You have created and IPv6 ACL called MY-LIST.

Which command would you configure

to use this ACL to check inbound packets on an interface?
ipv6 access-class MY-LIST in
You Answered
ipv6 access-group MY-LIST in
ipv6 access-list MY-LIST in
Correct Answer
ipv6 traffic-filter MY-LIST in
Which is a characteristic of dual-homed connectivity?
No single points of failure
Correct!
Single point of failure due to ISP failure
Single point of failure due to link failure
Use of two ISPs
Which rules are implicit at the end of every IPv6 ACL?

deny icmp any any nd-na

deny icmp any any nd-ns
deny ipv6 any any

deny icmp any any nd-na

deny icmp any any nd-ns
permit ipv6 any any

Correct!

permit icmp any any nd-na

permit icmp any any nd-ns
deny ipv6 any any

permit icmp any any nd-na

permit icmp any any nd-ns
permit ipv6 any any
You have created and IPv6 ACL called MY-LIST. Which command would you configure
to use this ACL to check inbound packets on an interface?
ipv6 access-class MY-LIST in
You Answered
ipv6 access-group MY-LIST in
ipv6 access-list MY-LIST in
Correct Answer

ipv6 traffic-filter MY-LIST in

Which protocol would you use to provide IPv4 Internet connectivity to IPv6 devices?
Correct!
NAT64
NAT-PT
NPTv6
PAT
Which command would configure an R1 interface to obtain its IP address information using
stateful DHCPv6?
R1(config-if)# ipv6 address autoconfig
Correct Answer

R1(config-if)# ipv6 address dhcp

R1(config-if)# ipv6 address dhcpv6
You Answered
R1(config-if)# ipv6 address slaac
Which command would configure an R1 interface to obtain its IP address information using
SLAAC?
Correct!
R1(config-if)# ipv6 address autoconfig

R1(config-if)# ipv6 address dhcp

R1(config-if)# ipv6 address dhcpv6
R1(config-if)# ipv6 address slaac

Which command would configure an R1 interface to obtain its IP address information using
stateless DHCPv6?
Correct Answer
R1(config-if)# ipv6 address autoconfig
R1(config-if)# ipv6 address dhcp
You Answered
R1(config-if)# ipv6 address dhcpv6
R1(config-if)# ipv6 address slaac

Which is the corresponding NAT term for the NVI term source local?
You Answered
Inside global address
Correct Answer
Inside local address
Outside global address

Outside local address

You are configuring your router to do NVI so that a PC can connect to the Internet. Which
command do you configure on the interface connected to the PC?
Correct Answer
R1(config-if)# ip nat enable
R1(config-if)# ip nat inside
You Answered
R1(config-if)# ip nat outside
R1(config-if)# ip nat nvi

What does PAT use to distinguish between sessions that use the same address?
Destination port number
Protocol number
Correct!
Source port number
Type code

The ________________ type of network translation does a many-to-many translation.

Correct!

Dynamic NAT
NAT overloading
PAT
Static NAT
A NAT enabled router is configured to translate the address of a PC (10.1.1.1) to the
address 209.165.200.225. Which is the correct name for the 209.165.200.225 address?
Correct Answer
Inside global address
Inside local address
Outside global address
You Answered
Outside local address

Question 13
0 / 1 pts
Assume a client requires DHCP services from a server on another network. Which option
would correctly apply the <strong>ip helper-address</strong> interface configuration
command?
Assume a client requires DHCP services from a server on another network. Which option
would correctly apply the ip helper-address interface configuration command?
Correct Answer
Use the following command on the interface connected to the client: R1(config-if)# ip
helper-address server-address

Use the following command on the interface connected to the server: R1(config-if)# ip
helper-address server-address
You Answered
Use the following command: R1(config)# ip helper-address server-address
Use the following command on the interface connected to the client: R1(config-if)# ip
helper-address client-address
Use the following command on the interface connected to the server: R1(config-if)# ip
helper-address client-address

Question 14
0 / 1 pts
Assume that R1 is a DHCP client and it is getting its IP address information an upstream
router connected to interface Gigabit Ethernet 0/0. Which interface configuration command
should be configured on G0/0?
Assume that R1 is a DHCP client and it is getting its IP address information an upstream
router connected to interface Gigabit Ethernet 0/0. Which interface configuration command
should be configured on G0/0?
Correct Answer
R1(config-if)# ip address client
R1(config-if)# ip address dhcp
You Answered
R1(config-if)# ip client address
R1(config-if)# ip dhcp address

Which type of Internet connectivity provides the most redundancy?

Dual-homed
Correct Answer
Dual multihomed
You Answered
Multihomed
Single-homed
Refer to the exhibit. A network administrator in autonomous system 65100 has set up a
dual-homed BGP connection with an ISP. The administrator would like to influence the ISP
router so that all traffic from the ISP enters the autonomous system through router R1.
Which BGP attribute can the administrator configure on routers R1 and R2 to accomplish
this?
Correct Answer
multi_exit_discriminator
local preference
aggregate
You Answered
next-hop
weight

Which two statements are key characteristics of BGP? (Choose two.)

