Cisco Discovery 4 Final 2010 1 Which task would typically only require services located at the access layer

of the hierarchical design model? connecting to the corporate web server to update sales figures using a VPN from home to send data to the main office servers printing a meeting agenda on a local departmental network printer placing a VoIP call to a business associate in another country responding to an e-mail from a co-worker in another department 2

Refer to the exhibit. A network administrator is validating the routing for the new network design. Which command should be used to configure the s0/0/0 interface of the SALES router to advertise the Sales Department networks as one route? SALES(config-if)# ip summary-address eigrp 100 172.16.0.0 255.255.0.0 SALES(config-if)# ip summary-address eigrp 100 172.16.8.0 255.255.240.0 SALES(config-if)# ip summary-address eigrp 100 172.16.16.0 255.255.240.0 SALES(config-if)# ip summary-address eigrp 100 172.16.31.0 255.255.248.0

3 Why is it difficult for network designers to predict the patterns and behavior of file transfer traffic? The traffic is user initiated. File size is typically very small. Dedicated bandwidth is essential. All file transfer traffic is queued as high priority.

Refer to the exhibit. A NetworkingCompany designer is reviewing a diagram of a customer network. What two risks or issues can be identified in the topology that is shown? (Choose two.) The firewall router and ISP connection represent a single point of failure. A failure of the switch that connects the Cisco Call Manager to the network will cause the entire IP telephony system to fail. Using Layer 3 switches to interconnect the data center servers to the IP phones introduces too much delay. The IP phones need to be redundantly connected to the switches to prevent single points of failure at the access layer. If one of the Layer 3 switches fails, the Cisco Call Manager will be unreachable.

Refer to the exhibit. A network associate is configuring a new router to provide routing between VLANs. The associate removes the router from the box and connects the Fa0/0 interface to a trunking port on the switch. After the configuration is applied to the router, the traffic between VLANs still fails. What is causing this to occur? The NWRnStick router needs a routing protocol configured. The NWRnStick router needs additional Fast Ethernet interfaces installed. The subinterfaces of the NWRnStick router should have IP addresses applied. All the subinterfaces of the NWRnStick router should be configured in the same VLAN.

6 When implementing a security policy, which two actions should be included as part of the security checklist? (Choose two.) Disable all logging. Enable Telnet on TCP port 23. Use HTTP for web administration. Set timeouts and ACLs on VTY lines. Shut down any unused ports and interfaces.

7 The network infrastructure of the main campus in an organization consists of network devices from multiple vendors. The IT department has a network architecture upgrade project that will gradually upgrade the campus backbone to 10 Gb/s. The routing protocol also needs to be upgraded from RIP to support VLSM and CIDR, with infrequent routing updates to reduce traffic. In phase one of the project, two high-end Cisco devices are purchased to replace two of the four current core routers made by another networking company. Which routing protocol should be selected for the network? BGP OSPF RIPv2 EIGRP 8 A network engineer is prototyping a new IP addressing and summarization strategy for a new network that will be integrated into the existing infrastructure. Which method is appropriate for testing the addressing scheme? using the production network of the customer using actual network equipment in a lab using the Cisco Network Assistant using a network simulation tool 9 A network administrator is integrating IPv6 into an IPv4 network by encapsulating an IPV6 packet within an IPv4 protocol. Which transition method is being used? tunneling dual stack proxying and translation NAT with Protocol Translator

10 What Cisco VPN solution allows for simple configuration of VPNs on the laptops of remote and mobile employees? EasyVPN Server EasyVPN Remote EasyVPN Client EasyVPN Remote-Access

11 What are three advantages of IPv6 over IPv4? (Choose three.) increased IP security fewer reserved IP addresses simplified header information integrated IP mobility support easier implementation and configuration more efficient handling of broadcasts 12 In the Cisco Enterprise Architecture, which module would include web and e-commerce servers for access by users external to the organization? campus core enterprise edge enterprise branch enterprise campus 13 If a router is unable to find a suitable IOS to load into RAM, in what mode does the boot process end? setup mode user mode rommon mode privileged mode

14

Refer to the exhibit. The users on the 192.168.10.128/26 network are not allowed Internet access. Where is the most efficient location to place an extended ACL? inbound on S0/0/0 of R1 outbound on S0/0/1 of R1 inbound on Fa0/0 of R2 outbound on Fa0/0 of R2 inbound on S0/0/1 of R2 15 What type of Frame Relay subinterface must be used to connect remote sites without having to disable split horizon? multipoint multiaccess point-to-point nonbroadcast multiaccess

