layer to the Data Center Core layer and is the critical point for control and
application services.
QUESTION 140
Which of the following is a modular component within the Cisco Enterprise Campus module in the Cisco Enterprise Architecture framework?
A.
B.
C.
D.

Teleworker
E-Commerce
Internet Connectivity
Building Distribution

http://www.gratisexam.com

E. WAN/MAN Site-to-Site VPN


Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 141
DataQuirk is a web-based medical transcription company for exotic-animal veterinarians. The company recently added a third ISP for international business. They
are organizing the enterprise network into a fully operational Enterprise Edge.
To which two modules will the three ISPs be directly related? (Choose two.)
A.
B.
C.
D.
E.
F.

PSTN
E-Commerce
WAN/MAN
Edge Distribution
Internet Connectivity
Remote Access VPN

Correct Answer: BE
Section: Multiple choice
Explanation
Explanation/Reference:
The Enterprise Edge Module consists of the following modules:
+ E-commerce module: includes the devices and services necessary for an organization to provide e-commerce applications.
+ Internet connectivity module: provides enterprise users with Internet access.
+ VPN and remote access module: terminates VPN traffic and dial-in connections from external users.
+ WAN/ MAN and site-to-site module: provides connectivity between remote sites and the central site over various WAN technologies.
In these modules, only E-Commerce and Internet Connectivity modules will be directly related to the three ISPs.

http://www.gratisexam.com

QUESTION 142
Which statement describes the recommended deployment of DNS and DHCP servers in the Cisco Enterprise Architecture Model?
A.
B.
C.
D.

Place the DHCP and DNS servers in the Enterprise Campus Access layer and Enterprise branch
Place the DHCP and DNS servers in the Enterprise Campus Server Farm layer and Enterprise branch
Place the DHCP server in the Enterprise Campus Core layer and Remote Access/VPN module with the DNS server in the Internet Connectivity module
Place the DHCP server in the Enterprise Campus Distribution layer with the DNS server in the Internet Connectivity module

Correct Answer: B

http://www.gratisexam.com

Section: Single choice


Explanation
Explanation/Reference:
For the Enterprise Campus, DHCP and internal DNS servers should be located in the Server Farm and they should be redundant. External DNS servers can be
placed redundantly at the service provider facility and at the Enterprise branch.

QUESTION 143
Which two modules are found in the Enterprise Edge functional area of the Cisco Enterprise Architecture? (Choose two.)
A. Teleworker
B. WAN/LAN
C. Server Farm

http://www.gratisexam.com

D. E-Commerce
E. Internet Connectivty
F. Remote Access/VPN
Correct Answer: DE
Section: Multiple choice
Explanation
Explanation/Reference:
The Enterprise Edge functional area consists of four main modules: E-commerce module, Internet Connectivity module, Remote Access and VPN module, WAN
and MAN and Site-to-Site VPN module.
QUESTION 144
The Cisco Data Center Network Architecture comprises which two Cisco SONA layers? (Choose two)
A.
B.
C.
D.
E.

Interactive Services
Business Applications
Network Infrastructure
Collaboration Applications
WAN/Internet

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
SONA = Service-Oriented Network Architecture
The SONA framework defines the following three layers:
+ Networked Infrastructure layer: Where all the IT resources interconnect across a converged network foundation. The objective of this layer is to provide
connectivity, anywhere and anytime.
+ Interactive Services layer: Includes both application networking services and infrastructure services. This layer enables efficient allocation of resources to
applications and business processes delivered through the networked infrastructure.
+ Application layer: Includes business applications and collaboration applications. The objective of this layer is to meet business requirements and achieve
efficiencies by leveraging the Interactive Services layer.

http://www.gratisexam.com

QUESTION 145
Which three of these are layers in the Cisco SONA Architecture? (Choose three.)
A.
B.
C.
D.
E.
F.

Application
Physical Infrastructure
Presentation
Integrated Transport
Core Common Services
Networked Infrastructure

Correct Answer: ABF

http://www.gratisexam.com

Section: Multiple choice


Explanation
Explanation/Reference:
SONA = Service-Oriented Network Architecture
The SONA framework defines the following three layers:
+ Networked Infrastructure layer: Where all the IT resources interconnect across a converged network foundation. The objective of this layer is to provide
connectivity, anywhere and anytime.
+ Interactive Services layer: Includes both application networking services and infrastructure services. This layer enables efficient allocation of resources to
applications and business processes delivered through the networked infrastructure.
+ Application layer: Includes business applications and collaboration applications. The objective of this layer is to meet business requirements and achieve
efficiencies by leveraging the Interactive Services layer.

http://www.gratisexam.com

QUESTION 146
A Cisco SONA architecture layer is described as follows:
- The layers IT resources are interconnected across a converged network foundation.
- The layers IT resources include servers, storage, and clients.
- The layer represents how resources exist across the network.
- The customer objective for the layer is to have anywhere/anytime connectivity.
Which Cisco SONA architecture layer is being described?
A. Application
B. Physical

http://www.gratisexam.com

C. Integrated Transport
D. Interactive Services
E. Networked Infrastructure
Correct Answer: E
Section: Single choice
Explanation
Explanation/Reference:
SONA = Service-Oriented Network Architecture
Networked Infrastructure layer: Where all the IT resources interconnect across a converged network foundation. The objective of this layer is to provide
connectivity, anywhere and anytime.

http://www.gratisexam.com

QUESTION 147
At which stage in the PPDIOO process would you analyze a customers network in order to discover opportunities for network improvement?
A.
B.
C.
D.
E.
F.

Plan
Prepare
Design
Implement
Operate
Design Assesment

Correct Answer: C

http://www.gratisexam.com

Section: Single choice


Explanation
Explanation/Reference:
Cisco has formalized a networks life cycle into six phases: Prepare, Plan, Design, Implement, Operate, and
Optimize. These phases are collectively known as PPDIOO.
Design phase: Developing a detailed design is essential to reducing risk, delays, and the total cost of network deployments. A design aligned with business goals
and technical requirements can improve network performance while supporting high availability, reliability, security, and scalability.
(Reference: http://www.ciscozine.com/2009/01/29/the-ppdioo-network-lifecycle/)
QUESTION 148
Which of these is the next step after the design phase in the PPDIOO process?
A.
B.
C.
D.
E.

Order the equipment


Develop a high-level migration plan
Create a pilot or a prototype network
Develop the implementation plan in as much detail as possible
Identify which network management protocol will be used for which function

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
The Implement phase begins after the design phase has been finished. In this phase, new devices are installed, configured and tested according to the design
specifications.
QUESTION 149
According to Cisco, which four improvements are the main benefits of the PPDIOO lifecycle approach to network design? (Choose four.)
A.
B.
C.
D.
E.
F.

Faster ROI
Improved business agility
Increased network availability
Faster access to applications and services
Lower total cost of network ownership
Better implementation team engagement

http://www.gratisexam.com

Correct Answer: BCDE


Section: Multiple choice
Explanation
Explanation/Reference:
ROI = Return on Investment
The PPDIOO life cycle provides four main benefits:
+ It improves business agility by establishing business requirements and technology strategies.
+ It increases network availability by producing a sound network design and validating the network
operation.
+ It speeds access to applications and services by improving availability, reliability, security, scalability, and
performance.
+ It lowers the total cost of ownership by validating technology requirements and planning for infrastructure
changes and resource requirements.
(Reference: Cisco CCDA Official Exam Certification Guide, 3rd Edition)
QUESTION 150

http://www.gratisexam.com

During which stage of the PPDIOO process are implementation procedures prepared?
A.
B.
C.
D.
E.
F.

Prepare
Plan
Design
Implement
Operate
Optimize

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
The Design phase includes network diagrams and an equipment list. The project plan is updated with more granular information for implementation. This is the so-

http://www.gratisexam.com

called prepare implementation procedures.


QUESTION 151
Which two design methodology steps relate, at least in part, to the implement phase of the PPDIOO process? (Choose two.)
A.
B.
C.
D.
E.

Verifying the network


Testing design
Determining customer requirements
Characterizing the existing network
Establishing the organizational requirements

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
The Implement phase relates to implement new devices, including verifying and testing so A and B are the most suitable options.
Determining customer requirements occurs in the Prepare phase, which identifies requirements and builds a conceptual architecture.
Characterizing the existing network belongs to the Plan phase; this step is performed to determine the infrastructure necessary to meet the requirements.
In the establishing the organizational requirements step, the network topology is designed to meet the requirements and close the network gaps identified in the
previous steps. This step is related to the Design Phase of the PPDIOO process.
QUESTION 152
Which two statements represent advantages that the top-down network design process has over the bottom-up network design process? (Choose two.)
A.
B.
C.
D.
E.

Is able to provide the big picture


Utilizes previous experience
Takes less time to design a network
Identifies appropriate technologies first
Provides a design for current and future development

Correct Answer: AE
Section: Multiple choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

By incorporating the organizations requirements, the top-down network design process provide the big picture that meets current and future requirements.
QUESTION 153
Which statement identifies a benefit obtained when using a top-down network design plan?
A.
B.
C.
D.
E.

Allow quick responses to design requests


Facilitates design based on previous experience
Incorporates customer organizational requirements
Is less time-consuming than using a bottom-up approach
Provides a more detailed picture of the desired network

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
The top-down approach begins with the organizations requirements before looking at technologies. Network designs are tested using a pilot or prototype network
before moving into the Implement phase.
QUESTION 154
What are three valid methods of gathering information about an existing data network? (Choose three.)
A.
B.
C.
D.
E.
F.

Use organizational input


Perform a traffic analysis
Analyze the user-mapping of a running application
Perform a packet-level audit to verify carrier service guarantees
Perform a network audit to gather more detail about the network
Use reports that analyze the metrics of the customers existing network

Correct Answer: ABE


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 155
Which of the following Cisco router services performs network traffic analysis to assist in documenting a customers existing network?

http://www.gratisexam.com

A.
B.
C.
D.

MRTG
NetMon
NetFlow
SNMP MIB complier

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 156
You are performing an audit of a customers existing network and need to obtain the following router information:
- interfaces
- running processes
- IOS image being executed

http://www.gratisexam.com/
Which command should you use?
A.
B.
C.
D.
E.

show version
show tech-support
show starup-config
show running-config
show processes memory

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 157
Which Cisco device management feature is most suited to metering network traffic and providing data for billing network usage?
A.
B.
C.
D.
E.

