Cisco 642-892 Practice Exam

Cisco 642-892
CISCO 642-892 Composite Exam
Practice Test
Version 2.2
Cisco 642-892: Practice Exam QUESTION NO: 1 Which two statements are true about IBGP neighbor relationships? (Choose two.) A. The BGP split-horizon rule specifies that routes learned via EBGP are never propagated to other IBGP peers. B. A full-mesh IBGP requires that neighbor relationships be established between all BGP enabled routers in the autonomous system. C. The BGP split horizon rule specifies that routes learned via IBGP are never propagated to other IBGP peers. D. An EGP or static routing is required between IBGP neighbors. E. IBGP neighbors must be in different autonomous systems. Answer: B,C
QUESTION NO: 2
Which three IP multicast group concepts are true? (Choose three.) A. If a packet is sent to a multicast group address, all members of the multicast group will receive it. B. A router must be a member of a multicast group to send to the group. C. If a packet is sent to a multicast group address, the multicast frame contains the source multicast address. D. A router must be a member of a multicast group to receive multicast data. E. A router does not have to be a member of a multicast group to send to the group. Answer: A,D,E
QUESTION NO: 3
Which two features or capabilities are valid options for both an Autonomous and a Lightweight WLAN solution? (Choose two) A. use of Cisco Secure Access Control Server (ACS) for security B. Cisco IOS software for configuration C. PoE capability D. use of a Cisco Wireless Location Appliance for location tracking E. Cisco Wireless Control System (WCS) for management Answer: A,C
"Pass Any Exam. Any Time." - www.actualtests.com
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam Explanation: Cisco Aironet access points provide secure manageable, high-performance, and reliable connectivity with exceptional range and performance. Lightweight access points operate in conjunction with Cisco wireless LAN controllers and the Wireless Control System (WCS). Standalone (autonomous) access points are managed by CiscoWorks Wireless LAN Solution Engine (WLSE) or CiscoWorks WLSE Express Cisco Aironet Access Points When originally deployed, the Cisco Aironet 350 Series Access Point was selected as the standard access point for both autonomous and lightweight solutions. The Cisco Aironet 350 Series was the most advanced, fully featured wireless access point available. It supported the 802.11b protocol standard (the most advanced at that time), which provides data rates of up to 11 Mbps. The Cisco Aironet 350 Series also supported inline Power over Ethernet (PoE), which greatly simplifies installation and reduces costs by eliminating the need for separate, dedicated power cabling to the main supply. Cisco Secure Access Control Server ( ACS) The Cisco Secure ACS is used as the standard AAA server for the global WLAN and for other recently introduced services such as 802.1x-based port authentication for wired Ethernet ports in public areas and Network Access Control (NAC), part of the Cisco Self-Defending Network security strategy. Pairs of Cisco Secure ACSs were deployed at strategic locations worldwide. The value of using a globally distributed AAA architecture instead of a single AAA server was highlighted by the WLAN deployment. Because of the greater load that a WLAN creates for AAA, due to authentications and reauthentications (as the client device roams from AP to AP), it was important to ensure that all users did not have to rely upon a single, centralized server. This would have introduced unacceptable delays for users in geographically remote areas. As such, at 13 different locations around the world, Cisco placed two ACS servers, in a load-balanced configuration, that served as AAA servers for that local geographical region. The ACS servers are fully integrated with the Cisco Active Directory domain structure, enabling a single sign-on (SSO) capability. Effectively, AD user credentials are used not only for access to their laptops and wired network but also to provide transparent authentication to the wireless network. SSO has greatly reduced the client impact for users and has helped ensure a common, user-friendly experience across platforms and transport media. Users need only remember their normal ID and password for access to their laptop, the wired network, and the wireless network, and they only have to enter their credentials once each session regardless of the transport medium they are using. Reference: http://www.wireless-center.net/Business-Wireless/Technology-Considerations.html
QUESTION NO: 4 Which statement is true concerning 6to4 tunneling?
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam A. IPv4 traffic is encapsulated with an IPv6 header. B. The edge routers can use any locally configured IPv6 address. C. An edge router must use IPv6 address of 2002::/16 in its prefix. D. Hosts and routers inside a 6to4 site will need a special code. Answer: C Explanation: A 6to4 tunnel is an automatic IPv6 tunnel where a 6to4 border router in an isolated IPv6 network creates a tunnel to a 6to4 border router in another isolated IPv6 network over an IPv4 infrastructure. The tunnel destination is determined by the globally unique, 32-bit IPv4 address of the remote 6to4 border router that is concatenated to the prefix 2002: :/ 16. 6to4 tunnels are configured between 6to4 border routers or between 6to4 border routers and hosts. A 6to4 relay service is a 6to4 border router that offers traffic forwarding to the IPv6 Internet for remote 6to4 border routers. A 6to4 relay forwards packets that have a 2002: :/ 16 source prefix. Reference: IPv6: Providing IPv6 Services over an IPv4 Backbone Using Tunnels http://www.cisco.com/en/US/docs/ios/solutions_docs/ipv6/v6sertun.html
QUESTION NO: 5
A. In the lightweight access point solution, WLAN management is provided by the WLAN Solution Engine (WLSE). B. In the autonomous access point solution, control is provided by the WLAN controller. C. Cisco Aironet lightweight access points cannot be supported by the Cisco Unified Wireless Network. D. In the autonomous access point solution, control is provided by the Wireless Domain Services (WDS). E. In the lightweight access point solution, WLAN management is provided by the WLAN Control System (WCS). F. Cisco Aironet autonomous access points cannot be supported by the Cisco Unified Wireless Network. Answer: D,E Explanation: Part 1 Answer: There is a trend in the WLAN space toward centralized intelligence and control. In this new architecture, aWLAN controller system is used to create and enforce policies across many different lightweight access points.
Ac
tua
lTe
Which two statements about WLAN components are true? (Choose two.)
sts
.co
Cisco 642-892: Practice Exam
Part 2 Answer: Q. Is Cisco SWAN WDS required for RF management when the Cisco SWAN autonomous access point solution is used? A. Yes. A WDS device is required for the Cisco SWAN autonomous access-point solution. For deployments that use access-point-based WDS, at least one Cisco SWAN WDS access point per subnet is required for RF management of that subnet. For deployments that use the switch-based WDS on the Cisco Catalyst 6500 Series WLSM, up to 300 access points per device across subnets can be supported by a single Cisco Catalyst 6500 Series WLSM. References: www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps6306/prod_white_paper0900aecd802c18 ee_ns337_Networking_Solutions_White_Paper.html www.cisco.com/en/US/prod/collateral/netmgtsw/ps6380/ps6563/ps3915/prod_qas0900aecd80278 d08.html
QUESTION NO: 6 Refer to the exhibit. Which statement is true?
Ac
tua
lTe
sts
.co
As more vendors migrate to a hierarchical design, and as larger networks are built using lightweight access points, there is a need for a standardized protocol that governs how lightweight access points communicate with WLAN systems. This is the role of the Internet Engineering Task Force's (IETF's) latest draft specification, Lightweight Access Point Protocol (LWAPP). With LWAPP, large multivendor wireless networks can be deployed with maximum capabilities and increased flexibility.
Cisco 642-892: Practice Exam A. IP traffic matching access list ABC is forwarded through VLANs 5-10. B. All VLAN traffic matching VLAN list 5-10 will be forwarded, and all traffic matching access list ABC is dropped. C. All VLAN traffic in VLANs 5-10 that match access list ABC will be forwarded, and all else will be dropped. D. IP traffic matching VLAN list 5-10 will be forwarded, and all other traffic will be dropped. Answer: C Explanation: VLAN maps, also known as VLAN ACLs or VACLs, can filter all traffic traversing a switch. VLAN maps can be configured on the switch to filter all packets that are routed into or out of a VLAN, or are bridged within a VLAN. VLAN maps are used strictly for security packet filtering. Unlike router ACLs, VLAN maps are not defined by direction (input or output). To create a VLAN map and apply it to one or more VLANs, perform these steps: Create the standard or extended IP ACLs or named MAC extended ACLs to be applied to the VLAN. This access-list will select the traffic that will be either forwarded or dropped by the access-map. Only traffic matching the 'permit' condition in an access-list will be passed to the access-map for further processing. Enter the vlan access-map access-map-name [ sequence ] global configuration command to create a VLAN ACL map entry. Each access-map can have multiple entries. The order of these entries is determined by the sequence . If no sequence number is entered, accessmap entries are added with sequence numbers in increments of 10. In access map configuration mode, optionally enter an action forward or action drop . The default is to forward traffic. Also enter the match command to specify an IP packet or a non-IP packet (with only a known MAC address), and to match the packet against one or more ACLs (standard or extended). Use the vlan filter access-map-name vlan-list vlan-list global configuration command to apply a VLAN map to one or more VLANs. A single access-map can be used on multiple VLANs.
QUESTION NO: 7
Refer to the exhibit. On the basis of the information provided in the exhibit, which two sets of procedures are best practices for Layer 2 and 3 failover alignment? (Choose two.)
Ac
tua
lTe
sts
.co
A. Configure the D-SW1 switch as the active HSRP router and the backup STP root for VLANs 11 and 110. Configure the D-SW2 switch as the active HSRP router and the backup STP root for VLANs 12 and 120. B. Configure the D-SW2 switch as the active HSRP router and the STP root for all VLANs. Configure the D-SW1 switch as the standby HSRP router and backup STP root for all VLANs. C. Configure the D-SW1 switch as the standby HSRP router and the backup STP root for VLANs 12 and 120. Configure the D-SW2 switch as the standby HSRP router and the backup STP root for VLANs 11 and 110. D. Configure the D-SW1 switch as the standby HSRP router and the STP root for VLANs 11 and 110. Configure the D-SW2 switch as the standby HSRP router and the STP root for VLANs 12 and 120. E. Configure the D-SW1 switch as the active HSRP router and the STP root for all VLANs. Configure the D-SW2 switch as the standby HSRP router and backup STP root for all VLANs. F. Configure the D-SW1 switch as the active HSRP router and the STP root for VLANs 11 and 110. Configure the D-SW2 switch as the active HSRP router and the STP root for VLANs 12 and 120. Answer: C,F Explanation: Basically, each of the routers that provides redundancy for a given gateway address is assigned to a common HSRP group. One router is elected as the primary, or active, HSRP router, another is elected as the standby HSRP router, and all the others remain in the listen HSRP state. The routers exchange HSRP hello messages at regular intervals, so they can remain aware of each "Pass Any Exam. Any Time." - www.actualtests.com 7
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam other's existence, as well as that of the active router. HSRP election is based on a priority value (0 to 255) that is configured on each router in the group. By default, the priority is 100. The router with the highest priority value (255 is highest) becomes the active router for the group. If all router priorities are equal or set to the default value, the router with the highest IP address on the HSRP interface becomes the active router. To set the priority, use the following interface configuration command: Switch( config-if)# standby group priority priority When HSRP is configured on an interface, the router progresses through a series of states before becoming active. This forces a router to listen for others in a group and see where it fits into the pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally, Active. You can configure a router to preempt or immediately take over the active role if its priority is the highest at any time. Use the following interface configuration command to allow preemption: Switch( config-if)# standby group preempt [delay seconds]
QUESTION NO: 8
A. paths for which the NEXT_HOP is inaccessible B. paths that are marked as not synchronized in the show ip bgp output C. paths for which the NEXT_HOP is accessible D. paths from an internal BGP (iBGP) neighbor if the local autonomous system (AS) appears in the AS_PATH E. paths from an external BGP (eBGP) neighbor if the local autonomous system (AS) appears in the AS_PATH F. paths that are marked as synchronized in the show ip bgp output Answer: A,B,E
QUESTION NO: 9 DRAG DROP Drop
Ac
tua
lTe
A router is running BGP and receives more than one route for a particular prefix. Assume all the routes for this prefix have the same attributes. Which three path features would be reasons be for the router to ignore some of the routes and not consider them as candidates for the best path? (Choose three.)
sts
.co
Answer:
QUESTION NO: 10
What are the two reasons for the appearance of 0.0.0.0 as the next hop for a network in the show ip bgp command output? (Choose two.) A. The network was learned via EBGP. B. The network was learned via IBGP. C. The network was originated via a network or aggregate command. D. The network was originated via redistribution of an interior gateway protocol into BGP. E. The network was defined by a static route. Answer: C,D
QUESTION NO: 11 A Cisco Aironet Wireless LAN Adapter CB21AG is inserted into a PC cardbus slot. Both the green status LED and the amber activity LED are blinking slowly. What is the condition of the adapter?
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam A. The adapter is not receiving power. B. The adapter is in power save mode. C. The adapter is scanning for the wireless network for which it is configured. D. The adapter is transmitting or receiving data while associated to an access point or another client. E. The adapter is associated to an access point or another client. Answer: E Explanation: The client adapter shows messages through its two LEDs.
QUESTION NO: 12
Refer to the exhibit. On the basis of the information displayed in the exhibit, which statement is true?
A. Wireless clients will first attempt to authenticate with MAC authentication and if this fails, EAP authentication will be attempted. B. Wireless clients will attempt EAP authentication first, then MAC authentication.
Ac
tua
Reference: http://www.cisco.com/en/US/products/hw/wireless/ps4555/products_installation_and_configuration _guide_chapter09186a00801f0d77.html
lTe
sts
.co
10
Cisco 642-892: Practice Exam C. Wireless clients will first attempt to authenticate with MAC authentication and if this succeeds, EAP authentication will then be performed. D. Wireless clients will be successfully authenticated only if both their MAC address and EAP key match. E. Wireless clients will be successfully authenticated only if their WEP key is configured as "adam". Answer: A Explanation: The following example sets the authentication type for the SSID batman to open with a combination of MAC-address and EAP authentication. Client devices using the batman SSID first attempt MAC-address authentication using a server named adam . If MAC authentication succeeds, they join the network, but if it fails, they attempt EAP authentication using the same server. ap1100# configure terminal ap1100( config)# configure interface dot11radio 0 ap1100( config-if)# ssid batman
ap1100( config-ssid)# authentication open mac adam alternate eap adam ap1100( config-ssid)# end
QUESTION NO: 13
Refer to the exhibit. A Cisco Aironet Wireless LAN Client Adapter has been installed and configured through the ADU on the PC. The Aironet System Tray Utility (ASTU) has been enabled during the installation and the icon appears in the system tray area in the lower right of the desktop. What is the significance of the icon?
A. It indicates that the radio of the client adapter is disabled. B. It indicates that the client adapter is associated to an access point or another client, but the user is not EAP authenticated. "Pass Any Exam. Any Time." - www.actualtests.com 11
Ac
tua
Reference: Configuring Authentication Types http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo1100/accsspts/ap11icg/ivicgaut.htm
lTe
sts
.co
Cisco 642-892: Practice Exam C. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is poor. D. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is fair. E. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is excellent or good. F. It indicates that the client adapter is not associated to an access point or another client. Answer: C Explanation: he appearance of the ASTU icon indicates the connection status of your client adapter. ASTU reads the client adapter status and updates the icon every 1 to 5 seconds, depending on the value entered for the Refresh Interval on the Display Settings window.
QUESTION NO: 14
Ac
tua
lTe
sts
.co
12
Cisco 642-892: Practice Exam Which command lists the system IDs of all known IS-IS routers? A. show is-is neighbors detail B. showisis topology C. showisis database D. show clns neighbors E. show clns neighbors detail Answer: D Explanation: The command " show CLNS neighbors" database gives you information about the known system ID's, while the "show isis database" shows LSP ID information. Here is a sample output from a router's IS-IS link-state database: Example:
QUESTION NO: 15
Ac
Above is the output from show ip bgp neighbors command. What is line 21 stating about the BGP connection?
tua
lTe
sts
.co
13
Refer to the exhibit. Which statement is true about where trust boundaries should be established in a network? Exhibit: 55-1.gif
A. Endpoints 1 and 2 are optimal places to establish a trust boundary. Endpoint 3 is an acceptable place to establish a trust boundary. B. Endpoint 1 is the only acceptable place to establish a trust boundary.
Ac
tua
QUESTION NO: 16
lTe
Answer: C
sts
A. the number of consecutive TCP connections to the specified remote neighbor B. the number of neighbors that the router has C. the number of times the router has established a TCP connection D. the number of total TCP connections that the router has
.co
14
Cisco 642-892: Practice Exam C. Endpoint 2 is the optimal place to establish a trust boundary. Endpoints 1 and 3 are acceptable places to establish a trust boundary. D. Endpoints 2 and 3 are optimal places to establish a trust boundary. Endpoint 1 is an acceptable place to establish a trust boundary. E. Endpoint 1 is the optimal place to establish a trust boundary. Endpoints 2 and 3 are acceptable places to establish a trust boundary. F. Endpoint 2 is the only acceptable place to establish a trust boundary. Answer: E Explanation: Trust Boundaries: When connected by a single cable, the IP phone is the edge of the managed network. An integral part of the Cisco network design architecture has always been the classification, or coloring, of traffic as close to the edge of the network as possible. As such, the IP phone can and should classify traffic flows. Try to maintain the trust boundary in the wiring closet. If necessary, move it down to the distribution layer on a case-by-case basis, but avoid moving it to the core of the network. This advice conforms to the general guidelines for keeping the trust boundary as close to the source as possible. By default, Cisco IP phones mark all VoIP traffic with CoS =5 and DSCP=46. However, it is critical to make sure that the PC connected to the access port of the IP phone is not also classifying traffic. The recommended method for ensuring this is to extend the trust boundary of the Ethernet switch to the IP phone and not beyond, meaning the IP phone will re-classify all traffic coming from the PC with CoS=0. References: www.cisco.com/en/US/products/sw/cscowork/ps2064/products_user_guide_chapter09186a00800 7ff73.html www.cisco.com/en/US/products/hw/video/ps1870/products_implementation_design_guide_chapte r09186a00808f10a7.html
QUESTION NO: 17 Refer to the exhibit. What statement is true about the configuration on switch CAT1?
Ac
tua
lTe
sts
.co
15
A. Two IP phones with the MAC addresses of 0008.8595.d1a7 and 0007.8595.d2b7 are connected to CAT1 ports Fa0/11 and Fa0/12, respectively. B. The configuration establishes policed DSCP on ports Fa0/11 and Fa0/12 with values ranging from 8 to 56. C. Security violation shutdown mode has been activated for ports Fa0/11 and Fa0/12.
Ac
tua
lTe
sts
.co
16
Cisco 642-892: Practice Exam D. The configuration overrides 802.1p priorities on packets entering ports Fa0/11 and Fa0/12 with a value of 48. E. The configuration overrides the Quality of Service value in packets entering ports Fa0/11 and Fa0/12 with a value of 45. F. Untagged Port VLAN ID (PVID) frames will carry voice traffic on VLAN 40. Answer: A Explanation: Port security is a feature supported on Cisco Catalyst switches that restricts a switch port to a specific set or number of MAC addresses. Those addresses can be learned dynamically or configured statically. The port will then provide access to frames from only those addresses. If, however, the number of addresses is limited to four but no specific MAC addresses are configured, the port will allow any four MAC addresses to be learned dynamically, and port access will be limited to those four dynamically learned addresses. Port Security Implementation:
QUESTION NO: 18 Refer to the exhibit.
Ac
tua
lTe
sts
.co
17
Answer: C
Explanation: After BGP receives updates about different destinations from different autonomous systems, it chooses the best path to reach a specific destination. The following process summarizes how BGP chooses the best route on a Cisco router. Prefer the route with the highest weight. (The weight attribute is proprietary to Cisco and is local to the router only.) If multiple routes have the same weight, prefer the route with the highest local preference value. (The local preference is used within an autonomous system.) If multiple routes have the same local preference, prefer the route that the local router originated. A locally originated route has a next hop of 0.0.0.0 in the BGP table. If none of the routes were locally originated, prefer the route with the shortest autonomous system path. If the autonomous system path length is the same, prefer the lowest origin code (IGP < EGP < incomplete). If all origin codes are the same, "Pass Any Exam. Any Time." - www.actualtests.com 18
Ac
tua
A. It advertises the best MED. B. It advertises the best AS-path. C. It has a better router ID. D. It advertises the best local preference. E. It advertises a lower autonomous system. F. It advertises the best origin code.
lTe
sts
Router RT-1 and router RT-2 both advertise network 131.25.0.0/16 to router RT-3 via internal BGP. What is the reason that router RT-3 chose router RT-1 as its best path to network 131.25.0.0/16.
.co
Cisco 642-892: Practice Exam prefer the path with the lowest MED. (The MED is exchanged between autonomous systems.) The MED comparison is made only if the neighboring autonomous system is the same for all routes considered, unless the bgp always-compare-med command is enabled If the routes have the same MED, prefer external paths to internal paths. If synchronization is disabled and only internal paths remain, prefer the path through the closest IGP neighbor, which means that the router prefers the shortest internal path within the autonomous system to reach the destination (the shortest path to the BGP next hop). For EBGP paths, select the oldest route to minimize the effect of routes going up and down (flapping). Prefer the route with the lowest neighbor BGP router ID value. If the BGP router IDs are the same, prefer the router with the lowest neighbor IP address. .
QUESTION NO: 19 Which three statements are true about IP multicast configuration? (Choose three.) A. PIM sparse mode and PIM dense mode require an RP on the network. B. PIM sparse mode and PIM sparse-dense mode require an RP on the network. C. PIM dense mode interfaces are always added to the multicast routing table in a router. D. PIM sparse mode interfaces are always added to the multicast routing table in a router. E. PIM sparse-dense mode and PIM dense mode require an RP on the network. F. PIM sparse-dense mode acts as PIM dense mode if an RP is not known. Answer: B,C,F
Explanation: Sparse-mode routing protocols require the use of an Rendezvous Point (RP) and use shared trees . In a shared tree, sources forward multicast datagrams to a directly connected router, the designated router. The designated router encapsulates the datagram and unicasts it to an assigned RP router, which then forwards the datagram to members of multicast groups. In PIM sparse-dense mode, if an RP is not known for a group, the router sends data using PIM dense mode. However, if the router discovers an RP or you configure an RP statically, PIM sparse mode takes over.
QUESTION NO: 20 What is the difference between the IPv6 addresses ::/0 and ::/128? A. ::/0 is the default route, and ::/128 is the unspecified address. B. ::/0 is the unicast address, and ::/128 is the anycast address. C. ::/0 is the unicast address, and ::/128 is the multicast address.
Ac
tua
lTe
sts
.co
19
Cisco 642-892: Practice Exam D. ::/0 is the unspecified address, and ::/128 is the multicast address. E. ::/0 is the anycast address, and ::/128 is the multicast address. F. ::/0 is the anycast address, and ::/128 is the default address. Answer: A Explanation: : :/ 128 is the unspecified address (RFC4291). : :/ 0 is the default unicast route address. Reference: Special-Use IPv6 Addresses - draft-ietf-v6ops-rfc3330-for-ipv6-04.txt http://tools.ietf.org/html/draft-ietf-v6ops-rfc3330-for-ipv6-04
QUESTION NO: 21
Answer: B,D,F
Explanation: IS-IS is the dynamic link-state routing protocol for the OSI protocol stack. As such, IS-IS distributes routing information for routing CLNP data for the ISO CLNS environment. When IS-IS is used strictly for the ISO CLNS environment, it is referred to as ISO IS-IS. Differences between IS-IS and OSPF. Although IS-IS and OSPF share many common features, they do have quite a few differences: * Whereas OSPF routers can be part of multiple areas, an IS-IS router belongs to only one area per routing process. * In OSPF, the boundaries of areas are set in the router. The boundaries of areas are on the network connections between routers for IS-IS, reiterating that each router is in only one area per routing process. * IS-IS utilizes CLNS protocol data units (PDUs) to send information between routers instead of using IP packets, like OSPF does. * IS-IS allows for the preempting of DRs, where OSPF does not. * OSPF DROthers do not form adjacencies with other DROthers on broadcast multi-access networks, while in the same environment, all IS-IS intermediate systems form adjacencies with one another. * The backbone of an IS-IS network is designated by the type of routers in it instead of being "Pass Any Exam. Any Time." - www.actualtests.com
Ac
tua
lTe
sts
A. requires fewer neighbor relationships in a broadcast multiaccess network B. supports network layer protocols other than IP C. supports route tags D. supports more routers in an area E. does not require Hello packets to establish neighbor relationships F. produces fewer link state advertisements for a given network
.co
Which three are benefits of IS-IS over OSPF? (Choose three.)
20
Cisco 642-892: Practice Exam designated by an area number (0, in the case of OSPF).
QUESTION NO: 22 Which statement describes the difference between a manually configured IPv6 in IPv4 tunnel versus an automatic 6to4 tunnel? A. An automatic 6to4 tunnel allows multiple IPv4 destinations. B. A manually configured IPv6 in IPv4 tunnel does not require dual-stack (IPv4 and IPv6) routers at the tunnel endpoints. C. An automatic 6to4 tunnel does not require dual-stack (IPv4 and IPv6) routers at the tunnel endpoints. D. A manually configured IPv6 in IPv4 tunnel allows multiple IPv4 destinations.
QUESTION NO: 23
A. The route to 10.2.0.0/16 was redistributed into EIGRP. B. A default route has been redistributed into the EIGRP autonomous system. C. R1 is configured with the ip summary-address command. D. R1 is sourcing an external EIGRP route from Null0. E. The router at 10.1.1.2 is configured with the ip default-network 0.0.0.0 command. F. R1 is configured with the variance command. Answer: B,C,F
Ac
tua
lTe
sts
Based on the exhibited output, which three statements are true? (Choose three.)
.co
Answer: A
21
Cisco 642-892: Practice Exam QUESTION NO: 24 Refer to the exhibit. Routers R1 and R2 are IPv6 BGP peers that have been configured to support a neighbor relationship over an IPv4 internetwork. Which three neighbor IP addresses are valid choices to use in the highlighted section of the exhibit? (Choose three.)
Answer: A,E,F
QUESTION NO: 25 A router has two paths to reach another network in a different autonomous system. Neither route was generated by the local router and both routes have the same default weight and local preference values. Which statement is true about how BGP would select the best path? A. The router will prefer the shortest autonomous system path. B. The router will prefer the route with the lower MED. C. To influence one route to bepreferred, its default local preference value will be changed via the use of the command bgp default local-preference 50. D. If the command bgp always-compare-med has been given, then the router will prefer the route with the highest MED. "Pass Any Exam. Any Time." - www.actualtests.com 22
Ac
tua
A. ::10.67.0.2 B. 0A43:0002:: C. 10.67.0.2:: D. 10.67.0.2:0:0:0:0:0:0 E. ::0A43:0002 F. 0:0:0:0:0:0:10.67.0.2
lTe
sts
.co
Cisco 642-892: Practice Exam Answer: A Explanation: The shortest AS path is the fourth item checked by BGP routers, while the MED values are one of the last items looked at by BGP routers. The following is a partial list of rules used by BGP to determine the best path. Prefer the path with the highest WEIGHT. Note: WEIGHT is a Cisco-specific parameter, local to the router on which it's configured. Prefer the path with the highest LOCAL_PREF. Prefer the path that was locally originated via a network or aggregate BGP subcommand, or through redistribution from an IGP. Local paths sourced by network or redistribute commands are preferred over local aggregates sourced by the aggregateaddress command. Prefer the path with the shortest AS_PATH. Note the following: Prefer the path with the lowest origin type: IGP is lower than EGP, and EGP is lower than INCOMPLETE. Prefer the path with the lowest multi-exit discriminator (MED). Reference: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml
QUESTION NO: 26
Answer: D,E
QUESTION NO: 27
Identify three characteristics of EIGRP feasible successors? (Choose three.) A. A feasible successor is selected by comparing the advertised distance of a non-successor route to the feasible distance of the best route. B. If the advertised distance of the non-successor route is less than the feasible distance of best route, then that route is identified as a feasible successor. C. The feasible successor can be found in the routing table. D. If the successor becomes unavailable, then the feasible successor can be used immediately without recalculating for a lost route. E. Traffic will be load balanced between feasible successors with the same advertised distance.
Ac
tua
A. Sparse mode uses reverse path forwarding (RPF) to prune off redundant flows. B. Dense mode multicast requires explicit join messages from their members. C. The primary use of sparse mode multicast is for test labs and router performance testing. D. Dense mode multicast uses a push model to flood traffic throughout the network and then prunes the unwanted traffic. E. Sparse mode multicast uses a pull model to send multicast traffic to where it is requested.
lTe
sts
Which two multicast protocol statements are true? (Choose two.)
.co
23
Cisco 642-892: Practice Exam Answer: A,B,D Explanation: Once a neighbor relationship has been formed, called an Adjacency , the routers exchange routing update information and each router builds its own topology table. The Updates contain all the routes known by the sender. For each route, the receiving router calculates a distance for that route based on the distance that is conveyed and the cost to that neighbor that advertised the particular route. If the receiving router sees several routes to a particular network with different metrics, then the route with the lowest metric becomes the Feasible Distance (FD) to that network. The Feasible Distance is the metric of a network advertised by the connected neighbor plus the cost of reaching that neighbor . This path with the best metric is entered into the routing table because this is the quickest way to get to that network. With the other possible routes to a particular network with larger metrics, the receiving router also receives the Reported Distance (RD) to this network via other routers. The Reported Distance being the total metric along a path to a destination network as advertised by an upstream neighbor. The Reported Distance for a particular route is compared with the Feasible Distance that it already has for that route. If the Reported Distance is larger than the Feasible Distance then this route is not entered into the Topology Table as a Feasible Successor. This prevents loops from occurring. If the Reported Distance is smaller than the Feasible Distance, then this path is considered to be a Feasible Successor and is entered into the Topology table. The Successor for a particular route is the neighbor/peer with the lowest metric/distance to that network. If the receiving router has a Feasible Distance to a particular network and it receives an update from a neighbor with a lower advertised distance (Reported Distance) to that network, then there is a Feasibility Condition . In this instance, the neighbor becomes a Feasible Successor for that route because it is one hop closer to the destination network. There may be a number of Feasible Successors in a meshed network environment, up to 6 of them are entered into the Topology table thereby giving a number of next hop choices for the local router should the neighbor with the lowest metric fail. What you should note here, is that the metric for a neighbor to reach a particular network (i.e. the Reported Distance) must always be less than the metric (Feasible Distance) for the local router to reach that same network. This way routing loops are avoided. This is why routes that have Reported Distances larger than the Feasible Distance are not entered into the Topology table, so that they can never be considered as successors, since the route is likely to loop back through that local router.
QUESTION NO: 28 Refer to the exhibit. Which configuration is reflected in the output that is displayed in the exhibit?
Ac
tua
lTe
sts
.co
24
A. neighbor 192.168.28.1 route-map cisco in ! access-list 66 permit 10.30.0.0 0.0.255.255 ! route-map cisco permit 10 match ip address 66 set local-preference 90 B. neighbor 192.168.28.1 route-map cisco in ! access-list 66 permit 10.0.0.0 0.0.0.255 ! route-map cisco permit 10 match ip address 66 set local-preference 90 C. neighbor 192.168.28.1 route-map cisco out ! access-list 66 permit 10.30.0.0 0.0.255.255 ! route-map cisco permit 10 match ip address 66 set metric 90 D. neighbor 192.168.28.1 route-map cisco out ! access-list 66 permit 10.0.0.0 0.0.0.255 ! route-map cisco permit 10 match ip address 66 set metric 90 Answer: A
Explanation: In this example, the route map must be applied to incoming updated from the 192.168.28.1 peer since we are looking at the local BGP information that has been received by the peers. Also, as shown, the 10.30.0.0/16 route has had its local preference modified to 90 from the default value of 100. "Pass Any Exam. Any Time." - www.actualtests.com 25
Ac
tua
lTe
sts
.co
QUESTION NO: 29 Which statement is true about IP telephony calls? A. A Voice over IP (VoIP) packet consists of the voice payload, IP header, TCP header, RTP header, and Layer 2 link header. B. The sum of bandwidth necessary for each major application, including voice, video, and data, should not exceed 75 percent of the total available bandwidth for each link. C. Call control signaling uses Real-Time Transport Protocol (RTP) packets that contain actual voice samples. D. The voice carrier stream uses H.323 to set up, maintain, and tear down call endpoints. Answer: B Explanation: Voice over Internet Protocol (VOIP) is probably the most feasible among today's technologies for data, voice and video integration. VOIP is the technology that uses Internet Protocol to transmit voice conversations over a data network such as an intranet or the Internet. The multisite IP WAN with distributed call processing has the following design characteristics: * Cisco CallManager or Cisco CallManager cluster at each location (10,000 users maximum per site) * Cisco CallManager clusters are confined to a single campus and may not span the WAN * IP WAN as the primary voice path between sites, with the PSTN as the secondary voice path * Transparent use of the PSTN if the IP WAN is unavailable * Cisco IOS gatekeeper for E.164 address resolution * Cisco IOS gatekeeper for admission control to the IP WAN * Maximum of 100 sites interconnected across the IP WAN using hub and spoke topologies * Compressed voice calls supported across the IP WAN * Single WAN codec supported * DSP resources for conferencing and WAN transcoding at each site * Voice mail and unified messaging components at each site * Minimum bandwidth requirement for voice and data traffic is 56 kbps. For voice, interactive video, and data, the minimum requirement is 768 kbps. In each case, the bandwidth allocated to voice, video, and data should not exceed 75% of the total capacity * Remote sites can use Cisco IOS as well as gateways based on the Skinny Gateway Protocol
QUESTION NO: 30 Refer to the exhibit. Router RTA is the hub router for routers RTB and RTC. The Frame Relay network is configured with EIGRP, and the entire network is in autonomous system 1. However, router RTB and RTC are not receiving each other's routes. What is the solution? "Pass Any Exam. Any Time." - www.actualtests.com 26
Ac
tua
lTe
sts
.co
Answer: C
Explanation: Split horizon controls the sending of EIGRP update and query packets. When split horizon is enabled on an interface, these packets are not sent for destinations for which this interface is the next hop. This reduces the possibility of routing loops. By default, split horizon is enabled on all interfaces. Split horizon blocks route information from being advertised by a router out of any interface from which that information originated. This behavior usually optimizes communications among multiple routing devices, particularly when links are broken. However, with nonbroadcast networks (such as Frame Relay and SMDS) , situations can arise for which this behavior is less than ideal. For these situations, you may want to disable split horizon. In this example, routes received by RTB and RTC are not being sent back out the same serial interface on RTA, so they are not receiving each other's routes. Disabling Split horizons on interface S0/0 on RTA will fix this issue.
Ac
tua
A. Configure the auto summary command under router eigrp 1 on router RTA. B. Issue the no ip split horizon command on router RTA. C. Issue the no ip split horizon eigrp 1 command on router RTA. D. Configure a distribute list on router RTA that allows it to advertise all routes to the spoke routers. E. Configure subinterfaces on the spoke routers and assign different IP address subnets for each subinterface. F. Check and change the access lists on router RTA.
lTe
sts
.co
27
Cisco 642-892: Practice Exam QUESTION NO: 31 Refer to the exhibit and the partial configuration on routers R1 and R2. Hot Standby Routing Protocol (HSRP) is configured on the network to provide network redundancy for the IP traffic. The network administrator noticed that R2 does not became active when the R1 serial0 interface goes down. What should be changed in the configuration to fix the problem?
Explanation: You can configure a router to preempt or immediately take over the active role if its priority is the highest at any time. Use the following interface configuration command to allow preemption: Switch( config-if)# standby group preempt [delay seconds] By default, the router can preempt another immediately, without delay. You can use the delay keyword to force it to wait for seconds before becoming active. This is usually done if there are routing protocols that need time to converge.
QUESTION NO: 32 Which two statements are true about using IPv4 and IPv6 simultaneously on a network segment? (Choose two.) A. IPv4 and IPv6 addresses can be simultaneously assigned to a host but not to a router interface. B. IPv6 allows a host to create its own IPv6 address that will allow it to communicate to other devices on a network configured via DHCP. IPv4 does not provide a similar capability for hosts. "Pass Any Exam. Any Time." - www.actualtests.com 28
Ac
tua
Answer: D
lTe
A. R2 should be configured with a HSRP virtual address. B. R2 should be configured with a standby priority of 100. C. The Serial0 interface on router R2 should be configured with a decrement value of 20. D. The Serial0 interface on router R1 should be configured with a decrement value of 20.
sts
.co
Cisco 642-892: Practice Exam C. Hosts can be configured to receive both IPv4 and IPv6 addresses via DHCP. D. IPv6 provides for more host IP addresses but IPv4 provides for more network addresses. E. Host configuration options for IPv4 can be either statically assigned or assigned via DHCP. Host configuration options for IPv6 can be statically assigned only. Answer: B,C Explanation: The original specification of the Dynamic Host Configuration Protocol (DHCP) was made with only IPv4 in minD. That specification has been subsequently revised, up to the latest version of DHCP. With the arrival of IPv6, a new DHCP specification for IPv6 has been designed and published as DHCPv6. These protocols allow nodes to communicate via IPv4 or IPv6 (respectively) to retrieve configuration settings for operation in a managed environment. While an IPv6 node may acquire address-related configuration settings via IPv6 stateless address autoconfiguration, such a node may wish to use stateless DHCPv6 [5] for other administratively configured options, such as DNS or NTP. Reference: RFC 4477: Dynamic Host Configuration Protocol (DHCP): IPv4 and IPv6 Dual-Stack Issues http://www.ietf.org/rfc/rfc4477.txt
Which two reductions are the correct reductions of the IPv6 address 2001:0d02:0000:0000:0014:0000:0000:0095? (Choose two.) A. 2001:0d02:::0014:0:0:0095 B. 2001:d02:0:0:14::95 C. 2001:0d02:::0014:::0095 D. FF::0014:0:0:0095 E. 2001:d02::14:0:0:95 F. 2001:d02::14::95 Answer: B,E
QUESTION NO: 34 Refer to the exhibit. Which router configuration command can be given that will restrict router RTB from sharing its routing information with router RTA?
