2º Exam (+ solutions): 1 What are two limitations of an ad hoc troubleshooting approach? (Choose two.

) x inefficient use of time and resources only applicable to physical layer problems x difficult to transfer the job to someone else can only be used after a structured approach has failed requires more technical knowledge than a structured approach 2 What are two facts regarding the information that is collected for baseline creation? (Choose two.) The information is the same for all networks. x It can be used for capacity planning. It should be limited to only a few key performance statistics. x It can be collected using tools such as NBAR, NetFlow, and SNMP. It should be collected only once and then archived for future reference. 3 After a proposed solution has been implemented, the network administrator realizes that new problems have been introduced by the changes. What is the next step in the troubleshooting process? Propose a hypothesis. x Execute the rollback plan. Determine an appropriate workaround. Escalate the problem to another department. 4 A network engineer initially uses the ping command to help troubleshoot a connection problem. Which troubleshooting approach best describes this scenario? bottom-up approach x divide-and-conquer approach follow-the-path approach move-the-problem approach spot-the-difference approach top-down approach 5 What is a situation where escalation of an issue is inadvisable? Management has not been consulted. x Escalation will slow the procedure. The problem is actually a set of problems. The problem has an impact on the performance of the entire network.

Solving the problem would showcase the skills and knowledge of the troubleshooter. 6 To correct an issue that was discovered a few days earlier, an administrator makes a change during a regularly scheduled maintenance window. After making the change, the administrator discovers that a new problem has occurred. What should the administrator do next? x Rollback the change and resume the troubleshooting process. Continue making changes until the symptoms disappear. Leave the change in place and troubleshoot the new problems at a later time. Gather information about the new problem and form a new hypothesis. 7 Which three types of data are useful for creating a baseline? (Choose three.) number of infrastructure routers and switches x Remote Monitoring (RMON), Network Based Application Recognition (NBAR), and NetFlow statistics DHCP and NAT translation statistics x network performance characteristics switch interface statistics of all access ports x basic performance statistics like the interface load for critical network links and the CPU load and memory usage of routers and switches 8 After a network change that occurred during a scheduled maintenance window, users were complaining about not being able to access a local file server. Upon investigation, the administrator determined that the problem was with the recently entered routing configurations. Because of company policy, the administrator is not allowed to correct the routing configuration outside of a scheduled maintenance window. Instead, the administrator moved the file server to an accessible subnet. Which statement describes what the administrator did? The administrator determined a solution to the problem. x The administrator determined a workaround for the problem. The administrator applied the "move the problem" troubleshooting approach. The administrator applied the "spot the difference" troubleshooting approach. 9 Which three IOS features can be used to keep the network documentation accurate? (Choose three.) x rollback feature policy compliance x configuration archive performance monitoring basic performance statistics x Embedded Event Manager

10 A network administrator executes the show processes cpu command on a production router and notices that the average CPU load over the past 5 seconds was 97% and over the last one minute was around 39%. What should the administrator do next? Nothing. This is normal behavior for an ISR router. Contact the service provider because the contract is not being fulfilled as specified in the SLA. x Compare the result to the baseline for an accurate assessment. Replace the router as soon as possible because it has reached capacity. 11 Which two procedures can be implemented to ensure that current backups of all device configurations are maintained? (Choose two.) x Log all configuration change events to a syslog server. Password protect all devices to prevent configuration changes. x Implement a system to create automatic configuration backups. Update configuration backups only after major network outages. Create configuration backups as soon as an issue is reported with network performance. 12 A user creates a trouble ticket indicating that the Internet is inaccessible. The network administrator receives the ticket and determines that this user is the only one having problems. A ping command issued from the administrative PC to the user PC is successful. What should the administrator do next? x Escalate the issue to the desktop support group. Contact the ISP to determine if there is an issue on the ISP side. View the route table on the core router to determine if there is a routing issue. Swap out the patch cable between the user PC and the switch to determine if that solves the problem. 13 What is a symptom of an incorrectly applied network command when issued under the routing process? a down status on an interface x a timeout message when attempting to ping a device on another network a routing protocol that is not running a user who is unable to connect to machines that are located on the same subnet 14 Which two components are normally considered part of change control? (Choose two.) the cost of network changes x the time when changes can be made the technology that is used to implement changes x the authorization that is required to make changes the staff changes that are required to carry out repairs

15 In which phase of the structured troubleshooting process should a network administrator clearly communicate to the affected network users what is going to be done and why it is being done? the analysis of information the definition of the problem the elimination of possibilities the gathering of facts x the proposal and testing of a hypothesis 16 What is a benefit of change control during the processes of regular network maintenance? simplification of the process for creating a network baseline x reduction in the frequency and duration of unplanned outages elimination of the need to troubleshoot planned outages elimination of the need to perform a regular network backup 17 In which structured troubleshooting process phase would a network engineer ask questions such as "When did it last work?" or "Has it ever worked?" analyze information phase x define the problem phase eliminate possibilities phase gather facts phase propose a hypothesis phase solve the problem phase 18 What is an important element of troubleshooting, regardless of the method used? using a single troubleshooting process executing the steps in the same order every time x following a structured and systematic process spending a significant amount of time analyzing the information 19 The help desk receives several calls on Monday morning stating that users cannot connect to a local print server that was working on Friday. Which statement about the problem would be correct? x The inability to connect to the print server is a symptom of a problem. The inability to connect to the print server is the problem. The connectivity problem occurred Monday morning. The inability to connect to the print server caused the problem. 20

134.2.0 and 172. 10.0.134.Chapter 5º -----------------------------------------------------------------------------------------------------------------------------------------------5º Exam (+ solutions): (Pictures posted on the comment secction) 1 Refer to the exhibit. 2 Refer to the exhibit. A network administrator wants to load-balance the traffic that is coming from the LAN that is attached to router R1 and going to the 10.10.0.2. The passive-interface default command on R4 is blocking the RIP updates that are being propagated into the EIGRP routing domain.0.1.0.40.230.0. 10.1. Which prefixes will be displayed in the output? all IP prefixes IP prefixes 10.What type of information can be gathered by using SNMP during the process of collecting baseline information? basic performance statistics via the use of show commands basic performance statistics for Layer 2 and Layer 3 protocols x basic performance statistics about the interface load for critical network links basic performance statistics to profile different types of traffic on the network -. What is the reason for this traffic behavior? x RIP redistribution into the EIGRP routing process is not performed on R4.0 x IP prefixes 172.0.30. EIGRP does not load-balance automatically over equal-cost paths.0 3 What occurs immediately following the encapsulation of data into IP packets during the transmission of data between source and destination hosts? .0 128.0.30.129.10. A network administrator first issued the show ip route command and then decided to filter the output of the routing table via the show ip route 128. The output from the routing table on R1 reveals that the traffic is flowing through router R3 only.0/24 network.10.0 IP prefixes 10. A variance command is missing under the EIGRP configuration on R3 and R4. and 10.16.30.0 and 10.10. The seed metrics should be configured with the default metrics command under the EIGRP process on R3.40.0 longer-prefixes command.

5 Which data structure does an EIGRP enabled router use to track devices from which it receives EIGRP hello packets? Forwarding Information Base interface table x neighbor table routing table topology table 6 [Picture 9º] Refer to the exhibit.249.10.168.249.2.17.17.2.10. .2.17.252 will go out the FastEthernet1/0 interface. An ARP request is made to determine the MAC address of the destination host.10.252 will use 192. Which two facts can be concluded based on the generated output of the show logging command? (Choose two.252 can be reached via the next hop address 10. x Traffic that is sourced from 10.168.252 as a next hop.1.2.249.) Interface Serial 0/1 has been incorrectly configured with IP address 192. The BGP-5-ADJCHANGE message indicates an error with the subnet mask for the specified prefix.168. x The source host determines if the destination network is the same or different from its own local subnet. A network administrator uses the output of the show ip cef exact-route command to verify the routing operations.10.2. The destination 10. The routing table is consulted to determine which interface to forward the packet through based on the longest prefix match. x Interface Serial 0/1 is flapping. 4 [Picture 8º] Refer to the exhibit.10. Which statement represents the information that the network administrator will gather from the output? Traffic that is sourced from 172. A network administrator is troubleshooting a routing related problem. The destination 172.249.10.2.2.The source host sends the packet to the default gateway address.1 and destined to 172. The sending host encapsulates the data into a frame addressed to the MAC address of the destination host.168.2.252. Router R1 has established a stable IBGP peering relationship with the neighbor at IP address 192.168.17.49. x Router R1 is unable to establish a stable BGP peering relationship with the neighbor at IP address 192. Router R1 has established a stable EBGP peering relationship with the neighbor at IP address 192.1 can be reached via the next hop address 172.