BGP
Cisco Discovery Protocol
QoS
RMON
NetFlow

Correct Answer: E
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 158
Which network management protocol allows a network device to have vendor-specific objects for management?
A.
B.
C.
D.
E.
F.

SNMP v1
SNMP v2
SNMP v3
MIB
RMON 1
RMON 2

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 159
Which three sources does a network designer use to collect information for characterizing an existing network? (Choose three.)
A. Staff input
http://www.gratisexam.com

B.
C.
D.
E.

Visual inventory
Network audit
Traffic analysis
Server statistics

Correct Answer: ACD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 160
To provide Layer 2 connectivity between the primary and remote data centers, given that the two data centers are using Layer 3 routed DCIs, which NX-OS
technology can be used to facilitate this requirement?
A.
B.
C.
D.
E.

VRF
OTV
MPLS
STP
vPC

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
MPLS = Multiprotocol Label Switching
OTV = Overlay Transport Virtualization
STP = Spanning Tree Protocol
vPC = Virtual Port Channel
VRF = Virtual Routing and Forwarding
QUESTION 161
What is the acceptable amount of one-way network delay for voice and video applications?
A. 300 bytes
B. 1 sec
C. 150 msec

http://www.gratisexam.com

D. 500 msec
Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
Delay Components in VoIP Networks
The ITU's G.I 14 recommendation specifics that the one-way delay between end points should not exceed 150 ms to be acceptable, commercial voice quality.
In private networks, somewhat longer delays might be acceptable for economic reasons.
The ITU G.114 recommendation specifics that 151-ms to 400-ms one-way delay might be acceptable provided that organizations are aware that the transmission
time will affect the quality of user applications. One-way delays of above 400 ms are unacceptable for general network planning purposes.
QUESTION 162
At which layer of the network is route summarization recommended?
A.
B.
C.
D.

Data link layer


Core layer
Distribution layer
Access layer

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 163
Which WAN technology is a cost-effective method to deliver 100Mb of bandwidth to multiple branch offices?
A.
B.
C.
D.

DSL
DWDM
ISDN
Metro Ethernet

http://www.gratisexam.com

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
DSL = Digital Subscriber Line
DWDM = Dense Wavelength Division Multiplexing
ISDN = Integrated Services Digital Network
QUESTION 164
Which Cisco device has the sole function at looking at threat detection and mitigation at the Enterprise Edge?
A.
B.
C.
D.

Cisco IOS Router


Cisco ASA
Cisco Catalyst FWSM
Cisco IPS

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
ASA = Adaptative Security Appliance
FWSM = FireWall Service Module
IPS = Intrusion Prevention System
QUESTION 165
If a teleworker is required to access the branch office via a secure IPsec VPN connection, which technology is recommended to provide the underlying transport?
A.
B.
C.
D.
E.

ISDN
Metro Ethernet
Frame Relay
ASDL
ATM

Correct Answer: D
Section: Single choice
Explanation

http://www.gratisexam.com

Explanation/Reference:
QUESTION 166
Which factor would be most influential in choosing multimode fiber optic connections over UTP?
A.
B.
C.
D.
E.

Signal attenuation
Required bandwidth
Required distance
Electromagnetic interference
Cost

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 167
A hierarchical design of the EIGRP domain facilitates which two of the following? (Choose two.)

http://www.gratisexam.com/

A.
B.
C.
D.
E.

Route summarization
Faster convergence
Unequal cost load balancing
Redistribution
Virtual Links

Correct Answer: AB
Section: Multiple choice
Explanation
http://www.gratisexam.com

Explanation/Reference:
QUESTION 168
Which three types of WAN topologies can be deployed in the Service Provider Module? (Choose three.)
A.
B.
C.
D.
E.
F.

Ring
Star
Full mesh
Core/edge
Collapsed core
Partial mesh

Correct Answer: BCF


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 169
Which two features are supported by single wireless controller deployments? (Choose two.)
A.
B.
C.
D.
E.
F.

Automatic detection and configuration of LWAPPs


LWAPP support across multiple floors and buildings
Automatic detection and configuration of RF parameters
Layer 2 and Layer 3 roaming
Controller redundancy
Mobility groups

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 170
http://www.gratisexam.com

Which three describe challenges that are faced when deploying an environment for teleworkers? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Supporting a mix of technically knowledgeable and non technical users


Simplifying router installation and configuration
Verifying available power at employee's house for necessary equipment
Avoiding situations where employees might use nonstandard hardware or configurations
Reducing daily commuting time to main office location
Providing access to FTP servers located in main office location
Implementing leased line connectivity between main office and employee's home location

Correct Answer: ABD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 171
What are the three models that are required in the systematic approach of the top-down design methodology? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Logical
Physical
Layered
Network components
Technological
Protocols
Virtual

Correct Answer: ABC


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 172
What design requirement is necessary for Campus Network Access layer switching?

http://www.gratisexam.com

A.
B.
C.
D.

High cost per port


High availability
High scalability
High performance

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 173
Which two issues are typical challenges to network stability and reliability? (Choose two.)
A.
B.
C.
D.
E.

Hardware failures
Layer 1 link failures
Application failures
Core layer failures
Distribution layer failures

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 174
If two routing protocols have the same route and prefix, which effect do thery have on the routing table?
A.
B.
C.
D.

Only the route with the lowest administrative distance is added


Only the route with the highest administrative distance is added
Both routes are added
Neither route is added, and a loop is formed

Correct Answer: A
Section: Single choice

http://www.gratisexam.com

Explanation
Explanation/Reference:
QUESTION 175
Which two options are benefits of using a modular network architecture? (Choose two.)
A.
B.
C.
D.
E.

Facilitates troubleshooting
Accurate monitoring
Consistent documentation
Increased flexibility
Reduced cabling requirements

Correct Answer: AD
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 176
What is a benefit of IPv6 over IPv4 addresses?
A.
B.
C.
D.

Shorter addresses
Automatic summarization
Hierarchical global address space
Faster IGP convergence

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 177
For a VLAN that requires 70 hosts, which subnet is the most efficient?

http://www.gratisexam.com

A.
B.
C.
D.

10.0.0.1/8
172.31.17.0/26
192.168.1.0/25
192.168.15.0/24

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 178
Which item is the fundamental basis of a virtual network?
A.
B.
C.
D.

VRF instance
MIB database
GRE tunnel
Redundant hardware

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 179
Your company uses OSPF for internal routing. The company will be connected to VendorA via a single dedicated link and to VendorB via redundant links. Both
vendors also use OSPF for internal routing. Which of the following deployments describes the best intra-domain routing practice in this situation?
A.
B.
C.
D.
E.

Connect your company to both VendorA and VendorB using existing OSPF
Redistribute the routes on each link between your company and the vendors to a shared EIGRP routing protocol
Use iBGP to reach VendorA and eBGP to reach VendorB
Use static routes to reach VendorA and eBGP to reach VendorB
Use static routes to reach both VendorA and vendorB

Correct Answer: D

http://www.gratisexam.com

Section: Single choice


Explanation
Explanation/Reference:
QUESTION 180
Refer to the list of requirements. Which IP telephony design model should you implement to fulfill these requirements?
- Must be a single, large location with many remote sites
- Must have multisite WAN connectivity
- Requires SRST for call processing redundancy
A.
B.
C.
D.

Centralized
Distributed
Clustered
Decentralized

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
SRST = Survival Remote Site Telephony
QUESTION 181
Which network access control technology is recommended to use with Layer 2 access layer switches?
A.
B.
C.
D.
E.

802.1q
802.1x
802.3af
802.3q
802.11n

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 182
Which technology enables WLCs to peer with each other to enable roaming support?
A.
B.
C.
D.

WAP profiles
Roaming profiles
Mobility groups
Peer groups

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 183
Which IP telephony component supports VoIP, PoE, and QoS?
A.
B.
C.
D.

Client Endpoints
Voice-enabled infrastructure
Cisco Unified Communications Manager
Cisco Unified Contact Center

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
CUCM = Cisco Unified Communications Manager
QUESTION 184
What business trend allows employees to use personal devices to access enterprise data and systems?
A.
B.
C.
D.

ISE
BYOD
SAN
IOE
http://www.gratisexam.com

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
BYOD = Bring Your Own Device
IOE = Internet of Everything
ISE = Identity Services Engine
SAN = Storage Area Networks
QUESTION 185
What three customer supported details identifies network requirements based on the PPDIOO design model? (Choose three.)
A.
B.
C.
D.
E.
F.

Goals
Budget
User needs
Locations
Policies
Tasks

Correct Answer: ABC


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 186
An engineer receives a resource utilization alert on a router. What command should be used to investigate the issue?
A.
B.
C.
D.

show processes cpu


show memory
show running-config
show version

Correct Answer: A
Section: Single choice
Explanation

http://www.gratisexam.com

Explanation/Reference:
QUESTION 187
What part of the network does a top-down network design focus on for solution development?

http://www.gratisexam.com/

A.
B.
C.
D.
E.
F.

Presentation
Hardware
Session
Application
Data link
Transport

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 188
An engineer has configured a router to send level 7 messages to a syslog server. What severity level are these messages?
A.
B.
C.
D.
E.

Error
Warning
Debug
Informational
Notice

http://www.gratisexam.com

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
Level Keyword Level
emergencies
0
alerts
1
critical
2
errors
3
warnings
4
notifications 5
informational 6
debugging
7

Description
System unstable
Immediate action needed
Critical conditions
Error conditions
Warning conditions
Normal but significant condition
Informational messages only
Debugging messages

Syslog Definition
LOG_EMERG
LOG_ALERT
LOG_CRIT
LOG_ERR
LOG_WARNING
LOG_NOTICE
LOG_INFO
LOG_DEBUG

QUESTION 189
A network engineer must implement a design where LAN clients are to connect to various access layer devices, while remaining on the same VLAN.
What type of design would support this requirement?
A.
B.
C.
D.

Routed
Switched
Tunneled
Virtual

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 190
When evaluating network design, what indicator demonstrates that the modular approach was followed?
A.
B.
C.
D.

Ability to scale
Follows best practices
Redundant connectivity
Easy to deploy

http://www.gratisexam.com

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 191
A network engineer is following the Cisco Enterprise Architecture model. To which network layer would a branch office connect to using a private VLAN?
A.
B.
C.
D.

