Professional Documents
Culture Documents
Which two statements are true about IBGP neighbor relationships? (Choose two.)
A. The BGP split-horizon rule specifies that routes learned via EBGP are never propagated to
other IBGP peers.
B. A full-mesh IBGP requires that neighbor relationships be established between all BGP enabled
routers in the autonomous system.
C. The BGP split horizon rule specifies that routes learned via IBGP are never propagated to other
IBGP peers.
D. An EGP or static routing is required between IBGP neighbors.
E. IBGP neighbors must be in different autonomous systems.
Answer: B,C
m
QUESTION NO: 2
.co
Which three IP multicast group concepts are true? (Choose three.)
A. If a packet is sent to a multicast group address, all members of the multicast group will receive
sts
it.
B. A router must be a member of a multicast group to send to the group.
C. If a packet is sent to a multicast group address, the multicast frame contains the source
lTe
multicast address.
D. A router must be a member of a multicast group to receive multicast data.
E. A router does not have to be a member of a multicast group to send to the group.
tua
Answer: A,D,E
Ac
QUESTION NO: 3
Which two features or capabilities are valid options for both an Autonomous and a Lightweight
WLAN solution? (Choose two)
Answer: A,C
m
The Cisco Secure ACS is used as the standard AAA server for the global WLAN and for other
recently introduced services such as 802.1x-based port authentication for wired Ethernet ports in
.co
public areas and Network Access Control (NAC), part of the Cisco Self-Defending Network
security strategy. Pairs of Cisco Secure ACSs were deployed at strategic locations worldwide.
sts
The value of using a globally distributed AAA architecture instead of a single AAA server was
highlighted by the WLAN deployment. Because of the greater load that a WLAN creates for AAA,
due to authentications and reauthentications (as the client device roams from AP to AP), it was
lTe
important to ensure that all users did not have to rely upon a single, centralized server. This would
have introduced unacceptable delays for users in geographically remote areas. As such, at 13
different locations around the world, Cisco placed two ACS servers, in a load-balanced
tua
configuration, that served as AAA servers for that local geographical region.
The ACS servers are fully integrated with the Cisco Active Directory domain structure, enabling a
single sign-on (SSO) capability. Effectively, AD user credentials are used not only for access to
Ac
their laptops and wired network but also to provide transparent authentication to the wireless
network. SSO has greatly reduced the client impact for users and has helped ensure a common,
user-friendly experience across platforms and transport media. Users need only remember their
normal ID and password for access to their laptop, the wired network, and the wireless network,
and they only have to enter their credentials once each session regardless of the transport
medium they are using.
Reference: http://www.wireless-center.net/Business-Wireless/Technology-Considerations.html
QUESTION NO: 4
Answer: C
Explanation:
A 6to4 tunnel is an automatic IPv6 tunnel where a 6to4 border router in an isolated IPv6 network
creates a tunnel to a 6to4 border router in another isolated IPv6 network over an IPv4
infrastructure. The tunnel destination is determined by the globally unique, 32-bit IPv4 address of
the remote 6to4 border router that is concatenated to the prefix 2002: :/ 16. 6to4 tunnels are
configured between 6to4 border routers or between 6to4 border routers and hosts.
A 6to4 relay service is a 6to4 border router that offers traffic forwarding to the IPv6 Internet for
remote 6to4 border routers. A 6to4 relay forwards packets that have a 2002: :/ 16 source prefix.
m
Reference: IPv6: Providing IPv6 Services over an IPv4 Backbone Using Tunnels
.co
http://www.cisco.com/en/US/docs/ios/solutions_docs/ipv6/v6sertun.html
sts
QUESTION NO: 5
Which two statements about WLAN components are true? (Choose two.)
lTe
A. In the lightweight access point solution, WLAN management is provided by the WLAN Solution
Engine (WLSE).
tua
B. In the autonomous access point solution, control is provided by the WLAN controller.
C. Cisco Aironet lightweight access points cannot be supported by the Cisco Unified Wireless
Network.
D. In the autonomous access point solution, control is provided by the Wireless Domain Services
Ac
(WDS).
E. In the lightweight access point solution, WLAN management is provided by the WLAN Control
System (WCS).
F. Cisco Aironet autonomous access points cannot be supported by the Cisco Unified Wireless
Network.
Answer: D,E
Explanation:
Part 1 Answer:
There is a trend in the WLAN space toward centralized intelligence and control. In this new
architecture, aWLAN controller system is used to create and enforce policies across many
different lightweight access points.
As more vendors migrate to a hierarchical design, and as larger networks are built using
lightweight access points, there is a need for a standardized protocol that governs how lightweight
access points communicate with WLAN systems. This is the role of the Internet Engineering Task
Force's (IETF's) latest draft specification, Lightweight Access Point Protocol (LWAPP). With
m
LWAPP, large multivendor wireless networks can be deployed with maximum capabilities and
increased flexibility. .co
Part 2 Answer:
sts
Q. Is Cisco SWAN WDS required for RF management when the Cisco SWAN autonomous access
point solution is used?
A. Yes. A WDS device is required for the Cisco SWAN autonomous access-point solution. For
lTe
deployments that use access-point-based WDS, at least one Cisco SWAN WDS access point per
subnet is required for RF management of that subnet. For deployments that use the switch-based
WDS on the Cisco Catalyst 6500 Series WLSM, up to 300 access points per device across
tua
ee_ns337_Networking_Solutions_White_Paper.html
www.cisco.com/en/US/prod/collateral/netmgtsw/ps6380/ps6563/ps3915/prod_qas0900aecd80278
d08.html
QUESTION NO: 6
Answer: C
Explanation:
VLAN maps, also known as VLAN ACLs or VACLs, can filter all traffic traversing a switch. VLAN
maps can be configured on the switch to filter all packets that are routed into or out of a VLAN, or
are bridged within a VLAN. VLAN maps are used strictly for security packet filtering. Unlike router
ACLs, VLAN maps are not defined by direction (input or output).
m
To create a VLAN map and apply it to one or more VLANs, perform these steps: Create the
standard or extended IP ACLs or named MAC extended ACLs to be applied to the VLAN. This
.co
access-list will select the traffic that will be either forwarded or dropped by the access-map. Only
traffic matching the 'permit' condition in an access-list will be passed to the access-map for further
processing. Enter the vlan access-map access-map-name [ sequence ] global configuration
sts
command to create a VLAN ACL map entry. Each access-map can have multiple entries. The
order of these entries is determined by the sequence . If no sequence number is entered, access-
map entries are added with sequence numbers in increments of 10. In access map configuration
lTe
mode, optionally enter an action forward or action drop . The default is to forward traffic. Also enter
the match command to specify an IP packet or a non-IP packet (with only a known MAC address),
and to match the packet against one or more ACLs (standard or extended). Use the vlan filter
tua
access-map-name vlan-list vlan-list global configuration command to apply a VLAN map to one
or more VLANs. A single access-map can be used on multiple VLANs.
Ac
QUESTION NO: 7
Refer to the exhibit. On the basis of the information provided in the exhibit, which two sets of
procedures are best practices for Layer 2 and 3 failover alignment? (Choose two.)
m
.co
sts
A. Configure the D-SW1 switch as the active HSRP router and the backup STP root for VLANs 11
and 110. Configure the D-SW2 switch as the active HSRP router and the backup STP root for
VLANs 12 and 120.
lTe
B. Configure the D-SW2 switch as the active HSRP router and the STP root for all VLANs.
Configure the D-SW1 switch as the standby HSRP router and backup STP root for all VLANs.
C. Configure the D-SW1 switch as the standby HSRP router and the backup STP root for VLANs
tua
12 and 120. Configure the D-SW2 switch as the standby HSRP router and the backup STP root
for VLANs 11 and 110.
D. Configure the D-SW1 switch as the standby HSRP router and the STP root for VLANs 11 and
Ac
110. Configure the D-SW2 switch as the standby HSRP router and the STP root for VLANs 12 and
120.
E. Configure the D-SW1 switch as the active HSRP router and the STP root for all VLANs.
Configure the D-SW2 switch as the standby HSRP router and backup STP root for all VLANs.
F. Configure the D-SW1 switch as the active HSRP router and the STP root for VLANs 11 and
110. Configure the D-SW2 switch as the active HSRP router and the STP root for VLANs 12 and
120.
Answer: C,F
Explanation:
Basically, each of the routers that provides redundancy for a given gateway address is assigned to
a common HSRP group. One router is elected as the primary, or active, HSRP router, another is
elected as the standby HSRP router, and all the others remain in the listen HSRP state. The
routers exchange HSRP hello messages at regular intervals, so they can remain aware of each
"Pass Any Exam. Any Time." - www.actualtests.com 7
Cisco 642-892: Practice Exam
other's existence, as well as that of the active router.
HSRP election is based on a priority value (0 to 255) that is configured on each router in the
group. By default, the priority is 100. The router with the highest priority value (255 is highest)
becomes the active router for the group. If all router priorities are equal or set to the default value,
the router with the highest IP address on the HSRP interface becomes the active router. To set the
priority, use the following interface configuration command:
Switch( config-if)# standby group priority priority
When HSRP is configured on an interface, the router progresses through a series of states before
becoming active. This forces a router to listen for others in a group and see where it fits into the
pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally,
Active.
You can configure a router to preempt or immediately take over the active role if its priority is the
highest at any time. Use the following interface configuration command to allow preemption:
m
Switch( config-if)# standby group preempt [delay seconds]
.co
QUESTION NO: 8
sts
A router is running BGP and receives more than one route for a particular prefix. Assume all the
routes for this prefix have the same attributes. Which three path features would be reasons be for
lTe
the router to ignore some of the routes and not consider them as candidates for the best path?
(Choose three.)
B. paths that are marked as not synchronized in the show ip bgp output
C. paths for which the NEXT_HOP is accessible
D. paths from an internal BGP (iBGP) neighbor if the local autonomous system (AS) appears in
Ac
the AS_PATH
E. paths from an external BGP (eBGP) neighbor if the local autonomous system (AS) appears in
the AS_PATH
F. paths that are marked as synchronized in the show ip bgp output
Answer: A,B,E
Drop
Answer:
m
.co
sts
lTe
QUESTION NO: 10
tua
What are the two reasons for the appearance of 0.0.0.0 as the next hop for a network in the show
ip bgp command output? (Choose two.)
Ac
Answer: C,D
QUESTION NO: 11
A Cisco Aironet Wireless LAN Adapter CB21AG is inserted into a PC cardbus slot. Both the green
status LED and the amber activity LED are blinking slowly. What is the condition of the adapter?
Answer: E
Explanation:
The client adapter shows messages through its two LEDs.
m
.co
sts
lTe
Reference:
http://www.cisco.com/en/US/products/hw/wireless/ps4555/products_installation_and_configuration
tua
_guide_chapter09186a00801f0d77.html
Ac
QUESTION NO: 12
Refer to the exhibit. On the basis of the information displayed in the exhibit, which statement is
true?
A. Wireless clients will first attempt to authenticate with MAC authentication and if this fails, EAP
authentication will be attempted.
B. Wireless clients will attempt EAP authentication first, then MAC authentication.
Answer: A
Explanation:
The following example sets the authentication type for the SSID batman to open with a
combination of MAC-address and EAP authentication. Client devices using the batman SSID first
attempt MAC-address authentication using a server named adam . If MAC authentication
succeeds, they join the network, but if it fails, they attempt EAP authentication using the same
server.
m
ap1100# configure terminal
http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo1100/accsspts/ap11icg/ivicgaut.htm
Ac
QUESTION NO: 13
Refer to the exhibit. A Cisco Aironet Wireless LAN Client Adapter has been installed and
configured through the ADU on the PC. The Aironet System Tray Utility (ASTU) has been enabled
during the installation and the icon appears in the system tray area in the lower right of the
desktop. What is the significance of the icon?
Answer: C
Explanation:
he appearance of the ASTU icon indicates the connection status of your client adapter. ASTU
m
reads the client adapter status and updates the icon every 1 to 5 seconds, depending on the value
entered for the Refresh Interval on the Display Settings window.
.co
sts
lTe
tua
Ac
QUESTION NO: 14
Answer: D
Explanation:
The command " show CLNS neighbors" database gives you information about the known system
ID's, while the "show isis database" shows LSP ID information. Here is a sample output from a
router's IS-IS link-state database:
Example:
m
.co
sts
lTe
tua
QUESTION NO: 15
Above is the output from show ip bgp neighbors command. What is line 21 stating about the BGP
Ac
connection?
m
.co
A. the number of consecutive TCP connections to the specified remote neighbor
B. the number of neighbors that the router has
C. the number of times the router has established a TCP connection
sts
D. the number of total TCP connections that the router has
Answer: C
lTe
QUESTION NO: 16
tua
Refer to the exhibit. Which statement is true about where trust boundaries should be established
in a network?
Ac
Exhibit: 55-1.gif
A. Endpoints 1 and 2 are optimal places to establish a trust boundary. Endpoint 3 is an acceptable
place to establish a trust boundary.
B. Endpoint 1 is the only acceptable place to establish a trust boundary.
Answer: E
Explanation:
Trust Boundaries:
When connected by a single cable, the IP phone is the edge of the managed network. An integral
part of the Cisco network design architecture has always been the classification, or coloring, of
traffic as close to the edge of the network as possible. As such, the IP phone can and should
m
classify traffic flows.
Try to maintain the trust boundary in the wiring closet. If necessary, move it down to the
.co
distribution layer on a case-by-case basis, but avoid moving it to the core of the network. This
advice conforms to the general guidelines for keeping the trust boundary as close to the source as
possible.
sts
By default, Cisco IP phones mark all VoIP traffic with CoS =5 and DSCP=46. However, it is critical
to make sure that the PC connected to the access port of the IP phone is not also classifying
traffic. The recommended method for ensuring this is to extend the trust boundary of the Ethernet
lTe
switch to the IP phone and not beyond, meaning the IP phone will re-classify all traffic coming from
the PC with CoS=0.
References:
tua
www.cisco.com/en/US/products/sw/cscowork/ps2064/products_user_guide_chapter09186a00800
7ff73.html
www.cisco.com/en/US/products/hw/video/ps1870/products_implementation_design_guide_chapte
Ac
r09186a00808f10a7.html
QUESTION NO: 17
Refer to the exhibit. What statement is true about the configuration on switch CAT1?
m
.co
sts
lTe
tua
Ac
A. Two IP phones with the MAC addresses of 0008.8595.d1a7 and 0007.8595.d2b7 are
connected to CAT1 ports Fa0/11 and Fa0/12, respectively.
B. The configuration establishes policed DSCP on ports Fa0/11 and Fa0/12 with values ranging
from 8 to 56.
C. Security violation shutdown mode has been activated for ports Fa0/11 and Fa0/12.
Answer: A
Explanation:
Port security is a feature supported on Cisco Catalyst switches that restricts a switch port to a
specific set or number of MAC addresses. Those addresses can be learned dynamically or
configured statically. The port will then provide access to frames from only those addresses. If,
however, the number of addresses is limited to four but no specific MAC addresses are
configured, the port will allow any four MAC addresses to be learned dynamically, and port access
will be limited to those four dynamically learned addresses.
m
Port Security Implementation:
.co
sts
lTe
tua
Ac
QUESTION NO: 18
m
.co
Router RT-1 and router RT-2 both advertise network 131.25.0.0/16 to router RT-3 via internal
sts
BGP. What is the reason that router RT-3 chose router RT-1 as its best path to network
131.25.0.0/16.
Answer: C
Explanation:
After BGP receives updates about different destinations from different autonomous systems, it
chooses the best path to reach a specific destination.
The following process summarizes how BGP chooses the best route on a Cisco router. Prefer the
route with the highest weight. (The weight attribute is proprietary to Cisco and is local to the router
only.) If multiple routes have the same weight, prefer the route with the highest local preference
value. (The local preference is used within an autonomous system.) If multiple routes have the
same local preference, prefer the route that the local router originated. A locally originated route
has a next hop of 0.0.0.0 in the BGP table. If none of the routes were locally originated, prefer the
route with the shortest autonomous system path. If the autonomous system path length is the
same, prefer the lowest origin code (IGP < EGP < incomplete). If all origin codes are the same,
QUESTION NO: 19
m
Which three statements are true about IP multicast configuration? (Choose three.)
.co
A. PIM sparse mode and PIM dense mode require an RP on the network.
B. PIM sparse mode and PIM sparse-dense mode require an RP on the network.
C. PIM dense mode interfaces are always added to the multicast routing table in a router.
sts
D. PIM sparse mode interfaces are always added to the multicast routing table in a router.
E. PIM sparse-dense mode and PIM dense mode require an RP on the network.
F. PIM sparse-dense mode acts as PIM dense mode if an RP is not known.
lTe
Answer: B,C,F
tua
Explanation:
Sparse-mode routing protocols require the use of an Rendezvous Point (RP) and use shared trees
. In a shared tree, sources forward multicast datagrams to a directly connected router, the
designated router. The designated router encapsulates the datagram and unicasts it to an
Ac
assigned RP router, which then forwards the datagram to members of multicast groups. In PIM
sparse-dense mode, if an RP is not known for a group, the router sends data using PIM dense
mode. However, if the router discovers an RP or you configure an RP statically, PIM sparse mode
takes over.
QUESTION NO: 20
What is the difference between the IPv6 addresses ::/0 and ::/128?
Answer: A
Explanation:
: :/ 128 is the unspecified address (RFC4291).
: :/ 0 is the default unicast route address.
Reference: Special-Use IPv6 Addresses - draft-ietf-v6ops-rfc3330-for-ipv6-04.txt
http://tools.ietf.org/html/draft-ietf-v6ops-rfc3330-for-ipv6-04
QUESTION NO: 21
m
A. requires fewer neighbor relationships in a broadcast multiaccess network
B. supports network layer protocols other than IP
.co
C. supports route tags
D. supports more routers in an area
sts
Answer: B,D,F
Explanation:
tua
IS-IS is the dynamic link-state routing protocol for the OSI protocol stack. As such, IS-IS
distributes routing information for routing CLNP data for the ISO CLNS environment. When IS-IS is
used strictly for the ISO CLNS environment, it is referred to as ISO IS-IS.
Ac
QUESTION NO: 22
Which statement describes the difference between a manually configured IPv6 in IPv4 tunnel
versus an automatic 6to4 tunnel?
Answer: A
m
QUESTION NO: 23
.co
Based on the exhibited output, which three statements are true? (Choose three.)
sts
lTe
tua
Ac
Answer: B,C,F
Refer to the exhibit. Routers R1 and R2 are IPv6 BGP peers that have been configured to support
a neighbor relationship over an IPv4 internetwork. Which three neighbor IP addresses are valid
choices to use in the highlighted section of the exhibit? (Choose three.)
m
.co
sts
A. ::10.67.0.2
lTe
B. 0A43:0002::
C. 10.67.0.2::
D. 10.67.0.2:0:0:0:0:0:0
tua
E. ::0A43:0002
F. 0:0:0:0:0:0:10.67.0.2
Ac
Answer: A,E,F
QUESTION NO: 25
A router has two paths to reach another network in a different autonomous system. Neither route
was generated by the local router and both routes have the same default weight and local
preference values. Which statement is true about how BGP would select the best path?
Explanation:
The shortest AS path is the fourth item checked by BGP routers, while the MED values are one of
the last items looked at by BGP routers. The following is a partial list of rules used by BGP to
determine the best path. Prefer the path with the highest WEIGHT.
Note: WEIGHT is a Cisco-specific parameter, local to the router on which it's configured. Prefer
the path with the highest LOCAL_PREF. Prefer the path that was locally originated via a network
or aggregate BGP subcommand, or through redistribution from an IGP. Local paths sourced by
network or redistribute commands are preferred over local aggregates sourced by the aggregate-
address command. Prefer the path with the shortest AS_PATH. Note the following: Prefer the path
with the lowest origin type: IGP is lower than EGP, and EGP is lower than INCOMPLETE. Prefer
the path with the lowest multi-exit discriminator (MED).
Reference:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml
m
QUESTION NO: 26
.co
Which two multicast protocol statements are true? (Choose two.)
sts
A. Sparse mode uses reverse path forwarding (RPF) to prune off redundant flows.
B. Dense mode multicast requires explicit join messages from their members.
lTe
C. The primary use of sparse mode multicast is for test labs and router performance testing.
D. Dense mode multicast uses a push model to flood traffic throughout the network and then
prunes the unwanted traffic.
tua
E. Sparse mode multicast uses a pull model to send multicast traffic to where it is requested.
Answer: D,E
Ac
QUESTION NO: 27
Explanation:
Once a neighbor relationship has been formed, called an Adjacency , the routers exchange routing
update information and each router builds its own topology table. The Updates contain all the
routes known by the sender. For each route, the receiving router calculates a distance for that
route based on the distance that is conveyed and the cost to that neighbor that advertised the
particular route. If the receiving router sees several routes to a particular network with different
metrics, then the route with the lowest metric becomes the Feasible Distance (FD) to that network.
The Feasible Distance is the metric of a network advertised by the connected neighbor plus the
cost of reaching that neighbor . This path with the best metric is entered into the routing table
because this is the quickest way to get to that network.
With the other possible routes to a particular network with larger metrics, the receiving router also
receives the Reported Distance (RD) to this network via other routers. The Reported Distance
being the total metric along a path to a destination network as advertised by an upstream
m
neighbor. The Reported Distance for a particular route is compared with the Feasible Distance that
it already has for that route. If the Reported Distance is larger than the Feasible Distance then this
.co
route is not entered into the Topology Table as a Feasible Successor. This prevents loops from
occurring. If the Reported Distance is smaller than the Feasible Distance, then this path is
considered to be a Feasible Successor and is entered into the Topology table. The Successor for
sts
a particular route is the neighbor/peer with the lowest metric/distance to that network.
If the receiving router has a Feasible Distance to a particular network and it receives an update
from a neighbor with a lower advertised distance (Reported Distance) to that network, then there is
lTe
a Feasibility Condition . In this instance, the neighbor becomes a Feasible Successor for that route
because it is one hop closer to the destination network. There may be a number of Feasible
Successors in a meshed network environment, up to 6 of them are entered into the Topology table
tua
thereby giving a number of next hop choices for the local router should the neighbor with the
lowest metric fail. What you should note here, is that the metric for a neighbor to reach a particular
network (i.e. the Reported Distance) must always be less than the metric (Feasible Distance) for
Ac
the local router to reach that same network. This way routing loops are avoided. This is why routes
that have Reported Distances larger than the Feasible Distance are not entered into the Topology
table, so that they can never be considered as successors, since the route is likely to loop back
through that local router.
QUESTION NO: 28
Refer to the exhibit. Which configuration is reflected in the output that is displayed in the exhibit?
m
!
access-list 66 permit 10.0.0.0 0.0.0.255
!
.co
route-map cisco permit 10
sts
match ip address 66
set local-preference 90
C. neighbor 192.168.28.1 route-map cisco out
lTe
!
access-list 66 permit 10.30.0.0 0.0.255.255
!
tua
Answer: A
Explanation:
In this example, the route map must be applied to incoming updated from the 192.168.28.1 peer
since we are looking at the local BGP information that has been received by the peers. Also, as
shown, the 10.30.0.0/16 route has had its local preference modified to 90 from the default value of
100.
"Pass Any Exam. Any Time." - www.actualtests.com 25
Cisco 642-892: Practice Exam
QUESTION NO: 29
A. A Voice over IP (VoIP) packet consists of the voice payload, IP header, TCP header, RTP
header, and Layer 2 link header.
B. The sum of bandwidth necessary for each major application, including voice, video, and data,
should not exceed 75 percent of the total available bandwidth for each link.
C. Call control signaling uses Real-Time Transport Protocol (RTP) packets that contain actual
voice samples.
D. The voice carrier stream uses H.323 to set up, maintain, and tear down call endpoints.
Answer: B
m
Explanation:
Voice over Internet Protocol (VOIP) is probably the most feasible among today's technologies for
.co
data, voice and video integration. VOIP is the technology that uses Internet Protocol to transmit
voice conversations over a data network such as an intranet or the Internet.
The multisite IP WAN with distributed call processing has the following design characteristics:
sts
* Cisco CallManager or Cisco CallManager cluster at each location (10,000 users maximum per
site)
lTe
* Cisco CallManager clusters are confined to a single campus and may not span the WAN
* IP WAN as the primary voice path between sites, with the PSTN as the secondary voice path
* Transparent use of the PSTN if the IP WAN is unavailable
tua
QUESTION NO: 30
Refer to the exhibit. Router RTA is the hub router for routers RTB and RTC. The Frame Relay
network is configured with EIGRP, and the entire network is in autonomous system 1. However,
router RTB and RTC are not receiving each other's routes. What is the solution?
"Pass Any Exam. Any Time." - www.actualtests.com 26
Cisco 642-892: Practice Exam
m
.co
A. Configure the auto summary command under router eigrp 1 on router RTA.
B. Issue the no ip split horizon command on router RTA.
sts
C. Issue the no ip split horizon eigrp 1 command on router RTA.
D. Configure a distribute list on router RTA that allows it to advertise all routes to the spoke
routers.
lTe
E. Configure subinterfaces on the spoke routers and assign different IP address subnets for each
subinterface.
F. Check and change the access lists on router RTA.
tua
Answer: C
Explanation:
Ac
Split horizon controls the sending of EIGRP update and query packets. When split horizon is
enabled on an interface, these packets are not sent for destinations for which this interface is the
next hop. This reduces the possibility of routing loops.
By default, split horizon is enabled on all interfaces.
Split horizon blocks route information from being advertised by a router out of any interface from
which that information originated. This behavior usually optimizes communications among multiple
routing devices, particularly when links are broken. However, with nonbroadcast networks (such
as Frame Relay and SMDS) , situations can arise for which this behavior is less than ideal. For
these situations, you may want to disable split horizon. In this example, routes received by RTB
and RTC are not being sent back out the same serial interface on RTA, so they are not receiving
each other's routes. Disabling Split horizons on interface S0/0 on RTA will fix this issue.
Refer to the exhibit and the partial configuration on routers R1 and R2. Hot Standby Routing
Protocol (HSRP) is configured on the network to provide network redundancy for the IP traffic. The
network administrator noticed that R2 does not became active when the R1 serial0 interface goes
down. What should be changed in the configuration to fix the problem?
m
.co
sts
A. R2 should be configured with a HSRP virtual address.
B. R2 should be configured with a standby priority of 100.
C. The Serial0 interface on router R2 should be configured with a decrement value of 20.
lTe
D. The Serial0 interface on router R1 should be configured with a decrement value of 20.
Answer: D
tua
Explanation:
You can configure a router to preempt or immediately take over the active role if its priority is the
Ac
highest at any time. Use the following interface configuration command to allow preemption:
Switch( config-if)# standby group preempt [delay seconds]
By default, the router can preempt another immediately, without delay. You can use the delay
keyword to force it to wait for seconds before becoming active. This is usually done if there are
routing protocols that need time to converge.
QUESTION NO: 32
Which two statements are true about using IPv4 and IPv6 simultaneously on a network segment?
(Choose two.)
A. IPv4 and IPv6 addresses can be simultaneously assigned to a host but not to a router interface.
B. IPv6 allows a host to create its own IPv6 address that will allow it to communicate to other
devices on a network configured via DHCP. IPv4 does not provide a similar capability for hosts.
"Pass Any Exam. Any Time." - www.actualtests.com 28
Cisco 642-892: Practice Exam
C. Hosts can be configured to receive both IPv4 and IPv6 addresses via DHCP.
D. IPv6 provides for more host IP addresses but IPv4 provides for more network addresses.
E. Host configuration options for IPv4 can be either statically assigned or assigned via DHCP.
Host configuration options for IPv6 can be statically assigned only.
Answer: B,C
Explanation:
The original specification of the Dynamic Host Configuration Protocol (DHCP) was made with only
IPv4 in minD. That specification has been subsequently revised, up to the latest version of DHCP.
With the arrival of IPv6, a new DHCP specification for IPv6 has been designed and published as
DHCPv6.
These protocols allow nodes to communicate via IPv4 or IPv6 (respectively) to retrieve
configuration settings for operation in a managed environment. While an IPv6 node may acquire
address-related configuration settings via IPv6 stateless address autoconfiguration, such a node
m
may wish to use stateless DHCPv6 [5] for other administratively configured options, such as DNS
or NTP.
.co
Reference: RFC 4477: Dynamic Host Configuration Protocol (DHCP): IPv4 and IPv6 Dual-Stack
Issues
http://www.ietf.org/rfc/rfc4477.txt
sts
QUESTION NO: 33
lTe
Which two reductions are the correct reductions of the IPv6 address
2001:0d02:0000:0000:0014:0000:0000:0095? (Choose two.)
tua
A. 2001:0d02:::0014:0:0:0095
B. 2001:d02:0:0:14::95
C. 2001:0d02:::0014:::0095
Ac
D. FF::0014:0:0:0095
E. 2001:d02::14:0:0:95
F. 2001:d02::14::95
Answer: B,E
QUESTION NO: 34
Refer to the exhibit. Which router configuration command can be given that will restrict router RTB
from sharing its routing information with router RTA?
m
A. the eigrp stub command on router RTB
B. the eigrp stub receive-only command on router RTA
C. the eigrp stub command on router RTA .co
D. the eigrp stub receive-only command on router RTB
E. the eigrp stub connected command on router RTB
sts
F. the eigrp stub connected command on router RTA
Answer: D
lTe
Explanation:
A router that is configured as a stub with the eigrp stub command shares connected and summary
routing information with all neighbor routers by default. Four optional keywords can be used with
tua
receive-only
connected
static
summary
The eigrp stub command can be modified with several options, and these options can be used in
any combination except for the receive-only keyword. The receive-only keyword will restrict the
router from sharing any of its routes with any other router in that EIGRP autonomous system, and
the receive-only keyword will not permit any other option to be specified because it prevents any
type of route from being sent. In this example, the "eigrp stub receive-only" command needs to be
QUESTION NO: 35
m
Answer: E
Explanation:
.co
HSRP code (HSRP well-known virtual MAC address) - The fact that the MAC address is for an
HSRP virtual router is indicated in the next two bytes of the address. The HSRP code is always
sts
07.aC. The HSRP protocol uses a virtual MAC address, which always contains the 07.ac
numerical value.
lTe
Reference: Building Cisco Multilayer Switched Networks (Cisco Press) page 268
tua
QUESTION NO: 36
Answer: D
Explanation:
EIGRP automatically summarizes routes at the classful boundary, the boundary where the
network address ends as defined by class-based addressing. In most cases, auto summarization
is a good thing, keeping the routing tables as compact as possible
In the presence of discontiguous subnetworks, automatic summarization must be disabled for
routing to work properly. To turn off auto-summarization, use the following command:
Router( config-router)# no auto-summary
EIGRP also enables manual configuration of a prefix to use as a summary address. Manual
"Pass Any Exam. Any Time." - www.actualtests.com 31
Cisco 642-892: Practice Exam
summary routes are configured on a per-interface basis. The interface that will propagate the route
summary must first be selected and then defined with the ip summary-address eigrp command,
which has the following syntax:
QUESTION NO: 37
Which two statements are true about trust boundaries? (Choose two.)