Ac
tua
lTe
QUESTION NO: 33
sts
.co
29
Answer: D
receive-only
connected
static
summary The eigrp stub command can be modified with several options, and these options can be used in any combination except for the receive-only keyword. The receive-only keyword will restrict the router from sharing any of its routes with any other router in that EIGRP autonomous system, and the receive-only keyword will not permit any other option to be specified because it prevents any type of route from being sent. In this example, the "eigrp stub receive-only" command needs to be "Pass Any Exam. Any Time." - www.actualtests.com 30
Ac
tua
Explanation: A router that is configured as a stub with the eigrp stub command shares connected and summary routing information with all neighbor routers by default. Four optional keywords can be used with the eigrp stub command to modify this behavior:
lTe
sts
A. the eigrp stub command on router RTB B. the eigrp stub receive-only command on router RTA C. the eigrp stub command on router RTA D. the eigrp stub receive-only command on router RTB E. the eigrp stub connected command on router RTB F. the eigrp stub connected command on router RTA
.co
Cisco 642-892: Practice Exam placed on router Hub to prevent it from sending any route information to Hub. Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a0080087 026.html
QUESTION NO: 35 In the hardware address 0000.0c07.ac0a what does 07.ac represent? A. HSRP group number B. HSRP well-known physical MAC address C. vendor code D. HSRP router number E. HSRP well-known virtual MAC address Answer: E
QUESTION NO: 36
Which is the most effective technique to contain EIGRP queries? A. using a hierarchical addressing scheme B. configuring route filters C. establishing separate autonomous systems D. route summarization Answer: D Explanation: EIGRP automatically summarizes routes at the classful boundary, the boundary where the network address ends as defined by class-based addressing. In most cases, auto summarization is a good thing, keeping the routing tables as compact as possible In the presence of discontiguous subnetworks, automatic summarization must be disabled for routing to work properly. To turn off auto-summarization, use the following command: Router( config-router)# no auto-summary EIGRP also enables manual configuration of a prefix to use as a summary address. Manual "Pass Any Exam. Any Time." - www.actualtests.com 31
Ac
tua
lTe
Explanation: HSRP code (HSRP well-known virtual MAC address) - The fact that the MAC address is for an HSRP virtual router is indicated in the next two bytes of the address. The HSRP code is always 07.aC. The HSRP protocol uses a virtual MAC address, which always contains the 07.ac numerical value. Reference: Building Cisco Multilayer Switched Networks (Cisco Press) page 268
sts
.co
Cisco 642-892: Practice Exam summary routes are configured on a per-interface basis. The interface that will propagate the route summary must first be selected and then defined with the ip summary-address eigrp command, which has the following syntax: Router( config-if)#ip summary-address eigrp autonomous-system-number ip-address mask administrative-distance
QUESTION NO: 37 Which two statements are true about trust boundaries? (Choose two.) A. At the trust boundaries, the untrusted traffic will be marked with a new QoS value appropriate for the policy in place at the point where the traffic entered the campus network. B. Trust boundaries are used to determine which QoS mechanism will be applied to the traffic. C. Setting trust boundaries at the edge of the network allows intermediate hop devices to administer QoS policies without detailed packet identification. D. Trust boundaries are configured in the core of the network to provide the most efficient forwarding based upon QoS markings. Answer: A,C
Explanation: The packets that enter your network or hardware can be marked into different classes; you can define the trust boundaries in your network. You can define some devices as trusted devices and some as untrusted devices. The packets that come from trusted devices are considered trusted because the trusted devices classify the packets correctly. The packets that come from untrusted devices are considered untrusted because they might not classify the packets correctly. After you have marked the packets and defined the trust boundaries, you can force the scheduling of the packets into different queues. These queues invoke at the time of congestion. Defining trust boundaries is important in your network. Setting the trust boundary at the IP phone means that you can accept all the IP phone markings into the network without modifications. You should always try to do classification close to the edge of the network, for scalability. On an IP phone, the tagged data (802.1Q/p) from the PC or any other device that is attached to the access port of the IP phone can be trusted or untrusted. In trusted mode, the IP phone passes all the data unchanged. In untrusted mode, the IP phone re-marks the Layer 2 CoS value to the new value (if configured on the access layer switch) or changes it to 0, if nothing is configured. The default is untrusted mode, which is the recommend method. Reference: http://www.ciscopress.com/articles/article.asp?p=385336&seqNum=2
QUESTION NO: 38 HOTSPOT
Ac
tua
lTe
sts
.co
32
Answer:
Ac
tua
lTe
sts
.co
33
QUESTION NO: 39 In which three HSRP states do routers send hello messages? (Choose three.) A. standby B. learn C. speak D. listen "Pass Any Exam. Any Time." - www.actualtests.com 34
Ac
tua
lTe
sts
.co
Explanation:
Cisco 642-892: Practice Exam E. active Answer: A,C,E Explanation: When HSRP is configured on an interface, the router progresses through a series of states before becoming active. This forces a router to listen for others in a group and see where it fits into the pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally, Active. Only the standby (second highest priority) router monitors the hello messages from the active router. By default, hellos are sent every 3 seconds. If hellos are missed for the duration of the holdtime timer (default 10 seconds, or 3 times the hello timer), the active router is presumed down. The standby router is then clear to assume the active role. If other routers are sitting in the Listen state, the next-highest priority router is allowed to become the new standby router.
Which two statements are true about HSRP, VRRP, and GLBP? (Choose two.) A. HSRP allows for multiple upstream active links being simultaneously used, whereas GLBP does not. B. GLBP allows for router load balancing of traffic from a network segment by utilizing the creation of multiple standby groups. C. GLBP allows for router load balancing of traffic from a network segment without the different host IP configurations required to achieve the same results with HSRP. D. Unlike HSRP and VRRP, GLBP allows automatic selection and simultaneous use of multiple available gateways. E. GLBP and VRRP allow for MD5 authentication, whereas HSRP does not. Answer: C,D
Explanation: 1. GLBP To provide a virtual router, multiple switches (routers) are assigned to a common GLBP group. Rather than having just one active router performing forwarding for the virtual router address, all routers in the group can participate and offer load balancing by forwarding a portion of the overall traffic. 2. VRRP The Virtual Router Redundancy Protocol (VRRP) is a standards-based alternative to HSRP, defined in IETF standard RFC 2338. VRRP is so similar to HSRP that you need to learn only slightly different terminology and a couple of slight functional differences. VRRP provides one redundant gateway address from a group of routers. The active router is called the master router , while all others are in the backup state . The master router is the one with the highest router "Pass Any Exam. Any Time." - www.actualtests.com 35
Ac
tua
lTe
sts
.co
QUESTION NO: 40
Cisco 642-892: Practice Exam priority in the VRRP group. VRRP group numbers range from 0 to 255; router priorities range from 1 to 254 (254 is the highest; 100 is the default). The virtual router MAC address is of the form 0000.5e00.01 xx , where xx is a two-digit hex VRRP group number. VRRP advertisements are sent at 1-second intervals. Backup routers can optionally learn the advertisement interval from the master router. By default, all VRRP routers are configured to preempt the current master router, if their priorities are greater. VRRP has no mechanism for tracking interfaces to allow more capable routers to take over the master role. 3. HSRP HSRP is a Cisco-proprietary protocol developed to allow several routers (or multilayer switches) to appear as a single gateway address. RFC 2281 describes this protocol in more detail. Basically, each of the routers that provides redundancy for a given gateway address is assigned to a common HSRP group. One router is elected as the primary, or active, HSRP router, another is elected as the standby HSRP router, and all the others remain in the listen HSRP state. The routers exchange HSRP hello messages at regular intervals, so they can remain aware of each other's existence, as well as that of the active router.
Ac
tua
lTe
sts
.co
36
Answer:
Explanation:
Ac
tua
lTe
sts
.co
37
QUESTION NO: 42
Which statement is true regarding the configuration of ISL trunks? A. ISL trunking requires that native VLANs match. B. A Catalyst switch will report giants if one side is configured for ISL while the other side is not. C. All Catalyst switches support ISL trunking. D. A Catalyst switch cannot have ISL and IEEE 802.1q trunks enabled. Answer: B
Explanation: The Inter-Switch Link (ISL) protocol is a Cisco proprietary method for preserving the source VLAN identification of frames passing over a trunk link. ISL performs frame identification in Layer 2 by encapsulating each frame between a header and trailer. Any Cisco switch or router device configured for ISL can process and understand the ISL VLAN information. ISL is primarily used for Ethernet media, although Cisco has included provisions to carry Token Ring, FDDI, and ATM frames over Ethernet ISL. (A Frame-Type field in the ISL header indicates the source frame type.) When a frame is destined out a trunk link to another switch or router, ISL adds a 26-byte header and a 4-byte trailer to the frame. The source VLAN is identified with a 10-bit VLAN ID field in the header. The trailer contains a cyclic redundancy check (CRC) value to ensure the data integrity of the new encapsulated frame. Figure 6-3 shows how Ethernet frames are encapsulated and forwarded out a trunk link. Because tagging information is added at the beginning and end of each frame, ISL is sometimes referred to as double tagging .
QUESTION NO: 43
Ac
tua
lTe
sts
.co
38
Cisco 642-892: Practice Exam What are the basic configuration steps to enable IS-IS? A. Configure the network net-id command(s) and the is-type level-1-2 command under routerisis. B. Configure the net system-id command under routerisis and enable IS-IS on each interface with the ip router isis command. C. Configure the net system-id and the network net-id commands under routerisis and enable ISIS on each interface with the ip router isis command. D. Configure the network net-id command(s) under routerisis and enable IS-IS on each interface with the ip router isis command. E. Configure the net system-id and the network net-id commands under routerisis. Answer: B Explanation: In order to enable IS-IS for IP on a Cisco router and have it exchange routing information with other IS-IS enabled routers, you must perform the following two tasks: Enable the IS-IS process and assign area Enable IS-IS for IP routing on an interface The sample configuration below configures an IS-IS router with the following parameters: Area 49.0001 Level 1 (L1) and Level 2 (L2) routers (this is the default unless otherwise specified) No optional parameters Running IS-IS for IP only Loopback interfaces (loopbacks are advertised by IS-IS, not IS-IS enabled) Reference: http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080093f38.s html
QUESTION NO: 44
A. Because Router R4 is not a feasible successor, EIGRP will not select path R1-R4-R5 for load balancing. "Pass Any Exam. Any Time." - www.actualtests.com 39
Ac
Refer to the exhibit. On all routers in the network, EIGRP has been configured for load balancing across the three links. However, traffic destined for Network B from R1 is only load balanced over paths R1-R2-R5 and R1-R3-R5. What is the cause of the problem?
tua
lTe
sts
.co
Cisco 642-892: Practice Exam B. EIGRP will not select path R1-R4-R5 for load balancing unless the value of the variance parameter is increased. C. EIGRP will not select more than two links for unequal cost path load balancing. D. Because the path has a different link type, EIGRP will not select path R1-R4-R5 for load balancing. Answer: A
QUESTION NO: 45 Which statement is true about EBGP? A. An internal routing protocol can be used to reach an EBGP neighbor. B. A static route can be used to form an adjacency between neighbors. C. EBGP requires a full mesh. D. The next hop does not change when BGP updates are exchanged between EBGP neighbors. Answer: B
QUESTION NO: 46
A. association request/response, authentication request/response, probe request/response B. probe request/response, association request/response, authentication request/response C. probe request/response, authentication request/response, association request/response D. association request/response, probe request/response, authentication request/response Answer: C Explanation: From the Cisco FAQ on Cisco Aironet Wireless Security: What steps does Open Authentication involve for a client to associate with the AP? The client sends a probe request to the APs. The APs send back probe responses. The client evaluates the AP responses and selects the best AP. The client sends an authentication request to the AP. The AP confirms authentication and registers the client. The client then sends an association request "Pass Any Exam. Any Time." - www.actualtests.com 40
Ac
A client is searching for an access point (AP). What is the correct process order that the client and access point go through to create a connection?
tua
lTe
Explanation: Only choice C is correct. To reach a EBGP peer, a static route can be used with the EBGP multihop command to establish a neighbor adjacency. Unlike interior routing protocols, EBGP neighbors do not need to physically be connected to each other. All that is needed is a path to the peer IP address, and a valid TCP port 179 connection between the BGP routers.
sts
.co
Cisco 642-892: Practice Exam to the AP. The AP confirms the association and registers the client. Reference: http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e8297.sht ml
QUESTION NO: 47 Which three statements are true about the voice VLAN feature on a Catalyst 2950 switch? (Choose three.) A. The default CoS value for incoming traffic is set to 0. B. The voice VLAN feature is disabled by default. C. The IP phone accepts the priority of all tagged and untagged traffic and sets the CoS value to 4. D. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port. E. PortFast is is automatically disabled when a voice VLAN is configured. F. The CoS value is trusted for 802.1p or 802.1q tagged traffic. Answer: A,B,D
In software releases earlier than Cisco IOS Release 12.1(13 )EA1 , the CoS value is trusted for all 802.1P or 802.1Q tagged traffic, and the IP Phone does not override the priority of the incoming traffic. Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_19_ea1/config uration/guide/swvoip.html
QUESTION NO: 48 Refer to the exhibit. How will interface FastEthernnet0/1 respond when an 802.1x-enabled client connects to the port?
Ac
tua
Explanation: Default Voice VLAN Configuration The voice VLAN feature is disabled by default. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port. The default CoS value is 0 for incoming traffic. The CoS value is not trusted for 802.1P or 802.1Q tagged traffic. The IP Phone overrides the priority of all incoming traffic (tagged and untagged) and sets the CoS value to 0. Note:
lTe
sts
.co
41
A. The switch will cause the port to remain in the unauthorized state, ignoring all attempts by the client to authenticate. B. The switch port will disable 802.1x port-based authentication and cause the port to transition to the authorized state without any further authentication exchange. C. The switch will uniquely authorize the client by using the client MAC address. D. The switch port will enable 802.1x port-based authentication and begin relaying authentication messages between the client and the authentication server. Answer: B
Explanation: The IEEE 802.1x standard defines a port-based access control and authentication protocol that restricts unauthorized workstations from connecting to a LAN through publicly accessible switch ports. The authentication server authenticates each workstation that is connected to a switch port before making available any services offered by the switch or the LAN. Until the workstation is authenticated, 802.1x access control allows only Extensible Authentication Protocol over LAN (EAPOL) traffic through the port to which the workstation is connected. After authentication succeeds, normal traffic can pass through the port. You control the port authorization state by using the dot1x port-control interface configuration command and these keywords: force-authorized : Disables 802.1x port-based authentication and causes the port to transition to the authorized state without any authentication exchange required. The port transmits and receives normal traffic without 802.1x-based authentication of the client. This is the default setting. force-unauthorized : Causes the port to remain in the unauthorized state, ignoring all attempts by the client to authenticate. The switch cannot provide authentication services to the client through the interface. auto : Enables 802.1x port-based authentication and causes the port to begin in the unauthorized state, allowing only EAPOL frames to be sent and received through the port. The authentication process begins when the link state of the port transitions from down to up (authenticator initiation) or when an EAPOL-start frame is received (supplicant initiation). The switch requests the identity of the client and begins relaying authentication messages between the client and the authentication server. The switch uniquely identifies each client attempting to access the network by using the client MAC address. Example:
Ac
tua
lTe
sts
.co
42
QUESTION NO: 49
Ac
tua
Refer to the network of Layer 3 switches in the exhibit. The RPI Multicast Server only multicasts to hosts connected to multilayer switches 5 and 6. The CMU Multicast Server multicasts to hosts on multilayer switches 1-6. Given the number of configuration steps involved, what is the most efficient way to configure the network while meeting the requirements for multicast data flow?
lTe
sts
.co
43
A. Configure each switch with PIM sparse-dense mode. Configure switch 3 as a rendezvous point for the RPI multicast stream. B. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode. Allow the switches to elect their own root for each multicast tree. C. Configure each switch with PIM sparse mode. D. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode. Leave each multicast server as the root of its own multicast tree. E. Configure each switch with PIM dense mode. F. Configure each switch with PIM sparse mode and a separate instance of PIM dense mode. Specify switch 1 as the root for the RPI Multicast Server. Specify switch 2 as the root for the CMU Multicast Server. Answer: A
Ac
tua
lTe
sts
.co
44
Cisco 642-892: Practice Exam QUESTION NO: 50 Which protocol allows for the automatic selection and simultaneous use of multiple available gateways as well as automatic failover between those gateways? A. IRDP B. GLBP C. HSRP D. VRRP Answer: B Explanation: To provide a virtual router, multiple switches (routers) are assigned to a common GLBP group. Rather than having just one active router performing forwarding for the virtual router address, all routers in the group can participate and offer load balancing by forwarding a portion of the overall traffic. The advantage is that none of the clients have to be pointed toward a specific gateway address-they can all have the same default gateway set to the virtual router IP address. The load balancing is provided completely through the use of virtual router MAC addresses in ARP replies returned to the clients. As a client sends an ARP request looking for the virtual router address, GLBP sends back an ARP reply with the virtual MAC address of a selected router in the group. The result is that all clients use the same gateway address but have differing MAC addresses for it.
QUESTION NO: 51
A. Configure the bandwidth on all EIGRP Frame Relay interfaces to the committed information rate (CIR). B. Configure the EIGRP hold time on all Frame Relay interfaces to 15 seconds.
Ac
Refer to the exhibit. EIGRP is enabled on all routers on the network. What additional configuration is required for the routers connected over the Frame Relay multipoint interfaces to compensate for a low-speed NBMA connection?
tua
lTe
sts
.co
45
Cisco 642-892: Practice Exam C. Configure the EIGRP hold time on all Frame Relay interfaces to 180 seconds. D. Configure the bandwidth on all EIGRP Frame Relay interfaces to the lowest CIR multiplied by the number of PVCs for the multipoint connection. E. Configure the EIGRP hello interval on all Frame Relay interfaces to 60 seconds. F. Configure the EIGRP hello interval on all Frame Relay interfaces to 5 seconds. Answer: D
QUESTION NO: 52 Refer to the exhibit. On basis of the configuration that is provided, where will the trust boundary be established in this network? Exhibit: 10-c.gif
A. at the IP phone B. at the PC C. at the distribution switch D. at the access switch Answer: D
Explanation: The example shown is a properly configured switch where the trust boundary is being set at the access port on the switch itself. The "switchport voice vlan vlan-id dot1q" command enables voice VLAN on switch port and associated VLAN. The "mls qos trust cos" command enables QoS (Quality of Services ) based on COS (Class of service). The "switchport priority cos <priority>" value sets the priority values to frame coming from PC to switch port. "Pass Any Exam. Any Time." - www.actualtests.com 46
Ac
tua
lTe
sts
.co
QUESTION NO: 53 Refer to the exhibit. What is the correct output of the command show ip route on router R2?
A. R2# show ip route <output omitted> 10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0 i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1 i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0 "Pass Any Exam. Any Time." - www.actualtests.com
Ac
tua
lTe
sts
.co
47
Cisco 642-892: Practice Exam C 10.1.2.0/24 is directly connected, Serial1/0 i su 10.1.2.0/23 [115/10] via 0.0.0.0, Null0 C 10.1.0.0/24 is directly connected, Serial1/1 i L2 10.1.0.0/23 [115/20] via 10.1.0.1, Serial1/1 B. R2# show ip route <output omitted> 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0 i L1 10.200.200.13/32 [115/30] via 10.1.2.4, Serial1/0 [115/30] via 10.1.0.1, Serial1/1 i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0 C 10.1. 2.0/24 is directly connected, Serial1/0 i L1 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1 C 10.1.0.0/24 is directly connected, Serial1/1 C. R2# show ip route <output omitted> 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0 i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1 i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0 C 10.1.2.0/24 is directly connected, Serial1/0 i L2 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1 C 10.1.0.0/24 is directly connected, Serial1/1 D. R2# show ip route <output omitted> 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks i L2 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0 i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1 i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0 C 10.1.2.0/24 is directly connected, Serial1/0 i L2 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1 C 10.1.0.0/24 is directly connected, Serial1/1 E. R2# show ip route <output omitted> 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks i L1 10.200.200.14/32 [115/20] via 10.1.2.4, Serial1/0 i L2 10.200.200.13/32 [115/30] via 10.1.0.1, Serial1/1 i L1 10.1.3.0/24 [115/20] via 10.1.2.4, Serial1/0 i L1 10.1.2.0/24 is directly connected, Serial1/0 i L2 10.1.1.0/24 [115/20] via 10.1.0.1, Serial1/1 i L2 10.1.0.0/24 is directly connected, Serial1/1
Ac
tua
lTe
sts
.co
48
Cisco 642-892: Practice Exam Answer: C
QUESTION NO: 54 What two steps can be taken to help prevent VLAN hopping? (Choose two.) A. Enable BPD guard. B. Place unused ports in a common unrouted VLAN. C. Implement port security. D. Disable CDP on ports where it is not necessary. E. Prevent automatic trunk configurations. Answer: B,E Explanation: To prevent VLAN hoping you should disable unused ports and put them in an unused VLAN, or a separate unrouted VLAN. By not granting connectivity or by placing a device into a VLAN not in use, unauthorized access can be thwarted through fundamental physical and logical barriers. Another method used to prevent VLAN hopping is to prevent automatic trunk configuration. Hackers used 802.1Q and ISL tagging attacks, which are malicious schemes that allow a user on a VLAN to get unauthorized access to another VLAN. For example, if a switch port were configured as DTP auto and were to receive a fake DTP packet, it might become a trunk port and it might start accepting traffic destined for any VLAN. Therefore, a malicious user could start communicating with other VLANs through that compromised port. Reference: VLAN Security White Paper, Cisco Systems http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a00801315 9f.shtml
QUESTION NO: 55
Which command displays statistics on EIGRP hello, updates, queries, replies, and acknowledgments? A. show ip eigrp neighbors B. show ip eigrp topology C. show ip eigrp traffic D. debug eigrp packets Answer: C
Ac
tua
lTe
sts
.co
49
Cisco 642-892: Practice Exam QUESTION NO: 56 Refer to the exhibit. A network administrator consoles into the ASw1 switch and attempts to save the switch configuration to the TFTP server that is located at IP address 10.1.2.10/24. However, whenever the copy running-config tftp command is issued with default options on switch ASw1, an error is produced. Which configuration would correct this situation?
Answer: C
Explanation: DHCP is not the only critical service that uses broadcasts. Cisco routers and other devices might use broadcasts to locate TFTP servers. Some clients might need to broadcast to locate a TACACS security server. In a complex hierarchical network, clients might not reside on the same subnet as key servers. Such remote clients broadcast to locate these servers, but routers, by default, do not forward client broadcasts beyond their subnet. Some clients are unable to make a connection without services such as DHCP. For this reason, the administrator must provide DHCP and DNS servers on all subnets or use the Cisco IOS software helper address feature. Running services such as DHCP or DNS on several computers creates overhead and administrative problems, so the first option is not very appealing. When possible, administrators use the ip helper-address command to relay broadcast requests for these key User Datagram Protocol (UDP) services. By using the ip helper-address command, a router can be configured to accept a broadcast request for a UDP service and then forward it as a unicast to a specific IP address "Pass Any Exam. Any Time." - www.actualtests.com 50
Ac
tua
A. ASw1(config)# interface range fastethernet 0/1 - 24 ASw1(config-if-range)# ip forward-protocol udp 69 B. RTA(config)# interface fastethernet0/1 RTA(config-if)# ip forward-protocol udp 69 C. RTA(config)# interface fastethernet0/0 RTA(config-if)# ip helper-address 10.1.2.10 D. RTA(config)# interface fastethernet0/1 RTA(config-if)# ip helper-address 10.1.2.10 E. RTA(config)# interface fastethernet0/0 RTA(config-if)# ip forward-protocol udp 69 F. ASw1# copy tftp running-config
lTe
sts
.co
Cisco 642-892: Practice Exam By default, the ip helper-address command will forward these 8 UDP ports: Reference: http://www.ciscopress.com/articles/article.asp?p=330807&seqNum=9
QUESTION NO: 57 Refer to the exhibit. What does the command channel-group 1 mode desirable do?
Explanation: The PAgP modes are explained below. Off: PAgP will not run. The channel is forced to remain down. Auto: PAgP is running passively. The formation of a channel is desired; however, it is not initiated. Desirable: PAgP is running actively. The formation of a channel is desired and initiated. On: PAgP will not run. The channel is forced to come up. There are four user-configurable channel modes: on, off, auto, and desirable. PAgP packets are exchanged only between ports in auto and desirable mode. Ports configured in on or off mode do not exchange PAgP packets. For switches to which you want to form an EtherChannel, it is best to have both switches set to desirable mode. This gives the most robust behavior if one side or the other encounters error situations or is reset. The default mode of the channel is auto. Both the auto and desirable modes allow ports to negotiate with connected ports to determine if they can form a channel. The determination is based on criteria such as port speed, trunking state, and native VLAN. Ports can form an EtherChannel when they are in different channel modes as long as the modes are compatible. This list provides examples: Reference: http://www.cisconet.com/index.php/EtherChannel/EtherChannel-configure-mode-withPAgP.html
QUESTION NO: 58 Which statement is true about IPv6? "Pass Any Exam. Any Time." - www.actualtests.com 51
Ac
tua
lTe
sts
Answer: A,E
.co
A. enables PAgP only if a PAgP device is detected B. enables LACP only if a LACP device is detected C. enables Etherchannel only D. enables LACP unconditionally E. enables PAgP unconditionally
Cisco 642-892: Practice Exam A. Each host can autoconfigure its address without the aid of a DHCP server. B. Only one IPv6 address can be assigned to each interface. C. Only one IPv6 address is assigned per node. Answer: A
QUESTION NO: 59 Examine the router output above. Which two items are correct? (Choose two.)
Explanation: Since preemption has been configured, we know that when any router comes back up, it will become the active router as long as it has a higher priority value. In this example, the current priority shows it to be 95. If the interface were to come up, it would now be 95 + 10 (which is the default value) so the total value would then become 105. If fast0/2 were to come up as well, it would then be 105 + 15 (special override as seen in the command) = 120. Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_12c_ea1/confi guration/guide/swhsrp.html
HSRP election is based on a priority value (0 to 255) that is configured on each router in the "Pass Any Exam. Any Time." - www.actualtests.com 52
Ac
Answer: C,D
tua
A. If Ethernet 0/2 goesdown, the standby router will take over. B. The local IP address of Router A is 10.1.0.6. C. When Ethernet 0/3 of RouterA comes back up, the priority will become 105. D. Router A will assume the active state if its priority is the highest. E. The local IP address of Router A is 10.1.0.20.
lTe
sts
.co
Cisco 642-892: Practice Exam group. By default, the priority is 100. The router with the highest priority value (255 is highest) becomes the active router for the group. If all router priorities are equal or set to the default value, the router with the highest IP address on the HSRP interface becomes the active router. To set the priority, use the following interface configuration command: Switch( config-if)# standby group priority priority When HSRP is configured on an interface, the router progresses through a series of states before becoming active. This forces a router to listen for others in a group and see where it fits into the pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally, Active.
QUESTION NO: 60
Answer: C
QUESTION NO: 61
A network administrator assigns a multicast address of 239.255.8.5 to an application running on a device with an Ethernet MAC address of 01.b2.7d.05.f1.80. Which Layer 2 multicast address will this device use? A. 01.00.5e.05.f1.80 B. ff.ff.ff.ff.ff.ff C. 01.00.5e.7F.08.05 D. 01.b2.7d.0a.08.05 E. 01.b2.7d.05.f1.80 Answer: C
QUESTION NO: 62 Refer to the exhibit. Which two statements are correct? (Choose two.)
Ac
tua
lTe
sts
A. OSPFv3 for IPv6 authentication is supported by SHA-1 authentication. B. OSPFv3 for IPv6 authentication is supported by MD5 authentication. C. OSPFv3 for IPv6 authentication is supported by IPv6 IPsec. D. OSPFv3 for IPv6 authentication is supported by IPv4 IPsec.
.co
How is authentication handled with OSPFv3?
53
A. All the routes were redistributed into BGP from an IGP. B. Four routes will be installed in the routing table. C. All the routes were originated by BGP with the network command. D. Two routes will be installed in the routing table. E. All six routes will be installed in the routing table.
QUESTION NO: 63
A. Untagged ingress traffic will be marked with the default CoS value of the port. B. Ingress traffic from the host will be tagged with theCoS value of 5. C. Tagged and untagged ingress traffic will be carried on VLAN 1. D. Untagged ingress traffic will be dropped. Answer: A Explanation: The "Switchport voice vlan vlan-id dot1q" command enables voice VLAN on switch port and associated VLAN. "Pass Any Exam. Any Time." - www.actualtests.com
Ac
tua
lTe
sts
Refer to the exhibit. Which statement is true about the configuration that is shown?
.co
Answer: A,B
54
Cisco 642-892: Practice Exam The "mls qos trust cos" command enables QoS (Quality of Services ) based on COS (Class of service) The "switchport priority cos <priority>" value sets the priority values to frame coming from PC to switch port. Since this has not been explicitly configured, the default CoS value of the port will be used.
QUESTION NO: 64 For what purpose is the command config network webmode enable used? A. to allow HTTPS access to the WLAN controller B. to allow SSH access to the CLI of the WLAN controller C. to allow HTTP access to the WLAN controller D. to allow SSL access to the CLI of the WLAN controller Answer: C
QUESTION NO: 65
Refer to the exhibit. Which two statements are true about the partial configuration that is provided. (Choose two.)
A. The peer group shortens the EBGP configuration. B. Three AS-path filters are applied to each BGP neighbor.
Ac
tua
lTe
sts
Explanation: (WLAN_Controller) >config network webmode enable This command Enables HTTP access to the WLAN controller Note: HTTPS access is enabled by default; unsecured HTTP is not. Reference: Cisco Press BCMSN Portable command guide
.co
55
Cisco 642-892: Practice Exam C. All the configured neighbors are in autonomous system 100. D. The peer group shortens the IBGP configuration. E. Only the outgoing filters are applied to BGP updates. Answer: C,D
QUESTION NO: 66 Which statement is true about utilizing a data network for voice traffic? A. Because voice traffic volume cannot be calculated, network bandwidth requirements must be determined from an existing installation. B. Voice traffic will require some form of QoS implementation only in congested networks. C. Network congestion must be totally eliminated to provide proper voice traffic performance. D. Adding bandwidth to the data network is the primary solution to provide for the needs of voice traffic. E. Voice traffic will require some form of QoS mechanisms in most networks. Answer: E
Explanation: For VoIP to be a realistic replacement for standard public switched telephone network (PSTN) telephony services, customers need to receive the same quality of voice transmission they receive with basic telephone services-meaning consistently high-quality voice transmissions. Like other real-time applications, VoIP is extremely bandwidth- and delay-sensitive . For VoIP transmissions to be intelligible to the receiver, voice packets should not be dropped, excessively delayed, or suffer varying delay (otherwise known as jitter). VoIP can guarantee high-quality voice transmission only if the voice packets, for both the signaling and audio channel, are given priority over other kinds of network traffic. For VoIP to be deployed so that users receive an acceptable level of voice quality, VoIP traffic must be guaranteed certain compensating bandwidth, latency, and jitter requirements. QoS ensures that VoIP voice packets receive the preferential treatment they require. In general, QoS provides better (and more predictable) network service by providing the following features:
Supporting dedicated bandwidth
Improving loss characteristics
Avoiding and managing network congestion
Ac
tua
lTe
sts
.co
56
Cisco 642-892: Practice Exam Shaping network traffic
Setting traffic priorities across the network Reference: http://www.cisco.com/en/US/docs/ios/solutions_docs/qos_solutions/QoSVoIP/QoSVoIP.html
QUESTION NO: 67 An IPv6 overlay tunnel is required to communicate with isolated IPv6 networks across an IPv4 infrastructure. There are currently five IPv6 overlay tunnel types. Which three IPv6 overlay tunnel statements are true? (Choose three.) A. An manual overlay tunnel supports point-to-multipoint tunnels capable of carrying IPv6 and Connectionless Network Service (CLNS) packets. B. Overlay tunneling encapsulates IPv6 packets in IPv4 packets for delivery across an IPv4 infrastructure. C. Overlay tunnels can only be configured between border routers capable of supporting IPv4 and IPv6. D. Cisco IOS supports manual, generic routing encapsulation (GRE), IPv6-compatible, 4to6, and Multiprotocol Label Switching (MPLS) overlay tunneling mechanisms. E. Overlay tunnels can be configured between border routers or between a border router and a host capable of supporting IPv4 and IPv6. F. Cisco IOS supports manual, generic routing encapsulation (GRE), IPv4-compatible, 6to4, and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) overlay tunneling mechanisms.
QUESTION NO: 68 For the accompanying router output, which of the following statements describes the state that neighbor 172.16.254.3 is in?
Ac
Answer: B,E,F
tua
lTe
sts
.co
57
A. The router is listening on its server port for connection requests from the peer. B. The router will not accept connections from the peer. C. The router has sent out an active TCP connection request to the peer. D. BGP can exchange routing information in this state. Answer: A
QUESTION NO: 69
A. WPA/WPA2/CCKM B. 802.1x C. WPA/WPA2 Passphrase "Pass Any Exam. Any Time." - www.actualtests.com 58
Ac
tua
lTe
sts
Refer to the exhibit. What radio button option on the Aironet Desktop Utility (ADU) Security tab includes the option of Advanced Encryption Standard (AES) and Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling?
.co
Cisco 642-892: Practice Exam D. Pre-Shared Key (Static WEP) Answer: A Explanation: EAP-FAST- This authentication type (Flexible Authentication via Secure Tunneling) uses a threephased tunneled authentication process to provide advanced 802.1X EAP mutual authentication. WPA uses Temporal Key Integrity Protocol (TKIP) and message integrity check (MIC) for data protection while WPA2 uses the stronger Advanced Encryption Standard encryption algorithm using Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (AESCCMP), so WPA2 will be required to use AES.
QUESTION NO: 70
Based on the show ip route isis output on R1, which statement is true?
A. The i su 10.1.0.0/23 route is a suppressed route. B. The i su 10.1.0.0/23 route is a summary route. "Pass Any Exam. Any Time." - www.actualtests.com 59
Ac
tua
Reference: http://www.cisco.com/en/US/docs/wireless/wlan_adapter/cb21ag/user/2.0/configuration/guide/winc h5kh.html
lTe
sts
.co
Cisco 642-892: Practice Exam C. The R1 IS-IS router is an ABR that belongs to multiple IS-IS areas. D. The R1 IS-IS router is an ASBR. E. The R1 IS-IS router is performing route aggregation and is suppressing the more specific 10.1.0.0/23 prefix. F. The i su 10.1.0.0/23 route is an IS-IS external route. Answer: B Explanation: The "su" in the routing table denotes an IS-IS summary null route. This route is automatically created within the router when IS-IS route summarization is configured.
QUESTION NO: 71
Answer: C,E,F
Explanation: All IPv6 addresses are 128 bits long to accommodate a far larger number of stations than what was possible with the 32 bit IPv4 addresses. The following displays the IPv6 header field in detail: IPv6 header: Version . 4 bits. IPv6 version number. Traffic Class . 8 bits. Internet traffic priority delivery value. Flow Label . 20 bits. Used for specifying special router handling from source to destination(s) for a sequence of packets. Payload Length . 16 bits unsigned. Specifies the length of the data in the packet. When cleared to zero, the option is a hop-by-hop Jumbo payload. Next Header . 8 bits. Specifies the next encapsulated protocol. The values are compatible with those specified for the IPv4 protocol field. Hop Limit . 8 bits unsigned. For each router that forwards the packet, the hop limit is decremented by 1. When the hop limit field reaches zero, the packet is discarded. This replaces the TTL field in the IPv4 header that was originally intended to be used as a time based hop limit. Source address . 16 bytes. The IPv6 address of the sending node. Destination address . 16 bytes. The IPv6 address of the destination node. "Pass Any Exam. Any Time." - www.actualtests.com
Ac
tua
lTe
sts
A. An IPv6 header contains the protocol field. B. An IPv6 header contains the header checksum field. C. An IPv6 header contains the next header field. D. An IPv6 header is 20 bits long. E. IPv6 routers send RA messages. F. An IPv6 address is 128 bits long.
.co
Which three are characteristics of IPv6? (Choose three.)