Enterprise Campus
Enterprise Edge
SP Edge Premise
Remote Module

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 192
A network engineer is following the three tiered Network Hierarchical Model. At which tier is route summarization implemented?
A.
B.
C.
D.

Core
Distribution
Backbone
Access

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 193
A network engineer is using the Cisco Enterprise Architecture Model. In what module do network management servers reside?

http://www.gratisexam.com

A.
B.
C.
D.

Enterprise campus
Enterprise Edge
Remote Modules
SP Edge WAN/Internet

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 194
What three design requirements are key to design a Campus Core?
A.
B.
C.
D.
E.
F.

Low latency
Access control
Traffic filtering
High speed
Redundant links
QoS tagging

Correct Answer: ADE


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 195
What type of device can be installed to increase a broadcast domain?
A.
B.
C.
D.

Router
Switch
IDS
IPS

http://www.gratisexam.com

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
IDS = Intrusion Detection System
IPS = Intrusion Prevention System
QUESTION 196
To what Layer 2 technology does VRF closely compare?
A.
B.
C.
D.

VSS
vPC
VLAN
VTP

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 197
What network virtualization technology can be leveraged within the data center to reduce the number of physical devices?
A.
B.
C.
D.

VLANs
VPLS
VDC
VSS

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 198

http://www.gratisexam.com

During the design of a new campus network, the customer requests the ability to route overlapping IP addresses. What technology can be leveraged to meet this
request?
A.
B.
C.
D.

VRF
VLANs
VSS
vPC

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 199
Which three are considered as technical constraints when identifying network requirements? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Support for legacy applications


Bandwidth support for new applications
Limited budget allocation
Policy limitations
Limited support staff to complete assessment
Support for existing legacy equipment
Limited timeframe to implement

Correct Answer: ABF


Section: Multiple choice
Explanation
Explanation/Reference:
Network design might be constrained by parameters that limit the solution. Legacy applications might still exist that must be supported going forward, and these
applications might require a legacy protocol that may limit a design. Technical constraints include the following:
* Existing wiring does not support new technology.
* Bandwidth might not support new applications.
* The network must support exiting legacy equipment.
* Legacy applications must be supported (application compatibility).

http://www.gratisexam.com

QUESTION 200
Which two common cable management strategies are used in high-density server deployments in the data center? (Choose two.)
A.
B.
C.
D.
E.
F.

Top-of-rack
Middle-of-rack
Bottom-of-rack
Beginning-of-row
Middle-of-row
End-of-row

Correct Answer: AF
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 201
Which protocol is the recommended first-hop redundancy protocol for an existing infrastructure that contains multiple vendors and platforms?
A.
B.
C.
D.

HSRP
VRRP
IGRP
OSPF

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 202
Which IGP provides the fastest convergence by default?
A. EIGRP
B. OSPF
C. IS-IS

http://www.gratisexam.com

D. RSTP
E. BGP
Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 203
Which three are valid Layer 2 access designs? (Choose three.)
A.
B.
C.
D.
E.
F.

Looped Triangle
Looped Square
Looped U
Loop-Free Triangle
Loop-Free Square
Loop-Free U

Correct Answer: ABF


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 204
Which two enterprise campus layers are combined in a medium-sized LAN? (Choose two.)
A.
B.
C.
D.
E.

Core
Distribution
Access
Backbone
Aggregation

Correct Answer: AB
Section: Multiple choice

http://www.gratisexam.com

Explanation
Explanation/Reference:
QUESTION 205
What is a characteristic of campus core design?
A.
B.
C.
D.

Fast transport
Security
Summarization
Redistribution

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 206
Which servers that reside in the data center require direct links to all other enterprise modules?
A.
B.
C.
D.
E.

Network management servers


DHCP servers
Active Directory servers
IP SLA servers
Web servers

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 207
Which Gigabit Ethernet media type provides the longest reach without a repeater?

http://www.gratisexam.com

http://www.gratisexam.com/

A.
B.
C.
D.

1000Base-CX
1000Base-LX
1000Base-SX
1000Base-T

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 208
which three options represents the components of the Teleworker Solution? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Cisco Unified IP Phone


Cisco 880 Series Router
Aironet Office Extend Access Point
Catalyst 3560 Series Switch
Cisco 2900 Series Router
MPLS Layer 3 VPN
Leased lines

Correct Answer: ABE


Section: Multiple choice
Explanation
Explanation/Reference:
A Cisco ASR is used to terminate Teleworker solutions, not a 2900 series router.

http://www.gratisexam.com

Hybrid teleworker uses Aironet, Advanced teleworker uses 880, both use IP phones.
The Cisco Virtual Office Solution for the Enterprise Teleworker is implemented using the Cisco 800 series ISRs. Each ISR has integrated switch ports that then
connect to the users broadband connection. The solution uses a permanent always-on IPsec VPN tunnel back to the corporate network. This architecture provides
for centralized IT security management, corporate-pushed security policies, and integrated identity services. In addition, this solution supports the enterprise
teleworker needs through advanced applications such as voice and video. For example, the
enterprise teleworker can take advantage of toll bypass, voicemail, and advanced IP phone features not available in the PSTN.
Enterprise Teleworker Module
The enterprise teleworker module consists of a small office or a mobile user who needs to access services of the enterprise campus. As shown in Figure 2-14,
mobile users connect from their homes, hotels, or other locations using dialup or Internet access lines. VPN clients are used to allow mobile users to securely
access enterprise applications. The Cisco Virtual Office solution provides a solution for teleworkers that is centrally managed using small integrated service routers
(ISR) in the VPN solution. IP phone capabilities are also provided in the Cisco Virtual Office solution, providing corporate voice services for mobile users.

QUESTION 209
What is the maximum number of groups that is supported by GLBP?
A.
B.
C.
D.

64
256
512
1024

http://www.gratisexam.com

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 210
Which three services categories are supported by an ISR? (Choose three.)
A.
B.
C.
D.
E.
F.

Voice
Security
Data
Internet
Storage
Satellite

Correct Answer: ABC


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 211
Which three protocols support VLSM? (Choose three.)
A.
B.
C.
D.
E.

RIPv2
RIPv1
EIGRP
OSPF
IGRP

Correct Answer: ACD


Section: Multiple choice
Explanation
Explanation/Reference:
http://www.gratisexam.com

QUESTION 212
Which statement describes an unique feature of EIGRP?
A.
B.
C.
D.

It enables unequal-cost load balancing


It enables equal-cost load balancing
It enables source-based load balancing
It enables port-based load balancing

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 213
ACME corporation is implementing dynamic routing on the LAN at its corporate headquarters. The interior gateway protocol that they select must support these
requirements: multivendor environment, efficient subnetting, high scalability, and fast convergence.
Which interior gateway protocol should they implement?
A.
B.
C.
D.

EIGRP
OSPF
RIPng
BGP

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 214
Which routing protocol classification should you use when full topology information is needed?
A. Link-state

http://www.gratisexam.com

B. Distance vector
C. Stateful
D. Path vector
Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 215
When you are designing a large IPv6 multivendor network, which IGP does Cisco recommend to use?
A.
B.
C.
D.

OSPFv3
EIGRP for IPv6
BGP
RIPng

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 216
When designing the infrastructure protection portion for the Enterprise Edge, which solution would be the most appropriate solution to consider?
A.
B.
C.
D.

802.1x
ACLs in the Core layer
Cisco Security MARS
AAA

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
http://www.gratisexam.com

Cisco MARS = (Cisco Security) Monitoring Analysis and Response System


QUESTION 217
Which two design approaches provide management of Enterprise Network devices? (Choose two.)
A.
B.
C.
D.

In-band
Out-of-line
Out-of-band
In-line

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 218
A network engineer is attempting to separate routing domains using virtualization technology. What protocol can be configured to perform this task?
A.
B.
C.
D.

VLAN
VSAN
VRF
vPC

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 219
What device virtualization technology allows a single point of management and a centralized routing instance?
A.
B.
C.
D.

ACE
VSS
VDC
VM
http://www.gratisexam.com

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 220
What two performance considerations must be taken into account when designing a remote worker access solution? (Choose two.)
A.
B.
C.
D.
E.

Simultaneous VPN connections


Port density
Throughput capacity
Packet size
Latency

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 221
In which network location should an external DNS server be placed?
A.
B.
C.
D.

Campus data center


Enterprise branch
Internet
Remote access

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 222
What submodule is found within the Enterprise Edge module?
A.
B.
C.
D.

Enterprise WAN
Remote branch
Campus IPS
Building distribution

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 223
A company requires a managed WAN solution that supports Layer 2 adjacency across remote offices for applications and services. What solution should be
selected?
A.
B.
C.
D.

DMVPN
MPLS
VPLS
FR

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 224
A circuit has been placed for Gigabit Ethernet and is 80 km from the carrier equipment. What type of SFP will be required?
A.
B.
C.
D.

TX
SX
ZX
LX

http://www.gratisexam.com

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
SFP = Small Form-factor Pluggable
QUESTION 225
A secure WAN design requires dynamic routing and IP multicast. What two VPN protocols meet these requirements?
A.
B.
C.
D.
E.
F.
G.

Standard IPsec
P2P GRE over IPsec
DMVPN
AnyConnect
PPTP
Easy VPN
SSL/TLS

Correct Answer: BC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 226
What branch design supports 100 to 1000 users and integrates ASA firewalls ?
A.
B.
C.
D.

Small
Medium
Large
Extra large

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 227
A network engineer is designing an enterprise managed VPN solution for a large number of remote offices that do not have on-site IT support and communicate
only with the home office.

http://www.gratisexam.com/
What type of VPN solution should be implemented?
A.
B.
C.
D.
E.
F.

VPLS
GRE
IPsec
EVPN
DMVPN
SSL client

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
EVPN = Easy VPN
QUESTION 228
A remote office has a T1 WAN link to headquarters and a T1 Internet connection. The client requests WAN redundancy to headquarters with similar bandwidth.
What two connection types satisfy this requirement? (Choose two.)
A.
B.
C.
D.
E.

Secondary T1 WAN circuit


ISDN BRI
IPsec tunnel over the Internet
DWDM
POTS Line T1 WAN

http://www.gratisexam.com

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
DWDM = Dense Wavelength Division Multiplexing
QUESTION 229
What two features are advantages of adding a secondary WAN link at the Enterprise Edge? (Choose two.)
A.
B.
C.
D.
E.