A. At the trust boundaries, the untrusted traffic will be marked with a new QoS value appropriate
for the policy in place at the point where the traffic entered the campus network.
B. Trust boundaries are used to determine which QoS mechanism will be applied to the traffic.
m
C. Setting trust boundaries at the edge of the network allows intermediate hop devices to
administer QoS policies without detailed packet identification.
.co
D. Trust boundaries are configured in the core of the network to provide the most efficient
forwarding based upon QoS markings.
sts
Answer: A,C
Explanation:
lTe
The packets that enter your network or hardware can be marked into different classes; you can
define the trust boundaries in your network. You can define some devices as trusted devices and
some as untrusted devices. The packets that come from trusted devices are considered trusted
tua
because the trusted devices classify the packets correctly. The packets that come from untrusted
devices are considered untrusted because they might not classify the packets correctly. After you
have marked the packets and defined the trust boundaries, you can force the scheduling of the
packets into different queues. These queues invoke at the time of congestion.
Ac
Defining trust boundaries is important in your network. Setting the trust boundary at the IP phone
means that you can accept all the IP phone markings into the network without modifications.
You should always try to do classification close to the edge of the network, for scalability.
On an IP phone, the tagged data (802.1Q/p) from the PC or any other device that is attached to
the access port of the IP phone can be trusted or untrusted. In trusted mode, the IP phone passes
all the data unchanged. In untrusted mode, the IP phone re-marks the Layer 2 CoS value to the
new value (if configured on the access layer switch) or changes it to 0, if nothing is configured.
The default is untrusted mode, which is the recommend method.
Reference: http://www.ciscopress.com/articles/article.asp?p=385336&seqNum=2
m
.co
sts
lTe
tua
Ac
Answer:
m
Explanation:
.co
sts
lTe
tua
Ac
QUESTION NO: 39
In which three HSRP states do routers send hello messages? (Choose three.)
A. standby
B. learn
C. speak
D. listen
Answer: A,C,E
Explanation:
When HSRP is configured on an interface, the router progresses through a series of states before
becoming active. This forces a router to listen for others in a group and see where it fits into the
pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally,
Active.
Only the standby (second highest priority) router monitors the hello messages from the active
router. By default, hellos are sent every 3 seconds. If hellos are missed for the duration of the
holdtime timer (default 10 seconds, or 3 times the hello timer), the active router is presumed down.
The standby router is then clear to assume the active role. If other routers are sitting in the Listen
state, the next-highest priority router is allowed to become the new standby router.
m
QUESTION NO: 40
.co
Which two statements are true about HSRP, VRRP, and GLBP? (Choose two.)
A. HSRP allows for multiple upstream active links being simultaneously used, whereas GLBP
sts
does not.
B. GLBP allows for router load balancing of traffic from a network segment by utilizing the creation
lTe
D. Unlike HSRP and VRRP, GLBP allows automatic selection and simultaneous use of multiple
available gateways.
E. GLBP and VRRP allow for MD5 authentication, whereas HSRP does not.
Ac
Answer: C,D
Explanation:
1. GLBP
To provide a virtual router, multiple switches (routers) are assigned to a common GLBP group.
Rather than having just one active router performing forwarding for the virtual router address, all
routers in the group can participate and offer load balancing by forwarding a portion of the overall
traffic.
2. VRRP
The Virtual Router Redundancy Protocol (VRRP) is a standards-based alternative to HSRP,
defined in IETF standard RFC 2338. VRRP is so similar to HSRP that you need to learn only
slightly different terminology and a couple of slight functional differences. VRRP provides one
redundant gateway address from a group of routers. The active router is called the master router ,
while all others are in the backup state . The master router is the one with the highest router
3. HSRP
HSRP is a Cisco-proprietary protocol developed to allow several routers (or multilayer switches) to
appear as a single gateway address. RFC 2281 describes this protocol in more detail. Basically,
each of the routers that provides redundancy for a given gateway address is assigned to a
common HSRP group. One router is elected as the primary, or active, HSRP router, another is
elected as the standby HSRP router, and all the others remain in the listen HSRP state. The
routers exchange HSRP hello messages at regular intervals, so they can remain aware of each
m
other's existence, as well as that of the active router.
.co
QUESTION NO: 41 HOTSPOT
sts
lTe
tua
Ac
m
Answer:
.co
sts
lTe
tua
Ac
Explanation:
m
QUESTION NO: 42
.co
Which statement is true regarding the configuration of ISL trunks?
Answer: B
Explanation:
tua
The Inter-Switch Link (ISL) protocol is a Cisco proprietary method for preserving the source VLAN
identification of frames passing over a trunk link. ISL performs frame identification in Layer 2 by
encapsulating each frame between a header and trailer. Any Cisco switch or router device
Ac
configured for ISL can process and understand the ISL VLAN information. ISL is primarily used for
Ethernet media, although Cisco has included provisions to carry Token Ring, FDDI, and ATM
frames over Ethernet ISL. (A Frame-Type field in the ISL header indicates the source frame type.)
When a frame is destined out a trunk link to another switch or router, ISL adds a 26-byte header
and a 4-byte trailer to the frame. The source VLAN is identified with a 10-bit VLAN ID field in the
header. The trailer contains a cyclic redundancy check (CRC) value to ensure the data integrity of
the new encapsulated frame. Figure 6-3 shows how Ethernet frames are encapsulated and
forwarded out a trunk link. Because tagging information is added at the beginning and end of each
frame, ISL is sometimes referred to as double tagging .
QUESTION NO: 43
A. Configure the network net-id command(s) and the is-type level-1-2 command under routerisis.
B. Configure the net system-id command under routerisis and enable IS-IS on each interface with
the ip router isis command.
C. Configure the net system-id and the network net-id commands under routerisis and enable IS-
IS on each interface with the ip router isis command.
D. Configure the network net-id command(s) under routerisis and enable IS-IS on each interface
with the ip router isis command.
E. Configure the net system-id and the network net-id commands under routerisis.
Answer: B
Explanation:
In order to enable IS-IS for IP on a Cisco router and have it exchange routing information with
other IS-IS enabled routers, you must perform the following two tasks: Enable the IS-IS process
m
and assign area Enable IS-IS for IP routing on an interface
The sample configuration below configures an IS-IS router with the following parameters: Area
.co
49.0001 Level 1 (L1) and Level 2 (L2) routers (this is the default unless otherwise specified) No
optional parameters Running IS-IS for IP only Loopback interfaces (loopbacks are advertised by
sts
IS-IS, not IS-IS enabled)
Reference:
http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080093f38.s
lTe
html
tua
QUESTION NO: 44
Refer to the exhibit. On all routers in the network, EIGRP has been configured for load balancing
across the three links. However, traffic destined for Network B from R1 is only load balanced over
Ac
A. Because Router R4 is not a feasible successor, EIGRP will not select path R1-R4-R5 for load
balancing.
Answer: A
QUESTION NO: 45
m
D. The next hop does not change when BGP updates are exchanged between EBGP neighbors.
Answer: B
.co
Explanation:
sts
Only choice C is correct. To reach a EBGP peer, a static route can be used with the EBGP multi-
hop command to establish a neighbor adjacency. Unlike interior routing protocols, EBGP
neighbors do not need to physically be connected to each other. All that is needed is a path to the
lTe
peer IP address, and a valid TCP port 179 connection between the BGP routers.
tua
QUESTION NO: 46
A client is searching for an access point (AP). What is the correct process order that the client and
Ac
Answer: C
Explanation:
From the Cisco FAQ on Cisco Aironet Wireless Security:
What steps does Open Authentication involve for a client to associate with the AP? The client
sends a probe request to the APs. The APs send back probe responses. The client evaluates the
AP responses and selects the best AP. The client sends an authentication request to the AP. The
AP confirms authentication and registers the client. The client then sends an association request
QUESTION NO: 47
Which three statements are true about the voice VLAN feature on a Catalyst 2950 switch?
(Choose three.)
m
D. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default
CoS priority of the port.
.co
E. PortFast is is automatically disabled when a voice VLAN is configured.
F. The CoS value is trusted for 802.1p or 802.1q tagged traffic.
sts
Answer: A,B,D
Explanation:
lTe
Default Voice VLAN Configuration The voice VLAN feature is disabled by default. When the voice
VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the
port. The default CoS value is 0 for incoming traffic. The CoS value is not trusted for 802.1P or
tua
802.1Q tagged traffic. The IP Phone overrides the priority of all incoming traffic (tagged and
untagged) and sets the CoS value to 0.
Note:
Ac
In software releases earlier than Cisco IOS Release 12.1(13 )EA1 , the CoS value is trusted for all
802.1P or 802.1Q tagged traffic, and the IP Phone does not override the priority of the incoming
traffic.
Reference:
http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_19_ea1/config
uration/guide/swvoip.html
QUESTION NO: 48
Refer to the exhibit. How will interface FastEthernnet0/1 respond when an 802.1x-enabled client
connects to the port?
A. The switch will cause the port to remain in the unauthorized state, ignoring all attempts by the
client to authenticate.
B. The switch port will disable 802.1x port-based authentication and cause the port to transition to
the authorized state without any further authentication exchange.
C. The switch will uniquely authorize the client by using the client MAC address.
D. The switch port will enable 802.1x port-based authentication and begin relaying authentication
messages between the client and the authentication server.
m
Answer: B
Explanation: .co
The IEEE 802.1x standard defines a port-based access control and authentication protocol that
restricts unauthorized workstations from connecting to a LAN through publicly accessible switch
sts
ports. The authentication server authenticates each workstation that is connected to a switch port
before making available any services offered by the switch or the LAN. Until the workstation is
authenticated, 802.1x access control allows only Extensible Authentication Protocol over LAN
lTe
(EAPOL) traffic through the port to which the workstation is connected. After authentication
succeeds, normal traffic can pass through the port.
You control the port authorization state by using the dot1x port-control interface configuration
tua
receives normal traffic without 802.1x-based authentication of the client. This is the default
setting.
force-unauthorized : Causes the port to remain in the unauthorized state, ignoring all attempts by
the client to authenticate. The switch cannot provide authentication services to the client through
the interface.
auto : Enables 802.1x port-based authentication and causes the port to begin in the unauthorized
state, allowing only EAPOL frames to be sent and received through the port. The authentication
process begins when the link state of the port transitions from down to up (authenticator initiation)
or when an EAPOL-start frame is received (supplicant initiation). The switch requests the identity
of the client and begins relaying authentication messages between the client and the
authentication server. The switch uniquely identifies each client attempting to access the network
by using the client MAC address.
Example:
m
.co
sts
QUESTION NO: 49
lTe
Refer to the network of Layer 3 switches in the exhibit. The RPI Multicast Server only multicasts to
hosts connected to multilayer switches 5 and 6. The CMU Multicast Server multicasts to hosts on
multilayer switches 1-6. Given the number of configuration steps involved, what is the most
tua
efficient way to configure the network while meeting the requirements for multicast data flow?
Ac
m
.co
sts
lTe
tua
A. Configure each switch with PIM sparse-dense mode. Configure switch 3 as a rendezvous point
for the RPI multicast stream.
Ac
B. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode.
Allow the switches to elect their own root for each multicast tree.
C. Configure each switch with PIM sparse mode.
D. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode.
Leave each multicast server as the root of its own multicast tree.
E. Configure each switch with PIM dense mode.
F. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode.
Specify switch 1 as the root for the RPI Multicast Server. Specify switch 2 as the root for the CMU
Multicast Server.
Answer: A
Which protocol allows for the automatic selection and simultaneous use of multiple available
gateways as well as automatic failover between those gateways?
A. IRDP
B. GLBP
C. HSRP
D. VRRP
Answer: B
Explanation:
To provide a virtual router, multiple switches (routers) are assigned to a common GLBP group.
Rather than having just one active router performing forwarding for the virtual router address, all
routers in the group can participate and offer load balancing by forwarding a portion of the overall
m
traffic. The advantage is that none of the clients have to be pointed toward a specific gateway
address-they can all have the same default gateway set to the virtual router IP address. The load
.co
balancing is provided completely through the use of virtual router MAC addresses in ARP replies
returned to the clients. As a client sends an ARP request looking for the virtual router address,
GLBP sends back an ARP reply with the virtual MAC address of a selected router in the group.
sts
The result is that all clients use the same gateway address but have differing MAC addresses for
it.
lTe
QUESTION NO: 51
tua
Refer to the exhibit. EIGRP is enabled on all routers on the network. What additional configuration
is required for the routers connected over the Frame Relay multipoint interfaces to compensate for
a low-speed NBMA connection?
Ac
A. Configure the bandwidth on all EIGRP Frame Relay interfaces to the committed information
rate (CIR).
B. Configure the EIGRP hold time on all Frame Relay interfaces to 15 seconds.
Answer: D
QUESTION NO: 52
Refer to the exhibit. On basis of the configuration that is provided, where will the trust boundary be
established in this network?
Exhibit: 10-c.gif
m
.co
sts
lTe
tua
A. at the IP phone
Ac
B. at the PC
C. at the distribution switch
D. at the access switch
Answer: D
Explanation:
The example shown is a properly configured switch where the trust boundary is being set at the
access port on the switch itself. The "switchport voice vlan vlan-id dot1q" command enables voice
VLAN on switch port and associated VLAN.
The "mls qos trust cos" command enables QoS (Quality of Services ) based on COS (Class of
service).
The "switchport priority cos <priority>" value sets the priority values to frame coming from PC to
switch port.
QUESTION NO: 53
Refer to the exhibit. What is the correct output of the command show ip route on router R2?
m
.co
sts
lTe
tua
Ac
m
<output omitted>
10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
.co
i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0
i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1
sts
i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0
C 10.1.2.0/24 is directly connected, Serial1/0
i L2 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1
lTe
QUESTION NO: 54
What two steps can be taken to help prevent VLAN hopping? (Choose two.)
Answer: B,E
Explanation:
m
To prevent VLAN hoping you should disable unused ports and put them in an unused VLAN, or a
separate unrouted VLAN. By not granting connectivity or by placing a device into a VLAN not in
.co
use, unauthorized access can be thwarted through fundamental physical and logical barriers.
Another method used to prevent VLAN hopping is to prevent automatic trunk configuration.
Hackers used 802.1Q and ISL tagging attacks, which are malicious schemes that allow a user on
sts
a VLAN to get unauthorized access to another VLAN. For example, if a switch port were
configured as DTP auto and were to receive a fake DTP packet, it might become a trunk port and
lTe
it might start accepting traffic destined for any VLAN. Therefore, a malicious user could start
communicating with other VLANs through that compromised port.
Reference: VLAN Security White Paper, Cisco Systems
tua
http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a00801315
9f.shtml
Ac
QUESTION NO: 55
Which command displays statistics on EIGRP hello, updates, queries, replies, and
acknowledgments?
Answer: C
Refer to the exhibit. A network administrator consoles into the ASw1 switch and attempts to save
the switch configuration to the TFTP server that is located at IP address 10.1.2.10/24. However,
whenever the copy running-config tftp command is issued with default options on switch ASw1, an
error is produced. Which configuration would correct this situation?
m
A. ASw1(config)# interface range fastethernet 0/1 - 24
ASw1(config-if-range)# ip forward-protocol udp 69
B. RTA(config)# interface fastethernet0/1
.co
RTA(config-if)# ip forward-protocol udp 69
sts
C. RTA(config)# interface fastethernet0/0
RTA(config-if)# ip helper-address 10.1.2.10
D. RTA(config)# interface fastethernet0/1
lTe
Answer: C
Ac
Explanation:
DHCP is not the only critical service that uses broadcasts. Cisco routers and other devices might
use broadcasts to locate TFTP servers. Some clients might need to broadcast to locate a
TACACS security server. In a complex hierarchical network, clients might not reside on the same
subnet as key servers. Such remote clients broadcast to locate these servers, but routers, by
default, do not forward client broadcasts beyond their subnet. Some clients are unable to make a
connection without services such as DHCP. For this reason, the administrator must provide DHCP
and DNS servers on all subnets or use the Cisco IOS software helper address feature. Running
services such as DHCP or DNS on several computers creates overhead and administrative
problems, so the first option is not very appealing. When possible, administrators use the ip
helper-address command to relay broadcast requests for these key User Datagram Protocol
(UDP) services.
By using the ip helper-address command, a router can be configured to accept a broadcast
request for a UDP service and then forward it as a unicast to a specific IP address
"Pass Any Exam. Any Time." - www.actualtests.com 50
Cisco 642-892: Practice Exam
QUESTION NO: 57
Refer to the exhibit. What does the command channel-group 1 mode desirable do?
m
B. enables LACP only if a LACP device is detected
C. enables Etherchannel only
D. enables LACP unconditionally
E. enables PAgP unconditionally
.co
Answer: A,E
sts
Explanation:
The PAgP modes are explained below. Off: PAgP will not run. The channel is forced to remain
lTe
down. Auto: PAgP is running passively. The formation of a channel is desired; however, it is not
initiated. Desirable: PAgP is running actively. The formation of a channel is desired and initiated.
On: PAgP will not run. The channel is forced to come up.
tua
There are four user-configurable channel modes: on, off, auto, and desirable. PAgP packets are
exchanged only between ports in auto and desirable mode. Ports configured in on or off mode do
not exchange PAgP packets. For switches to which you want to form an EtherChannel, it is best to
Ac
have both switches set to desirable mode. This gives the most robust behavior if one side or the
other encounters error situations or is reset. The default mode of the channel is auto. Both the
auto and desirable modes allow ports to negotiate with connected ports to determine if they can
form a channel. The determination is based on criteria such as port speed, trunking state, and
native VLAN. Ports can form an EtherChannel when they are in different channel modes as long
as the modes are compatible. This list provides examples:
Reference: http://www.cisconet.com/index.php/EtherChannel/EtherChannel-configure-mode-with-
PAgP.html
QUESTION NO: 58
Answer: A
QUESTION NO: 59
Examine the router output above. Which two items are correct? (Choose two.)
m
.co
sts
lTe
D. Router A will assume the active state if its priority is the highest.
E. The local IP address of Router A is 10.1.0.20.
Answer: C,D
Ac
Explanation:
Since preemption has been configured, we know that when any router comes back up, it will
become the active router as long as it has a higher priority value.
In this example, the current priority shows it to be 95. If the interface were to come up, it would
now be 95 + 10 (which is the default value) so the total value would then become 105. If fast0/2
were to come up as well, it would then be 105 + 15 (special override as seen in the command) =
120.
Reference:
http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_12c_ea1/confi
guration/guide/swhsrp.html
HSRP election is based on a priority value (0 to 255) that is configured on each router in the
When HSRP is configured on an interface, the router progresses through a series of states before
becoming active. This forces a router to listen for others in a group and see where it fits into the
pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally,
Active.
QUESTION NO: 60
m
A. OSPFv3 for IPv6 authentication is supported by SHA-1 authentication.
.co
B. OSPFv3 for IPv6 authentication is supported by MD5 authentication.
C. OSPFv3 for IPv6 authentication is supported by IPv6 IPsec.
D. OSPFv3 for IPv6 authentication is supported by IPv4 IPsec.
sts
Answer: C
lTe
QUESTION NO: 61
tua
A. 01.00.5e.05.f1.80
B. ff.ff.ff.ff.ff.ff
C. 01.00.5e.7F.08.05
D. 01.b2.7d.0a.08.05
E. 01.b2.7d.05.f1.80
Answer: C
QUESTION NO: 62
Refer to the exhibit. Which two statements are correct? (Choose two.)
Answer: A,B
m
QUESTION NO: 63
.co
Refer to the exhibit. Which statement is true about the configuration that is shown?
sts
lTe
tua
Ac
A. Untagged ingress traffic will be marked with the default CoS value of the port.
B. Ingress traffic from the host will be tagged with theCoS value of 5.
C. Tagged and untagged ingress traffic will be carried on VLAN 1.
D. Untagged ingress traffic will be dropped.
Answer: A
Explanation:
The "Switchport voice vlan vlan-id dot1q" command enables voice VLAN on switch port and
associated VLAN.
"Pass Any Exam. Any Time." - www.actualtests.com 54
Cisco 642-892: Practice Exam
The "mls qos trust cos" command enables QoS (Quality of Services ) based on COS (Class of
service)
The "switchport priority cos <priority>" value sets the priority values to frame coming from PC to
switch port. Since this has not been explicitly configured, the default CoS value of the port will be
used.
QUESTION NO: 64
For what purpose is the command config network webmode enable used?
m
Answer: C
Explanation:
.co
(WLAN_Controller) >config network webmode enable
This command Enables HTTP access to the WLAN controller
sts
QUESTION NO: 65
tua
Refer to the exhibit. Which two statements are true about the partial configuration that is provided.
(Choose two.)
Ac
Answer: C,D
QUESTION NO: 66
Which statement is true about utilizing a data network for voice traffic?
A. Because voice traffic volume cannot be calculated, network bandwidth requirements must be
determined from an existing installation.
B. Voice traffic will require some form of QoS implementation only in congested networks.
C. Network congestion must be totally eliminated to provide proper voice traffic performance.
D. Adding bandwidth to the data network is the primary solution to provide for the needs of voice
m
traffic.
.co
E. Voice traffic will require some form of QoS mechanisms in most networks.
Answer: E
sts
Explanation:
For VoIP to be a realistic replacement for standard public switched telephone network (PSTN)
telephony services, customers need to receive the same quality of voice transmission they receive
lTe
with basic telephone services-meaning consistently high-quality voice transmissions. Like other
real-time applications, VoIP is extremely bandwidth- and delay-sensitive . For VoIP transmissions
to be intelligible to the receiver, voice packets should not be dropped, excessively delayed, or
tua
so that users receive an acceptable level of voice quality, VoIP traffic must be guaranteed certain
compensating bandwidth, latency, and jitter requirements. QoS ensures that VoIP voice packets
receive the preferential treatment they require. In general, QoS provides better (and more
predictable) network service by providing the following features:
Reference:
http://www.cisco.com/en/US/docs/ios/solutions_docs/qos_solutions/QoSVoIP/QoSVoIP.html
QUESTION NO: 67
An IPv6 overlay tunnel is required to communicate with isolated IPv6 networks across an IPv4
infrastructure. There are currently five IPv6 overlay tunnel types. Which three IPv6 overlay tunnel
statements are true? (Choose three.)
m
A. An manual overlay tunnel supports point-to-multipoint tunnels capable of carrying IPv6 and
Connectionless Network Service (CLNS) packets.
.co
B. Overlay tunneling encapsulates IPv6 packets in IPv4 packets for delivery across an IPv4
infrastructure.
C. Overlay tunnels can only be configured between border routers capable of supporting IPv4 and
sts
IPv6.
D. Cisco IOS supports manual, generic routing encapsulation (GRE), IPv6-compatible, 4to6, and
Multiprotocol Label Switching (MPLS) overlay tunneling mechanisms.
lTe
E. Overlay tunnels can be configured between border routers or between a border router and a
host capable of supporting IPv4 and IPv6.
F. Cisco IOS supports manual, generic routing encapsulation (GRE), IPv4-compatible, 6to4, and
tua
Answer: B,E,F
Ac
QUESTION NO: 68
For the accompanying router output, which of the following statements describes the state that
neighbor 172.16.254.3 is in?
A. The router is listening on its server port for connection requests from the peer.
B. The router will not accept connections from the peer.
C. The router has sent out an active TCP connection request to the peer.
D. BGP can exchange routing information in this state.
Answer: A
m
QUESTION NO: 69 .co
Refer to the exhibit. What radio button option on the Aironet Desktop Utility (ADU) Security tab
sts
includes the option of Advanced Encryption Standard (AES) and Extensible Authentication
Protocol-Flexible Authentication via Secure Tunneling?
lTe
tua
Ac
A. WPA/WPA2/CCKM
B. 802.1x
C. WPA/WPA2 Passphrase
Answer: A
Explanation:
EAP-FAST- This authentication type (Flexible Authentication via Secure Tunneling) uses a three-
phased tunneled authentication process to provide advanced 802.1X EAP mutual authentication.
WPA uses Temporal Key Integrity Protocol (TKIP) and message integrity check (MIC) for data
protection while WPA2 uses the stronger Advanced Encryption Standard encryption algorithm
using Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (AES-
CCMP), so WPA2 will be required to use AES.
m
.co
sts
lTe
Reference:
http://www.cisco.com/en/US/docs/wireless/wlan_adapter/cb21ag/user/2.0/configuration/guide/winc
tua
h5kh.html
Ac
QUESTION NO: 70
Based on the show ip route isis output on R1, which statement is true?
Answer: B
Explanation:
The "su" in the routing table denotes an IS-IS summary null route. This route is automatically
created within the router when IS-IS route summarization is configured.
QUESTION NO: 71
m
A. An IPv6 header contains the protocol field.
B. An IPv6 header contains the header checksum field.
.co
C. An IPv6 header contains the next header field.
D. An IPv6 header is 20 bits long.
sts
Answer: C,E,F
Explanation:
tua
All IPv6 addresses are 128 bits long to accommodate a far larger number of stations than what
was possible with the 32 bit IPv4 addresses.
The following displays the IPv6 header field in detail:
Ac
IPv6 header:
Version . 4 bits. IPv6 version number.
Traffic Class . 8 bits. Internet traffic priority delivery value.
Flow Label . 20 bits. Used for specifying special router handling from source to destination(s) for a
sequence of packets.
Payload Length . 16 bits unsigned. Specifies the length of the data in the packet. When cleared to
zero, the option is a hop-by-hop Jumbo payload.
Next Header . 8 bits. Specifies the next encapsulated protocol. The values are compatible with
those specified for the IPv4 protocol field.
Hop Limit . 8 bits unsigned. For each router that forwards the packet, the hop limit is decremented
by 1. When the hop limit field reaches zero, the packet is discarded. This replaces the TTL field in
the IPv4 header that was originally intended to be used as a time based hop limit.
Source address . 16 bytes. The IPv6 address of the sending node.
Destination address . 16 bytes. The IPv6 address of the destination node.
QUESTION NO: 72
Answer: D
Explanation:
Default Voice VLAN Configuration:
m
The voice VLAN feature is disabled by default.
When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS
.co
priority of the port. The CoS value is not trusted for 802.1P or 802.1Q tagged traffic.
Reference:
http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_12c_ea1/confi
sts
guration/guide/swvoip.html
lTe
QUESTION NO: 73
Which two statements correctly describe the association process between a lightweight access
tua
A. Once an access point associates with a controller in LWAPP Layer 3 mode, it receives an IP
Ac
Answer: B,D
Explanation:
This procedure for a LAP to register with a WLC is: The LAP issues a DHCP request to a DHCP
server in order to get an IP address, unless an assignment was made previously with a static IP
"Pass Any Exam. Any Time." - www.actualtests.com 61
Cisco 642-892: Practice Exam
address. If Layer 2 LWAPP mode is supported on the LAP, the LAP broadcasts an LWAPP
discovery message in a Layer 2 LWAPP frame. Any WLC that is connected to the network and
that is configured for Layer 2 LWAPP mode responds with a Layer 2 discovery response. If the
LAP does not support Layer 2 mode, or if the WLC or the LAP fails to receive an LWAPP
discovery response to the Layer 2 LWAPP discovery message broadcast, the LAP proceeds to
step 3. If step 1 fails, or if the LAP or the WLC does not support Layer 2 LWAPP mode, the LAP
attempts a Layer 3 LWAPP WLC discovery. If step 3 fails, the LAP resets and returns to step 1.
The LAP uses this information to make a controller selection, with use of these precedence rules:
If the LAP has previously been configured with a primary, secondary, and/or tertiary controller, the
LAP examines the controller sysName field (from the LWAPP discovery responses) in an attempt
to find the WLC that is configured as "primary". If the LAP finds a matching sysName for the
primary controller, the LAP sends an LWAPP join request to that WLC. If the LAP cannot find its
primary controller or if the LWAPP join fails, the LAP tries to match the secondary controller
sysName to the LWAPP discovery responses. If the LAP finds a match, it then sends an LWAPP
m
join to the secondary controller. If the secondary WLC cannot be found or the LWAPP join fails,
the LAP repeats the process for its tertiary controller. The LAP looks at the Master Controller flag
.co
field in the LWAPP discovery responses from the candidate WLCs if one of these items is true: No
primary, secondary, and/or tertiary controllers have been configured for an AP. These controllers
sts
cannot be found in the candidate list. The LWAPP joins to those controllers have failed.
If a WLC is configured as a Master Controller, the LAP selects that WLC and send it an LWAPP
join request. If the LAP cannot successfully join a WLC on the basis of the criteria in step 1 and
lTe
step 2, the LAP attempts to join the WLC that has the greatest excess capacity.
Reference:
tua
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml
Ac
QUESTION NO: 74
Which three statements about STP timers are true? (Choose three.)
A. The root bridge passes the timer information in BPDUs to all routers in the Layer 3
configuration.
B. A switch is not concerned about its local configuration of the STPtimers values. It will only
consider the value of the STP timers contained in the BPDU it is receiving.
C. If any STP timer value (hello, forward delay, max age) needs to be changed, it should at least
be changed on theroot bridge and backup root bridge.
D. To successfully exchange BPDUs between two switches, their STPtimers value (hello, forward
delay, max age) must be the same.
E. On a switched network with a small network diameter, the STP hello timer can be tuned to a
lower value to decrease the load on the switch CPU.
Answer: B,C,F
Explanation:
STP operation is controlled by three timers. The Hello Time is the amount of time between the
sending of Configuration BPDUs. The 802.1D standard specifies a default value of 2 seconds.
This value controls Configuration BPDUs as the Root Bridge generates them. Other bridges
propagate BPDUs from the Root Bridge as they are received.
If BPDUs stop arriving for the time interval ranging from 2 to 20 seconds because of a network
disturbance, or if the Root Bridges stop sending periodic BPDUs during this time, the timer will
expire. 2 to 20 seconds is the range between the expected receipt of a BPDU and the expiration of
the Max Age time. If the outage lasts for more than 20 seconds, the default Max Age time, the
bridge invalidates the saved BPDUs and begins looking for a new Root Port.
Forward Delay is the amount of time the bridge spends in the Listening and Learning states. This
m
is a single value that controls both states. The default value of 15 seconds was originally derived
assuming a maximum network size of seven bridge hops, a maximum of three lost BPDUs, and a
.co
Hello Time of 2 seconds. The Forward Delay timer also controls the bridge table age-out period
after a change in the active topology.