It uses cost as its metric.
You Answered

It is a link-state routing protocol.

Correct Answer
It is a policy-based routing protocol.
It uses bandwidth and delay as its metric.
You Answered
It is an advanced distance vector routing protocol.
Correct Answer
It provides interdomain routing between autonomous systems.

Refer to the exhibit. Autonomous system 65500 is routing traffic between two external
BGP autonomous systems, autonomous system 65200 and autonomous system 65100.
Synchronization is disabled on BGP in autonomous system 65500. Which routers should
have IBGP peer relationships for routing between autonomous system 65200 and
autonomous system 65100 to work properly?
You Answered
R1 and R5
R1, R3, and R4
Correct Answer
R1, R3, R4, and R5
ISP A, R1, R5, and ISP B

Which BGP attribute is used by BGP to ensure a loop-free topology on the Internet?

Next_hop
Correct Answer
As_path
You Answered
local preference
Atomic aggregate
Origin

Which BGP attribute can be configured on IBGP speakers so they will choose a desired
path out of the autonomous system to an outside network?
MED
next hop
You Answered
aggregate
Correct Answer
local preference

Which routes are available to a BGP speaker to advertise to peers once an adjacency is
formed?
Correct!
only BGP routes in the IP routing table

only routes in the BGP forwarding database

only routes that are learned from IBGP peers in the same autonomous system
any route in either the IP routing table or BGP forwarding database

Which routes are available to a BGP speaker to advertise to peers once an adjacency is
formed?
Correct!
only BGP routes in the IP routing table
only routes in the BGP forwarding database
only routes that are learned from IBGP peers in the same autonomous system
any route in either the IP routing table or BGP forwarding database
Refer to the exhibit. Which statement is true?

The neighbor at 190.10.50.1 is an external peer.

You Answered
The neighbor at 170.10.20.2 is an internal peer.
RTA is going to advertise that it is part of AS 300.
Correct Answer

RTA is going to advertise network 150.10.0.0 to its neighbors if 150.10.0.0 or its subnets
are in the IP routing table.

Which BGP routers will become peers and share routing information?
BGP routers that are configured with the same network command
You Answered
BGP routers share routing information with all routers in the same AS by default.
Correct Answer
BGP routers that are configured with the neighbor command
BGP routers that are configured with the same peer command
Refer to the exhibit. Which two configurations will allow router R1 to establish a neighbor
relationship with router R2? (Choose two.)

R1(config)# router bgp 100

R1(config-router)# network 192.168.20.0
Correct Answer
R1(config)# router bgp 100
R1(config-router)# network 192.168.10.0
R1(config-router)# neighbor 209.165.200.226 remote-as 200
You Answered
R1(config)# router bgp 200
R1(config-router)# network 192.168.20.0
R1(config-router)# neighbor 209.165.200.225 remote-as 100
R2(config)# router bgp 200
R2(config-router)# network 192.168.10.0

R2(config)# router bgp 200

R2(config-router)# network 192.168.10.0
R2(config-router)# neighbor 209.165.200.226 remote-as 200
Correct!
R2(config)# router bgp 200
R2(config-router)# network 192.168.20.0
R2(config-router)# neighbor 209.165.200.225 remote-as 100

Refer to the exhibit. BGP sessions are established between all routers. RTC receives route
updates for network 209.165.200.224/27 from autonomous system 300 with the weight
attribute set to 3000. RTB also learns about network 209.165.200.224/27 from autonomous
system 200 with a weight of 2000. Which router will be used by RTA as a next hop to reach
this network?

RTB because of the lowest weight

RTB because of the slow 64 kb/s link
Correct!
RTB because of the shortest AS_Path
RTC because of the highest weight
RTC because of the longest AS_Path
RTC because of the T1 link

Which command would force a router to inject a route into BGP?

route-inject
You Answered
router bgp network
Correct Answer
network
summary

Refer to the exhibit. BGP sessions are established between all routers. Router RTC has the
local preference for network 209.165.200.224/27 set to 200 and router RTB has a local
preference set to 150 for the same network. Which router will be used by RTA as a next hop
to reach network 209.165.200.224/27?

RTB because of the lowest local preference

RTB because of the slow 64 kb/s link
RTB because of the shortest AS_Path
Correct!
RTC because of the highest local preference
RTC because of the longest AS_Path
RTC because of the T1 link

Refer to the exhibit. Based on the show ip bgp summary and debug ip bgp output, which
two statements must be true? (Choose two.)

The router at 10.255.2.2 is an EBGP peer.

You Answered
The ebgp multi-hop command is missing from the BGP configuration.
Correct Answer
R1 has established an EBGP peering relationship.
You Answered
R1 is directly connected to an IBGP peer.
Correct Answer
R1 cannot route BGP packets to 10.255.2.2.

Refer to the exhibit above. RTB receives an EBGP advertisement from RTD. When
propagated into AS 65100 by IBGP, which router would be used as the next hop for RTC?