Provides additional bandwidth and load balancing capabilities


Acts as a a backup link in event the primary link fails
Reduces capital and operational costs
Improves security and prevents against denial of service attacks
Distributes traffic proactively based on link utilization

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 230
What technology can secure data over an insecure medium and provide WAN redundancy in the event of a primary connection failure?
A.
B.
C.
D.

Virtual Private Network


Shadow PVC
Dial-up ISDN
GRE tunnel

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 231
A client wants to consolidate applications that are currently housed at multiple sites to a remote data center. What two design requirements are unique to this
scenario? (Choose two.)
A.
B.
C.
D.
E.

Bandwidth
Security
Latency
Storage
Availability

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 232
What IPv4 addressing technique allows for the division of addresses into subnets of different sizes?
A.
B.
C.
D.

VLSM
RIR
CIDR
NAT

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 233
An organization is conducting an evaluation on the migration to IPv6 within the enterprise network and has requested clarification on recommended migration
strategies.
What three migration models would accomplish the organization's goal? (Choose three.)
A. Dual Stack

http://www.gratisexam.com

B.
C.
D.
E.
F.

Service Block
Top-Down
Hybrid
Tunneled
Fork-Lift

Correct Answer: ABD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 234
An application uses broadcast traffic to send data to IPv4 hosts. How can the application communicate using IPv6?
A.
B.
C.
D.

Anycast
Unicast
Broadcast
Multicast

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 235
What significant advantage does EIGRP have over OSPF?
A.
B.
C.
D.

Easy summarization
Shorter convergence time
Single area operation
Low processor utilization

Correct Answer: B
Section: Single choice

http://www.gratisexam.com

Explanation
Explanation/Reference:
QUESTION 236
What routing protocol requires full mesh between internal peers in an enterprise network?
A.
B.
C.
D.
E.

OSPF
EIGRP
BGP
IS-IS
RIP

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 237
What three considerations should be taken into account when selecting a routing protocol? (Choose three.)
A.
B.
C.
D.
E.
F.

Classful routing
Scalability
Default route origination
Multi vendor support
Link load balancing
Hop count

Correct Answer: BDE


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 238

http://www.gratisexam.com

By default, how does EIGRP's metric differ from OSPF?


A.
B.
C.
D.

Hops
Cost
Bandwidth
Delay

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
Bandwidth or Delay
QUESTION 239
What characteristic separates link state routing protocols from a distance vector?
A.
B.
C.
D.

Creates a topological view of the entire network


Path calculation utilizes a more granular metric
Do not scale well for large networks
Constantly shares link states updates throughout the topology

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 240
A company must deploy an IGP routing protocol on an Enterprise Network. Where should route summarization be implemented?
A.
B.
C.
D.

Distribution
Core
Access
Backbone

Correct Answer: A

http://www.gratisexam.com

Section: Single choice


Explanation
Explanation/Reference:
QUESTION 241
What routing configuration can prevent routing loops between IGPs?
A.
B.
C.
D.

Route filters
Route reflectors
Auto summarization
Virtual links

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 242
What is the first step when creating a network security policy?
A.
B.
C.
D.

Define what should be protected


Investigate how likely an attack is to occur
Implement measures to protect assets
Hire a security firm to perform penetration tests

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 243
A customer requests a filtering design based on the need to scan all internet traffic, including remote workers. What solution meets these requirements?

http://www.gratisexam.com

A.
B.
C.
D.

Cisco Cloud Web Security


Cisco Network Admission Control
Cisco Identity Service Engine
Cisco Adaptive Security Appliance

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
Cisco Cloud Web Security
As a cloud-delivered web proxy, Cloud Web Security provides security and control for the distributed enterprise across one of the top attack vectors: the web.
Users are protected on any device and in any location through Cisco worldwide threat intelligence and advanced threat defense capabilities.
QUESTION 244
A customer wants to support a BYOD environment. What two products allow for posture assessment? (Choose two.)
A.
B.
C.
D.
E.
F.

ACS
NAC
ASA
ISE
WAAS
IDS

Correct Answer: BD
Section: Multiple choice
Explanation
Explanation/Reference:
ACS = Access Control Server
ASA = Adaptive Security Appliance
IDS = Intrusion Detection System
ISE = Identity Services Engine
NAC = Network Admission Control
WAAS = Wide Area Application Services
QUESTION 245
What two CoS values are used by voice traffic? (Choose two.)

http://www.gratisexam.com

A.
B.
C.
D.
E.

CoS 1
CoS 2
CoS 3
CoS 4
CoS 5

Correct Answer: CE
Section: Multiple choice
Explanation
Explanation/Reference:
CoS = Class of Services
QUESTION 246
A client wants to deploy a video conferencing platform in a multisite WAN environment. What two design considerations need to be evaluated? (Choose two.)
A.
B.
C.
D.
E.

Codecs supported by the video units


Buffer sizes on the routers
PoE capabilities of the switches
Number of current calls
Number of hops between sites

Correct Answer: AD
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 247
You want to gather as much detail as possible during a network audit, to include data time stamping across a large number of interfaces, customized according to
interface, with a minimal impact on the network devices themselves. Which tool would you use to meet these requirements?
A.
B.
C.
D.

RMON
SNMPv3
NetFlow
Cisco Discovery Protocol

http://www.gratisexam.com

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 248
In which phase of PPDIOO are the network requirements identified?
A.
B.
C.
D.
E.
F.

Design
Plan
Prepare
Implement
Operate
Optimize

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

Plan Phase
The Plan phase identifies the network requirements based on goals, facilities, and user needs.
This phase characterizes sites and assesses the network, performs a gap analysis against best practice architectures, and looks at the operational environment.
A project plan is developed to manage the tasks, responsible parties, milestones, and resources to do the design and implementation. The project plan aligns with
the scope, cost, and resource parameters established with the original business requirements. This project plan is followed (and updated) during all phases of the
cycle.
QUESTION 249
Which is part of the Prepare phase of PPDIOO?
A.
B.
C.
D.

Obtain site contact information


Perform network audit
Identify customer requirements
Optimize

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:

Prepare Phase

http://www.gratisexam.com

The Prepare phase establishes organization and business requirements, develops a network strategy, and proposes a high-level conceptual architecture to support
the strategy.
Technologies that support the architecture are identified.
This phase creates a business case to establish a financial justification for a network strategy.
QUESTION 250
When designing the identity and access control portions for the enterprise campus network, which of these solutions would be the most appropriate solution to
consider?
A.
B.
C.
D.

802.1x
ACL in the Core Layer
Cisco Security MARS
NetFlow

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 251
Which is the purpose of the Cisco NAC Profiler?
A.
B.
C.
D.

Automates discovery and inventory of all LAN attached devices


Generates a profile based on username and group
Learns and creates a database of virus definitions based on LAN traffic
A database used to map user VPN accounts

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
Cisco NAC Profiler: Enables network administrators to keep a real-time, contextual inventory of all devices in a network.
It greatly facilitates the deployment and management of Cisco Network Admission Control (NAC) systems by discovering and tracking the location and type of all
http://www.gratisexam.com

LAN attached end points, including those that are not capable of authenticating.
It also uses the information about the device to determine the correct policies for NAC to apply.
QUESTION 252
Cisco Identity-Based Networking Services relies heavily on the 802.1x protocol. Which other authentication solution is used hand-in-hand with 802.1x to
authenticate users for network access?
A.
B.
C.
D.
E.

RADIUS
LEAP
IPsec
TACACS
ISAKMP

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
Cisco Identity-Based Network Services
The Cisco Identity-Based Network Services solution is a way to authenticate host access based on policy for admission to the network. IBNS supports identity
authentication, dynamic provisioning of VLANs on a per-user basis, guest VLANs, and 802.1X with port security.
The 802.1 X protocol is a standards-based protocol for authenticating network clients by permitting or denying access to the network. The 802.1 X protocol
operates between the end-user client seeking access and an Ethernet switch or wireless access point (AP) providing the connection to the network. In 802.1 X
terminology, clients are called supplicants, and switches and APs are called authenticates. A back-end RADIUS server such as a Cisco Access Control Server
(ACS) provides the user account database used to apply authentication and authorization.
With an IBNS solution, the host uses 802.IX and Extensible Authentication Protocol over LANs (EAPoL) to send the credentials and initiate a session to the
network. After the host and switch establish LAN connectivity, username and password credentials are requested. The client host then sends the credentials to the
switch, which forwards them to the RADIUS ACS.
The RADIUS ACS performs a lookup on the username and password to determine the credentials' validity. If the username and password are correct, an accept
message is sent to the switch or AP to allow access to the client host. If the username and password are incorrect, the server sends a message to the switch or AP
to block the host port.
QUESTION 253
Which protocol is used to reserve bandwidth for the transport of a particular application data flow across the network?

http://www.gratisexam.com

A.
B.
C.
D.
E.

cRTP
IEEE 802.1P
RSVP
LFI
Auto QoS

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
cRTP = Compressed Real-Time protocol
IEEE 802.1P = class of services in Ethernet header
RSVP = Resource Reservation Protocol
LFI = Link Fragmentation and Interleaving
RSVP : Signaling protocol that enables end stations or applications to obtain guaranteed bandwidth and low delays for their data flows (depreciated today).
QUESTION 254
Which four services does the architecture for Media Services contain? (Choose four.)
A.
B.
C.
D.
E.
F.
G.
H.

Access services
Transport services
Storage services
Forwarding services
Session control services
Security services
Filtering services
Remote access services

Correct Answer: ABCE


Section: Multiple choice
Explanation
Explanation/Reference:
An architecture framework for media services supports different models of video models. As shown in figure, the network provides service to video media in the
Media Services Framework. Those services are access services, transport services, bridging services, storage servers, and session control services, which arc
provided to end points.

http://www.gratisexam.com

QUESTION 255
Which IPv6 feature enables routing to distribute connection requests to the nearest content server?
A.
B.
C.
D.
E.

Link-local
Site-local
Anycast
Multicast
Global aggregatable

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
Anycast is a network addressing and routing methodology in which data grams from a single sender are routed to the topologically nearest node in a group of
potential receivers all identified by the same destination address.

http://www.gratisexam.com

QUESTION 256
What is the recommended spanning tree protocol to use for all Layer 2 deployments in a branch office environment?
A.
B.
C.
D.
E.

CST
RSPT
PVST
MISTP
Rapid PVST+

Correct Answer: E
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 257
Which two are types of network virtualization? (Choose two.)
A.
B.
C.
D.
E.
F.