60
Cisco 642-892: Practice Exam Reference: http://www.networksorcery.com/enp/protocol/ipv6.htm
QUESTION NO: 72 What is the effect of enabling a voice VLAN on a Catalyst switch port? A. Port security is automatically enabled on a voice VLAN port. B. PortFast is disabled on the port. C. The CoS is trusted for 802.1P or 802.1Q tagged traffic. D. Untagged traffic is sent according to the default CoS priority of the port. Answer: D Explanation: Default Voice VLAN Configuration: The voice VLAN feature is disabled by default. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port. The CoS value is not trusted for 802.1P or 802.1Q tagged traffic. Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_12c_ea1/confi guration/guide/swvoip.html
QUESTION NO: 73
A. Once an access point associates with a controller in LWAPP Layer 3 mode, it receives an IP address from the controller. B. An access point first searches for a controller in LWAPP Layer 2 mode. If the search is not successful, the access point then attempts to locate a controller in LWAPP Layer 3 mode. C. An access point will search for a controller using a broadcast address if using LWAPP Layer 2 mode and a unicast address if using LWAPP Layer 3 mode. D. If multiple wireless controllers are detected by an access point, the controller with the fewest associated access points is chosen to associate with. E. In order to associate in Layer 3 mode, the access point must have been preconfigured with an IP address. Answer: B,D Explanation: This procedure for a LAP to register with a WLC is: The LAP issues a DHCP request to a DHCP server in order to get an IP address, unless an assignment was made previously with a static IP "Pass Any Exam. Any Time." - www.actualtests.com 61
Ac
tua
Which two statements correctly describe the association process between a lightweight access point and a WLAN controller? (Choose two.)
lTe
sts
.co
Cisco 642-892: Practice Exam address. If Layer 2 LWAPP mode is supported on the LAP, the LAP broadcasts an LWAPP discovery message in a Layer 2 LWAPP frame. Any WLC that is connected to the network and that is configured for Layer 2 LWAPP mode responds with a Layer 2 discovery response. If the LAP does not support Layer 2 mode, or if the WLC or the LAP fails to receive an LWAPP discovery response to the Layer 2 LWAPP discovery message broadcast, the LAP proceeds to step 3. If step 1 fails, or if the LAP or the WLC does not support Layer 2 LWAPP mode, the LAP attempts a Layer 3 LWAPP WLC discovery. If step 3 fails, the LAP resets and returns to step 1. The LAP uses this information to make a controller selection, with use of these precedence rules: If the LAP has previously been configured with a primary, secondary, and/or tertiary controller, the LAP examines the controller sysName field (from the LWAPP discovery responses) in an attempt to find the WLC that is configured as "primary". If the LAP finds a matching sysName for the primary controller, the LAP sends an LWAPP join request to that WLC. If the LAP cannot find its primary controller or if the LWAPP join fails, the LAP tries to match the secondary controller sysName to the LWAPP discovery responses. If the LAP finds a match, it then sends an LWAPP join to the secondary controller. If the secondary WLC cannot be found or the LWAPP join fails, the LAP repeats the process for its tertiary controller. The LAP looks at the Master Controller flag field in the LWAPP discovery responses from the candidate WLCs if one of these items is true: No primary, secondary, and/or tertiary controllers have been configured for an AP. These controllers cannot be found in the candidate list. The LWAPP joins to those controllers have failed. If a WLC is configured as a Master Controller, the LAP selects that WLC and send it an LWAPP join request. If the LAP cannot successfully join a WLC on the basis of the criteria in step 1 and step 2, the LAP attempts to join the WLC that has the greatest excess capacity. Reference: http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml
QUESTION NO: 74
Which three statements about STP timers are true? (Choose three.) A. The root bridge passes the timer information in BPDUs to all routers in the Layer 3 configuration. B. A switch is not concerned about its local configuration of the STPtimers values. It will only consider the value of the STP timers contained in the BPDU it is receiving. C. If any STP timer value (hello, forward delay, max age) needs to be changed, it should at least be changed on theroot bridge and backup root bridge. D. To successfully exchange BPDUs between two switches, their STPtimers value (hello, forward delay, max age) must be the same. E. On a switched network with a small network diameter, the STP hello timer can be tuned to a lower value to decrease the load on the switch CPU. "Pass Any Exam. Any Time." - www.actualtests.com 62
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam F. STPtimers values (hello, forward delay, max age) are included in each BPDU. Answer: B,C,F Explanation: STP operation is controlled by three timers. The Hello Time is the amount of time between the sending of Configuration BPDUs. The 802.1D standard specifies a default value of 2 seconds. This value controls Configuration BPDUs as the Root Bridge generates them. Other bridges propagate BPDUs from the Root Bridge as they are received. If BPDUs stop arriving for the time interval ranging from 2 to 20 seconds because of a network disturbance, or if the Root Bridges stop sending periodic BPDUs during this time, the timer will expire. 2 to 20 seconds is the range between the expected receipt of a BPDU and the expiration of the Max Age time. If the outage lasts for more than 20 seconds, the default Max Age time, the bridge invalidates the saved BPDUs and begins looking for a new Root Port. Forward Delay is the amount of time the bridge spends in the Listening and Learning states. This is a single value that controls both states. The default value of 15 seconds was originally derived assuming a maximum network size of seven bridge hops, a maximum of three lost BPDUs, and a Hello Time of 2 seconds. The Forward Delay timer also controls the bridge table age-out period after a change in the active topology. Max Age is the STP timer that controls how long a bridge stores a BPDU before discarding it. Max Age is only an issue when the link failure is not on a directly connected link. When a failure occurs on a directly connected link, the switch knows there will not be any BPDUs coming in on that link, so Max Age is not considered in transitioning the port to Forwarding mode. Recall that each port saves a copy of the best BPDU it has seen. As long as the bridge receives a continuous stream of BPDUs every 2 seconds, the receiving bridge maintains a continuous copy of the BPDU values. However, if the device sending this best BPDU fails, a mechanism must exist to allow other bridges to take over.
QUESTION NO: 75
Refer to the exhibit. What happens when the router stops receiving advertisements for the 10.1.2.0/24 network?
Ac
tua
lTe
sts
.co
63
Cisco 642-892: Practice Exam A. The summary route will remain in the table. B. The more specific routes will be advertised from the table. C. 10.1.2.0/24 will still be advertised but packets destined for it will be dropped when they reach this router. D. The summary route will be removed from the table. Answer: A
QUESTION NO: 76 Refer to the exhibit. Which two statements are true about the output from the show standby vlan 50 command? (Choose two.)
A. The command standby 1 preempt was added to Catalyst_A. B. Catalyst_A is load sharing traffic in VLAN 50. C. Hosts using the default gateway address of 192.168.1.1 will have their traffic sent to 192.168.1.11 even after Catalyst_A becomes available again. D. Hosts using the default gateway address of 192.168.1.2 will have their traffic sent to Catalyst_A. Answer: A,B Explanation: HSRP uses a priority scheme to determine which HSRP-configured router is to be the default active router. To configure a router as the active router, you assign it a priority that is higher than the priority of all the other HSRP-configured routers. The default priority is 100, so if you configure just one router to have a higher priority, that router will be the default active router. HSRP works by the exchange of multicast messages that advertise priority among HSRP"Pass Any Exam. Any Time." - www.actualtests.com 64
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam configured routers. When the active router fails to send a hello message within a configurable period of time, the standby router with the highest priority becomes the active router. The transition of packet- forwarding functions between routers is completely transparent to all hosts on the network. HSRP-configured routers exchange three types of multicast messages:
Hello - The hello message conveys to other HSRP routers the router's HSRP priority and state information. By default, an HSRP router sends hello messages every three seconds.
Coup - When a standby router assumes the function of the active router, it sends a coup message.
Standby - The router is prepared to assume packet-transfer functions if the active router fails.
Speaking and listening - The router is sending and receiving hello messages.
Listening - The router is receiving hello messages. The standby preempt interface configuration command allows the router to become the active router when its priority is higher than all other HSRP-configured routers in this Hot Standby group. The configurations of both routers include this command so that each router can be the standby router for the other router. The 1 indicates that this command applies to Hot Standby group 1. If you do not use the standby preempt command in the configuration for a router, that router cannot become the active router.
QUESTION NO: 77 Refer to the exhibit. Dynamic ARP inspection (DAI) is enabled on switch SW_A only. Both Host_A and Host_B acquire their IP addresses from the DHCP server connected to switch SW_A. What would the outcome be if Host_B initiated an ARP spoof attack toward Host_A ?
Ac
tua
lTe
sts
Active - The router is performing packet-transfer functions.
.co
Resign - A router that is the active router sends this message when it is about to shut down or when a router that has a higher priority sends a hello message. At any time, HSRP-configured routers are in one of the following states:
65
Answer: B
DAI is an ingress security feature; it does not perform any egress checking.
DAI is not effective for hosts connected to routers that do not support DAI or that do not have this feature enabled. Because man-in-the-middle attacks are limited to a single Layer 2 broadcast domain, separate the domain with DAI checks from the one with no checking. This action secures the ARP caches of hosts in the domain enabled for DAI.
DAI depends on the entries in the DHCP snooping binding database to verify IP-to-MAC address bindings in incoming ARP requests and ARP responses. Make sure to enable DHCP snooping to permit ARP packets that have dynamically assigned IP addresses. "Pass Any Exam. Any Time." - www.actualtests.com 66
Ac
Explanation: When configuring DAI, follow these guidelines and restrictions:
tua
lTe
A. The spoof packets will not be inspected at the ingress port of switch SW_A and will be dropped. B. The spoof packets will not be inspected at the ingress port of switch SW_A and will be permitted. C. The spoof packets will be inspected at the ingress port of switch SW_A and will be dropped. D. The spoof packets will be inspected at the ingress port of switch SW_A and will be permitted.
sts
.co
Cisco 642-892: Practice Exam When DHCP snooping is disabled or in non-DHCP environments, use ARP ACLs to permit or to deny packets.
DAI is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports. In our example, since SW_B does not have DAI enabled (bullet point 2 above) packets will not be inspected and they will be permitted. Reference: http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SXF/configuration/guide/dynarp.html
QUESTION NO: 78 Which three WLAN statements are true? (Choose three.) A. A WLAN client will operate in half-duplex mode. B. The Aironet 1230 access point is an example of an access point that operates solely as a lightweight access point. C. Ad hoc mode allows mobile clients to connect directly without an intermediate AP. D. WLANs are designed to share the medium and can easily handle an increased demand of channel contention. E. A lightweight AP receives control and configuration from a WLAN controller to which it is associated. F. Another term for infrastructure mode is independent service set (IBSS).
Explanation: The 802.11 standard specifies a Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) transmit-recieve environment. Therefore, all 802.11 are half-duplex/simplex in nature . Lightweight access points first search for a WLAN controller using LWAPP in Layer 2 mode. Then the access point searches for a WLAN in Layer 3 mode. The control traffic between the access point and the controller is encapsulated with the LWAPP. The control traffic is encrypted via the Advanced Encryption Standard (AES). Lightweight APs need configuration and control information from a WLAN controller
QUESTION NO: 79 Refer to the exhibit. EIGRP is configured with the default configuration on all routers. Autosummarization is enabled on routers R2 and R3, but it is disabled on router R1. Which two EIGRP routes will be seen in the routing table of router R3? (Choose two.)
Ac
tua
Answer: A,C,E
lTe
sts
.co
67
QUESTION NO: 80
A. An IPv6 header has twice as many octets as an IPv4 header. B. An IPv4 header includes a checksum. However, an IPv6 header does not include one. C. An IPv6 header is half the size of an IPv4 header. D. An IPv6 header is simpler and more efficient than an IPv4 header. E. A router has to recompute the checksum of an IPv6 packet when decrementing the TTL. F. The 128-bit IPv6 address makes the IPv6 header more complicated than an IPv4 header. Answer: A,B,D
QUESTION NO: 81 Refer to the exhibit. A network administrator has configured DHCP services on the router as shown. DHCP clients connected to the FastEthernet0/0 interface are working properly. DHCP clients connected to the FastEthernet0/1 interface are not receiving addresses. Which two statements contain recommendations that will solve the problem? (Choose two.) "Pass Any Exam. Any Time." - www.actualtests.com 68
Ac
tua
In a comparison of an IPv4 header with an IPv6 header, which three statements are true? (Choose three.)
lTe
sts
Answer: C,F
.co
A. 172.16.10.0/24 B. 10.0.0.0/8 C. 172.16.0.0/16 D. 172.16.0.0/24 E. 10.10.0.0/16 F. 10.10.10.0/24
Answer: B,D
QUESTION NO: 82 When an IPv6 enabled host boots, it sends a router solicitation (RS) message. An IPv6 router responds with a router advertisement (RA). Which two items are contained in the RA? (Choose two.) A. request for the local host IP address B. IPv6 address for the host C. prefixes for the link D. keepalive timers
Ac
tua
A. The network shown in the output under the ip dhcp pool Central command should be changed to network 10.10.0.0 with a mask of 255.255.255.0. B. A second DHCP pool for network 10.10.0.0/24 should be configured. C. The ip helper-address 10.0.0.1 command should be issued so that the address can be added to the FastEthernet0/0 configuration. D. An ip dhcp excluded-address global configuration command for network 10.10.0.0/24 should be issued. E. The ip helper-address 10.0.0.1 command should be issued so that the address can be added to the FastEthernet0/1 configuration.
lTe
sts
.co
69
Cisco 642-892: Practice Exam E. any route advertisements it has received F. lifetime of the prefix Answer: C,F Explanation: In IP Version 6, Router Advertisements have the following attributes: Routers advertise periodically - Max. time between advertisements can be in the range from 4 and 1800 seconds - The advertisement has a lifetime (= 0 if not a default router) Advertisement contains one or more prefixes - Prefixes have a lifetime Preferred lifetime Valid lifetime Specifies if stateful or stateless autoconfiguration is to be used Plays a key role in site renumbering
QUESTION NO: 83
Answer: A
Explanation: A is correct because, "frames from the native VLAN of an 802.1Q trunk are not tagged with the VLAN number." By default, the native VLAN is VLAN 1 but this can be effectively changed to a different VLAN and the trunk will still be functional. Trunks can be established with router interfaces using sub-interfaces, which are layer 3. Reference: http://www.cisco.com/warp/public/473/27.html
QUESTION NO: 84 Refer to the exhibit. This network is running IS-IS. Router RTC is inside Cloud#1. From the output on RTD, which two statements are true? (Choose two.) "Pass Any Exam. Any Time." - www.actualtests.com 70
Ac
tua
A. In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN. B. The encapsulation type on both ends of the trunk does not have to match. C. 802.1Q trunking can only be configured on a Layer 2 port. D. The native VLAN on both ends of the trunk must be VLAN 1. E. Both switches must be in the same VTP domain.
lTe
Which statement is correct about 802.1Q trunking?
sts
.co
Answer: A,C
QUESTION NO: 85
Which EIGRP packet statement is true? A. Update packets route reliable change information only to the affected routers. B. Reply packets are multicast to IP address 224.0.0.10 using RTP. C. On high-speed links, hello packets are broadcast every 5 seconds for neighbor discovery. D. Reply packets are used to send routing updates. E. On low-speed links, hello packets are broadcast every 15 seconds for neighbor discovery. Answer: A
QUESTION NO: 86
Ac
tua
lTe
A. The SNPA for RTE is the source data link address that is used to transmit frames to RTD. B. Because it is running IS-IS in IP-only mode, RTD will not transmit CLNS packets. C. IP routing updates between RTC and RTD will be CLNS datagrams that are encapsulated by HDLC. D. IP routing updates between RTC and RTD will be IP datagrams that are encapsulated by CLNS. E. The NET for RTE will be 49.0150.0019.06b7.fd5f.00. F. IP routing updates between RTC and RTD will be IP datagrams that are encapsulated by HDLC.
sts
.co
71
Cisco 642-892: Practice Exam Refer to the exhibit. What is the effect on the trust boundary of configuring the command mls qos trust cos on the switch port that is connected to the IP phone?
Answer: E
QUESTION NO: 87 Refer to the exhibit. Router RT-1 chooses one path to network 198.133.219.0/24. Indicate the reason Router RT-1 chooses this "best" path.
Ac
Explanation: Configuring Trusted Boundary: In a typical network, you connect a Cisco IP Phone to a switch port. Traffic sent from the telephone to the switch is typically marked with a tag that uses the 802.1Q header. The header contains the VLAN information and the CoS 3-bit field, which determines the priority of the packet. For most Cisco IP Phone configurations, the traffic sent from the telephone to the switch is trusted to ensure that voice traffic is properly prioritized over other types of traffic in the network. By using the "mls qos trust cos" interface configuration command, you can configure the switch port to which the telephone is connected to trust the CoS labels of all traffic received on that port. Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_19_ea1/config uration/guide/swqos.html
tua
lTe
sts
.co
A. The host is now establishing theCoS value and has effectively become the trust boundary. B. The switch will no longer tag incoming voice packets and will trust the distribution layer switch to set theCoS. C. RTP will be used to negotiate aCoS value based upon bandwidth utilization on the link. D. The switch is rewriting packets it receives from the IP phone and determining theCoS value. E. Effectively the trust boundary has been moved to the IP phone.
72
Answer: D
The following process summarizes how BGP chooses the best route on a Cisco router. Prefer the route with the highest weight. (The weight attribute is proprietary to Cisco and is local to the router only.) If multiple routes have the same weight, prefer the route with the highest local preference value. (The local preference is used within an autonomous system.) If multiple routes have the same local preference, prefer the route that the local router originated. A locally originated route has a next hop of 0.0.0.0 in the BGP table. If none of the routes were locally originated, prefer the route with the shortest autonomous system path. If the autonomous system path length is the same, prefer the lowest origin code (IGP < EGP < incomplete). If all origin codes are the same, prefer the path with the lowest MED. (The MED is exchanged between autonomous systems.) The MED comparison is made only if the neighboring autonomous system is the same for all routes considered, unless the bgp always-compare-med command is enabled If the routes have the same MED, prefer external paths to internal paths. If synchronization is disabled and only internal paths remain, prefer the path through the closest IGP neighbor, which means that the router prefers the shortest internal path within the autonomous system to reach the destination (the shortest path to the BGP next hop). For EBGP paths, select the oldest route to minimize the effect "Pass Any Exam. Any Time." - www.actualtests.com 73
Ac
tua
Explanation: After BGP receives updates about different destinations from different autonomous systems, it chooses the best path to reach a specific destination.
lTe
sts
A. In making its decision about the best path, RT-1 gives precedence to the BGP MED values. B. IP address 128.107.2.2 is lower than 128.107.255.2. C. In making its decision about the best path, RT-1 prefers the IGP metrics. D. In making its decision about the best path, RT-1 gives precedence to the origin code. E. RT-1 prefers internal BGP routes. F. IP address 128.107.254.2 is lower than 128.107.255.2.
.co
Cisco 642-892: Practice Exam of routes going up and down (flapping). Prefer the route with the lowest neighbor BGP router ID value. If the BGP router IDs are the same, prefer the router with the lowest neighbor IP address.
QUESTION NO: 88 Observe the exhibit. If the command variance 3 were added to RTE, which path or paths would be chosen to route traffic to network X?
Answer: D
Explanation: Every routing protocol supports equal cost path load balancing. In addition, Interior Gateway Routing Protocol (IGRP) and EIGRP also support unequal cost path load balancing. Use the variance n command in order to instruct the router to include routes with a metric of less than n times the minimum metric route for that destination. The variable n can take a value between 1 and 128. The default is 1, which means equal cost load balancing. Traffic is also distributed among the links with unequal costs, proportionately, with respect to the metric. Reference: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009437d.shtml
QUESTION NO: 89 Which two statements about 6to4 tunneling are accurate? (Choose two.) "Pass Any Exam. Any Time." - www.actualtests.com 74
Ac
tua
A. E-C-A and E-D-A B. E-B-A, E-C-A and E-D-A C. E-B-A D. E-B-A and E-C-A
lTe
sts
.co
Cisco 642-892: Practice Exam A. 6to4 is a manual tunnel method. B. Prepending 0x2002 with the IPv4 address creates an IPv6 address that is used in 6to4 tunneling. C. Prepending a reserved IPv6 code to the hexadecimal representation of 192.168.0.1 facilitates 6to4 tunneling. D. 2002::/48 is the address range specifically assigned to 6to4. E. Each 6to4 site receives a /48 prefix in a 6to4 tunnel. Answer: B,E
QUESTION NO: 90 Which three statements are true about implementing Cisco wireless LANs? (Choose three.) A. One of the advantages of the lightweight WLAN solution is that the devices act independently. B. Characteristics of antennas are directionality, gain, and polarization. C. LWAPP allows encrypted communication between lightweight access points and WLAN controllers. D. Antenna power is a relative value reference to dBi. E. The WLAN Solution Engine (WLSE) is used to control lightweight access points. F. Power over Ethernet (PoE) is only available when a WLAN controller is integrated into the network. Answer: B,C,D
LWAPP is a draft Internet Engineering Task Force (IETF) standard, authored by Cisco Systems, that standardizes the communications protocol between lightweight access points and WLAN systems such as controllers, switches, and routers. Its goals are to: Reduce the amount of processing within access points, freeing up their computing resources to focus exclusively on wireless access instead offiltering and policy enforcement Enable centralized traffic handling, authentication, encryption , and policy enforcement for an entire WLAN system Provide a generic encapsulation and transport mechanism for multivendor access point interoperability, using either a Layer 2 infrastructure oranIP-routed network When a Cisco LWAPP-enabled access point boots up, it immediately looks for a wireless LAN controller within the network. After it finds a wireless LAN controller, the LWAPP-enabled access "Pass Any Exam. Any Time." - www.actualtests.com 75
Ac
Explanation: DBi is a unit measuring the gain of an antenna. The reference level or dBi is the strength of the signal that would be transmitted by a non-directional isotropic antenna i.e.radiates equally in all directions. This antenna exists as a mathematical concept used only as a known reference to measure antenna gain per dBi. In electronics, the term "gain" is often repeated but misunderstood. Gain implies increase e.g 20 dBi but without respect to where the increase originated.
tua
lTe
sts
.co
Cisco 642-892: Practice Exam point sends out encrypted "neighbor" messages. An antenna gives the wireless system three fundamental properties: gain, direction and polarization. Gain is a measure of increase in power. Gain is the amount of increase in energy that an antenna adds to a radio frequency (RF) signal. Direction is the shape of the transmission pattern. Polarization is the physical orientation of the element on the antenna that actually emits the RF energy. An omnidirectional antenna, for example, is usually a vertical polarized antenna. References: http://wireless-network.wireless-computer-networking.com/dBi.htm http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00807f34d3.shtml
QUESTION NO: 91 What three statements are true for networks that are enabled for voice as well as data traffic? (Choose three.) A. An uptime of 99.999 percent is achieved using a 4-hour service response contract for system problems. B. High availability networks must be created to avoid network congestion and overcome a lack of redundancy and poor engineering. C. Auxiliary VLANs provide the ability to apply QoS to voice traffic without affecting the flow of data from the client PC. D. For ease of implementation, most VoIP phones use in-line power to get power through the same cable on which data is sent. E. The increased costs of voice enabled networks are offset by increased worker productivity. F. Redundant hardware, redundant links, UPS, and proactive network management are data network standards that do not apply to voice networks. Answer: B,C,D
Explanation: When adding voice or video to an existing network, you should examine several things in advance to provide the high level of availability users expect in their phone system: What features are needed?- Power for IP phones, voice VLANs on the switches, network redundancy for high availability, security for voice calls, and Quality of Service (QoS) settings. Electrical power for the IP phones- Use either inline power from Catalyst switch or power patch panel. Need uninterruptible power supply (UPS) with auto-restart, monitoring, and 4-hour response contract. May need generator backup. Maintain correct operating temperatures. Auxiliary (or Voice) VLANs Cisco switches can be configured to dynamically place IP telephones into a VLAN separate from "Pass Any Exam. Any Time." - www.actualtests.com 76
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam the data VLANs. They can do this even when the phone and PC are physically connected to the same switch port. This is called an auxiliary VLAN or a voice VLAN. Voice VLANs allow phones to be dynamically placed in a separate IP subnet from hosts, to have QoS (using 802.1Q/p headers) and security policies applied, and makes troubleshooting easier. Reference: Cisco CCNP BCMSN Quick Reference Sheets, chapter 7, page 53
QUESTION NO: 92 Which two statements about the IS-IS routing protocol are true? (Choose two.) A. IS-IS is only capable of supporting IPv4 and CLNS. B. IS-IS routers use ES-IS hellos (ESH) to establish and to maintain neighbor relationships. C. IS-IS is capable of supporting IPv4 and IPv6. D. Level 2 routers learn about paths both within areas and between areas. E. Level 1 routers learn about paths within the area of which they are a part. F. IS-IS routers run the Bellman-Ford algorithm against their LSDBs to pick the best paths. Answer: C,E
Which two statements correctly describe features of Lightweight Access Point Protocol (LWAPP)? (Choose two.) A. VLAN tagging and QoS markings are applied at the access point. B. Control traffic between an access point and a controller is encrypted within LWAPP. C. Data traffic between an access point and a controller is encapsulated within LWAPP. D. Data traffic between an access point and a controller is encrypted within LWAPP. E. Layer 3 mode packets are transmitted in TCP frames. Answer: B,C Explanation: The LAP and WLC pair use the lightweight access point protocol (LWAPP) as the tunneling mechanism. ? LWAPP control messages-Exchanges that are used to configure the LAP and manage its operation. The control messages are authenticated and encrypted so that the LAP is securely controlled by only the WLC. ? LWAPP data-Packets to and from wireless clients associated with the LAP. The data is encapsulated within LWAPP, but is not encrypted or otherwise secured between the LAP and "Pass Any Exam. Any Time." - www.actualtests.com 77
Ac
tua
lTe
QUESTION NO: 93
sts
.co
Cisco 642-892: Practice Exam WLC. Data traffic between Access Point( AP) and Controller is encapsulated with LWAPP.
QUESTION NO: 94 Which two provide intra-area routing services? (Choose two.) A. L2 ES B. L1 IS C. L1 ES D. L1/L2 IS E. L2 IS
Explanation: An IS-IS network is termed a domain, analogous to an autonomous system (AS) in TCP/IP. The following shows IS-IS within the domain as a two-level hierarchy: Level 1 (L1) ISs, closely equivalent to OSPF internal non-backbone routers, are responsible for routing to ESs inside an area. L1 ISs enable communication between ESs in an area. L1 routers are also referred to as station routers because they enable stations to communicate with each other and the rest of the network. A contiguous group of L1 routers defines an area. The L1 routers maintain the L1 linkstate PDU database (LSPD), which defines the picture of the area itself and the exit points to neighboring areas. Level 2 (L2) ISs, closely equivalent to backbone routers in OSPF, route between areas only. Level 1 and Level 2 (L1L2) Intermediate ISs, closely equivalent to area border routers (ABRs) in OSPF, route between areas and the backbone. They participate in the L1 intra-area routing and the L2 inter-area routing. L1L2 routers support an L1 function to communicate with the other L1 routers in their area and maintain the L1 LSP information in an L1 LSPD. They inform other L1 routers that they are an exit point for the area. They also support an L2 function to communicate with the rest of the backbone and maintain an L2 topology database separately from their L1 LSPD. IS-IS does not share the concept of an Area 0 with OSPF. An IS-IS domain appears as a set of distinct areas interconnected by a chain of L2 routers, weaving their way through and between the Level 1 areas.
QUESTION NO: 95 Refer to the exhibit. Router RTR is attempting to establish BGP neighbor relationships with routers RT1 and RT3. On the basis of the information that is presented in the exhibit, which two statements are true? (Choose two.) "Pass Any Exam. Any Time." - www.actualtests.com 78
Ac
tua
lTe
sts
.co
Answer: B,D
Refer to the exhibit. Routers R1 and R2 are running EIGRP and have converged. On the basis of the information that is presented, which statement is true?
Ac
tua
QUESTION NO: 96
lTe
Answer: A,D
sts
A. RTR has a BGP password set but neighbor 10.0.0.1 does not. B. RTR has a BGP password set but neighbor 10.0.0.5 does not. C. Neighbor 10.0.0.1 has a BGP password set but RTR does not. D. RTR has a BGP password set but neighbor 10.0.0.5 has an incorrect password set. E. RTR has a BGP password set but neighbor 10.0.0.1 has an incorrect password set. F. Neighbor 10.0.0.5 has a BGP password set but RTR does not.
.co
79
Answer: D
Explanation: You can use the passive-interface command to control the advertisement of routing information. The command enables the suppression of routing updates over some interfaces while it allows updates to be exchanged normally over other interfaces. With most routing protocols, the passive-interface command restricts outgoing advertisements only. However, when used with Enhanced Interior Gateway Routing Protocol (EIGRP), the effect is slightly different. With EIGRP running on a network, the passive-interface command stops both outgoing and incoming routing updates, since the effect of the command causes the router to stop sending and receiving hello packets over an interface. Reference: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f0a.shtml
QUESTION NO: 97 "Pass Any Exam. Any Time." - www.actualtests.com 80
Ac
tua
A. All outgoing routing updates from router R1 to router R2 will be suppressed, but the inbound updates will continue to be received. B. All incoming routing updates from R2 will be suppressed, but the outgoing updates will continue to be sent. C. Both outgoing and incoming routing updates on R1 will be permitted because the distribute-list 20 out Serial0/0 command cannot be used with association with the outgoing interface. D. Both outgoing and incoming routing updates on R1 will be stopped because of the passiveinterface Serial0/0 configuration statement.
lTe
sts
.co
Cisco 642-892: Practice Exam Refer to the show interface Gi0/1 switchport command output shown in the exhibit. Which two statements are true about this interface? (Choose two.)
Answer: C,D Explanation: In Exhibit, Operation mode is in static access and Access mode VLAN is 7 so it means this port is operating on access mode as a member of VLAN 7.
QUESTION NO: 98 Refer to the exhibit. Which switch interface configuration command would automatically configure quality of service (QoS) for voice over IP (VoIP) within a QoS domain? "Pass Any Exam. Any Time." - www.actualtests.com 81
Ac
A. This interface is a member of a voice VLAN. B. This interface is a dot1q trunk passing all configured VLANs. C. This interface is a member of VLAN7. D. This interface is configured for access mode. E. This interface is a member of VLAN1.
tua
lTe
sts
.co
A. mls qos trust B. switchport priority extend cos 7 C. switchport priority extend trust D. auto qos voip cisco-phone Answer: D Explanation: You can use the auto-QoS feature to simplify the deployment of existing QoS features. Auto-QoS makes assumptions about the network design, and as a result, the switch can prioritize different traffic flows and appropriately use the ingress and egress queues instead of using the default QoS behavior. (The default is that QoS is disabled. The switch then offers best-effort service to each packet, regardless of the packet contents or size, and sends it from a single queue.) When you enable auto-QoS, it automatically classifies traffic based on the traffic type and ingress packet label. The switch uses the resulting classification to choose the appropriate egress queue. When you enable auto-QoS by using the auto "qos voip cisco-phone", the "auto qos voip ciscosoftphone", or the "auto qos voip trust" interface configuration command, the switch automatically generates a QoS configuration based on the traffic type and ingress packet label and applies the appropriate commands automatically. Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_40_se/configur ation/guide/swqos.html#wp1231112
QUESTION NO: 99 What technique should be used on BGP edge routers to prevent a multi-homed autonomous system from becoming a transit system? A. Set the no-export community attribute on all networks that are advertised externally. B. Advertise with a high MED value all networks that are discovered via external BGP. C. Only advertise networks externally if they have been discovered via internal BGP. D. Use an outgoing distribution list to filter all networks not originating from inside the autonomous system. E. Remove the AS-Path information on all routes in the BGP table prior to advertising externally. F. Set the origin code to incomplete for all networks that are discovered via external BGP. "Pass Any Exam. Any Time." - www.actualtests.com 82
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam Answer: D Explanation: The minimum configuration that guarantees you won't become a transit AS is shown in the following example: router bgp 65000 neighbor 10.1.1.1 filter-list 1 out ! ip as-path access-list 1 permit ^$ In this example, the outgoing filter list says that all traffic not sourced from the local AS, should not be advertiseD. This will prevent the announcement of routes that originated from other Autonomous Systems, and prevent traffic destined for networks in another AS from going through your AS. This is useful real-world information to know and if you configure your network with BGP in a multi-homed environmet, odds are good that you will want to implement this kind of filter.
QUESTION NO: 100
What can be determined about the HSRP relationship from the displayed debug output?
A. Router 172.16.11.111 will be the active router because its HSRP priority is preferred over router 172.16.11.112. B. The IP address 172.16.11.112 is the virtual HSRP router IP address. C. The nonpreempt feature is enabled on the 172.16.11.112 router. D. The IP address 172.16.11.111 is the virtual HSRP router IP address. E. Router 172.16.11.112 will be the active router because its HSRP priority is preferred over router 172.16.11.111. F. The preempt feature is not enabled on the 172.16.11.111 router. Answer: F
Ac
tua
lTe
sts
.co
83
Cisco 642-892: Practice Exam Explanation: The standby preempt interface configuration command allows the router to become the active router when its priority is higher than all other HSRP-configured routers in this Hot Standby group. The configurations of both routers include this command so that each router can be the standby router for the other router. The 1 indicates that this command applies to Hot Standby group 1. If you do not use the standby preempt command in the configuration for a router, that router cannot become the active router.
QUESTION NO: 101 Which statement is true about Protocol Independent Multicast Dense Mode (PIM DM) multicast routing? A. The (S,G) state exists in every router, regardless of the presence of an RPF interface. B. Flooding of traffic only occurs in the beginning stages of routing. Afterwards, all necessary ports are pruned and multicast traffic is not sent across those interfaces. C. PIM DM supports shared distribution trees. D. If a port is pruned, the administrator must re-enable the port to support multicast traffic. Answer: A
QUESTION NO: 102
A. eigrp stub connected B. eigrp stub connected static C. eigrp stub summary D. eigrp stub E. eigrp stub receive-only Answer: D
QUESTION NO: 103 EIGRP is configured to run across serial interfaces. What will EIGRP assume about the speed of the serial links if the bandwidth command is not used? A. EIGRP will not use any bandwidth value for route calculations. "Pass Any Exam. Any Time." - www.actualtests.com 84
Ac
tua
A network administrator would like to configure an EIGRP router as a stub router that advertises directly connected and summary routes only. What command must the administrator issue to accomplish this?
lTe
sts
.co
Cisco 642-892: Practice Exam B. EIGRP will assume that the link is the default speed of 128 kb/s. C. EIGRP will assume that the bandwidth value is the actual speed of the interface. D. EIGRP will assume that the link is the default speed of 768 kb/s. E. EIGRP will assume the default speed of a T1 link. Answer: E
QUESTION NO: 104 Refer to the exhibit. OSPF has been configured on all routers in the network and Area 1 has been configured as a NSSA. Which statement is true about the NSSA Area 1?
Answer: A
QUESTION NO: 105 Refer to the exhibit. Based upon the information that is given, how will voice traffic from the phone and data traffic from the PC be handled by SW_1?
Ac
A. Only redistributed IGRP routes will appear in Area 1. They will be advertised via type 7 LSAs. B. Redistributed RIP and IGRP routes will appear in Area 1. They will be advertised via type 5 LSAs. C. No redistributed routes can appear in Area 1, only summary routes. D. Only redistributed RIP routes will appear in Area 1. They will be advertised via type 7 LSAs.
tua
lTe
sts
.co
85
Answer: A
Explanation: In a typical network, you connect a Cisco IP Phone to a switch port. Traffic sent from the telephone to the switch is typically marked with a tag that uses the 802.1Q header. The header contains the VLAN information and the CoS 3-bit field, which determines the priority of the packet. For most Cisco IP Phone configurations, the traffic sent from the telephone to the switch is trusted to ensure that voice traffic is properly prioritized over other types of traffic in the network. By using the mls qos trust cos interface configuration command, you can configure the switch port to which the telephone is connected to trust the CoS labels of all traffic received on that port. After you enter the mls qos trust cos command, the DSCP values are changed according to the default values, which are listed below:
Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_19_ea1/config uration/guide/swqos.html
QUESTION NO: 106
Ac
tua
lTe
sts
.co
A. The switch port will trust theCoS value of the ingress voice and data traffic that comes into the switch port. B. The switch port will trust theCoS value of the ingress data traffic. Voice traffic will be marked at the switch port with the default CoS value. C. The switch port will perform marking for the ingress voice and data traffic by using the defaultCoS value at the switch port. D. The switch port will trust theCoS value of the ingress voice traffic. Data traffic will be marked at the switch port with the default CoS value.
86
Cisco 642-892: Practice Exam Refer to the exhibit. What is the problem with this configuration?
Answer: B
Explanation: These are the voice VLAN configuration guidelines according to Cisco:
You should configure voice VLAN on switch access ports.
The voice VLAN should be present and active on the switch for the IP phone to correctly communicate on the voice VLAN.
The Port Fast feature is automatically enabled when voice VLAN is configured. When you disable voice VLAN, the Port Fast feature is not automatically disabled.