16

Refer to the exhibit. Based on the EIGRP configuration that is shown, what can the field engineer conclude about the EIGRP authentication between RouterA and RouterB? Authentication will fail because only one key is configured. Authentication will fail because the key chain names do not match. Authentication will succeed and EIGRP updates can be exchanged. Authentication will fail because the key chain names must match the router names. 17

Refer to the exhibit. What is the spanning-tree role of all the enabled interfaces of SW11? alternate backup designated root

18

Refer to the exhibit. The administrator wishes to specify that the 56 kb/s circuit will be a backup link that will automatically be used in the event that the primary Frame Relay circuit goes down for traffic to the 172.16.75.0/24 network. Which command syntax will accomplish this? RouterA(config)# ip route 172.16.75.0 255.255.255.0 192.16.35.76 200 RouterA(config)# ip route 172.16.75.0 255.255.255.0 192.16.35.76 RouterA(config)# ip route 172.16.75.0 255.255.255.0 172.16.75.1 RouterA(config)# ip route 192.16.35.76 255.255.255.0 172.16.75.1 19 What are two advantages of using Layer 3 devices instead of Layer 2 switches at the distribution layer of a hierarchical network? (Choose two.) allows connectivity between different VLANs provides reliable connectivity to the end user reduces the number of required redundant links results in fewer IP subnets to configure and manage enables traffic filtering that is based on subnet addresses

20

Refer to the exhibit. The network administrator has used the Cisco Feature Navigator to choose a Cisco IOS image to install on a router. Given the exhibited output of the show version command, which statement is true about the capacity of the router to use this Cisco IOS image? There is enough DRAM and flash. There is not enough DRAM and flash. There is enough DRAM but not enough flash. There is not enough DRAM but enough flash. 21 On a Monday morning the help desk at a large company receives an unusually high number of calls reporting no connectivity to the Internet or to any other network resources. Otherwise the PCs are functioning normally. Help desk technicians note that all the calls are from a single department, and all affected users are on the same floor of a single building. Where should the help desk technicians suspect that the problem lies? workgroup switch PC power supplies patch cords from PCs to network jacks cabling from the network jack to the wiring closet 22 In order for the IT staff of a company to understand the basic operation of VPNs, which two features or technologies must the network designer identify as training needs? (Choose two.) IPv6 tunneling QoS operation

tunneling protocols VLAN configuration encryption algorithms

23 A network administrator needs to transfer an IOS image to a router using a TFTP server. What should be verified prior to beginning the transfer process? The TFTP server must connect to the router via a serial connection. Connectivity between the TFTP server and the router should have been established. The TFTP server and the router must be on different networks for the transfer. The TFTP server software must be the same version as the Cisco IOS software. 24

Refer to the exhibit. A technician at the ISP site asks the network administrator at the client site to change the CHAP password as part of the routing security maintenance. After the administrator makes the change and reboots the router, the technician issues a show interfaces serial 0/0/0 command. According to the output, what can be concluded about the serial connection between the client site and ISP site? The router at the client site is still in the process of rebooting. The administrator probably configured the wrong password. The administrator has not issued a no shut command on the serial interface. The administrator probably configured the wrong IP address for the serial interface.

25 The main office of a NetworkingCompany customer currently connects to three branch offices via three separate point-to-point T1 circuits. The customer network uses RIPv2 as the routing protocol within both the LAN and the WAN. The account manager proposes a change to a Frame Relay network because the costs are lower. A single local loop connection can be installed at the main office with three separate PVCs to connect the branch offices. How can the main office edge router be configured to enable the customer to continue to use RIP as the WAN routing protocol? Enable Inverse ARP on the serial interface in order to learn the routes to the IP addresses of the remote routers. To prevent the Frame Relay network from causing a routing loop, disable split horizon on the serial interface. Create three separate point-to-point subinterfaces on the serial interface and assign a different subnet IP address to each one. Configure the serial interface with a single interface DLCI number and create frame-relay map statements for each remote site address. 26 What is the advantage of choosing EasyVPN for a new VPN implementation? to provide encryption algorithms unavailable in other systems to ensure that remote workers actually use the VPN for connectivity to allow a greater variety of network devices to be used for VPN connections to simplify the configuration tasks for the device that is used as the VPN server 27

Refer to the exhibit. Which type of application communication model best describes this network? client-client client-server farm client-enterprise edge client-enterprise server 28 Which IOS component can be used to classify and monitor network traffic? CDP