VSS: Virtual Switching System


VRF: Virtual Routing and Forwarding
VCI: Virtual Channel Identifier
VLSM: Variable Length Subnet Masking
VM: Virtual Machine
VMP: Virtual Memory Pool

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
Network virtualization encompasses logical isolated network segments that share the same physical infrastructure. Each segment operates independently and is
logically separate from the other segments. Each network segment appears with its own privacy, security, independent set of policies, QoS levels, and independent
routing paths.
Here are some examples of network virtualization technologies:
VLAN: Virtual local-area network

http://www.gratisexam.com

VSAN: Virtual storage-area network


VRF: Virtual routing and forwarding
VPN: Virtual private network
vPC: Virtual Port Channel
QUESTION 258
You are tasked with designing a new branch office that will support 75 users with possible expansion in the future and will need a highly available network.
Which of the branch design profiles should be implemented?
A.
B.
C.
D.

Large branch design


Medium branch design
Teleworker design
Small branch design

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
Medium Branch Design
The medium branch design is recommended for branch offices of 50 to 100 users, which is similar to the small branch but with an additional access router in the
WAN edge (slightly larger) allowing for redundancy services. Typically, two 2921 or 2951 routers are used to support the WAN, and separate access switches are
used to provide LAN connectivity.
QUESTION 259
Which two can be used as a branch office WAN solution? (Choose two.)

http://www.gratisexam.com/

A. Frame Relay
B. MPLS
C. Metro Ethernet

http://www.gratisexam.com

D. GPRS
E. Dial-up modem
F. 3G USB modems
Correct Answer: BC
Section: Multiple choice
Explanation
Explanation/Reference:
Frame relay is an old 'shared' technology today's sites use some flavor or Metro E or MPLS/VPN.
QUESTION 260
Drag the WAN characteristics on the left to the branch office model where it would most likely to
be used on the right.
Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
Small Branch Design
The small branch design is recommended for branch offices that do not require hardware redundancy and that have a small user base supporting up to 50 users.
This profile consists of an access router providing WAN services and connections for the LAN services.
The Layer 3 WAN services are based on the WAN and Internet deployment model. A T1 is used for the primary link, and an ADSL secondary link is used for
backup. Other network fundamentals are supported, such as EIGRP, floating static routes, and QoS for bandwidth protection.
Medium Branch Design
The medium branch design is recommended for branch offices of 50 to 100 users, which is similar to the small branch but with an additional access router in the
WAN edge (slightly larger) allowing for redundancy services.
Large Branch Design
The large branch design is the largest of the branch profiles, supporting between 100 and 1000 users. This design profile is similar to the medium branch design in

http://www.gratisexam.com

that it also provides dual access routers in the WAN edge. In addition, dual Adaptive Security Appliances (ASA) are used for stateful firewall filtering, and dual
distribution switches provide the multilayer switching component. The WAN services use an MPLS deployment model with dual WAN links into the WAN cloud.
QUESTION 261
Your company's Cisco routers are operating with EIGRP. You need to join networks with an acquisition's heterogeneous routers at 3 sites, operating with EIGRP
and OSPF.
Which describes the best practice for routing protocol deployment?
A.
B.
C.
D.
E.
F.

Apply OSPF throughout both networks


Apply one-way redistribution exclusively at each location
Apply two-way redistribution exclusively at each location
Apply two-way redistribution at each location with a route filter at only one location
Apply two-way redistribution at each location with a route filter at each location
Apply EIGRP with the same autonomous system throughout both networks

Correct Answer: E
Section: Single choice
Explanation
Explanation/Reference:
Without filters there is possibility of routing loops.
QUESTION 262
Which one of these statements is an example of how trust and identity management solutions should be deployed in the enterprise campus network?
A. Authentication validation should be deployed as close to the data center as possible.
B. Use the principle of top-down privilege, which means that each subject should have the privileges that are necessary to perform their defined tasks, as well as
all the tasks for those roles below them.
C. Mixed ACL rules, using combinations of specific sources and destinations, should be applied as close to the source as possible.
D. For ease of management, practice defense in isolation - security mechanisms should be in place one time, in one place.
Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
Validating user authentication should be implemented as close to the source as possible, with an emphasis on strong authentication for access from untrusted
networks. Access rules should enforce policy deployed throughout the network with the following guidelines:

http://www.gratisexam.com

* Source-specific rules with any type destinations should be applied as close to the source as possible.
* Destination-specific rules with any type sources should be applied as close to the destination as possible.
* Mixed rules integrating both source and destination should be used as close to the source as possible.
An integral part of identity and access control deployments is to allow only the necessary access. Highly distributed rules allow for greater granularity and scalability
but, unfortunately, increase the management complexity. On the other hand, centralized rule deployment eases management but lacks flexibility and scalability.
Practicing defense in depth by using security mechanisms that back each other up is an important concept to understand. For example, the perimeter Internet
routers should use ACLs to filter packets in addition to the firewall inspecting packets at a deeper level.
QUESTION 263
When designing the threat detection and mitigation portion for the enterprise data center network, which of the following would be the most appropriate solution to
consider?
A.
B.
C.
D.

802.1x
ACL in the Core layer
Cisco Security MARS
Cisco Firewall Services Module

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
Cisco Security Monitoring, Analysis, and Response System (MARS) facilitates this process by:
* Identifying threats on the Cisco network by "learning" the topology, configuration, and behavior of your environment
* Making precise recommendations for threat mitigation, including the ability to visualize the attack path and identify the source of the threat
* Simplifying incident management and response through integration with Cisco Security Manager security management software
QUESTION 264
You have a campus network that consists of only Cisco devices. You have been tasked to discover the device platforms, the IOS versions, and an IP address of
each device to map the network.
Which proprietary protocol will assist you with this task?
A. SNMP
B. TCP
C. CDP

http://www.gratisexam.com

D. ICMP
E. LLDP
Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 265
Which three technologies are recommended to be used for WAN connectivity in today's Enterprise Edge designs? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

DWDM
Metro Ethernet
Frame relay
MPLS VPN
ISDN
DSL
Wireless

Correct Answer: ABD


Section: Multiple choice
Explanation
Explanation/Reference:
DWDM = Dense Wavelength Division Multiplexing
There is some discussion about whether ISDN not DWDM should be the answer but it does say TODAYS network.
QUESTION 266
Which WLC interface is dedicated for WLAN client data?
A.
B.
C.
D.
E.

Virtual interface
Dynamic interface
Management interface
AP manager interface
Service port interface

http://www.gratisexam.com

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
WLC Interface Types
A WLC has five interface types:
* Management interface (static, configured at setup, mandatory) is used for in-band management, connectivity to AAA, and Layer 2 discovery and association.
* Service-port interface (static, configured at setup, optional) is used for out-of-band management. It is an optional interface that is statically configured.
* AP manager interface (static, configured at setup, mandatory except for 5508 WLC) is used for Layer 3 discovery and association. It has the source IP address
of the AP that is statically configured.
* Dynamic interface (dynamic) is analogous to VLANs and is designated for WLAN client data.
* Virtual interface (static, configured at setup, mandatory) is used for leaver 3 security authentication, DHCP relay support, and mobility management.
QUESTION 267
The first phase of PPDIOO entails identifying customer requirements.
Drag the example on the left to the associated requirement on the right.
Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
QUESTION 268
During which phase of the PPDIOO model would you conduct interviews with supporting staff to develop and propose a viable solution?
A.
B.
C.
D.
E.
F.

Prepare
Plan
Design
Implement
Operate
Optimize

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

Prepare Phase
The Prepare phase establishes organization and business requirements, develops a network strategy, and proposes a high-level conceptual architecture to support
the strategy. Technologies that support the architecture are identified. This phase creates a business case to establish a financial justification for a network
strategy.
QUESTION 269
Drag the description or characteristic on the left to the appropriate technology or protocol on the right.
Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
QUESTION 270
Click and drag the phases of the PPDIOO network lifecycle approach on the left to their order on the right.
Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
QUESTION 271
Characterizing an existing network requires gathering as much information about the network as possible. Which of these choices describes the preferred order for
the information-gathering process?
A.
B.
C.
D.

Site and network audits, traffic analysis, existing documentation and organizational input
Existing documentation and organizational input, site and network audits, traffic analysis
Traffic analysis, existing documentation and organizational input, site and network audits
Site and network audits, existing documentation and organizational input, traffic analysis

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
This section describes the steps necessary to characterize the existing network infrastructure and all sites. This process requires three steps:
Step 1. Gather existing documentation about the network, and query the organization to discover additional information. Organization input, a network audit, and
traffic analysis provide the key information you need. (Note that existing documentation may be inaccurate.)
Step 2. Perform a network audit that adds detail to the description of the network. If possible, use traffic-analysis information to augment organizational input when

http://www.gratisexam.com

you are describing the applications and protocols used in the network.
Step 3. Based on your network characterization, write a summary report that describes the health of the network. With this information, you can propose hardware
and software upgrades to support the network requirements and the organizational requirements.
QUESTION 272

Which statement accurately represents the characteristics of the core layer in this design?
A. QoS should only be performed only in the core
B. Load balancing should never be implemented or used
C. Access lists should be used in the core to perform packet manipulation

http://www.gratisexam.com

D. Partial mesh should be used as long as it is connected to each device by multiple paths
E. Policy-based traffic control should be implemented to enable prioritization and ensure the best performance for all time-critical applications
Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 273
Which three modular components are part of the Cisco Enterprise Edge Architecture? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

E-commerce module
Internet connectivity module
Server farm module
Remote access and VPN module
PSTN services module
Enterprise branch module
Building distribution module

Correct Answer: ABD


Section: Multiple choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 274
Drag the characteristics of the traditional campus network on the left to the most appropriate hierarchical network layer on the right.
Select and Place:

http://www.gratisexam.com

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
Large-building LANs are segmented by floors or departments.
The building-access component serves one or more departments or floors. The building-distribution component serves one or more building-access components.
Campus and building backbone devices connect the data center, building-distribution components, and the enterprise edge-distribution component. The access
layer typically uses Layer 2 switches to contain costs, with more expensive Layer 3 switches in the distribution layer to provide policy enforcement. Current best
practice is to also deploy multilayer switches in the campus and building backbone.
QUESTION 275
Drag the network function on the left to the functional area or module where it is most likely to be performed in the enterprise campus infrastructure on the right.