Max Age is the STP timer that controls how long a bridge stores a BPDU before discarding it. Max
sts
Age is only an issue when the link failure is not on a directly connected link. When a failure occurs
on a directly connected link, the switch knows there will not be any BPDUs coming in on that link,
so Max Age is not considered in transitioning the port to Forwarding mode. Recall that each port
lTe
saves a copy of the best BPDU it has seen. As long as the bridge receives a continuous stream of
BPDUs every 2 seconds, the receiving bridge maintains a continuous copy of the BPDU values.
However, if the device sending this best BPDU fails, a mechanism must exist to allow other
tua
QUESTION NO: 75
Refer to the exhibit. What happens when the router stops receiving advertisements for the
10.1.2.0/24 network?
Answer: A
QUESTION NO: 76
Refer to the exhibit. Which two statements are true about the output from the show standby vlan
50 command? (Choose two.)
m
.co
sts
lTe
tua
Ac
Answer: A,B
Explanation:
HSRP uses a priority scheme to determine which HSRP-configured router is to be the default
active router. To configure a router as the active router, you assign it a priority that is higher than
the priority of all the other HSRP-configured routers. The default priority is 100, so if you configure
just one router to have a higher priority, that router will be the default active router.
HSRP works by the exchange of multicast messages that advertise priority among HSRP-
Hello - The hello message conveys to other HSRP routers the router's HSRP priority and state
information. By default, an HSRP router sends hello messages every three seconds.
Coup - When a standby router assumes the function of the active router, it sends a coup message.
Resign - A router that is the active router sends this message when it is about to shut down or
m
when a router that has a higher priority sends a hello message.
At any time, HSRP-configured routers are in one of the following states:
.co
Active - The router is performing packet-transfer functions.
sts
Standby - The router is prepared to assume packet-transfer functions if the active router fails.
lTe
Speaking and listening - The router is sending and receiving hello messages.
tua
The standby preempt interface configuration command allows the router to become the active
router when its priority is higher than all other HSRP-configured routers in this Hot Standby group.
The configurations of both routers include this command so that each router can be the standby
router for the other router. The 1 indicates that this command applies to Hot Standby group 1. If
you do not use the standby preempt command in the configuration for a router, that router cannot
become the active router.
QUESTION NO: 77
Refer to the exhibit. Dynamic ARP inspection (DAI) is enabled on switch SW_A only. Both Host_A
and Host_B acquire their IP addresses from the DHCP server connected to switch SW_A. What
would the outcome be if Host_B initiated an ARP spoof attack toward Host_A ?
m
.co
sts
A. The spoof packets will not be inspected at the ingress port of switch SW_A and will be dropped.
B. The spoof packets will not be inspected at the ingress port of switch SW_A and will be
permitted.
lTe
C. The spoof packets will be inspected at the ingress port of switch SW_A and will be dropped.
D. The spoof packets will be inspected at the ingress port of switch SW_A and will be permitted.
tua
Answer: B
Explanation:
Ac
DAI is an ingress security feature; it does not perform any egress checking.
DAI is not effective for hosts connected to routers that do not support DAI or that do not have this
feature enabled. Because man-in-the-middle attacks are limited to a single Layer 2 broadcast
domain, separate the domain with DAI checks from the one with no checking. This action secures
the ARP caches of hosts in the domain enabled for DAI.
DAI depends on the entries in the DHCP snooping binding database to verify IP-to-MAC address
bindings in incoming ARP requests and ARP responses. Make sure to enable DHCP snooping to
permit ARP packets that have dynamically assigned IP addresses.
When DHCP snooping is disabled or in non-DHCP environments, use ARP ACLs to permit or to
deny packets.
DAI is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports.
In our example, since SW_B does not have DAI enabled (bullet point 2 above) packets will not be
inspected and they will be permitted.
Reference:
http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SXF/configuration/guide/dynarp.html
QUESTION NO: 78
m
A. A WLAN client will operate in half-duplex mode.
B. The Aironet 1230 access point is an example of an access point that operates solely as a
lightweight access point. .co
C. Ad hoc mode allows mobile clients to connect directly without an intermediate AP.
D. WLANs are designed to share the medium and can easily handle an increased demand of
sts
channel contention.
E. A lightweight AP receives control and configuration from a WLAN controller to which it is
associated.
lTe
Answer: A,C,E
tua
Explanation:
The 802.11 standard specifies a Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)
Ac
QUESTION NO: 79
Refer to the exhibit. EIGRP is configured with the default configuration on all routers.
Autosummarization is enabled on routers R2 and R3, but it is disabled on router R1. Which two
EIGRP routes will be seen in the routing table of router R3? (Choose two.)
A. 172.16.10.0/24
B. 10.0.0.0/8
C. 172.16.0.0/16
m
D. 172.16.0.0/24
E. 10.10.0.0/16
F. 10.10.10.0/24
.co
Answer: C,F
sts
lTe
QUESTION NO: 80
In a comparison of an IPv4 header with an IPv6 header, which three statements are true? (Choose
three.)
tua
Answer: A,B,D
QUESTION NO: 81
Refer to the exhibit. A network administrator has configured DHCP services on the router as
shown. DHCP clients connected to the FastEthernet0/0 interface are working properly. DHCP
clients connected to the FastEthernet0/1 interface are not receiving addresses. Which two
statements contain recommendations that will solve the problem? (Choose two.)
m
.co
sts
A. The network shown in the output under the ip dhcp pool Central command should be changed
to network 10.10.0.0 with a mask of 255.255.255.0.
B. A second DHCP pool for network 10.10.0.0/24 should be configured.
lTe
C. The ip helper-address 10.0.0.1 command should be issued so that the address can be added to
the FastEthernet0/0 configuration.
D. An ip dhcp excluded-address global configuration command for network 10.10.0.0/24 should be
tua
issued.
E. The ip helper-address 10.0.0.1 command should be issued so that the address can be added to
the FastEthernet0/1 configuration.
Ac
Answer: B,D
QUESTION NO: 82
When an IPv6 enabled host boots, it sends a router solicitation (RS) message. An IPv6 router
responds with a router advertisement (RA). Which two items are contained in the RA? (Choose
two.)
Answer: C,F
Explanation:
In IP Version 6, Router Advertisements have the following attributes:
Routers advertise periodically
- Max. time between advertisements can be in the range from 4 and
1800 seconds
- The advertisement has a lifetime (= 0 if not a default router)
Advertisement contains one or more prefixes
- Prefixes have a lifetime
Preferred lifetime
Valid lifetime
m
Specifies if stateful or stateless autoconfiguration is to be
used
Plays a key role in site renumbering .co
sts
QUESTION NO: 83
A. In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN.
B. The encapsulation type on both ends of the trunk does not have to match.
tua
Answer: A
Explanation:
A is correct because, "frames from the native VLAN of an 802.1Q trunk are not tagged with the
VLAN number." By default, the native VLAN is VLAN 1 but this can be effectively changed to a
different VLAN and the trunk will still be functional. Trunks can be established with router
interfaces using sub-interfaces, which are layer 3.
Reference: http://www.cisco.com/warp/public/473/27.html
QUESTION NO: 84
Refer to the exhibit. This network is running IS-IS. Router RTC is inside Cloud#1. From the output
on RTD, which two statements are true? (Choose two.)
m
A. The SNPA for RTE is the source data link address that is used to transmit frames to RTD.
.co
B. Because it is running IS-IS in IP-only mode, RTD will not transmit CLNS packets.
C. IP routing updates between RTC and RTD will be CLNS datagrams that are encapsulated by
HDLC.
sts
D. IP routing updates between RTC and RTD will be IP datagrams that are encapsulated by
CLNS.
E. The NET for RTE will be 49.0150.0019.06b7.fd5f.00.
lTe
F. IP routing updates between RTC and RTD will be IP datagrams that are encapsulated by
HDLC.
tua
Answer: A,C
Ac
QUESTION NO: 85
A. Update packets route reliable change information only to the affected routers.
B. Reply packets are multicast to IP address 224.0.0.10 using RTP.
C. On high-speed links, hello packets are broadcast every 5 seconds for neighbor discovery.
D. Reply packets are used to send routing updates.
E. On low-speed links, hello packets are broadcast every 15 seconds for neighbor discovery.
Answer: A
QUESTION NO: 86
A. The host is now establishing theCoS value and has effectively become the trust boundary.
B. The switch will no longer tag incoming voice packets and will trust the distribution layer switch
to set theCoS.
C. RTP will be used to negotiate aCoS value based upon bandwidth utilization on the link.
m
D. The switch is rewriting packets it receives from the IP phone and determining theCoS value.
E. Effectively the trust boundary has been moved to the IP phone.
Answer: E
.co
Explanation:
sts
Configuring Trusted Boundary:
In a typical network, you connect a Cisco IP Phone to a switch port. Traffic sent from the
telephone to the switch is typically marked with a tag that uses the 802.1Q header. The header
lTe
contains the VLAN information and the CoS 3-bit field, which determines the priority of the packet.
For most Cisco IP Phone configurations, the traffic sent from the telephone to the switch is trusted
to ensure that voice traffic is properly prioritized over other types of traffic in the network. By using
tua
the "mls qos trust cos" interface configuration command, you can configure the switch port to
which the telephone is connected to trust the CoS labels of all traffic received on that port.
Reference:
Ac
http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_19_ea1/config
uration/guide/swqos.html
QUESTION NO: 87
Refer to the exhibit. Router RT-1 chooses one path to network 198.133.219.0/24. Indicate the
reason Router RT-1 chooses this "best" path.
m
A. In making its decision about the best path, RT-1 gives precedence to the BGP MED values.
B. IP address 128.107.2.2 is lower than 128.107.255.2..co
C. In making its decision about the best path, RT-1 prefers the IGP metrics.
D. In making its decision about the best path, RT-1 gives precedence to the origin code.
sts
E. RT-1 prefers internal BGP routes.
F. IP address 128.107.254.2 is lower than 128.107.255.2.
lTe
Answer: D
Explanation:
tua
After BGP receives updates about different destinations from different autonomous systems, it
chooses the best path to reach a specific destination.
The following process summarizes how BGP chooses the best route on a Cisco router. Prefer the
Ac
route with the highest weight. (The weight attribute is proprietary to Cisco and is local to the router
only.) If multiple routes have the same weight, prefer the route with the highest local preference
value. (The local preference is used within an autonomous system.) If multiple routes have the
same local preference, prefer the route that the local router originated. A locally originated route
has a next hop of 0.0.0.0 in the BGP table. If none of the routes were locally originated, prefer the
route with the shortest autonomous system path. If the autonomous system path length is the
same, prefer the lowest origin code (IGP < EGP < incomplete). If all origin codes are the same,
prefer the path with the lowest MED. (The MED is exchanged between autonomous systems.) The
MED comparison is made only if the neighboring autonomous system is the same for all routes
considered, unless the bgp always-compare-med command is enabled If the routes have the
same MED, prefer external paths to internal paths. If synchronization is disabled and only internal
paths remain, prefer the path through the closest IGP neighbor, which means that the router
prefers the shortest internal path within the autonomous system to reach the destination (the
shortest path to the BGP next hop). For EBGP paths, select the oldest route to minimize the effect
"Pass Any Exam. Any Time." - www.actualtests.com 73
Cisco 642-892: Practice Exam
of routes going up and down (flapping). Prefer the route with the lowest neighbor BGP router ID
value. If the BGP router IDs are the same, prefer the router with the lowest neighbor IP address.
QUESTION NO: 88
Observe the exhibit. If the command variance 3 were added to RTE, which path or paths would be
chosen to route traffic to network X?
m
.co
sts
Answer: D
Ac
Explanation:
Every routing protocol supports equal cost path load balancing. In addition, Interior Gateway
Routing Protocol (IGRP) and EIGRP also support unequal cost path load balancing. Use the
variance n command in order to instruct the router to include routes with a metric of less than n
times the minimum metric route for that destination. The variable n can take a value between 1
and 128. The default is 1, which means equal cost load balancing. Traffic is also distributed
among the links with unequal costs, proportionately, with respect to the metric.
Reference:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009437d.shtml
QUESTION NO: 89
Which two statements about 6to4 tunneling are accurate? (Choose two.)
Answer: B,E
QUESTION NO: 90
Which three statements are true about implementing Cisco wireless LANs? (Choose three.)
A. One of the advantages of the lightweight WLAN solution is that the devices act independently.
m
B. Characteristics of antennas are directionality, gain, and polarization.
.co
C. LWAPP allows encrypted communication between lightweight access points and WLAN
controllers.
D. Antenna power is a relative value reference to dBi.
sts
E. The WLAN Solution Engine (WLSE) is used to control lightweight access points.
F. Power over Ethernet (PoE) is only available when a WLAN controller is integrated into the
network.
lTe
Answer: B,C,D
Explanation:
tua
DBi is a unit measuring the gain of an antenna. The reference level or dBi is the strength of the
signal that would be transmitted by a non-directional isotropic antenna i.e.radiates equally in all
directions. This antenna exists as a mathematical concept used only as a known reference to
Ac
measure antenna gain per dBi. In electronics, the term "gain" is often repeated but misunderstood.
Gain implies increase e.g 20 dBi but without respect to where the increase originated.
LWAPP is a draft Internet Engineering Task Force (IETF) standard, authored by Cisco Systems,
that standardizes the communications protocol between lightweight access points and WLAN
systems such as controllers, switches, and routers. Its goals are to:
Reduce the amount of processing within access points, freeing up their computing resources to
focus exclusively on wireless access instead offiltering and policy enforcement
Enable centralized traffic handling, authentication, encryption , and policy enforcement for an
entire WLAN system
Provide a generic encapsulation and transport mechanism for multivendor access point
interoperability, using either a Layer 2 infrastructure oranIP-routed network
When a Cisco LWAPP-enabled access point boots up, it immediately looks for a wireless LAN
controller within the network. After it finds a wireless LAN controller, the LWAPP-enabled access
"Pass Any Exam. Any Time." - www.actualtests.com 75
Cisco 642-892: Practice Exam
point sends out encrypted "neighbor" messages.
An antenna gives the wireless system three fundamental properties: gain, direction and
polarization. Gain is a measure of increase in power. Gain is the amount of increase in energy that
an antenna adds to a radio frequency (RF) signal. Direction is the shape of the transmission
pattern. Polarization is the physical orientation of the element on the antenna that actually emits
the RF energy. An omnidirectional antenna, for example, is usually a vertical polarized antenna.
References:
http://wireless-network.wireless-computer-networking.com/dBi.htm
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00807f34d3.shtml
QUESTION NO: 91
m
What three statements are true for networks that are enabled for voice as well as data traffic?
(Choose three.)
.co
A. An uptime of 99.999 percent is achieved using a 4-hour service response contract for system
problems.
sts
B. High availability networks must be created to avoid network congestion and overcome a lack of
redundancy and poor engineering.
C. Auxiliary VLANs provide the ability to apply QoS to voice traffic without affecting the flow of data
lTe
E. The increased costs of voice enabled networks are offset by increased worker productivity.
F. Redundant hardware, redundant links, UPS, and proactive network management are data
network standards that do not apply to voice networks.
Ac
Answer: B,C,D
Explanation:
When adding voice or video to an existing network, you should examine several things in advance
to provide the high level of availability users expect in their phone system: What features are
needed?- Power for IP phones, voice VLANs on the switches, network redundancy for high
availability, security for voice calls, and Quality of Service (QoS) settings. Electrical power for the
IP phones- Use either inline power from Catalyst switch or power patch panel. Need
uninterruptible power supply (UPS) with auto-restart, monitoring, and 4-hour response contract.
May need generator backup. Maintain correct operating temperatures.
QUESTION NO: 92
Which two statements about the IS-IS routing protocol are true? (Choose two.)
m
D. Level 2 routers learn about paths both within areas and between areas.
E. Level 1 routers learn about paths within the area of which they are a part.
.co
F. IS-IS routers run the Bellman-Ford algorithm against their LSDBs to pick the best paths.
Answer: C,E
sts
QUESTION NO: 93
lTe
Which two statements correctly describe features of Lightweight Access Point Protocol (LWAPP)?
(Choose two.)
tua
A. VLAN tagging and QoS markings are applied at the access point.
B. Control traffic between an access point and a controller is encrypted within LWAPP.
C. Data traffic between an access point and a controller is encapsulated within LWAPP.
Ac
D. Data traffic between an access point and a controller is encrypted within LWAPP.
E. Layer 3 mode packets are transmitted in TCP frames.
Answer: B,C
Explanation:
The LAP and WLC pair use the lightweight access point protocol (LWAPP) as the tunneling
mechanism.
? LWAPP control messages-Exchanges that are used to configure the LAP and manage its
operation. The control messages are authenticated and encrypted so that the LAP is securely
controlled by only the WLC.
? LWAPP data-Packets to and from wireless clients associated with the LAP. The data is
encapsulated within LWAPP, but is not encrypted or otherwise secured between the LAP and
Data traffic between Access Point( AP) and Controller is encapsulated with LWAPP.
QUESTION NO: 94
A. L2 ES
B. L1 IS
C. L1 ES
D. L1/L2 IS
E. L2 IS
Answer: B,D
m
Explanation:
.co
An IS-IS network is termed a domain, analogous to an autonomous system (AS) in TCP/IP. The
following shows IS-IS within the domain as a two-level hierarchy: Level 1 (L1) ISs, closely
equivalent to OSPF internal non-backbone routers, are responsible for routing to ESs inside an
sts
area. L1 ISs enable communication between ESs in an area. L1 routers are also referred to as
station routers because they enable stations to communicate with each other and the rest of the
lTe
network. A contiguous group of L1 routers defines an area. The L1 routers maintain the L1 link-
state PDU database (LSPD), which defines the picture of the area itself and the exit points to
neighboring areas. Level 2 (L2) ISs, closely equivalent to backbone routers in OSPF, route
tua
between areas only. Level 1 and Level 2 (L1L2) Intermediate ISs, closely equivalent to area
border routers (ABRs) in OSPF, route between areas and the backbone. They participate in the L1
intra-area routing and the L2 inter-area routing.
L1L2 routers support an L1 function to communicate with the other L1 routers in their area and
Ac
maintain the L1 LSP information in an L1 LSPD. They inform other L1 routers that they are an exit
point for the area. They also support an L2 function to communicate with the rest of the backbone
and maintain an L2 topology database separately from their L1 LSPD. IS-IS does not share the
concept of an Area 0 with OSPF. An IS-IS domain appears as a set of distinct areas
interconnected by a chain of L2 routers, weaving their way through and between the Level 1
areas.
QUESTION NO: 95
Refer to the exhibit. Router RTR is attempting to establish BGP neighbor relationships with routers
RT1 and RT3. On the basis of the information that is presented in the exhibit, which two
statements are true? (Choose two.)
m
A. RTR has a BGP password set but neighbor 10.0.0.1 does not.
B. RTR has a BGP password set but neighbor 10.0.0.5 does not.
.co
C. Neighbor 10.0.0.1 has a BGP password set but RTR does not.
D. RTR has a BGP password set but neighbor 10.0.0.5 has an incorrect password set.
E. RTR has a BGP password set but neighbor 10.0.0.1 has an incorrect password set.
sts
F. Neighbor 10.0.0.5 has a BGP password set but RTR does not.
Answer: A,D
lTe
QUESTION NO: 96
tua
Refer to the exhibit. Routers R1 and R2 are running EIGRP and have converged. On the basis of
the information that is presented, which statement is true?
Ac
m
.co
A. All outgoing routing updates from router R1 to router R2 will be suppressed, but the inbound
updates will continue to be received.
sts
B. All incoming routing updates from R2 will be suppressed, but the outgoing updates will continue
to be sent.
C. Both outgoing and incoming routing updates on R1 will be permitted because the distribute-list
lTe
20 out Serial0/0 command cannot be used with association with the outgoing interface.
D. Both outgoing and incoming routing updates on R1 will be stopped because of the passive-
interface Serial0/0 configuration statement.
tua
Answer: D
Explanation:
Ac
You can use the passive-interface command to control the advertisement of routing information.
The command enables the suppression of routing updates over some interfaces while it allows
updates to be exchanged normally over other interfaces.
With most routing protocols, the passive-interface command restricts outgoing advertisements
only. However, when used with Enhanced Interior Gateway Routing Protocol (EIGRP), the effect is
slightly different. With EIGRP running on a network, the passive-interface command stops both
outgoing and incoming routing updates, since the effect of the command causes the router to stop
sending and receiving hello packets over an interface.
Reference:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f0a.shtml
QUESTION NO: 97
m
.co
sts
lTe
tua
Answer: C,D
Explanation:
In Exhibit, Operation mode is in static access and Access mode VLAN is 7 so it means this port is
operating on access mode as a member of VLAN 7.
QUESTION NO: 98
Refer to the exhibit. Which switch interface configuration command would automatically configure
quality of service (QoS) for voice over IP (VoIP) within a QoS domain?
Answer: D
Explanation:
m
You can use the auto-QoS feature to simplify the deployment of existing QoS features. Auto-QoS
makes assumptions about the network design, and as a result, the switch can prioritize different
.co
traffic flows and appropriately use the ingress and egress queues instead of using the default QoS
behavior. (The default is that QoS is disabled. The switch then offers best-effort service to each
packet, regardless of the packet contents or size, and sends it from a single queue.)
sts
When you enable auto-QoS, it automatically classifies traffic based on the traffic type and ingress
packet label. The switch uses the resulting classification to choose the appropriate egress queue.
When you enable auto-QoS by using the auto "qos voip cisco-phone", the "auto qos voip cisco-
lTe
softphone", or the "auto qos voip trust" interface configuration command, the switch automatically
generates a QoS configuration based on the traffic type and ingress packet label and applies the
appropriate commands automatically.
tua
Reference:
http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_40_se/configur
ation/guide/swqos.html#wp1231112
Ac
QUESTION NO: 99
What technique should be used on BGP edge routers to prevent a multi-homed autonomous
system from becoming a transit system?
A. Set the no-export community attribute on all networks that are advertised externally.
B. Advertise with a high MED value all networks that are discovered via external BGP.
C. Only advertise networks externally if they have been discovered via internal BGP.
D. Use an outgoing distribution list to filter all networks not originating from inside the autonomous
system.
E. Remove the AS-Path information on all routes in the BGP table prior to advertising externally.
F. Set the origin code to incomplete for all networks that are discovered via external BGP.
Explanation:
The minimum configuration that guarantees you won't become a transit AS is shown in the
following example:
router bgp 65000 neighbor 10.1.1.1 filter-list 1 out ! ip as-path access-list 1 permit ^$
In this example, the outgoing filter list says that all traffic not sourced from the local AS, should not
be advertiseD. This will prevent the announcement of routes that originated from other
Autonomous Systems, and prevent traffic destined for networks in another AS from going through
your AS. This is useful real-world information to know and if you configure your network with BGP
in a multi-homed environmet, odds are good that you will want to implement this kind of filter.
m
QUESTION NO: 100
.co
What can be determined about the HSRP relationship from the displayed debug output?
sts
lTe
tua
Ac
A. Router 172.16.11.111 will be the active router because its HSRP priority is preferred over router
172.16.11.112.
B. The IP address 172.16.11.112 is the virtual HSRP router IP address.
C. The nonpreempt feature is enabled on the 172.16.11.112 router.
D. The IP address 172.16.11.111 is the virtual HSRP router IP address.
E. Router 172.16.11.112 will be the active router because its HSRP priority is preferred over router
172.16.11.111.
F. The preempt feature is not enabled on the 172.16.11.111 router.
Answer: F
Which statement is true about Protocol Independent Multicast Dense Mode (PIM DM) multicast
routing?
A. The (S,G) state exists in every router, regardless of the presence of an RPF interface.
m
B. Flooding of traffic only occurs in the beginning stages of routing. Afterwards, all necessary ports
are pruned and multicast traffic is not sent across those interfaces.
C. PIM DM supports shared distribution trees. .co
D. If a port is pruned, the administrator must re-enable the port to support multicast traffic.
sts
Answer: A
lTe
A network administrator would like to configure an EIGRP router as a stub router that advertises
tua
directly connected and summary routes only. What command must the administrator issue to
accomplish this?
Answer: D
EIGRP is configured to run across serial interfaces. What will EIGRP assume about the speed of
the serial links if the bandwidth command is not used?
A. EIGRP will not use any bandwidth value for route calculations.
Answer: E
Refer to the exhibit. OSPF has been configured on all routers in the network and Area 1 has been
configured as a NSSA. Which statement is true about the NSSA Area 1?
m
.co
sts
lTe
A. Only redistributed IGRP routes will appear in Area 1. They will be advertised via type 7 LSAs.
tua
B. Redistributed RIP and IGRP routes will appear in Area 1. They will be advertised via type 5
LSAs.
C. No redistributed routes can appear in Area 1, only summary routes.
Ac
D. Only redistributed RIP routes will appear in Area 1. They will be advertised via type 7 LSAs.
Answer: A
Refer to the exhibit. Based upon the information that is given, how will voice traffic from the phone
and data traffic from the PC be handled by SW_1?
A. The switch port will trust theCoS value of the ingress voice and data traffic that comes into the
switch port.
B. The switch port will trust theCoS value of the ingress data traffic. Voice traffic will be marked at
the switch port with the default CoS value.
m
C. The switch port will perform marking for the ingress voice and data traffic by using the
defaultCoS value at the switch port.
.co
D. The switch port will trust theCoS value of the ingress voice traffic. Data traffic will be marked at
the switch port with the default CoS value.
sts
Answer: A
Explanation:
lTe
In a typical network, you connect a Cisco IP Phone to a switch port. Traffic sent from the
telephone to the switch is typically marked with a tag that uses the 802.1Q header. The header
contains the VLAN information and the CoS 3-bit field, which determines the priority of the packet.
tua
For most Cisco IP Phone configurations, the traffic sent from the telephone to the switch is trusted
to ensure that voice traffic is properly prioritized over other types of traffic in the network. By using
the mls qos trust cos interface configuration command, you can configure the switch port to which
Ac
the telephone is connected to trust the CoS labels of all traffic received on that port.
After you enter the mls qos trust cos command, the DSCP values are changed according to the
default values, which are listed below:
Reference:
http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_19_ea1/config
uration/guide/swqos.html
m
.co
sts
A. Spanning tree PortFast cannot be configured on a port where a voice VLAN is configured.
lTe
B. Sticky secure MAC addresses cannot be used on a port when a voice VLAN is configured.
C. The switch port must be configured as a trunk.
D. Spanning tree PortFast cannot be configured on a port when a sticky secure MAC address is
tua
used.
Answer: B
Ac
Explanation:
These are the voice VLAN configuration guidelines according to Cisco:
The voice VLAN should be present and active on the switch for the IP phone to correctly
communicate on the voice VLAN.
The Port Fast feature is automatically enabled when voice VLAN is configured. When you disable
voice VLAN, the Port Fast feature is not automatically disabled.
When you enable port security on an interface that is also configured with a voice VLAN, you must
set the maximum allowed secure addresses on the port to at least two plus the maximum number
of secure addresses allowed on the access VLAN. When the port is connected to a Cisco IP
phone, the IP phone requires up to two MAC addresses. The address of the IP phone is learned
on the voice VLAN, and it might or might not be learned on the access VLAN. Connecting a PC to
the IP phone requires additional MAC addresses.
If any type of port security is enabled on the access VLAN, dynamic port security is automatically
enabled on the voice VLAN.
m
You cannot configure static secure or sticky secure MAC addresses on a voice VLAN.
Reference:
.co
http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_22_ea2/config
uration/guide/swvoip.html
sts
Refer to the exhibit. What two statements are true? (Choose two.)
tua
Ac
Explanation:
OSPFv3 supports IPv6. The configuration of OSPFv3 is not a subcommand mode of the router
ospf command as it is in OSPFv2 configuration. For example, instead of using the network area
command to identify networks that are part of the OSPFv3 network, the interfaces are directly
configured to specify that IPv6 networks are part of the OSPFv3 network.
The following describes the steps to configure OSPF for IPv6:
m
There are several commonly used OSPFv3 show commands, including the show ipv6 ospf [
process-id ] [ area-id ] interfacee [ interface ] command.
.co
QUESTION NO: 108
sts
Which two statements are true about the operation of voice VLANs on a Catalyst switch? (Choose
two.)
lTe
A. When voice VLANs are configured on a trunk link, UplinkFast must alsobe enabled.
B. Voice VLANs are configured to enable the switch to forward frames marked with the properCoS
tua
D. Enabling voice VLANs enables the switch to create multiple queues for traffic that is entering a
port.
E. Enabling voice VLANs enables the switch to forward frames with a specific 802.1P marking.
Answer: C,E
A. MGCP
B. G.729
C. SIP
Answer: A,C,E
Explanation:
Call Control Signaling:
Packets belonging to one of several protocols-those used to set up, maintain, tear down, or
redirect a call, depending upon call endpoints. Examples are H.323, Media Gateway Control
Protocol (MGCP), and SIP (Session Initiation Protocol)
In IPv6, the interfaces running OSPF can be configured with multiple address prefixes. Which
m
statement is true about the IPv6 addresses that can be included into the OSPF process?
.co
A. Specific addresses can be selected using a prefix list.
B. Specific addresses cannot be selected for importation into the OSPF process.
C. Specific addresses can be selected using a route map.
sts
Answer: B
lTe
What does the global configuration command ip arp inspection vlan 10-12,15 accomplish?
Ac
Answer: D
Explanation:
The "ip arp inspection" command enables Dynamic ARP Inspection (DAI) for the specified
VLANs. DAI is a security feature that validates Address Resolution Protocol (ARP) packets in a
network. DAI allows a network administrator to intercept, log, and discard ARP packets with invalid
MAC address to IP address bindings. This capability protects the network from certain "man-in-
the-middle" attacks.
Reference:
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/20ew/configuration/guide/dynarp
Refer to the exhibit. Assume that Switch_A is active for the standby group and the standby device
has only the default HSRP configuration. What conclusion is valid?
A. If port Fa1/1 on Switch_A goes down, the standby device will take over as active.
m
B. If the current standby device were to have the higher priority value, it would take over the role of
active for the HSRP group.
.co
C. If Switch_A had the highest prioritynumber, it would not take over as active router.
D. If port Fa1/1 on Switch_A goes down, the new priority value for the switch would be 190.
sts
Answer: D
Explanation:
lTe
HSRP has a mechanism for detecting link failures and swaying the election, giving another router
an opportunity to take over the active role. When a specific interface is tracked, HSRP reduces the
router's priority by a configurable amount as soon as the interface goes down.
tua
By default, the decrement value for an interface is 10. So, when fa1/1 on Switch_A goes down, the
priority will be decreased by 10 from 200 to 190.
If no metric is specified for the routes being redistributed into IS-IS, what metric value is assigned
to the routes?