Ac
tua
A. Spanning tree PortFast cannot be configured on a port where a voice VLAN is configured. B. Sticky secure MAC addresses cannot be used on a port when a voice VLAN is configured. C. The switch port must be configured as a trunk. D. Spanning tree PortFast cannot be configured on a port when a sticky secure MAC address is used.
lTe
sts
.co
87
Cisco 642-892: Practice Exam When you enable port security on an interface that is also configured with a voice VLAN, you must set the maximum allowed secure addresses on the port to at least two plus the maximum number of secure addresses allowed on the access VLAN. When the port is connected to a Cisco IP phone, the IP phone requires up to two MAC addresses. The address of the IP phone is learned on the voice VLAN, and it might or might not be learned on the access VLAN. Connecting a PC to the IP phone requires additional MAC addresses.
If any type of port security is enabled on the access VLAN, dynamic port security is automatically enabled on the voice VLAN.
You cannot configure port security on a per-VLAN basis.
QUESTION NO: 107
Refer to the exhibit. What two statements are true? (Choose two.)
A. The IP address of the backup designated router (BDR) is FE80::205:5FFF:FED3:5808. B. This is the designated router (DR) on the FastEthernet 0/0 link. C. Interface FastEthernet 0/0 was configured with the ipv6 ospf 1 area 1 command. D. OSPF version 2 has been enabled to support IPv6. E. The output was generated by the show ip interface command. F. The router was configured with the commands: router ospf 1 network 172.16.6.0 0.0.0.255 area 1 "Pass Any Exam. Any Time." - www.actualtests.com 88
Ac
tua
lTe
sts
.co
You cannot configure static secure or sticky secure MAC addresses on a voice VLAN. Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst2940/software/release/12.1_22_ea2/config uration/guide/swvoip.html
Cisco 642-892: Practice Exam Answer: A,C Explanation: OSPFv3 supports IPv6. The configuration of OSPFv3 is not a subcommand mode of the router ospf command as it is in OSPFv2 configuration. For example, instead of using the network area command to identify networks that are part of the OSPFv3 network, the interfaces are directly configured to specify that IPv6 networks are part of the OSPFv3 network. The following describes the steps to configure OSPF for IPv6:
A. When voice VLANs are configured on a trunk link, UplinkFast must alsobe enabled. B. Voice VLANs are configured to enable the switch to forward frames marked with the properCoS values over separate physical links. C. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port. D. Enabling voice VLANs enables the switch to create multiple queues for traffic that is entering a port. E. Enabling voice VLANs enables the switch to forward frames with a specific 802.1P marking. Answer: C,E
QUESTION NO: 109 What are three examples of call control signaling? (Choose three.) A. MGCP B. G.729 C. SIP
Ac
tua
lTe
Which two statements are true about the operation of voice VLANs on a Catalyst switch? (Choose two.)
sts
QUESTION NO: 108
.co
There are several commonly used OSPFv3 show commands, including the show ipv6 ospf [ process-id ] [ area-id ] interfacee [ interface ] command.
89
Cisco 642-892: Practice Exam D. G.711 E. H.323 F. RTP Answer: A,C,E Explanation: Call Control Signaling: Packets belonging to one of several protocols-those used to set up, maintain, tear down, or redirect a call, depending upon call endpoints. Examples are H.323, Media Gateway Control Protocol (MGCP), and SIP (Session Initiation Protocol)
QUESTION NO: 110
What does the global configuration command ip arp inspection vlan 10-12,15 accomplish? A. intercepts all ARP requests and responses on trusted ports B. validates outgoing ARP requests for interfaces configured on VLAN 10, 11, 12, or 15 C. discards ARP packets with invalid IP-to-MAC address bindings on trusted ports D. intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings Answer: D Explanation: The "ip arp inspection" command enables Dynamic ARP Inspection (DAI) for the specified VLANs. DAI is a security feature that validates Address Resolution Protocol (ARP) packets in a network. DAI allows a network administrator to intercept, log, and discard ARP packets with invalid MAC address to IP address bindings. This capability protects the network from certain "man-inthe-middle" attacks. Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/20ew/configuration/guide/dynarp "Pass Any Exam. Any Time." - www.actualtests.com 90
Ac
tua
QUESTION NO: 111
lTe
Answer: B
sts
A. Specific addresses can be selected using a prefix list. B. Specific addresses cannot be selected for importation into the OSPF process. C. Specific addresses can be selected using a route map. D. Specific addresses can be selected using an ACL.
.co
In IPv6, the interfaces running OSPF can be configured with multiple address prefixes. Which statement is true about the IPv6 addresses that can be included into the OSPF process?
Cisco 642-892: Practice Exam .html
QUESTION NO: 112 Refer to the exhibit. Assume that Switch_A is active for the standby group and the standby device has only the default HSRP configuration. What conclusion is valid?
Answer: D
Switch( config-if)# standby group track type mod/num [decrementvalue] By default, the decrement value for an interface is 10. So, when fa1/1 on Switch_A goes down, the priority will be decreased by 10 from 200 to 190.
QUESTION NO: 113 If no metric is specified for the routes being redistributed into IS-IS, what metric value is assigned to the routes? A. 0 B. 1 C. 20 D. 10
Ac
tua
Explanation: HSRP has a mechanism for detecting link failures and swaying the election, giving another router an opportunity to take over the active role. When a specific interface is tracked, HSRP reduces the router's priority by a configurable amount as soon as the interface goes down.
lTe
sts
.co
A. If port Fa1/1 on Switch_A goes down, the standby device will take over as active. B. If the current standby device were to have the higher priority value, it would take over the role of active for the HSRP group. C. If Switch_A had the highest prioritynumber, it would not take over as active router. D. If port Fa1/1 on Switch_A goes down, the new priority value for the switch would be 190.
91
Cisco 642-892: Practice Exam Answer: A
QUESTION NO: 114 Refer to the exhibit. On the basis of the output, what two conclusions can be reached? (Choose two.)
Answer: A,E
Explanation: Verifying IS-IS Configuration To verify the IS-IS configuration and IP functionality of an Integrated IS-IS network, use the following commands; these commands can also be useful for troubleshooting problems with the IS-IS network: show ip protocols- Displays the active IP routing protocols, the interfaces on which they are active, and the networks for which they are routing. show ip route [address [mask]] | [protocol [process-id]]- Displays the IP routing table. You can specify the details for a particular route or a list of all routes in the routing table from a particular routing protocol process. Example 6-3 is sample output from the show ip protocols command that displays information about IP routing being done by Integrated IS-IS. IS-IS is running, it is not redistributing any other protocols, and address summarization has not been configured. Example 6-3 also shows that interfaces FastEthernet 0/0, Loopback 0, and Serial 0/0/1 are taking part in Integrated IS-IS, that there are two sources of routing information (the neighboring routers), and that the administrative "Pass Any Exam. Any Time." - www.actualtests.com 92
Ac
tua
A. There are two neighboring routers sendingIS-IS routing information. B. IS-IS is not enabled. C. The default administrative distance has been changed. D. Address summarization is configured. E. IS-IS is not redistributing any other routing protocols. F. Three physical interfaces are taking part in integrated IS-IS.
lTe
sts
.co
Cisco 642-892: Practice Exam distance of Integrated IS-IS is 115. Example 6-3, "show ip protocols" Command to Examine IS-IS: Reference : Authorized Self-Study Guide Building Scalable Cisco Internetworks (BSCI), Third Edition http://safari.ibmpressbooks.com/1587052237/ch06lev1sec4
QUESTION NO: 115 Which two WLAN client utility statements are true? (Choose two.) A. The Microsoft Wireless Configuration Manager can be configured to display the Aironet System Tray Utility (ASTU) icon in the Windows system tray. B. In a Windows XP environment, a client adapter can only be configured and managed with the Microsoft Wireless Configuration Manager. C. The Aironet Desktop Utility (ADU) can be used to enable or disable the adapter radio and to configure LEAP authentication with dynamic WEP. D. The Cisco Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can both be enabled at the same time to setup WLAN client cards. Answer: A,C
Explanation: Enable/Disable Radio: On the ADU, this option enables you to disable or enable the client adapter's radio. Disabling the radio prevents the adapter from transmitting RF energy. You might want to disable the client adapter's radio in the following situations: You are not transmitting data and want to conserve battery power. You are using a laptop on an airplane and want to prevent the adapter's transmissions from potentially interfering with the operation of certain devices. ASTU is an optional application that provides a small subset of the features available through ADU. Specifically, it enables you to access status information about your client adapter and perform basic tasks. ASTU is accessible from an icon in the Windows system tray, making it easily accessible and convenient to use. The ASTU icon appears only if a client adapter is installed in your computer and you did not disable ASTU during installation. Reference: http://www.cisco.com/en/US/docs/wireless/wlan_adapter/cb21ag/user/1.0/configuration/guide/khic g1.pdf
QUESTION NO: 116
Ac
tua
lTe
sts
.co
93
Cisco 642-892: Practice Exam Which three statements are true about EIGRP route summarization? (Choose three.) A. The ip summary-address eigrp command generates a default route with an AD of 90. B. Manual route summarization is configured on the interface. C. The ip summary-address eigrp command generates a default route with an AD of 5. D. When manual summarization is configured, the router immediately creates a route that point to null0 interface. E. Manual route summarization is configured in router configuration mode when the router is configured for EIGRP routing. F. When manual summarization is configured, EIGRP will advertise the summary address out the interface with a metric equal to the minimum of all more specific routes. Answer: B,D,F Explanation: The purpose of route summarization is small routing tables, smaller updates. On major network boundaries, subnetworks are summarized to a single classful network and automatic route summarization is enabled by default. Manual route summarization can be configured on per interface basis. When summarization is configured on an interface, the router immediately creates a route pointing to null0. Route summarization works in conjunction with the ip summary-address eigrp interface configuration command, in which additional summarization can be performed. If automatic summarization is in effect, there usually is no need to configure network level summaries using the ip summary-address eigrp command. You can configure a summary aggregate address for a specified interface. If there are any more specific routes in the routing table, EIGRP will advertise the summary address out the interface with a metric equal to the minimum of all more specific routes. Reference: http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1ceigrp.html
QUESTION NO: 117
Refer to the exhibit. Based upon the information in the exhibit, which statement is true?
Ac
tua
lTe
sts
.co
94
Answer: B
The Cisco IOS DHCP relay agent is enabled on an interface only when the ip helper-address is configured. If multiple helper-addresses are configured, it tries to get response from first, if no response got from the first helper address then sends the request to second one.
Ac
Explanation: A DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay agents receive DHCP messages and then generate a new DHCP message to send out on another interface. The agents forward requests and replies between clients and servers when they are not on the same physical subnet.
tua
lTe
A. To complete this configuration, the R2 fa0/0 interface must be configured with the ip helperaddresses command. B. R1 will forward DHCP requests to 192.168.100.1. If there is no response, R1 will then forward the requests to 192.168.200.1. C. DHCP requests from the host will be rebroadcasted to R2. D. R1 will forward all DHCP requests to both 192.168.100.1 and 192.168.200.1 as unicast messages. E. To complete this configuration, the R1 fa0/0 interface must be configured with the ip helperaddresses command.
sts
.co
95
Answer:
Explanation:
Ac
tua
lTe
sts
.co
96
QUESTION NO: 119 What are three characteristics of the wireless repeater topology? (Choose three.) A. Lightweight access points are required. B. The recommended overlap of the access point on the wired LAN and the wireless repeater is 25%. C. The recommended overlap of the access point on the wired LAN and the wireless repeater is 50%. D. The SSID of the root access point must be configured on the repeater access point. E. Autonomous access points are required. F. The SSID of the root access point must be distinct from that of the repeater access point.
Part of the configuration guide for setting up the wireless AP states: In the next step, designate this SSID as an infrastructure SSID. !--- If you created an infrastructure SSID on the root AP, !--- create the same SSID on the repeater. Reference: http://www.cisco.com/en/US/products/hw/wireless/ps441/products_tech_note09186a00805190f1.s html
Ac
Explanation: Use APs in Repeater Mode You can configure APs to act as repeaters. In this mode, the AP is not connected to the wired LAN. Instead, the AP is placed within the radio range of the AP that is connected to the wired LAN (the root AP). In this scenario, the repeater AP associates with the root AP, and extends the range of the radio coverage area. This enables Wireless Clients that reside away from the root AP to gain access to the WLAN network. You can configure either the 2.4 GHz radio or the 5 GHz radio as a repeater. In APs with two radios, only one radio can be a repeater. You must configure the other radio as a root radio. When you configure an AP as a repeater, the Ethernet port on that AP does not forward traffic. The advantage with the repeater mode in APs is that this mode helps to extend the radio coverage area of a WLAN in situations where connectivity to the wired LAN is not possible. Also, there must be a fifty percent overlap in coverage area with the root AP for the repeater mode to function.
tua
lTe
sts
.co
Answer: C,D,E
97
Cisco 642-892: Practice Exam QUESTION NO: 120 Which two statements about HSRP priority are true? (Choose two.) A. To assign the HSRP router priority in a standby group, the standby group-number priority priority-value global configuration command must be used. B. The no standby priority command assigns a priority of 100 to the router. C. When two routers in an HSRP standby group are configured with identical priorities, the router with the highest configured IP address will become the active router. D. Assuming that preempting has also been configured, the router with the lowest priority in an HSRP group would become the active router. E. The default priority of a router is zero (0). Answer: B,C Explanation: HSRP election is based on a priority value (0 to 255) that is configured on each router in the group. By default, the priority is 100. The router with the highest priority value (255 is highest) becomes the active router for the group. If all router priorities are equal or set to the default value, the router with the highest IP address on the HSRP interface becomes the active router.
QUESTION NO: 121
What are two rules for compacting IPv6 addresses? (Choose two.) A. The leading zeroes in any 16-bit segment do not have to be written. B. Two zeroes in the middle of any 16-bit segment do not have to be written. C. Any single, continuous string of one or more 16-bit segments that consists of all zeroes can be represented with a double colon. D. The trailing zeroes in any 16-bit segment do not have to be written. E. The maximum number of times a double colon can replace a 16-bit segment that consists of all zeroes is two. F. Every 16-bit segment segment that consists of all zeroes can be represented with a single colon. Answer: A,C
QUESTION NO: 122 Refer to the exhibit. What type of message will be used by the lightweight access point (LAP) in an attempt to locate the wireless LAN controller (WLC)?
Ac
tua
lTe
sts
.co
98
Answer: C Explanation:
Here is an example. Assume that, in the subnet 172.16.1.0/16, you have an LAP that is already registered with the WLC, and OTAP is enabled on the WLC. When the new LAP in the 192.168.1.0/24 subnet comes up, the LAP looks for a DHCP server and gets an IP address (if no assignment was made previously with a static IP address). The LAP then sends out a discovery request to the local subnet. Because in this scenario there is no WLC in the local subnet, the LAP tries to use OTAP in order to discover WLCs. The LAP listens to neighbor messages that are sent over the air by the LAPs (in the 172.16.1.0/16 subnet) that are already registered and looks for WLC IP addresses. From the list of WLC IP addresses that the new LAPs learn from the neighbor "Pass Any Exam. Any Time." - www.actualtests.com 99
Ac
tua
lTe
sts
.co
A. The LAP will send out a DHCP request. In return, the DHCP server will provide the IP addresses for the LAP and the WLC. B. The LAP will send out a DNS request. In return, the DNS server will provide the WLC domain name. C. The LAP will send out a Layer 3 LWAPP discovery request to the WLC on the wireless network. D. The LAP will send out a Layer 2 LWAPP discovery request to the WLC on the wireless network.
Cisco 642-892: Practice Exam messages, the new LAPs send out a Layer 3 LWAPP discovery request to the WLCs . The WLCs that receive this discovery request respond with a Layer 3 LWAPP discovery response. Reference: http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml#t opic2
QUESTION NO: 123 Which type of IGMP message is sent when a network client wants to join a multicast group? A. host membership notification B. host membership report C. host membership status D. host membership query Answer: B
QUESTION NO: 124
Answer: C Explanation: The show ip eigrp traffic command displays the number of Enhanced IGRP (EIGRP) packets sent and received. Example: The following is sample output from the show ip eigrp traffic command: Router# show ip eigrp traffic IP-EIGRP Traffic Statistics for process 77 Hellos sent/received: 218/205 Updates sent/received: 7/23 "Pass Any Exam. Any Time." - www.actualtests.com
Ac
A. show ip eigrp interfaces B. debug ip eigrp C. show ip eigrp traffic D. debug eigrp packets
tua
Which command will display EIGRP packets sent and received, as well as statistics on hello packets, updates, queries, replies, and acknowledgments?
lTe
sts
Explanation: When a host wants to join a multicast group it sends an unsolicited Host Membership Report to the All-hosts Group Address 224.0.0.1
.co
100
Cisco 642-892: Practice Exam Queries sent/received: 2/0 Replies sent/received: 0/2 Acks sent/received: 21/14 Reference :http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_command_reference_chapter 09186a00800ca5a9.html#wp1018815
QUESTION NO: 125 Refer to the exhibit. Which two statements are true? (Choose two.)
A. The eigrp stub command prevents queries from being sent from R2 to R1. B. Router R1 will advertise connected and static routes. The sending of summary routes will not be permitted. C. The eigrp stub command will automatically enable summarization of routes on R2. D. Router R1 will advertise connected and summary routes only. E. Router R1 is configured as a receive-only neighbor and will not send any connected, static, or summary routes. F. The eigrp stub command prevents all routes except a default route from being advertised to R1. Answer: A,D
Ac
tua
lTe
sts
.co
101
Cisco 642-892: Practice Exam QUESTION NO: 126 How is the designated querier elected in IGMPv2? A. The host with the lowest MAC address on a segment is designated. B. The first router to appear on a subnet is designated. C. The host that responds first to the election query is designated. D. The router with the lowest IP address on a subnet is designated. Answer: D Explanation: Multicast routers send host membership query messages (host query messages) to discover which multicast groups have members on the attached networks of the router. Hosts respond with IGMP report messages indicating that they want to receive multicast packets for specific groups (that is, indicating that the host wants to become a member of the group). Host query messages are addressed to the all-hosts multicast group, which has the address 224.0.0.1, and has an IP time-to-live (TTL) value of 1. The designated router for a LAN is the only router that sends IGMP host query messages:
For IGMP Version 1, the designated router is elected according to the multicast routing protocol that runs on the LAN.
QUESTION NO: 127
Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on both switch S2 and S5. The global configuration command spanning-tree uplinkfast has been configured on both switch S2 and S5. The link between switch S4 and S5 fails. Will Host A be able to reach Host B?
Ac
tua
For IGMP Version 2, the designated querier is the lowest IP-addressed multicast router on the subnet . If the router hears no queries for the timeout period (controlled by the ip igmp queriertimeout command), it becomes the querier. Reference: http://www.cisco.com/en/US/docs/ios/ipmulti/command/reference/imc_02.html#wp1012967
lTe
sts
.co
102
Answer: E
Explanation: The BPDU filtering feature can be globally enabled on the switch or can be enabled per interface, but the feature operates with some differences. At the global level, you can enable BPDU filtering on Port Fast-enabled ports by using the spanning-tree portfast bpdufilter default global configuration command. This command prevents ports that are in a Port Fast-operational state from sending or receiving BPDUs . The ports still send a few BPDUs at link-up before the switch begins to filter outbound BPDUs. You should globally enable BPDU filtering on a switch so that hosts connected to these ports do not receive BPDUs. If a BPDU is received on a Port Fast-enabled port, the port loses its Port Fast-operational status, and BPDU filtering is disabled. At the interface level, you can enable BPDU filtering on any port by using the spanning-tree bpdufilter enable interface configuration command without also enabling the Port Fast feature. This command prevents the port from sending or receiving BPDUs.
QUESTION NO: 128 Refer to the exhibit. Which two statements are true about the required switch configurations to support a voice VLAN? (Choose two.)
Ac
tua
lTe
sts
.co
A. No. Traffic will loop back and forth between switch S5 and S2. B. No. Traffic willeither pass from switch S6 to to S5 and dead-end, or traffic will pass from switch S6 to S3 to S2 and dead-end. C. Yes. Traffic can pass either from switch S6 to S3 to S2 to S1, or, from switch S6 to S5 to S2 to S1. D. No. Traffic will pass from switch S6 to S5 and dead-end at interface Gi 0/0. E. Yes. Traffic will pass from switch S6 to S3 to S2 to S1.
103
Answer: C,E
QUESTION NO: 129
Ac
Refer to the exhibit. Which statement is true about the configuration?
tua
lTe
Explanation: CDP (Cisco Discovery Protocol) must be enabled on switch port connected to IP Phone to recognize the IP Phone by switch and enable Port Fast to bring switch port directly from blocking to forwarding state. The Port Fast feature is automatically enabled when voice VLAN is configured. When you disable voice VLAN, the Port Fast feature is not automatically disabled.
sts
.co
A. CDP must be disabled on the switch port to prevent interference between CDP messages and voice traffic. B. Port security cannot be configured on a port that is configured for a voice vlan. C. CDP must be enabled on the switch port to allow configuration information to be passed to the IP phone. D. Static secure MAC addresses should be configured on voice vlan ports to prevent access by devices other than IP phones. E. Portfast must be enabled on the switch port. F. 802.1x authentication cannot be configured on a port configured for a voice vlan.
104
QUESTION NO: 130 Which statement is true about 802.1x port-based authentication? A. Before transmitting data, an 802.1x host must determine the authorization state of the switch. B. Hosts are required to havea 802.1x authentication client or utilize PPPoE. C. RADIUS is the only supported authentication server type. D. If a host initiates the authentication process and does not receive a response, it assumes it is not authorized. Answer: C
Ac
Answer: B
tua
A. Hosts belonging to DHCP pool 1 and pool 2 will retain their IP settings for 30 hours before they must renew. B. Hosts in the 10.10.20.0/24 subnet will use 10.10.20.50 as its DNS server. C. Hosts will receive IP settings from pool 1 until the addresses run out, and then hosts will receive the settings from pool 2. D. DHCP pool 0 needs to have the ip dhcp excluded-address command to exclude the default router and DNS servers.
lTe
sts
.co
105
Cisco 642-892: Practice Exam Explanation: The IEEE 802.1x standard defines a port-based access control and authentication protocol that restricts unauthorized workstations from connecting to a LAN through publicly accessible switch ports. The authentication server authenticates each workstation that is connected to a switch port before making available any services offered by the switch or the LAN. Until the workstation is authenticated, 802.1x access control allows only Extensible Authentication Protocol over LAN (EAPOL) traffic through the port to which the workstation is connected. After authentication succeeds, normal traffic can pass through the port. Authentication server: Performs the actual authentication of the client. The authentication server validates the identity of the client and notifies the switch whether or not the client is authorized to access the LAN and switch services. Because the switch acts as the proxy, the authentication service is transparent to the client. The RADIUS security system with Extensible Authentication Protocol (EAP) extensions is the only supported authentication server.
QUESTION NO: 131
Ac
tua
lTe
sts
Refer to the exhibit. All multilayer switches are running PIM dense mode. Recipient A and Recipient B are sending IGMPv2 join messages to their respective multilayer switches. Which statement is true?
.co
106
A. The Multicast Server is the root of the multicast tree. Switches 4 and 5 will participate in the multicast tree once pruning has taken place. B. Switch 1 is the root of the multicast tree. Switches 1,4, and 5 will participate in the multicast tree once pruning has taken place. C. Switch 3 is the root of the multicast tree. Switches 3,4, and 5 will participate in the multicast tree once pruning has taken place. D. Switch 3 is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the multicast tree once pruning has taken place. E. Switch 1 is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the multicast tree once pruning has taken place. F. The Multicast Server is the root of the multicast tree. Switches 1,3,4, and 5 will participate in the multicast tree once pruning has taken place. Answer: F "Pass Any Exam. Any Time." - www.actualtests.com 107
Ac
tua
lTe
sts
.co
QUESTION NO: 132 When the passive-interface command is used on a router, which two routing protocols will continue to receive routing updates on an interface that is configured as passive? (Choose two.) A. RIPv2 B. OSPF C. EIGRP D. RIP Answer: A,D Explanation: You can use the passive-interface command to control the advertisement of routing information. The command enables the suppression of routing updates over some interfaces while it allows updates to be exchanged normally over other interfaces. With most routing protocols, such as RIP version 1 and 2, the passive-interface command restricts outgoing advertisements only. However, when used with Enhanced Interior Gateway Routing Protocol (EIGRP) and OSPF, the effect is slightly different. The use of the passive-interface command in EIGRP suppresses the exchange of hello packets between two routers, which results in the loss of their neighbor relationship. This stops not only routing updates from being advertised, but it also suppresses incoming routing updates. The same is true for OSPF. To stop routers from becoming OSPF neighbors on a particular interface, issue the passive-interface command at the interface. References: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f0a.shtml http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a0080094704.shtml
QUESTION NO: 133
Which three statements are true regarding the above diagram? (Choose three.)
Ac
tua
lTe
sts
.co
108
Answer: A,B,D
Explanation: You can manually configure trunk links on Catalyst switches for either ISL or 802.1Q mode. In addition, Cisco has implemented a proprietary, point-to-point protocol called Dynamic Trunking Protocol (DTP) that negotiates a common trunking mode between two switches. The negotiation covers the encapsulation (ISL or 802.1Q) as well as whether the link becomes a trunk at all. You can configure the trunk encapsulation with the switchport trunk encapsulation command, as one of the following: isl - VLANs are tagged by encapsulating each frame using the Cisco ISL protocol. dot1q -VLANs are tagged in each frame using the IEEE 802.1Q standard protocol. The only exception is the native VLAN, which is sent normally and not tagged at all. negotiate (the default)-The encapsulation is negotiated to select either ISL or IEEE 802.1Q, whichever is supported by both ends of the trunk. If both ends support both types, ISL is favored. (The Catalyst 2950 switch does not support ISL encapsulation.) In the switchport mode command, you can set the trunking mode to any of the following: trunk This setting places the port in permanent trunking mode. The corresponding switch port at the other end of the trunk should be similarly configured because negotiation is not allowed. You should also manually configure the encapsulation mode. dynamic desirable (the default)-The port actively attempts to convert the link into trunking mode. If the far-end switch port is configured to trunk , dynamic desirable , or dynamic auto mode, trunking is successfully negotiated. dynamic auto -The port converts the link into trunking mode. If the far-end switch port is configured to trunk or dynamic desirable , trunking is negotiated. Because of the passive negotiation behavior, the link "Pass Any Exam. Any Time." - www.actualtests.com
Ac
tua
lTe
sts
A. A trunk link will be formed. B. The native VLAN for Switch B is vlan 1. C. Only VLANs 1-1001 will travel across the trunk link. D. DTP packets are sent from Switch B. E. DTP is not running on Switch A.
.co
109
Cisco 642-892: Practice Exam never becomes a trunk if both ends of the link are left to the dynamic auto default.
QUESTION NO: 134 Refer to the exhibit. Based upon the debug output that is shown, which three statements about HSRP are true? (Choose three.)
Answer: B,D,E
Explanation: Each router in an HSRP group has its own unique IP address assigned to an interface. This address is used for all routing protocol and management traffic initiated by or destined to the router. In addition, each router has a common gateway IP address, the virtual router address, that is kept alive by HSRP. This address is also referred to as the HSRP address or the standby address . Clients can point to that virtual router address as their default gateway, knowing that a router always keeps that address active. Keep in mind that the actual interface address and the virtual (standby) address must be configured to be in the same IP subnet. You can assign the HSRP address with the following interface command: Switch( config-if)# standby group ip ip-address [secondary] When HSRP is used on an interface that has secondary IP addresses, you can add the secondary keyword so that HSRP can provide a redundant secondary gateway address. You can configure a router to preempt or immediately take over the active role if its priority is the highest at any time. Use the following interface configuration command to allow preemption: Switch( config-if)# standby group preempt [delay seconds] "Pass Any Exam. Any Time." - www.actualtests.com 110
Ac
tua
lTe
sts
A. The router with IP address 172.16.11.112 is using default HSRP priority. B. The IP address 172.16.11.115 is the virtual HSRP IP address. C. The priority of the router with IP address 172.16.11.112 is preferred over the router with IP address 172.16.11.111. D. The router with IP address 172.16.11.111 haspreempt configured. E. The final active router is the router with IP address 172.16.11.111. F. The router with IP address 172.16.11.112 has nonpreempt configured.
.co
Cisco 642-892: Practice Exam By default, the router can preempt another immediately, without delay. You can use the delay keyword to force it to wait for seconds before becoming active. This is usually done if there are routing protocols that need time to converge.
QUESTION NO: 135 Refer to the exhibit. What are two important facts in interpreting the output of the show ip pim interface command? (Choose two.)
Answer: A,B
QUESTION NO: 136 Refer to the exhibit. What statement is true based upon the configuration in the exhibit?
Ac
Explanation: show ip pim interface: Use this command to display information about interfaces configured for PIM. In addition, you can use this command to verify that the correct PIM mode (dense or sparse) is configured on the interface, the neighbor count is correct, and the designated router (DR) is correct (which is critical for PIM sparse mode). Multi-access segments (such as Ethernet, Token Ring, FDDI ) elect a DR based on highest IP address. Point-to-Point links do not display DR information. Reference: http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080093f21.shtml
tua
lTe
sts
.co
A. Point-to-Point links do not display DR information. B. Multiaccess segments elect a DR based on highest IP address. C. Multiaccess segments elect a DR based on lowest IP address. D. The RP is only seen in version 2 of Sparse-Dense mode. E. Multiaccess, multicast segments do not elect a DR.
111
Answer: D
QUESTION NO: 137
Which statement is true about the Lightweight Access Point Protocol (LWAPP)? A. The control traffic between the client and the access point is encapsulated with the LWAPP. B. Real-time frame exchange is accomplished within the access point. C. Authentication, security, and mobility are handled by the access point. D. Data traffic between the client and the access point is encapsulated with LWAPP. Answer: B Explanation:
Ac
tua
Explanation: A rendezvous point (RP) is required only in networks running Protocol Independent Multicast sparse mode (PIM-SM). The protocol is described in RFC 2362. In PIM-SM, only network segments with active receivers that have explicitly requested multicast data will be forwarded the traffiC. An interface configured in sparse-dense mode is treated in either sparse mode or dense mode of operation, depending on which mode the multicast group operates. If a multicast group has a known RP, the interface is treated in sparse mode. If a group has no known RP, the interface is treated in dense mode and data will be flooded over this interface. Reference: Configuring a Rendezvous Point http://www.cisco.com/en/US/docs/ios/solutions_docs/ip_multicast/White_papers/rps.html
lTe
sts
.co
A. If a rendezvous point is configured, the interface cannot operate in dense mode. B. CGMP version 2 is being used. C. IGMP version 2 is being used. D. A rendezvous point must be configured in order for the interface to operate in sparse mode. E. The switch will use sparse mode first, dense mode second. F. The rendezvous point is IP address 172.16.4.16.
112
Cisco 642-892: Practice Exam When LWAPP was first introduced to the WLAN industry in 2002, it revolutionized the way WLAN deployments were managed with the concept of a "split MAC" the ability to separate the real-time aspects of the 802.11 protocol from most of its management aspects. In particular, real-time frame exchange and certain real-time portions of MAC management are accomplished within the access point, while authentication, security management, and mobility are handled by WLAN controllers. Reference: http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps6306/prod_white_paper0900aecd8 02c18ee_ns337_Networking_Solutions_White_Paper.html
QUESTION NO: 138 Refer to the exhibit. On the basis of the information in the exhibit, which two statements are true? (Choose two.)
A. The output was generated by entering the show ip bgp command on the ISP router. B. The serial 0/0/1 interface on the ISP router has been configured with the set metric 50 command. C. The serial 0/0/1 interface on the ISP router has been configured with the set metric 75 command. D. The output was generated by entering the show ip bgp command on the SanJose1 router. "Pass Any Exam. Any Time." - www.actualtests.com 113
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam E. When traffic is sent from the ISP to autonomous system 64512, the traffic will be forwarded to SanJose2 because of the higher MED value of SanJose2. F. When traffic is sent from the ISP to autonomous system 64512, the traffic will be forwarded to SanJose1 because of the lower MED value of SanJose1. Answer: B,C Explanation: The "show ip route bgp" command will display any BGP-learned routes that make it into the IP routing table, the command "show ip bgp" is required to display the contents of the actual BGP routing table. This output was seen on ISP because the local router ID is 192.168.100.1 (ISP). Since we know that this output must have been seen by ISP, we know the serial 0/0/1 interface has been configured with a metric of 75, as this is the metric to the peer with IP address 192.168.1.2 (the other side of the serial 0/0/1 interface).
Which description correctly describes a MAC address flooding attack? A. The attacking device spoofs a source MAC address of a valid host currently in theCAM table. The switch then forwards frames destined for the valid host to the attacking device. B. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the destination address found in the Layer 2 frames sent by the valid network device. C. The attacking device spoofs a destination MAC address of a valid host currently in theCAM table. The switch then forwards frames destined for the valid host to the attacking device. D. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the source address found in the Layer 2 frames sent by the valid network device. E. Frames with unique, invalid destination MAC addresses flood the switch and exhaustCAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports. F. Frames with unique, invalid source MAC addresses flood the switch and exhaustCAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports. Answer: F Explanation: A common Layer 2 or switch attack is MAC flooding, resulting in a switch's CAM table overflow, which causes flooding of regular data frames out all switch ports. This attack can be launched for the malicious purpose of collecting a broad sample of traffic or as a denial of service (DoS) attack. A switch's CAM tables are limited in size and therefore can contain only a limited number of "Pass Any Exam. Any Time." - www.actualtests.com 114
Ac
tua
lTe
sts
.co
QUESTION NO: 139
Cisco 642-892: Practice Exam entries at any one time. A network intruder can maliciously flood a switch with a large number of frames from a range of invalid source MAC addresses. If enough new entries are made before old ones expire, new valid entries will not be accepted. Then, when traffic arrives at the switch for a legitimate device that is located on one of the switch ports that was not able to create a CAM table entry, the switch must flood frames to that address out all ports. This has two adverse effects: The switch traffic forwarding is inefficient and voluminous. An intruding device can be connected to any switch port and capture traffic that is not normally seen on that port. If the attack is launched before the beginning of the day, the CAM table would be full when the majority of devices are powered on. Then frames from those legitimate devices are unable to create CAM table entries as they power on. If this represents a large number of network devices, the number of MAC addresses for which traffic will be flooded will be high, and any switch port will carry flooded frames from a large number of devices.
A. The client adapter WEP key should be generated by the authentication server and forwarded to the client adapter before the client adapter can establish communication with the wireless network. B. In infrastructure mode the client adapter WEP key must match the WEP key used by the access point. In ad hoc mode all client WEP keys within the wireless network must match each other. C. The client adapter WEP key should be generated by the AP and forwarded to the client adapter before the client adapter can establish communication with the wireless network. D. Before the client adapter WEP key is generated, all wireless infrastructure devices (such as access points, servers, etc.) must be properly configured for LEAP authentication.
Ac
tua
lTe
sts
.co
Refer to the exhibit. What should be taken into consideration when using the Cisco Aironet Desktop Utility (ADU) to configure the static WEP keys on the wireless client adapter?
QUESTION NO: 140
115
Cisco 642-892: Practice Exam Answer: B Explanation: Your client adapter's WEP key must match the WEP key used by the access point (in infrastructure mode) or clients (in ad hoc mode) with which you are planning to communicate. Reference: http://www.cisco.com/en/US/docs/wireless/wlan_adapter/cb21ag/user/3.5/configuration/guide/wina pekh.html
On the basis of the configuration that is provided, how would the BGP updates that come from router R1 be replicated inside autonomous system 65200? A. All BGP updates that are received on router R2 will not be sent to routers R3 and R4. B. All BGP updates that are received on router R2 will be sent directly to router R5. C. All BGP updates that are received on router R2 will be sent to routers R3 and R4. Routers R3 and R4 will then forward those BGP updates to router R5. D. None of the BGP updates that are received on router R2 will ever be received by router R5.
Ac
tua
lTe
sts
.co
116
Cisco 642-892: Practice Exam Answer: D
QUESTION NO: 142 Which statement is true about RSTP topology changes? A. Any loss of connectivity generates a TC BPDU. B. Only nonedge ports moving to the forwarding state generate a TC BPDU. C. If either an edge port or a nonedge port moves to a block state, then a TC BPDU is generated. D. Only nonedge ports moving to the blocking state generate a TC BPDU. E. Any change in the state of the port generates a TC BPDU. Answer: B Explanation: The IEEE 802.1D Spanning Tree Protocol was designed to keep a switched or bridged network loop free, with adjustments made to the network topology dynamically. A topology change typically takes 30 seconds, where a port moves from the Blocking state to the Forwarding state after two intervals of the Forward Delay timer. As technology has improved, 30 seconds has become an unbearable length of time to wait for a production network to failover or "heal" itself during a problem. Topology Changes and RSTP Recall that when an 802.1D switch detects a port state change (either up or down) , it signals the Root Bridge by sending topology change notification (TCN) BPDUs. The Root Bridge must then signal a topology change by sending out a TCN message that is relayed to all switches in the STP domain. RSTP detects a topology change only when a nonedge port transitions to the Forwarding state. This might seem odd because a link failure is not used as a trigger. RSTP uses all of its rapid convergence mechanisms to prevent bridging loops from forming. Therefore, topology changes are detected only so that bridging tables can be updated and corrected as hosts appear first on a failed port and then on a different functioning port. When a topology change is detected, a switch must propagate news of the change to other switches in the network so they can correct their bridging tables, too. This process is similar to the convergence and synchronization mechanism-topology change (TC) messages propagate through the network in an ever-expanding wave.