http://www.gratisexam.com

Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
QUESTION 276
Where in the Cisco Enterprise Architecture model does network management reside?
A. Enterprise data center module
B. Enterprise campus module

http://www.gratisexam.com

C. Enterprise edge module


D. Service Provider edge module
E. Service Provider data center module
Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:

The network management servers reside in the campus infrastructure but have tie-ins to all the components in the enterprise network for monitoring and
management.
QUESTION 277
Drag the security prevision on the left to the appropriate Network module on the right.

http://www.gratisexam.com

Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
Building access layer:
Protect network services including DHCP, ARP, and IP spoofing protection
Protect against inadvertent loops
Building distribution layer:
Protect the end points using network-based intrusion prevention
Protect the infrastructure using NFP best practices
Campus Core:
Does not perform any security functions to mitigate transit

http://www.gratisexam.com

Filter and rate-limits control-plane traffic


QUESTION 278
Which three solutions are part of the Borderless Network Services? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Wireless
Routing
TrustSec
MediaNet
Swicthing
EnergyWise
Next-Gen WAN

Correct Answer: CDF


Section: Multiple choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 279
The evolution of the Data Center is best represented by the 3.0 architecture component of virtualization. Which of the following is not an example of the
virtualization taking place in the Data Center?
A. Virtualized media access utilizing Fiber Channel over Ethernet
B. VLANs and virtual storage area networks (VSANs) provide for virtualized LAN and SAN connectivity, separating physical networks and equipment into virtual
entities
C. Virtual Machines that run an application within the client operating system, which is further virtualized and running on common hardware
D. Storage devices virtualized into storage pools, and network devices are virtualized using device contexts
Correct Answer: A

http://www.gratisexam.com

Section: Single choice


Explanation
Explanation/Reference:
QUESTION 280
Which layer of the OSI model does Cisco recommend to place the enterprise network core layer, when designing a network based on its switched hierarchical
design?
A.
B.
C.
D.

Layer 1
Layer 2
Layer 3
Layer 4

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 281
Which Cisco technology using Nexus NX-OS infrastructure allows the network architect to create up to four separate control and data plane instances of the Nexus
chassis?
A.
B.
C.
D.

vPC (Virtual port-channel)


VRF (Virtual Routing and Forwarding)
VSS (Virtual Switching System)
VDC (Virtual Device Context)

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
Virtualization
Virtual local-area network (VLAN), virtual storage-area network (VSAN), and virtual device contexts (VDC) help to segment the LAN, SAN, and network devices
instances.
http://www.gratisexam.com

Cisco Nexus 1000V virtual switch for VMware ESX and ESXi help to deliver visibility and policy control for virtual machines (VM).
Flexible networking options with support for all server form factors and vendors, including support for blade servers from Cisco, Dell, IBM, and HP with integrated
Ethernet and Fiber Channel switches.
QUESTION 282
Which three options are valid Cisco STP tools used to ensure best-practice access layer design for the enterprise campus? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

PortFast
UDLD
Root Guard
BPDU Guard
Flex Links
SPAN
EtherChannel

Correct Answer: ACD


Section: Multiple choice
Explanation
Explanation/Reference:
Access layer Limit VLANs to a single closet when possible to provide the most deterministic and highly available topology.
Use RPVST+ if STP is required. It provides the best convergence.
Set trunks to ON and ON with no-negotiate
Manually prune unused VLANs to avoid broadcast propagation.
Use VTP Transparent mode, because there is little need for a common VLAN database in hierarchical networks.
Disable trunking on host ports, because it is not necessary. Doing so provides more security and speeds up Port Fast.
Consider implementing routing in the access layer to provide fast convergence and Layer 3 load balancing.
Use Cisco STP Toolkit, which provides Port Fast, Loop Guard, Root Guard, and BPDU Guard.
QUESTION 283
Spanning Layer 2 across geographically separate data centers is a key consideration for current data center designs. Which is the name of the NX-OS technology

http://www.gratisexam.com

that facilitates MAC in IP transport for Layer 2 VLANs across any IP network?
A.
B.
C.
D.

Overlay Transport Virtualization (OTV)


Virtual Private LAN Services (VPLS)
Generic Routing Encapsulation (GRE)
Q-in-Q tunneling

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 284
When selecting which hardware switches to use throughout an enterprise campus switched network, which consideration is not relevant?
A.
B.
C.
D.

Whether data link layer switching based upon the MAC address is required
The number of shared media segments
Which infrastructure service capabilities are required
Whether to support Layer 3 services at the network edge

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
Shared media are not used in modern networks; all links are operating full-duplex.
QUESTION 285
Which two of these practices are considered to be best practices when designing the access layer for the enterprise campus? (Choose two.)
A.
B.
C.
D.
E.

Implement all of the services (QoS, security, STP, and so on) in the access layer, offloading the work from the distribution and core layers.
Always use a Spanning Tree Protocol; preferred is Rapid PVST+.
Use automatic VLAN pruning to prune unused VLANs from trunked interfaces to avoid broadcast propagation.
Avoid wasted processing by disabling STP where loops are not possible.
Use VTP transparent mode to decrease the potential for operational error.

http://www.gratisexam.com

Correct Answer: BE
Section: Multiple choice
Explanation
Explanation/Reference:
When designing the building access layer, you must consider the number of users or ports required to size up the LAN switch. Connectivity speed for each host
should also be considered. Hosts might be connected using various technologies such as Fast Ethernet, Gigabit Ethernet, or port channels. The planned VLANs
enter into the design.
Performance in the access layer is also important. Redundancy and QoS features should be considered.
The following are recommended best practices for the building access layer:
* Limit VLANs to a single closet when possible to provide the most deterministic and highly available topology.
* Use Rapid Per-VLAN Spanning Tree Plus (RPVST+) if STP is required. It provides the faster convergence than traditional 802.1d default timers.
* Set trunks to ON and ON with no-negotiate.
Manually prune unused VLANs to avoid broadcast propagation (commonly done on the distribution switch).
* Use VLAN Trunking Protocol (VTP) Transparent mode, because there is little need for a common VLAN database in hierarchical networks.
* Disable trunking on host ports, because it is not necessary. Doing so provides more security and speeds up PortFast.
* Consider implementing routing in the access layer to provide fast convergence and Layer 3 load balancing.
* Use the switchport host commands on server and end-user ports to enable PortFast and disable channeling on these ports.
* Use Cisco STP Toolkit, which provides:
> PortFast: Bypass listening-learning phase for access ports
> Loop Guard. Prevents alternate or root port from becoming designated in absence of bridge protocol data units (BPDU)
> Root Guard. Prevents external switches from becoming root
> BPDU Guard. Disables PortFast-enabled port if a BPDU is received
QUESTION 286
The enterprise campus core layer has requirements that are unique from the distribution and access layers. Which of the following is true about the core layer?
A. The core layer provides convergence using Layer 2 and Layer 3 services and features
B. The core layer provides high availability to support the distribution layer connections to the enterprise edge
C. The campus core layer is optional

http://www.gratisexam.com

D. The core layer requires high performance to manage the traffic policing across the backbone
Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 287
Drag the technology on the left to the type of enterprise virtualization where it is most likely to be found on the right.
Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
Network Virtualization:
* VPC
* VLAN
* VRF
Device Virtualization:
* ASA firewall context
* IPS
* VDC
Network virtualization encompasses logical isolated network segments that share the same physical infrastructure. Each segment operates independently and is
logically separate from the other segments. Each network segment appears with its own privacy, security, independent set of policies, QoS levels, and independent

http://www.gratisexam.com

routing paths.
Device virtualization allows for a single physical device to act like multiple copies of itself. Device virtualization enables many logical devices to run independently of
each other on the same physical piece of hardware. The software creates virtual hardware that can function just like the physical network device. Another form of
device virtualization entails using multiple physical devices to act as one logical unit.
QUESTION 288

http://www.gratisexam.com

http://www.gratisexam.com/

Which statement is true concerning enterprise edge distribution switches?


A.
B.
C.
D.

The speed of switching is the most critical feature


Security requirements are offloaded to the other modules for performance reasons
Edge distribution switches are only required when using a collapsed core backbone
Enterprise edge distribution switches are similar to the building distribution layer

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 289
Which is a factor in enterprise campus design decisions?
A.
B.
C.
D.

Network application characteristics


Routing protocol characteristics
Switching latency characteristics
Packet filtering characteristics

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 290

http://www.gratisexam.com

Which network virtualization technology involves creating virtual routers with its own individual routing tables on a physical router?
A.
B.
C.
D.

VSS
vPC
VRF
VLAN

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 291
Drag the network characteristic on the left to the design method on the right which will best ensure redundancy at the building distribution layer.
Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
Layer 2 between distribution and access layers, with a Layer 3 link between the distribution switches
-> FHRP for convergence, no VLANs span between access layer switches across the distribution switches
Layer 2 between distribution and access layers, with a Layer 2 link between the distribution switches
-> Support Layer 2 VLANs spanning multiple access layer switches across the distribution switches
VSS
-> Convergence (FHRP) is not an issue
QUESTION 292
Which three are associated with the distribution layer within the campus design? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Access layer aggregation


Route summarization
Network trust boundary
Next-hop redundancy
Layer-2 switching
Port security
Broadcast suppression

http://www.gratisexam.com

Correct Answer: ABD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 293
High availability is a key design consideration in the enterprise campus network. In a fully redundant topology, which is likely to provide faster IGP convergence
during a failure?
A.
B.
C.
D.

Redundant supervisors
Redundant supervisors with Cisco Nonstop Forwarding (NSF) and Stateful Switchover (SSO)
Single supervisors with tuned IGP timers
Single supervisors

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 294
In the enterprise data center, which are the three main components? (Choose three.)
A.
B.
C.
D.
E.
F.

Network Infrastructure
Interactive services
Data Center Management
Internet services
WAN services
VPN and remote access

Correct Answer: ABC


Section: Multiple choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 295
Drag the associated virtualization tool or solution on the left to the appropriate design requirement on the right.
Select and Place:

Correct Answer:

Section: Select and Place


Explanation
Explanation/Reference:
QUESTION 296
When designing using the Cisco Enterprise Architecture, in which Enterprise Campus layer does the Remote Access and VPN module establish its connection?
http://www.gratisexam.com

A.
B.
C.
D.

Building Access
Campus Core
Enterprise Branch
Enterprise Data Center

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 297
Drag the WAN technology on the left to the most appropriate category on the right.
Select and Place:

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 298
You need to connect to a remote branch office via an Internet connection. The remote office does not use Cisco equipment. This connection must be secure and
must support OSPF.
Which of the following can be used to transport data to the branch office?
A.
B.
C.
D.