There is an incorrect EIGRP metric configuration for the OSPF routes that are redistributed into EIGRP There is an incorrect external route type configuration for the EIGRP routes that are redistributed into OSPF. x It comes from an area border router (ABR). It comes from an autonomous system border router (ASBR).) x the BGP router ID of any peer the routes that are redistributed into BGP the peer synchronization configuration x the number of exchanged prefixes with a neighbor x the AS number of the peer the IGP that is configured on the BGP peer 11 When route redistribution is being configured from another routing protocol into EIGRP.7 Which two data structures are used by Cisco Express Forwarding to improve the performance of IP packet switching processes on routers? (Choose two. 10 Which three pieces of information are found in the BGP neighbor table? (Choose three. It comes from a normal area router.4. 9 [Picture 11º] Refer to the exhibit. In the show ip route output. What could be the reason that EIGRP routes are not being properly redistributed into the OSPF process? The OSPF metric configuration is missing for the EIGRP routes that are redistributed into OSPF.) x adjacency table x Forwarding Information Base interface table neighbor table routing table topology table 8 [Picture 5º] Refer to the exhibit. what is the source of the 72.163. Mutual redistribution has been configured on router R7 between the OSPF and EIGRP routing processes. what value is used when no seed metric is configured? . x The subnets keyword configuration is missing for the EIGRP routes that are redistributed into OSPF.0 /24 route? It comes from a stub area router.

1. What is the cause of this problem? An access list on one side is blocking OSPF Hellos. Which solution would correct this problem? Router R1 should be configured with the neighbor 2. However.1 ebgp-multihop 3 command. both routers never transition beyond 2WAY state. There is a switch problem and multicast capabilities are broken. Authentication is enabled on only one side.1. 15 A network administrator issued the show ip cef command to verify the routing operations on the device. The loopback interfaces on each router should be removed.2 ebgp-multihop 3 command and R2 with the neighbor 1.2.a value equal to the minimum possible value x a value equal to the maximum possible value a value equal to the cost of a directly connected segment a value equal to the redistributing protocol 12 [Picture 1º] Refer to the exhibit.2. x An access list is blocking OSPF hellos. 13 [Picture 3º] Refer to the exhibit.2.2 remote-as 300 command.1. Layer 2 switches between the two routers are not multicast aware. x Router R1 should be configured with the neighbor 2. Which table entries will be present in the output? the topology table entries the routing table entries the Routing Information Base (RIB) entries x the Forwarding Information Base (FIB) entries .2.2. A network administrator is unable to have two BGP peers exchange routing information.1 ebgp-multihop 1 command. Router RTA and router RTB have been configured to exchange routing information using OSPF. Duplicate Router IDs are configured on the new router. 14 A network administrator is adding a new router into an existing OSPF network and notices that the router is stuck in the INIT state.2. What is a possible cause of this problem? There is a mismatched interface MTU. There is a misconfigured neighbor statement on RTA or RTB. Router R1 should be configured with the neighbor 2.1.2 ebgp-multihop 1 command and R2 with the neighbor 1. x A priority of 0 has been configured on RTA and RTB interfaces.

An incorrect keychain name has been entered under the serial interface. x The route is learned via redistribution into EIGRP.0 network? The route is manually entered. Based on the shown output. There is no OSPF network statement for the network to which interface FastEthernet0/1 belongs.16. The route is summarized by EIGRP at the advertising router. The administrator enters the debug eigrp packet command and notices this output: R1# *Nov 17 01:26:31.16. what is a possible reason for the missing routes? Automatic summarization must be disabled.0 /30 will be added to the routing table with an outbound interface of FastEthernet0/0. x A route to the network 172.0.935: EIGRP: Serial0/0/0: ignored packet from 172.2. What can be determined about the origin of the route to the 172. 17 [Picture 6º] Refer to the exhibit. 18 [Picture 4º] Refer to the exhibit.0 /30 will be added to the routing table and have a metric of 1310720. OSPF is not enabled on the neighboring router that is connected to FastEthernet0/1. A route to the network 172. What is a possible reason that Router2 is not receiving OSPF routing updates on interface FastEthernet0/1? Interface FastEthernet0/1 is configured as passive for OSPF. EIGRP is not enabled on the correct interface.0 /30 will be added to the routing table and have an administrative distance of 90. The route is directly connected to RouterHQ2. A network administrator is replacing an existing router and configuring EIGRP authentication on the Serial 0/0/0 port.20. what is the resulting effect on the routing table? A route to the network 172.16.16 [Picture 2º] Refer to the exhibit.0.0. The OSPF priority of interface FastEthernet0/1 is set to zero. x The EIGRP autonomous system does not match the interface authentication autonomous system.0. A route to the network 172. opcode = 5 (authentication off or key-chain missing) Based on the information in the running configuration and the output from the debug command. .0. 19 [Picture 10º] Refer to the exhibit.1.16.0 /30 will not be added to the routing table.16. the administrator notices that the entries for the remote networks are not listed. When viewing the routing table.

3 Which three UDP ports are associated with messages that are forwarded by default by a DHCP relay agent? (Choose three. The ip helper-address command is missing from the R2 configuration.20 What is the result of issuing the ip route profile command on a router? The router will log each route redistribution entry to the configured syslog server. Users on the LAN complained that they cannot access the resources on the network. OSPF will automatically send out its link state database to the destination of the tunnel. 2 [Picture X] Refer to the exhibit.solutions): (Pictures posted on the comment secction) 1 Which statement is true about 6to4 tunneling and OSPF? The neighbor command must be specified within OSPF router configuration mode to establish the tunnel. On the basis of the provided output. Until the buffer is full. what could be the possible cause of the problem? x The ip dhcp pool command is missing from the R2 configuration. the router will archive a copy of the routing table each time the topology changes. The neighbor address must be specified on the tunnel interface. The domain-name command is missing from the R3 configuration. A network administrator issued the debug ip udp command on R2 to verify the DHCP server operation. The ip dhcp excluded-addresses command is missing from the R2 configuration. x OSPF cannot be used when establishing a 6to4 tunnel. x The router will track the number of routing table changes that occur over 5 second sampling intervals.Chapter 6º -----------------------------------------------------------------------------------------------------------------------------------------------6º Exam (+/.) x 37 51 x 53 59 . --------------------------------------------------------------------------------. The router will send console messages each time a route is installed or removed from the routing table.

The IPv6 address configured for R1 is invalid.1. The administrator then verifies that connectivity to the Internet from the border router is present.201. Based on the output of the commands.200. 6 [Picture X] Refer to the exhibit.0. For security reasons. However. x Verify that the ACL is selecting the correct addresses for translation.10 209. The administrator issues the command show ip nat translations on the border router and observes that there are no active translations present. The purpose of the translation is to allow outside users to use the IP address 209.0. A network administrator created a static NAT translation.20. Create a new NAT pool using the 10.10 209.200.6.165.x 69 80 4 [Picture X] Refer to the exhibit.0/16 and is now receiving complaints from users that they are unable to connect to the Internet.20. What should the administrator do next? Increase the size of the existing NAT pool. Change from dynamic to static NAT for all outbound connections. Remove the overload keyword from the ip nat inside source list command.1. what is the likely issue? The default router for R1 is invalid. IPv6 unicast routing has not been enabled on R1. users are unable to connect to the . an outside address cannot be mapped to an internal private address and therefore the web server should be configured with a valid public address. Which procedure would resolve this problem? Delete the current static entry and issue the ip nat outside source static 10.0.165.16.3. external users still cannot connect to the web server. 7 [Picture X] Refer to the exhibit.226 command.0/16 address space. R2 is a branch router and accesses all nonlocal networks via R1.226 command.0. R2 has not been configured for autoconfiguration.1 to connect to a server that is located on the internal network at IP address 172.0/16 to 10. The network administrator is troubleshooting why router R2 cannot access any external networks. 5 The network administrator changed the DHCP address pool from 10. However.165.0.10. x Delete the current static entry and issue the ip nat inside source static 10. A network administrator has configured a static NAT entry on router R1 for the internal web server.