A. 0
B. 1
C. 20
D. 10
Refer to the exhibit. On the basis of the output, what two conclusions can be reached? (Choose
two.)
m
.co
sts
Answer: A,E
Explanation:
Verifying IS-IS Configuration
To verify the IS-IS configuration and IP functionality of an Integrated IS-IS network, use the
following commands; these commands can also be useful for troubleshooting problems with the
IS-IS network: show ip protocols- Displays the active IP routing protocols, the interfaces on which
they are active, and the networks for which they are routing. show ip route [address [mask]] |
[protocol [process-id]]- Displays the IP routing table. You can specify the details for a particular
route or a list of all routes in the routing table from a particular routing protocol process.
Example 6-3 is sample output from the show ip protocols command that displays information
about IP routing being done by Integrated IS-IS. IS-IS is running, it is not redistributing any other
protocols, and address summarization has not been configured. Example 6-3 also shows that
interfaces FastEthernet 0/0, Loopback 0, and Serial 0/0/1 are taking part in Integrated IS-IS, that
there are two sources of routing information (the neighboring routers), and that the administrative
"Pass Any Exam. Any Time." - www.actualtests.com 92
Cisco 642-892: Practice Exam
distance of Integrated IS-IS is 115.
Which two WLAN client utility statements are true? (Choose two.)
A. The Microsoft Wireless Configuration Manager can be configured to display the Aironet System
Tray Utility (ASTU) icon in the Windows system tray.
B. In a Windows XP environment, a client adapter can only be configured and managed with the
m
Microsoft Wireless Configuration Manager.
C. The Aironet Desktop Utility (ADU) can be used to enable or disable the adapter radio and to
configure LEAP authentication with dynamic WEP. .co
D. The Cisco Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can
both be enabled at the same time to setup WLAN client cards.
sts
Answer: A,C
lTe
Explanation:
Enable/Disable Radio:
On the ADU, this option enables you to disable or enable the client adapter's radio. Disabling the
tua
radio prevents the adapter from transmitting RF energy. You might want to disable the client
adapter's radio in the following situations:
You are not transmitting data and want to conserve battery power.
You are using a laptop on an airplane and want to prevent the adapter's transmissions from
Ac
Answer: B,D,F
Explanation:
The purpose of route summarization is small routing tables, smaller updates. On major network
m
boundaries, subnetworks are summarized to a single classful network and automatic route
summarization is enabled by default. Manual route summarization can be configured on per
.co
interface basis. When summarization is configured on an interface, the router immediately creates
a route pointing to null0.
sts
Route summarization works in conjunction with the ip summary-address eigrp interface
configuration command, in which additional summarization can be performed. If automatic
summarization is in effect, there usually is no need to configure network level summaries using the
lTe
ip summary-address eigrp command. You can configure a summary aggregate address for a
specified interface. If there are any more specific routes in the routing table, EIGRP will advertise
the summary address out the interface with a metric equal to the minimum of all more specific
tua
routes.
Reference: http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1ceigrp.html
Ac
Refer to the exhibit. Based upon the information in the exhibit, which statement is true?
A. To complete this configuration, the R2 fa0/0 interface must be configured with the ip helper-
m
addresses command.
.co
B. R1 will forward DHCP requests to 192.168.100.1. If there is no response, R1 will then forward
the requests to 192.168.200.1.
C. DHCP requests from the host will be rebroadcasted to R2.
sts
D. R1 will forward all DHCP requests to both 192.168.100.1 and 192.168.200.1 as unicast
messages.
E. To complete this configuration, the R1 fa0/0 interface must be configured with the ip helper-
lTe
addresses command.
Answer: B
tua
Explanation:
A DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay
agents receive DHCP messages and then generate a new DHCP message to send out on another
Ac
interface. The agents forward requests and replies between clients and servers when they are not
on the same physical subnet.
The Cisco IOS DHCP relay agent is enabled on an interface only when the ip helper-address is
configured.
If multiple helper-addresses are configured, it tries to get response from first, if no response got
from the first helper address then sends the request to second one.
m
.co
sts
lTe
Answer:
tua
Ac
Explanation:
What are three characteristics of the wireless repeater topology? (Choose three.)
Answer: C,D,E
m
Explanation:
Use APs in Repeater Mode
.co
You can configure APs to act as repeaters. In this mode, the AP is not connected to the wired
LAN. Instead, the AP is placed within the radio range of the AP that is connected to the wired LAN
sts
(the root AP). In this scenario, the repeater AP associates with the root AP, and extends the range
of the radio coverage area. This enables Wireless Clients that reside away from the root AP to
lTe
gain access to the WLAN network. You can configure either the 2.4 GHz radio or the 5 GHz radio
as a repeater. In APs with two radios, only one radio can be a repeater. You must configure the
other radio as a root radio.
tua
When you configure an AP as a repeater, the Ethernet port on that AP does not forward traffic.
The advantage with the repeater mode in APs is that this mode helps to extend the radio coverage
area of a WLAN in situations where connectivity to the wired LAN is not possible. Also, there must
be a fifty percent overlap in coverage area with the root AP for the repeater mode to function.
Ac
Reference:
http://www.cisco.com/en/US/products/hw/wireless/ps441/products_tech_note09186a00805190f1.s
html
Which two statements about HSRP priority are true? (Choose two.)
A. To assign the HSRP router priority in a standby group, the standby group-number priority
priority-value global configuration command must be used.
B. The no standby priority command assigns a priority of 100 to the router.
C. When two routers in an HSRP standby group are configured with identical priorities, the router
with the highest configured IP address will become the active router.
D. Assuming that preempting has also been configured, the router with the lowest priority in an
HSRP group would become the active router.
E. The default priority of a router is zero (0).
Answer: B,C
Explanation:
m
HSRP election is based on a priority value (0 to 255) that is configured on each router in the
group. By default, the priority is 100. The router with the highest priority value (255 is highest)
.co
becomes the active router for the group. If all router priorities are equal or set to the default value,
the router with the highest IP address on the HSRP interface becomes the active router.
sts
What are two rules for compacting IPv6 addresses? (Choose two.)
B. Two zeroes in the middle of any 16-bit segment do not have to be written.
C. Any single, continuous string of one or more 16-bit segments that consists of all zeroes can be
represented with a double colon.
Ac
Answer: A,C
Refer to the exhibit. What type of message will be used by the lightweight access point (LAP) in an
attempt to locate the wireless LAN controller (WLC)?
A. The LAP will send out a DHCP request. In return, the DHCP server will provide the IP
addresses for the LAP and the WLC.
B. The LAP will send out a DNS request. In return, the DNS server will provide the WLC domain
m
name.
C. The LAP will send out a Layer 3 LWAPP discovery request to the WLC on the wireless network.
.co
D. The LAP will send out a Layer 2 LWAPP discovery request to the WLC on the wireless network.
Answer: C
sts
Explanation:
lTe
tua
Ac
Here is an example. Assume that, in the subnet 172.16.1.0/16, you have an LAP that is already
registered with the WLC, and OTAP is enabled on the WLC. When the new LAP in the
192.168.1.0/24 subnet comes up, the LAP looks for a DHCP server and gets an IP address (if no
assignment was made previously with a static IP address). The LAP then sends out a discovery
request to the local subnet. Because in this scenario there is no WLC in the local subnet, the LAP
tries to use OTAP in order to discover WLCs. The LAP listens to neighbor messages that are sent
over the air by the LAPs (in the 172.16.1.0/16 subnet) that are already registered and looks for
WLC IP addresses. From the list of WLC IP addresses that the new LAPs learn from the neighbor
Which type of IGMP message is sent when a network client wants to join a multicast group?
m
Answer: B
Explanation:
.co
When a host wants to join a multicast group it sends an unsolicited Host Membership Report to
the All-hosts Group Address 224.0.0.1
sts
lTe
Which command will display EIGRP packets sent and received, as well as statistics on hello
packets, updates, queries, replies, and acknowledgments?
tua
Answer: C
Explanation:
The show ip eigrp traffic command displays the number of Enhanced IGRP (EIGRP) packets sent
and received.
Example:
The following is sample output from the show ip eigrp traffic command:
Router# show ip eigrp traffic
Reference
:http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_command_reference_chapter
09186a00800ca5a9.html#wp1018815
Refer to the exhibit. Which two statements are true? (Choose two.)
m
.co
sts
lTe
tua
Ac
A. The eigrp stub command prevents queries from being sent from R2 to R1.
B. Router R1 will advertise connected and static routes. The sending of summary routes will not
be permitted.
C. The eigrp stub command will automatically enable summarization of routes on R2.
D. Router R1 will advertise connected and summary routes only.
E. Router R1 is configured as a receive-only neighbor and will not send any connected, static, or
summary routes.
F. The eigrp stub command prevents all routes except a default route from being advertised to R1.
Answer: A,D
Answer: D
Explanation:
Multicast routers send host membership query messages (host query messages) to discover
which multicast groups have members on the attached networks of the router. Hosts respond with
IGMP report messages indicating that they want to receive multicast packets for specific groups
(that is, indicating that the host wants to become a member of the group). Host query messages
m
are addressed to the all-hosts multicast group, which has the address 224.0.0.1, and has an IP
time-to-live (TTL) value of 1.
.co
The designated router for a LAN is the only router that sends IGMP host query messages:
sts
For IGMP Version 1, the designated router is elected according to the multicast routing protocol
that runs on the LAN.
lTe
For IGMP Version 2, the designated querier is the lowest IP-addressed multicast router on the
subnet . If the router hears no queries for the timeout period (controlled by the ip igmp querier-
tua
Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on
both switch S2 and S5. The global configuration command spanning-tree uplinkfast has been
configured on both switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able
to reach Host B?
A. No. Traffic will loop back and forth between switch S5 and S2.
B. No. Traffic willeither pass from switch S6 to to S5 and dead-end, or traffic will pass from switch
S6 to S3 to S2 and dead-end.
C. Yes. Traffic can pass either from switch S6 to S3 to S2 to S1, or, from switch S6 to S5 to S2 to
S1.
D. No. Traffic will pass from switch S6 to S5 and dead-end at interface Gi 0/0.
m
E. Yes. Traffic will pass from switch S6 to S3 to S2 to S1.
Answer: E .co
Explanation:
The BPDU filtering feature can be globally enabled on the switch or can be enabled per interface,
sts
spanning-tree portfast bpdufilter default global configuration command. This command prevents
ports that are in a Port Fast-operational state from sending or receiving BPDUs . The ports still
send a few BPDUs at link-up before the switch begins to filter outbound BPDUs. You should
tua
globally enable BPDU filtering on a switch so that hosts connected to these ports do not receive
BPDUs. If a BPDU is received on a Port Fast-enabled port, the port loses its Port Fast-operational
status, and BPDU filtering is disabled.
At the interface level, you can enable BPDU filtering on any port by using the spanning-tree
Ac
bpdufilter enable interface configuration command without also enabling the Port Fast feature.
This command prevents the port from sending or receiving BPDUs.
Refer to the exhibit. Which two statements are true about the required switch configurations to
support a voice VLAN? (Choose two.)
A. CDP must be disabled on the switch port to prevent interference between CDP messages and
voice traffic.
B. Port security cannot be configured on a port that is configured for a voice vlan.
C. CDP must be enabled on the switch port to allow configuration information to be passed to the
IP phone.
D. Static secure MAC addresses should be configured on voice vlan ports to prevent access by
devices other than IP phones.
m
E. Portfast must be enabled on the switch port.
F. 802.1x authentication cannot be configured on a port configured for a voice vlan.
Answer: C,E
.co
Explanation:
sts
CDP (Cisco Discovery Protocol) must be enabled on switch port connected to IP Phone to
recognize the IP Phone by switch and enable Port Fast to bring switch port directly from blocking
to forwarding state. The Port Fast feature is automatically enabled when voice VLAN is
lTe
configured. When you disable voice VLAN, the Port Fast feature is not automatically disabled.
tua
m
.co
sts
A. Hosts belonging to DHCP pool 1 and pool 2 will retain their IP settings for 30 hours before they
must renew.
B. Hosts in the 10.10.20.0/24 subnet will use 10.10.20.50 as its DNS server.
lTe
C. Hosts will receive IP settings from pool 1 until the addresses run out, and then hosts will receive
the settings from pool 2.
D. DHCP pool 0 needs to have the ip dhcp excluded-address command to exclude the default
tua
Answer: B
Ac
A. Before transmitting data, an 802.1x host must determine the authorization state of the switch.
B. Hosts are required to havea 802.1x authentication client or utilize PPPoE.
C. RADIUS is the only supported authentication server type.
D. If a host initiates the authentication process and does not receive a response, it assumes it is
not authorized.
Answer: C
m
QUESTION NO: 131
.co
Refer to the exhibit. All multilayer switches are running PIM dense mode. Recipient A and
Recipient B are sending IGMPv2 join messages to their respective multilayer switches. Which
statement is true?
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
A. The Multicast Server is the root of the multicast tree. Switches 4 and 5 will participate in the
multicast tree once pruning has taken place.
B. Switch 1 is the root of the multicast tree. Switches 1,4, and 5 will participate in the multicast tree
once pruning has taken place.
C. Switch 3 is the root of the multicast tree. Switches 3,4, and 5 will participate in the multicast tree
once pruning has taken place.
D. Switch 3 is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the multicast
tree once pruning has taken place.
E. Switch 1 is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the multicast
tree once pruning has taken place.
F. The Multicast Server is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the
multicast tree once pruning has taken place.
Answer: F
When the passive-interface command is used on a router, which two routing protocols will
continue to receive routing updates on an interface that is configured as passive? (Choose two.)
A. RIPv2
B. OSPF
C. EIGRP
D. RIP
Answer: A,D
Explanation:
You can use the passive-interface command to control the advertisement of routing information.
m
The command enables the suppression of routing updates over some interfaces while it allows
updates to be exchanged normally over other interfaces.
.co
With most routing protocols, such as RIP version 1 and 2, the passive-interface command restricts
outgoing advertisements only. However, when used with Enhanced Interior Gateway Routing
Protocol (EIGRP) and OSPF, the effect is slightly different. The use of the passive-interface
sts
command in EIGRP suppresses the exchange of hello packets between two routers, which results
in the loss of their neighbor relationship. This stops not only routing updates from being
lTe
References:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f0a.shtml
http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a0080094704.shtml
Ac
Which three statements are true regarding the above diagram? (Choose three.)
m
A. A trunk link will be formed.
B. The native VLAN for Switch B is vlan 1.
.co
C. Only VLANs 1-1001 will travel across the trunk link.
D. DTP packets are sent from Switch B.
E. DTP is not running on Switch A.
sts
Answer: A,B,D
lTe
Explanation:
You can manually configure trunk links on Catalyst switches for either ISL or 802.1Q mode. In
addition, Cisco has implemented a proprietary, point-to-point protocol called Dynamic Trunking
tua
Protocol (DTP) that negotiates a common trunking mode between two switches. The negotiation
covers the encapsulation (ISL or 802.1Q) as well as whether the link becomes a trunk at all.
You can configure the trunk encapsulation with the switchport trunk encapsulation command, as
Ac
one of the following: isl - VLANs are tagged by encapsulating each frame using the Cisco ISL
protocol. dot1q -VLANs are tagged in each frame using the IEEE 802.1Q standard protocol. The
only exception is the native VLAN, which is sent normally and not tagged at all. negotiate (the
default)-The encapsulation is negotiated to select either ISL or IEEE 802.1Q, whichever is
supported by both ends of the trunk. If both ends support both types, ISL is favored. (The Catalyst
2950 switch does not support ISL encapsulation.)
In the switchport mode command, you can set the trunking mode to any of the following: trunk -
This setting places the port in permanent trunking mode. The corresponding switch port at the
other end of the trunk should be similarly configured because negotiation is not allowed. You
should also manually configure the encapsulation mode. dynamic desirable (the default)-The port
actively attempts to convert the link into trunking mode. If the far-end switch port is configured to
trunk , dynamic desirable , or dynamic auto mode, trunking is successfully negotiated. dynamic
auto -The port converts the link into trunking mode. If the far-end switch port is configured to trunk
or dynamic desirable , trunking is negotiated. Because of the passive negotiation behavior, the link
Refer to the exhibit. Based upon the debug output that is shown, which three statements about
HSRP are true? (Choose three.)
m
A. The router with IP address 172.16.11.112 is using default HSRP priority.
.co
B. The IP address 172.16.11.115 is the virtual HSRP IP address.
C. The priority of the router with IP address 172.16.11.112 is preferred over the router with IP
address 172.16.11.111.
sts
D. The router with IP address 172.16.11.111 haspreempt configured.
E. The final active router is the router with IP address 172.16.11.111.
F. The router with IP address 172.16.11.112 has nonpreempt configured.
lTe
Answer: B,D,E
Explanation:
tua
Each router in an HSRP group has its own unique IP address assigned to an interface. This
address is used for all routing protocol and management traffic initiated by or destined to the
router. In addition, each router has a common gateway IP address, the virtual router address, that
Ac
is kept alive by HSRP. This address is also referred to as the HSRP address or the standby
address . Clients can point to that virtual router address as their default gateway, knowing that a
router always keeps that address active. Keep in mind that the actual interface address and the
virtual (standby) address must be configured to be in the same IP subnet. You can assign the
HSRP address with the following interface command:
When HSRP is used on an interface that has secondary IP addresses, you can add the secondary
keyword so that HSRP can provide a redundant secondary gateway address.
You can configure a router to preempt or immediately take over the active role if its priority is the
highest at any time. Use the following interface configuration command to allow preemption:
Switch( config-if)# standby group preempt [delay seconds]
"Pass Any Exam. Any Time." - www.actualtests.com 110
Cisco 642-892: Practice Exam
By default, the router can preempt another immediately, without delay. You can use the delay
keyword to force it to wait for seconds before becoming active. This is usually done if there are
routing protocols that need time to converge.
Refer to the exhibit. What are two important facts in interpreting the output of the show ip pim
interface command? (Choose two.)
m
B. Multiaccess segments elect a DR based on highest IP address.
.co
C. Multiaccess segments elect a DR based on lowest IP address.
D. The RP is only seen in version 2 of Sparse-Dense mode.
E. Multiaccess, multicast segments do not elect a DR.
sts
Answer: A,B
Explanation:
lTe
show ip pim interface: Use this command to display information about interfaces configured for
PIM. In addition, you can use this command to verify that the correct PIM mode (dense or sparse)
is configured on the interface, the neighbor count is correct, and the designated router (DR) is
tua
correct (which is critical for PIM sparse mode). Multi-access segments (such as Ethernet, Token
Ring, FDDI ) elect a DR based on highest IP address. Point-to-Point links do not display DR
information.
Ac
Reference:
http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080093f21.shtml
Refer to the exhibit. What statement is true based upon the configuration in the exhibit?
m
F. The rendezvous point is IP address 172.16.4.16.
Answer: D .co
Explanation:
sts
A rendezvous point (RP) is required only in networks running Protocol Independent Multicast
sparse mode (PIM-SM). The protocol is described in RFC 2362. In PIM-SM, only network
segments with active receivers that have explicitly requested multicast data will be forwarded the
lTe
traffiC. An interface configured in sparse-dense mode is treated in either sparse mode or dense
mode of operation, depending on which mode the multicast group operates. If a multicast group
has a known RP, the interface is treated in sparse mode. If a group has no known RP, the
tua
interface is treated in dense mode and data will be flooded over this interface.
Reference: Configuring a Rendezvous Point
http://www.cisco.com/en/US/docs/ios/solutions_docs/ip_multicast/White_papers/rps.html
Ac
Which statement is true about the Lightweight Access Point Protocol (LWAPP)?
A. The control traffic between the client and the access point is encapsulated with the LWAPP.
B. Real-time frame exchange is accomplished within the access point.
C. Authentication, security, and mobility are handled by the access point.
D. Data traffic between the client and the access point is encapsulated with LWAPP.
Answer: B
Explanation:
Refer to the exhibit. On the basis of the information in the exhibit, which two statements are true?
(Choose two.)
m
.co
sts
lTe
tua
Ac
A. The output was generated by entering the show ip bgp command on the ISP router.
B. The serial 0/0/1 interface on the ISP router has been configured with the set metric 50
command.
C. The serial 0/0/1 interface on the ISP router has been configured with the set metric 75
command.
D. The output was generated by entering the show ip bgp command on the SanJose1 router.
Answer: B,C
Explanation:
The "show ip route bgp" command will display any BGP-learned routes that make it into the IP
routing table, the command "show ip bgp" is required to display the contents of the actual BGP
routing table. This output was seen on ISP because the local router ID is 192.168.100.1 (ISP).
Since we know that this output must have been seen by ISP, we know the serial 0/0/1 interface
has been configured with a metric of 75, as this is the metric to the peer with IP address
192.168.1.2 (the other side of the serial 0/0/1 interface).
m
QUESTION NO: 139
.co
Which description correctly describes a MAC address flooding attack?
A. The attacking device spoofs a source MAC address of a valid host currently in theCAM table.
sts
The switch then forwards frames destined for the valid host to the attacking device.
B. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the
lTe
attacking device then becomes the destination address found in the Layer 2 frames sent by the
valid network device.
C. The attacking device spoofs a destination MAC address of a valid host currently in theCAM
tua
table. The switch then forwards frames destined for the valid host to the attacking device.
D. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the
attacking device then becomes the source address found in the Layer 2 frames sent by the valid
network device.
Ac
E. Frames with unique, invalid destination MAC addresses flood the switch and exhaustCAM table
space. The result is that new entries cannot be inserted because of the exhausted CAM table
space, and traffic is subsequently flooded out all ports.
F. Frames with unique, invalid source MAC addresses flood the switch and exhaustCAM table
space. The result is that new entries cannot be inserted because of the exhausted CAM table
space, and traffic is subsequently flooded out all ports.
Answer: F
Explanation:
A common Layer 2 or switch attack is MAC flooding, resulting in a switch's CAM table overflow,
which causes flooding of regular data frames out all switch ports. This attack can be launched for
the malicious purpose of collecting a broad sample of traffic or as a denial of service (DoS) attack.
A switch's CAM tables are limited in size and therefore can contain only a limited number of
m
Refer to the exhibit. What should be taken into consideration when using the Cisco Aironet
.co
Desktop Utility (ADU) to configure the static WEP keys on the wireless client adapter?
sts
lTe
tua
Ac
A. The client adapter WEP key should be generated by the authentication server and forwarded to
the client adapter before the client adapter can establish communication with the wireless network.
B. In infrastructure mode the client adapter WEP key must match the WEP key used by the
access point. In ad hoc mode all client WEP keys within the wireless network must match each
other.
C. The client adapter WEP key should be generated by the AP and forwarded to the client adapter
before the client adapter can establish communication with the wireless network.
D. Before the client adapter WEP key is generated, all wireless infrastructure devices (such as
access points, servers, etc.) must be properly configured for LEAP authentication.
Explanation:
Your client adapter's WEP key must match the WEP key used by the access point (in
infrastructure mode) or clients (in ad hoc mode) with which you are planning to communicate.
Reference:
http://www.cisco.com/en/US/docs/wireless/wlan_adapter/cb21ag/user/3.5/configuration/guide/wina
pekh.html
m
.co
sts
lTe
tua
Ac
On the basis of the configuration that is provided, how would the BGP updates that come from
router R1 be replicated inside autonomous system 65200?
A. All BGP updates that are received on router R2 will not be sent to routers R3 and R4.
B. All BGP updates that are received on router R2 will be sent directly to router R5.
C. All BGP updates that are received on router R2 will be sent to routers R3 and R4. Routers R3
and R4 will then forward those BGP updates to router R5.
D. None of the BGP updates that are received on router R2 will ever be received by router R5.
Answer: B
Explanation:
m
The IEEE 802.1D Spanning Tree Protocol was designed to keep a switched or bridged network
loop free, with adjustments made to the network topology dynamically. A topology change typically
.co
takes 30 seconds, where a port moves from the Blocking state to the Forwarding state after two
intervals of the Forward Delay timer. As technology has improved, 30 seconds has become an
unbearable length of time to wait for a production network to failover or "heal" itself during a
sts
problem.
lTe
signal a topology change by sending out a TCN message that is relayed to all switches in the STP
domain. RSTP detects a topology change only when a nonedge port transitions to the Forwarding
state. This might seem odd because a link failure is not used as a trigger. RSTP uses all of its
rapid convergence mechanisms to prevent bridging loops from forming. Therefore, topology
Ac
changes are detected only so that bridging tables can be updated and corrected as hosts appear
first on a failed port and then on a different functioning port.
When a topology change is detected, a switch must propagate news of the change to other
switches in the network so they can correct their bridging tables, too. This process is similar to the
convergence and synchronization mechanism-topology change (TC) messages propagate through
the network in an ever-expanding wave.
Which command displays the IBGP and EBGP neighbors that are configured?
Answer: B
Explanation:
The "show ip bgp summary" command displays the summary of all BGP connections.
Refer to the exhibit. Given the output of a debug ip mrouting command, which two statements are
true? (Choose two.)
m
.co
sts
lTe
D. This router received an IGMP host report from a group member or a PIM join message.
E. The reverse path forwarding (RPF) for the route 224.2.0.1 failed to find the interface on which
the multicast packet was received.
Ac
F. 16 was added to the mroute table and created by a source directly connected to the router.
G. Multicast route to 10.16.0.0
H. The route to 224.69.15.0
Answer: D,G
Explanation:
The following is sample output from the debug ip mrouting command:
Router# debug ip mrouting 224.2.0.1
MRT: Delete (10.0.0.0/8, 224.2.0.1)
MRT: Delete (10.4.0.0/16, 224.2.0.1)
MRT: Delete (10.6.0.0/16, 224.2.0.1)
MRT: Delete (10.9.0.0/16, 224.2.0.1)
MRT: Delete (10.16.0.0/16, 224.2.0.1)
MRT: Create (*, 224.2.0.1), if_input NULL
"Pass Any Exam. Any Time." - www.actualtests.com 118
Cisco 642-892: Practice Exam
MRT: Create (224.69.15.0/24, 225.2.2.4), if_input Ethernet0, RPF nbr 224.69.61.15
MRT: Create (224.69.39.0/24, 225.2.2.4), if_input Ethernet1, RPF nbr 0.0.0.0
MRT: Create (10.0.0.0/8, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0
MRT: Create (10.4.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0
MRT: Create (10.6.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0
MRT: Create (10.9.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0
MRT: Create (10.16.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0
The following lines show that multicast IP routes were deleted from the routing table:
MRT: Delete (10.0.0.0/8, 224.2.0.1)
MRT: Delete (10.4.0.0/16, 224.2.0.1)
MRT: Delete (10.6.0.0/16, 224.2.0.1)
The (*, G) entries are generally created by receipt of an Internet Group Management Protocol
(IGMP) host report from a group member on the directly connected LAN or by a Protocol
m
Independent Multicast (PIM) join message (in sparse mode) that this router receives from a router
that is sending joins toward the RP. This router will in turn send a join toward the Route Processor
(RP) that creates the shared tree (or RP tree).
.co
MRT: Create (*, 224.2.0.1), if_input NULL
sts
The following lines are an example of creating an (S, G) entry that shows that an IP multicast
packet (mpacket) was received on Ethernet interface 0. The second line shows a route being
lTe
created for a source that is on a directly connected LAN. The RPF means "Reverse Path
Forwarding," whereby the router looks up the source address of the multicast packet in the unicast
routing table and determines which interface will be used to send a packet to that source.
tua
224.0.0.0 as the RPF, which means the route was created by a source that is directly connected to
this router.
MRT: Create (10.9.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0
MRT: Create (10.16.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0
If the source is not directly connected, the neighbor address shown in these lines will be the
address of the router that forwarded the packet to this router.
The shortest path tree state maintained in routers consists of source (S), multicast address (G),
outgoing interface (OIF), and incoming interface (IIF). The forwarding information is referred to as
the multicast forwarding entry for (S, G).
An entry for a shared tree can match packets from any source for its associated group if the
packets come through the proper incoming interface as determined by the RPF lookup. Such an
entry is denoted as (*, G). A (*, G) entry keeps the same information a (S, G) entry keeps, except
that it saves the rendezvous point address in place of the source address in sparse mode or as
Reference: http://www.cisco.com/en/US/docs/ios/12_2t/debug/command/reference/dbftipdv.html
Which two statements about voice traffic are true? (Choose two.)
m
E. A typical voice call requires 17 kbps to 106 kbps of guaranteed priority bandwidth plus an
additional 15 kbps per call for voice-control traffic.
F. Voice packets are typically around 60 to 120 KB. .co
Answer: D,E
sts
Explanation:
QoS Requirements for Voice:
lTe
Voice calls, either one-to-one or on a conference connection capability, require the following:
? 150 ms of one-way latency from mouth to ear (per the ITU G.114 standard)
? 30 ms jitter
tua
The choice of codec has impacts in many areas. The most important is the capacity planning on
the network, because the bandwidth consumed in different codecs varies.
Reference:
http://www.informit.com/content/images/1587051915/samplechapter/1587051915content.pdf
Which two statements are true about the rendezvous point (RP) in a multicast network? (Choose
two.)
A. The multicast receivers must register with the RP to form the multicast distribution tree.
B. To form the multicast distribution tree, the multicast sources register with and the receivers join
the RP.
Answer: B,D
A. Multicast addresses 224.0.0.0 through 224.0.0.255 are used for network protocols on local LAN
m
segments. Because they are always transmitted with a Time to Live (TTL) of 1, they are never
forwarded by a router. .co
B. Multicast addresses 224.0.0.5 and 224.0.0.6 are limited scoped addresses that have been
reserved for OSPF.
sts
C. Multicast addresses 224.0.1.0 through 238.255.255.255 are called globally scoped addresses.
They are used to multicast data between organizations and across the Internet.
D. Multicast addresses 239.0.0.0 through 239.255.255.255 are called limited scope addresses.
lTe
Answer: A,C,D
Explanation:
Ac
These addresses are never forwarded off the local subnet (regardless of TL, usually set to 1).
224.0.0.1: all hosts 224.0.0.2: all multicast routers (PIMv1, all routers due to transport inIGMPv1)
224.0.0.4: all DVMRP routers 224.0.0.5: all OSPF routers 224.0.0.6: all OSPF DR routers (DR:
Designated Router) 224.0.0.9: all RIP2 routers 224.0.0.13: all PIMv2 routers 224.0.1.39: CISCO-
RP-ANNOUNCE 224.0.1.40: CISCO-RP-DISCOVERY Global scope: 224.0.1.0 to
238.255.255.255 (allocated dynamically throuh Internet) Limited scope: 239.0.0.0 to
239.255.255.255 (reserved for use inside prvate domains) See
http://www.iana.org/assignments/multicast-addresses for a complete lst.
Refer to the exhibit. IP multicast for group address 224.1.1.1 has been enabled on all routers in
the network. Hosts on Network A receive the multicast traffic. However, hosts on Network B do
m
.co
sts
Answer: D
Explanation:
Ac
Multicast routing uses a mechanism called Reverse Path Forwarding (RPF) to prevent forwarding
loops and to ensure the shortest path from the source to the receivers. If there is RPF failure, the
router does not forward the multicast packets to neighbor.