GRE over IPsec


IPsec
GRE
IPsec VTI

Correct Answer: A
Section: Single choice
Explanation

http://www.gratisexam.com

Explanation/Reference:
QUESTION 299
Which two are characteristics of a Lightweight Access Point? (Choose two.)
A.
B.
C.
D.

Managed via a central wireless LAN controller


Code upgrade performed via a TFTP server
CAPWAP tunnels
Managed directly via CLI or web interface

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 300
Which one of these statements describes why, from a design perspective, a managed VPN approach for enterprise teleworkers is most effective?
A.
B.
C.
D.

A managed VPN solution uses a cost-effective, on-demand VPN tunnel back to the enterprise
This solution supports all teleworkers who do not require voice or video
This architecture provides centralized management where the enterprise can apply security policies and push configurations
It provides complete flexibility for remote access through a wireless hotspot or a guest network at a hotel, in addition to a home office

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 301
What are three key areas that need to be considered when designing a remote data center? (Choose three.)
A. Power diversity
B. Active Directory services

http://www.gratisexam.com

C.
D.
E.
F.
G.

Cisco IOS versions


Data storage
Applications
User access
Packet routing

Correct Answer: ADE


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 302
Which model of ISR is utilized for the teleworker design profile?
A.
B.
C.
D.

Cisco 1900 Series


Cisco 1800 Series
Cisco 800 Series
Cisco 500 Series

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 303
When designing a WAN backup for voice and video applications, what three types of connections should be used? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Private WAN
Internet
ISDN
MPLS
Dial-up
ATM
DSL

http://www.gratisexam.com

Correct Answer: ACD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 304
When designing for a remote worker, which two are typical requirements? (Choose two.)
A.
B.
C.
D.
E.
F.

Best-effort interactive and low-volume traffic patterns


Connections to the enterprise edge using Layer 2 WAN technologies
Always-on connection with SLA from ISP
Voice and IPsec VPN support
High-end security devices with stateful firewall filtering
Dual or multihoming to ISPs

Correct Answer: CD
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 305
Which two routing protocols operate over NBMA point-to-multipoint networks without the use of point-to-point sub interfaces? (Choose two.)
A.
B.
C.
D.
E.

RIPv1
RIPv2
IS-IS
EIGRP
OSPF

Correct Answer: DE
Section: Multiple choice
Explanation
Explanation/Reference:
http://www.gratisexam.com

QUESTION 306

Which three modules would typically utilize public IPv4 addressing? (Choose three.)
A.
B.
C.
D.
E.

Access
Distribution
Core
Data Center
E-Commerce

http://www.gratisexam.com

F.
G.
H.
I.
J.

Internet Connectivity
Remote Access/VPN
WAN/MAM
Branch
Branch Data Center

Correct Answer: EFG


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 307
With respect to IPv6 addressing, from a design perspective, which of these statements is it important to keep in mind?
A.
B.
C.
D.

IPv6 addressing provides convenience of anycast addressing without any configuration requirements
IPv6 does not use multicast addressing
An IPv6 router will not forward packets from one link to other links if the packet has either a link-local source or a link-local destination address
Dynamic address assignment requires DHCPv6

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 308
Which consideration is the most important for the network designer when considering IP routing?
A.
B.
C.
D.

Convergence
Scalability
On-demand routing
Redistribution

Correct Answer: A
Section: Single choice

http://www.gratisexam.com

Explanation
Explanation/Reference:
QUESTION 309
Your supervisor has asked you to deploy a routing protocol within the lab environment that will allow for unequal cost multipath routing. Which should you choose?
A.
B.
C.
D.

EIGRP
OSPF
IS-IS
RIP

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 310
Which two methods are used to reduce the mesh links required between iBGP peers in the same AS? (Choose two.)
A.
B.
C.
D.
E.
F.

Community
Router reflectors
Local preferences
Confederations
Atomic Aggregate
MED

Correct Answer: BD
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 311
A company wants to use private IP addresses for all its internal hosts. Which technology can the company use to provide access to the Internet using a single

http://www.gratisexam.com

public IP address?
A.
B.
C.
D.

Static NAT
Source routing
ACL
PAT

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 312
Which two link state routing protocols support IPv6 routing? (Choose two.)
A.
B.
C.
D.
E.

BGP4+
OSPF
RIPng
EIGRP
IS-IS

Correct Answer: BE
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 313
What is the most compact representation of the following IPv6 address: 2001:db8:0000:0000:cafe:0000:0000:1234 ?
A.
B.
C.
D.

2001:db8::cafe::1234
2001:db8::cafe:0000:0000:1234
2001:db8:0:0:cafe::1234
2001:db8::cafe:0:1234

http://www.gratisexam.com

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 314
Which is usually used to connect to an upstream ISP?
A.
B.
C.
D.
E.

EIGRP
OSPF
BGP
IS-IS
RIPv2

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 315
You are designing a network that requires a routing protocol that will use minimal network bandwidth. Which would satisfy this requirement?
A.
B.
C.
D.
E.

RIPv2
RIPng
OSPF
ARP
EGP

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 316
Which two statements best describe an OSPF deployment? (Choose two.)
A.
B.
C.
D.
E.

ABR provides automatic classful network boundary summarization


ABR requires manual configuration for classful network summarization
External routes are propagated into the autonomous system from stub areas via ASBR
External routes are propagated into the autonomous system from regular areas or NSSA via ASBR
External routes are propagated into the autonomous system from regular areas or NSSA via ABR

Correct Answer: BD
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 317
Which three items pertain to EIGRP? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Can use multiple unequal paths


Routes are redistributed as type 2 by default
ASN and K values must match to form neighbors
Uses multicast address 224.0.0.9 for updates
Exchanges full routing table every 30 seconds
Summary routes have AD of 90
External routes have AD of 170

Correct Answer: ACG


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 318
Which statement should the designer keep in mind when considering the advanced routing features?

http://www.gratisexam.com

http://www.gratisexam.com/

A.
B.
C.
D.
E.

One-way route redistribution avoids the requirement for static or default routes
Redistribution, summarization, and filtering are most often applied between the campus core and enterprise edge
Filtering only occurs on the routing domain boundary using redistribution
Summarize routes at the core toward the distribution layer
The hierarchical flexibility of IPv6 addressing avoids the requirement for routing traffic reduction using aggregation

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 319
When designing an EIGRP network, which two things should you take into consideration? (Choose two.)
A.
B.
C.
D.
E.

ASN and K values must match


The neighbor command can be used to enable unicast communication
The neighbor diameter cannot exceed a 15-hops limit
NSSA areas can be used to redistribute external routes
Neighbor relationship can be established with non-Cisco routers

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 320
http://www.gratisexam.com

You are asked to design a new branch office that will need to support 25 users. These users will be using an ISP connection and will need to connect to the main
office for network services. Which two Cisco devices are the most appropriate to fulfill all of these requirements? (Choose two.)
A.
B.
C.
D.
E.
F.

Cisco IPS
Cisco ISR G2
Cisco ASA
Cisco 2960
Cisco CRS-1
Cisco ACS

Correct Answer: BC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 321
Which three statements are true regarding the virtual interface on a Cisco Wireless LAN Controller? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Support mobility management


Serves as DHCP relay
Used for all controller to AP communication
Supports embedded Layer 3 security
Default for out-of-band management
Default for in-band management
Provides connectivity to AAA servers

Correct Answer: ABD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 322
A campus network needs end-to-end QoS tools to manage traffic and ensure voice quality. Which three types of QoS tools are needed? (Choose three.)

http://www.gratisexam.com

A.
B.
C.
D.
E.
F.

Interface queuing and scheduling


Congestion management
Compression and fragmentation
Bandwidth provisioning
Traffic classification
Buffer management

Correct Answer: ADE


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 323
Your supervisor wants you to recommend a management protocol that will allow you to track overall bandwidth utilization, utilization by traffic type, and utilization by
source and destination. Which is ideally suited for this function?
A.
B.
C.
D.

MRTG
NetFlow
RRD
SNMP

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 324
Which subnet address and mask would you use for all Class D multicast addresses to be matched within an access list?
A.
B.
C.
D.
E.

224.0.0.0/20
224.0.0.0/4
239.0.0.0/24
239.0.0.0/8
225.0.0.0/8

http://www.gratisexam.com

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 325
Which two devices would you place in your DMZ to ensure enterprise edge security? (Choose two.)
A.
B.
C.
D.
E.

IPS
NAC
ASA
ACS
WCS

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
ACS = Access Control System
ASA = Adaptive Security Appliance
IPS= Intrusion Prevention System
NAC = network Admission Control
WCS = Wireless Control System
QUESTION 326
Which three are security services offered through Cisco Router Security? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Trust and Identity


Integrated Threat Control
Unified Wireless Network Security Solution
Secure Connectivity
Voice-Messaging Security
Endpoint Security
Virtual Security Gateway

http://www.gratisexam.com

Correct Answer: ABD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 327
Which voice codec should you use in order to provide toll quality calls?
A.
B.
C.
D.

G.711
G.718
G.722
G.729

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 328
Which three are features of LWAPP? (Choose three.)
A.
B.
C.
D.
E.
F.
G.

Firmware synchronization
Local management of APs
Configuration changes manually synced
Encryption of control channel
Configuration data only on the WLC
Wireless control free operation
Replaces 802.1x for authentication in wireless connections

Correct Answer: ADE


Section: Multiple choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 329
A company has dark fiber between headquarters and its data center. It is presently configured as a 10GbE connection. Network utilization shows high utilization on
the connection. What technology can be implemented to increase capacity without acquiring another circuit?
A.
B.
C.
D.

MPLS
DWDM
VPLS
DMVPN

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
DWDM = Dense Wavelength Division Multiplexing
QUESTION 330
What wireless authentication option requires a Public Key Infrastructure?
A.
B.
C.
D.

EAP-TLS
PEAP
LEAP
EAP-FAST

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 331
What two access point modes support the transmission of user traffic over a LWAPP/CAPWAP tunnel? (Choose two.)
A.
B.
C.
D.