The IP helper address is missing from the R3 configuration. .) DHCP snooping is enabled for interface FastEthernet0/13 and interface FastEthernet0/14. 11 [Picture X] Refer to the exhibit. A network administrator issued show ip dhcp conflict command to verify the DHCP server operation on the router. Dynamic NAT must be used to allow an outside user to connect to the server. what could be the possible cause of the problem? x The DHCP services are disabled on R3. 8 Which statement correctly describes the problem when NAT and IPsec implementation coexist in the network? NAT changes the encryption keys that are used by IPsec during the key negotiation processes. what could be done to remedy the problem? Configure the DHCP pool for a larger scope of IP addresses. x NAT changes the IP header fields.16. Configure the IP addresses that must be excluded from the DHCP pool. x The network administrator reversed the addresses in the mapping command. x DHCP snooping is not enabled for interface FastEthernet0/15 and interface FastEthernet0/16. 9 [Picture X] Refer to the exhibit. which is configured as a DHCP server.server by using the supplied address. NAT changes the source and destination IP addresses that are encapsulated inside the IPsec packets. After issuing the show ip socket command and troubleshooting the problem. Based on the provided output. What is the most probable cause of the problem? There is no outside global address specified. a network administrator verifies that the R1 and R2 interfaces are up and operational. 10 [Picture X] Refer to the exhibit. Routers R1 and R2 cannot get DHCP addresses from router R3. Users on LAN_1 complained that they cannot communicate with the other users on the network. The IP addresses from the DHCP pool have been exhausted. The 172. No access list has been configured to select the traffic that is allowed to connect to the server. NAT changes the TCP and UDP transport protocols that are embedded in the payload of the IPsec packets. Issue the ip helper-address command under the Fa0/1 interface.0. Which two statements are true about DHCP snooping on Switch2? (Choose two. Issue the dhcp services command on router R2. Illegal addresses have been assigned to the interfaces of routers R1 and R2. Based on the provided outputs.0/16 network has not been advertised to the outside world. and those changes can conflict with the integrity of IPsec protocols.

Users on the LAN complained that they cannot access the Internet.0. x Configure static routes on both R1 and R2 to the IPv6 address of the tunnel endpoint of the neighbor. 14 [Picture X] Refer to the exhibit. An incorrect ACL is referenced during the NAT translation process.0. Enter the no ip nat inside source static 10. The command ipv6 route 5000::/64 null0 was entered on the router. Change the netmask of the NATPOOL to 255. 12 [Picture X] Refer to the exhibit. Which statement accurately describes the IPv6 routing configuration? The command ipv6 route 5432::/48 null0 was entered on the router. The NAT pool is configured with the wrong netmask. Change the NAT pool to be in the same subnet as the IP address of s0/0/0.255. Which configuration change would correct this situation? Append the overload keyword to the ip nat inside source list 1 pool NATPOOL command.x DHCP snooping is configured for VLAN 10. . A network administrator has configured NAT on router R1. what could be the possible cause of the problem? Too few addresses are assigned to the NAT pool. However. x Make interface Fa0/0 the inside NAT interface and S0/0/0 the outside NAT interface. What should the administrator do to correct the problem? Change the version of OSPF to version 3. The configurations for the inside and outside interfaces are reversed. DHCP snooping is configured for VLAN 2. Add the ipv6 ospf network broadcast command to tunnel interface 0. Based on the provided output. 15 [Picture X] Refer to the exhibit.226 command.0 /24 LAN attempt to access the Internet. The network 4001::1/128 is unreachable. A network administrator configured an OSPF neighbor to correct a reachability issue in a network that is using OSPF over a 6to4 tunnel.10 209. Configure an OSPF neighbor on R2 that points to the tunnel endpoint of R1. Any interface assigned to VLAN 10 could host a DHCP server.224.165. 13 [Picture X] Refer to the exhibit.0. The network 4000::2/128 was learned via a routing protocol. The configuration did not solve the issue.0. and an error message was displayed. R1 does not translate addresses when hosts from the 10.255.200.

) x the protocols that are used in the network x the port numbers that are used by the applications the type of interface that is configured for NAT the scope of the IP addresses that are configured in the NAT pool the type of ACLs that are filtering the traffic from source to destination 19 [Picture X] Refer to the exhibit. The static NAT entry IP address is not included in the NAT-POOL.16 [Picture X] Refer to the exhibit. Which option correctly identifies the problem? Interface Fa0/0 should be configured as the outside NAT interface and S0/0/0 as the inside NAT interface. 20 Which IPv6 address is used by OSPFv3 as a next hop? . IPv4 routes should be redistributed into IPv6. A network technician is having issues setting up router R4 in a IPv6 network. What problem is indicated from the router output? x IPv6 routing needs to be enabled. A routing protocol for IPv6 must be enabled. A network administrator has implemented Network Address Translation (NAT) on router R1. The NAT-POOL should have included the S0/0/0 interface IP address. NAT cannot use named access control lists. The overload keyword has not been appended to the ip nat inside source command. However. hosts on the inside LAN cannot connect to addresses outside of the corporate network. The interface also requires an IPv4 address. 17 What are the three roles a router may assume with respect to DHCP? (Choose three. x The ACL is referring to the wrong internal network.) x server forwarder x client remote agent x relay agent supplicant 18 What are two things to be taken into consideration when NAT is configured in the network? (Choose two.

Upgrade the version of NBAR that is running on the device.solutions): (Pictures posted on the comment secction) 1 A network administrator plans to implement QoS in the network by using the Cisco AutoQoS tool. Via the use of the ip nbar protocol-discovery command.Chapter 7º -----------------------------------------------------------------------------------------------------------------------------------------------7º Exam (+/. Clients should initiate connections to the IP address of the predictor. each interface should be configured with the auto qos command. Port numbers should be added to each client request in order to get routed to the correct server. Because NBAR will automatically discover new applications. . each interface should be configured to gather information about the applications that are known to NBAR. 3 What must a system administrator do to allow NBAR to recognize a new protocol without having to upgrade the Cisco IOS image? Enable the autodiscovery feature on the interface. x The network device should be configured to capture network traffic statistics via the use of the auto discovery qos interface configuration command.x the link-local address of the neighbor the loopback address of the neighbor the global unicast address of the neighbor the default gateway of the neighbor --------------------------------------------------------------------------------. Clients must be readdressed so that they are equally distributed throughout the network address space. Cisco Express Forwarding should be disabled on each target interface by the use of the no ip cef command. x Load an appropriate Packet Description Language Module (PDLM). What is required on the client side to ensure proper load balancing? x Clients should initiate connections to the virtual IP address (VIP). What should be done in the first phase of the automation process? In order to apply QoS policies. the administrator does not need to do anything. 2 A network administrator has configured a Cisco IOS device to provide server load balancing (SLB) for the corporate web server.