Refer to the exhibit. Which two conclusions can be drawn from the debug ip igmp output? (Choose
two.)
Answer: B,F
Explanation:
m
Use the debug ip igmp command to display IGMP packets received and transmitted, as well as
IGMP-host related events. The no form of this command disables debug output.
.co
This output helps you discover whether the IGMP processes function. In general, if IGMP does not
work, the router process never discovers another host on the network that is configured to receive
multicast packets. In PIM dense mode, this means the packets are delivered intermittently (a few
sts
every three minutes). In PIM sparse mode, they are never delivered.
lTe
12:32:56.917: IGMP: Starting old host present timer for 239.255.0.1 on Ethernet1
12:33:01.065: IGMP: Send v2 Report for 224.0.1.40 on Ethernet1
12:33:01.069: IGMP: Received v2 Report from 192.168.9.4 (Ethernet1) for 224.0.1.40
Ac
The output above shows that the router sends an IGMP version 2 query out interface Ethernet 1 at
multicast address 224.0.0.1 (All multicast systems on this subnet). Interface Ethernet 1 itself is a
member of group 224.0.1.40 (you can use the show ip igmp interface command to determine this),
which sets a report delay time of 9.4 seconds (randomly determined). Because it does not receive
any report from another system for multicast group 224.0.1.40 for the next 9.4 seconds, it sends a
version 2 report of its membership, which is received by the router itself on Ethernet 1. It also
receives IGMP report version 1 from host 192.168.9.1, which is directly connected to the interface
Ethernet 1 for group 239.255.0.1.
This debug output is useful when you verify that the router interface sends queries and to
determine the query interval (in the above case, 60 seconds). You can also use the command to
determine the version of IGMP used by the clients.
Refer to the exhibit. The user who is connected to interface FastEthernet 0/1 is on VLAN 10 and
cannot access network resources. On the basis of the information in the exhibit, which command
sequence would correct the problem?
m
.co
sts
lTe
tua
Ac
Explanation:
In Exhibit Operation Mode is down, it means interface is in down state. Just bring into up state
using no shutdown command
What are two methods of mitigating MAC address flooding attacks? (Choose two.)
m
Answer: A,E
.co
QUESTION NO: 152
sts
A. password combinations.
B. Configure all frames with two 802.1Q headers.
C. Explicitly turn off Dynamic Trunking Protocol (DTP) on all unused ports.
tua
D. Configure ACLs.
E. Configure VACLs.
F. Enforce username
Ac
Answer: C
Explanation:
When securing VLAN trunks, also consider the potential for an exploit called VLAN hopping. Here,
an attacker positioned on one access VLAN can craft and send frames with spoofed 802.1Q tags
so that the packet payloads ultimately appear on a totally different VLAN, all without the use of a
router.
For this exploit to work, the following conditions must exist in the network configuration:
? The attacker is connected to an access switch port.
? The same switch must have an 802.1Q trunk.
? The trunk must have the attacker's access VLAN as its native VLAN.
To prevent from VLAN hopping turn off Dynamic Trunking Protocol on all unused ports.
Refer to the exhibit. Host A has sent an ARP message to the default gateway IP address
10.10.10.1. Which statement is true?
m
.co
sts
A. DSw1 will reply with the MAC address of the next AVF.
lTe
B. DSw2 will reply with the MAC address of the next AVF.
C. Because of the invalid timers that are configured, DSw1 will not reply.
D. Because of the invalid timers that are configured, DSw2 will not reply.
tua
Answer: B
Explanation:
The Gateway Load Balancing Protocol (GLBP) is a Cisco-proprietary protocol designed to
overcome the limitations of existing redundant router protocols. Some of the concepts are the
same as with HSRP/VRRP, but the terminology is different and the behavior is much more
dynamic and robust.
The trick behind this load balancing lies in the GLBP group. One router is elected the active virtual
gateway (AVG). This router has the highest priority value, or the highest IP address in the group, if
there is no highest priority. The AVG answers all ARP requests for the virtual router address.
Which MAC address it returns depends on which load-balancing algorithm it is configured to use.
In any event, the virtual MAC address supported by one of the routers in the group is returned.
According to exhibit, Router DSW2 is the Active Virtual Gateway (AVG) router because it has
highest IP address even having equal priority. When router DSW1 sends the ARP message to
10.10.10.1 Router DSW 2 will reply to DSW 1 as a Active Virtual Router.
"Pass Any Exam. Any Time." - www.actualtests.com 126
Cisco 642-892: Practice Exam
Answer: A
Explanation:
To identify all nodes for the node-local and link-local scopes, the following multicast addresses are
defined:
m
FF01::1 (node-local scope all-nodes address)
FF02::1 (link-local scope all-nodes address)
.co
To identify all routers for the node-local, link-local, and site-local scopes, the following multicast
sts
Reference: http://technet2.microsoft.com/windowsserver/en/library/8c07faf2-35b3-4f2a-920f-
d61ad76581ad1033.mspx?mfr=true
Ac
Based on the exhibited output, which three statements are true? (Choose three.)
A. The best path for R1 to reach the 192.168.1.48/28 prefix is via 192.168.1.66.
B. R1 is in AS 200.
C. All the routes are in the passive mode because these routes are in the hold-down state.
m
D. All the routes are in the passive mode because R1 is in the query process for those routes.
E. R1 will load balance between three paths to reach the 192.168.1.48/28 prefix because all three
.co
paths have the same advertised distance (AD) of 40512000.
F. 40512000 is the advertised distance (AD) via 192.168.1.66 to reach the 192.168.1.48/28 prefix.
sts
Answer: A,B,F
Explanation:
lTe
The R1 router resides in AS 200, as displayed by the "IP EIGRP topology for process 200" output.
Regarding the numbers specified in the parenthesis, the first number is the EIGRP metric that
tua
represents the cost to the destination. The second number is the EIGRP metric that this peer
advertised.
Based on this, the best path to the 192.168.1.48/28 destination is via 192.168.1.66, because the
Ac
Which three components are included in the Cisco autonomous WLAN solution? (Choose three.)
Explanation:
CiscoWorks WLSE is a complete solution for managing Cisco Aironet autonomous WLAN
networks. As the management component of the Cisco Autonomous WLAN Solution, CiscoWorks
WLSE provides comprehensive air/radio frequency (RF) and device-management capabilities in
ways that simplify deployment, reduce operational complexity, and provide administrators visibility
into the WLAN.
CiscoWorks WLSE provides an easy-to-use deployment wizard to specify the configuration criteria
up front. This allows administrators to automate deployment and simultaneously maintain control
in rapidly expanding environments. The deployment wizard also simplifies and automates the
setup of the Wireless Domain Services (WDS) that plays an important role in the Cisco
Autonomous WLAN Solution for seamless mobility and RF aggregation services.
WLSE also enables centralized user administration by integrating with Cisco Secure ACS . Users
can be defined and mapped to a user role centrally on Cisco Secure ACS.
m
Reference:
http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6380/ps6563/ps3915/ps6839/product_dat
a_sheet0900aecd80410b92.html .co
sts
Which protocol enables a group of routers to form a single virtual router and use the real IP
lTe
A. HSRP
tua
B. IRDP
C. Proxy ARP
D. VRRP
Ac
E. GLBP
Answer: B
Explanation:
ICMP Internet Router Discovery Protocol (IRDP) uses Internet Control Message Protocol (ICMP)
router advertisements and router solicitation messages to allow a host to discover the addresses
of operational routers on the subnet. With this, hosts can discover the real IP addresses of the
default gateways. VRRP, HSRP, and GLBP all require the use of a virtual IP address. Hosts then
use this virtual IP address as their default gateways.
Reference: Configuring IRDP
http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_irdp_ps6350_TSD_Product
s_Configuration_Guide_Chapter.html
Which three statements are correct about the differences in IS-IS and OSPF? (Choose three.)
A. New additions to the protocol are easily implemented in OSPF but not with IS-IS.
B. OSPF has more area types than does IS-IS.
C. For greater fine tuning there are more IS-IS timers.
D. IS-IS is more CPU-intensive than is OSPF.
E. IS-IS LSP contains TLV fields and OSPF LSU contains the LSAs.
Answer: B,C,E
Explanation:
The configuration of OSPF is based on a central backbone, Area 0, with all other areas being
physically attached to Area 0. Because of this, certain design constraints will inevitably exist. A
good, consistent IP addressing structure is necessary when this type of hierarchical model is used.
m
It is used to summarize addresses into the backbone, and reduce the amount of information that is
carried in the backbone and advertised across the network. In comparison, IS-IS also has a
.co
hierarchy with Level 1 and Level 2 routers. With IS-IS, the area borders lie on the links. However,
significantly fewer link-state PDUs (LSPs) are used. Therefore, many more routers, up to 1000,
can reside in a single area. This capability makes IS-IS more scalable than OSPF. IS-IS allows a
sts
more flexible approach to extending the backbone. Adding Level 2 routers can extend the
backbone. This process is less complex than with OSPF.
With regard to CPU use and the processing of routing updates, IS-IS is more efficient. Not only are
lTe
there fewer LSPs to process, as compared to OSPF LSAs, but also the mechanism by which IS-IS
installs and withdraws prefixes is less intensive.
Both OSPF and IS-IS are link-state protocols and therefore provide fast convergence. The
tua
convergence time depends on a number of factors, such as timers, number of nodes, and types of
routers. Based on the default timers, IS-IS will detect a failure quicker than OSPF and therefore
should converge more rapidly. If there are many neighbors and adjacencies to consider, the
Ac
convergence time depends on the processing power of the router. IS-IS is typically less CPU
intensive than OSPF.
The timers in IS-IS allow more tuning than OSPF. There are more timers to adjust, and therefore
finer granularity can be achieved. By tuning the timers, convergence time can be significantly
decreased. However, this speed may be at the expense of stability, so a compromise may have to
be made. A network engineer should understand the implications of adjusting these timers.
When an attacker is using switch spoofing to perform VLAN hopping, how is the attacker able to
gather information?
Answer: A
Explanation:
DTP should be disabled for all user ports on a switch. If the port is left with DTP auto-configured
(default on many switches), an attacker can connect and arbitrarily cause the port to start trunking
and therefore pass all VLAN information.
m
Reference:
.co
http://www.cisco.com/en/US/solutions/ns340/ns517/ns224/ns376/net_design_guidance0900aecd8
00ebd1e.pdf
sts
A. Router B is the master virtual router, and Router A is the backup virtual router. When Router B
fails, Router A will become the master virtual router. When Router B recovers, Router A will
maintain the role of master virtual router.
B. Router B is the master virtual router, and Router A is the backup virtual router. When Router B
fails, Router A will become the master virtual router. When Router B recovers, it will regain the
master virtual router role.
C. Router A is the master virtual router, and Router B is the backup virtual router. When Router A
fails, Router B will become the master virtual router. When Router A recovers, Router B will
maintain the role of master virtual router.
D. Router A is the master virtual router, and Router B is the backup virtual router. When Router A
fails, Router B will become the master virtual router. When Router A recovers, it will regain the
master virtual router role.
m
Answer: D
Explanation:
.co
An important aspect of the VRRP redundancy scheme is VRRP router priority. Priority determines
sts
the role that each VRRP router plays and what happens if the master virtual router fails.
If a VRRP router owns the IP address of the virtual router and the IP address of the physical
interface, this router functions as a master virtual router.
lTe
Priority also determines if a VRRP router functions as a backup virtual router and determines the
order of ascendancy to becoming a master virtual router if the master virtual router fails. You can
configure the priority of each backup virtual router with a value of 1 through 254, using the vrrp
tua
priority command.
For example, if Router A, the master virtual router in a LAN topology, fails, an election process
takes place to determine if backup virtual Routers B or C should take over. If Routers B and C are
Ac
configured with the priorities of 101 and 100, respectively, Router B is elected to become master
virtual router because it has the higher priority. If Routers B and C are both configured with the
priority of 100, the backup virtual router with the higher IP address is elected to become the
master virtual router.
By default, a preemptive scheme is enabled whereby a higher-priority backup virtual router that
becomes available takes over for the backup virtual router that was elected to become master
virtual router. You can disable this preemptive scheme using the no vrrp preempt command. If
preemption is disabled, the backup virtual router that is elected to become master virtual router
remains the master until the original master virtual router recovers and becomes master again.
Reference:
http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.5/addr_serv/configuration/guide/ic35vrrp.htm
l
Drop
Answer:
m
.co
sts
lTe
tua
Explanation:
Ac
Why is BPDU guard an effective way to prevent an unauthorized rogue switch from altering the
spanning-tree topology of a network?
Answer: A
Explanation:
As long as a port participates in STP, some device can assume the root bridge function and affect
active STP topology. To assume the root bridge function, the device would be attached to the port
and would run STP with a lower bridge priority than that of the current root bridge. If another
device assumes the root bridge function in this way, it renders the network suboptimal. This is a
simple form of a denial of service (DoS) attack on the network. The temporary introduction and
m
subsequent removal of STP devices with low (0) bridge priority cause a permanent STP
recalculation.
.co
The STP PortFast BPDU guard enhancement allows network designers to enforce the STP
domain borders and keep the active topology predictable. The devices behind the ports that have
STP PortFast enabled are not able to influence the STP topology. At the reception of BPDUs, the
sts
BPDU guard operation disables the port that has PortFast configured. The BPDU guard transitions
the port into errdisable state, and a message appears on the console.
Reference: Spanning Tree PortFast BPDU Guard Enhancement
lTe
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml
tua
Refer to the exhibit. Which two statements are true about the router configuration? (Choose two.)
Ac
Explanation:
This router demonstrates an example of an IPv6 Dual Stack configuration. Dual stack (Figure 1
below) runs both IPv4 and IPv6 protocol stacks on a router in parallel, making it similar to the
multiprotocol network environments of the past, which often ran Internetwork Packet Exchange
(IPX), AppleTalk, IP, and other protocols concurrently. The technique of deploying IPv6 using
dual-stack backbones allows IPv4 and IPv6 applications to coexist in a dual IP layer routing
backbone. The IPv4 communication uses the IPv4 protocol stack, and the IPv6 communication
uses the IPv6 stack.
As a transition strategy, dual stack is ideal for campus networks with a mixture of IPv4 and IPv6
applications.
Figure 1: Dual-Stack Example
m
.co
sts
Reference:
http://www.cisco.com/en/US/products/ps6553/products_white_paper0900aecd805c54d0.shtml
lTe
Which two statements are true about the Hot Standby Router Protocol (HSRP)?
(Choose two.)
Ac
A. Load sharing with HSRP is achieved by creating multiple subinterfaces on the HSRP routers.
B. All routers configured for HSRP load balancing must be configured with the same priority.
C. Routers configured for HSRP can belong to multiple groups and multiple VLANs.
D. Routers configured for HSRP must belong to only one group per HSRP interface.
E. Load sharing with HSRP is achieved by creating HSRP groups on the HSRP routers.
Answer: C,E
Explanation:
HSRP is a Cisco-proprietary protocol developed to allow several routers (or multilayer switches) to
appear as a single gateway address. RFC 2281 describes this protocol in more detail. Basically,
each of the routers that provides redundancy for a given gateway address is assigned to a
common HSRP group. One router is elected as the primary, or active, HSRP router, another is
elected as the standby HSRP router, and all the others remain in the listen HSRP state. The
An HSRP group can be assigned an arbitrary group number, from 0 to 255. If you configure HSRP
groups on several VLAN interfaces, it can be handy to make the group number the same as the
VLAN number. However, most Catalyst switches support only up to 16 unique HSRP group
numbers. If you have more than 16 VLANs, you will quickly run out of group numbers. An
alternative is to make the group number the same (that is, 1) for every VLAN interface. This is
perfectly valid because the HSRP groups are only locally significant on an interface. HSRP Group
1 on interface VLAN 10 is unique from HSRP Group 1 on interface VLAN 11.
m
.co
sts
lTe
tua
Ac
Answer:
m
QUESTION NO: 166 .co
Refer to the exhibit. The web servers WS_1 and WS_2 need to be accessed by external and
sts
internal users. For security reasons, the servers should not communicate with each other,
although they are located on the same subnet. The servers do need, however, to communicate
with a database server located in the inside network. What configuration will isolate the servers
lTe
A. The switch ports 3/1 and 3/2 will be defined as secondary VLAN community ports. The ports
connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
B. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as
primary VLAN promiscuous ports.
C. The switch ports 3/1 and 3/2 will be defined as secondary VLAN isolated ports. The ports
connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
D. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as
primary VLAN community ports.
Explanation:
Service providers often have devices from multiple clients, in addition to their own servers, on a
single Demilitarized Zone (DMZ) segment or VLAN. As security issues proliferate, it becomes
necessary to provide traffic isolation between devices, even though they may exist on the same
Layer 3 segment and VLAN. Catalyst 6500/4500 switches implement PVLANs to keep some
switch ports shared and some switch ports isolated, although all ports exist on the same VLAN.
The 2950 and 3550 support "protected ports," which are functionality similar to PVLANs on a per-
switch basis.
A port in a PVLAN can be one of three types:
Isolated: An isolated port has complete Layer 2 separation from other ports within the same
PVLAN, except for the promiscuous port. PVLANs block all traffic to isolated ports, except the
traffic from promiscuous ports. Traffic received from an isolated port is forwarded to only
promiscuous ports.
m
Promiscuous: A promiscuous port can communicate with all ports within the PVLAN, including the
community and isolated ports. The default gateway for the segment would likely be hosted on a
.co
promiscuous port, given that all devices in the PVLAN will need to communicate with that port.
Community: Community ports communicate among themselves and with their promiscuous ports.
These interfaces are isolated at Layer 2 from all other interfaces in other communities, or in
sts
isolated ports within their PVLAN.
lTe
Which two statements are true about 6to4 tunnels? (Choose two.)
tua
A. In a 6to4 tunnel, the first two bytes of the IPv6 address will be0x2002 and the next four bytes
will be the hexadecimal equivalent of the IPv4 address.
Ac
B. In a 6to4 tunnel, the first two bytes of the IPv6 address will be locally derived and the next two
bytes will be the hexadecimal equivalent of the IPv4 address.
C. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the 2002:c0a8:6301::/48
IPv6 address.
D. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the
2002:1315:4463:1::/64 IPv6 address.
E. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the 2002:c0a8:6301::/16
IPv6 address.
Answer: A,C
m
.co
sts
lTe
tua
Ac
Answer:
m
.co
sts
lTe
A. MAC spoofing attacks allow an attacking device to receive frames intended for a different
network host.
Ac
B. ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection.
C. Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP
snooping attacks.
D. MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure
against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable
attack points.
E. Port scanners are the most effective defense against dynamic ARP inspection.
F. DHCP snooping sends unauthorized replies to DHCP queries.
Answer: D
Explanation:
DAI is a security feature that intercepts and verifies IP-to-MAC address bindings and discards
invalid ARP packets. DAI uses the DHCP snooping database to validate bindings. It associates a
trust state with each interface on the switch. Packets arriving on trusted interfaces bypass all DAI
"Pass Any Exam. Any Time." - www.actualtests.com 140
Cisco 642-892: Practice Exam
validation checks, and those arriving on untrusted interfaces undergo the DAI validation process.
In a typical network, all ports on the switch connected to host are configured as untrusted, and
switch ports are considered trusted. Use the ip arp inspection trust interface command to configure
the trust settings. When the switch is configured for DAI, it will rate-limit incoming ARP packets to
prevent DoS attacks.
Refer to the exhibit. Which two problems are the most likely cause of the exhibited output?
(Choose two.)
m
.co
sts
lTe
A. VRRP misconfiguration
B. spanning tree issues
C. transport layer issues
tua
Answer: D,E
Ac
Explanation:
Each router in an HSRP group has its own unique IP address assigned to an interface. This
address is used for all routing protocol and management traffic initiated by or destined to the
router. In addition, each router has a common gateway IP address, the virtual router address that
is kept alive by HSRP. This address is also referred to as the HSRP address or the standby
address . Clients can point to that virtual router address as their default gateway, knowing that a
router always keeps that address active. Keep in mind that the actual interface address and the
virtual (standby) address must be configured to be in the same IP subnet. You can assign the
HSRP address with the following interface command:
Switch( config-if)# standby group ip ip-address [secondary]
When HSRP is used on an interface that has secondary IP addresses, you can add the secondary
keyword so that HSRP can provide a redundant secondary gateway address.
"Pass Any Exam. Any Time." - www.actualtests.com 141
Cisco 642-892: Practice Exam
Refer to the exhibit. EIGRP is configured on all routers in the network. On the basis of the output
provided, which statement is true?
m
.co
sts
A. Because the key strings do not match, router R1 will not be able to ping routers R2 and R3.
B. Because the key chain names do not match, router R1 will not be able to ping routers R2
andR3 .
lTe
C. Because autosummarization needs to be turned on for EIGRP on all routers, router R1 will not
be able to ping routers R2 and R3.
D. Because authentication is misconfigured on interfaces Gi0/0 and Gi0/1 on router R2, router R1
tua
Answer: E
Explanation:
This is a valid example of EIGRP MD5 authentication. Since the networks lie in different network
boundaries, summarization will not be an issue.
Which three statements are true about the Internet Group Management Protocol (IGMP)? (Choose
three.)
Answer: B,D,E
Explanation:
IGMP ( Internet Group Management Protocol ) - is used to register individual hosts with a multicast
group IGMPv2- the router with the lowest IP on a subnet is designated querier IGMPv3 - enables a
multicast receiving host to specify to the router which sources it should forward traffic from (source
filtering)
m
IGMP Messages are IP datagrams with a protocol value of 2, a destination address of 224.0.0.2,
and a TTL value of 1
.co
Reference: http://wilcagre.com/index.php?n=IT.IPMulticast
sts
QUESTION NO: 173
Refer to the exhibit. All multilayer switches are running PIM sparse mode. Host B and Host F are
lTe
sending IGMPv2 join messages to their respective multilayer switches. Which statement is true?
tua
Ac
m
.co
sts
lTe
A. Switches 2 and 6 will participate in the multicast tree once pruning has taken place.
tua
B. Switches 1, 2, 3, and 6 will participate in the multicast tree once prune has taken place.
C. Switch 1 is the rendezvous of the multicast tree.
D. The multicast server is the rendezvous point of the multicast tree.
Ac
Answer: B
Which two are characteristics of the IS-IS protocol but not OSPF? (Choose two.)
Explanation:
IS-IS is the dynamic link-state routing protocol for the OSI protocol stack. As such, IS-IS
distributes routing information for routing CLNP data for the ISO CLNS environment. When IS-IS is
used strictly for the ISO CLNS environment, it is referred to as ISO IS-IS.
Differences between IS-IS and OSPF.
Although IS-IS and OSPF share many common features, they do have quite a few differences:
* Whereas OSPF routers can be part of multiple areas, an IS-IS router belongs to only one area
per routing process.
* In OSPF, the boundaries of areas are set in the router. The boundaries of areas are on the
network connections between routers for IS-IS, reiterating that each router is in only one area per
routing process.
* IS-IS utilizes CLNS protocol data units (PDUs) to send information between routers instead of
using IP packets, like OSPF does.
m
* IS-IS allows for the preempting of DRs, where OSPF does not.
* OSPF DROthers do not form adjacencies with other DROthers on broadcast multi-access
.co
networks, while in the same environment, all IS-IS intermediate systems form adjacencies with
one another.
* The backbone of an IS-IS network is designated by the type of routers in it instead of being
sts
designated by an area number (0, in the case of OSPF).
lTe
Which three conditions can cause BGP neighbor establishment to fail? (Choose three.)
tua
Answer: B,E,F
Explanation:
BGP uses TCP port 179 to establish and maintain neighbor relationships, so any access lists or
firewalls must permit this port for BGP to function.
By default, EBGP multi-hop is not enabled, so the EBGP peer must be directly connected in order
for the local BGP router to know how to reach the EBGP peer.
BGP uses neighbor statements that specify the AS number of the BGP peer. If it is the same
"Pass Any Exam. Any Time." - www.actualtests.com 145
Cisco 642-892: Practice Exam
number as the local BGP router process, then the BGP router knows that IBGP is useD. If the AS
number for the specified peer is different, then EBGP is useD. Either way, the specified neighbor
must be configured correctly, or the BGP peers will not become neighbors.
Refer to the exhibit. Which protocol establishes an optimal path to the root in a wireless mesh
network?
m
.co
sts
lTe
tua
Ac
Answer: D
Explanation:
Mesh networks are scalable outdoor networks that continuously communicate with each other to
determine link paths. If a link is degraded, the AP will determine whether a better path exists and
will route traffic through a more optimal node.
Intelligent wireless routing is provided by the patent-pending Adaptive Wireless Path (AWP)
protocol. This enables each AP to identify its neighbors and intelligently choose the optimal path to
the wired network by calculating the cost of each path in terms of signal strength and the number
m
.co
sts
lTe
tua
Answer:
Ac
m
.co
sts
m
Answer:
.co
sts
lTe
tua
Ac
You work as a network technician, study the exhibit below carefully. IP multicast for group address
224.1.1.1 has been enabled on all routers in the network. Hosts on Network A receive the
multicast traffic. However, hosts on Network B do not. Based on the outputs provided in the
exhibit, what could cause this problem?
"Pass Any Exam. Any Time." - www.actualtests.com 149
Cisco 642-892: Practice Exam
m
.co
sts
lTe
A. The multicast packets are sourced from a server with an unspecified IP address.
tua
Answer: C
Look at the following exhibit carefully then select a command which can generate a default route
on CK-R2 to reach all other networks except CK-R1?
Answer: A
m
QUESTION NO: 181
.co
What can be drawn from the following partial configuration on Router A? (Choose two.)
sts
interface serial 0
ip address 10.1.1.1 255.255.255.0
lTe
encapsulation frame-relay
ip ospf network point-to-multipoint
router ospf 7
tua
Answer: A,D
An ABR (area border router) will inject a default route into which two types of areas? (Choose
two.)
A. NSSA
B. area 0
Answer: C,D
Which item is the correct description of the repeater access point deployed in this wireless
network?
m
.co
sts
A. The repeater access point needs a 10 percent channel overlap with channel of the root access
point.
B. The repeater access point will deploy a different SSID than the SSID configured on the parent
lTe
access point.
C. The repeater access point reduces the throughput in half because it receives and then re-
transmits each packet on the same channel.
tua
D. The repeater access point will apply a different WEP encryption method than the WEP
encryption that is enabled on the parent access point.
Ac
Answer: C
Answer: A,C,D
Static VLAN membership is perhaps the most widely used method because of the relatively small
administration overhead and security it provides. Which feature is of a static VLAN membership
assignment?
Answer: B
m
Study the following graphic carefully Host1 and Host2, which belong to different VLANs, are in the
same subnet. According to the information displayed, which description is correct when trying to
ping from host to host?
.co
sts
lTe
tua
Ac
A. A trunk port should be configured on the link between CK-SW1 and CK-SW2 to ping
successfully.
B. The two hosts should be in the same VLAN in order to ping successfully.
C. A Layer 3 device is a must in order for the ping command to be successful.
D. The ping command will be successful without any further configuration changes.
Answer: D
Answer: B
VLAN Trunk Protocol (VTP) reduces administration in a switched network. When you configure a
m
new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This
reduces the need to configure the same VLAN everywhere. While using VTP, a Catalyst switch
.co
will advertise what VTP information on its trunk ports?
A. negotiation status
sts
B. STP root status
C. management domain
D. configuration revision number
lTe
Answer: C,D
tua
In the following provided network, the hub router is CK-RTC, while the spokes are CK-RTA and
Ac
CK-RTB. No virtual circuits exist between the spoke locations. In order to route traffic to the
11.11.11.0/24 network from CK-RTA successfully, what is necessary?
m
.co
A. Nothing is required. This is the default behavior on this topology.
B. The neighbor 10.10.10.1 next-hop-self command on CK-RTA.
sts
C. The neighbor 10.10.10.1 next-hop-self command on CK-RTC.
D. The neighbor 10.10.10.1 next-hop-self command on CK-RTB.
lTe
Answer: C
tua
in tne network presented in tne following exnmit, an routers are conrigurea witn EteRP. in oraer to
Ac
advertise a aerault route to CK-R4"s neighbors, which configuration command need to be added?
Answer: A
The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. It maintains a
table of IP networks or 'prefixes' which designate network reachability among autonomous
systems (AS). In routing updates, which BGP feature will not be advertised to o its neighboring
routers?
A. weight
B. next hop
C. local preference
m
D. origin
Answer: A
.co
sts
A Link State Advertisement (LSA) is an OSPF data packet containing link-state and routing
lTe
information that's shared among OSPF routers. The topology database contains information from
all of the Link State Advertisement packets that have been received for an area. In the OSPF
topology database, which of the following commands can show the Type 5 LSAs?
tua
Answer: D
Which three descriptions are correct concerning the diagram below? (Choose three.)
The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone. Which two
options best describe voice VLANs?
A. Voice VLANs permit IP phones to be moved around without worrying about subnets.
B. Voice VLANs permit logically combining voice and data packets.
C. Voice VLANs can be applied on all Cisco switches.
D. Using voice VLANs makes it easier for network administrators to identify and troubleshoot
network problems.
Answer: A,D
m
QUESTION NO: 195 .co
Refer to the following commands, which one can show the times of performing the OSPF
algorithm?
sts
C. show ip ospf
D. show ip protocol
tua
Answer: C
Ac
During selecting the BGP path on a Cisco router, which BGP feature will be first used to determine
the best path?
A. origin
B. next-hop
C. weight
D. AS-path
Answer: C
Answer: B,C
Which two statements correctly describe the distribution layer switches? (Choose two.)
A. The distribution layer is the aggregation point for multiple access switches.
m
B. The switches deployed at this layer must be able to handle connecting individual desktop
devices to the internetwork.
.co
C. This is where users gain access to the internetwork.
D. The distribution layer can participate in MLS and handle a router processor.
sts
Answer: A,D
lTe
Answer: D
Which two descriptions are correct about the STP blocked state of a port? (Choose two)
Answer: D
m
QUESTION NO: 202
On the basis of the exhibit below Host CK has sent an ARP message to the default gateway IP
address 10.10.10 description is correct?
.co
sts
lTe
tua
Ac
A. CK1 will reply with the MAC address of the next AVF.
B. Because of the invalid timers that are configured, CK2 will not reply.
C. CK2 will reply with the IP address of the next AVF.
D. CK2 will reply with the MAC address of the next AVF
Answer: D
A. VTP database
B. Static
C. Dynamic
D. DHCP server
Answer: B,C
Which of the following commands can be used to show that EIGRP is able to contact neighbors?
m
C. debug ip eigrp
D. debug ip eigrp traffic
Answer: B
.co
sts
Online Incorporated is an internet game provider. The game service network had recently added
an additional switch block with multiple VLANs configured. Unfortunately, system administrators
neglected to document the spanning-tree topology during configuration. For baseline purpose, you
tua
will be required to identify the spanning-tree topology for the switch block. Using the output of
"show spanning-tree" command on switch SW-C and the provided physical topology, answer the
following questions:
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
A. 24623.000f.34f5.0138
B. 32768.000d.bd03.0380
C. 32769.000d.65db.0102
D. 32815.000d.db03.0380
Answer: A
Online Incorporated is an internet game provide. The game service network had recently added an
additional switch block with multiple VLANs configured. Unfortunately, system administrators
neglected to document the spanning-tree topology during configuration. For baseline purpose, you
"Pass Any Exam. Any Time." - www.actualtests.com 162
Cisco 642-892: Practice Exam
will be required to identify the spanning-tree topology for the switch block. Using the output of???