QUESTION NO: 143 Which command displays the IBGP and EBGP neighbors that are configured?
Ac
tua
lTe
sts
.co
117
Cisco 642-892: Practice Exam A. show ip bgp peers B. show ip bgp summary C. show ip bgp paths D. show ip bgp Answer: B Explanation: The "show ip bgp summary" command displays the summary of all BGP connections.
QUESTION NO: 144 Refer to the exhibit. Given the output of a debug ip mrouting command, which two statements are true? (Choose two.)
A. Multicast route to 224.69.15.0 B. 24 will be out Ethernet 0. C. 24 was added to the mroute table and created by a source directly connected to the router. D. This router received an IGMP host report from a group member or a PIM join message. E. The reverse path forwarding (RPF) for the route 224.2.0.1 failed to find the interface on which the multicast packet was received. F. 16 was added to the mroute table and created by a source directly connected to the router. G. Multicast route to 10.16.0.0 H. The route to 224.69.15.0 Answer: D,G Explanation: The following is sample output from the debug ip mrouting command: Router# debug ip mrouting 224.2.0.1 MRT: Delete (10.0.0.0/8, 224.2.0.1) MRT: Delete (10.4.0.0/16, 224.2.0.1) MRT: Delete (10.6.0.0/16, 224.2.0.1) MRT: Delete (10.9.0.0/16, 224.2.0.1) MRT: Delete (10.16.0.0/16, 224.2.0.1) MRT: Create (*, 224.2.0.1), if_input NULL "Pass Any Exam. Any Time." - www.actualtests.com 118
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam MRT: Create (224.69.15.0/24, 225.2.2.4), if_input Ethernet0, RPF nbr 224.69.61.15 MRT: Create (224.69.39.0/24, 225.2.2.4), if_input Ethernet1, RPF nbr 0.0.0.0 MRT: Create (10.0.0.0/8, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0 MRT: Create (10.4.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0 MRT: Create (10.6.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0 MRT: Create (10.9.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0 MRT: Create (10.16.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0 The following lines show that multicast IP routes were deleted from the routing table: MRT: Delete (10.0.0.0/8, 224.2.0.1) MRT: Delete (10.4.0.0/16, 224.2.0.1) MRT: Delete (10.6.0.0/16, 224.2.0.1) The (*, G) entries are generally created by receipt of an Internet Group Management Protocol (IGMP) host report from a group member on the directly connected LAN or by a Protocol Independent Multicast (PIM) join message (in sparse mode) that this router receives from a router that is sending joins toward the RP. This router will in turn send a join toward the Route Processor (RP) that creates the shared tree (or RP tree). MRT: Create (*, 224.2.0.1), if_input NULL The following lines are an example of creating an (S, G) entry that shows that an IP multicast packet (mpacket) was received on Ethernet interface 0. The second line shows a route being created for a source that is on a directly connected LAN. The RPF means "Reverse Path Forwarding," whereby the router looks up the source address of the multicast packet in the unicast routing table and determines which interface will be used to send a packet to that source. MRT: Create (224.69.15.0/24, 225.2.2.4), if_input Ethernet0, RPF nbr 224.69.61.15 MRT: Create (224.69.39.0/24, 225.2.2.4), if_input Ethernet1, RPF nbr 224.0.0.0 The following lines show that multicast IP routes were added to the routing table. Note the 224.0.0.0 as the RPF, which means the route was created by a source that is directly connected to this router. MRT: Create (10.9.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0 MRT: Create (10.16.0.0/16, 224.2.0.1), if_input Ethernet1, RPF nbr 224.0.0.0 If the source is not directly connected, the neighbor address shown in these lines will be the address of the router that forwarded the packet to this router. The shortest path tree state maintained in routers consists of source (S), multicast address (G), outgoing interface (OIF), and incoming interface (IIF). The forwarding information is referred to as the multicast forwarding entry for (S, G). An entry for a shared tree can match packets from any source for its associated group if the packets come through the proper incoming interface as determined by the RPF lookup. Such an entry is denoted as (*, G). A (*, G) entry keeps the same information a (S, G) entry keeps, except that it saves the rendezvous point address in place of the source address in sparse mode or as "Pass Any Exam. Any Time." - www.actualtests.com 119
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam 24.0.0.0 in dense mode. Reference: http://www.cisco.com/en/US/docs/ios/12_2t/debug/command/reference/dbftipdv.html
QUESTION NO: 145 Which two statements about voice traffic are true? (Choose two.) A. Voice packets are typically around 60 to 120 bytes. B. For voice quality, packet loss should be less than 2 percent and delay should be no more than 250 ms. C. Voice packets are typically around 600 to 1200 bytes. D. For voice quality, packet loss should be less than 1 percent and delay should be no more than 150 ms. E. A typical voice call requires 17 kbps to 106 kbps of guaranteed priority bandwidth plus an additional 15 kbps per call for voice-control traffic. F. Voice packets are typically around 60 to 120 KB. Answer: D,E
Explanation: QoS Requirements for Voice: Voice calls, either one-to-one or on a conference connection capability, require the following: ? 150 ms of one-way latency from mouth to ear (per the ITU G.114 standard) ? 30 ms jitter ? 1 percent packet loss 17 to 106 kbps of guaranteed priority bandwidth per call (depending on the sampling rate, codec, and Layer 2 overhead) 150 bps (plus Layer 2 overhead) per phone of guaranteed bandwidth for voice control traffic The choice of codec has impacts in many areas. The most important is the capacity planning on the network, because the bandwidth consumed in different codecs varies. Reference: http://www.informit.com/content/images/1587051915/samplechapter/1587051915content.pdf
QUESTION NO: 146 Which two statements are true about the rendezvous point (RP) in a multicast network? (Choose two.) A. The multicast receivers must register with the RP to form the multicast distribution tree. B. To form the multicast distribution tree, the multicast sources register with and the receivers join the RP. "Pass Any Exam. Any Time." - www.actualtests.com 120
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam C. The multicast sources must register with the RP to form the multicast distribution tree. D. An RP is required only in networks running Protocol Independent Multicast sparse mode (PIM SM). E. An RP is required only in networks running Protocol Independent Multicast sparse-dense mode (PIM-SDM). F. An RP is required only in networks running Protocol Independent Multicast dense mode (PIM DM). Answer: B,D
QUESTION NO: 147 Which three IP multicast related statements are true? (Choose three.) A. Multicast addresses 224.0.0.0 through 224.0.0.255 are used for network protocols on local LAN segments. Because they are always transmitted with a Time to Live (TTL) of 1, they are never forwarded by a router. B. Multicast addresses 224.0.0.5 and 224.0.0.6 are limited scoped addresses that have been reserved for OSPF. C. Multicast addresses 224.0.1.0 through 238.255.255.255 are called globally scoped addresses. They are used to multicast data between organizations and across the Internet. D. Multicast addresses 239.0.0.0 through 239.255.255.255 are called limited scope addresses. They are constrained to a local group or organization. E. The multicast address 224.0.0.1 is a globally scoped address that has been reserved for the Network Time Protocol (NTP) by the IANA. Answer: A,C,D
Explanation: These addresses are never forwarded off the local subnet (regardless of TL, usually set to 1). 224.0.0.1: all hosts 224.0.0.2: all multicast routers (PIMv1, all routers due to transport inIGMPv1) 224.0.0.4: all DVMRP routers 224.0.0.5: all OSPF routers 224.0.0.6: all OSPF DR routers (DR: Designated Router) 224.0.0.9: all RIP2 routers 224.0.0.13: all PIMv2 routers 224.0.1.39: CISCORP-ANNOUNCE 224.0.1.40: CISCO-RP-DISCOVERY Global scope: 224.0.1.0 to 238.255.255.255 (allocated dynamically throuh Internet) Limited scope: 239.0.0.0 to 239.255.255.255 (reserved for use inside prvate domains) See http://www.iana.org/assignments/multicast-addresses for a complete lst.
QUESTION NO: 148 Refer to the exhibit. IP multicast for group address 224.1.1.1 has been enabled on all routers in the network. Hosts on Network A receive the multicast traffic. However, hosts on Network B do "Pass Any Exam. Any Time." - www.actualtests.com 121
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam not. On the basis of outputs provided, what could be the cause of the problem?
Answer: D
Explanation: Multicast routing uses a mechanism called Reverse Path Forwarding (RPF) to prevent forwarding loops and to ensure the shortest path from the source to the receivers. If there is RPF failure, the router does not forward the multicast packets to neighbor.
QUESTION NO: 149 Refer to the exhibit. Which two conclusions can be drawn from the debug ip igmp output? (Choose two.)
Ac
tua
A. Router R2 does not see the upstream router R1 as a PIM neighbor. B. Router R2 does not have an RP configured on the multicast network. C. The multicast packets are sourced from a server with an unspecified IP address. D. Becauseof RPF failure, Router R2 does not forward multicast packets to Network B.
lTe
sts
.co
122
A. IP PIM RP mapping is static. B. The router sent an IGMP version 2query out interface Ethernet1 at multicast address 224.0.0.1. C. Reverse Path Forwarding (RPF) is enabled for 192.168.9.4. D. The IP multicast groups are 224.0.0.1, 224.0.1.40, and 239.255.0.1. E. Reverse Path Forwarding (RPF) is enabled for 224.0.1.40. F. Router RTA received an IGMP report version 1 from host 192.168.9.1. Answer: B,F Explanation: Use the debug ip igmp command to display IGMP packets received and transmitted, as well as IGMP-host related events. The no form of this command disables debug output. This output helps you discover whether the IGMP processes function. In general, if IGMP does not work, the router process never discovers another host on the network that is configured to receive multicast packets. In PIM dense mode, this means the packets are delivered intermittently (a few every three minutes). In PIM sparse mode, they are never delivered. R1# debug ip igmp 12:32:51.065: IGMP: Send v2 Query on Ethernet1 to 224.0.0.1 12:32:51.069: IGMP: Set report delay time to 9.4 seconds for 224.0.1.40 on Ethernet1 12:32:56.909: IGMP: Received v1 Report from 192.168.9.1 (Ethernet1) for 239.255.0.1 12:32:56.917: IGMP: Starting old host present timer for 239.255.0.1 on Ethernet1 12:33:01.065: IGMP: Send v2 Report for 224.0.1.40 on Ethernet1 12:33:01.069: IGMP: Received v2 Report from 192.168.9.4 (Ethernet1) for 224.0.1.40 12:33:51.065: IGMP: Send v2 Query on Ethernet1 to 224.0.0.1 The output above shows that the router sends an IGMP version 2 query out interface Ethernet 1 at multicast address 224.0.0.1 (All multicast systems on this subnet). Interface Ethernet 1 itself is a member of group 224.0.1.40 (you can use the show ip igmp interface command to determine this), which sets a report delay time of 9.4 seconds (randomly determined). Because it does not receive any report from another system for multicast group 224.0.1.40 for the next 9.4 seconds, it sends a version 2 report of its membership, which is received by the router itself on Ethernet 1. It also receives IGMP report version 1 from host 192.168.9.1, which is directly connected to the interface Ethernet 1 for group 239.255.0.1. This debug output is useful when you verify that the router interface sends queries and to determine the query interval (in the above case, 60 seconds). You can also use the command to determine the version of IGMP used by the clients. "Pass Any Exam. Any Time." - www.actualtests.com 123
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam Reference: Basic Multicast Troubleshooting Tools http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080093f21.shtml
QUESTION NO: 150 Refer to the exhibit. The user who is connected to interface FastEthernet 0/1 is on VLAN 10 and cannot access network resources. On the basis of the information in the exhibit, which command sequence would correct the problem?
A. SW1(config)# interface fastethernet 0/1 SW1(config-if)# no shut B. SW1(config)# interface fastethernet 0/1 SW1(config-if)# switchport mode access SW1(config-if)# switchport access vlan 10 C. SW1(config)# vlan 10 SW1(config-vlan)# state active D. SW1(config)# interface fastethernet 0/1 SW1(config-if)# switchport mode access E. SW1(config)# vlan 10 SW1(config-vlan)# no shut
Ac
tua
lTe
sts
.co
124
Cisco 642-892: Practice Exam Answer: A Explanation: In Exhibit Operation Mode is down, it means interface is in down state. Just bring into up state using no shutdown command
QUESTION NO: 151 What are two methods of mitigating MAC address flooding attacks? (Choose two.) A. Implement VLAN access maps. B. Implement DHCP snooping. C. Place unused ports in a common VLAN. D. Implement private VLANs. E. Implement port security. Answer: A,E
What is one method that can be used to prevent VLAN hopping? A. password combinations. B. Configure all frames with two 802.1Q headers. C. Explicitly turn off Dynamic Trunking Protocol (DTP) on all unused ports. D. Configure ACLs. E. Configure VACLs. F. Enforce username Answer: C
Explanation: When securing VLAN trunks, also consider the potential for an exploit called VLAN hopping. Here, an attacker positioned on one access VLAN can craft and send frames with spoofed 802.1Q tags so that the packet payloads ultimately appear on a totally different VLAN, all without the use of a router. For this exploit to work, the following conditions must exist in the network configuration: ? The attacker is connected to an access switch port. ? The same switch must have an 802.1Q trunk. ? The trunk must have the attacker's access VLAN as its native VLAN. To prevent from VLAN hopping turn off Dynamic Trunking Protocol on all unused ports. "Pass Any Exam. Any Time." - www.actualtests.com 125
Ac
tua
lTe
sts
QUESTION NO: 152
.co
QUESTION NO: 153 Refer to the exhibit. Host A has sent an ARP message to the default gateway IP address 10.10.10.1. Which statement is true?
Answer: B
Explanation: The Gateway Load Balancing Protocol (GLBP) is a Cisco-proprietary protocol designed to overcome the limitations of existing redundant router protocols. Some of the concepts are the same as with HSRP/VRRP, but the terminology is different and the behavior is much more dynamic and robust. The trick behind this load balancing lies in the GLBP group. One router is elected the active virtual gateway (AVG). This router has the highest priority value, or the highest IP address in the group, if there is no highest priority. The AVG answers all ARP requests for the virtual router address. Which MAC address it returns depends on which load-balancing algorithm it is configured to use. In any event, the virtual MAC address supported by one of the routers in the group is returned. According to exhibit, Router DSW2 is the Active Virtual Gateway (AVG) router because it has highest IP address even having equal priority. When router DSW1 sends the ARP message to 10.10.10.1 Router DSW 2 will reply to DSW 1 as a Active Virtual Router. "Pass Any Exam. Any Time." - www.actualtests.com 126
Ac
tua
A. DSw1 will reply with the MAC address of the next AVF. B. DSw2 will reply with the MAC address of the next AVF. C. Because of the invalid timers that are configured, DSw1 will not reply. D. Because of the invalid timers that are configured, DSw2 will not reply. E. DSw1 will reply with the IP address of the next AVF. F. DSw2 will reply with the IP address of the next AVF.
lTe
sts
.co
QUESTION NO: 154 What is the IPv6 address FF02::2 used for? A. all routers in a local segment B. all hosts in a particular multicast group C. all hosts in a local segment D. all routers in an autonomous system Answer: A Explanation: To identify all nodes for the node-local and link-local scopes, the following multicast addresses are defined:
FF01::2 (node-local scope all-routers address) FF02::2 (link-local scope all-routers address) FF05::2 (site-local scope all-routers address)
Reference: http://technet2.microsoft.com/windowsserver/en/library/8c07faf2-35b3-4f2a-920fd61ad76581ad1033.mspx?mfr=true
QUESTION NO: 155
Based on the exhibited output, which three statements are true? (Choose three.)
Ac
tua
lTe
sts
To identify all routers for the node-local, link-local, and site-local scopes, the following multicast addresses are defined:
.co
FF01::1 (node-local scope all-nodes address) FF02::1 (link-local scope all-nodes address)
127
Answer: A,B,F
QUESTION NO: 156 Which three components are included in the Cisco autonomous WLAN solution? (Choose three.) A. Wireless Control System (WCS) B. Access Control Server (ACS) C. Lightweight Access Point Protocol (LWAPP) D. Wireless Domain Services (WDS) E. Wireless LAN Solution Engine (WLSE) F. Wireless Services Module (WiSM)
Ac
Regarding the numbers specified in the parenthesis, the first number is the EIGRP metric that represents the cost to the destination. The second number is the EIGRP metric that this peer advertised. Based on this, the best path to the 192.168.1.48/28 destination is via 192.168.1.66, because the metric is less than the alternatives.
tua
lTe
Explanation: The R1 router resides in AS 200, as displayed by the "IP EIGRP topology for process 200" output.
sts
.co
A. The best path for R1 to reach the 192.168.1.48/28 prefix is via 192.168.1.66. B. R1 is in AS 200. C. All the routes are in the passive mode because these routes are in the hold-down state. D. All the routes are in the passive mode because R1 is in the query process for those routes. E. R1 will load balance between three paths to reach the 192.168.1.48/28 prefix because all three paths have the same advertised distance (AD) of 40512000. F. 40512000 is the advertised distance (AD) via 192.168.1.66 to reach the 192.168.1.48/28 prefix.
128
Cisco 642-892: Practice Exam Answer: B,D,E Explanation: CiscoWorks WLSE is a complete solution for managing Cisco Aironet autonomous WLAN networks. As the management component of the Cisco Autonomous WLAN Solution, CiscoWorks WLSE provides comprehensive air/radio frequency (RF) and device-management capabilities in ways that simplify deployment, reduce operational complexity, and provide administrators visibility into the WLAN. CiscoWorks WLSE provides an easy-to-use deployment wizard to specify the configuration criteria up front. This allows administrators to automate deployment and simultaneously maintain control in rapidly expanding environments. The deployment wizard also simplifies and automates the setup of the Wireless Domain Services (WDS) that plays an important role in the Cisco Autonomous WLAN Solution for seamless mobility and RF aggregation services. WLSE also enables centralized user administration by integrating with Cisco Secure ACS . Users can be defined and mapped to a user role centrally on Cisco Secure ACS. Reference: http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6380/ps6563/ps3915/ps6839/product_dat a_sheet0900aecd80410b92.html
QUESTION NO: 157
Answer: B
Explanation: ICMP Internet Router Discovery Protocol (IRDP) uses Internet Control Message Protocol (ICMP) router advertisements and router solicitation messages to allow a host to discover the addresses of operational routers on the subnet. With this, hosts can discover the real IP addresses of the default gateways. VRRP, HSRP, and GLBP all require the use of a virtual IP address. Hosts then use this virtual IP address as their default gateways. Reference: Configuring IRDP http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_irdp_ps6350_TSD_Product s_Configuration_Guide_Chapter.html
Ac
A. HSRP B. IRDP C. Proxy ARP D. VRRP E. GLBP
tua
lTe
Which protocol enables a group of routers to form a single virtual router and use the real IP address of a router as the gateway address?
sts
.co
129
Cisco 642-892: Practice Exam QUESTION NO: 158 Which three statements are correct about the differences in IS-IS and OSPF? (Choose three.) A. New additions to the protocol are easily implemented in OSPF but not with IS-IS. B. OSPF has more area types than does IS-IS. C. For greater fine tuning there are more IS-IS timers. D. IS-IS is more CPU-intensive than is OSPF. E. IS-IS LSP contains TLV fields and OSPF LSU contains the LSAs. Answer: B,C,E Explanation: The configuration of OSPF is based on a central backbone, Area 0, with all other areas being physically attached to Area 0. Because of this, certain design constraints will inevitably exist. A good, consistent IP addressing structure is necessary when this type of hierarchical model is used. It is used to summarize addresses into the backbone, and reduce the amount of information that is carried in the backbone and advertised across the network. In comparison, IS-IS also has a hierarchy with Level 1 and Level 2 routers. With IS-IS, the area borders lie on the links. However, significantly fewer link-state PDUs (LSPs) are used. Therefore, many more routers, up to 1000, can reside in a single area. This capability makes IS-IS more scalable than OSPF. IS-IS allows a more flexible approach to extending the backbone. Adding Level 2 routers can extend the backbone. This process is less complex than with OSPF. With regard to CPU use and the processing of routing updates, IS-IS is more efficient. Not only are there fewer LSPs to process, as compared to OSPF LSAs, but also the mechanism by which IS-IS installs and withdraws prefixes is less intensive. Both OSPF and IS-IS are link-state protocols and therefore provide fast convergence. The convergence time depends on a number of factors, such as timers, number of nodes, and types of routers. Based on the default timers, IS-IS will detect a failure quicker than OSPF and therefore should converge more rapidly. If there are many neighbors and adjacencies to consider, the convergence time depends on the processing power of the router. IS-IS is typically less CPU intensive than OSPF. The timers in IS-IS allow more tuning than OSPF. There are more timers to adjust, and therefore finer granularity can be achieved. By tuning the timers, convergence time can be significantly decreased. However, this speed may be at the expense of stability, so a compromise may have to be made. A network engineer should understand the implications of adjusting these timers.
QUESTION NO: 159 When an attacker is using switch spoofing to perform VLAN hopping, how is the attacker able to gather information?
Ac
tua
lTe
sts
.co
130
Cisco 642-892: Practice Exam A. The attacking station uses DTP to negotiate trunking with a switch port and captures all traffic that is allowed on the trunk B. The attacking station tags itself with all usable VLANs to capture data that is passed through the switch, regardless of the VLAN to which the data belongs. C. The attacking station will generate frames with two 802.1Q headers to cause the switch to forward the frames to a VLAN that would be inaccessible to the attacker through legitimate means. D. The attacking station uses VTP to collect VLAN information that is sent out and then tags itself with the domain information in order to capture the data. Answer: A Explanation: DTP should be disabled for all user ports on a switch. If the port is left with DTP auto-configured (default on many switches), an attacker can connect and arbitrarily cause the port to start trunking and therefore pass all VLAN information. Reference: http://www.cisco.com/en/US/solutions/ns340/ns517/ns224/ns376/net_design_guidance0900aecd8 00ebd1e.pdf
Ac
tua
lTe
sts
.co
131
Cisco 642-892: Practice Exam Which Virtual Router Redundancy Protocol (VRRP) statement is true about the roles of the master virtual router and the backup virtual router? A. Router B is the master virtual router, and Router A is the backup virtual router. When Router B fails, Router A will become the master virtual router. When Router B recovers, Router A will maintain the role of master virtual router. B. Router B is the master virtual router, and Router A is the backup virtual router. When Router B fails, Router A will become the master virtual router. When Router B recovers, it will regain the master virtual router role. C. Router A is the master virtual router, and Router B is the backup virtual router. When Router A fails, Router B will become the master virtual router. When Router A recovers, Router B will maintain the role of master virtual router. D. Router A is the master virtual router, and Router B is the backup virtual router. When Router A fails, Router B will become the master virtual router. When Router A recovers, it will regain the master virtual router role. Answer: D
Explanation: An important aspect of the VRRP redundancy scheme is VRRP router priority. Priority determines the role that each VRRP router plays and what happens if the master virtual router fails. If a VRRP router owns the IP address of the virtual router and the IP address of the physical interface, this router functions as a master virtual router. Priority also determines if a VRRP router functions as a backup virtual router and determines the order of ascendancy to becoming a master virtual router if the master virtual router fails. You can configure the priority of each backup virtual router with a value of 1 through 254, using the vrrp priority command. For example, if Router A, the master virtual router in a LAN topology, fails, an election process takes place to determine if backup virtual Routers B or C should take over. If Routers B and C are configured with the priorities of 101 and 100, respectively, Router B is elected to become master virtual router because it has the higher priority. If Routers B and C are both configured with the priority of 100, the backup virtual router with the higher IP address is elected to become the master virtual router. By default, a preemptive scheme is enabled whereby a higher-priority backup virtual router that becomes available takes over for the backup virtual router that was elected to become master virtual router. You can disable this preemptive scheme using the no vrrp preempt command. If preemption is disabled, the backup virtual router that is elected to become master virtual router remains the master until the original master virtual router recovers and becomes master again. Reference: http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.5/addr_serv/configuration/guide/ic35vrrp.htm l
Ac
tua
lTe
sts
.co
132
Cisco 642-892: Practice Exam QUESTION NO: 161 DRAG DROP Drop
Explanation:
QUESTION NO: 162 Why is BPDU guard an effective way to prevent an unauthorized rogue switch from altering the spanning-tree topology of a network?
Ac
tua
lTe
sts
.co
Answer:
133
Cisco 642-892: Practice Exam A. BPDU guard can guarantee proper selection of the root bridge. B. BPDU guard can be utilized along with PortFast to shut down ports when a switch is connected to the port. C. BPDU guard can be utilized to prevent the switch from transmitting BPDUs and incorrectly altering the root bridge election. D. BPDU guard can be used to prevent invalid BPDUs from propagating throughout the network. Answer: A Explanation: As long as a port participates in STP, some device can assume the root bridge function and affect active STP topology. To assume the root bridge function, the device would be attached to the port and would run STP with a lower bridge priority than that of the current root bridge. If another device assumes the root bridge function in this way, it renders the network suboptimal. This is a simple form of a denial of service (DoS) attack on the network. The temporary introduction and subsequent removal of STP devices with low (0) bridge priority cause a permanent STP recalculation. The STP PortFast BPDU guard enhancement allows network designers to enforce the STP domain borders and keep the active topology predictable. The devices behind the ports that have STP PortFast enabled are not able to influence the STP topology. At the reception of BPDUs, the BPDU guard operation disables the port that has PortFast configured. The BPDU guard transitions the port into errdisable state, and a message appears on the console. Reference: Spanning Tree PortFast BPDU Guard Enhancement http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml
QUESTION NO: 163
Refer to the exhibit. Which two statements are true about the router configuration? (Choose two.)
A. This configuration is referred to as a dual-stack 6to4 tunnel. B. This configuration will attempt to route packets using IPv4 first, and if that fails, then IPv6. C. This configuration allows applications on the same segment to communicate via IPv4 or IPv6. D. This configuration is referred to as a dual stack.
Ac
tua
lTe
sts
.co
134
Cisco 642-892: Practice Exam Answer: C,D Explanation: This router demonstrates an example of an IPv6 Dual Stack configuration. Dual stack (Figure 1 below) runs both IPv4 and IPv6 protocol stacks on a router in parallel, making it similar to the multiprotocol network environments of the past, which often ran Internetwork Packet Exchange (IPX), AppleTalk, IP, and other protocols concurrently. The technique of deploying IPv6 using dual-stack backbones allows IPv4 and IPv6 applications to coexist in a dual IP layer routing backbone. The IPv4 communication uses the IPv4 protocol stack, and the IPv6 communication uses the IPv6 stack. As a transition strategy, dual stack is ideal for campus networks with a mixture of IPv4 and IPv6 applications. Figure 1: Dual-Stack Example
Which two statements are true about the Hot Standby Router Protocol (HSRP)? (Choose two.) A. Load sharing with HSRP is achieved by creating multiple subinterfaces on the HSRP routers. B. All routers configured for HSRP load balancing must be configured with the same priority. C. Routers configured for HSRP can belong to multiple groups and multiple VLANs. D. Routers configured for HSRP must belong to only one group per HSRP interface. E. Load sharing with HSRP is achieved by creating HSRP groups on the HSRP routers. Answer: C,E Explanation: HSRP is a Cisco-proprietary protocol developed to allow several routers (or multilayer switches) to appear as a single gateway address. RFC 2281 describes this protocol in more detail. Basically, each of the routers that provides redundancy for a given gateway address is assigned to a common HSRP group. One router is elected as the primary, or active, HSRP router, another is elected as the standby HSRP router, and all the others remain in the listen HSRP state. The "Pass Any Exam. Any Time." - www.actualtests.com 135
Ac
tua
QUESTION NO: 164
lTe
Reference: http://www.cisco.com/en/US/products/ps6553/products_white_paper0900aecd805c54d0.shtml
sts
.co
Cisco 642-892: Practice Exam routers exchange HSRP hello messages at regular intervals, so they can remain aware of each other's existence, as well as that of the active router. An HSRP group can be assigned an arbitrary group number, from 0 to 255. If you configure HSRP groups on several VLAN interfaces, it can be handy to make the group number the same as the VLAN number. However, most Catalyst switches support only up to 16 unique HSRP group numbers. If you have more than 16 VLANs, you will quickly run out of group numbers. An alternative is to make the group number the same (that is, 1) for every VLAN interface. This is perfectly valid because the HSRP groups are only locally significant on an interface. HSRP Group 1 on interface VLAN 10 is unique from HSRP Group 1 on interface VLAN 11.
Answer:
Ac
tua
lTe
sts
.co
136
QUESTION NO: 166
A. The switch ports 3/1 and 3/2 will be defined as secondary VLAN community ports. The ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports. B. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports. C. The switch ports 3/1 and 3/2 will be defined as secondary VLAN isolated ports. The ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports. D. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as primary VLAN community ports.
Ac
tua
lTe
Refer to the exhibit. The web servers WS_1 and WS_2 need to be accessed by external and internal users. For security reasons, the servers should not communicate with each other, although they are located on the same subnet. The servers do need, however, to communicate with a database server located in the inside network. What configuration will isolate the servers from each other?
sts
.co
137
Cisco 642-892: Practice Exam Answer: C Explanation: Service providers often have devices from multiple clients, in addition to their own servers, on a single Demilitarized Zone (DMZ) segment or VLAN. As security issues proliferate, it becomes necessary to provide traffic isolation between devices, even though they may exist on the same Layer 3 segment and VLAN. Catalyst 6500/4500 switches implement PVLANs to keep some switch ports shared and some switch ports isolated, although all ports exist on the same VLAN. The 2950 and 3550 support "protected ports," which are functionality similar to PVLANs on a perswitch basis. A port in a PVLAN can be one of three types: Isolated: An isolated port has complete Layer 2 separation from other ports within the same PVLAN, except for the promiscuous port. PVLANs block all traffic to isolated ports, except the traffic from promiscuous ports. Traffic received from an isolated port is forwarded to only promiscuous ports. Promiscuous: A promiscuous port can communicate with all ports within the PVLAN, including the community and isolated ports. The default gateway for the segment would likely be hosted on a promiscuous port, given that all devices in the PVLAN will need to communicate with that port. Community: Community ports communicate among themselves and with their promiscuous ports. These interfaces are isolated at Layer 2 from all other interfaces in other communities, or in isolated ports within their PVLAN.
QUESTION NO: 167
A. In a 6to4 tunnel, the first two bytes of the IPv6 address will be0x2002 and the next four bytes will be the hexadecimal equivalent of the IPv4 address. B. In a 6to4 tunnel, the first two bytes of the IPv6 address will be locally derived and the next two bytes will be the hexadecimal equivalent of the IPv4 address. C. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the 2002:c0a8:6301::/48 IPv6 address. D. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the 2002:1315:4463:1::/64 IPv6 address. E. In a 6to4 tunnel, the IPv4 address 192.168.99.1 would be converted to the 2002:c0a8:6301::/16 IPv6 address. Answer: A,C
Ac
tua
Which two statements are true about 6to4 tunnels? (Choose two.)
lTe
sts
.co
138
Answer:
Ac
tua
lTe
sts
.co
139
QUESTION NO: 169
A. MAC spoofing attacks allow an attacking device to receive frames intended for a different network host. B. ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection. C. Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP snooping attacks. D. MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable attack points. E. Port scanners are the most effective defense against dynamic ARP inspection. F. DHCP snooping sends unauthorized replies to DHCP queries. Answer: D Explanation: DAI is a security feature that intercepts and verifies IP-to-MAC address bindings and discards invalid ARP packets. DAI uses the DHCP snooping database to validate bindings. It associates a trust state with each interface on the switch. Packets arriving on trusted interfaces bypass all DAI "Pass Any Exam. Any Time." - www.actualtests.com 140
Ac
tua
Which statement is true about Layer 2 security threats?
lTe
sts
.co
Cisco 642-892: Practice Exam validation checks, and those arriving on untrusted interfaces undergo the DAI validation process. In a typical network, all ports on the switch connected to host are configured as untrusted, and switch ports are considered trusted. Use the ip arp inspection trust interface command to configure the trust settings. When the switch is configured for DAI, it will rate-limit incoming ARP packets to prevent DoS attacks.
QUESTION NO: 170 Refer to the exhibit. Which two problems are the most likely cause of the exhibited output? (Choose two.)
Explanation: Each router in an HSRP group has its own unique IP address assigned to an interface. This address is used for all routing protocol and management traffic initiated by or destined to the router. In addition, each router has a common gateway IP address, the virtual router address that is kept alive by HSRP. This address is also referred to as the HSRP address or the standby address . Clients can point to that virtual router address as their default gateway, knowing that a router always keeps that address active. Keep in mind that the actual interface address and the virtual (standby) address must be configured to be in the same IP subnet. You can assign the HSRP address with the following interface command: Switch( config-if)# standby group ip ip-address [secondary] When HSRP is used on an interface that has secondary IP addresses, you can add the secondary keyword so that HSRP can provide a redundant secondary gateway address. "Pass Any Exam. Any Time." - www.actualtests.com 141
Ac
Answer: D,E
tua
A. VRRP misconfiguration B. spanning tree issues C. transport layer issues D. physical layer issues E. HSRP misconfiguration
lTe
sts
.co
QUESTION NO: 171 Refer to the exhibit. EIGRP is configured on all routers in the network. On the basis of the output provided, which statement is true?
Answer: E
Explanation: This is a valid example of EIGRP MD5 authentication. Since the networks lie in different network boundaries, summarization will not be an issue.
QUESTION NO: 172 Which three statements are true about the Internet Group Management Protocol (IGMP)? (Choose three.) A. IGMP snooping runs on Layer 3 routers. B. IGMP is used to register individual hosts with a multicast group.
Ac
tua
A. Because the key strings do not match, router R1 will not be able to ping routers R2 and R3. B. Because the key chain names do not match, router R1 will not be able to ping routers R2 andR3 . C. Because autosummarization needs to be turned on for EIGRP on all routers, router R1 will not be able to ping routers R2 and R3. D. Because authentication is misconfigured on interfaces Gi0/0 and Gi0/1 on router R2, router R1 will not be able to ping routers R2 and R3. E. Router R1 will be able to ping routers R2 and R3.
lTe
sts
.co
142
Cisco 642-892: Practice Exam C. There are three IGMP modes: dense mode, sparse mode, and sparse-dense mode. D. IGMP version 3 enables a multicast receiving host to specify to the router which sources it should forward traffic from. E. IGMP messages are IP datagrams with a protocol value of 2, destination address of 224.0.0.2, and a TTL value of 1. F. IGMP is a multicast routing protocol that makes packet-forwarding decisions independent of other routing protocols such as EIGRP. Answer: B,D,E Explanation: IGMP ( Internet Group Management Protocol ) - is used to register individual hosts with a multicast group IGMPv2- the router with the lowest IP on a subnet is designated querier IGMPv3 - enables a multicast receiving host to specify to the router which sources it should forward traffic from (source filtering) IGMP Messages are IP datagrams with a protocol value of 2, a destination address of 224.0.0.2, and a TTL value of 1 Reference: http://wilcagre.com/index.php?n=IT.IPMulticast
QUESTION NO: 173
Ac
tua
lTe
Refer to the exhibit. All multilayer switches are running PIM sparse mode. Host B and Host F are sending IGMPv2 join messages to their respective multilayer switches. Which statement is true?
sts
.co
143
Answer: B
QUESTION NO: 174 Which two are characteristics of the IS-IS protocol but not OSPF? (Choose two.) A. utilizes SPF algorithm B. three layers of hierarchical routing C. provides for network scalability by allowing the network to be separated into areas D. supports demand circuit routing E. provides routing support for multiple network layer protocols F. forms adjacencies with all neighbors "Pass Any Exam. Any Time." - www.actualtests.com 144
Ac
A. Switches 2 and 6 will participate in the multicast tree once pruning has taken place. B. Switches 1, 2, 3, and 6 will participate in the multicast tree once prune has taken place. C. Switch 1 is the rendezvous of the multicast tree. D. The multicast server is the rendezvous point of the multicast tree.
tua
lTe
sts
.co
Cisco 642-892: Practice Exam Answer: E,F Explanation: IS-IS is the dynamic link-state routing protocol for the OSI protocol stack. As such, IS-IS distributes routing information for routing CLNP data for the ISO CLNS environment. When IS-IS is used strictly for the ISO CLNS environment, it is referred to as ISO IS-IS. Differences between IS-IS and OSPF. Although IS-IS and OSPF share many common features, they do have quite a few differences: * Whereas OSPF routers can be part of multiple areas, an IS-IS router belongs to only one area per routing process. * In OSPF, the boundaries of areas are set in the router. The boundaries of areas are on the network connections between routers for IS-IS, reiterating that each router is in only one area per routing process. * IS-IS utilizes CLNS protocol data units (PDUs) to send information between routers instead of using IP packets, like OSPF does. * IS-IS allows for the preempting of DRs, where OSPF does not. * OSPF DROthers do not form adjacencies with other DROthers on broadcast multi-access networks, while in the same environment, all IS-IS intermediate systems form adjacencies with one another. * The backbone of an IS-IS network is designated by the type of routers in it instead of being designated by an area number (0, in the case of OSPF).