What should the administrator do to correct this problem? Disable multilink on the PPP connection. The ratio between the FCS errors and the number of broadcast and multicast traffic frames that are received on the switch is normal and does not require further investigation. then remove and reapply the AutoQoS configuration. x Investigate the configured bandwidth on the PPP link to ensure it is sufficient. The ratio between the FCS errors and the number of giant frames that are received on the switch is excessively high and requires further investigation. 7 A network is experiencing performance degradation on an access switch where user traffic is subject to granular QoS policy and security inspection. x Configure NTP on the router to point to a different time source. what conclusion can be made about the switch performance? The ratio between the FCS errors and the number of received errors is normal and does not require further investigation. A network administrator is investigating performance issues of the access switch. 6 Refer to the exhibit. What should the administrator do to correct this problem? Adjust the clock frequency on R1. x The ratio between the FCS errors and the number of unicast. A network administrator enables AutoQoS on a PPP link that is currently active. the forwarding plane. On the basis of the provided outputs.4 Refer to the exhibit. Configure the router as a stratum 1 time source. broadcast. and multicast traffic frames that are received on the switch is excessively high and requires further investigation. Once AutoQoS is enabled the link goes down. 5 Refer to the exhibit. Change the encapsulation to HDLC because AutoQoS does not support PPP. A network administrator has noticed that the IP SLA probe did not run as expected. Remove the forever keyword from the configuration. Which switch component or components should be inspected by the network administrator to help determine the issue? the ingress interfaces only the egress interfaces only the forwarding plane only the control plane only the forwarding plane and the control plane x the ingress and egress interfaces. Decrease the multilink threshold value to allow AutoQoS to run. and the control plane .

Users on the network are complaining that transferring large files to the SRV1 server takes hours. A network administrator runs a few tests on both switches to investigate the problem. . Slow STP convergence is causing a high volume of single collisions on DSW_1. 9 Which three hardware components are common in the architectures of all Catalyst switch families? (Choose three. On the basis of the provided outputs.8 Refer to the exhibit. x A duplex mismatch is causing a high volume of late collisions on DSW_1. What can be determined about the operation of interface FastEthernet 0/2? It is connected to a hub.) x alignment error excessive collisions giant frames x invalid frame size x late collisions transmit error 12 Refer to the exhibit. An unsupported Auto-MDIX feature on both switches is causing a high volume of multi collisions.) route processors modules x interfaces x forwarding hardware x control plane hardware content-addressable memory 10 What reported error counter describes frames that do not end with an integral number of octets and have a bad cyclic redundancy check (CRC)? FCS-Err Xmit-Err x Align-Err Rcv-Err undersize runt 11 What are three indicators of a cabling issue on a switch? (Choose three. what could be the possible reason for problem? High CPU utilization is causing excessive FCS errors on ASW_1.

The show buffers command will show no free buffers. Enable process switching using the ip route-cache command. Which packet switching solution should be implemented on the interface to accomplish this task? Enable Cisco Express Forwarding (CEF) using the ip cef comand. The show diagnostics command will show that the DRAM size has reached maximum capacity.1Q formatted frames. It has a duplex mismatch with the connected device. Enable fast switching using the ip route-cache command. Enable fast switching using the no ip route-cache command. 15 Which three Cisco packet switching methods must a network administrator be familiar with in order to troubleshoot a router performance issue that is related to the switching path? (Choose three. Enable Cisco Express Forwarding (CEF) using the no ip cef command. 17 A network administrator wishes to use debug commands to observe how a router processes each individual packet on an interface. Which packet switching solution should be implemented on the .) autonomous switching x Cisco Express Forwarding (CEF) x fast switching optimum switching x process switching silicon switching 16 A network administrator wishes to use debug commands to observe how a router processes each individual packet on an interface. x The show memory allocating-process totals command will show low free space.x It is operating within acceptable limits. 13 What can cause a memory leak on a router? x an IOS bug incorrect configuration registry code buffer overflow too many remote users logged into the router 14 How can an administrator determine if a memory leak is present in a router? The show interface command will show that the input queue has reached the maximum capacity. It is carrying 802. x Enable process switching using the no ip route-cache command.

18 Refer to the exhibit. x Upgrade the Cisco IOS software to a version that fixes the issue.solutions): .) The interface is currently shutdown. x Enable process switching using the no ip route-cache command. The CCO knowledge base identified the cause of the problem as a result of a buffer memory leak due to an IOS software bug. Based on the exhibited output. Change the configuration register settings to bypass the loading of the IOS. Enable Cisco Express Forwarding (CEF) using the no ip cef command. x Fast switching has been enabled. What should the administrator do to rectify this problem? Reload the router. 20 Refer to the exhibit. Change the configuration register settings to bypass the loading of the startup configuration file. Reinstall older Cisco IOS software. which two statements are true? (Choose two. Enable process switching using the ip route-cache command. Enable fast switching using the ip route-cache command. Switching has been disabled. Based on the output of the show interfaces command. Process switching has been enabled. The serial interface is being subjected to a denial of service (DoS) attack. x This is an example of a wedged interface. Enable fast switching using the no ip route-cache command.interface to accomplish this task? Enable Cisco Express Forwarding (CEF) using the ip cef comand. x The interface is displaying symptoms of a buffer leak. Further investigation reveals that the buffer pool continues to grow. what can be concluded? Cisco Express Forwarding (CEF) has been implemented. 19 A network administrator keeps receiving "%SYS-2-MALLOCFAIL" console messages. Power down the router and wait a few minutes before reloading it. The interface has been configured with the no ip route-cache command. 8º Exam (+/. A network administrator is troubleshooting the switching path on a router.

The native VLAN on the trunk should be VLAN 1.10. 2 Refer to the exhibit. 3 Which protocol does a Lightweight AP use to communicate with the Wireless LAN Controller? 802.20. Shut down the LAN interface on the AP. What appears to be the problem? Port Gi0/1 of ASw1 is disabled. what is the reason that the wireless clients are unable to register with the controller? x The DHCP configuration is missing option 43.0. x Temporarily disable ACLs on the AP. The DCHP pool should be specified as 10. However. What action can be taken to isolate the root cause? Enable encryption on the AP. the wireless clients will not associate with the AP. Based on the output that is shown.1Q IPsec x LWAPP TCP 4 Refer to the exhibit.0/16 to include both VLANs. Wireless network users are complaining that they are not able to register with the Wireless LAN Controller. Wireless clients use DHCP to obtain their IP configuration information from R1.0 Chapter 8 1 A network technician is adding a wireless access point to an existing network. Port Gi0/2 of ASw1 should be configured as a trunk. The DHCP default-router command must specify the IP address of the WLC. An administrator is troubleshooting why host CL1 cannot communicate with the other hosts in the network.0/24 pool. Remove the IP address from the AP. as this is where the WLC is located.(Pictures posted on the comment secction) TSHOOT v6. 5 How does a Cisco IP phone discover which VLAN to use for voice traffic? x CDP . x VLAN 104 is not being permitted on the trunk. The DHCP configuration should specify the 10.10.

DHCP TFTP POST 6 Refer to the exhibit. What two lines should you look for in the ACL? (Choose two. What three configuration commands are recommended to accommodate the addition of the phone? (Choose three. which is currently configured to support a workstation.) no cdp enable x mls qos trust cos ip dhcp client request switchport port-security x switchport voice vlan 10 x mls qos trust device cisco-phone switchport port-security mac-address sticky 7 IP phones are unable to register with the router and download their firmware and configuration files.) permit tcp any any eq 22 permit tcp any any eq 23 permit tcp any any eq ftp x permit udp any any eq 69 permit tcp any any eq http permit udp any any eq https permit tcp any any eq www x permit tcp any any eq 2000 8 What value does a Cisco IP phone receive in DHCP option 150? x IP address of TFTP server IP address of DHCP server IP address of NTP server PoE value setting Voice VLAN setting CDP neighbor list 9 Refer to the exhibit. A user has a PC that connects to a VoIP phone and the phone connects to port Fa0/1 on the switch. The administrator . The user is complaining about not being able to access the network. A network administrator needs to connect an IP phone to FastEthernet 0/22. The user cannot access any local print servers and cannot ping any neighboring devices. A colleague advises that you should check to ensure that the protocols required for this process are not blocked by the IOS firewall.