Show spanning-tree??? Command on switch SW-C and the provided physical topology, answer
the following questions:
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Which port state is interface FaO/2 of switch SVV-B in for VLANs 1 and 106?
Ac
A. blocking
B. discarding
C. learning
D. listening
Answer: A
Online Incorporated is an internet game provide. The game service network had recently added an
additional switch block with multiple VLANs configured. Unfortunately, system administrators
neglected to document the spanning-tree topology during configuration. For baseline purpose, you
will be required to identify the spanning-tree topology for the switch block. Using the output of
"Pass Any Exam. Any Time." - www.actualtests.com 164
Cisco 642-892: Practice Exam
"show spanning-tree" command on switch SW-C and the provided physical topology, answer the
following questions:
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
A. PVST+
B. PVRST
C. MSTP/IEEE 802.1s
D. STP/IEEE802.1D
Answer: A
Online Incorporated is an internet game provide. The game service network had recently added an
additional switch block with multiple VLANs configured. Unfortunately, system administrators
neglected to document the spanning-tree topology during configuration. For baseline purpose, you
will be required to identify the spanning-tree topology for the switch block. Using the output of
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Which port role has interface FaO/2 of switch SVV-A adopted for VLAN 47?
Ac
A. alternate port
B. designated port
C. root port
D. nondesignated port
Answer: B
Answer: B
A. Routers connected across a WAN but not directly connected, for example Frame Relay, are
considered adjacent to each other.
B. An adjacency is the state that two neighbors can achieve after they have synchronized their
OSPF databases.
C. An adjacency is when another router has received an LSA from another area. The areas are
adjacent.
m
D. An adjacent router is one that has received a hello packet from a neighbor.
Answer: B
.co
sts
Which Cisco standard encapsulates a frame and even adds a new FCS field?
lTe
A. ISL
B. 802.3u
tua
C. 802.1Q
D. 8023z
Ac
Answer: A
Which type of OSPF network can a workaround used to account for the lack of multicast and
broadcast support inherent in the default behavior of Cisco router interfaces in a nonbroadcast
environment?
A. Nonbroadcast multi-access
B. Broadcast multi-access
C. Point-to-multipoint
D. Point-to-point
When a frame is received on an interface and the destination hardware address is unknown or not
in the filter table, what does a switch do?
A. Sends back a message to the originating station asking for a name resolution
B. Forwards the switch to the first available link
C. Floods the network with the frame looking for the device
D. Drops the frame
Answer: C
m
QUESTION NO: 214
.co
When an interface shows that it is in the init state, what is the meaning?
A. That this is a point-to-multipoint interface and is waiting to connect to the WAN cloud
sts
B. That a router sees a hello packet from a neighbor but the packet does not contain its own router
ID
C. Seen only on broadcast links, it shows that the election of the DR is in progress
lTe
D. That an interface is coming online, determining the IP address and OSPF parameters
Answer: B
tua
A. By sending and receiving BPDUs between switches. The fastest BPDU transfer rate on an
interface becomes the root port.
B. The switch determines the lowest cost of a link to the root bridge.
C. The root bridge broadcasts the bridge ID, and the receiving bridge determines what interface
this broadcast was received on and makes this interface the root port.
D. The switch determines the highest cost of a link to the root bridge.
Answer: B
Answer: A
Which two statements are true if this topology were configured with the NBMA OSPF network
type? (Choose two)
m
.co
sts
lTe
tua
Ac
Answer: A,C
A. Changing the VTP version on one switch changes all switches in a domain.
B. All switches are VTP clients by default
C. If you change the VTP version on one switch, you must change the version on all switches.
D. VTP is on by default with a domain name of Cisco on all Cisco switches.
Answer: A
When learning a new route, in the event that a received LSA is not found in the topological
database, what will an internal OSPF router do?
m
A. The LSA is flooded immediately out of all the OSPF interfaces, except the interface from which
the LSA was received. .co
B. The sequence numbers are checked, and if the LSA is valid, it is entered into the topology
database.
sts
C. The LSA is dropped and a message is sent to the transmitting router.
D. The LSA is placed in the topological database and an acknowledgement is sent to the
transmitting router.
lTe
Answer: A
tua
In order to advertise internal networks to external ISPs through BGP, which two approaches, can
be used?
Answer: A,D
Answer: B
Gateway Load Balancing Protocol (GLBP) protects data traffic from a failed router or circuit, like
m
Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP), while
allowing packet load sharing between a group of redundant routers. Refer to the following
.co
methods, which one could enable GLBP to forward traffic from a LAN segment through multiple
routers simultaneously?
sts
A. Multiple AVG designated routers respond to ARP requests.
B. Clients need to have different default gateway IP addresses coded.
C. The AVG assigns different virtual MAC addresses.
lTe
D. Proxy ARP allows multiple routers to respond to ARP requests from clients.
Answer: C
tua
Which command will you use when you want to set up an interface to use a DR, but do not want to
have to manually identify neighbors?
Answer: A
On the basis of the following exhibit, what can be drawn from the output of the debug command on
VRRP router?
"Pass Any Exam. Any Time." - www.actualtests.com 173
Cisco 642-892: Practice Exam
m
A. CK-RTA does not have VRRP preempt active.
B. VRRP is not active on CK-RTA.
.co
C. CK-RTB does not have VRRP active.
sts
D. CK-RTB has a different IP address coded for VRRP group 1 than CK-RTA.
Answer: D
lTe
Study the following configuration, which areas will have default routes automatically transmitted to
the routers in the respective areas?
Ac
A. Area 3
B. Neither area
C. Area 2
D. Both areas
Answer: D
Study the following configuration and exhibit seriously. CK-RTB is using the command aggregate-
address to summarize its networks from AS 64100. But, the command show ip route on CK-RTA
displays the CK-RTB individual networks and its summary route. Which of the following items can
make sure that the summary route appears in the CK-RTA routing table?
m
.co
sts
A. Clear the four network statements and leave only the aggregate-address statement in the BGP
configuration.
B. Add the keyword summary-only to the aggregate-address command.
lTe
C. Increase a static route with a prefix of 192.168.24.0 255.255.252.0 pointing to the null0
interface.
D. Create a route map allowing only the summary address.
tua
Answer: B
Ac
Which one of the following commands can be used to set a virtual hardware address on a VLAN
interface?
A. mac-address mac_address
B. set mac mac-address
C. config mac slot/port mac-address
D. set vlan mac-address mac-address
Answer: A
According to the following graphic, in order to summarize all routes from area 0 to area 1, which of
the following should be configured on CK-RTA?
m
D. summary-address 172.16.96.0 0.0.63.255
Answer: A .co
sts
QUESTION NO: 229
Which item provides a separate instance of Spanning Tree Protocol for every VLAN?
lTe
Answer: D
Ac
Which OSPF router types are allowed inside a not-so-stubby area?(Choose two)
Answer: B,C
Where will the trust boundary be established in this network based on the configuration provided in
the exhibit?
m
A. at the IP Phone
B. attheCK-PC
C. at the access switch CK-S1
.co
D. at the distribution switch CK-S2
sts
Answer: C
lTe
Which two options will be taken into consideration when you need to have inter-VLAN
tua
DR (Designated Router) is for environments where many routers on the same network such as
Ethernet. In the following presented network, all routers are reloaded simultaneously, and DR is
selected as expected. What is the CK-RTC status?
m
A. 2WAY/DR
B. FULL/DROTHER
.co
C. FULL/BDR
sts
D. FULL/DR
Answer: C
lTe
A BGP attribute, or path attribute, is a metric used to describe the characteristics of a BGP path.
Which of the following is a Cisco proprietary BGP path attribute?
Ac
A. weight
B. origin
C. next-hop
D. AS-path
Answer: A
One of the main features of OSPF is Multiple areas. Which statement explains the reason that this
feature is such an important enhancement to earlier routing protocols?
Answer: B
m
D. Dynamically and statically assigned VLAN ports
Answer: A
.co
sts
According to the displayed configuration in the exhibit below, do you know how CK-R5 will handle
lTe
m
.co
sts
lTe
A. The Hello packets are to be exchanged but the routers CK-R2 and CK-R5 would be neighbors
only.
B. The Hello packets are to be discarded but the routers CK-R2 and CK-R5 will be neighbors.
tua
C. The Hello packets will be dropped and no adjacency will be built between routers CK-R2 and
CK-R5.
D. The Hello packets are to be exchanged and adjacency are to be established between routers
Ac
Answer: C
Answer: A,B,D
When using the route map presented in the following exhibit, what will happen?
(Choose three.)
m
.co
sts
lTe
tua
A. The map prohibits the redistribution of all type 2 external OSPF routes with tag 6 set.
Ac
B. The map prohibits the redistribution of all external OSPF routes with tag 6 set.
C. All routes that do no match clauses 10 and 20 of the route map are redistributed with their tags
set to
D. The map allows the redistribution of all type 1 external OSPF routes.
Answer: A,C,D
Answer: A,B
A trunk link is the other type of Layer 2 port supported on Cisco switches. When a trunk port is
configured, it begins marking frames as they exit the port to indicate which VLAN each frame is
associated with. If a trunk link is configured with IEEE 802.1Q encapsulation, which of the
following will be the maximum Ethernet frame size?
A. 1548 Bytes
B. 1518 Bytes
C. 1500 Bytes
m
D. 1522 Bytes
Answer: D
.co
sts
For an IS-IS adjacency to be formed and maintained, which of the following should both interfaces
lTe
Answer: A,B
On the basis of the output provided below, in order to create a default route into the OSPF
domain, which command sequence should be added to CK-R1?
m
.co
A. ip default-gateway
sts
B. default-router
C. default-information originate always
D. ip default-network
lTe
Answer: C
tua
Which three options can be used by STP to determine the best path to the root bridge? (Choose
Ac
three.)
A. STP protocol
B. Port cost
C. Path cost
D. Port priority
Answer: B,C,D
If RTA wants to advertise all local interfaces over OSPF, which configuration command should be
used?
Answer: D
VLAN Trunking Protocol (VTP) is a Cisco proprietary Layer 2 messaging protocol that manages
m
the addition, deletion, and renaming of VLANs on a network-wide basis. VTP reduces
administration in a switched network. VTP information will be prevented from transmitting between
switches by lacking which two? .co
A. VLAN 1
sts
B. a trunk port
C. a root VTP server
D. VTP priority
lTe
Answer: A,B
tua
Answer: B,C,D
For the following configuration tasks, which three are necessary to enable multicast Auto-RP?
(Choose three.)
Answer: B,C,D
Observe the exhibit carefully. Both Routers CK1 and CK2 advertise network 131.25.0.0/16 to
router CK3 via internal BGP. Why does router CK3 chose router CK1 as its best path to network
131.25.0.0/16.
m
.co
sts
lTe
tua
Ac
Answer: D
Observe the following exhibit seriously; the neighbor relationship has been built between CK-R1
and CK-R2 which are exchanging routing information. Assume that you are a network technician,
how will you design the network to make CK-R1 receive routing updates from CK-R2 without
advertising any routes to CK-R2?
m
.co
sts
A. CK-R2(config)# access-list 20 deny any CK-R2(config)# router eigrp 1 CK-R2(config-router)#
distribute-list 20 out serial 0
B. CK-Rl(config)# access-list 20 permit any CK-Rl(config)# router eigrp 1 CK-Rl(config-router)#
lTe
distribute-list 20 in serial 0
C. CK-Rl(config)# access-list 20 deny any CK-Rl(config)# router eigrp 1 CK-Rl(config-router)#
distribute-list 20 out serial 0
tua
Answer: C
A. The MLS-SE sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- RPs
then record the hello packet information.
B. The MLS-SE sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- RPs
then respond to these hello packets.
C. The MLS-RP sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- SEs
then record the hello packet information.
Answer: C
According to the following graphic, a wireless customer is moving towards CK-AP2 from right to
left, why the wireless client will initiate roaming?
m
.co
sts
lTe
Answer: A,C,D
Look at the graphic below, the connectivity between Cisco IP phone access port and the
workstation CK-PC has been established, how to manage the traffic?
A. The IP phone access port will override the priority of the frames received from the CK-PC.
m
B. The IP phone access port would trust the priority of the frames received from the CK-PC.
C. The switch port FaO/4 would neglect the priority of the frames received from the CK-PC.
.co
D. The switch port FaO/4 would trust the priority for the frames received from the CK-PC.
Answer: A
sts
Which action will be taken if no seed or default metric is configured for OSPF when redistributing
EIGRP?
tua
Answer: C
Voice traffic is random in nature and competes for a limited number of shared resources or voice
channels. Much of today's voice traffic has migrated to wireless, cable, internet and other media
while the traditional Public Switched Telephone Network (PSTN) provides legacy voice
connectivity. Which three features are of voice traffic in the campus network?
A. TCP retransmits
Answer: B,C,D
Within the Internet, an Autonomous System (AS) is a collection of connected IP routing prefixes
under the control of one or more network operators that presents a common, clearly defined
routing policy to the Internet In the following diagram, each router in AS100 is configured with IGP
and routing updates are successfully exchanging between those routers. AS200 and AS300 have
established EBGP sessions via their directly connected routers in AS 100. Traffic from AS200 is
unable to reach the destination AS300. How to configure the routers in AS100 to forward traffic
m
coming from AS200 to AS300?
.co
sts
lTe
tua
Ac
A. IBGP session should be established between CK-R1 and CK-R2 and CK-R2 and CK-R3, and
the synchronization must be enabled.
B. IBGP session should be established between routers CK-R1 and CK-R2 and CK-R2 and CK-
R3, and the synchronization must be disabled.
C. IBGP speakers within autonomous 100 should be fully meshed, and the synchronization should
be disabled.
D. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be
turned off.
A. The XTAG is the MLS-SE ID and is used to identify each MLS-SE in the layer 2 network.
Therefore, it must be unique across all switches.
B. XTAG is a numerical value assigned by the MLS-SE to identify an MLS-RP. It is locally
significant.
C. XTAG is a numerical value assigned by the MLS-SE to identify an MLS-RP. It must be unique
throughout the VTP domain.
D. The XTAG is the MLS-RP router ID and is used to uniquely identify the MLS-RP to the MLS-
SE. It is a unique value throughout the layer 2 network.
m
Answer: B
.co
QUESTION NO: 258
sts
Which command displays whether the ATT bit has been set?
A. debugisis interface
lTe
B. showisis database
C. debug dns interface
D. showisis hello packets
tua
Answer: B
Ac
Answer: A
A. If no match is found in the distribute list, the implicit deny any at the end of the access list will
cause the update to be dropped.
B. Advertise the route if matched by a permit statement.
C. If a filter is present, the router examines the access list to see if there is a match on any of the
networks in the routing update.
D. Do not advertise the route if it is matched by a deny statement.
Answer: C
m
A. RPF settings within the RP routers
B. Passive interface applied to border interfaces
C. TTL threshold setting on border interfaces
.co
D. Distribution lists within an IGP such as BGRP or OSPF
sts
Answer: C
lTe
Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol for establishing a
tua
fault-tolerant default gateway. Which three of the following are possible HSRP router states on a
LAN?
Ac
A. standby
B. established
C. active
D. initial
Answer: A,C,D
Route filtering is the process by which certain routes are not considered for inclusion in the local
route database, or not advertised to one's neighbors. Route filtering is particularly important for
BGP on the global Internet, where it is used for a variety of reasons. Which three statements best
describe route filtering?
Answer: A,C,D
Study the exhibit carefully. Which Virtual Router Redundancy Protocol (VRRP) description is
m
correct regarding the roles of the master virtual router and the backup virtual router?
.co
sts
lTe
tua
Ac
Answer: B
m
QUESTION NO: 265
.co
Route redistribution (RR) has become an integral part of IP network design as the result of a
growing need for disseminating certain routes across routing protocol boundaries. By default,
sts
which description is true when redistributing routes from other routing protocols into OSPF?
Answer: B
Ac
For the following items, which criteria activates an interface that is configured to use dense mode?
(Choose two.)
Answer: A,B
A. Weight
B. LOCAL. PREF
C. AS_Path
D. AGGREGATOR
Answer: C
What are the differences between PIM DM and PIM SM? (Choose three.)
m
A. PIM DM assumes that all PIM neighbors have active members directly connected and initially
forwards multicast data out every interface.
.co
B. PIM SM requires an explicit join from a router before the router is added to the shared tree.
C. PIM DM is based on a source root tree distribution mechanism.
D. PIM SM is based on bidirectional shared root tree distribution.
sts
Answer: A,B,C
lTe
In which way will the following route map configuration effect on OSPF routes redistributed into
EIGRP?
Ac
m
.co
A. Routes matching prefix-list pfx are forward with EIGRP metric 20000 2000 255 1 1500.
B. All routes are redistributed.
sts
C. Routes without a tag of 6 and not matching prefix-list pfx have their tag set to 8.
D. Routes with a tag of 6 are redistributed unchanged.
lTe
Answer: C
tua
On the basis of the following presented exhibit, what will happen after configuring the neighbor
Ac
Answer: A
On the basis of the following configuration, users can not communicate through the router. What
should be changed to fix the configuration?
m
.co
sts
A. Illegal/inappropriate mask
lTe
Answer: D
Ac
As presented in the figure, OSPF has been configured over a FR network. Each PVC is active.
But, CK-R1 and CK-R3 are unable to see all OSPF routes in their routing tables. The command
show ip ospf neighbor is issued on CK-R2 to display the neighbors' status. How to fix the
problem?
A. The ip ospf network broadcast command need to be issued on each Frame Relay interface.
B. The neighbor command needs to be issued under the OSPF routing process on all routers.
m
C. The ip ospf priority value on the hub router needs to be set to 0.
D. The ip ospf priority value on the spoke routers should be set to 0.
Answer: D
.co
sts
Which option will be used to search the bridging tables in a 3550 switch?
A. Bridging database
B. CAM
tua
C. TCAM
D. DCAH
Ac
Answer: C
What is the meaning of the term non-blocking when referring to an Ethernet switch?
Answer: B
m
QUESTION NO: 276
The following output is generated by which command? IP address Hardware address Lease
.co
expiration Type 172.16.1.11 00a0.9802.32de Feb 01 1998 12:00 AM Automatic
Answer: C
tua
Answer: B
Which description is true about the routers that utilize eBGP to communicate with each other?
Answer: C
You work as a network engineer. If a switch is running 'hybrid IOS,' what do you understand it to
be using?
m
D. Software that has commands from both operating systems running in tandem
Answer: B
.co
sts
A. stub
B. remote
tua
C. backbone
D. ordinary or standard
Ac
Answer: A,C,D
Which queuing mechanisms will the 2950 switches support, running standard edition IOS
software? (Choose three.)
Answer: A,C,D
Based on the graphic below, which Catalyst switch interface command should be issued in order
for the switch to instruct the phone to override the incoming CoS from the CK-PC before sending
the packet to the switch?
m
B. switchport priority extend cos 2
C. mis qos cos 2
D. mis qos cos 2 override .co
Answer: B
sts
In computer networking a multicast address is an identifier for a group of hosts that have joined a
multicast group. Multicast addressing can be used in the Link Layer (OSI Layer 2), such as
Ethernet Multicast, as well as at the Internet Layer (OSI Layer 3) as IPv4 or IPv6 Multicast. Which
tua
A. The last 3 bytes (24 bits) of the multicast MAC address are 0x01-00-5E. This is a reserved
Ac
Answer: B,D
Answer: A
When a show port capabilities command on a 4000 series router shows that a port is type 2qlt,
what does that mean?
m
A. The port has two configurable queues, with one drop threshold.
B. The port has two queues but a single timer.
.co
C. The port has one configurable queue with two drop thresholds.
D. The port has the option of one or two configurable queues.
sts
Answer: A
lTe
According to the following output, can you tell me which command can redistribute IGRP into
tua
EIGRP?
Router eigrp 123 Network 10.10.10.0 No auto-summary i
Router igrp 123 Network 172.16.0.0 Network 172.17.0.0
Ac
A. Under the router eigrp mode add redistribute igrp 123 subnets
B. Under the router igrp mode add redistribute eigrp 123
C. Under the router eigrp mode add redistribute igrp 123
D. None, BGRP and IGRP are automatically redistributed in this instance.
Answer: D
Given the following items, which IP is used for the source address of BGP traffic in the absence of
the command update-source?
Answer: D
A. A queuing mechanism where each queue is of configurable length and is serviced using strict
priority
B. A queuing mechanism where each queue is of configurable length and is serviced in turn
C. A queuing mechanism where each queue is the same length and is serviced in turn
m
D. A queuing mechanism where each queue is of different length and is serviced in priority of size
Answer: B
.co
sts
Study the following figure carefully, which address is to be listed as the next-hop address when
lTe
CK-RTB passes BGP advertisements from CK-RTA about network 192.168.2.0 to CK-RTC?
tua
Ac
A. 192.168.1.49
B. 10.1.1.1
C. io.i.i.2
D. 192.168.1.50
Answer: D
Answer: C
Which of the following is BGP next hop (by default) set to?
m
C. The first router in the advertising AS
D. The first router in the AS
Answer: C
.co
sts
In the process of designing VLAN, which two recommended practices are correct?
Answer: B,D
A. It is proprietary
B. BGP prefers the highest value
C. Only used outside an AS
D. Default value is zero
Answer: B
Given the following route map, what will be the local-preference for 192.168.26.0/24?
m
A. 100
B. 200
C. 150
.co
D. 0
sts
Answer: C
lTe
Voice over Internet Protocol (VoIP) is a general term for a family of transmission technologies for
tua
delivery of voice communications over IP networks such as the Internet or other packet-switched
networks. Which of the following describes the order while placing a VoIP call I from IP phone CK-
P1 to IP phone CK-P2?
Ac
m
.co
A. RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2. IP phone CK-P1
alerts the CK-CCM of off-hook state. CK-CCM instructs IP phone CK-P1 to provide diaitone. IP
phone CK-P1 passes digits to CK-CCM. CK-CCM routes call to PSTN or IP phone CK-P2.
sts
B. CK-CCM instructs IP phone CK-P1 to provide diaitone. IP phone CK-P1 alerts the CK-CCM of
off-hook state. IP phone CK-P1 passes digits to CK-CCM. CK-CCM routes call to PSTN or IP
phone CK-P2. RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2.
lTe
C. CK-CCM instructs IP phone CK-P1 to provide diaitone. IP phone CK-P1 alerts the CK-CCM of
off-hook state. IP phone CK-P1 passes digits to CK-CCM.
RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2. CK-CCM routes call to
tua
phone CK-P2. RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2
Answer: D
Gateway Load Balancing Protocol (GLBP) protects data traffic from a failed router or circuit, like
Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP), while
allowing packet load sharing between a group of redundant routers. Which method used by GLBP
permits the AVG to prefer one GLBP router as the AVF over other GLBP routers until its tracked
interface goes down, while another router will be more preferred?
Answer: D
Multipath interference is a phenomenon in the physics of waves whereby a wave from a source
travels to a detector via two or more paths and, under the right condition the two (or more)
components of the wave interfere. Observe the following graphic seriously, at the CK-client end,
the signal transmitted from the CK-AP is reflected off a wall resulting in multipath interference.
Which description is correct?
m
.co
sts
lTe
A. If signal 2 is dose to 360 degrees out of phase with signal1, the result is essentially zero signal
or a dead spot in the WLAN.
tua
D. The transmitted signal from the CK-AP arrives at the CK-client at slightly different times
resulting in phase shifting.
Answer: D
A. Fragmentation
B. Checksum
C Flow labels
D. TCP
Answer: A
m
QUESTION NO: 300
Which two of the following are correct after enabling OSPF across an NBMA network and issuing
the command ip ospf network nonbroadcast?
.co
A. DR and BDR elections will occur.
sts
B. All routers must be configured in a fully meshed topology with all other routers.
C. DR and BDR elections will not occur.
D. The neighbor command is required to build adjacencies.
lTe
Answer: A,D
tua
A. Home address
B. Prefix
C. Correspondent nodes
D. Care-of address
Answer: A,D
Answer: D
In order to enable IPv6 routing on a Cisco router, which command will necessarily be used?
A. ipv6 routing
B. ipv6 unicast-routing
C. None, IPv6 routing is enabled by default.
D. ipv6 address
m
Answer: B
.co
QUESTION NO: 304
sts
Answer: A
Ac
6to4 is a system that allows IPv6 packets to be transmitted over an IPv4 network (generally the
IPv4 internet) without the need to configure explicit tunnels. How is a 6-to-4 tunnel different than a
manually configured tunnel?
Answer: C
An administrator would like to configure a switch over a virtual terminal connection from locations
outside of the local LAN. Which of the following are required in order for the switch to be
configured from a remote location? (Choose two.)
A. The switch must be configured with an IP address, subnet mask, and default gateway.
B. The switch must be connected to a router over a VLAN trunk.
C. The switch must be reachable through a port connected to its management VLAN.
D. The switch console port must be connected to the Ethernet LAN.
Answer: A,C
m
QUESTION NO: 307
.co
The network administrator of the CK-A router adds the following command to the router
configuration: ip route 192.168.12.0 255.255.255.0 172.16.12.1. What are the results of adding
this command? (Choose two.)
sts
lTe
tua
Ac
Answer: A,C
m
.co
sts
lTe
tua
Answer: C
Which command will provide you with information regarding the Layer 3 configuration of directly
connected router interfaces?
A. show ip interface
B. show cdp neighbors
C. show cdp neighbors detail
D. show ip route
Observe the following commands, which two can correctly configure a router to perform OSPF and
to add network 192.168.16.0/24 to OSPF area 0? (Choose two.)
Answer: B,D
m
QUESTION NO: 311
.co
Configure a router with EIGRP as the only routing protocol. If there is no feasible successor route
to a destination network and the successor route fails, how does EIGRP respond?
sts
A. It automatically forwards traffic to a fallback default route until a new successor route is found.
B. It immediately sends its entire routing table to its neighbors.
C. EIGRP sends a Hello packet to the DR to inform it of the route failure.
lTe
Answer: D
tua
Which port of CK-Sw2 is receiving BPDUs according to the diagram presented in the network?
m
A. Fa 0/2 only
B. Fa 0/3 only
C. Fa 0/1 and Fa 0/2 only
D. Fa 0/1 and Fa 0/3 only
.co
sts
Answer: D
lTe
According to the following diagram, both the switches Core and Core2 are Catalyst 2950s. The
tua
addressing scheme for each company site is as follows: Router Ethernet port - 1st usable address
Core - 2nd usable address Core2 - 3rd usable address For this network, which three commands
need to be configured on Core2 to allow it to be managed remotely from any subnet on the
Ac
Answer: B,C,D
m
A. Only the 172.16.0.0 network will be advertised to neighbors on the 192.168.2.0 network.
.co
B. All networks will be advertised to the 192.168.2.0 network neighbors, except the 172.16.0.0
network.
C. Only such routes will be advertised to the 192.168.2.0 network neighbors: routes learned by
sts
CK-R2 and from the interface connected to the network 172.16.0.0.
D. No routes learned by CK-R2 from the interface connected to the 172.16.0.0 network will be
advertised to the 192.168.2.0 network neighbors.
lTe
Answer: A
tua
Look at the following exhibit. Presume an IGP is correctly operating inside AS64192. As to BGP
Ac
m
A. CK-RT2 used the BGP command neighbor 192.168.33.1 ebgp-multihop
B. CK-RT1 used the BGP command neighbor 192.168.33.1 remote-as 64192
.co
C. CK-RT2 used the BGP command neighbor 192.168.33.1 remote-as 64192
D. PS4-RT2 used the BGP command update-source loopback 0
sts
Answer: C,D
lTe
CK has configured EIGRP to operate over Frame Relay multipoint connections. What do you think
tua
Answer: D
Which is the right order of the BGP attributes used for determining a route?
1. Weight
2. MED
3. AS_Path
4. Originate route
A. 5, 1, 4, 3, 2
B. 1, 5, 4, 2, 3
C. 2, 3, 1, 5, 4
D. 4, 3, 2, 1, 5
Answer: B
With reference to the exhibit, which statement is right about the router configuration shown?
m
.co
sts
lTe
A. This configuration will do nothing as it is also the 192.168.23.1 IP address that applies to the id
tua
C. Any DHCP requests received by this interface will be rebroadcasted by the router out to all
addresses included in the ip helper-address commands.
D. Any UDP broadcasts received by this interface will be rebroadcasted by the router out to all
addresses included in the ip helper-address commands.
Answer: B
You are troubleshooting an EIGRP connectivity problem. Two connected EIGRP routers are found
not becoming EIGRP neighbors. You attempt to ping between the two routers and succeed. What
should you check next?
Answer: A
During the implementation of 0SPFv3, which of the following description is right for the
configuration of OSPF areas?
A. In router configuration mode, the OSPFv3 areasnetwork are allotted by the network wildcard
m
area ID combination.
.co
B. In interface configuration mode, the OSPFv3 areas interfaces are allotted by the OSPFv3 area
ID combination.
C. In router configuration mode, the OSPFv3 areas interfaces are allotted by the IPv6 OSPF
sts
interface area ID combination.
D. In interface configuration mode, the OSPFv3 areas interfaces are allotted by IPv6 OSPF
process area ID combination
lTe
Answer: D
tua
Look at the following figure. You employ Router CK-R1 as a relay device for auto configuration of
Ac
m
CK-Rl(config-if)# ip helper-address 20.0.0.2
CK-Rl(config-if)# ip helper-address 20.0.0.3
CK-Rl(config-if)# ip helper-address 20.0.0.4
CK-Rl(config-if)# exit
.co
CK-Rl(config)# interface fastethernet 0/1
sts
CK-Rl(config-if)# ip helper-address 10.0.0.1
B. CK-Sl(config)# interface fastethernet 0/1
CK-Sl(config-if)# ip helper-address 10.0.0.2
lTe
Answer: A
Look at the following figure. You are required to build a BGP neighbor relationship between
routers CK-R1 and CK-R4. BGP packets between them could pass through CK-R2 or CK-R3.
Which do you think is the simplest configuration that will allow for failover?
m
.co
A. Configure only one neighbor relationship between CK-Rl's 192.168.1.2 interface and CK-R4's
sts
172.16.10.2 interface.
B. Configure loopback interfaces on CK-R1 and CK-R4 to supply BGP packets with the update
lTe
source address.