QUESTION NO: 175
A. BGP synchronization is enabled in a transit autonomous system with fully-meshed IBGP neighbors. B. The EBGP neighbor ebgp-multihop option is set to the default value. C. The BGP update interval is different between the two BGP neighbors. D. The IBGP neighbor is not directly connected. E. There is an access list blocking all TCP traffic between the two BGP neighbors. F. The BGP neighbor is referencing an incorrect autonomous system number in its neighbor statement. Answer: B,E,F Explanation: BGP uses TCP port 179 to establish and maintain neighbor relationships, so any access lists or firewalls must permit this port for BGP to function. By default, EBGP multi-hop is not enabled, so the EBGP peer must be directly connected in order for the local BGP router to know how to reach the EBGP peer. BGP uses neighbor statements that specify the AS number of the BGP peer. If it is the same "Pass Any Exam. Any Time." - www.actualtests.com 145
Ac
tua
Which three conditions can cause BGP neighbor establishment to fail? (Choose three.)
lTe
sts
.co
Cisco 642-892: Practice Exam number as the local BGP router process, then the BGP router knows that IBGP is useD. If the AS number for the specified peer is different, then EBGP is useD. Either way, the specified neighbor must be configured correctly, or the BGP peers will not become neighbors.
QUESTION NO: 176 Refer to the exhibit. Which protocol establishes an optimal path to the root in a wireless mesh network?
A. Layer 2 Roaming (IAPP) B. Lightweight Access Point Protocol (LWAPP) C. WLAN Quality of Service (WQoS) D. Adaptive Wireless Path (AWP) E. 802.1Q WLAN trunking protocol Answer: D Explanation: Mesh networks are scalable outdoor networks that continuously communicate with each other to determine link paths. If a link is degraded, the AP will determine whether a better path exists and will route traffic through a more optimal node. Intelligent wireless routing is provided by the patent-pending Adaptive Wireless Path (AWP) protocol. This enables each AP to identify its neighbors and intelligently choose the optimal path to the wired network by calculating the cost of each path in terms of signal strength and the number "Pass Any Exam. Any Time." - www.actualtests.com 146
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam of hops required to get to a controller. Reference: Authorized Self-Study Guide Building Cisco Multilayer Switched Networks (BCMSN), Chapter 18 http://safari.oreilly.com/1587052733/ch18lev1sec5
Answer:
Ac
tua
lTe
sts
.co
147
Ac
tua
lTe
sts
.co
148
Answer:
QUESTION NO: 179 You work as a network technician, study the exhibit below carefully. IP multicast for group address 224.1.1.1 has been enabled on all routers in the network. Hosts on Network A receive the multicast traffic. However, hosts on Network B do not. Based on the outputs provided in the exhibit, what could cause this problem? "Pass Any Exam. Any Time." - www.actualtests.com 149
Ac
tua
lTe
sts
.co
Answer: C
QUESTION NO: 180 Look at the following exhibit carefully then select a command which can generate a default route on CK-R2 to reach all other networks except CK-R1?
Ac
tua
A. The multicast packets are sourced from a server with an unspecified IP address. B. Router CK2 does not have an RP configured on the multicast network. C. Becauseof RPF failure, Router CK2 does not forward multicast packets to Network B. D. Router CK2 does not see the upstream router CK1 as a PIM neighbor.
lTe
sts
.co
150
A. ip route 0.0.0.0 0.0.0.0 192.168.2.2 B. ip route 192.168.1.0 255.255.255.0 s0/0/0 C. ip route 10.0.0.0 255.255.255.0 s0/0/0 D. ip route 0.0.0.0 255.255.255.0 192.168.2.2
QUESTION NO: 181
A. DR/BDR elections do not take place. B. The area 0 NBMA cloud is configured as more than one subnet. C. The router is restricted to a hub and spoke topology. D. OSPF neighbor statements are not necessary. Answer: A,D
QUESTION NO: 182 An ABR (area border router) will inject a default route into which two types of areas? (Choose two.) A. NSSA B. area 0 "Pass Any Exam. Any Time." - www.actualtests.com 151
Ac
tua
interface serial 0 ip address 10.1.1.1 255.255.255.0 encapsulation frame-relay ip ospf network point-to-multipoint router ospf 7 network 10.1.1.0 0.0.0.255 area 0
lTe
sts
What can be drawn from the following partial configuration on Router A? (Choose two.)
.co
Answer: A
Cisco 642-892: Practice Exam C. totally stubby D. stub Answer: C,D
QUESTION NO: 183 Which item is the correct description of the repeater access point deployed in this wireless network?
Answer: C
QUESTION NO: 184 Select three attributes applied to IS-IS instead of OSPF? (Choose three.) A. encapsulates PDUs directly into a data-link frame B. uses stubby areas to improve network scalability C. uses a default IOS metric of 10 on each interface D. runs PRC (Partial Route Calculations) to calculate IP reachability information Answer: A,C,D
Ac
tua
A. The repeater access point needs a 10 percent channel overlap with channel of the root access point. B. The repeater access point will deploy a different SSID than the SSID configured on the parent access point. C. The repeater access point reduces the throughput in half because it receives and then retransmits each packet on the same channel. D. The repeater access point will apply a different WEP encryption method than the WEP encryption that is enabled on the parent access point.
lTe
sts
.co
152
Cisco 642-892: Practice Exam QUESTION NO: 185 Static VLAN membership is perhaps the most widely used method because of the relatively small administration overhead and security it provides. Which feature is of a static VLAN membership assignment? A. VMPS server lookup B. easy to configure C. ease ofadds, moves, and changes D. based on MAC address of the connected device Answer: B
QUESTION NO: 186 Study the following graphic carefully Host1 and Host2, which belong to different VLANs, are in the same subnet. According to the information displayed, which description is correct when trying to ping from host to host?
A. A trunk port should be configured on the link between CK-SW1 and CK-SW2 to ping successfully. B. The two hosts should be in the same VLAN in order to ping successfully. C. A Layer 3 device is a must in order for the ping command to be successful. D. The ping command will be successful without any further configuration changes. Answer: D
QUESTION NO: 187 Which description regarding OSPF Network LSAs is correct? "Pass Any Exam. Any Time." - www.actualtests.com 153
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam A. They are originated by Area Border Router and are sent into a single area to advertise an Autonomous System Border Router. B. They are originated by the DR on every multi-access network. They include all attached routers including the DR itself. C. They are originated by every router in the OPSF network. They include all routers on the link, interfaces, the cost of the link, and any known neighbor on the link. D. They are originated by Area Border Routers and are sent into a single area to advertise destinations outside that area. Answer: B
QUESTION NO: 188 VLAN Trunk Protocol (VTP) reduces administration in a switched network. When you configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. While using VTP, a Catalyst switch will advertise what VTP information on its trunk ports? A. negotiation status B. STP root status C. management domain D. configuration revision number Answer: C,D
QUESTION NO: 189
Ac
In the following provided network, the hub router is CK-RTC, while the spokes are CK-RTA and CK-RTB. No virtual circuits exist between the spoke locations. In order to route traffic to the 11.11.11.0/24 network from CK-RTA successfully, what is necessary?
tua
lTe
sts
.co
154
Answer: C
QUESTION NO: 190
A. CK-R4(config)# ip default-network 10.0.0.0 B. CK-R4(config-router)# default-information originate
Ac
in tne network presented in tne following exnmit, an routers are conrigurea witn EteRP. in oraer to advertise a aerault route to CK-R4"s neighbors, which configuration command need to be added?
tua
lTe
sts
A. Nothing is required. This is the default behavior on this topology. B. The neighbor 10.10.10.1 next-hop-self command on CK-RTA. C. The neighbor 10.10.10.1 next-hop-self command on CK-RTC. D. The neighbor 10.10.10.1 next-hop-self command on CK-RTB.
.co
155
Cisco 642-892: Practice Exam C. CK-R4(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.1 D. CK-R4(config)# ip route 10.0.0.0 255.0.0.0 10.1.1.1 Answer: A
QUESTION NO: 191 The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. It maintains a table of IP networks or 'prefixes' which designate network reachability among autonomous systems (AS). In routing updates, which BGP feature will not be advertised to o its neighboring routers? A. weight B. next hop C. local preference D. origin Answer: A
QUESTION NO: 192
Answer: D
QUESTION NO: 193 Which three descriptions are correct concerning the diagram below? (Choose three.) A. A trunk link will be formed. B. Only VLANs 1-1001 will travel across the trunk link. C. The native VLAN for CK-B is vlan 1. D. DTP packets are sent from CK-B. "Pass Any Exam. Any Time." - www.actualtests.com 156
Ac
A. show ip route ospf B. show ip ospf database summary C. show ip ospf database nssa-external D. show ip ospf database external
tua
A Link State Advertisement (LSA) is an OSPF data packet containing link-state and routing information that's shared among OSPF routers. The topology database contains information from all of the Link State Advertisement packets that have been received for an area. In the OSPF topology database, which of the following commands can show the Type 5 LSAs?
lTe
sts
.co
Cisco 642-892: Practice Exam Answer: A,C,D
QUESTION NO: 194 The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone. Which two options best describe voice VLANs? A. Voice VLANs permit IP phones to be moved around without worrying about subnets. B. Voice VLANs permit logically combining voice and data packets. C. Voice VLANs can be applied on all Cisco switches. D. Using voice VLANs makes it easier for network administrators to identify and troubleshoot network problems. Answer: A,D
QUESTION NO: 195
Answer: C
QUESTION NO: 196
During selecting the BGP path on a Cisco router, which BGP feature will be first used to determine the best path? A. origin B. next-hop C. weight D. AS-path Answer: C
Ac
tua
lTe
A. show ip ospf database B. show ip ospf interface C. show ip ospf D. show ip protocol
sts
Refer to the following commands, which one can show the times of performing the OSPF algorithm?
.co
Cisco 642-892: Practice Exam Which two statements are correct for EIGRP to form a neighbor relationship? (Choose two) A. The holddown timer must be the same. B. The K-values of the metric must be the same on both routers. C. The autonomous system number must be the same on both routers. D. Authentication must be enabled. Answer: B,C
QUESTION NO: 198 Which two statements correctly describe the distribution layer switches? (Choose two.) A. The distribution layer is the aggregation point for multiple access switches. B. The switches deployed at this layer must be able to handle connecting individual desktop devices to the internetwork. C. This is where users gain access to the internetwork. D. The distribution layer can participate in MLS and handle a router processor. Answer: A,D
QUESTION NO: 199
Answer: D
QUESTION NO: 200 Which two descriptions are correct about the STP blocked state of a port? (Choose two) A. No frames are transmitted or received on the blocked port. B. Frames are sent or received on the blocked port. C. BPDUs are still received on the blocked port. D. BPDUs are sent and received on the blocked port.
Ac
A. A summary of the contents of the neighbor database B. A summary of the topology database when a change is made in a summary route C. The process taken D. A summary of EIGRP activity
tua
What will the debug ip eigrp summary command display?
lTe
sts
.co
158
Cisco 642-892: Practice Exam Answer: A,C
QUESTION NO: 201 Which of the following information is contained in the neighbor table? A. The feasible distance between neighbors B. The administrative distance C. The metric of neighbors D. The status of the links between neighbors Answer: D
QUESTION NO: 202
A. CK1 will reply with the MAC address of the next AVF. B. Because of the invalid timers that are configured, CK2 will not reply. C. CK2 will reply with the IP address of the next AVF. D. CK2 will reply with the MAC address of the next AVF Answer: D
QUESTION NO: 203
Ac
tua
lTe
sts
.co
On the basis of the exhibit below Host CK has sent an ARP message to the default gateway IP address 10.10.10 description is correct?
159
Cisco 642-892: Practice Exam Which two ways can an administrator configure VLAN memberships? (Choose two.) A. VTP database B. Static C. Dynamic D. DHCP server Answer: B,C
QUESTION NO: 204 Which of the following commands can be used to show that EIGRP is able to contact neighbors? A. debug ip eigrp events B. debug ip eigrp packets C. debug ip eigrp D. debug ip eigrp traffic Answer: B
QUESTION NO: 205
Ac
Online Incorporated is an internet game provider. The game service network had recently added an additional switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the spanning-tree topology during configuration. For baseline purpose, you will be required to identify the spanning-tree topology for the switch block. Using the output of "show spanning-tree" command on switch SW-C and the provided physical topology, answer the following questions:
tua
lTe
sts
.co
160
Ac
tua
lTe
sts
.co
161
Which bridge ID belongs to switch SW-B? A. 24623.000f.34f5.0138 B. 32768.000d.bd03.0380 C. 32769.000d.65db.0102 D. 32815.000d.db03.0380 Answer: A
QUESTION NO: 206 Online Incorporated is an internet game provide. The game service network had recently added an additional switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the spanning-tree topology during configuration. For baseline purpose, you "Pass Any Exam. Any Time." - www.actualtests.com 162
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam will be required to identify the spanning-tree topology for the switch block. Using the output of??? Show spanning-tree??? Command on switch SW-C and the provided physical topology, answer the following questions:
Ac
tua
lTe
sts
.co
163
Which port state is interface FaO/2 of switch SVV-B in for VLANs 1 and 106? A. blocking B. discarding C. learning D. listening Answer: A
QUESTION NO: 207 Online Incorporated is an internet game provide. The game service network had recently added an additional switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the spanning-tree topology during configuration. For baseline purpose, you will be required to identify the spanning-tree topology for the switch block. Using the output of "Pass Any Exam. Any Time." - www.actualtests.com 164
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam "show spanning-tree" command on switch SW-C and the provided physical topology, answer the following questions:
Ac
tua
lTe
sts
.co
165
Which Spanning tree Protocol has been implemented on switch SW-B? A. PVST+ B. PVRST C. MSTP/IEEE 802.1s D. STP/IEEE802.1D Answer: A
QUESTION NO: 208 Online Incorporated is an internet game provide. The game service network had recently added an additional switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the spanning-tree topology during configuration. For baseline purpose, you will be required to identify the spanning-tree topology for the switch block. Using the output of "Pass Any Exam. Any Time." - www.actualtests.com 166
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam Show spanning-tree??? Command on switch SW-C and the provided physical topology, answer the following questions:
Ac
tua
lTe
sts
.co
167
Which port role has interface FaO/2 of switch SVV-A adopted for VLAN 47? A. alternate port B. designated port C. root port D. nondesignated port Answer: B
QUESTION NO: 209 Which statement accurately describes BPDUs? A. BPDUs are used to set the bridge ID of a switch. B. BPDUs are used to send configuration messages by using multicast frames. "Pass Any Exam. Any Time." - www.actualtests.com 168
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam C. BPDUs are used to send configuration messages by using IP packets. D. BPDUs are used to set the cost of STP links. Answer: B
QUESTION NO: 210 What is an adjacency in OSPF? A. Routers connected across a WAN but not directly connected, for example Frame Relay, are considered adjacent to each other. B. An adjacency is the state that two neighbors can achieve after they have synchronized their OSPF databases. C. An adjacency is when another router has received an LSA from another area. The areas are adjacent. D. An adjacent router is one that has received a hello packet from a neighbor. Answer: B
QUESTION NO: 211
Answer: A
QUESTION NO: 212 Which type of OSPF network can a workaround used to account for the lack of multicast and broadcast support inherent in the default behavior of Cisco router interfaces in a nonbroadcast environment? A. Nonbroadcast multi-access B. Broadcast multi-access C. Point-to-multipoint D. Point-to-point
Ac
tua
A. ISL B. 802.3u C. 802.1Q D. 8023z
lTe
Which Cisco standard encapsulates a frame and even adds a new FCS field?
sts
.co
169
QUESTION NO: 213 When a frame is received on an interface and the destination hardware address is unknown or not in the filter table, what does a switch do? A. Sends back a message to the originating station asking for a name resolution B. Forwards the switch to the first available link C. Floods the network with the frame looking for the device D. Drops the frame Answer: C
QUESTION NO: 214
When an interface shows that it is in the init state, what is the meaning? A. That this is a point-to-multipoint interface and is waiting to connect to the WAN cloud B. That a router sees a hello packet from a neighbor but the packet does not contain its own router ID C. Seen only on broadcast links, it shows that the election of the DR is in progress D. That an interface is coming online, determining the IP address and OSPF parameters
How to determine the root port on a switch? A. By sending and receiving BPDUs between switches. The fastest BPDU transfer rate on an interface becomes the root port. B. The switch determines the lowest cost of a link to the root bridge. C. The root bridge broadcasts the bridge ID, and the receiving bridge determines what interface this broadcast was received on and makes this interface the root port. D. The switch determines the highest cost of a link to the root bridge. Answer: B
Ac
QUESTION NO: 215
tua
Answer: B
lTe
sts
.co
Cisco 642-892: Practice Exam Which command can be used to set up a newly created point-to-point subinterface to use the OSPF point-to-point network type? A. No additional commands required B. Router(config-subif)# ip ospf network point-to-point C Router(config-subif)# ip ospf network point-to-multipoint non-broadcast D. Router(config-subif)# ip ospf network point-to-multipoint E. Router(config-subif)# ip ospf network non-broadcast Answer: A
QUESTION NO: 217 Which two statements are true if this topology were configured with the NBMA OSPF network type? (Choose two)
A. There are three adjacencies. B. CK-8 must be the DR. C. CK-A must be the DR. D. There are four adjacencies. E. Any router may be the DR. F. CK-C must be the DR. G. CK-D must be the DR Answer: A,C
Ac
tua
lTe
sts
.co
171
Cisco 642-892: Practice Exam QUESTION NO: 218 Which description is correct about VTP? A. Changing the VTP version on one switch changes all switches in a domain. B. All switches are VTP clients by default C. If you change the VTP version on one switch, you must change the version on all switches. D. VTP is on by default with a domain name of Cisco on all Cisco switches. Answer: A
QUESTION NO: 219 When learning a new route, in the event that a received LSA is not found in the topological database, what will an internal OSPF router do? A. The LSA is flooded immediately out of all the OSPF interfaces, except the interface from which the LSA was received. B. The sequence numbers are checked, and if the LSA is valid, it is entered into the topology database. C. The LSA is dropped and a message is sent to the transmitting router. D. The LSA is placed in the topological database and an acknowledgement is sent to the transmitting router. Answer: A
QUESTION NO: 220
In order to advertise internal networks to external ISPs through BGP, which two approaches, can be used? A. using aggregate routes B. forcing the next-hop address C. disabling synchronization D. defining routes via the network statement Answer: A,D
QUESTION NO: 221 If a router has an OSPF priority set to 0, what does it mean?
Ac
tua
lTe
sts
.co
172
Cisco 642-892: Practice Exam A. A router with the OSPF priority set to 0 is one that will switch OSPF packets before it does anything else. B. A router with the OSPF priority set to 0 is one that cannot participate in the election of a DR. It can become neither a DR nor a BDR. C. A router with the OSPF priority set to 0 is one that can participate in the election of a DR. It has the highest priority. D. A router with the OSPF priority set to 0 is one that cannot participate in the election of a DR, but it can become a BDR. Answer: B
QUESTION NO: 222 Gateway Load Balancing Protocol (GLBP) protects data traffic from a failed router or circuit, like Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP), while allowing packet load sharing between a group of redundant routers. Refer to the following methods, which one could enable GLBP to forward traffic from a LAN segment through multiple routers simultaneously? A. Multiple AVG designated routers respond to ARP requests. B. Clients need to have different default gateway IP addresses coded. C. The AVG assigns different virtual MAC addresses. D. Proxy ARP allows multiple routers to respond to ARP requests from clients. Answer: C
QUESTION NO: 223
Which command will you use when you want to set up an interface to use a DR, but do not want to have to manually identify neighbors? A. Router(config-if)# ip ospf network broadcast B. Router(config-if)# ip ospf network point-to-point C Router(config-if)# ip ospf network point-to-multipoint non-broadcast D. Router(config-if)# ip ospf network point-to-multipoint Answer: A
QUESTION NO: 224 On the basis of the following exhibit, what can be drawn from the output of the debug command on VRRP router? "Pass Any Exam. Any Time." - www.actualtests.com 173
Ac
tua
lTe
sts
.co
Answer: D
QUESTION NO: 225
Study the following configuration, which areas will have default routes automatically transmitted to the routers in the respective areas?
A. Area 3 B. Neither area C. Area 2 D. Both areas Answer: D
Ac
tua
lTe
sts
A. CK-RTA does not have VRRP preempt active. B. VRRP is not active on CK-RTA. C. CK-RTB does not have VRRP active. D. CK-RTB has a different IP address coded for VRRP group 1 than CK-RTA.
.co
174
Cisco 642-892: Practice Exam QUESTION NO: 226 Study the following configuration and exhibit seriously. CK-RTB is using the command aggregateaddress to summarize its networks from AS 64100. But, the command show ip route on CK-RTA displays the CK-RTB individual networks and its summary route. Which of the following items can make sure that the summary route appears in the CK-RTA routing table?
Answer: B
QUESTION NO: 227
Which one of the following commands can be used to set a virtual hardware address on a VLAN interface? A. mac-address mac_address B. set mac mac-address C. config mac slot/port mac-address D. set vlan mac-address mac-address Answer: A
Ac
tua
A. Clear the four network statements and leave only the aggregate-address statement in the BGP configuration. B. Add the keyword summary-only to the aggregate-address command. C. Increase a static route with a prefix of 192.168.24.0 255.255.252.0 pointing to the null0 interface. D. Create a route map allowing only the summary address.
lTe
sts
.co
175
Cisco 642-892: Practice Exam QUESTION NO: 228 According to the following graphic, in order to summarize all routes from area 0 to area 1, which of the following should be configured on CK-RTA?
Answer: A
QUESTION NO: 229
Which item provides a separate instance of Spanning Tree Protocol for every VLAN? A. Port Aggregation Protocol (PAgP) B. Common Spanning Tree (CST) C. Spanning Tree Algorithm (STA) D. Per-VLAN Spanning Tree (PVST) Answer: D
QUESTION NO: 230 Which OSPF router types are allowed inside a not-so-stubby area?(Choose two) A. Virtual Link Router B. Area Border Router C. Autonomous System Border Router D. Backbone Router Answer: B,C
Ac
tua
lTe
sts
.co
A. area 0 range 172.16.96.0 255.255.224.0 B. area 1 range 172.16.96.0 255.255.0.0 C. summary-address 172.16.96.0 255.255.224.0 D. summary-address 172.16.96.0 0.0.63.255
176
Cisco 642-892: Practice Exam QUESTION NO: 231 Where will the trust boundary be established in this network based on the configuration provided in the exhibit?
Answer: C
QUESTION NO: 232
A. Two router interfaces for every switch in the internetwork B. One router interface for every single VLAN C. One router interface for every switch in the internetwork D. One router interface into one switch port running a trunking protocol
QUESTION NO: 233 DR (Designated Router) is for environments where many routers on the same network such as Ethernet. In the following presented network, all routers are reloaded simultaneously, and DR is selected as expected. What is the CK-RTC status?
Ac
tua
Which two options will be taken into consideration when you need to have inter-VLAN communication and you have only an external router? (Choose two.)
lTe
sts
.co
A. at the IP Phone B. attheCK-PC C. at the access switch CK-S1 D. at the distribution switch CK-S2
177
Answer: C
A BGP attribute, or path attribute, is a metric used to describe the characteristics of a BGP path. Which of the following is a Cisco proprietary BGP path attribute? A. weight B. origin C. next-hop D. AS-path Answer: A
QUESTION NO: 235 One of the main features of OSPF is Multiple areas. Which statement explains the reason that this feature is such an important enhancement to earlier routing protocols? A. The use of multiple areas allows for the use of prioritization. "Pass Any Exam. Any Time." - www.actualtests.com 178
Ac
tua
QUESTION NO: 234
lTe
sts
A. 2WAY/DR B. FULL/DROTHER C. FULL/BDR D. FULL/DR
.co
Cisco 642-892: Practice Exam B. All computation is kept within the area, with minimum communication between the areas, allowing the network to scale to larger sizes. C. It is easier to implement security. D. The network domain, when divided into areas, allows for the use of both IANA classful addressing and private addressing. Answer: B
QUESTION NO: 236 Which of the following items can PAgP form a bundle from? A. Only statically assigned VLAN ports B. Ports using different duplex types C. Dynamically assigned VLAN ports D. Dynamically and statically assigned VLAN ports Answer: A
QUESTION NO: 237
Ac
tua
lTe
According to the displayed configuration in the exhibit below, do you know how CK-R5 will handle the hello packets sent by CK-R2 in OSPF area 5?
sts
.co
179
Answer: C
QUESTION NO: 238 Which three statements correctly describe PVST+? (Choose three.) A. It is a Cisco proprietary protocol. B. It adds checking mechanisms to make sure there are no configuration problems on trucked ports and VLAN IDs across switches. C. It is set on a port-by-port basis.
Ac
A. The Hello packets are to be exchanged but the routers CK-R2 and CK-R5 would be neighbors only. B. The Hello packets are to be discarded but the routers CK-R2 and CK-R5 will be neighbors. C. The Hello packets will be dropped and no adjacency will be built between routers CK-R2 and CK-R5. D. The Hello packets are to be exchanged and adjacency are to be established between routers CK-R2 and CK-R5.
tua
lTe
sts
.co
180
Cisco 642-892: Practice Exam D. It enables Cisco switches to support the IEEE 802.1Q standard. Answer: A,B,D
QUESTION NO: 239 When using the route map presented in the following exhibit, what will happen? (Choose three.)
A. The map prohibits the redistribution of all type 2 external OSPF routes with tag 6 set. B. The map prohibits the redistribution of all external OSPF routes with tag 6 set. C. All routes that do no match clauses 10 and 20 of the route map are redistributed with their tags set to D. The map allows the redistribution of all type 1 external OSPF routes. Answer: A,C,D
QUESTION NO: 240 Which two statements are correct concerning Level 2 routers?(choose two) A. Level 2 routers can send updates between routing areas. B. Level 2 routers must be placed contiguously.
Ac
tua
lTe
sts
.co
181
Cisco 642-892: Practice Exam C. Level 2 routers must be in the same area. D. Level 2 routers are similar to OSPF stub routers. Answer: A,B
QUESTION NO: 241 A trunk link is the other type of Layer 2 port supported on Cisco switches. When a trunk port is configured, it begins marking frames as they exit the port to indicate which VLAN each frame is associated with. If a trunk link is configured with IEEE 802.1Q encapsulation, which of the following will be the maximum Ethernet frame size? A. 1548 Bytes B. 1518 Bytes C. 1500 Bytes D. 1522 Bytes Answer: D
QUESTION NO: 242
Answer: A,B
QUESTION NO: 243 On the basis of the output provided below, in order to create a default route into the OSPF domain, which command sequence should be added to CK-R1?
Ac
A. If Level 1, both must be in the same area. B. The system ID must be unique. C. Hello timers. D. Both must be configured at the same level of routing (1 or 2).
tua
lTe
For an IS-IS adjacency to be formed and maintained, which of the following should both interfaces agree on?(choose two)
sts
.co
182
Answer: C
QUESTION NO: 244
A. STP protocol B. Port cost C. Path cost D. Port priority Answer: B,C,D
QUESTION NO: 245 If RTA wants to advertise all local interfaces over OSPF, which configuration command should be used? "Pass Any Exam. Any Time." - www.actualtests.com 183
Ac
Which three options can be used by STP to determine the best path to the root bridge? (Choose three.)
tua
lTe
A. ip default-gateway B. default-router C. default-information originate always D. ip default-network
sts
.co
Cisco 642-892: Practice Exam A. RTA(config)# router ospf 1 RTA(config-router)# network 0.0.0.0 B. RTA(config)# router ospf 1 RTA(config-router)# network 0.0.0.0 0.0.0.0 C. RTA(config)# router ospf 1 RTA(config-router)# redistribute static D. RTA(config)# router ospf 1 RTA(config-router)# redistribute connected Answer: D
QUESTION NO: 246 VLAN Trunking Protocol (VTP) is a Cisco proprietary Layer 2 messaging protocol that manages the addition, deletion, and renaming of VLANs on a network-wide basis. VTP reduces administration in a switched network. VTP information will be prevented from transmitting between switches by lacking which two? A. VLAN 1 B. a trunk port C. a root VTP server D. VTP priority Answer: A,B
QUESTION NO: 247
A. The root of the SPF tree B. The LSPs in the local database C. Whether an LSP has been fragmented D. The sequence number of the LSPs Answer: B,C,D
QUESTION NO: 248 For the following configuration tasks, which three are necessary to enable multicast Auto-RP? (Choose three.)
Ac
What will the command show isis database display?(choose three)
tua
lTe
sts
.co
184
Cisco 642-892: Practice Exam A. Perform IP multicast routing. B. Assign the default RP (for existing multicast networks). C. Assign the RP Mapping Agent. D. Advertise RP/group associations. Answer: B,C,D
QUESTION NO: 249 Observe the exhibit carefully. Both Routers CK1 and CK2 advertise network 131.25.0.0/16 to router CK3 via internal BGP. Why does router CK3 chose router CK1 as its best path to network 131.25.0.0/16.
A. It advertises the best origin code. B. It advertises the best MED. C. It advertises the best local preference. D. It has a better router ID. Answer: D
Ac
tua
lTe
sts
.co
185
Cisco 642-892: Practice Exam QUESTION NO: 250 Observe the following exhibit seriously; the neighbor relationship has been built between CK-R1 and CK-R2 which are exchanging routing information. Assume that you are a network technician, how will you design the network to make CK-R1 receive routing updates from CK-R2 without advertising any routes to CK-R2?
Answer: C
QUESTION NO: 251 Which statement is true regarding the MLSP discovery process? A. The MLS-SE sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- RPs then record the hello packet information. B. The MLS-SE sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- RPs then respond to these hello packets. C. The MLS-RP sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- SEs then record the hello packet information.
Ac
tua
A. CK-R2(config)# access-list 20 deny any CK-R2(config)# router eigrp 1 CK-R2(config-router)# distribute-list 20 out serial 0 B. CK-Rl(config)# access-list 20 permit any CK-Rl(config)# router eigrp 1 CK-Rl(config-router)# distribute-list 20 in serial 0 C. CK-Rl(config)# access-list 20 deny any CK-Rl(config)# router eigrp 1 CK-Rl(config-router)# distribute-list 20 out serial 0 D. CK-R2(config)# access-list 20 permit any CK-R2(config)# router eigrp 1 CK-R2(config-router)# distribute-list 20 in serial 0
lTe
sts
.co
186
Cisco 642-892: Practice Exam D. The MLS-RP sends hello packets to the multicast address 01-00-OC-DD-DD-DD. MLS- SEs then respond to these hello packets. Answer: C
QUESTION NO: 252 According to the following graphic, a wireless customer is moving towards CK-AP2 from right to left, why the wireless client will initiate roaming?
Answer: A,C,D
QUESTION NO: 253 Look at the graphic below, the connectivity between Cisco IP phone access port and the workstation CK-PC has been established, how to manage the traffic?
Ac
tua
A. The client has missed too many beacons from MS-API. B. The client data rate from CK-AP2 has been increased. C. The client data rate from CK-AP1 has been reduced. D. The maximum data retry count from CK-AP1 is exceeded.
lTe
sts
.co
187
Answer: C
QUESTION NO: 255 Voice traffic is random in nature and competes for a limited number of shared resources or voice channels. Much of today's voice traffic has migrated to wireless, cable, internet and other media while the traditional Public Switched Telephone Network (PSTN) provides legacy voice connectivity. Which three features are of voice traffic in the campus network? A. TCP retransmits
Ac
A. The route is entered with a cost of 20 (type 1) B. The route is not entered into the routing table. C. The route is read into OSPF with a cost of 20 (type E2). D. The route is entered with a cost of 0.
tua
Which action will be taken if no seed or default metric is configured for OSPF when redistributing EIGRP?
lTe
QUESTION NO: 254
sts
Answer: A
.co
A. The IP phone access port will override the priority of the frames received from the CK-PC. B. The IP phone access port would trust the priority of the frames received from the CK-PC. C. The switch port FaO/4 would neglect the priority of the frames received from the CK-PC. D. The switch port FaO/4 would trust the priority for the frames received from the CK-PC.
188
Cisco 642-892: Practice Exam B. drop sensitive C. delay sensitive D. UDP priority Answer: B,C,D
QUESTION NO: 256 Within the Internet, an Autonomous System (AS) is a collection of connected IP routing prefixes under the control of one or more network operators that presents a common, clearly defined routing policy to the Internet In the following diagram, each router in AS100 is configured with IGP and routing updates are successfully exchanging between those routers. AS200 and AS300 have established EBGP sessions via their directly connected routers in AS 100. Traffic from AS200 is unable to reach the destination AS300. How to configure the routers in AS100 to forward traffic coming from AS200 to AS300?
A. IBGP session should be established between CK-R1 and CK-R2 and CK-R2 and CK-R3, and the synchronization must be enabled. B. IBGP session should be established between routers CK-R1 and CK-R2 and CK-R2 and CKR3, and the synchronization must be disabled. C. IBGP speakers within autonomous 100 should be fully meshed, and the synchronization should be disabled. D. IBGP speakers within autonomous 100 must be fully meshed, and the synchronization must be turned off. "Pass Any Exam. Any Time." - www.actualtests.com 189
Ac
tua
lTe
sts
.co
QUESTION NO: 257 What is the purpose of the XTAG, and what is its significance? A. The XTAG is the MLS-SE ID and is used to identify each MLS-SE in the layer 2 network. Therefore, it must be unique across all switches. B. XTAG is a numerical value assigned by the MLS-SE to identify an MLS-RP. It is locally significant. C. XTAG is a numerical value assigned by the MLS-SE to identify an MLS-RP. It must be unique throughout the VTP domain. D. The XTAG is the MLS-RP router ID and is used to uniquely identify the MLS-RP to the MLSSE. It is a unique value throughout the layer 2 network. Answer: B
QUESTION NO: 258
Which command displays whether the ATT bit has been set? A. debugisis interface B. showisis database C. debug dns interface D. showisis hello packets Answer: B
QUESTION NO: 259
Which of the following criteria qualify a packet as a candidate packet? A. Any AC address associated with the MLS-RP B. Outbound packets destined for a remote host C. Incoming packets sourcing from 224.0.0.1 and destined for the MAC address of the MLS-SE D. Incoming packets sourcing a MAC address associated with the MLS-RP Answer: A
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam All the following descriptions are correct, which action will be taken first? A. If no match is found in the distribute list, the implicit deny any at the end of the access list will cause the update to be dropped. B. Advertise the route if matched by a permit statement. C. If a filter is present, the router examines the access list to see if there is a match on any of the networks in the routing update. D. Do not advertise the route if it is matched by a deny statement. Answer: C
QUESTION NO: 261 Which method is to limit the scope of a multicast network? A. RPF settings within the RP routers B. Passive interface applied to border interfaces C. TTL threshold setting on border interfaces D. Distribution lists within an IGP such as BGRP or OSPF Answer: C
QUESTION NO: 262
A. standby B. established C. active D. initial Answer: A,C,D
QUESTION NO: 263 Route filtering is the process by which certain routes are not considered for inclusion in the local route database, or not advertised to one's neighbors. Route filtering is particularly important for BGP on the global Internet, where it is used for a variety of reasons. Which three statements best describe route filtering? "Pass Any Exam. Any Time." - www.actualtests.com 191
Ac
tua
Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway. Which three of the following are possible HSRP router states on a LAN?
lTe
sts
.co
Cisco 642-892: Practice Exam A. After issuing the router rip and passive-interface s0/0 commands, the s0/0 interface will not send any RIP updates, but will receive routing updates on that interface. B. When using the passive-interface command with RIPv2, multicasts are sent out the specified interface. C. When you use the passive-interface command with EIGRP, hello messages are not sent out the specified interface. D. When you use the passive-interface command with OSPF, hello messages are not sent out the specified interface. Answer: A,C,D
QUESTION NO: 264 Study the exhibit carefully. Which Virtual Router Redundancy Protocol (VRRP) description is correct regarding the roles of the master virtual router and the backup virtual router?