6. The phone is in Voice VLAN 7. Which statement is true about the debug ephone register command? x The router was able to successfully register the phone.1. Based on the output. Which priority level should be applied to the voice traffic in order to improve the quality of voice calls? normal priority x highest priority medium priority lowest priority 12 Refer to the exhibit. The switch port detected a MAC address that belongs to a different VLAN. 13 If an ACL is used on a port that connects to an Cisco IP phone. There is an IP address mismatch that is detected on the phone. x CDP is disabled. QoS is missing. The switch port detected a bridging loop. 11 Users complain that voice calls are choppy and of poor quality. A network administrator verifies the settings on the interface and discovers that no QoS has been configured. x The switch port detected more than one MAC address.attempts to ping the PC of the user but is unsuccessful.0.) x SCCP SMTP SNMP Telnet x TFTP WWW 14 . Based on the output of the show port-security command. The IP address that is detected for the phone is 10. 10 Refer to the exhibit. which two protocols must be allowed in the ACL for the Cisco IP phone to work? (Choose two. A user is not able to use a VoIP phone. The switchport mode is incorrect. what could be the problem? The phone is in the wrong VLAN. what could be the issue? The switch port has not been able to detect any devices connected to it.

and they are complaining that they do not receive a video stream from the source. After the administrator alters an IGMP configuration. and D_SW2 to be the root for VLANs 30 and 40. A network administrator verified that all trunk links are up and operational and the EtherChannel configuration is correct. 18 Refer to the exhibit. which command should be used to verify the multicast routing table entries? show ip igmp interface show ip igmp membership x show ip mroute show ip pim interface show ip pim neighbor show ip route 16 Refer to the exhibit. Remove the EtherChannel trunk uplinks from the access switch A_SW1 to the distribution switch D_SW2 17 Refer to the exhibit. The output of the show interfaces port-channel command reveals that there is a 0 packet output rate over the last 5 minutes on the Po2 uplink. What could be done to correct the issue? Configure switch A_SW1 to be the root bridge for the network for all VLANs.1.Refer to the exhibit. The Fa0/1 interface has not been configured with the ip pim sparse-dense-mode command. Remove the EtherChannel trunk uplinks from the access switch A_SW1 to the distribution switches. An administrator is troubleshooting a video multicast problem on router R1. Users complained that they have experienced performance degradation for all . Users who are connected to SW1 are part of the multicast group 224. network users complain about poor video application performance. what could be done to remedy the problem? Apply the ip pim sparse-dense-mode command to interface Fa0/1 on router R1.1. The S0/0/0 interface should be configured with the ip pim version 2 command. Based on the provided output. Which statement correctly identifies the problem? Router R1 has not been configured with the ip multicast-routing command. x Apply the ip pim sparse-dense-mode command to interface S0/0/0 on router R2. x Configure switch D_SW1 to be the STP root for VLANs 10 and 20. Apply the ip igmp join-group command to interface Fa0/0 on router R1. After a major network upgrade.1. Users on the FastEthernet 0/1 are not receiving multicast traffic over the Serial 0/0/0 WAN link. 15 A network administrator is troubleshooting an IP multicast problem. Apply the ip igmp join-group command to interface Fa0/1 on router R2. The S0/0/0 interface should be configured with the ip pim version 1 command. x The S0/0/0 interface has not been configured with the ip pim sparse-dense-mode command.

thus causing half of the video traffic to be dropped.solutions): (Pictures posted on the comment secction) 1 When audit trails are enabled with the ip inspect audit-trail command.4 range 12222 12223 20 Which video application has the strictest latency requirement? video collaboration x video conferencing video surveillance video signaling --------------------------------------------------------------------------------.20.5 range 12222 12223 permit udp host 10.10. 19 Refer to the exhibit. thus causing the video traffic to be forwarded over the Po1 channel only. x STP is blocking the redundant links that are bundled in the Po2 channel.5 host 10.10.20.10.10.20. STP is alternating between channels when forwarding video traffic over the redundant links. Based on the provided outputs.5 host 10. Users of the wireless network are now complaining that they can no longer associate to the wireless LAN. thus causing a loss of video traffic.video applications that are coming from the video server.4 range 12222 12223 permit tcp host 10.10.10.4 host 10. what must be added to the access list to restore connectivity? permit tcp any any range 12222 12223 x permit udp host 10. STP is blocking the redundant links that are bundled in the Po2 channel.10. Based on the output shown. what could be the possible cause of the problem? STP is blocking the redundant links that are bundled in both channels. which messages will appear in the syslog? all packets that enter the specified interface .Chapter 9º -----------------------------------------------------------------------------------------------------------------------------------------------9º Exam (+/. The network security auditing team has added access lists to the network configurations in an attempt to improve network security. thus causing the video traffic to be dropped.10.10.

Router R1 no longer receives routing updates from other EIGRP neighbors. Interface FastEthernet 0/0 has not been configured to support authentication.) x which devices will exchange routing updates who can alter the configuration of a network device which locations can alter the configuration of network devices x which device will become the root device in an STP selection process who can access network device operational logs and interface statistics 4 [Picture X] Refer to the exhibit. There are no valid EIGRP neighbors connected to interface FastEthernet 0/0. what could be the cause of this problem? Interface FastEthernet 0/0 has been configured as a passive interface. Interface FastEthernet 0/0 is administratively shut down. However. what change should be made to allow the firewall to function as planned? R1(config)# interface Fa0/1 R1(config-if)# no ip access-group DENY out R1(config-if)# ip access-group DENY in R1(config)# no ip inspect name FWALL http R1(config)# ip inspect name DENY http x R1(config)# interface Fa0/1 R1(config-if)# no ip inspect FWALL out R1(config-if)# ip inspect FWALL in R1(config)# no ip access-list extended DENY R1(config)# ip access-list extended DENY R1(config-ext-nacl)# permit ip any any 3 Which two security features could be implemented in the network control plane? (Choose two. The EIGRP peer has not been configured to support authentication. Based on the output in the exhibit. An administrator has implemented a stateful IOS firewall configuration that allows internal users access to Internet websites. users have reported that they cannot do so. 5 [Picture X] . Based on the configuration in the exhibit.all TCP packets all stateful inspection sessions all packets that match an ACL 2 [Picture X] Refer to the exhibit.

IP must be permitted between the two ends of the tunnel.15 has been authorized to use privileged EXEC mode. 8 [Picture X] Refer to the exhibit. The first method defined by the default authentication method list is TACACS+. The established keyword must be removed from statement 10.15 to log in to the router is unsuccessful.Refer to the exhibit. UDP port 500 must be permitted. The user raduser is on a device with the IP address of 10. The network administrator has decided to create an IPsec tunnel between the HQ and BRANCH routers. The user raduser has been authenticated. a network administrator issued debug tacacs and debug aaa authentication commands on the router.1.1. The user fails the authentication because router R1 cannot connect to the TACACS+ server.252. To investigate the situation. Which statement about the debug radius authentication output is correct? The RADIUS server is unreachable. The ESP and AH protocols must be permitted. The user with the IP address 172.60. Based on the debug aaa authentication and debug tacacs outputs.50.31. The user fails the authentication because the TACAS+ server does not have a profile set up to authorize CHAP.) ICMP must be denied. A network administrator is attempting to connect a branch office to headquarters .60. 9 [Picture X] Refer to the exhibit.50. What two changes must be made to the existing ACL in order to allow the formation of the tunnel? (Choose two. The attempt of a remote user with the IP address 172.31. The user credentials stored in the local database do not match the credentials on the TACACS+ server. what could be the problem? The user credentials are rejected by the TACACS+ server. which statement is true? The authentication process verifies the user credentials to the local database. The IP address of the RADIUS server is 10. Based on the provided output. 6 [Picture X] Refer to the exhibit. A legitimate user experienced a problem while attempting to gain access to the router EXEC shell.1. 7 [Picture X] Refer to the exhibit. TCP ports 50 and 51 must be permitted.