C. Configure BGP neighbor relationships between all interfaces on CK-R1 and CK-R4.
D. Install a direct connection between CK-R1 and CK-R4.
tua
Answer: B
Ac
Supposing that the primary path goes down, in order to reach a destination, what will EIGRP use?
A. successor
B. administrative distance
C. feasible successor
D. advertised successor
Answer: C
m
.co
A. The multicast source is connected to the serial 1/4 interface.
B. The multicast source is directly connected to this router.
C. The multicast receiver is directly connected to this router.
sts
D. The RP for this network is this router.
Answer: A,D
lTe
If you want to allow a switch to decide which ports to forward IP multicast messages to, what
methods may be effective? (Choose three)
Ac
A. IGMP
B. CGMP
C. IGMP snooping
D. static assignment
Answer: B,C,D
With regard to EIGRP neighbor router authentication, choose two correct statements. (Choose
two)
Answer: B,D
Which statement is correct based upon the following output from the show command on CK-RT1?
m
.co
sts
lTe
Answer: A
Ac
After we have entered the passive-interface router configuration command, which routing protocol
will keep on receiving and processing routing updates from neighbors?
A. is-is
B. OSPF
C. RIP
D. EIGRP
Answer: C
What is the MAC address that comes from the multicast address 239.255.0.1?
A. Ol-Ol-ef-ff-00-01
B. 10-00-ef-ff-OO-Ol
C. 01-00-5e-7f-00-01
D. 00-00-00-7f-00-01
Answer: C
m
Look at the following figure. What should be done to fulfill the IPv6 routing configurations shown?
.co
sts
lTe
tua
Ac
Answer: A
Look at the following exhibit. You have just configured EIGRP on all routers in the network. In
order that only the delay metric is used in the path calculations, you add the command metric
weights 0 0 1 0 0 to the EIGRP process. Which router will be the successor of the CK-R1 and
possible successor of Network A?
m
.co
sts
A. CK-R2 will be the successor and will be placed in the routing table. CK-R4 becomes the
lTe
C. CK-R4 will be the successor for Network A and will be included in the routing table. No possible
successor will be selected as the advertised distance from CK-R2 is higher than the feasible
distance.
Ac
D. CK-R4 will be the successor for Network A and will be placed in the routing table. CK-R2
becomes the possible successor for Network A.
Answer: C
What is the difference between the configuration of a totally stubby area and that of a stub area?
A. The totally stubby area requires the no-summary command on all routers.
B. The totally stubby area requires the totally stubby command on all routers.
C. The no-summary command should be included on the ASBR within the totally stubby area.
D. The no-summary command should be included on the ABR within the totally stubby area.
Answer: A,D
m
QUESTION NO: 334 .co
From the show ip eigrp topology command output, which code is the indication of a convergence
problem for the associated network?
sts
A. Active
B. Update
lTe
C. Query
D. SIA
tua
Answer: D
Ac
What is the meaning of the default value of the EIGRP variance command of 1?
Answer: D
A. A Cisco Aironet AP handles the transmission of beacon frames and also handles responses to
probe-request frames from clients.
B. Virtual MAC architecture allows the splitting of the 802.11 protocol between the Cisco Aironet
AP and a LAN switch.
C. A Cisco Aironet solution contains intelligent Cisco Aironet access points (APs) and Cisco
Catalyst switches.
D. The Cisco Aironet AP handles real-time portions of the LWAPP protocol, and the WLAN
controller handles those items which are not time sensitive.
Answer: A,D
m
Look at the partial configurations in the following figure, what address is applied for DR and BDR
identification on CK-R1? .co
sts
lTe
tua
Ac
Answer: A
The following exhibit shows ipv6 route output. What would the metric be for a summary route that
summarizes all three OSPFv3 routes displayed?
A. 160
B. 140
C. 120
m
D. 100
Answer: D .co
sts
QUESTION NO: 339
Look at the figure below: CK-F is advertising the 172.16.0.0 network to CK-B through EBGP. In
lTe
order that the path to the 172.16.0.0 network is available to all of CK-B's IBGP peers, which two
configuration options could be utilized, independently?
(Choose two)
tua
Ac
A. Group-specific queries
B. Source Filtering
C. Group Leaves
D. Group Joins
Answer: A,C
m
QUESTION NO: 341
Stub areas are areas through which or into which AS external advertisements are not flooded. An
.co
OSPF stub area has no external routes in it, so you cannot redistribute from another protocol into
a stub area. Which three items are limitations for OSPF stub areas?
sts
A. Prohibit virtual links.
B. The area should not be a backbone area.
C. Interarea routes are suppressed.
lTe
Answer: A,B,D
tua
Observe the following graphic carefully, could Area 1 allow redistributed RIP routes from OSPF
Area 2? And why?
Answer: A
m
D. The Aironet card is joined to a network, but there is no network activity.
Answer: B
.co
sts
Observe the following exhibit carefully the interfaces addresses on CK-RA are 192.168.1.1 and
lTe
172.16.1.1, while the interfaces addresses on CK-RB are 172.16.1.2 and 10.1.1.2. CK-RA serial
link is used to connect the two routers.
Which command can be issued to configure CK-RB with RIPv2?
tua
Ac
m
.co
sts
lTe
tua
Answer:
Ac
Which one of the following items gives the correct sequence of the association between a wireless
client and a wireless access point?
Answer: A
m
QUESTION NO: 346
.co
VTP is short for VLAN Trunking Protocol. Your customer's network is operating VTP with a domain
sts
named main1. On this network, VLANs 1,2,3,4,5,10,20 are active. All of a sudden, the entire
network goes down. Traffic only passes on VLAN1 and all switches are working. A switch called
Test1 was added to the network just before this malfunction appeared. What is the problem with
lTe
Test1?
A. TEST1 has a lower VTP configuration revision than the current VTP revision.
tua
Answer: B,C,D
Cisco Wireless LAN Controllers are responsible for system wide wireless LAN functions, such as
security policies, intrusion prevention, RF management, quality of service (QoS), and mobility.
Observe the following exhibit carefully the lightweight wireless architecture uses split MAC method
to split the 802.11 data processing and management protocols and the functionality of access
point between the WLAN controller and the access point. Choose three functionalities that are
handled by the WLAN controller.
Answer: B,C,D
m
QUESTION NO: 348 .co
You are a network technician of your company. Now you are tasked to configure the switches and
router in this network so that the hosts in VLAN3 and VLAN4 could communicate with the server in
sts
VLAN2. According to the exhibit, which two Ethernet segments should be configured as trunk
links?
lTe
tua
Ac
A. A
B. B
C. C
D. D
E. E
F. F
A wireless repeater is a computer networking device which acts as a repeater between a wireless
router and computers. Typical use of a wireless repeater is to add one when your computer is too
far away from any of the buildings' other wireless access points. If setting up properly, it will then
extend the range of the local wireless network. Which two descriptions are correct with regard to a
wireless repeater topology?
m
D. The repeater access point should use a different channel from what the root access point uses
to avoid interference.
Answer: A,C
.co
sts
The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. It maintains a
table of IP networks or 'prefixes' which designate network reach ability among autonomous
systems (AS). Look at the following graphic seriously, BGP are operating on CK-RTA and CK-
tua
RT8, but the session is active. In order to establish BGP session, which command should be
increased?
Ac
m
.co
sts
lTe
B. no synchronization
C. network 10.10.10.0
D. neighbor 10.10.10.1 next-hop-self
Ac
Answer: A
According to the information presented in the following exhibit, can you tell me the reason that the
trust state of interface FastEthernet 0/3 displays "not trusted"?
m
.co
sts
lTe
tua
Ac
m
.co
sts
Answer: D
tua
According to the diagram displayed below, which address can summarize the presented networks
successfully?
m
A. 192.168.0.0/24
.co
B. 192.168.8.0/20
sts
C. 192.168.8.0/21
D. 192.168.12.0/20
lTe
Answer: C
tua
Assume that you are a network technician of your company. Recently, you have designed an
Ac
access list to block the Accounting Department HTTP traffic from reaching the HR server which is
attached to the CK2 router. When grouped with the eO interface on the CKl router, which access
list can achieve this goal?
m
C. permit ip any any deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80
D. deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80 permit ip any any
Answer: D
.co
sts
The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. It maintains a
table of IP networks or 'prefixes' which designate network reachability among autonomous
systems (AS). Look at the following presented BGP configuration commands from the advertising
tua
router seriously, it is found that the 192.168.0.0 route is not being advertised in this network. Why?
Answer: A
Which two of the following descriptions are correct according to the displayed output of the
command show ip bgp summary? (Choose two.)
m
C. The BGP session to the 10.3.3.3 neighbor is created, but the router received no BGP routing
updates from the 10.3.3.3 neighbor.
.co
D. The router is attempting to establish a BGP peering session with the 10.2.2.2 neighbor.
Answer: A,D
sts
On the basis of the following exhibit, can you tell me why VLAN updates from switch CK-P2S1 are
not applied to switch CK-P1S1? (Choose three.)
tua
Ac
m
.co
sts
lTe
Answer: B,C,D
Ac
OSPF is a link-state routing protocol that calls for the sending of link-state advertisements (LSAs)
to all other routers within the same hierarchical area. In the network provided in the following
exhibit, each router is configured with OSPF. But, router CK-R1 can't receive a default route to
router CK-R2 as expected. How to solve this problem?
m
.co
A. Add the ip route 5.0.0.0 255.255.255.0 0.0.0.0 command to router CK-R2.
B. Add the always keyword to the default-information originate configuration command on router
sts
CK-R2.
C. Add the area 1 stub command on routers CK-R1.
D. Remove the default informationoriginate configuration command from router CK-R2 and place it
lTe
on router CK-R1
Answer: B
tua
A routing loop is a common problem with various types of networks, particularly computer
networks. They are formed when an error occurs in the operation of the routing algorithm, and as
a result, in a group of nodes, the path to a particular destination forms a loop. Which BGP feature
can prevent routing loops?
A. AS-path
B. weight
C. local preference
D. origin
Answer: A
Answer: C
m
A trunk is typically a point-to-point connection between two switches, it is very efficient and highly
.co
recommended that it runs in full-duplex mode. In the following diagram, a trunk link interconnects
switch CK-A_SW and switch CK-D_SW. How to manage the traffic from the switch CK-A_SW
based on the presented configuration?
sts
lTe
tua
Ac
Answer: C
m
.co
sts
lTe
tua
Ac
A. The traffic coming from Hostl and Host2 is forwarded through router CK-R2 with no disruption.
B. The traffic originating from Host2 is transmitted through router CK-R2 with no disruption. The
traffic from Hostl is dropped because of the disruption of the load balancing feature configured for
the glbp group.
Answer: A
Refer to the following IPv6 addresses, which one could correctly compress the IPv6 unicast
address 2001:0:0:0:0DB8:0:0:417A?
A. 2001:::0DB8:0:0:417A
B. 2001:0DB8:417A
C. 2001::0DB8::417A
m
D. 2001::DB8:0:0:417A
Answer: D
.co
sts
What will happen after redistributing other routing protocol routes into OSPF?
lTe
Answer: B
m
D. CK-RB will not advertise the 10.0.0.0/8 network because it is blocked by the ACL.
Answer: D .co
sts
QUESTION NO: 365
Alex is a network technician of his company. Look at the exhibit below seriously, in this network,
lTe
he has configured each router with OSPF and configured Area 5 as an NSSA area. The RIPv2
routes are redistributed into the OSPF domain on router CK-R5.Which two LSAs types are to be
generated by router CK-R5?
tua
Ac
Answer: A,F
Which two descriptions regarding voice VLANs are correct? (Choose two.)
A. Voice VLANs offer a trunking interface between an IP phone and an access port on a switch to
allow traffic from multiple devices connected to the port.
B. Enabling Voice VLAN on a switch port will automatically configure the port to trust the
incomingCoS markings.
C. Access ports configured with voice VLANs may ormay not override the CoS value that is
received from an IP phone.
D. Voice VLANs are configured using the switchport voice vlan vlan-ID interface configuration
m
command.
Answer: C,D
.co
sts
Open Shortest Path First (OSPF) is a routing protocol developed for Internet Protocol (IP)
lTe
networks by the Interior Gateway Protocol (IGP) working group of the Internet Engineering Task
Force (IETF). Which two statements best describe the OSPF link-state routing protocol? (Choose
two.)
tua
advertisement (LSA) and propagates it to all OSPF devices using the 224.0.0.6 multicast address.
C. OSPF sends summaries of individual link-state entries every 30 minutes to ensure LSDB
synchronization.
D. OSPF sends triggered updates when a network change occurs.
Answer: C,D
Answer:
m
.co
Explanation:
sts
lTe
tua
Ac
Regarding the following exhibit, the wireless LAN can be accessed by all the three different
wireless groups of users. In order to increase the network security, which security policy should be
applied to the Guest group users?
m
Answer: C
.co
QUESTION NO: 370
sts
When redistributing routes from other protocols, a metric will be required by which two routing
protocols? (Choose two.)
lTe
A. RIP
B. IS-IS
C. EIGRP
tua
D. BGP
Answer: A,C
Ac
When CDP finds out that a Cisco phone is attached, which three interface commands should be
used in order for the switch port to support a connected Cisco phone and to trust the CoS values
received on the port? (Choose three.)
Answer: B,C,D
How to exchange GLBP messages between routers sharing a common LAN segment?
Answer: A
m
QUESTION NO: 373
.co
According to the following graphic, the IS-IS backbone is composed by which routers?
sts
lTe
tua
Ac
Answer: D
The routers CK-1 and CK-3 are OSPF neighbors over the Ethernet 0/0 connection. According to
the output presented of the show ip ospf neighbor command, can you tell me which of the
following descriptions is correct?
m
A. CK-1 is the DR because it has a higher OSPF router priority.
.co
B. CK-3 is the DR because it has a higher OSPF router priority.
C
C. CK-3 is the DR because it has a lower OSPF router ID.
sts
D. Both CK-1 and CK-3 are using the default OSPF router priority.
Answer: A
lTe
The Autonomous WLAN solution and the Lightweight WLAN solution can be distinguished in
which two respects? (Choose two.)
Ac
A. CiscoWorks Wireless LAN Solution Engine can be used for management with the Lightweight
WLAN Solution.
B. CiscoWorks Wireless LAN Solution Engine can be used for management with the Autonomous
WLAN Solution.
V C. TACACS+ can only be used for authentication with the Cisco Lightweight WLAN solution.
D. Cisco Wireless LAN Controller is used to configure the access points in the Lightweight WLAN
solution.
Answer: B
IGMP (Group Management Protocol) snooping is designed to prevent hosts on a local network
from receiving traffic for a multicast group they have not explicitly joined. Which two statements
"Pass Any Exam. Any Time." - www.actualtests.com 248
Cisco 642-892: Practice Exam
best describe IGMP snooping? (Choose two.)
Answer: C,D
m
.co
The distribution switches are configured to use HSRP to provide a high availability solution as
follows:
DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN
sts
105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of
GigabitEthernet1/0/1 on the primary device should block the primary device from being the active
device,unless GigabitEthernet1/0/1 on the backup device has also failed.
lTe
tua
Ac
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running
configurations and the available show commands to investigate and respond to the following
A. The DSW1'S decrement value should be configured with a value from 5 to 15.
B. The DSW1'S decrement value should be configured with a value from 9 to 15.
C. The DSW1'S decrement value should be configured with a value from 11 to 18.
D. The DSW1'S decrement value should be greater than 190 and less 200.
E. The DSW1'S decrement value should be configured with a value from 195 to less than 205.
F. The DSW1'S decrement value should be configured with a value from 200 to less than 205.
m
Answer: C
Explanation:
.co
sts
Use "show run" command to show. The left Vlan102 is console1 of DS1. Priority value is 200, we
lTe
should decrement value in the track command from 11 to 18. Because 200 - 11 = 189 < 190 (
priority of Vlan102 on DS2 ).
tua
The distribution switches are configured to use HSRP to provide a high availability solution as
follows:
DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN
105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of
GigabitEthernet1/0/1 on the primary device should block the primary device from being the active
device,unless GigabitEthernet1/0/1 on the backup device has also failed.
m
.co
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running
configurations and the available show commands to investigate and respond to the following
sts
question.
were up. DSW2 became the active HSRP deveice for VLAN101 as desired.However,after
GigabitEthernet1/0/1 on DSW1 was reactivated.Dsw1 did not become the active device as
desired.
tua
What needs to be done to make the group for VLAN 101 function properly?
Ac
Answer: A
Explanation:
The distribution switches are configured to use HSRP to provide a high availability solution as
follows:
DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN
105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of
GigabitEthernet1/0/1 on the primary device should block the primary device from being the active
m
device,unless GigabitEthernet1/0/1 on the backup device has also failed.
.co
sts
lTe
tua
Ac
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running
configurations and the available show commands to investigate and respond to the following
question.
DSW2 has not become the active device for VLAN 103's HSRP group even though all interfaces
are active.As related to VLAN 103`s HSRP group,what can be done to make the group function
properly?
Answer: C
The distribution switches are configured to use HSRP to provide a high availability solution as
m
follows:
DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN
.co
105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of
GigabitEthernet1/0/1 on the primary device should block the primary device from being the active
device,unless GigabitEthernet1/0/1 on the backup device has also failed.
sts
lTe
tua
Ac
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running
configurations and the available show commands to investigate and respond to the following
question.
If GigabitEthernet1/0/1 on DSW1 is shut down,what will be the current priority value of the VLAN
"Pass Any Exam. Any Time." - www.actualtests.com 253
Cisco 642-892: Practice Exam
105`s HSRP group on router DSW1?
A. 95
B. 100
C. 150
D. 200
Answer: A
Explanation:
m
.co
sts
Priority is configured 150, Track is 55. So, if shutdown interface G1/0/1 -> 150 - 55 = 95.
lTe
The distribution switches are configured to use HSRP to provide a high availability solution as
follows:
Ac
DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN
105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of
GigabitEthernet1/0/1 on the primary device should block the primary device from being the active
device,unless GigabitEthernet1/0/1 on the backup device has also failed.
m
.co
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running
configurations and the available show commands to investigate and respond to the following
sts
question.
What is the configured priority value of VLAN 105`s HSRP group on DSW2?
lTe
A. 50
B. 100
tua
C. 150
D. 200
Answer: B
Ac
Explanation:
Use "show stantby brieft" command on console2 . Very easy to see priority of Vlan105 is 100.
The distribution switches are configured to use HSRP to provide a high availability solution as
follows:
DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN
105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of
GigabitEthernet1/0/1 on the primary device should block the primary device from being the active
device,unless GigabitEthernet1/0/1 on the backup device has also failed.
m
.co
sts
lTe
tua
Ac
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running
configurations and the available show commands to investigate and respond to the following
question.
A. On DSW1,disable preempt.
B. On DSW2, decrease the priority value to a value less than 150.
Answer: C
Explanation:
We should NOT disable preempt on DS1. By do that, you will make Vlan104's HSRP group fail
function. Example: if we are disable preempt on DS1. It can not become active device when
G1/0/1 on DS2 fail . In this question, G0/1/0 on DS1 & DS2 is shutdown. Vlan104 (left ) : 150 - 1 =
149. Vlan104 (right ) : 200 - 155 = 145. Result is priority 149 > 145 ( Vlan104 on DS1 is active). If
increase the decrement in the track value to a value greater than 6 ( > or = 6). Vlan104 (left ) : 150
m
- 6 = 144. Result is priority 144 < 145 ( vlan104 on DS2 is active).
.co
QUESTION NO: 383
sts
Refer to the exhibit. Which statement is true?
lTe
tua
Ac
A. Router RAR1 will accept only route 10.10.0.0/19 from its BGP neighbor.
B. Router RAR1 will send only route 10.10.0.0/19 to its BGP neighbor.
C. Only traffic with a destination from 10.10.0.0/19 will be permitted.
D. Only traffic going to 10.10.0.0/19 will be permitted.
Answer: A
Refer to the exhibit. Which statement is true about the 6.6.6.0/24 prefix?
A. If another path advertises the 6.6.6.0/24 path and has the default local preference, that path is
more preferred.
B. The command neighbor send-community is configured on BGP neighbor 10.10.23.3.
C. The route 10.10.23.3 is not being advertised to other BGP neighbors.
D. Route 6.6.6.0/24 is learned by an IBGP peer.
Answer: B
m
QUESTION NO: 385
.co
Which three IP multicast address related statements are true? (Choose three.)
sts
A. Multicast addresses 224.0.0.0 through 224.0.0.255 are always forwarded because they are
transmitted with Time to Live (TTL) greater than 1.
B. Multicast addresses 224.0.0.5 and 224.0.0.6 are source multicast addresses for OSPF routers.
lTe
C. Multicast addresses 224.0.0.13 and 224.0.0.22 are reserved link-local addresses used by
PIMv2 and IGMPv3.
D. Because they would map to overlapping IP multicast MAC addresses, multicast addresses
tua
F. The administratively scoped multicast addresses 239.0.0.0 through 239.255.255.255 are similar
in purpose to RFC 1918 private unicast addresses.
Answer: C,E,F
m
.co
sts
A. show ip ospf
B. show ip ospf interface
C. show ipv6 ospf interface
lTe
Answer: D
tua
A. Physically the voice network and the data network are separate.
B. The voice traffic will normally be on a different IP subnet than will the data traffic.
C. End user intervention is necessary to place the phone into the proper VLAN.
D. The same security policy should be implemented for both voice and data traffic.
E. The data VLAN must be configured as the native VLAN.
Refer to the exhibit. What is the effect when the switchport priority extend cos 3 command is
configured on the switch port interface connected to the IP phone?
A. Effectively, the trust boundary has been moved to the PC attached to the IP phone.
B. The computer is now establishing theCoS value and has effectively become the trust boundary.
C. The IP phone is enabled to override with aCoS value of 3 the existing CoS marking of the PC
m
attached to the IP phone.
.co
D. The switch will no longer tag incoming voice packets and will extend the trust boundary to the
distribution layer switch.
E. RTP will be used to negotiate aCoS value based upon bandwidth utilization on the link.
sts
Answer: C
lTe
In what three ways is QoS applied in the campus network? (Choose three.)
tua
A. No traffic marking occurs at the core layer. Layer 2/3 QoS tags are trusted from distribution
layer switches and used to prioritize and queue the traffic as it traverses the core.
Ac
B. IP precedence, DSCP, QoS group, IP address, and ingress interface are Layer 2 characteristics
that are set by the access layer as it passes traffic to the distribution layer. The distribution layer,
once it has made a switching decision to the core layer, strips these off.
C. MAC address, Multiprotocol Label Switching (MPLS), the ATM cell loss priority (CLP) bit, the
Frame Relay discard eligible (DE) bit, and ingress interface are established by the voice
submodule (distribution layer) as traffic passes to the core layer.
D. The distribution layer inspects a frame to see if it has exceeded a predefined rate of traffic
within a certain time frame, which is typically a fixed number internal to the switch.If a frame is
determined to be in excess of the predefined rate limit, the CoS value can be marked up in a way
that results in the packet being dropped.
E. The access layer is the initial point at which traffic enters the network. Traffic is marked (or
remarked) at Layers 2 and 3 by the access switch as it enters the network, or is "trusted" that it is
entering the network with the appropriate tag.
Answer: A,E,F
Which statement about the Lightweight Access Point Protocol (LWAPP) is true?
m
Answer: A
.co
QUESTION NO: 392
sts
Refer to the exhibit. Which three statements accurately describe this GLBP topology? (Choose
three.)
lTe
tua
Ac
A. Router A is responsible for answering ARP requests sent to the virtual IP address.
B. If Router A becomes unavailable, Router B will forward packets sent to the virtual MAC address
of Router A.
Answer: A,B,E
Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address?
m
Answer: D
.co
QUESTION NO: 394
sts
Refer to the exhibit. When a profile is configured in the Aironet Desktop Utility, which security
option permits the configuration of host-based Extensible Authentication Protocol (EAP)?
lTe
tua
Ac
A. WPA/WPA2/CCKM
Answer: C
Refer to the exhibit. Which three statements are true about trust boundaries in the campus
network? (Choose three.)
m
.co
sts
Answer: A,C,F
Ac
Refer to the exhibit. The command spanning-tree bpdufilter enable is configured on interface
Fa0/1 on switch S6. The link between switch S5 and S6 fails. Will Host A be able to reach Host B?
Answer: E
Which two statements about the Cisco Aironet Desktop Utility (ADU) are true? (Choose two.)
A. The Aironet Desktop Utility (ADU) can be used to establish the association between the client
adapter and the access point, manage authentication to the wireless network, and enable data
m
encryption.
.co
B. The Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can be
used at the same time to configure the wireless client adapter.
C. The Aironet Desktop Utility (ADU) can support only one wireless client adapter installed and
sts
used at a time.
D. The Aironet Desktop Utility (ADU) profile manager feature can create and manage only one
profile for the wireless client adapter.
lTe
E. When the user selects a different profile in the Aironet Desktop Utility (ADU), the settings for the
wireless client adapter are changed only after a reboot.
tua
Answer: A,C
Ac
What are three required steps to configure DHCP snooping on a switch? (Choose three.)
Answer: A,B,C
Which two statements are true about voice packets in a LAN? (Choose two.)
Answer: C,D
m
QUESTION NO: 400
Answer: B
tua
Which two types of activities does the Lightweight Access Point Protocol (LWAPP) define?
(Choose two.)
Answer: A,D
A. The processing of 802.11 data and management protocols and access point capabilities is
distributed between a lightweight access point and a centralized WLAN controller.
B. LWAPP aggregates radio management forward information and sends it to a wireless LAN
solution engine.
C. LWAPP authenticates all access points in the subnet and establishes a secure communication
channel with each of them.
D. LWAPP advertises its WDS capability and participates in electing the best WDS device for the
wireless LAN.
Answer: A
m
Which statement describes the function of a trust boundary?
.co
A. Trust boundaries determine whether certain types of traffic can pass.
B. Trust boundaries are a point in the network where decisions about CoS markings on incoming
packets are made.
sts
C. Trust boundaries are a point in the network where QoS functionality begins and ends.
D. Trust boundaries are points in the network where Layer 2 CoS markings are converted to Layer
lTe
Answer: B
tua
Which two statements about voice VLANs are correct? (Choose two.)
Answer: D,F
Which two statements are true about network voice traffic? (Choose two.)
A. Voice traffic is affected more by link speed than FTP traffic is.
B. Voice traffic is affected more by packet delays than FTP traffic is.
C. Voice streams involve larger packet sizes than most TCP network traffic involves.
D. Voice traffic is more sensitive to packet loss than TCP network traffic is.
E. Voice traffic requires QOS mechanisms only in heavily loaded network segments.
Answer: B,D
Refer to the exhibit. Which two Lightweight Access Point statements are true? (Choose two.)
m
.co
sts
lTe
tua
A. An AP that has been upgraded from an autonomous AP to lightweight AP will only function in
conjunction with a Cisco Wireless LAN controller.
Ac
B. Autonomous APs receive control and configuration information from a WLAN controller.
C. LWAPP increases the amount of processing within the APs, enabling them to support filtering
and policy enforcement features.
D. Real time events such as authentication, security management, and mobility are handled by the
lightweight AP.
E. Lightweight APs require local configurations using local management.
F. WLAN controllers provide a single point of management.
Answer: A,F
A. B, D, C, J, I, A
B. B, D, G, J, I, A
m
C. D, B, G, E, I, H
D. D, F, C, E, I, H
E. F, D, C, E, I, H
.co
F. F, D, G, J, I, A
sts
Answer: B
lTe
An attacker is launching a DoS attack with a public domain hacking tool that is used to exhaust the
tua
IP address space available from the DHCP servers for a period of time. Which procedure would
best defend against this type of attack?
Ac
Answer: D
Answer: B
Refer to the exhibit. What can be concluded about VLANs 200 and 202?
m
.co
A. VLAN 202 carries traffic from promiscuous ports to isolated, community, and other promiscuous
sts
ports in the same VLAN. VLAN 200 carries traffic between community ports and to promiscuous
ports.
B. VLAN 202 carries traffic from promiscuous ports to isolated, community, and other promiscuous
lTe
ports in the same VLAN. VLAN 200 carries traffic from isolated ports to a promiscuous port.
C. VLAN 200 carries traffic from promiscuous ports to isolated, community, and other promiscuous
ports in the same VLAN. VLAN 202 carries traffic between community ports and to promiscuous
tua
ports.
D. VLAN 200 carries traffic from promiscuous ports to isolated, community, and other promiscuous
ports in the same VLAN. VLAN 202 carries traffic from isolated ports to a promiscuous port.
Ac
Answer: B
Which three features are part of the Cisco Compatible Extensions program? (Choose three.)
A. security
B. routing and switching
C. VLAN and QoS
D. analog and digital voice
E. accounting
F. mobility
A. to provide access to proprietary Cisco IOS software code in order to expand the number of
vendors writing wireless code
B. to provide Cisco engineers with the opportunity to certify that any wireless devices that are
made by third parties are compatible with Cisco wireless products
C. to provide customers with a broad range of WLAN client devices that have been tested for
interoperability with Cisco Aironet innovations
D. to provide third parties with Cisco hardware in order to encourage the development of radical
innovation in the area of wireless
m
Answer: C
.co
QUESTION NO: 413
sts
Refer to the exhibit. Which two statements are true about how the IP phone can be configured to
perform CoS markings? (Choose two.)
lTe
tua
Ac
A. The IP phone can tag voice traffic in the access or voice VLAN with a Layer 2 CoS value.
B. The IP phone can only tag voice traffic with a Layer 2 CoS value in the voice VLAN.
C. The default configuration of the IP phone is to pass traffic from the host without changing
theCoS value.
D. The IP phone can be configured to pass traffic from the host without changing the CoS value.
E. By default, the IP phone tags traffic from the host with the default CoS value of 5.
Answer: A,D
A. Ports Fa2/1 and Fa2/2 source DHCP requests only. Port Fa3/1 is eligible to source all DHCP
messages and respond to DHCP requests.
m
B. Ports Fa2/1 and Fa2/2 respond to DHCP requests only. Port Fa3/1 is eligible to source all
DHCP messages.
.co
C. Ports Fa2/1 and Fa2/2 are eligible to source all DHCP messages and respond to DHCP
requests. Port Fa3/1 can source DHCP request only.
D. All three ports, Fa2/1, Fa2/2, and Fa3/1, are eligible to source all DHCP messages and respond
sts
to DHCP requests.
Answer: C
lTe
Refer to the exhibit. What two statements are true about the IS-IS configuration? (Choose two.)
Ac
m
B. The router has a system ID of 0003.0004.
C. The router acts as a Level 1-2 router. .co
D. The network service access point selector (NSEL) byte has a value of 0.
E. CLNS routing is enabled for the router.
sts
Answer: C,D
lTe
Refer to the exhibit. Which two statements about the IS-IS configurations of router R1 and router
tua
Answer: A,B
Which three options are supported as address allocation mechanisms for DHCP on Cisco routers?