Ac
tua
lTe
sts
.co
192
Cisco 642-892: Practice Exam A. Router CKB is the master virtual router, and Router CKA is the backup virtual router. When Router CKB fails, Router CKA will become the master virtual router. When Router CKB recovers, it will regain the master virtual router role. B. Router CKA is the master virtual router, and Router CKB is the backup virtual router. When Router CKA fails, Router CKB will become the master virtual router. When Router CKA recovers, it will regain the master virtual router role. C. Router CKA is the master virtual router, and Router CKB is the backup virtual router. When Router CKA fails, Router CKB will become the master virtual router. When Router CKA recovers, Router CKB will maintain the role of master virtual router. D. Router CKB is the master virtual router, and Router CKA is the backup virtual router. When Router CKB fails, Router CKA will become the master virtual router. When Router CKB recovers, Router CKA will maintain the role of master virtual router. Answer: B
Answer: B
QUESTION NO: 266
For the following items, which criteria activates an interface that is configured to use dense mode? (Choose two.) A. Directly connected hosts B. Directly connected PIM routers C. When the interface receives a prune statement from a directly connected PIM router D. Router configured as a border router Answer: A,B
Ac
tua
lTe
A. Summarized routes are unacceptable. B. They will appear in the OSPF routing table as type E2 routes. C. All imported routes are to be automatically summarized if possible. D. Only routes with lower administrative distances will be imported.
sts
Route redistribution (RR) has become an integral part of IP network design as the result of a growing need for disseminating certain routes across routing protocol boundaries. By default, which description is true when redistributing routes from other routing protocols into OSPF?
.co
QUESTION NO: 265
193
Cisco 642-892: Practice Exam QUESTION NO: 267 Which feature is a must for the BGP update packet? A. Weight B. LOCAL. PREF C. AS_Path D. AGGREGATOR Answer: C
QUESTION NO: 268 What are the differences between PIM DM and PIM SM? (Choose three.) A. PIM DM assumes that all PIM neighbors have active members directly connected and initially forwards multicast data out every interface. B. PIM SM requires an explicit join from a router before the router is added to the shared tree. C. PIM DM is based on a source root tree distribution mechanism. D. PIM SM is based on bidirectional shared root tree distribution. Answer: A,B,C
QUESTION NO: 269
In which way will the following route map configuration effect on OSPF routes redistributed into EIGRP?
Ac
tua
lTe
sts
.co
194
Answer: C
QUESTION NO: 270
Ac
On the basis of the following presented exhibit, what will happen after configuring the neighbor 10.1.1.1 weight 200 BGP configuration command on router CK-A?
tua
lTe
sts
A. Routes matching prefix-list pfx are forward with EIGRP metric 20000 2000 255 1 1500. B. All routes are redistributed. C. Routes without a tag of 6 and not matching prefix-list pfx have their tag set to 8. D. Routes with a tag of 6 are redistributed unchanged.
.co
195
Cisco 642-892: Practice Exam A. CK-A will prefer the path through CK-B for network 172.20.0.0. B. Packets from CK-D will prefer the path through CK-C for networks advertised by CK-A . C CK-A will prefer the path through CK-C for network 172.20.0.0. D. Packets from CK-D will prefer the path through CK-B for networks advertised by CK-A . Answer: A
QUESTION NO: 271 On the basis of the following configuration, users can not communicate through the router. What should be changed to fix the configuration?
Answer: D
QUESTION NO: 272
As presented in the figure, OSPF has been configured over a FR network. Each PVC is active. But, CK-R1 and CK-R3 are unable to see all OSPF routes in their routing tables. The command show ip ospf neighbor is issued on CK-R2 to display the neighbors' status. How to fix the problem?
Ac
tua
lTe
A. Illegal/inappropriate mask B. Pool is not applied C. Illegal IP address D. No default gateway in DHCP
sts
.co
196
Answer: D
QUESTION NO: 273
Which option will be used to search the bridging tables in a 3550 switch? A. Bridging database B. CAM C. TCAM D. DCAH Answer: C
QUESTION NO: 274 Intermediate system to intermediate system (IS-IS), is a protocol used by network devices (routers) to determine the best way to forward datagrams through a packet-switched network, a process called routing. Which three attributes are of the IS-IS routing protocol? A. link-state routing protocol B. operation is similar to BGP C. supports VLSM D. supports two routing levels within an autonomous system
Ac
tua
lTe
sts
.co
A. The ip ospf network broadcast command need to be issued on each Frame Relay interface. B. The neighbor command needs to be issued under the OSPF routing process on all routers. C. The ip ospf priority value on the hub router needs to be set to 0. D. The ip ospf priority value on the spoke routers should be set to 0.
197
Cisco 642-892: Practice Exam Answer: A,C,D
QUESTION NO: 275 What is the meaning of the term non-blocking when referring to an Ethernet switch? A. The switch has more than one bus. B. The switch has sufficient capacity to forward without delay. C. The switch has dual power supplies. D. The switch has enhanced management to allow frames to pass through undelayed. Answer: B
QUESTION NO: 276
Answer: C
QUESTION NO: 277
Which statement is correct about DiffServe? A. Packets forwarded using DiffServe parameters B. Packets forwarded by each DiffServe router using per-hop forwarding according to TOS C. Packets marked and forwarded by each DiffServe router D. Packets following a predetermined path through the DiffServe cloud Answer: B
QUESTION NO: 278 Which description is true about the routers that utilize eBGP to communicate with each other?
Ac
tua
lTe
A. dhow ip dhcp database B. show ip dhcp conflict C. show ip dhcp binding D. show ip dhcp pool
sts
.co
The following output is generated by which command? IP address Hardware address Lease expiration Type 172.16.1.11 00a0.9802.32de Feb 01 1998 12:00 AM Automatic
198
Cisco 642-892: Practice Exam A. Routers running different IGPs B. Routers within an autonomous system C. Routers in different autonomous systems D. Routers in different countries Answer: C
QUESTION NO: 279 You work as a network engineer. If a switch is running 'hybrid IOS,' what do you understand it to be using? A. IOS on the switch and CatOS on the router B. CatOS on the switch and IOS on the routing module C. Software that is a combination of CatOS and IOS D. Software that has commands from both operating systems running in tandem Answer: B
QUESTION NO: 280 Select three OSPF areas types. A. stub B. remote C. backbone D. ordinary or standard Answer: A,C,D
QUESTION NO: 281 Which queuing mechanisms will the 2950 switches support, running standard edition IOS software? (Choose three.) A. First in, first out queuing B. Low Latency Priority Queuing C. Weighted Round Robin Queuing D. Strict Priority Queuing Answer: A,C,D
Ac
tua
lTe
sts
.co
199
QUESTION NO: 282 Based on the graphic below, which Catalyst switch interface command should be issued in order for the switch to instruct the phone to override the incoming CoS from the CK-PC before sending the packet to the switch?
Answer: B
QUESTION NO: 283
A. The last 3 bytes (24 bits) of the multicast MAC address are 0x01-00-5E. This is a reserved value that indicates a multicast application. B. To calculate the Layer 2 multicast address, the host maps the last 23 bits of the IP address into the last 24 bits of the MAC address. The high-order bit is set to 0. C. The first 23 bits of the multicast MAC address are 0x01-00-5E. This is a reserved value that indicates a multicast application. D. The first 3 bytes (24 bits) of the multicast MAC address are 0x01-00-5E. This is a reserved value that indicates a multicast application. Answer: B,D
QUESTION NO: 284
Ac
tua
In computer networking a multicast address is an identifier for a group of hosts that have joined a multicast group. Multicast addressing can be used in the Link Layer (OSI Layer 2), such as Ethernet Multicast, as well as at the Internet Layer (OSI Layer 3) as IPv4 or IPv6 Multicast. Which two descriptions are correct regarding multicast addressing?
lTe
sts
.co
A. switchport priority extend cos 11 B. switchport priority extend cos 2 C. mis qos cos 2 D. mis qos cos 2 override
200
Cisco 642-892: Practice Exam Which one of the following commands is used to display the non-configured entries in a CAM table on a 2950 series switch? A. show cam dynamic B. show cam C. Show Bridge dynamic D. show dynamic cam Answer: A
QUESTION NO: 285 When a show port capabilities command on a 4000 series router shows that a port is type 2qlt, what does that mean? A. The port has two configurable queues, with one drop threshold. B. The port has two queues but a single timer. C. The port has one configurable queue with two drop thresholds. D. The port has the option of one or two configurable queues. Answer: A
QUESTION NO: 286
A. Under the router eigrp mode add redistribute igrp 123 subnets B. Under the router igrp mode add redistribute eigrp 123 C. Under the router eigrp mode add redistribute igrp 123 D. None, BGRP and IGRP are automatically redistributed in this instance. Answer: D
QUESTION NO: 287 Given the following items, which IP is used for the source address of BGP traffic in the absence of the command update-source?
Ac
According to the following output, can you tell me which command can redistribute IGRP into EIGRP? Router eigrp 123 Network 10.10.10.0 No auto-summary i Router igrp 123 Network 172.16.0.0 Network 172.17.0.0
tua
lTe
sts
.co
201
Cisco 642-892: Practice Exam A. Router ID B. 0.0.0.0 C. Derived from the AS D. Output interface Answer: D
QUESTION NO: 288 Which statement is correct about Weighted Round Robin Queuing? A. A queuing mechanism where each queue is of configurable length and is serviced using strict priority B. A queuing mechanism where each queue is of configurable length and is serviced in turn C. A queuing mechanism where each queue is the same length and is serviced in turn D. A queuing mechanism where each queue is of different length and is serviced in priority of size Answer: B
QUESTION NO: 289
A. 192.168.1.49 B. 10.1.1.1 C. io.i.i.2 D. 192.168.1.50 Answer: D
QUESTION NO: 290
Ac
tua
lTe
Study the following figure carefully, which address is to be listed as the next-hop address when CK-RTB passes BGP advertisements from CK-RTA about network 192.168.2.0 to CK-RTC?
sts
.co
202
Cisco 642-892: Practice Exam Which interface command sets the standby IP address on VLAN1 interface to 192.168.1.200? A. ip address 192.168.1.200 standby B. standby 1 ip address 192.168.1.200 C. standby 1 ip 192.168.1.200 D. hsrp address 192.168.1.200 Answer: C
QUESTION NO: 291 Which of the following is BGP next hop (by default) set to? A. Your BGP neighbor B. The local router C. The first router in the advertising AS D. The first router in the AS Answer: C
QUESTION NO: 292
In the process of designing VLAN, which two recommended practices are correct? A. Routing will not be implemented between VLANs located on separate switches. B. Routing should always be performed at the distribution layer. C. VLANs will be localized to a single switch unless utilizing voice VLANs. D. VLANs should be localized to a switch. Answer: B,D
QUESTION NO: 293 Which statement is correct concerning the BGP local-preference attribute? A. It is proprietary B. BGP prefers the highest value C. Only used outside an AS D. Default value is zero Answer: B
Ac
tua
lTe
sts
.co
203
Cisco 642-892: Practice Exam QUESTION NO: 294 Given the following route map, what will be the local-preference for 192.168.26.0/24?
Answer: C
QUESTION NO: 295
Ac
Voice over Internet Protocol (VoIP) is a general term for a family of transmission technologies for delivery of voice communications over IP networks such as the Internet or other packet-switched networks. Which of the following describes the order while placing a VoIP call I from IP phone CKP1 to IP phone CK-P2?
tua
lTe
sts
.co
A. 100 B. 200 C. 150 D. 0
204
Answer: D
QUESTION NO: 296 Gateway Load Balancing Protocol (GLBP) protects data traffic from a failed router or circuit, like Hot Standby Router Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP), while allowing packet load sharing between a group of redundant routers. Which method used by GLBP permits the AVG to prefer one GLBP router as the AVF over other GLBP routers until its tracked interface goes down, while another router will be more preferred? A. glbp group load-balancing round-robin
Ac
A. RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2. IP phone CK-P1 alerts the CK-CCM of off-hook state. CK-CCM instructs IP phone CK-P1 to provide diaitone. IP phone CK-P1 passes digits to CK-CCM. CK-CCM routes call to PSTN or IP phone CK-P2. B. CK-CCM instructs IP phone CK-P1 to provide diaitone. IP phone CK-P1 alerts the CK-CCM of off-hook state. IP phone CK-P1 passes digits to CK-CCM. CK-CCM routes call to PSTN or IP phone CK-P2. RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2. C. CK-CCM instructs IP phone CK-P1 to provide diaitone. IP phone CK-P1 alerts the CK-CCM of off-hook state. IP phone CK-P1 passes digits to CK-CCM. RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2. CK-CCM routes call to PSTN or IP phone CK-P2. D. IP phone CK-P1 alerts the CK-CCM of off-hook state. CK-CCM instructs IP phone CK-P1 to provide dialtone. IP phone CK-P1 passes digits to CK-CCM. CK-CCM routes call to PSTN or IP phone CK-P2. RTP traffic is exchanged between IP phone CK-P1 and IP phone CK-P2
tua
lTe
sts
.co
205
Cisco 642-892: Practice Exam B. no glbp group load-balancing C. glbp group load-balancing host-dependent D. glbp group load-balancing weighted Answer: D
QUESTION NO: 297 Multipath interference is a phenomenon in the physics of waves whereby a wave from a source travels to a detector via two or more paths and, under the right condition the two (or more) components of the wave interfere. Observe the following graphic seriously, at the CK-client end, the signal transmitted from the CK-AP is reflected off a wall resulting in multipath interference. Which description is correct?
Answer: D
QUESTION NO: 298 Which command will display the multicast groups? A. show multicast router B. show multicast group C. show igmp interface D. ip igmp snooping
Ac
A. If signal 2 is dose to 360 degrees out of phase with signal1, the result is essentially zero signal or a dead spot in the WLAN. B. Multipath interference is solved by using dual antennas. C. Multipath interference is less of an issue when using a DSSS technology because multipath is frequency selective. D. The transmitted signal from the CK-AP arrives at the CK-client at slightly different times resulting in phase shifting.
tua
lTe
sts
.co
206
Cisco 642-892: Practice Exam Answer: B
QUESTION NO: 299 Which function is implemented with extension headers? A. Fragmentation B. Checksum C Flow labels D. TCP Answer: A
QUESTION NO: 300
Answer: A,D
QUESTION NO: 301
A mobile IPv6 binding is an association between which of the following?(choose two) A. Home address B. Prefix C. Correspondent nodes D. Care-of address Answer: A,D
QUESTION NO: 302 Which item is supported by OSPFv3 instead of OSPFv2?
Ac
tua
lTe
A. DR and BDR elections will occur. B. All routers must be configured in a fully meshed topology with all other routers. C. DR and BDR elections will not occur. D. The neighbor command is required to build adjacencies.
sts
.co
Which two of the following are correct after enabling OSPF across an NBMA network and issuing the command ip ospf network nonbroadcast?
207
Cisco 642-892: Practice Exam A. NBMA networks B. NSSAs C. Multiple OSPF processes D. 128-bit prefixes Answer: D
QUESTION NO: 303 In order to enable IPv6 routing on a Cisco router, which command will necessarily be used? A. ipv6 routing B. ipv6 unicast-routing C. None, IPv6 routing is enabled by default. D. ipv6 address Answer: B
Which statement best describes Dual stack? A. Running IPv4 and IPv6 at the same time B. Passing IPv6 through UDP C. Process interception D. Translating IPv4 traffic to IPv6 Answer: A
QUESTION NO: 305
6to4 is a system that allows IPv6 packets to be transmitted over an IPv4 network (generally the IPv4 internet) without the need to configure explicit tunnels. How is a 6-to-4 tunnel different than a manually configured tunnel? A. It is not a dual-stack solution. B. It uses NAT-PT. C. Automatic tunnel creation. D. IPv6 addresses are embedded in IPv4 addresses. Answer: C
Ac
tua
lTe
sts
QUESTION NO: 304
.co
208
QUESTION NO: 306 An administrator would like to configure a switch over a virtual terminal connection from locations outside of the local LAN. Which of the following are required in order for the switch to be configured from a remote location? (Choose two.) A. The switch must be configured with an IP address, subnet mask, and default gateway. B. The switch must be connected to a router over a VLAN trunk. C. The switch must be reachable through a port connected to its management VLAN. D. The switch console port must be connected to the Ethernet LAN. Answer: A,C
QUESTION NO: 307
A. The command establishes a static route. B. The command invokes a dynamic routing protocol for 192.168.12.0. C. Traffic for network 192.168.12.0 is forwarded to 172.16.12.1. D. Traffic for all networks is forwarded to 172.16.12.1. Answer: A,C
QUESTION NO: 308
Ac
tua
lTe
sts
The network administrator of the CK-A router adds the following command to the router configuration: ip route 192.168.12.0 255.255.255.0 172.16.12.1. What are the results of adding this command? (Choose two.)
.co
209
Cisco 642-892: Practice Exam The network administrator has found the following problem. The remote networks 172.16.10.0, 172.16.20.0, and 172.16.30.0 are accessed through the Central router's serial 0/0. No users are able to access 172.16.20.0. After reviewing the command output shown in the graphic, what is the most likely cause of the problem?
Answer: C
QUESTION NO: 309 Which command will provide you with information regarding the Layer 3 configuration of directly connected router interfaces? A. show ip interface B. show cdp neighbors C. show cdp neighbors detail D. show ip route
Ac
A. no gateway of last resort on Central B. Centra!router's not receiving 172.16.20.0 update C. incorrect static route for 172.16.20.0 D. 172.16.20.0 not located in Central's routing table
tua
lTe
sts
.co
210
QUESTION NO: 310 Observe the following commands, which two can correctly configure a router to perform OSPF and to add network 192.168.16.0/24 to OSPF area 0? (Choose two.) A. Router(config-router)# network 192.168.16.0 255.255.255.0 area 0 B. Router(config)# router ospf 1 C. Router(config-router)# network 192.168.16.0 0.0.0.255 0 D. Router(config-router)# network 192.168.16.0 0.0.0.255 area 0 Answer: B,D
QUESTION NO: 311
Configure a router with EIGRP as the only routing protocol. If there is no feasible successor route to a destination network and the successor route fails, how does EIGRP respond? A. It automatically forwards traffic to a fallback default route until a new successor route is found. B. It immediately sends its entire routing table to its neighbors. C. EIGRP sends a Hello packet to the DR to inform it of the route failure. D. It sends queries out to neighbors until a new successor route is found.
Which port of CK-Sw2 is receiving BPDUs according to the diagram presented in the network?
Ac
QUESTION NO: 312
tua
Answer: D
lTe
sts
.co
211
Answer: D
QUESTION NO: 313
A. Core2(config)# line con 0 Core2(config-line)# password Cisco B. Core2(config)# interface vlan 1 Core2(config-if)#ip address 192.168.1.11 255.255.255.248 C. Core2(config)# line vty 0 4 Core2(config-line)# password Cisco D. Core2(config)# ip default-gateway 192.168.1.9 Answer: B,C,D
Ac
According to the following diagram, both the switches Core and Core2 are Catalyst 2950s. The addressing scheme for each company site is as follows: Router Ethernet port - 1st usable address Core - 2nd usable address Core2 - 3rd usable address For this network, which three commands need to be configured on Core2 to allow it to be managed remotely from any subnet on the network? (Choose three.)
tua
lTe
sts
.co
A. Fa 0/2 only B. Fa 0/3 only C. Fa 0/1 and Fa 0/2 only D. Fa 0/1 and Fa 0/3 only
Cisco 642-892: Practice Exam Look at the figure below: the two routers CK-R1 and CK-R2 share the routing information through EIGRP. The yellow colored is configuration for CK-R2. What do you think will be the result of the configuration?
Answer: A
QUESTION NO: 315
Ac
Look at the following exhibit. Presume an IGP is correctly operating inside AS64192. As to BGP operation in AS64192, which two of the following statements are true? (Choose two)
tua
lTe
A. Only the 172.16.0.0 network will be advertised to neighbors on the 192.168.2.0 network. B. All networks will be advertised to the 192.168.2.0 network neighbors, except the 172.16.0.0 network. C. Only such routes will be advertised to the 192.168.2.0 network neighbors: routes learned by CK-R2 and from the interface connected to the network 172.16.0.0. D. No routes learned by CK-R2 from the interface connected to the 172.16.0.0 network will be advertised to the 192.168.2.0 network neighbors.
sts
.co
213
Answer: C,D
QUESTION NO: 316
A. the CIR rate of the highest speed connection B. the CIR rate of the lowest speed connection C. the number of connections divides the sum of all the CIRs D. the number of circuits multiplies the CIR rate of the lowest speed connection Answer: D
QUESTION NO: 317 Which is the right order of the BGP attributes used for determining a route? 1. Weight 2. MED 3. AS_Path 4. Originate route "Pass Any Exam. Any Time." - www.actualtests.com 214
Ac
tua
CK has configured EIGRP to operate over Frame Relay multipoint connections. What do you think the bandwidth command should be set to?
lTe
sts
.co
A. CK-RT2 used the BGP command neighbor 192.168.33.1 ebgp-multihop B. CK-RT1 used the BGP command neighbor 192.168.33.1 remote-as 64192 C. CK-RT2 used the BGP command neighbor 192.168.33.1 remote-as 64192 D. PS4-RT2 used the BGP command update-source loopback 0
Cisco 642-892: Practice Exam 5. Local preference A. 5, 1, 4, 3, 2 B. 1, 5, 4, 2, 3 C. 2, 3, 1, 5, 4 D. 4, 3, 2, 1, 5 Answer: B
QUESTION NO: 318 With reference to the exhibit, which statement is right about the router configuration shown?
A. This configuration will do nothing as it is also the 192.168.23.1 IP address that applies to the id helper-address command needs. B. Any DHCP requests received by this interface will be unicasted by the router out to all addresses included in the ip helper-address commands. C. Any DHCP requests received by this interface will be rebroadcasted by the router out to all addresses included in the ip helper-address commands. D. Any UDP broadcasts received by this interface will be rebroadcasted by the router out to all addresses included in the ip helper-address commands. Answer: B
QUESTION NO: 319 You are troubleshooting an EIGRP connectivity problem. Two connected EIGRP routers are found not becoming EIGRP neighbors. You attempt to ping between the two routers and succeed. What should you check next?
Ac
tua
lTe
sts
.co
215
Cisco 642-892: Practice Exam A. Confirm that EIGRP is enabled for the proper networks on the local and neighboring router. B. Confirm that EIGRP broadcast packets are not being dropped between the two routers with the show ip BGRP traffic command. C. Confirm that EIGRP broadcast packets are not being dropped between the two routers with the show ip EIGRP peer command. D. Confirm that the EIGRP hello and hold timers match precisely. Answer: A
QUESTION NO: 320 During the implementation of 0SPFv3, which of the following description is right for the configuration of OSPF areas? A. In router configuration mode, the OSPFv3 areasnetwork are allotted by the network wildcard area ID combination. B. In interface configuration mode, the OSPFv3 areas interfaces are allotted by the OSPFv3 area ID combination. C. In router configuration mode, the OSPFv3 areas interfaces are allotted by the IPv6 OSPF interface area ID combination. D. In interface configuration mode, the OSPFv3 areas interfaces are allotted by IPv6 OSPF process area ID combination Answer: D
QUESTION NO: 321
Ac
Look at the following figure. You employ Router CK-R1 as a relay device for auto configuration of switch CK-S1. Which configuration should you use?
tua
lTe
sts
.co
216
A. CK-Rl(config)# interface fastethernet 0/0 CK-Rl(config-if)# ip helper-address 20.0.0.2 CK-Rl(config-if)# ip helper-address 20.0.0.3 CK-Rl(config-if)# ip helper-address 20.0.0.4 CK-Rl(config-if)# exit CK-Rl(config)# interface fastethernet 0/1 CK-Rl(config-if)# ip helper-address 10.0.0.1 B. CK-Sl(config)# interface fastethernet 0/1 CK-Sl(config-if)# ip helper-address 10.0.0.2 CK-R2(config)# interface fastethernet 0/0 CK-R2(config-if)# ip helper-address 20.0.0.1 CK-R3(config)# interface fastethernet 0/0 CK-R3(config-if)# ip helper-address 20.0.0.1 CK-R4(config)# interface fastethernet 0/0 CK-R4(config-i0# ip helper-address 20.0.0.1 C. CK-Rl(config)# interface fastethernet 0/0 CK-Rl(config-if)# ip helper-address 20.0.0.1 CK-R2(config)# interface fastethernet 0/0 CK-R2(config-if)# ip helper-address 20.0.0.1 CK-R3(config)# interface fastethernet 0/0 CK-R3(config-if)# ip helper-address 20.0.0.1 CK-R4(config)# interface fastethernet 0/0 CK-R4(config-if)# ip helper-address 20.0.0.1 D. CK-Sl(config)# interface fastethernet 0/1 CK-Sl(config-if)# ip helper-address 20.0.0.1 Answer: A
Ac
tua
lTe
sts
.co
217
Cisco 642-892: Practice Exam QUESTION NO: 322 Look at the following figure. You are required to build a BGP neighbor relationship between routers CK-R1 and CK-R4. BGP packets between them could pass through CK-R2 or CK-R3. Which do you think is the simplest configuration that will allow for failover?
Answer: B
QUESTION NO: 323
Supposing that the primary path goes down, in order to reach a destination, what will EIGRP use? A. successor B. administrative distance C. feasible successor D. advertised successor Answer: C
QUESTION NO: 324
Ac
tua
lTe
A. Configure only one neighbor relationship between CK-Rl's 192.168.1.2 interface and CK-R4's 172.16.10.2 interface. B. Configure loopback interfaces on CK-R1 and CK-R4 to supply BGP packets with the update source address. C. Configure BGP neighbor relationships between all interfaces on CK-R1 and CK-R4. D. Install a direct connection between CK-R1 and CK-R4.
sts
.co
218
Cisco 642-892: Practice Exam Look at the following exhibit. Choose two correct statements regarding the PIM sparse mode network! (Choose two)
Answer: A,D
QUESTION NO: 325
If you want to allow a switch to decide which ports to forward IP multicast messages to, what methods may be effective? (Choose three) A. IGMP B. CGMP C. IGMP snooping D. static assignment Answer: B,C,D
QUESTION NO: 326 With regard to EIGRP neighbor router authentication, choose two correct statements. (Choose two) A. MD5 authentication is necessary. "Pass Any Exam. Any Time." - www.actualtests.com 219
Ac
tua
lTe
sts
A. The multicast source is connected to the serial 1/4 interface. B. The multicast source is directly connected to this router. C. The multicast receiver is directly connected to this router. D. The RP for this network is this router.
.co
Cisco 642-892: Practice Exam B. Simple password or MD5 authentication may be used. C. With MD5 authentication, the key is sent across, but it is encrypted. D. With authentication configured, the router verifies the source of each routing update packet that it receives from a neighboring router. Answer: B,D
QUESTION NO: 327 Which statement is correct based upon the following output from the show command on CK-RT1?
QUESTION NO: 328 After we have entered the passive-interface router configuration command, which routing protocol will keep on receiving and processing routing updates from neighbors? A. is-is B. OSPF C. RIP D. EIGRP Answer: C
Ac
Answer: A
tua
A. OSPFv3 establishes neighbor adjacencies by using Link-local addresses. B. OSPFv3 establishes neighbor adjacencies by using IPv4 addresses. C. OSPFv3 establishes neighbor adjacencies by using global IPv6 addresses. D. CK-RT1 owns a subnet mask of 64 bits.
lTe
sts
.co
220
QUESTION NO: 329 What is the MAC address that comes from the multicast address 239.255.0.1? A. Ol-Ol-ef-ff-00-01 B. 10-00-ef-ff-OO-Ol C. 01-00-5e-7f-00-01 D. 00-00-00-7f-00-01 Answer: C
QUESTION NO: 330 Look at the following figure. What should be done to fulfill the IPv6 routing configurations shown?
Ac
tua
lTe
sts
.co
221
Cisco 642-892: Practice Exam A. IP unicast routing should be enabled. B. IPv4 addresses must be applied to the interfaces. C C. Interface authentication must be configured. D. The routing processes must be configured with an area ID. Answer: A
QUESTION NO: 331 Look at the following exhibit. You have just configured EIGRP on all routers in the network. In order that only the delay metric is used in the path calculations, you add the command metric weights 0 0 1 0 0 to the EIGRP process. Which router will be the successor of the CK-R1 and possible successor of Network A?
Answer: C
QUESTION NO: 332 What is the difference between the configuration of a totally stubby area and that of a stub area? A. The totally stubby area requires the no-summary command on all routers. B. The totally stubby area requires the totally stubby command on all routers. C. The no-summary command should be included on the ASBR within the totally stubby area. D. The no-summary command should be included on the ABR within the totally stubby area.
Ac
A. CK-R2 will be the successor and will be placed in the routing table. CK-R4 becomes the possible successor for Network A. B. CK-R2 will be the successor and will be placed in the routing table. No possible successor will be selected as the reported distance from CK-R4 is lower than the possible distance. C. CK-R4 will be the successor for Network A and will be included in the routing table. No possible successor will be selected as the advertised distance from CK-R2 is higher than the feasible distance. D. CK-R4 will be the successor for Network A and will be placed in the routing table. CK-R2 becomes the possible successor for Network A.
tua
lTe
sts
.co
222
QUESTION NO: 333 The IP multicast global configuration command ip pim send-rp-announce loopback0 scope 31 group-list 5 issued on multicast router RTA. What are the two results? (Choose two) A. RTA will originate RP announcements with TTL set to 31. B. RTA will drop all RP announcements it receives if the TTL field is greater than 31. C. RTA will forward RP announcements provided they are within the scope of 31. D. RTA will originate RP announcements for multicast groups that match access-list 5. Answer: A,D
QUESTION NO: 334
Answer: D
QUESTION NO: 335
What is the meaning of the default value of the EIGRP variance command of 1? A. Only the path that is the feasible successor should be used. B. The router only performs equal-cost load balancing on all paths that have a metric greater than 1. C. Load balancing is disabled on this router. D. The router performs equal-cost load balancing. Answer: D
Ac
tua
lTe
A. Active B. Update C. Query D. SIA
sts
From the show ip eigrp topology command output, which code is the indication of a convergence problem for the associated network?
.co
Cisco 642-892: Practice Exam Which two statements best describe Aironet enterprise solution? (Choose two.) A. A Cisco Aironet AP handles the transmission of beacon frames and also handles responses to probe-request frames from clients. B. Virtual MAC architecture allows the splitting of the 802.11 protocol between the Cisco Aironet AP and a LAN switch. C. A Cisco Aironet solution contains intelligent Cisco Aironet access points (APs) and Cisco Catalyst switches. D. The Cisco Aironet AP handles real-time portions of the LWAPP protocol, and the WLAN controller handles those items which are not time sensitive. Answer: A,D
QUESTION NO: 337 Look at the partial configurations in the following figure, what address is applied for DR and BDR identification on CK-R1?
A. the configured router-id address B. an arbitrarily generated internal address C. the sequential 1/1 address D. the sequential 2/0 address Answer: A
Ac
tua
lTe
sts
.co
224
Cisco 642-892: Practice Exam QUESTION NO: 338 The following exhibit shows ipv6 route output. What would the metric be for a summary route that summarizes all three OSPFv3 routes displayed?
Answer: D
QUESTION NO: 339
A. Make sure that synchronization is off. B. Configure next-hop-self on CK-B C. Configure next-hop-self on all IBGP peers. D. Redistribute BGP into the IGP routing protocol.
Ac
tua
lTe
Look at the figure below: CK-F is advertising the 172.16.0.0 network to CK-B through EBGP. In order that the path to the 172.16.0.0 network is available to all of CK-B's IBGP peers, which two configuration options could be utilized, independently? (Choose two)
sts
.co
A. 160 B. 140 C. 120 D. 100
225
Cisco 642-892: Practice Exam Answer: B,D
QUESTION NO: 340 Which two advantages are of IGMP v2 over IGMPvl ?(choose two) A. Group-specific queries B. Source Filtering C. Group Leaves D. Group Joins Answer: A,C
QUESTION NO: 341
Observe the following graphic carefully, could Area 1 allow redistributed RIP routes from OSPF Area 2? And why?
Ac
QUESTION NO: 342
tua
Answer: A,B,D
lTe
A. Prohibit virtual links. B. The area should not be a backbone area. C. Interarea routes are suppressed. D. Prohibit autonomous system border routers.
sts
.co
Stub areas are areas through which or into which AS external advertisements are not flooded. An OSPF stub area has no external routes in it, so you cannot redistribute from another protocol into a stub area. Which three items are limitations for OSPF stub areas?
226
Cisco 642-892: Practice Exam A. Because Area 1 is an NSSA, redistributed RIP routes will not be allowed. B. RIP routes will be allowed in Area 1 only if they are first redistributed into EIGRP. C. Redistributed RIP routes are allowed in Area 1 because they are changed into type 5 LSAs in Area 0 and passed on into Area 1. D. Because NSSA will drop type 7 LSAs, redistributed RIP routes will not be allowed in Area 1. Answer: A
QUESTION NO: 343 Why are LED 0 and LED 1 on an Aironet card blinking alternately? A. The Aironet card is joined to a network, and there is network activity. B. The Aironet card is looking for a network association. C. The Aironet card is in power save mode. D. The Aironet card is joined to a network, but there is no network activity. Answer: B
Ac
tua
Observe the following exhibit carefully the interfaces addresses on CK-RA are 192.168.1.1 and 172.16.1.1, while the interfaces addresses on CK-RB are 172.16.1.2 and 10.1.1.2. CK-RA serial link is used to connect the two routers. Which command can be issued to configure CK-RB with RIPv2?
lTe
sts
.co
227
Answer:
QUESTION NO: 345 Which one of the following items gives the correct sequence of the association between a wireless client and a wireless access point? A. 1. Client sends probe request. 2. Access point sends probe response. 3. Client initiates association. 4. Access point accepts association. 5. Access point adds client MAC address to association table. B. 1. Client sends probe request. 2. Access point sends probe response. "Pass Any Exam. Any Time." - www.actualtests.com 228
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam 3. Access point initiates association. 4. Client accepts association. 5. Access point adds client MAC address to association table. C. 1. Access point sends probe request. 2. Client sends probe response. 3. Client initiates association. 4. Access point accepts association. 5. Access point adds client MAC address to association table. D. 1. Access point sends probe request. 2. Client sends probe response. 3. Client initiates association. 4. Access point accepts association. 5. Client adds access point MAC address to association table.
QUESTION NO: 346
Answer: B,C,D
QUESTION NO: 347 Cisco Wireless LAN Controllers are responsible for system wide wireless LAN functions, such as security policies, intrusion prevention, RF management, quality of service (QoS), and mobility. Observe the following exhibit carefully the lightweight wireless architecture uses split MAC method to split the 802.11 data processing and management protocols and the functionality of access point between the WLAN controller and the access point. Choose three functionalities that are handled by the WLAN controller.
Ac
tua
A. TEST1 has a lower VTP configuration revision than the current VTP revision. B. TEST1 is configured as a VTP server with the domain name main1. C. TEST1 has a higher VTP configuration revision than the current VTP revision. D. TEST1 is configured with only VLAN1.
lTe
VTP is short for VLAN Trunking Protocol. Your customer's network is operating VTP with a domain named main1. On this network, VLANs 1,2,3,4,5,10,20 are active. All of a sudden, the entire network goes down. Traffic only passes on VLAN1 and all switches are working. A switch called Test1 was added to the network just before this malfunction appeared. What is the problem with Test1?
sts
.co
Answer: A
229
A. the response to Probe Request frames from clients B. 802.11 authentication C. 802.11 association and re-association (mobility) D. 802.11 frame translation and bridging Answer: B,C,D
QUESTION NO: 348
A. A B. B C. C D. D E. E F. F "Pass Any Exam. Any Time." - www.actualtests.com 230
Ac
tua
lTe
sts
You are a network technician of your company. Now you are tasked to configure the switches and router in this network so that the hosts in VLAN3 and VLAN4 could communicate with the server in VLAN2. According to the exhibit, which two Ethernet segments should be configured as trunk links?
.co
Cisco 642-892: Practice Exam Answer: C,F
QUESTION NO: 349 A wireless repeater is a computer networking device which acts as a repeater between a wireless router and computers. Typical use of a wireless repeater is to add one when your computer is too far away from any of the buildings' other wireless access points. If setting up properly, it will then extend the range of the local wireless network. Which two descriptions are correct with regard to a wireless repeater topology? A. A wireless repeater is an access point not connecting to the wired LAN. B. A 15 - 25 percent overlap is needed for this topology between a wired access point and the wireless repeater. C. The SSID of the root access point must be configured on the repeater access point. D. The repeater access point should use a different channel from what the root access point uses to avoid interference. Answer: A,C
QUESTION NO: 350
Ac
tua
The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. It maintains a table of IP networks or 'prefixes' which designate network reach ability among autonomous systems (AS). Look at the following graphic seriously, BGP are operating on CK-RTA and CKRT8, but the session is active. In order to establish BGP session, which command should be increased?
lTe
sts
.co
231
Answer: A
QUESTION NO: 351 According to the information presented in the following exhibit, can you tell me the reason that the trust state of interface FastEthernet 0/3 displays "not trusted"?
Ac
tua
A. ip route 10.10.10.1 255.255.255.255 s0/0 ip route 10.10.10.1 255.255.255.255 s0/1 B. no synchronization C. network 10.10.10.0 D. neighbor 10.10.10.1 next-hop-self
lTe
sts
.co
232
Ac
tua
lTe
sts
.co
233
According to the diagram displayed below, which address can summarize the presented networks successfully?
Ac
QUESTION NO: 352
tua
Answer: D
lTe
A. The command mis qos needs to be turned on in global configuration mode. B. DSCP map needs to be configured for VOIP. C. ToS has not been configured. D. There is not a Cisco Phone attached to the interface.
sts
.co
234
Answer: C
QUESTION NO: 353
Assume that you are a network technician of your company. Recently, you have designed an access list to block the Accounting Department HTTP traffic from reaching the HR server which is attached to the CK2 router. When grouped with the eO interface on the CKl router, which access list can achieve this goal?