The tunnel destination end point has been improperly configured. but the 10.2.2. Review the security policy to determine if the user should have access to the VLAN.through a VPN tunnel. 13 [Picture X] Refer to the exhibit. Determine if the connectivity problem is affecting all users.2. What is the expected behavior of the configured firewall when internal hosts attempt to access web sites on the Internet? . Based on the output as shown. The AAA security server authorized the user Admin to perform the requested command. why is the 10. Determine if any access lists were added or modified immediately prior to the reporting of the connectivity problems. 11 [Picture X] Refer to the exhibit. What step should the administrator take next? Move the workstation to a port that is configured for the VLAN.2. which statement is true? x The authorization method used for user Admin was TACACS+. 12 A network administrator has received a report from a user about being unable to access the server that houses employee records. Determine if disabling all security features on the network re-establishes connectivity. Add the port connected to the workstation to the VLAN and test connectivity. The administrator has determined that the problem is with the branch office configuration.0/24 network not appearing in the routing table? The tunnel protocol is improperly set.0/24 network is not appearing in the routing table at the branch end. 10 What is the first step in troubleshooting connectivity issues in a secured network environment? Determine when the connectivity problem first appeared. Move the server to a trunk link so that multiple VLANs can access the records. The tunnel bandwidth is insufficient for EIGRP updates. The server is on a restricted VLAN and the user workstation is not assigned to this VLAN. The user Admin attempted to gain Telnet access to the device. The tunnel key has been improperly configured. The tunnel encapsulation is improperly configured. The AAA security server has authorized the user Admin to use privilege level 15 EXEC commands. Based on the provided debug aaa authorization and debug tacacs command output. The tunnel is reported as being active at both ends. Determine if the user should have connectivity based on the security policy of the organization and the type of traffic being generated.

Because all IP traffic is blocked by the access-list DENY. HTTP sessions that are initiated from internal hosts to Internet hosts will be tracked and allowed. The original configuration and passwords of the device can be recovered using the password recovery procedure.The rule FWALL will inspect all HTTP traffic for viruses before allowing the traffic through. Return traffic from the untrusted Internet host on port 80 will be permitted. internal hosts cannot reach Internet hosts. The firewall is tracking an HTTP session that was initiated by an internal trusted host. Hosts from the Internet will be allowed to initiate sessions with internal hosts that are using HTTP. The original configuration of the device can be recovered but not the secret password. A network administrator issued the show ip inspect sessions command on R1 to investigate the status of the firewall. The firewall has been configured to monitor SIS traffic. 16 What is considered a control plane issue? x A wrong key is used by OSPF.) Dynamic Host Configuration Protocol (DHCP) First Hop Redundancy Protocols (FHRP) x Address Resolution Protocol (ARP) multicast routing protocols x unicast routing protocols x Spanning Tree Protocol (STP) . until closed or when the idle timer expires. 14 What would be the outcome of the no service password-recovery command enabled on the router? The secret password can be recovered but not the original configuration. What two facts can be determined from the output? (Choose two. 15 [Picture X] Refer to the exhibit. The original configuration and passwords of the device cannot be recovered using the password recovery procedure. The network administrator account is disabled on the RADIUS server. 17 Which three control plane protocols influence the data structures used by the data plane to forward unicast packets in the core network? (Choose three. SSH is not enabled on the VTY lines of a switch. An ACL is blocking TCP traffic to a server. The session will be blocked because of the NAT configuration on R1.) The limit of one HTTP session has been reached.

) reduced network downtime faster time to resolution of problems simplified troubleshooting processes predictable lead times for change requests maintenance windows during regular business hours .25. Add a static route on router East out S0/0/0 to 198.133.0. A network technician has just configured router East to establish a tunnel to router West. tunnel 1 is flapping. 20 Which two features should be enabled to secure DHCP and ARP? (Choose two.107.229.18 Which technology prevents CPU overloading of infrastructure devices? Simple Network Management Protocol Cisco Express Forwarding x Control Plane Policing Access Control Lists 19 [Picture X] Refer to the exhibit. After the configuration is applied.168.219. Set the default gateway of Computer1 to 128. What needs to be done to stop this flapping? Make tunnel 1 on router East an EIGRP passive interface.2. Change the configuration on router East such that the destination of tunnel 1 is 192.) DHCP Snooping BPDU Guard Private VLANs BPDU Filtering IP Source Guard Dynamic ARP Inspection 1 Which two advantages does scheduled maintenance offer over interrupt-driven events? (Choose two.50.

2 RSPAN depends on which type of VLAN? native VLAN management VLAN default VLAN RSPAN VLAN black hole VLAN private VLAN 3 Refer to the exhibit. What information can be deduced from the provided debug aaa accounting command output? The user successfully gained access to the router EXEC shell. The user credentials were rejected by the default authentication method. network performance between domains quickly degraded and an investigation revealed routing loops. what is a possible cause of the observed performance issues? high CPU usage on the router insufficient RAM in the router incorrect or outdated version of the Cisco IOS unrecognized Layer 2 encapsulation formats on the network 5 In which three situations will traffic be handed off (punted) to the CPU for processing? (Choose three. A network administrator issues the show interfaces s0/0/0 command on a router to determine the cause for a recent decrease in device performance. What action could be used to solve this issue? Change the seed metric of the routes being redistributed. . The user attempts to gain access to a local security server were unsuccessful.) any traffic that is going through a GRE tunnel any traffic that is explicitly blocked by an ACL any traffic that is destined for any of the switch IP addresses any traffic that is assigned to a particular VLAN that is not allowed on a trunk any traffic that is coming to an inbound port that is in the spanning-tree blocking state any multicast and broadcast traffic that is coming from the Spanning Tree Protocol (STP) or routing protocols 6 An administrator has just implemented two-way route redistribution between an OSPF and EIGRP domain. Based on the output shown. 4 Refer to the exhibit. However. The user access to the services was stopped because of the improper protocol that was used for the session.

16.6.0.255.16.255.0.16. Based on the information that is presented in the exhibit.0 0.255.9 R2(config)# ip route 0.16.0.0 172.0.6. 7 What content can be found in the show ip eigrp topology network mask output? minimum delay cumulative cost hop count variance metric weights 8 Refer to the exhibit.0 255.16.16. which configuration command would correct the problem? R1(config)# ip route 0.7.0 255.0.0 0.0 172. Port Fa0/20 will start forwarding traffic immediately. The administrator issues the debug ip icmp command for R1 and confirms that a routing issue exists. 9 What is a characteristic of network maintenance? Network maintenance typically excludes consideration of network changes. Port Fa0/20 will transition from blocking to forwarding state after the spanning tree convergence.0.7.0.10 . Port Fa0/20 will become a root port.255.0 172.0 172.0 172. What would happen when the administrator plugs this switch into port Fa0/20 on ASW_1 in an attempt to extend the LAN? Port Fa0/20 will be shut down.0. A network administrator is troubleshooting a connectivity issue between LAN clients on routers R1 and R3. A junior network administrator tested a new switch in the lab and verified that the bridge ID is 32887.16.0.255. The amount of resources expended on network maintenance is consistent across all companies. Configure an additional router to be a secondary point of route redistribution.10 R2(config)# ip route 172. Connectivity tests from R2 to the R1 and R3 LAN segments are successful.0.0 255.9 R3(config)# ip route 172.0. Proper network maintenance will eliminate network downtime.0.6.16.7.255.1 R1(config)# ip route 172.16. BPDU guard and PortFast have been configured on all edge ports on the access switches. 10 Refer to the exhibit. Redistribute all subnets in both EIGRP and OSPF domains.7.9 R3(config)# ip route 0.0 172. Maintaining network documentation is an important element of network maintenance.0 0.Filter the routes being redistributed between the protocols.7.7.