(Choose three.)
m
A. The IP address can be automatically assigned to a host.
.co
B. The IP address can be assigned as a random hash value of the burned-in-address of the
lowest-numbered LAN interface on the router.
C. The network administrator can assign a specific IP address to a specific host MAC address.
sts
D. The IP address can be assigned from configured pools in a reverse lexicographical order.
E. The IP address can be assigned to a host for a limited time or until the host explicitly releases
the address.
lTe
F. The IP address can be assigned to a host until the host usurps the assigned value using its own
dynamic override mechanism.
tua
Answer: A,C,E
Ac
Refer to the exhibit. What two conclusions can be made based on the DHCP configuration?
(Choose two.)
m
C. The IP address of the default router is used for DHCP relay.
D. The DHCP clients learn the excluded address ranges that area configured.
.co
E. The configured domain name is propagated to the DHCP clients.
Answer: B,E
sts
Refer to the exhibit. Which statement is true about the router configuration that is shown?
tua
Ac
Answer: C
Refer to the exhibit. Which statement is true about the router with ID 10.64.0.1?
m
A. It is the BDR for the local segment.
B. It is the DR for the local segment.
C. It is not running OSPF.
.co
D. It has an OSPF priority of 1 on the attached interface.
E. It has a loopback that is configured.
sts
Answer: F
lTe
The show ip route command generated routes flagged as O N2 and O N1. Which option best
describes how these routes were created?
Ac
Answer: D
Refer to the exhibit. RTR-38 has two possible paths to reach the indicated networks but only
chooses next hop 172.20.72.1. Which two options would cause RTR-38 to choose next hop
172.20.73.1 for network 192.168.101.0 but still use next hop 172.20.72.1 for the remaining
"Pass Any Exam. Any Time." - www.actualtests.com 275
Cisco 642-892: Practice Exam
networks? (Choose two)
A. On RTR-38 apply a route map to neighbor 172.20.73.1 incoming that changes the local-
preference to 200 for network 192.168.101.0.
B. On RTR-38 apply a route map to neighbor 172.20.73.1 incoming that changes the local-
preference to 200 for all networks accept 192.168.101.0.
C. On RTR-38 apply the command neighbor 172.20.73.1 weight 200.
m
D. On RTR-38 apply the command neighbor 172.20.72.1 weight 200.
E. On BGP neighbor router 172.20.73.1 apply a route map that advertises a MED of 200 for
network 192.168.101.0 to RTR-38. .co
F. On BGP neighbor router 172.20.72.1 apply a route map that advertises a MED of 200 for
network 192.168.101.0 to RTR-38.
sts
Answer: A,F
lTe
During BGP configuration on a router that has peered with other BGP speakers, the BGP
command aggregate-address 172.32.0.0 255.255.252.0 is issued. However, the peers do not
receive this aggregate network in BGP advertisements. Also, the router does not have this
Ac
aggregate network in its BGP table. Which option indicates a possible reason this command did
not cause the router to advertise the aggregate network to its peers?
Answer: D
A. The router's fa0/0 interface will be assigned the reserved address of 20.0.0.2.
B. The router will import its DHCP options from a configuration file on a TFTP server.
m
C. The router's fa0/0 interface will be assigned any address from the 20.0.0.0/8 network except
20.0.0.2.
.co
D. The router will add the DHCP option parameters it learns from another server into its DHCP
server database.
sts
Answer: D
lTe
Refer to the exhibit. Routing updates for the 192.168.1.0 network are being received from all three
tua
neighbors. Which statement is correct regarding the result of the configuration shown?
Ac
A. The router will prefer the next hop of 172.16.1.1 for packets destined for the 192.168.1.0
network.
Answer: B
Which spanning-tree command would cause a PortFast-enabled interface to lose its PortFast-
operational status and disable BPDU filtering if it receives BPDUs?
m
B. spanning-tree bpduguard enable
C. spanning-tree portfast bpduguard default
D. spanning-tree bpdufilter enable
.co
E. spanning-tree portfast bpdufilter default
sts
Answer: E
lTe
Which spanning-tree command would essentially disable spanning tree on an interface and make
tua
Answer: B
Which statement correctly describes the results of the Ethernet switch global configuration
command spanning-tree loopguard default?
Answer: E
Which optional feature of an Ethernet switch disables a port on a point-to-point link if the port does
m
not receive traffic while Layer 1 status is up?
A. BackboneFast
B. UplinkFast
.co
C. Loop Guard
sts
D. UDLD aggressive mode
E. Fast Link Pulse bursts
F. Link Control Word
lTe
Answer: D
tua
Which three statements are true about routed ports on a multilayer switch? (Choose three)
Ac
Answer: B,C,F
Answer: A,B,E
Refer to the exhibit. Why are users from VLAN 100 unable to ping users on VLAN 200?
m
.co
sts
lTe
tua
Ac
Answer: B
m
.co
sts
Answer: F
Ac
Which three characteristics are true about voice traffic in the campus network? (Choose three.)
A. TCP retransmits
B. benign
C. greedy
D. drop sensitive
E. smooth
F. delay insensitive
Answer: B,D,E
Refer to the exhibit. OSPF is configured on all routers in the network. On the basis of the show ip
ospf neighbor output, what prevents R1 from establishing a full adjacency with R2?
m
.co
A. Router R1 will only establish full adjacency with the DR and BDR on broadcast multiaccess
sts
networks.
B. Router R2 has been elected as a DR for the broadcast multiaccess network in OSPF area 1.
C. Routers R1 and R2 are configured as stub routers for OSPF area 1 and OSPF area 2.
lTe
D. Router R1 and R2 are configured for a virtual link between OSPF area 1 and OSPF area 2.
E. The Hello parameters on routers R1 and R2 do not match.
tua
Answer: A
Ac
In the event that two devices need access to a common server, but they cannot communicate with
each other, which security feature should be configured to mitigate attacks between these
devices?
A. port security
B. dynamic ARP inspection
C. DHCP snooping
D. private VLANs
E. BPDU guard
Answer: D
A. DHCP snooping validates the header information of all DHCP replies and only allows the reply
through if it has a matching request in the DSRT.
B. DHCP snooping validates all DHCP responses from all switch ports and only allows packets
through if the destination port sent a DHCP request in the last 5 seconds.
C. DHCP snooping validates all DHCP responses from all switch ports and only allows packets
through if the destination port specifically sent a DHCP request.
D. DHCP snooping determines which switch ports are trusted and can source all DHCP
messages.
Answer: D
m
QUESTION NO: 438
.co
A network administrator would like to configure 802.1x port-based authentication, however, the
client workstation is not 802.1x compliant. What is the only supported authentication server that
can be used?
sts
Answer: C
Ac
Which two statements are true about port security? (Choose two.)
A. With port security configured, four MAC addresses are allowed by default.
B. Port security cannot be configured for ports supporting VoIP.
C. With port security configured, only one MAC address is allowed by default.
D. The network administrator must manually enter the MAC address for each device in order for
the switch to allow connectivity.
E. Port security can be configured for ports supporting VoIP.
Answer: C,E
A switch has been configured with PVLANs. With what type of PVLAN port should the default
gateway be configured?
A. Isolated
B. Promiscuous
C. Community
D. Primary
E. Trunk
Answer: B
m
What is the function of the Service Set Identifier (SSID) in the wireless LAN?
.co
A. The SSID should be configured on the client site only and provides data-privacy functions and
authentication to the access point.
B. The SSID must match on both the client and the access point. The SSID is advertised in plain-
sts
text in the access point beacon messages.
C. The SSID must match on both the client and the access point and provides encryption keys for
authentication to the access point.
lTe
D. The SSID must match on both the client and the access point and provides MAC Address
Authentication to authenticate the client to the access point.
tua
Answer: B
Ac
Which statement is true about the data traffic between the access point and controller?
A. The data traffic is switched at the access point before being sent to the WLAN controller where
VLAN tagging and QoS are applied.
B. The data traffic is encrypted with AES.
C. The data traffic between the access point and controller is encrypted.
D. The data traffic is encapsulated with LWAPP.
Answer: D
Answer: A
m
QUESTION NO: 444
.co
Refer to the exhibit. What happens when the switch SW2 is connected to the rest of the network in
the VTP domain Lab_Network?
sts
lTe
tua
A. The recently introduced switch SW2 adds one more VLAN to the VLAN database in the VTP
domain.
Ac
B. The recently introduced switch SW2 creates a STP loop in the VTP domain.
C. The recently introduced switch SW2 removes all configured VLANs throughout the VTP
domain.
D. The recently introduced switch SW2 switches over to VTP transparent mode in order to be
included into the VTP domain.
E. A trunk should be configured between the two switches in order to integrate SW2 into the VTP
domain.
Answer: C
Answer: D
m
B. by reducing unnecessary flooding of traffic to inactive VLANs
C. by limiting the spreading of VLAN information
D. by disabling periodic VTP updates
.co
Answer: B
sts
Which technology manages multicast traffic at Layer 2 by configuring Layer 2 LAN interfaces
dynamically to forward multicast traffic only to those interfaces that want to receive it?
tua
A. IGMP
B. IGMP snooping
Ac
C. PIM-DM
D. DVMRP
E. MOSPF
Answer: B
Which well-defined routing protocol would a network administrator configure on multicast routers
when member routers are widely dispersed?
Answer: D
When building an IP multicast domain using PIM which mode assumes that other routers do not
want to forward multicast packets for the group?
A. PIM-DM
B. PIM-SM
C. PIM-RP
D. CGMP
m
E. IGMP snooping
Answer: B
.co
sts
A. The interface is put into permanent trunking mode and negotiates to convert the link into a trunk
link.
tua
Answer: B
Which DTP switchport mode parameter sets the switch port to actively send and respond to DTP
negotiation frames?
A. access
B. trunk
C. no negotiate
D. dynamic desirable
E. dynamic auto
A. 39.0f01.0002.0000.0c00.1111.00
B. 48.0f01.0002.0000.0c00.1111.00
C. 49.0004.30ac.0000.3090.c7df.00
D. 52.0f01.0002.0000.0c00.1111.00
Answer: C
m
QUESTION NO: 453
Answer: A,B
tua
IS-IS is often considered an alternative to OSPF in the IP world. Which two statements identify
similarities between IS-IS and OSPF? (Choose two.)
A. support for designated intermediate systems and backup designated intermediate systems
B. support for multiple areas per router
C. support for classless routing
D. support for address summarization between areas
E. support for both DIS adjacencies and neighbor adjacencies
Answer: C,D
A. The elected backup designated router takes the place of the DIS indefinitely without the
necessity of a new election.
B. The elected backup designated router takes the place of the DIS temporarily without the
necessity of a new election, until the original DIS comes back online.
C. A new election process occurs immediately, establishing a new DIS that will remain in place
indefinitely.
D. A new election process occurs immediately, establishing a new DIS until a router with a higher
priority or MAC address establishes an adjacency.
Answer: D
m
Which protocol inserts a four byte tag into the Ethernet frame and recalculates CRC value?
A. VTP
.co
B. 802.1Q
C. DTP
sts
D. ISL
Answer: B
lTe
In reference to the P1R3 show isis route output, which statement is true?
Ac
Answer: D
m
QUESTION NO: 459
.co
What is periodically sent by a DIS on a LAN to ensure that all adjacent neighbors' IS-IS link-state
databases are synchronized?
sts
A. complete SNP (CSNP)
B. partial SNP (PSNP)
C. database query
lTe
Answer: A
Ac
What does IS-IS use to establish and maintain neighbor relationships between IS's?
A. IIH
B. LSP
C. CLNS
D. CLNP
E. ISH
Answer: A
What is the default metric used on IS-IS routers for each interface?
Answer: A
Which two tasks are required to configure PIM for IP multicast routing? (Choose two.)
m
A. Join a multicast group.
B. Enable CGMP.
C. Enable IP multicast routing.
D. Configure the TTL threshold.
.co
E. Enable PIM on an interface.
sts
Answer: C,E
lTe
Answer: D
Which BGP attribute will not be advertised in routing updates to its neighboring routers?
A. weight
B. local preference
C. origin
Answer: A
What are two Cisco IOS commands that can be used to view neighbor adjacencies? (Choose
two.)
m
Answer: B,D
.co
QUESTION NO: 466
sts
Which statement is true about IBGP routers?
Answer: D
Ac
A. 39
B. 39.0100
C. 39.0100.0102
D. 0001
E. 0001.0c00
F. 0001.0c00.1211
Answer: C
m
.co
A. RTA will redistribute the RIP routes into the NSSA as type 7 LSAs. RTB will translate the type 7
LSAs into type 5 LSAs and flood them throughout the OSPF backbone.
sts
B. RTA will redistribute the RIP routes into the NSSA as type 7 LSAs. RTB will flood the type 7
LSAs throughout the backbone.
C. RTA will redistribute the RIP routes into the NSSA as type 5 LSAs. RTB will flood the type 5
lTe
E. RTA will not redistribute the RIP routes into the NSSA.
Answer: A
Ac
Which option correctly identifies the Cisco IOS switching methods in descending order from the
fastest method to the slowest method?
Refer to the exhibit. An administrator is verifying that a CEF FIB entry exists to destination network
192.168.150.0. Given the output generated by the show ip cef and show adjacency detail
commands, which three statements are true? (Choose three.)
m
.co
sts
A. There is a valid CEF entry for the destination network 192.168.150.0.
B. The "valid cached adjacency" entry indicates that CEF will put all packets going to such an
adjacency to the next best switching mode.
lTe
C. The counters (0 packets, 0 bytes) indicate a problem with the 192.168.199.3 next hop IP
address.
D. There is an adjacency for the 192.168.199.3 next hop IP address.
tua
E. The number 003071506800 is the MAC address of the 192.168.199.3 next hop IP address.
F. The number 003071506800 is the MAC address of the source IP address.
Ac
Answer: A,D,E
Which two statements are true about a switched virtual interface (SVI)? (Choose two.)
Answer: B,C
An administrator types in the command router ospf 1 and receives the error message: "OSPF
process 1 cannot start." (Output is omitted.) What should be done to correctly set up OSPF?
Answer: B
m
QUESTION NO: 473
Refer to the exhibit. The switchport output in Figure 1 displays the default settings of interface
.co
FastEthernet 0/13 on switch SW1. Figure 2 displays the desired interface settings. Which
command sequence would configure interface FastEthernet 0/13 as displayed in Figure 2?
sts
lTe
tua
Ac
Answer: B
Refer to the exhibit. For what purpose is the command show ip cef used?
m
.co
sts
lTe
tua
Answer: F
Refer to the exhibit. Host A and Host B are connected to the Catalyst 3550 switch and have been
assigned to their respective VLANs. The rest of the 3550 configuration is the default configuration.
Host A is able to ping its default gateway, 10.10.10.1, but is unable to ping Host B. Given the
output displayed in the exhibit, which statement is true?
m
.co
sts
lTe
Answer: D
Refer to the exhibit. On the basis of the output generated by the show commands, which two
statements are true? (Choose two.)
m
.co
sts
lTe
tua
Answer: C,E
What does the Catalyst switch interface configuration command switchport trunk native vlan 7
accomplish?
Answer: C
Refer to the exhibit. Based upon the output of show vlan on switch CAT2, what can we conclude
about interfaces Fa0/13 and Fa0/14?
m
.co
sts
lTe
Answer: C
Refer to the exhibit. VLAN2, VLAN3, and VLAN10 are configured on the switch D-SW1.
Host computers are on VLAN 2 (10.1.2.0), servers are on VLAN 3 (10.1.3.0), and the
management VLAN is on VLAN10 (10.1.10.0). Hosts are able to ping each other but are unable to
reach the servers. On the basis of the exhibited output, which configuration solution could rectify
the problem?
m
B. Configure a default route that points toward network 200.1.1.0/24.
C. Assign an IP address of 10.1.3.1/24 to VLAN3.
.co
D. Configure default gateways to IP address 10.1.2.1 on each host.
E. Configure default gateways to IP address 10.1.10.1 on each host.
sts
F. Configure default gateways to IP address 200.1.1.2 on each host.
Answer: C
lTe
Refer to the exhibit. Which interface or interfaces on switch SW_A can have the port security
feature enabled?
Ac
m
A. Port 0/1
B. Ports 0/1 and 0/2
C. Ports 0/1, 0/2 and 0/3
.co
D. Ports 0/1, 0/2, 0/3 and the trunk port 0/22
sts
E. The trunk port 0/22 and the EtherChannel ports
F. Ports 0/1, 0/2, 0/3, the trunk port 0/22 and the EtherChannel ports
lTe
Answer: C
tua
Refer to the exhibit. Which statement is true when voice traffic is forwarded on the same
Ac
Which statement is true about the Forward Information Base (FIB) table?
A. The FIB is derived from the IP routing table and is optimized for maximum lookup throughput.
B. The FIB table is derived from the Address Resolution Protocol table, and it contains Layer 2
rewrite (MAC) information for the next hop.
C. The FIB lookup is based on the Layer 2 destination MAC address.
D. When the FIB table is full, a wildcard entry redirects traffic to the Layer 3 engine.
Answer: A
m
QUESTION NO: 483
.co
Which two statements are true about IS-IS routing? (Choose two.)
areas.
E. IS-IS and OSPF are both Open Standard, link-state routing protocols which support VLSM.
tua
Answer: A,E
Ac
Refer to the exhibit. All routers have Protocol Independent Multicast (PIM) enabled interfaces. On
the basis of the configuration provided on routers R1 and R2, which router will take on the function
of rendezvous point (RP) for the multicast network?
A. router R1
m
B. router R2
C. both routers R1 and R2
.co
D. none of the routers since they are not configured with static RP
Answer: B
sts
D. The OSPF database is repopulated. Then the shortest path first (SPF) algorithm is performed.
Answer: D
Many match statements could be used in a route map. How many match statements must be
matched for the set to be applied?
A. None of them
B. All the criteria
C. At least 50 percent of the criteria
D. At least one
Place the BGP attributes in the correct order used for determining a route
m
.co
sts
Answer:
lTe
tua
Ac
Explanation:
m
QUESTION NO: 488
.co
A NIC has a MAC address of 00-0F-66-81-19-A3 and discovers a routing prefix of 2001:0:1:5::/64.
Which IPv6 addresses are assigned to it? (choose four)
sts
A. 2001::1:5:20F:66FF:FE81:19A3
B. FE80::20F:66FF:FE81:19A3
C. ::1
lTe
D. FF02::1
Answer: A,B,C,D
tua
A. Many-to-many
B. One-to-many
C. Many-to-one
D. One-to-one
Answer: B
Answer: C
What can the Network Analysis Module on the 6500 series switches be used to do? (Choose two.)
m
Answer: A,D
.co
QUESTION NO: 492
sts
What is the reason that system buffers are made in so many different sizes?
lTe
Answer: B
Ac
Which one of the following techniques allows policies to be reapplied without destroying the
existing peering? (choose two)
A. clear ip bgp *
B. Rebooting the local router
C. clear ip bgp * soft in
D. clear ip bgp * soft out
Answer: C,D
Ideally, what will be displayed by the output of the show ip bgp neighbors command?
A. Idle
B. Open
C. Established
D. Active
Answer: C
Put the BGP connection strategies in order from lowest to highest based on likelihood to take the
best path.(choose three)
m
A. Accept only default routes from all providers
.co
B. Accept some routes plus a default route from all providers
C. Accept full routing updates from all providers
sts
Answer: A,B,C
lTe
Which UDP broadcasts will an IOS DHCP relay automatically forward? (choose six)
tua
Answer: A,B,C,D,E,F
A. UDP 666
B. UDP 500
C. UDP 51
Answer: D
A. An alternative to switching
B. A protocol allowing server load sharing
C. An alternative to HSRP
D. A server redundancy protocol
Answer: B
m
QUESTION NO: 499
.co
When would you configure the VTP domain on an interface of an external router?
sts
A. When it doesn??t use ISL or 802.1Q encapsulation
B. Always
C. When it uses ISL encapsulation
lTe
Answer: D
tua
When using route maps for redistribution when a statement is configured to deny and there is a
match, which action will the route map take?
Answer: B
m
.co
sts
lTe
tua
Ac
Answer: B
Refer to the exhibit. On the basis of the information that is presented, what condition exists?
A. authenticating with AP
B. poor link status with AP
C. no valid radio for ADU
D. no association to AP
Answer: C
Refer to the exhibit. What information can be derived from the output?
m
.co
sts
lTe
A. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with
tua
a superior root bridge parameter and no traffic is forwarded across the ports. Once the inaccurate
BPDUs have been stopped, the interfaces will need to be administratively shut down, and brought
back up, to resume normal operation.
Ac
B. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with
a superior root bridge parameter,but traffic is still forwarded across the ports.
C. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with
a superior root bridge parameter and no traffic is forwarded across the ports. Once the inaccurate
BPDUs have been stopped, the interfaces automatically recover and resume normal operation.
D. Interfaces FastEthernet3/1 and FastEthernet3/2 are candidates for becoming the STP root port,
but neither can realize that role until BPDUs with a superior root bridge parameter are no longer
received on at least one of the interfaces.
Answer: C
m
.co
A. The wireless client adapter will be authenticated by the authentication server and the access
sts
point will deliver the packets to the intended receiver.
B. The wireless client adapter will not be authenticated by the authentication server, but the
access point will deliver the packets to the intended receiver.
lTe
C. The access point will discard the packets and never deliver them to the intended receiver.
D. The wireless client adapter will not be able to send any packets to the access point.
tua
Answer: C
Ac
Which statement is correct regarding the operation of NAT-PT between the IPv4 and IPv6
networks shown?
Answer: B
m
.co
sts
Which interoperability technique implemented on the router would allow Host-1 to communicate
with Host-2?
lTe
A. Dual Stack
B. NAT-PT
C. 6to4 tunnel
tua
D. GRE tunnel
E. ISATAP tunnel
Answer: B
Ac
Refer to the exhibit. Which two statements are correct regarding the routes to be redistributed into
OSPF? (Choose two.)
m
.co
sts
C. All networks except 10.0.0.0/8 will be allowed and assigned a metric of 200.
D. The network 172.16.0.0/16 will be allowed and assigned a metric of 200.
E. The network 10.0.10.0/24 will be allowed and assigned a metric of 200.
tua
Answer: A,D
Ac
Refer to the exhibit. Which two statements are true? (Choose two.)
m
C. A spanning-tree loop exists in this network.
D. The default STP timers have been changed.
E. Port Fa0/11 is facing the root bridge.
.co
F. Port Fa0/11 is facing away from the root bridge.
sts
Answer: B,E
lTe
m
.co
What additional commands should be used to configure OSPF area 5 as a Totally Stubby area?
sts
Answer: E
Ac
A hacker is interested in seeing traffic from all switch ports on the switch that he is connected to,
including the ports belonging to other VLANs. What type of attack is he likely to implement?
Answer: A
Given the above diagram and assuming that STP is enabled on all switch devices, which two
statements are true? (Choose two.)
m
A. DSW11willbe elected the root bridge.
B. DSW12 will be elected the root bridge.
C. ASW13 will be elected the root bridge.
.co
D. P3/1 will be elected the nondesignated port.
E. P2/2 will be elected the nondesignated port.
sts
Answer: A,D
lTe
Refer to the exhibit. Routers R2, R3, R4, and R5 have OSPF enabled. What should be configured
on the routers in area 1 to ensure that all default summary routes and redistributed EIGRP routes
Ac
will be forwarded from R6 to area 1, and only a default route for all other OSPF routes will be
forwarded from R5 to area 1.
Answer: D
m
.co
sts
lTe
tua
Ac
All network links are FastEthernet. Although there is complete connectivity throughout the network,
Front Line users have been complaining that they experience slower network performance when
accessing the server farm than the Reception office experiences. Based on the exhibit, which two
statements are true? (Choose two.)
Answer: B,D
Which two multicast IP addresses can be represented by the multicast MAC address
0100.5e0A.0A07? (Choose two.)
A. 228.10.10.7
B. 228.10.10.8
C. 228.10.138.7
D. 229.11.10.7
E. 229.138.10.7
F. 229.138.10.8
Answer: A,E
m
QUESTION NO: 515 .co
When authentication is required, where must 802.1x be configured in order to connect a PC to a
switch?
sts
A. client PC only
B. switch port only
lTe
Answer: C
Ac
m
The information of the question
VTP Domain name: CISCO (Please use the value that given in exam.)
.co
VLAN IDs 20 21 IP Addresses 172.64.200.1/24 192.162.39.1/24
sts
These are your specific tasks:
1. Configure the VTP information with the distribution layer switch as the VTP server
lTe
2. Configure the VTP information with the access layer switch as a VTP client
3. Configure VLANs on the distribution layer switch
4. Configure inter-VLAN routing on the distribution layer switch
tua
5. Specific VLAN port assignments will be made as users are added to the access layer switches
in the future.
6. All VLANs and VTP configurations are to completed in the global configuration To configure the
Ac
switch click on the host icon that is connected to the switch be way of a serial console cable.
Explanation:
Using show run for current configuration info
ALswitch#conf t
ALswitch( config)#vtp mode client
ALswitch( config)#vtp domain CISCO
ALswitch( config)#end
ALswitch#copy run start
DLswitch#conf t
DLswitch( config)#vtp mode server
Validation :
show run, show vlan, show vtp status on DLswitch and ALswitch
m
QUESTION NO: 517
.co
Lab 2 (802.1X?VACL)
sts
Acme is a small shipping company that has an existing enterprise network comprised of 2
lTe
The topology diagram indicates their layer 2 mapping. VLAN 40 is a new VLAN that will be used to
tua
For security reasons, it is necessary to restrict access to VLAN 20 in the following manner:
Users connecting to ASWi's port must be authenticate before they are given access to the
Ac
The Radius server and application servers will be installed at a future date. You have been tasked
with implementing the above access control as a pre-condition to installing the servers. You must
use the available IOS switch features.
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
DSWl( config)#vlan access-map PASS 10
DSWl( config-access-map)#match ip address 10
DSWl( config-access-map)#action forward
.co
DSWl( config-access-map)#exit
sts
DSW1( config)#vlan filter PASS vlan-list 20
DSW1( config)#end
DSWl#copyrun start
lTe
(FEC0:4:4) cannot be seen in Rl's IPv6 routine table. You are tasked with identifying the cause of
this fault and implementing the needed corrective actions that uses OSPF features and does no
change the current area assignments. You will know that you have corrected the fault when R4's
loopback address (FEC0:4:4) can ping from R1 to R4 loopback address-
Special Note: To gain the maximum number of points you must remove all incorrect or unneeded
configuration statements related to this issue.
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
Explanation:
Get current config by issuing show run
lTe
R2( config-router)#end
R2#copy run start
R3( config)#ipv6 router ospf 1
Ac
Validation:
Show run show ipv6 route on R1 and R4 ping ipv6 FECO :1 ::X(X is 4 or 1)
Lab. (STP)
Acme is a small export company that has an existing enterprise network comprised of 5 switches;
C0RE.DSW1, DSW2, ASW1 and ASW2 the topology diagram indicates their desired per-VLAN
spanning tree mapping.
Previous configuration attempts have resulted in the following issues:
CORE should be the root bridge for VLAN 20 ; however ,DSW1 is currently the root bridge for
VLAN 20 .Traffic for VLAN 30 should be forwarding over the gig 1/0/6 trunk port between DSW1
and DSW2. However VLAN 30 is currently using gig 1/0/5Traffic for VLAN 40 should be forwarding
over the gig 1/0/5 trunk port between DSW1 and DSW2. However VLAN 40 is currently using gig
1/0/6
m
You have been tasked with isolating the cause of these issuer and implementing the appropriate
solutions.
.co
Your task is complicated by the fact that you only have full access to DSW1 With isolating the
cause of these issues and implementing the appropriate solutions.
sts
Your task is complicated by the fact that you only have full access to DSW1 .with the enable
secret password Cisco.
lTe
Only limited show command access is provided on CORE, and DSW2 using the enable 2 level
with a password of acme. No configuration changes will be possible on these routers. No access
is provided to ASW1 or ASW2.
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
Explanation:
DSWl#conf t
DSWl( config)#spanning-tree vlan 20 priority 61440
DSWl( config)#int g1/0/5
m
DSWl( config-if)#spanning-tree vlan 40 cost 1
DSWl( config-if)#no shut
DSWl( config-if)#exit
.co
DSWl( config)#int g1/0/6
sts
DSWl( config-if)#spanning-tree vlan 30 port-priority 64
DSWl( config-if)#no shut
DSWl( config-if)#end
lTe
Verification D
tua
DSW1# show spanning-tree vlan 20 DSW1# show spanning-tree vlan 40 DSW2# show spanning-
tree vlan 30
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
lTe
tua
Ac
m
.co
sts
Explanation:
lTe
R3#conf t
tua
R3( config-router)#end
R3#copy run start
R4#conf t
R4( config)#int s0/0
R4( config-if)#ip summary-address eigrp 123 10.0.0.0 255.0.0.0
R4( config-if)#no shut
R4( config-if)#end
R4#copy run start
Validation:
1. Show ip route on R2, should exist R3 route (172.16.1.0 ), ping 172.16.1.1 should success
2. Show ip route on R4, show a summary route (NULL 10.0.0.0/8 in route)
3. Show ip route on R3, whether receiver the summary route from R4, should only exist 2 10.0.0.0
subnet route.
"Pass Any Exam. Any Time." - www.actualtests.com 343
Cisco 642-892: Practice Exam
m
.co
sts
lTe
tua
Ac
Explanation:
show run for current config info
Blockade#conf t
Blockade( config)#router isis
Blockade( config-router)#redistribut eigrp 100 level-1 metric 50
Blockade( config-router)#router eigrp 100
Blockade( config-router)#redistribut isis level-1 metric 512 10 255 1 1500
Blockade( config-router)#redistribut connected
Blockade( config-router)#end
Blockade#copy run start
Validation:
LAB
m
.co
sts
lTe
Explanation:
Portland # conf t
tua
Indianapolis # conf t
Indianapolis ( config)# router ospf 1
Indianapolis ( config-router)# network 192.168.3.6 0.0.0.3 area 1
Indianapolis ( config-router)# area 1 stub no-summary
Indianapolis ( config-router)# end
Indianapolis # copy run start
m
Explanation:
CertKiller-S#conf t
.co
CertKiller- S( config)#vtp mode transparent
sts
CertKiller- S( config)#interface range fa0/1 - 24
CertKiller- S( config-if-range)#switchport mode access
CertKiller- S( config-if-range)#spanning-tree portfast
lTe
CertKiller- S( config-if-range)#exit
CertKiller- S( config)#interface range fa0/12 - 24
CertKiller- S( config-if-range)#switchport access vlan 10
tua
CertKiller- S( config-if-range)#end
CertKiller-S# copy run start
Ac