RTA
RTB
You Answered
RTC
Correct Answer
RTD
Which statements is not correct regarding MP-BGP?
IPv4 can be used as the BGP transport for both IPv4 and IPv6 sessions

Neighbors must be activated with the address family using the neighbor activate command
You Answered
The show bgp all neighbors command can be used to show BGP neighbor adjacencies for
IPv4 and IPv6
Correct Answer
A single BGP forwarding table is used for both IPv4 and IPv6 address families

What are the characteristics of using the neighbor ip-address update-source command
with a loopback address? Choose 2.
Correct Answer
For IBGP, it allows the IGP to use the best path to the loopback address
Correct!
The neighbor command is configured using the neighbor's loopback address
The loopback address does not need to be reachable by TCP
It can only be used with IBGP

Which routing protocol enables authentication by default?

EIGRP
Named EIGRP
OSPFv2
OSPFv2 with key chains

Correct!
No routing protocol enables authentication by default.

Which statement about plain-text authentication is true?

You Answered
Plain-text authentication is supported by EIGRP, and OSPFv2.
Correct Answer
Plain-text authentication is considered to be insecure and should not be used.
Plain-text authentication use the key and hashing algorithm to produce a signature.
Plain-text authentication peers require different passwords to authenticate the routing
updates.

Which two authentication methods does EIGRP support? (Choose two.)

IPsec encryption
Correct!
MD5
Plain text
Correct!
SHA
None of the above

The output of the show running-configuration command displays the following line:
enable secret 4 JpAg4vBxn6wTb6NE3N1p0wfUUZzR6eOcVUKUFftxEyA
Based on the output, which statement is true regarding the enable password?

It is encrypted using IPsec.

You Answered
It is encrypted using MD5.
Correct Answer
It is encrypted using SHA256.
It was encrypted using the password service-encryption command.
It was encrypted using the service password-encryption command.

The output of the show ip ssh command displays "SSH Enabled - version 2". Based on this
output, which statement is true?
Correct Answer
The device was configured with the ip ssh version 2 command.
This is also known as "compatibility mode" because it supports both SSHv1 and SSHv2.
This is the original version but has known vulnerabilities.
You Answered
When SSH is enabled, this is the default SSH version.

None of the above.

When implementing logging, it is also important that dates and times are accurate and
synchronized across all the network infrastructure devices using
____________________________.
You Answered
Correct Answers
NTP
ntp
network time protocol
Network Time Protocol
NETWORK TIME PROTOCOL

The __________________________ privileged EXEC command can be used to manually

create an archive of the running configuration file.
You Answered
Correct Answers
archive config

Question 8
0 / 1 pts
Which statement about SNMP is true?
Which statement about SNMP is true?
SNMPv1 is the most secure version to use.
SNMPv1 uses community strings to encrypt SNMP messages.
You Answered

SNMPv1, SNMPv2, and SNMPv3 use community strings. SNMPv2 supports the use of
read-write community strings to encrypt SNMP messages.
Correct Answer
SNMPv3 can provide authenticity, integrity, and confidentiality.

Refer to the exhibit. Based on the configuration, which statement is true about the archive
command?

The FTP path specified has a folder named admin:cisco on a server located at 10.1.2.3.
Correct Answer
The only required parameter is the path archive configuration command.
The startup configuration file is automatically saved every 24 hours.
You Answered
The write-memory archive configuration command saves the archive every time the
running configuration is saved to NVRAM.
To save the configuration, the administrator needs to use the config archive privileged
EXEC command.

What does the accept-lifetime 04:00:00 Jan 10 2015 infinite command do?
Correct!
specifies that a key is acceptable for use on received packets from January 10, 2015 onward
specifies that a key is acceptable for use on received packets until January 10, 2015

specifies that a key is acceptable for use on sent packets from January 10, 2015 onward
specifies that a key is acceptable for use on sent packets until January 10, 2015

Which VRF-lite statement is true?

VRF-lite cannot be used with Cisco Easy Virtual Network (EVN).
Correct Answer
VRF-lite is the deployment of VRF without MPLS.
You Answered
VRF-lite Layer 3 interfaces can belong to more than one VRF at any time.
VRF-lite operates at Layer 3 while VRF operates at Layer 2.

Which of the following is an IP-based network solution that takes advantage of existing
VRF-lite technology to simplify Layer 3 network virtualization, improve support for shared
services, and enhance management and troubleshooting.
Correct Answer
Cisco Easy Virtual Network (EVN)
Cisco Easy VPN
You Answered
Virtual Routing and Forwarding (VRF)
Virtual Routing and Trunking (VRT)

VPN Routing and Forwarding (VRF)

VPN Routing and Trunking (VRT)

Using SSH, implementing logging, and securing SNMP are all tasks related to securing
which router operational plane?
You Answered
Control plane
Data plane
Forwarding plane
Correct Answer
Management plane
Protocol plane
Air plane

Using routing protocol authentication is a task related to securing which router operation
plane?
Correct Answer
Control plane
You Answered
Data plane

Forwarding plane
Management plane
Protocol plane
Air plane

Refer to the exhibit. Which AAA authentication protocol operation is being illustrated in
the exhibit?

Kerberos
Local
Plain text
Correct Answer
RADIUS
You Answered
TACACS+