Local
H-REAP
Rogue detector
Monitor
http://www.gratisexam.com

E. Sniffer
F. Standalone
Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
H-REAP = Hybrid Remote Edge Access Point
QUESTION 332
What is the primary advantage of implementing a wireless LAN controller in a wireless LAN design?
A.
B.
C.
D.

Roaming between APs


RADIUS user authentication
Radio resource management
accelerated data transfer

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 333
A wireless LAN client is sending traffic to the wired LAN client. What path will the packet take to reach the destination endpoint in a lightweight wireless
deployment?
A.
B.
C.
D.

Switch > controller > ap > client


Controller > ap > switch > client
AP > controller > switch > client
Switch > ap > controller > client

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 334
You design a network with the following network addresses:
192.168.168.0
192.168.169.0
192.168.170.0
192.168.171.0
192.168.172.0
192.168.173.0
192.168.174.0
192.168.175.0
Which route address is the best summary of these network addresses?
A.
B.
C.
D.
E.

192.168.0.0/24
192.168.171.128/3
192.168.168.0/21
192.168.175.0/3
192.168.0.0/16

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 335
Which option is an advantage of the bottom-up design model?
A.
B.
C.
D.

Focuses on the needs of user communities


Includes a thorough analysis of customer requirements
Facilitates a quick response to client requests
Produces a "big-picture" of the desired outcome

Correct Answer: C
Section: Single choice
Explanation
http://www.gratisexam.com

Explanation/Reference:
QUESTION 336
A large company requests a hierarchical design model. What tier should be free of physically connected hosts?
A.
B.
C.
D.

Core
Access
Aggregation
Distribution

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 337
An organization is redesigning a 3-tier hierarchical network into a collapsed core. What design issue is a primary concern per Cisco best practices?
A.
B.
C.
D.

Services delineation
Port density
Feature availability
Resource utilization

Correct Answer: D
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 338
What three design best practices are key functions of the distribution layer? (Choose three.)
A. Fault domain isolation
B. Admission control

http://www.gratisexam.com

C.
D.
E.
F.

Access switch aggregation


QoS tagging
Address summarization
End user and application isolation

Correct Answer: ACE


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 339
A network engineer is tasked to upgrade and expand a large existing production network. From the IOS CLI, what two protocols can be used to build a topology
map of the existing network? (Choose two.)
A.
B.
C.
D.
E.

SNMP
IP SLA
ICMP Echo
LLDP
Traceroute

Correct Answer: DE
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 340
A network engineer has finished designing and implementing a new network. What two protocols would they use to gain insight into the network and determine the
components that require optimization? (Choose two.)
A.
B.
C.
D.
E.

CDP
NetFlow
ICMP Echo
NMAP
SNMP

http://www.gratisexam.com

Correct Answer: BE
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 341
What are two benefits of a structured IPv4 addressing scheme? (Choose two.)
A.
B.
C.
D.
E.

reduces routing table size


Provides increased security
Allows for address translation to be performed
Improves manageability and troubleshooting
Increases high availability

Correct Answer: AD
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 342
What are two reasons discontinuous IPv4 networks hinder scalability? (Choose two.)
A.
B.
C.
D.
E.

Routing table bloat


Inability to utilize automatic summarization
Insufficient IP addresses
Slowed packet forwarding
Delayed interface queuing

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
to bloat = to increase

http://www.gratisexam.com

QUESTION 343
GRE has been used to establish a routing-protocol neighbor relationship between two routers, across the public Internet. Which technology can you use to encrypt
this communication channel?

http://www.gratisexam.com/

A.
B.
C.
D.

Access lists
IPsec
CBAC
IPS

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 344
Which option is a benefit of Cisco Discovery Protocol?
A.
B.
C.
D.

Provides information about directly connected Cisco devices


Provides greater detail about collected data, including time stamping
Combines with the network layer data that is gathered by NetFlow when using a NetFlow collector
Part of the IEEE 802.1ab standard

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 345
Which three QoS levels should VoIP clients be set to on a Cisco WLC? (Choose three.)
A.
B.
C.
D.
E.
F.

Platinium
Bronze
Gold
Silver
Premier
Critical

Correct Answer: ACD


Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 346

What is the optimal device and location to fulfill these requirements?

http://www.gratisexam.com

A.
B.
C.
D.
E.

IPS inline
IPS inline inside of the firewall
Cisco IOS IPS on the border router
passive IPS connected to a SPAN port outside of the firewall
passive IPS connected to a SPAN port inside of the firewall

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 347
A remote worker for a sales company must submit daily updates via the company email system. The employee does not have a company-issued laptop, so which
VPN method is used for connectivity to the company email server?
A.
B.
C.
D.

DMVPN
SSL VPN
IPsec VPN
GET VPN

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 348

http://www.gratisexam.com

Which functionality must be enabled on router A to connect two networks for translating private addresses into "legal" public addresses on a one-for-one basis?
A.
B.
C.
D.
E.

PAT
NAT
VLAN
GARP
PPP

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 349

http://www.gratisexam.com

You are designing routing between building distribution switches and campus core switches. Assuming that all links have the same speed, which statement about
these designs is true?
A.
B.
C.
D.

Option A has more fault tolerance but slower convergence than Option B
Option A has more fault tolerance and faster convergence than Option B
Option B has more fault tolerance but slower convergence than Option A
Option B has more fault tolerance and faster convergence than Option A

Correct Answer: B
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 350
Which technology should a company use to connect a branch office to headquarters via an Internet connection while maintaining confidentiality and the flexibility to
run a routing protocol between the two locations?
A.
B.
C.
D.

GRE over IPsec


IPsec
GRE
SSL VPN

http://www.gratisexam.com

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 351
A network engineer needs to create a controller-based, high-density RF design. Which two factors determine the cell size? (Choose two.)
A.
B.
C.
D.
E.

Antenna type
ClientLink support
TPC threshold setting
QoS setting
Free space path loss

Correct Answer: AC
Section: Multiple choice
Explanation
Explanation/Reference:
TPC = Tx Power Control
QUESTION 352
Which IP address can be routed to cross the public Internet?
A.
B.
C.
D.

10.31.1.1
192.168.32.1
172.32.1.1
169.254.32.1

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 353

http://www.gratisexam.com

Which DHCP option do you need to configure to ensure that an LWAP can communicate with the Cisco WLC in a different subnet?
A.
B.
C.
D.

7
19
43
150

Correct Answer: C
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 354
Which two options can be virtual networking devices? (Choose two.)
A.
B.
C.
D.
E.

ESX host
VM
Switches
Routers
Hyper-V host

Correct Answer: CD
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 355
Drag the STP toolkit term on the left to the definition on the right.
Select and Place:

http://www.gratisexam.com

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
QUESTION 356
Drag the characteristic on the left to the correct campus design model on the right.
Select and Place:

http://www.gratisexam.com

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
QUESTION 357
Drag the technology on the left to the matching routing protocol on the right.
Select and Place:

http://www.gratisexam.com

Correct Answer:

http://www.gratisexam.com

Section: Select and Place


Explanation
Explanation/Reference:
QUESTION 358
Drag the security term on the left to the matching description on the right.
Select and Place:

http://www.gratisexam.com

Correct Answer:

Section: Select and Place


Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 359
Drag the term on the left to the matching deployment scenario on the right.
Select and Place:

Correct Answer:

Section: Select and Place


Explanation
Explanation/Reference:
http://www.gratisexam.com

QUESTION 360
What are two components of the Build phase in the Cisco Design Lifecycle? (Choose two.)
A.
B.
C.
D.
E.

Migration
Deployement
Optimization
Design
Configuration

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 361
Which design enables easy and flexible scaling in the Cisco Enterprise Architecture model?
A.
B.
C.
D.

Modular
Top-down
Bottom-up
Full-mesh

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 362
Which benefit is an advantage of route summarization?
A. It reduces the size of the routing table
B. It causes routes to be updated more frequently
C. It lowers the cost metric
http://www.gratisexam.com

D. It enables neighbor discovery


Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 363
Which two states are RSTP port states? (Choose two.)
A.
B.
C.
D.
E.

Discarding
Learning
Blocking
Listening
Disabled

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 364
When is the Cisco FlexConnect design model recommended?
A.
B.
C.
D.

When remote-site APs are centrally managed


When each remote site has its own wireless controller
When each remote site runs VSS
When the remote sites use WAN optimization

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 365
In which two modes can you deploy Cisco IPS appliances? (Choose two.)
A.
B.
C.
D.
E.

Inline
Promiscuous
VTP group
Threat mitigation
Threat detection

Correct Answer: AB
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 366
According to Cisco best practices, which traffic control should you apply to the strict priority queue?
A.
B.
C.
D.

Bandwidth should be limited to one-third of the link capacity


Bandwidth should be limited to 768 kbps
Limits should be applied to non-real-time traffic and all real-time traffic should be permitted
The link serialization delay should be set to less than 100 ms

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 367
According to fundamental design principles, which location is best for implementing Cisco QoS policies?
A. Hardware
B. Software
C. Cisco 3900 Series Integrated Services Routers running IOS software

http://www.gratisexam.com

D. WAN routers running IOS software


Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 368
Which item is the fundamental basis of a virtual network?
A.
B.
C.
D.

A VRF instance
A MIB database
A GRE tunnel
Redundant hardware

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:
QUESTION 369
Which network virtualization technique can you implement without disrupting the existing network design and infrastructure?
A.
B.
C.
D.

VRF-Lite
EVN
MPLS
VNET tags

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com

QUESTION 370
When designing a hierarchical network design, in which layer DAI and DHCP snooping take place?
A.
B.
C.
D.
E.
F.

Core layer
Application
Distribution layer
Enterprise Edge
Access layer
Network layer

Correct Answer: E
Section: Single choice
Explanation
Explanation/Reference:
DAI = Dynamic ARP inspection
QUESTION 371
What are two components of the Build phase in Cisco design life cycle? (choose two)
A.
B.
C.
D.
E.

Assessment
Validation
Deployment
Design
Analysis

Correct Answer: BC
Section: Multiple choice
Explanation
Explanation/Reference:
QUESTION 372
A network engineer must connect two sites. Each sites has a different autonomous number. Which method do you use to exchange Routing information between
the sites?
A. BGP

http://www.gratisexam.com

B.
C.
D.
E.

IGP
EIGRP
OSPFv3
Static Route

Correct Answer: A
Section: Single choice
Explanation
Explanation/Reference:

http://www.gratisexam.com/

http://www.gratisexam.com