The DHCP client sends out a DHCPDISCOVER broadcast message to find its local DHCP server.251 command and follow the path to the host.e2a0 command on various switches and follow the path to the host.251.10. What could be concluded about the TACACS+ failure based on the exhibited command output from debug tacacsand debug aaa authentication? The TACACS+ server is not operational. The TACACS+ server key of the router does not match that of the TACACS+ server.10.251 command and discovers that the MAC address of the host is 0011. The TACACS+ server IP address has been incorrectly configured on the router.10.10.9254. the administrator successfully pings the host IP address and populates the ARP cache of the router. .10.10. Issue the traceroute 0011. 13 Which two pieces of information are displayed by the debug ip bgp command? (Choose two. The DHCP server sends a DHCPACK message with the full set of configuration parameters to the client. Issue the show vlan command on various switches and follow the path to the host. From the local gateway router. The username and password that were supplied by the user were rejected by the TACACS+ server. The administrator then issues the show ip arp 10.9254. What could the administrator do next to discover the physical location of the malicious host? Issue the show mac address-table address 0011.e2a0 command and follow the path to the host.) BGP updates route redistribution information BGP related events phases of BGP peering relationships internal metrics of IBGP routes 14 Refer to the exhibit.11 What is the final task in a structured troubleshooting process? gathering information testing the hypothesis documenting the changes eliminating possible causes 12 Syslogs reveal malicious activity originating from an internal host that is located at IP address 10. 15 Refer to the exhibit. Issue the traceroute 10.e2a0.9254. A network administrator issued the debug dhcp detail command to verify the operations of DHCP on router R2. Which statement is correct about the active DHCP processes on R2? The DHCP server sends a DHCPOFFER message with the full set of configuration parameters to the client.

which two NetFlow statements are correct? (Choose two.1. What are two plausible causes of the problem? (Choose two.The DHCP client sends out a DHCPREQUEST broadcast message to the DHCP server to accept the offered parameters.) All NetFlow packets sent from R1 to the traffic collector will be sourced from IP address 1.1. .) community edge isolated point-to-point promiscuous protected 20 Refer to the exhibit. 16 Which two benefits do the use of templates provide in the troubleshooting process? (Choose two. Based on the information that is provided.) provide an effective method of maintaining network documentation ensure that all individuals carry out similar tasks in a consistent manner document the solution to specific problems eliminating the requirement for troubleshooting allow each technician to select the best troubleshooting process to use for a particular problem ensure that the problem is located and corrected regardless of the knowledge level of the technician 17 Which VTP mode is configured on a switch in the implementation of private VLANs? client server transparent client or server client or transparent transparent or server 18 A network administrator notices frames are received on a different port than expected on a switch.1.) a routing error an access list error duplicate MAC addresses VLAN trunk misconfiguration a Spanning Tree Protocol related issue 19 What are the three private VLAN (PVLAN) port types? (Choose three.

1. However. The EIGRP neighbor is redistributing routes from OSPF with invalid seed metrics.1. The values of the SRTT and RTO fields should be much lower. The IP addresses of hosts on the R2 LAN are not being translated by R2. NetFlow version 5 should be configured if the infrastructure includes non-Cisco devices. 23 Refer to the exhibit. Interface FastEthernet 0/0 on router R1 requires the vrrp 1 priority 100 command to be issued.1. The R2 LAN is not configured as an inside interface. Interface FastEthernet 0/0 on router R1 requires the vrrp 1 preempt command to be issued. Router R1 is configured to use text authentication. NetFlow will forward the traffic statistics and packet payload content of interfaces Fa0/0 and Fa0/1 to IP address 10. The administrator then verifies the VRRP interface and key chain configurations. A network administrator is investigating a possible network congestion problem. The ACL is using a wrong pool reference. A network administrator is troubleshooting a NAT translation issue on router R2. what is the cause of the problem? Interface FastEthernet 0/0 on router R1 requires the vrrp 1 ip 10. 21 Refer to the exhibit. while R2 is configured to use MD5 authentication. Based on the information in the exhibit. 22 Refer to the exhibit. Based on the output in the exhibit. The Q Cnt field should be at zero. Router R1 should be configured to use text authentication. Which information is indicative of network congestion? The EIGRP neighbor has not sent any hello packets in the last 14 seconds. The EIGRP neighbor is offline and unreachable. what is the issue? The NAT pool is exhausted.10. 24 Which DHCP message is sent by the server to the client and contains the DHCP configuration parameters? DHCP DISCOVER DHCP OFFER .254 command to be issued. The Seq Num field should be much higher.10. An administrator has configured VRRP on routers R1 and R2.Interfaces Fa0/0 and Fa0/1 must also be included as flow-export source interfaces. no output is generated using the show vrrp brief command on router R1. NetFlow will track all ingress traffic for interfaces Fa0/0 and Fa0/1. The UDP value 9996 is optional because it is the default NetFlow destination port number. The static translation prevents any new dynamic translations.

1. You have been asked to troubleshoot a connectivity issue between R3 and R1. what does the administrator need to do on R1 to correct the issue? Map the DLCI to the link local address of R2. 27 Refer to the exhibit. RTB is able to exchange routing updates with RTA. 26 Refer to the exhibit. A network administrator is troubleshooting a connectivity issue between R1 and R2.1. Ports that should be blocked start forwarding. The tunnel source for Tunnel0 on R3 should be the IP address of Serial0/0/1 on R1. Change the OSPF neighbor to point to the global unicast address of R2. Frames with matching entries in the MAC address table are not forwarded.0/24 network. Based on the output. RTB has established an adjacency with RTA.DHCP REQUEST DHCP ACK DHCP NAK DHCP INFORM 25 Which statement is true based on the show ip ospf neighbor command output that is shown in the exhibit? RTB did not see its router ID in the hello packet that was received from RTA. From the partial output of theshow running-config command on both routers. The tunnel source for Tunnel0 on R1 should be the IP address of Loopback0 on R3. 28 Which type of spanning tree failure is the most disruptive? The STP reaches its maximum diameter. Change the IPv6 address on Serial 0/0/0 to be in the same segment as the Serial 0/0/0 interface of R2. Remove the broadcast keyword from the frame-relay map statement. The routers are failing to create a neighbor relationship and no OSPF HELLO packets are traversing the Frame Relay link. 29 . The tunnel destination for Tunnel0 on R1 should be the IP address of Serial0/0/1 on R3. A static route should be added to R1 to point to the 192.0/24 network.168. The TTL field in the Ethernet frames decrements to 0 on all frames. what configuration change is required? A static route should be added to R3 to point to the 192. The tunnel destination for Tunnel0 on R3 should be the IP address of Loopback0 on R1. RTB did not receive a hello packet from RTA.168.

) The interfaces have different network types. One of the routers is redistributing the OSPF routes into EIGRP. or automatically negotiate power settings. What is a likely cause of this message? The branch site has been configured for the Spanning Tree Protocol.Refer to the exhibit. The main site has inconsistencies in the physical ports that are members of the channel. Slow network connections cause OSPF advertisements to time out. The phone will not be able to discover auxiliary VLAN information. but the main site has not. Hello packets are not sent from either neighbor. The phone will be able to make calls but will not be able to receive calls. The network administrator at the main site checks the log and sees a %SPANTREE-2-CHNL_MISCFG message. Wireless network users are complaining about performance issues. especially when using Voice over WLAN. What effect will this have? The phone will experience intermittent connectivity. 30 Which backup mechanism presents the highest security risk? FTP HTTPS SCP TFTP 31 An administrator notices that CDP is disabled on a port that connects to an IP phone. Based on the output that is shown. The trunk between R1 and SW1 does not support QoS. QoS settings. SW1 is resetting the DSCP values supplied by the Lightweight AP. incompatible version of the Spanning Tree Protocol. QoS has not been enabled between the Lightweight AP and the Wireless LAN Controller. 32 Which two conditions could cause two routers to have trouble establishing a neighbor relationship in an OSPF network? (Choose two. 33 Refer to the exhibit. The phone will be placed into the default VLAN. The main site has been configured to bundle links into an EtherChannel and the branch site has not. what could be the problem? QoS is not supported in Lightweight mode. A port channel link between a branch site and the main site experiences an outage after a hardware upgrade at the branch site. The network command has put the connected interfaces into the same OSPF area. The Wireless LAN Controller has not been configured to support voice traffic. . The branch site is running a newer.