NBAR CiscoWorks Network Assistant 29 A network engineer is at a customer site. After resolving technical problems in the network, the engineer provides a training session for the support staff. Which job function best fits the activities of this network engineer? network designer account manager pre-sales engineer post-sales field engineer 30 A network administrator has removed a router from the network for maintenance. A new Cisco IOS software image has been successfully downloaded to a server and copied into the flash of the router. What should the administrator do before placing the router back into service? Delete the previous version of the Cisco IOS software from flash. Copy the new IOS into NVRAM to create a backup copy. Restart the router and verify that the new image starts successfully. Verify the free space available on the router to store the new IOS image. 31 A network administrator is configuring a router interface with the command R1(config-if)# ipv6 address 2001:DB8:C18:1::/64 eui-64. If the MAC address of this Ethernet interface is 01-1C-70-CF-B4-30, what is the host identifier for this interface under EUI-64 format? 11C:7000:00CF:B430 11C:70FE:FECF:B430 11C:70FF:FECF:B430 11C:70FF:FFCF:B430

32

Refer to the exhibit. Based on the configuration of router R2, which statement is true if the four listed objectives are requirements of an active security policy? Objectives (1) All traffic from the Internet into the DMZ is to be logged. (2) Web traffic from the Internet is to be allowed into the DMZ. (3) TCP traffic from established sessions is to be allowed into the internal network. (4) Incoming e-mail from the Internet is to be handled by the DMZ e-mail server first. Only objective 1 is met. All four objectives are met. Objectives 1, 2, and 4 are met. Only objectives 2 and 4 are met. Only objectives 2 and 3 are met.

33

Refer to the exhibit. A NetworkingCompany engineer is characterizing an existing network for a new customer. The engineer issues a show running-config command on the branch router to gather configuration information. What is the engineer able to determine as a result of viewing the output of this command? The branch office router has two routes to the main office LANs in the routing table. The default route for the branch office traffic is the serial link to the Edge2 router. A connection through ISP-A will be used to reach the main office LANs if the Frame Relay network is unavailable. By using both the DSL and the Frame Relay connection, the branch office router will load balance traffic that is destined for the main office LANs. 34 Company XYZ requires a WAN solution that provides flexible bandwidth options and supports one physical interface at the head office that would provide simultaneous connectivity to various remote sites. The distance from each site should not make the solution more expensive. Which WAN technology meets the requirements of the company? DSL cable Frame Relay T1 leased line 35 A large company plans to add several servers and requires that the servers be reachable directly from the Internet. Which action will help the company accomplish this goal? Assign to each server a static internal IP address that is mapped statically to a public IP address. Place all servers in their own Class C private subnet.

Provide a private address to each server using DHCP. Assign addresses from a pool of public Class B addresses using DHCP. 36

Refer to the exhibit. Following a test plan, the network systems engineer completes the configuration of an access layer switch and connects three PCs to test the configuration. The engineer attempts to ping from each PC to the other connected PCs. Which three statements describe the expected results of pinging from one host to another? (Choose three.) Host1 can ping Host2. Host1 cannot ping Host2. Host1 can ping Host3. Host1 cannot ping Host3. Host2 can ping Host3. Host2 cannot ping Host3. 37 A school district decides to use the 172.30.0.0/16 network for its LAN networks. The network administrator must create an addressing scheme to support 500 users in the admin office, 200 at the high school, 60 at the elementary school and 28 at the district office. Which VLSM addressing scheme will correctly address the network with minimal waste? 172.30.0.0/20 admin

172.30.1.0/21 high school 172.30.1.8/22 elementary 172.30.1.12/26 district 172.30.0.0/22 admin 172.30.4.0/23 high school 172.30.5.0/24 elementary 172.30.6.0/26 district 172.30.0.0/23 admin 172.30.2.0/24 high school 172.30.3.0/26 elementary 172.30.3.64/27 district 172.30.0.0/23 admin 172.30.2.0/24 high school 172.30.3.0/25 elementary 172.30.3.127/26 district 38 The network designer recommends using RSTP in the design of a new data center. There are multiple redundant Layer 2 switches and links contained in the new design. What is the benefit of using RSTP rather than STP in this situation? Redundant links are not blocked. Routing tables converge more quickly. Spanning Tree convergence times are reduced. Fewer redundant links are required to maintain connectivity. 39

Refer to the exhibit. The named ACL "Managers" already exists on the router. What will happen when the network administrator issues the commands that are shown in the exhibit? The commands overwrite the existing Managers ACL. The commands are added at the end of the existing Managers ACL. The commands are added at the beginning of the existing Managers ACL. The network administrator receives an error that states that the ACL already exists.