38 Which action occurs immediately following POST in the boot process of a Cisco IP phone? The IP phone sends DHCP broadcasts.95.233. The IP phone uses CDP to learn the voice VLAN. The IP phone requests a configuration file from a TFTP server. Based on the output of the debug ip nat command in the exhibit. what is causing this problem? The web server is denying the client request.101. how many isolated VLANs can be mapped to a primary VLAN? 0 1 2 4 platform dependent 36 Which switch error is indicative of a duplex mismatch on the full-duplex side of a link? Xmit-Err Rcv-Err FCS-Err Giants 37 Refer to the exhibit.2.1. The IP address 172. The classic IOS firewall has not been properly configured to allow HTTP traffic in response to an internal request.31. A Java applet reset option is configured on the zone-based policy firewall. The zone-based policy firewall has been configured to block all HTTP traffic to the server location.168.16.209.209 is the configured IP address on the remote PC.) Packets were not translated for the return path from source 192.132 from source 192. The IP phone initializes the IP stack. which two statements are true? (Choose two. Packets that are destined for 172.1.233.168. 39 .1. Entries that are indicated with NAT* have been translated via the fast path.31. Users are complaining that they are unable to access the web server that is located at 172. Based on the partial syslog output that is exhibited.34 Refer to the exhibit. 35 When configuring private VLANs. Entries with NAT* have the ToS value 5.95 are translated into 172. There is no logical path from the client to the web server location.31.

An administrator is troubleshooting an HSRP implementation on routers R1 and R2. All passwords are encrypted to level 7. .What occurs when the no service password-recovery command is entered on the router? Passwords will not be encrypted. 40 Which anti-spoofing mechanism will filter packets that enter a multilayer switch through an interface that does not provide the best path back to the source of the packet? spanning tree private VLAN intrusion prevention VLAN access control lists Unicast Reverse Path Forwarding 41 Which DSCP value should be applied to voice traffic? AF11 AF31 CS1 EF 42 Which command would a network administrator use to verify which VLANs are allowed on a trunk? show vlan show interfaces trunk show vlan interface show mac address-table 43 Refer to the exhibit.1. Routers R1 and R2 have different text authentication strings configured.1.1. what is the probable cause of the problem? Router R1 requires the standby 1 ip 10. Executive passwords can be changed in ROMMON mode. Routers R1 and R2 have different MD5 authentication strings configured. Executive passwords can be retrieved and viewed in the running configuration. Router R1 is configured to support text authentication while router R2 is configured to support MD5 authentication. The original configuration and passwords cannot be retrieved. Router R2 requires the standby 1 ip 10.254 command to be issued on interface FastEthernet 0/0. Based on the output in the exhibit. Router R1 is configured to support MD5 authentication while router R2 is configured to support text authentication.254 command to be issued on interface FastEthernet 0/0.1.

44 What are two problems that can occur when routes are redistributed in two directions? (Choose two. Change the FastEthernet 0/1 interface to an inside NAT interface. What should the administrator do next? . Which two FTP-related statements are true? (Choose two.) suboptimal routing routing loops lost seed metrics route filtering lost external routes 45 Refer to the exhibit. The transport input telnet command should be changed to transport input ssh.cfg configuration was successfully copied from the FTP server to the startup configuration file of router R1. The transport input telnet command should be changed to transport input none. The R1-test. Disable static NAT because it is interfering with the dynamic translations. What action should the administrator take to correct this problem? Remove the ACL because it is blocking connections.cfg configuration was successfully copied from the FTP server to the running configuration file of router R1.) The Configuration Rollback feature was preconfigured on router R1 via the archive command. Which changes should be made on the partial configuration as shown in the graphic? The enable password must be encrypted. Disable CEF because it is sending packets to the CPU for processing. The network administrator issues the show ip route command and verifies that the correct next hop IP address and egress interface are listed. 47 Refer to the exhibit. The commands listed under the VTY line should be listed under the Console line. The R1-test. The login credentials were sent to the FTP server in an encrypted format. Users are complaining that they are unable to connect to resources outside of their corporate network during peak hours. 48 Users at a branch office are complaining that they are unable to connect to resources at the head office. A network administrator is trying to secure the remote administration of the router by enabling the use of the SSH protocol. The ip ftp username and ip ftp password commands were issued on router R1. Increase the size of the NAT pool to provide more IP addresses for translation. 46 Refer to the exhibit. The configuration was copied using a method that is less secure than HTTPS.

In a converged spanning tree. Verify that the information in the CEF FIB is correct. The port is a root port. Verify the Layer 3 to Layer 2 mappings. how many blocked ports will there be in VLAN 1 for the pictured topology? 1 2 3 4 50 Refer to the exhibit. The port is in listening state. Decrease the DHCP lease time to make more addresses available at one time. Use the ip dhcp excluded-address command to exclude any statically assigned addresses from the DHCP pool.0.0. The instant the trunk link is brought up to the rest of the network. 53 A newly configured switch is connected to an existing network. . the entire network goes down. Verify end-to-end connectivity via the use of the ping command. Verify that the interface is active and participating in the routing process. What should the administrator do to correct this problem? Change the address assigned to the default router and dns server. 51 What is a characteristic of network maintenance toolkits? are vendor specific may be both GUI and CLI require expensive investments support only real-time monitoring 52 What can be inferred from the fact that a switch is receiving BPDUs on a port but not transmitting BPDUs? The port is a designated port. Users are complaining that they are receiving duplicate address error messages when they start their machines. 49 Refer to the exhibit. Change the netmask to 255.Verify that CEF is running on the router. What could have caused this problem? The switch was inserted into the network using an incorrect VTP domain name.0 to agree with the class A network that is used in the DHCP pool. The port is disabled.

The VTP password entered on the new switch did not match that of the existing VTP domain. 57 Refer to the exhibit.) Only high severity messages can be captured. 56 What are two limitations of using buffered logging? (Choose two. 54 Refer to the exhibit. The S0/0/0 interface of router East should be configured to provide DHCP relay. which two statements are true? (Choose two. What command would you issue on R1 to accomplish this? ip route 10.0. What is a plausible reason for this issue? An ACL is blocking broadcasts into the F0/0 interface of router North .3.3 255. You have been asked to correct the configuration on R1 so that the Tunnel 0 interface does not flap and R3 can be consistently reached from R1. Every time the running configuration file is saved to NVRAM. The DHCP server does not have a DHCP pool for 192.3. The time-period parameter must be configured to enable the automatic archiving of the runningconfiguration file everytime it is saved to NVRAM. Oldest messages are overwritten when allocated memory is exceeded. Message services may have messages filtered through a firewall.255.0 /24 network. The configuration revision number of the inserted switch was higher than the configuration revision of the VTP domain.255. Messages are lost when there is a connectivity issue. Log messages are removed when a device is powered down.255 Tunnel0 . The switch should have been placed into VTP Transparent Mode prior to being inserted into the network. A network engineer is investigating a reported issue of Computer1 not receiving its IP configuration from the DHCP server. The $h and $t parameters will automatically add the device hostname and version number to the archive filename.168. Computer2 is receiving its configuration from the DHCP server. Based on the output that is generated.) The archive path is the only mandatory archive parameter that must be configured. The configuration revision number of the inserted switch was lower than the configuration revision of the VTP domain. The WAN segment between routers East and North should be replaced with a LAN. it will also be automatically archived. Use the archive config privileged EXEC mode command to replace the running configuration file with the most recent archived file. 55 Refer to the exhibit.

16.25.255.16.255.25.3 255.x. which traffic will be inspected by the zone-based policy firewall? all TCP traffic that is destined for the public network all TCP traffic that is destined for the private network Telnet. Enter the neighborx.ip route 10.255.255.15.255.255.3 255. Remove the loopback interfaces on each router.3 255. Based on the partial configuration that is shown. Which solution would correct this problem? Change the neighbor peer IP addresses on R1 and R2 to the loopback interface IP address of the other router.255.16.255 Tunnel0 58 What type of BGP message precedes the successful formation of a BGP peering session? update keepalive established withdraw open 59 Refer to the exhibit.3.255 Tunnel0 ip route 172.25.x.x.0 255. Change the neighborx.16.3. A network administrator is unable to have two BGP peers exchange routing information. and HTTP traffic that is destined for the private network .255 Serial0/0/0 ip route 172.0 Serial0/0/0 ip route 172. and HTTP traffic that is destined for the public network Telnet. 60 Refer to the exhibit.xupdate-source command on R1 and R2 to refer to the FastEthernet interfaces.x.255.255. SMTP.2 255.xebgp-multihop 1 command on R1 and R2. SMTP.0 Serial0/0/0 ip route 172.255.

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.