40 Which two events occur when the command RouterB(config-if)# frame-relay map ip 198.133.219.2 211 is issued on RouterB? (Choose two.) RouterB uses DLCI 211 to forward data to 198.133.219.2. A Layer 2 address is statically mapped to a Layer 3 address. DLCI 211 replaces the MAC address in the ARP table for entry 198.133.219.2. Inverse ARP is used to add an entry for 198.133.219.2 into the Frame Relay map table using DLCI 211. The remote router updates the Frame Relay map table with DLCI 211 to reach the 198.133.219.0 network. 41

Refer to the exhibit. A network administrator configures two routers to test the WAN connection. The serial connection requires PPP encapsulation and authentication with CHAP. However, the connection cannot be established. According to the partial output of the show running-config command, what is the cause of the problem? The password should be all lowercase. The password should contain fewer than 8 characters. The usernames must be the same as the sending router hostnames. The usernames must be the same as the destination router hostnames.

Refer to the exhibit. What can be concluded from the output that is shown? MDF_2811 has a MAC address of 2294:300F:0000. Device C3750-24_IDF2 is running Cisco IOS Software Release 12.3(23)SEE2. A Cisco 3750 switch is connected to the FastEthernet1/0/1 port on MDF_2811. MDF_2811 is installed in the main distribution facility on floor 28 of building 11. 43

Refer to the exhibit. In the Cisco IOS filename that is shown, what is signified by the underlined portion? version platform file format feature set 44 What are two reasons to choose a pilot network instead of a prototype network during proof-of-concept testing of a network design? (Choose two.) Changes can be made at any time. The customer desires testing in a real-world environment.

A highly controlled simulated environment is easier to manage. The test network must be independent from the production network. Network response to unplanned and unpredictable events must be assessed. 45 A company has branch offices at several locations across the country. Which security implementation would provide a cost-effective, secure, and authenticated connection to centralized internal resources that are located at company headquarters, without requiring configuration for individual employees at the branch offices? leased line with PPP authentication site-to-site VPN access control list remote-access VPN 46 A network administrator is asked to upgrade the enterprise network devices and to modify the addressing scheme to support VLSM and route summarization. The current network infrastructure contains both Cisco and non-Cisco routers. The plan is to replace old routers gradually with the latest Cisco routers. Which two routing protocols can the administrator use to support both upgrading requirements? (Choose two.) BGP OSPF RIPv1 RIPv2 EIGRP 47

Refer to the exhibit. The routers are configured with RIPv2 and utilize the default configuration. When attempting to communicate with other networks, hosts from 172.31.1.0/24 are experiencing connectivity issues. What could be done to resolve this issue? Change to a public IP address scheme. Ensure that automatic route summarization has been disabled on all routers in the network. Change the IP address for the Router3 LAN to be 192.168.7.0/24. Change the subnet mask on the link between Router2 and Router3 to 255.255.255.0.

48 Which technology will prioritize traffic based upon the technical requirements of IP telephony? PoE QoS RPC RTP VPN 49 A small office with ten employees needs to provide external customer access to an office Web server. It also requires filtered access to the Internet for its employees. What device would best serve their needs? standalone access points with separate VLANs for customers and employees core layer router with software based firewall set dedicated firewall appliance with DMZ capabilities SOHO router with IOS firewall feature set to filter traffic in and out of the company 50 A technician adds the command Router(config-router)# variance 5 to a router using EIGRP as the routing protocol. What is the result of entering this command? enables unequal cost load balancing adjusts the metric of all EIGRP routes to 5 restricts the number of EIGRP feasible successor routes to 5 activates the use of all K values in the composite metric calculation enables EIGRP equal cost load balancing over a maximum of 5 routes 51 What best practice should be followed when installing a new interface card into a Cisco 1841 router? Leave the power on because the device supports hot-swappable interface cards. Be sure the card faceplate does not touch the rear panel of the chassis. Use pliers to push the card into the connecting socket. Use a properly grounded antistatic wrist strap. Leave the captive screws loose until the card is working properly, then tighten securely. 52 When implementing an IP telephony solution, why should VLANs be used? to allow the use of a single IP gateway to separate voice from data traffic for ease of prioritization to allow the PBX to use VLAN IDs to filter both voice and data traffic to allow connectivity between traditional phone devices and IP-based telephony devices