Ac
tua
lTe
sts
A. 192.168.0.0/24 B. 192.168.8.0/20 C. 192.168.8.0/21 D. 192.168.12.0/20
.co
235
Answer: D
QUESTION NO: 354
router bgp 65111 neighbor 172.16.1.1 remote-as 65111 neighbor 172.16.2.1 remote-as 65112 network 192.168.0.0 network 10.0.0.0 i ip route 192.168.0.0 255.255.0.0 null0
A. The network 192.168.0.0 statement is missing mask 255.255.0.0 B. The auto-summary configuration is missing. C. The network 192.168.0.0 statement is missing mask 0.0.255.255. D. The network 10.0.0.0 statement is missing mask 255.0.0.0. Answer: A
Ac
tua
The Border Gateway Protocol (BGP) is the core routing protocol of the Internet. It maintains a table of IP networks or 'prefixes' which designate network reachability among autonomous systems (AS). Look at the following presented BGP configuration commands from the advertising router seriously, it is found that the 192.168.0.0 route is not being advertised in this network. Why?
lTe
sts
.co
A. deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80 permit ip any any B. permit ip any any deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80 C. permit ip any any deny tcp 172.17.17.252 0.0.0.0 172.16.16.0 0.0.0.255 eq 80 D. deny tcp 172.16.16.0 0.0.0.255 172.17.17.252 0.0.0.0 eq 80 permit ip any any
236
Cisco 642-892: Practice Exam QUESTION NO: 355 Which two of the following descriptions are correct according to the displayed output of the command show ip bgp summary? (Choose two.)
Answer: A,D
On the basis of the following exhibit, can you tell me why VLAN updates from switch CK-P2S1 are not applied to switch CK-P1S1? (Choose three.)
Ac
tua
lTe
QUESTION NO: 356
sts
.co
A. The BGP session to the 10.1.1.1 neighbor is established. B. The router is trying to create a BGP peering session with the 10.1.1.1 neighbor. C. The BGP session to the 10.3.3.3 neighbor is created, but the router received no BGP routing updates from the 10.3.3.3 neighbor. D. The router is attempting to establish a BGP peering session with the 10.2.2.2 neighbor.
237
QUESTION NO: 357 OSPF is a link-state routing protocol that calls for the sending of link-state advertisements (LSAs) to all other routers within the same hierarchical area. In the network provided in the following exhibit, each router is configured with OSPF. But, router CK-R1 can't receive a default route to router CK-R2 as expected. How to solve this problem?
Ac
Answer: B,C,D
tua
A. The MD5 digests do not match. B. Switch CK-P1S1 is in transparent mode. C. The passwords do not match. D. The VTP domains are different.
lTe
sts
.co
238
Answer: B
QUESTION NO: 358
A routing loop is a common problem with various types of networks, particularly computer networks. They are formed when an error occurs in the operation of the routing algorithm, and as a result, in a group of nodes, the path to a particular destination forms a loop. Which BGP feature can prevent routing loops? A. AS-path B. weight C. local preference D. origin Answer: A
Ac
tua
lTe
A. Add the ip route 5.0.0.0 255.255.255.0 0.0.0.0 command to router CK-R2. B. Add the always keyword to the default-information originate configuration command on router CK-R2. C. Add the area 1 stub command on routers CK-R1. D. Remove the default informationoriginate configuration command from router CK-R2 and place it on router CK-R1
sts
.co
239
Cisco 642-892: Practice Exam QUESTION NO: 359 Virtual Router Redundancy Protocol (VRRP) is a non-proprietary redundancy protocol designed to increase the availability of the default gateway servicing hosts on the same subnet. How to exchange VRRP messages between routers sharing a common LAN segment? A. Unicast IP addresses with UDP port ID 112. B. VRRP messages are directly encapsulated into the Ethernet data field using type code 0x112. C. Destination IPaddress 224.0.0.18 with IP Protocol ID 112. D. VRRP relies on TCP to open a connection and to maintain that connection using TCP keepalives. Answer: C
Ac
tua
lTe
sts
A trunk is typically a point-to-point connection between two switches, it is very efficient and highly recommended that it runs in full-duplex mode. In the following diagram, a trunk link interconnects switch CK-A_SW and switch CK-D_SW. How to manage the traffic from the switch CK-A_SW based on the presented configuration?
.co
QUESTION NO: 360
240
Cisco 642-892: Practice Exam A. The trunk port FaO/1 on switch CK-D_SW would trust allCoS values on the frames received on the CK-A_SW switch pott Fa0/4. B. The trunk port FaO/1 on switch CK-A_SW would trust allCoS values on the frames from the IP phone. C. The trunk port Fa0/1 on switch CK-D_SW will trust allCoS values on the frames coming from port Fa0/1 on CK-A_SW. D. The trunk port FaO/1 on switch CK-D_SW would trust allCoS values on the frames received on the IP phone port. Answer: C
QUESTION NO: 361
A. The traffic coming from Hostl and Host2 is forwarded through router CK-R2 with no disruption. B. The traffic originating from Host2 is transmitted through router CK-R2 with no disruption. The traffic from Hostl is dropped because of the disruption of the load balancing feature configured for the glbp group.
Ac
tua
lTe
sts
.co
241
Cisco 642-892: Practice Exam C. The traffic originating from Host2 is transmitted through router CK-R2 with no disruption. Hostl forwards an ARP request to resolve the MAC address for the new virtual gateway. D. The traffic originating from both hosts is temporarily interrupted when the switchover to make CK-R2 active occurs. Answer: A
QUESTION NO: 362 Refer to the following IPv6 addresses, which one could correctly compress the IPv6 unicast address 2001:0:0:0:0DB8:0:0:417A? A. 2001:::0DB8:0:0:417A B. 2001:0DB8:417A C. 2001::0DB8::417A D. 2001::DB8:0:0:417A Answer: D
QUESTION NO: 363
Answer: B
QUESTION NO: 364 Which option is correct according to the provided exhibit?
Ac
tua
A. miss the metric option in the redistribute command. B. miss the subnet option in the redistribute command. C. miss the tag option in the redistribute command. D. misconfigure the metric-type option in the redistribute command to type-1.
lTe
What will happen after redistributing other routing protocol routes into OSPF?
sts
.co
242
Answer: D
QUESTION NO: 365
A. type 1 Router LSA B. type 2 Network LSA C. type 3 Network Summary LSA D. type 4 ASBR Summary LSA E. type 5 AS External LSA "Pass Any Exam. Any Time." - www.actualtests.com 243
Ac
tua
lTe
Alex is a network technician of his company. Look at the exhibit below seriously, in this network, he has configured each router with OSPF and configured Area 5 as an NSSA area. The RIPv2 routes are redistributed into the OSPF domain on router CK-R5.Which two LSAs types are to be generated by router CK-R5?
sts
.co
A. The 10.0.0.0/8 network is not in the routing table on CK-RB. B. Traffic from the 172.16.0.0/16 network is blocked by the ACL. C. The 10.0.0.0/8 network is not advertised by CK-RB because the network statement for the 10.0.0.0/8 network is missing from CK-RB. D. CK-RB will not advertise the 10.0.0.0/8 network because it is blocked by the ACL.
Cisco 642-892: Practice Exam F. type 7 NSSA External LSA Answer: A,F
QUESTION NO: 366 Which two descriptions regarding voice VLANs are correct? (Choose two.) A. Voice VLANs offer a trunking interface between an IP phone and an access port on a switch to allow traffic from multiple devices connected to the port. B. Enabling Voice VLAN on a switch port will automatically configure the port to trust the incomingCoS markings. C. Access ports configured with voice VLANs may ormay not override the CoS value that is received from an IP phone. D. Voice VLANs are configured using the switchport voice vlan vlan-ID interface configuration command. Answer: C,D
QUESTION NO: 367
A. OSPF sends updates every 10 seconds. B. When a link state is changed, the router that detected the change creates a link-state advertisement (LSA) and propagates it to all OSPF devices using the 224.0.0.6 multicast address. C. OSPF sends summaries of individual link-state entries every 30 minutes to ensure LSDB synchronization. D. OSPF sends triggered updates when a network change occurs. Answer: C,D
QUESTION NO: 368 DRAG DROP Drag the port states to their correct description
Ac
tua
Open Shortest Path First (OSPF) is a routing protocol developed for Internet Protocol (IP) networks by the Interior Gateway Protocol (IGP) working group of the Internet Engineering Task Force (IETF). Which two statements best describe the OSPF link-state routing protocol? (Choose two.)
lTe
sts
.co
244
Answer:
QUESTION NO: 369
Regarding the following exhibit, the wireless LAN can be accessed by all the three different wireless groups of users. In order to increase the network security, which security policy should be applied to the Guest group users?
Ac
tua
lTe
sts
Explanation:
.co
245
A. open authentication with WEP plus MAC authentication B. static WEP and MAC authentication C C. primary SSID with open or no WEP authentication D. LEAP authentication Answer: C
QUESTION NO: 370
When redistributing routes from other protocols, a metric will be required by which two routing protocols? (Choose two.) A. RIP B. IS-IS C. EIGRP D. BGP Answer: A,C
QUESTION NO: 371 When CDP finds out that a Cisco phone is attached, which three interface commands should be used in order for the switch port to support a connected Cisco phone and to trust the CoS values received on the port? (Choose three.) A. switchport priority extend cos_value B. mls qos trust cos C. mls qos trust device cisco-phone D. switchport voice vlan vlan-id Answer: B,C,D "Pass Any Exam. Any Time." - www.actualtests.com 246
Ac
tua
lTe
sts
.co
QUESTION NO: 372 How to exchange GLBP messages between routers sharing a common LAN segment? A. GLBP messages are multicast to UDP port ID 3222. B. Routers inform clients with GLBP messages and use ARP messages to exchange information about first-hop redundancy. C. GLBP messages are directly encapsulated into the Ethernet data field using type code 3222. D. GLBP relies on TCP to open a connection and to maintain that connection using TCP keepalives. Answer: A
QUESTION NO: 373
According to the following graphic, the IS-IS backbone is composed by which routers?
A. CK-R2, CK-R3, CK-R6, CK-R7 B. CK-R3, CK-R4, CK-R6 C. CK-R3, CK-R4, CK-R5, CK-R6 D. CK-R2, CK-R3, CK-R4, CK-R6, CK-R7 Answer: D
Ac
tua
lTe
sts
.co
247
Cisco 642-892: Practice Exam QUESTION NO: 374 The routers CK-1 and CK-3 are OSPF neighbors over the Ethernet 0/0 connection. According to the output presented of the show ip ospf neighbor command, can you tell me which of the following descriptions is correct?
Answer: A
QUESTION NO: 375
The Autonomous WLAN solution and the Lightweight WLAN solution can be distinguished in which two respects? (Choose two.) A. CiscoWorks Wireless LAN Solution Engine can be used for management with the Lightweight WLAN Solution. B. CiscoWorks Wireless LAN Solution Engine can be used for management with the Autonomous WLAN Solution. V C. TACACS+ can only be used for authentication with the Cisco Lightweight WLAN solution. D. Cisco Wireless LAN Controller is used to configure the access points in the Lightweight WLAN solution. Answer: B
QUESTION NO: 376 IGMP (Group Management Protocol) snooping is designed to prevent hosts on a local network from receiving traffic for a multicast group they have not explicitly joined. Which two statements "Pass Any Exam. Any Time." - www.actualtests.com 248
Ac
tua
lTe
sts
A. CK-1 is the DR because it has a higher OSPF router priority. B. CK-3 is the DR because it has a higher OSPF router priority. C C. CK-3 is the DR because it has a lower OSPF router ID. D. Both CK-1 and CK-3 are using the default OSPF router priority.
.co
Cisco 642-892: Practice Exam best describe IGMP snooping? (Choose two.) A. IGMP snooping is enabled with the ip multicast-routing global configuration command. B. IGMP snooping and Cisco Group Membership Protocol (CGMP) can be used simultaneously on a switch. C. IGMP snooping examines IGMP join/leave messages so that multicast traffic is forwarded only to hosts that sent an IGMP message toward the router. D. IGMP snooping is an IP multicast constraining mechanism for Layer 2 switches. Answer: C,D
QUESTION NO: 377 Ferris Plastics,Inc. is a medium sized company,with enterprise network(access,distribution and core) switches that provide LAN connectivity from user PCs to corporate servers. The distribution switches are configured to use HSRP to provide a high availability solution as follows: DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN 105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of GigabitEthernet1/0/1 on the primary device should block the primary device from being the active device,unless GigabitEthernet1/0/1 on the backup device has also failed.
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running configurations and the available show commands to investigate and respond to the following "Pass Any Exam. Any Time." - www.actualtests.com 249
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam question. During rutine maintenance,it became necessary to shut down GigabitEthernet1/0/1 on DSW1.All other interfaces were up.During this time, DSW1 remained the active device for VLAN 102`s HSRP group.You have determined that there is an issue with the decrement value in the track command in VLAN 102's HSRP group.What needs to be done to make the group function properly? A. The DSW1'S decrement value should be configured with a value from 5 to 15. B. The DSW1'S decrement value should be configured with a value from 9 to 15. C. The DSW1'S decrement value should be configured with a value from 11 to 18. D. The DSW1'S decrement value should be greater than 190 and less 200. E. The DSW1'S decrement value should be configured with a value from 195 to less than 205. F. The DSW1'S decrement value should be configured with a value from 200 to less than 205. Answer: C Explanation:
QUESTION NO: 378
Ferris Plastics,Inc. is a medium sized company,with enterprise network(access,distribution and core) switches that provide LAN connectivity from user PCs to corporate servers. The distribution switches are configured to use HSRP to provide a high availability solution as follows: DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN 105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of GigabitEthernet1/0/1 on the primary device should block the primary device from being the active device,unless GigabitEthernet1/0/1 on the backup device has also failed.
Ac
tua
lTe
Use "show run" command to show. The left Vlan102 is console1 of DS1. Priority value is 200, we should decrement value in the track command from 11 to 18. Because 200 - 11 = 189 < 190 ( priority of Vlan102 on DS2 ).
sts
.co
250
What needs to be done to make the group for VLAN 101 function properly? A. Enable preempt in DSW1's VLAN 101 HSRP group. B. Disable preempt in DSW2's VLAN 101 HSRP group. C. Decrease DSW'1 priority value for VLAN 101's HSRP group to a value that is less than the .priority value configured on DSW2's HSRP group for VLAN 101. D. Decrease the decrement value in the track command for DSW1's VLAN 101 HSRP group to a value less than the value in the track command for DSW2's VLAN 101 HSRP group. Answer: A Explanation:
Ac
tua
During routine maintenance,GigabitEthernet1/0/1 on DSW1 was shut down.All other interfaces were up. DSW2 became the active HSRP deveice for VLAN101 as desired.However,after GigabitEthernet1/0/1 on DSW1 was reactivated.Dsw1 did not become the active device as desired.
lTe
sts
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running configurations and the available show commands to investigate and respond to the following question.
.co
251
Cisco 642-892: Practice Exam A is correct. All other answers is incorrect. Because Vlan101 on DS1 ( left ) disable preempt. We need enable preempt to after it reactive , it will be active device. If not this command, it never become active device.
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running configurations and the available show commands to investigate and respond to the following question. DSW2 has not become the active device for VLAN 103's HSRP group even though all interfaces are active.As related to VLAN 103`s HSRP group,what can be done to make the group function properly?
Ac
tua
lTe
sts
.co
252
Cisco 642-892: Practice Exam A. On DSW1, disable preempt. B. On DSW1, decrease the priority value to a value less than 190 and greater 150. C. On DSW2, increase the priority value to a value greater 241 and less than 249. D. On DSW2, increase the decrement valus in the track command to a value greater than 10 and less than 50. Answer: C
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running configurations and the available show commands to investigate and respond to the following question. If GigabitEthernet1/0/1 on DSW1 is shut down,what will be the current priority value of the VLAN "Pass Any Exam. Any Time." - www.actualtests.com 253
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam 105`s HSRP group on router DSW1? A. 95 B. 100 C. 150 D. 200 Answer: A Explanation:
Priority is configured 150, Track is 55. So, if shutdown interface G1/0/1 -> 150 - 55 = 95.
QUESTION NO: 381
The distribution switches are configured to use HSRP to provide a high availability solution as follows: DSW1(Distribution Switch 1)is the primary device for VLAN 101,VLAN 102 and VLAN 105.DSW2(Distribution Switch 2)is the primary device for VLAN 103 and VLAN 104.A failure of GigabitEthernet1/0/1 on the primary device should block the primary device from being the active device,unless GigabitEthernet1/0/1 on the backup device has also failed.
Ac
tua
Ferris Plastics,Inc. is a medium sized company,with enterprise network(access,distribution and core) switches that provide LAN connectivity from user PCs to corporate servers.
lTe
sts
.co
254
Explanation:
Use "show stantby brieft" command on console2 . Very easy to see priority of Vlan105 is 100. "Pass Any Exam. Any Time." - www.actualtests.com 255
Ac
Answer: B
tua
A. 50 B. 100 C. 150 D. 200
lTe
What is the configured priority value of VLAN 105`s HSRP group on DSW2?
sts
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running configurations and the available show commands to investigate and respond to the following question.
.co
Troubleshooting has identified several issues.Currently all interfaces are up.Use the running configurations and the available show commands to investigate and respond to the following question. During routine maintenance,it became necessary to shut down GigabitEthernet1/0/1 on DSW1 and DSW2.All other interfaces were up.During this time,DSW1 became the active device for VLAN 104`s HSRP group.As related to VLAN 104`s HSRP group,what can to be done to make the group function properly? A. On DSW1,disable preempt. B. On DSW2, decrease the priority value to a value less than 150. "Pass Any Exam. Any Time." - www.actualtests.com 256
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam C. On DSW1, increase the decrement value in the track command to a value greater than 6. D. On DSW1, disable the track command. Answer: C Explanation:
A. Router RAR1 will accept only route 10.10.0.0/19 from its BGP neighbor. B. Router RAR1 will send only route 10.10.0.0/19 to its BGP neighbor. C. Only traffic with a destination from 10.10.0.0/19 will be permitted. D. Only traffic going to 10.10.0.0/19 will be permitted. Answer: A
QUESTION NO: 384 Refer to the exhibit. Which statement is true about the 6.6.6.0/24 prefix?
Ac
tua
lTe
sts
.co
We should NOT disable preempt on DS1. By do that, you will make Vlan104's HSRP group fail function. Example: if we are disable preempt on DS1. It can not become active device when G1/0/1 on DS2 fail . In this question, G0/1/0 on DS1 & DS2 is shutdown. Vlan104 (left ) : 150 - 1 = 149. Vlan104 (right ) : 200 - 155 = 145. Result is priority 149 > 145 ( Vlan104 on DS1 is active). If increase the decrement in the track value to a value greater than 6 ( > or = 6). Vlan104 (left ) : 150 - 6 = 144. Result is priority 144 < 145 ( vlan104 on DS2 is active).
257
A. If another path advertises the 6.6.6.0/24 path and has the default local preference, that path is more preferred. B. The command neighbor send-community is configured on BGP neighbor 10.10.23.3. C. The route 10.10.23.3 is not being advertised to other BGP neighbors. D. Route 6.6.6.0/24 is learned by an IBGP peer. Answer: B
Which three IP multicast address related statements are true? (Choose three.) A. Multicast addresses 224.0.0.0 through 224.0.0.255 are always forwarded because they are transmitted with Time to Live (TTL) greater than 1. B. Multicast addresses 224.0.0.5 and 224.0.0.6 are source multicast addresses for OSPF routers. C. Multicast addresses 224.0.0.13 and 224.0.0.22 are reserved link-local addresses used by PIMv2 and IGMPv3. D. Because they would map to overlapping IP multicast MAC addresses, multicast addresses 224.0.1.1 and 238.1.1.1 could not be used together. E. Multicast address 224.0.1.1 has been reserved for the Network Time Protocol (NTP) by the IANA. F. The administratively scoped multicast addresses 239.0.0.0 through 239.255.255.255 are similar in purpose to RFC 1918 private unicast addresses. Answer: C,E,F
QUESTION NO: 386 Which command enables OSPF for IPv6? A. router ospf process-id B. ipv6 ospf process-id C. ipv6 router ospf process-id D. router ospf ipv6 process-id
Ac
tua
lTe
sts
.co
QUESTION NO: 385
258
QUESTION NO: 387 Refer to the output. What IOS command produces this output?
Refer to the exhibit. Which statement is true about a voice VLAN?
A. Physically the voice network and the data network are separate. B. The voice traffic will normally be on a different IP subnet than will the data traffic. C. End user intervention is necessary to place the phone into the proper VLAN. D. The same security policy should be implemented for both voice and data traffic. E. The data VLAN must be configured as the native VLAN.
Ac
QUESTION NO: 388
tua
Answer: D
lTe
A. show ip ospf B. show ip ospf interface C. show ipv6 ospf interface D. show ipv6 ospf
sts
.co
259
QUESTION NO: 389 Refer to the exhibit. What is the effect when the switchport priority extend cos 3 command is configured on the switch port interface connected to the IP phone?
Answer: C
QUESTION NO: 390
A. No traffic marking occurs at the core layer. Layer 2/3 QoS tags are trusted from distribution layer switches and used to prioritize and queue the traffic as it traverses the core. B. IP precedence, DSCP, QoS group, IP address, and ingress interface are Layer 2 characteristics that are set by the access layer as it passes traffic to the distribution layer. The distribution layer, once it has made a switching decision to the core layer, strips these off. C. MAC address, Multiprotocol Label Switching (MPLS), the ATM cell loss priority (CLP) bit, the Frame Relay discard eligible (DE) bit, and ingress interface are established by the voice submodule (distribution layer) as traffic passes to the core layer. D. The distribution layer inspects a frame to see if it has exceeded a predefined rate of traffic within a certain time frame, which is typically a fixed number internal to the switch.If a frame is determined to be in excess of the predefined rate limit, the CoS value can be marked up in a way that results in the packet being dropped. E. The access layer is the initial point at which traffic enters the network. Traffic is marked (or remarked) at Layers 2 and 3 by the access switch as it enters the network, or is "trusted" that it is entering the network with the appropriate tag. "Pass Any Exam. Any Time." - www.actualtests.com
Ac
tua
In what three ways is QoS applied in the campus network? (Choose three.)
lTe
sts
.co
A. Effectively, the trust boundary has been moved to the PC attached to the IP phone. B. The computer is now establishing theCoS value and has effectively become the trust boundary. C. The IP phone is enabled to override with aCoS value of 3 the existing CoS marking of the PC attached to the IP phone. D. The switch will no longer tag incoming voice packets and will extend the trust boundary to the distribution layer switch. E. RTP will be used to negotiate aCoS value based upon bandwidth utilization on the link.
260
Cisco 642-892: Practice Exam F. Traffic inbound from the access layer to the distribution layer can be trusted or reset depending upon the ability of the access layer switches. Priority access into the core is provided based on Layer 3 QoS tags. Answer: A,E,F
QUESTION NO: 391 Which statement about the Lightweight Access Point Protocol (LWAPP) is true? A. LWAPP encrypts control traffic between the AP and the controller. B. LWAPP encrypts user traffic witha x.509 certificate using AES-CCMP. C. LWAPP encrypts both control traffic and user data. D. When set to Layer 3, LWAPP uses a proprietary protocol to communicate with the Cisco Aironet APs.
A. Router A is responsible for answering ARP requests sent to the virtual IP address. B. If Router A becomes unavailable, Router B will forward packets sent to the virtual MAC address of Router A. "Pass Any Exam. Any Time." - www.actualtests.com 261
Ac
tua
lTe
Refer to the exhibit. Which three statements accurately describe this GLBP topology? (Choose three.)
sts
QUESTION NO: 392
.co
Answer: A
Cisco 642-892: Practice Exam C. If another router were added to this GLBP group, there would be two backup AVGs. D. Router B is in GLBP listen state. E. Router A alternately responds to ARP requests with different virtual MAC addresses. F. Router B will transition from blocking state to forwarding state when it becomes the AVG. Answer: A,B,E
QUESTION NO: 393 Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address? A. reduction of processing in wireless controllers B. distributed approach to authentication, encryption, and policy enforcement C. provides security by blocking communication between access points and wireless clients D. access point discovery, information exchange, and configuration
A. WPA/WPA2/CCKM
Ac
tua
lTe
Refer to the exhibit. When a profile is configured in the Aironet Desktop Utility, which security option permits the configuration of host-based Extensible Authentication Protocol (EAP)?
sts
QUESTION NO: 394
.co
Answer: D
262
Cisco 642-892: Practice Exam B. WPA/WPA2 Passphrase C. 802.1x D. Pre-Shared Key (Static WEP) Answer: C
QUESTION NO: 395 Refer to the exhibit. Which three statements are true about trust boundaries in the campus network? (Choose three.)
Answer: A,C,F
QUESTION NO: 396
Refer to the exhibit. The command spanning-tree bpdufilter enable is configured on interface Fa0/1 on switch S6. The link between switch S5 and S6 fails. Will Host A be able to reach Host B?
Ac
tua
A. A device is trusted if it correctly classifies packets. B. A device is trusted if it correctly declassifies packets. C. The outermost trusted devices represent the trust boundary. D. Classification and markingoccur using 802.1ab QoS bits before reaching the trust boundary. E. Network trust boundaries are automatically configured in IOS version 12.3 and later. F. For scalability, classification should be done as close to the edge as possible.
lTe
sts
.co
263
Cisco 642-892: Practice Exam A. Fifty percent of the traffic will successfully reach Host B, and fifty percent will dead-end at switch S3 because of a partial spanning-tree loop. B. No. Traffic will pass from switch S6 to S2 and dead-end at S2. C. No. Traffic will loop back and forth between switch S6 and Host A. D. No. Traffic will loop back and forth between switches S2 and S3. E. Yes. Traffic will pass from switch S6 to S2 to S1. Answer: E
QUESTION NO: 397 Which two statements about the Cisco Aironet Desktop Utility (ADU) are true? (Choose two.) A. The Aironet Desktop Utility (ADU) can be used to establish the association between the client adapter and the access point, manage authentication to the wireless network, and enable data encryption. B. The Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can be used at the same time to configure the wireless client adapter. C. The Aironet Desktop Utility (ADU) can support only one wireless client adapter installed and used at a time. D. The Aironet Desktop Utility (ADU) profile manager feature can create and manage only one profile for the wireless client adapter. E. When the user selects a different profile in the Aironet Desktop Utility (ADU), the settings for the wireless client adapter are changed only after a reboot. Answer: A,C
QUESTION NO: 398
What are three required steps to configure DHCP snooping on a switch? (Choose three.) A. Configure DHCP snooping globally. B. Configure DHCP snooping on an interface. C. Configure DHCP snooping on a VLAN or range of VLANs. D. Configure the switch as a DHCP server. E. Configure all interfaces as DHCP snooping trusted interfaces. F. Configure the switch to insert and remove DHCP relay information (option-82 field) in forwarded DHCP request messages. Answer: A,B,C
Ac
tua
lTe
sts
.co
264
Cisco 642-892: Practice Exam QUESTION NO: 399 Which two statements are true about voice packets in a LAN? (Choose two.) A. Voice traffic data flow involves large volumes of large packets. B. Because a packet loss involves a small amount of data, voice traffic is less affected by packet losses than traditional data traffic is. C. Voice carrier stream utilizes Real-Time Transport Protocol (RTP) to carry the audio/media portion of VoIP communication. D. Voice packets are very sensitive to delay and jitter. E. Voice packets are encapsulated in TCP segments to allow for proper sequencing during delivery. Answer: C,D
QUESTION NO: 400 What does the command udld reset accomplish?
Answer: B
QUESTION NO: 401
Which two types of activities does the Lightweight Access Point Protocol (LWAPP) define? (Choose two.) A. access point certification and software control B. compression and Layer 3 address mapping C. Layer 3 addressing and distribution D. packet encapsulation, fragmentation, and formatting E. SNMP monitoring services Answer: A,D
QUESTION NO: 402
Ac
tua
lTe
A. allows an UDLD port to automatically reset when it has been shutdown B. resets all UDLD enabled ports that have been shutdown C. removes all UDLD configurations from interfaces that were globally enabled D. removes all UDLD configurations from interfaces that were enabled per-port
sts
.co
265
Cisco 642-892: Practice Exam Which statement about the Lightweight Access Point Protocol (LWAPP) protocol is true? A. The processing of 802.11 data and management protocols and access point capabilities is distributed between a lightweight access point and a centralized WLAN controller. B. LWAPP aggregates radio management forward information and sends it to a wireless LAN solution engine. C. LWAPP authenticates all access points in the subnet and establishes a secure communication channel with each of them. D. LWAPP advertises its WDS capability and participates in electing the best WDS device for the wireless LAN. Answer: A
QUESTION NO: 403 Which statement describes the function of a trust boundary?
Answer: B
QUESTION NO: 404
Which two statements about voice VLANs are correct? (Choose two.) A. Voice VLANs eliminate the need for QoS configuration. B. Voice VLANs are used on trunk links to eliminate the need for QoS CoS markings. C. Voice VLANs are mainly used to reduce the number of access switch ports that are used in the network. D. Voice VLANs can be configured to forward existingCoS priorities or override them. E. Voice VLANs are mainly used between access layer switches and distribution layer switches. F. Voice VLANs can be configured on Layer 2 ports only. Answer: D,F
Ac
tua
lTe
A. Trust boundaries determine whether certain types of traffic can pass. B. Trust boundaries are a point in the network where decisions about CoS markings on incoming packets are made. C. Trust boundaries are a point in the network where QoS functionality begins and ends. D. Trust boundaries are points in the network where Layer 2 CoS markings are converted to Layer 3 DSCP or IP precedence markings.
sts
.co
266
Cisco 642-892: Practice Exam QUESTION NO: 405 Which two statements are true about network voice traffic? (Choose two.) A. Voice traffic is affected more by link speed than FTP traffic is. B. Voice traffic is affected more by packet delays than FTP traffic is. C. Voice streams involve larger packet sizes than most TCP network traffic involves. D. Voice traffic is more sensitive to packet loss than TCP network traffic is. E. Voice traffic requires QOS mechanisms only in heavily loaded network segments. Answer: B,D
QUESTION NO: 406
A. An AP that has been upgraded from an autonomous AP to lightweight AP will only function in conjunction with a Cisco Wireless LAN controller. B. Autonomous APs receive control and configuration information from a WLAN controller. C. LWAPP increases the amount of processing within the APs, enabling them to support filtering and policy enforcement features. D. Real time events such as authentication, security management, and mobility are handled by the lightweight AP. E. Lightweight APs require local configurations using local management. F. WLAN controllers provide a single point of management. Answer: A,F
QUESTION NO: 407
Ac
tua
lTe
sts
.co
Refer to the exhibit. Which two Lightweight Access Point statements are true? (Choose two.)
267
Cisco 642-892: Practice Exam Refer to the exhibit. Which option correctly sequences the order in which a lightweight access point associates with the WLAN controller?
Answer: B
QUESTION NO: 408
A. Configure only untrusted interfaces with root guard. B. Configure only trusted interfaces with root guard. C. Configure DHCP spoofing on all ports that connect untrusted clients. D. Configure DHCP snooping only on ports that connect trusted DHCP servers. E. Implement private VLANs (PVLANs) to carry only DHCP traffic. F. Implement private VLANs (PVLANs) to carry only user traffic. Answer: D
QUESTION NO: 409 Which two codecs are supported by Cisco VoIP equipment?
Ac
tua
An attacker is launching a DoS attack with a public domain hacking tool that is used to exhaust the IP address space available from the DHCP servers for a period of time. Which procedure would best defend against this type of attack?
lTe
sts
.co
A. B, D, C, J, I, A B. B, D, G, J, I, A C. D, B, G, E, I, H D. D, F, C, E, I, H E. F, D, C, E, I, H F. F, D, G, J, I, A
268
Cisco 642-892: Practice Exam A. G.701 and G.719 B. G.711 and G.729 C. G.721 and G.739 D. G.731 and G.749 Answer: B
QUESTION NO: 410 Refer to the exhibit. What can be concluded about VLANs 200 and 202?
Answer: B
QUESTION NO: 411 Which three features are part of the Cisco Compatible Extensions program? (Choose three.) A. security B. routing and switching C. VLAN and QoS D. analog and digital voice E. accounting F. mobility "Pass Any Exam. Any Time." - www.actualtests.com 269
Ac
A. VLAN 202 carries traffic from promiscuous ports to isolated, community, and other promiscuous ports in the same VLAN. VLAN 200 carries traffic between community ports and to promiscuous ports. B. VLAN 202 carries traffic from promiscuous ports to isolated, community, and other promiscuous ports in the same VLAN. VLAN 200 carries traffic from isolated ports to a promiscuous port. C. VLAN 200 carries traffic from promiscuous ports to isolated, community, and other promiscuous ports in the same VLAN. VLAN 202 carries traffic between community ports and to promiscuous ports. D. VLAN 200 carries traffic from promiscuous ports to isolated, community, and other promiscuous ports in the same VLAN. VLAN 202 carries traffic from isolated ports to a promiscuous port.
tua
lTe
sts
.co
Cisco 642-892: Practice Exam Answer: A,C,F
QUESTION NO: 412 What is the objective of the Cisco Compatible Extensions program? A. to provide access to proprietary Cisco IOS software code in order to expand the number of vendors writing wireless code B. to provide Cisco engineers with the opportunity to certify that any wireless devices that are made by third parties are compatible with Cisco wireless products C. to provide customers with a broad range of WLAN client devices that have been tested for interoperability with Cisco Aironet innovations D. to provide third parties with Cisco hardware in order to encourage the development of radical innovation in the area of wireless Answer: C
QUESTION NO: 413
Refer to the exhibit. Which two statements are true about how the IP phone can be configured to perform CoS markings? (Choose two.)
A. The IP phone can tag voice traffic in the access or voice VLAN with a Layer 2 CoS value. B. The IP phone can only tag voice traffic with a Layer 2 CoS value in the voice VLAN. C. The default configuration of the IP phone is to pass traffic from the host without changing theCoS value. D. The IP phone can be configured to pass traffic from the host without changing the CoS value. E. By default, the IP phone tags traffic from the host with the default CoS value of 5. Answer: A,D
QUESTION NO: 414
Ac
tua
lTe
sts
.co
270
Cisco 642-892: Practice Exam Refer to the exhibit. DHCP snooping is enabled for selected VLANs to provide security on the network. How do the switch ports handle the DHCP messages?
Answer: C
QUESTION NO: 415
Refer to the exhibit. What two statements are true about the IS-IS configuration? (Choose two.)
Ac
tua
lTe
sts
A. Ports Fa2/1 and Fa2/2 source DHCP requests only. Port Fa3/1 is eligible to source all DHCP messages and respond to DHCP requests. B. Ports Fa2/1 and Fa2/2 respond to DHCP requests only. Port Fa3/1 is eligible to source all DHCP messages. C. Ports Fa2/1 and Fa2/2 are eligible to source all DHCP messages and respond to DHCP requests. Port Fa3/1 can source DHCP request only. D. All three ports, Fa2/1, Fa2/2, and Fa3/1, are eligible to source all DHCP messages and respond to DHCP requests.
.co
271
Answer: C,D
QUESTION NO: 416
Ac
tua
Refer to the exhibit. Which two statements about the IS-IS configurations of router R1 and router R2 are correct? (Choose two.)
lTe
sts
.co
A. The router is in area 49.0001.0002. B. The router has a system ID of 0003.0004. C. The router acts as a Level 1-2 router. D. The network service access point selector (NSEL) byte has a value of 0. E. CLNS routing is enabled for the router.
272
Cisco 642-892: Practice Exam A. The IS-IS Level 2 metric that is assigned on the serial interface of router R2 is over three times the default value. B. Router R1 sends only Level 1 hellos out the interface that is connected to R2. C. Router R2 sends only Level 2 hellos out the interface that is connected to R1. D. Router R1 is configured as a Level 1-2 router. E. Router R2 has the same metric value assigned for Level 1 and Level 2 on the serial interface. F. The network entity titles (NETs) that are configured on L1 and L2 are incompatible. Answer: A,B
QUESTION NO: 417 Which three options are supported as address allocation mechanisms for DHCP on Cisco routers? (Choose three.) A. The IP address can be automatically assigned to a host. B. The IP address can be assigned as a random hash value of the burned-in-address of the lowest-numbered LAN interface on the router. C. The network administrator can assign a specific IP address to a specific host MAC address. D. The IP address can be assigned from configured pools in a reverse lexicographical order. E. The IP address can be assigned to a host for a limited time or until the host explicitly releases the address. F. The IP address can be assigned to a host until the host usurps the assigned value using its own dynamic override mechanism. Answer: A,C,E
QUESTION NO: 418
Refer to the exhibit. What two conclusions can be made based on the DHCP configuration? (Choose two.)
Ac
tua
lTe
sts
.co
273
Refer to the exhibit. Which statement is true about the router configuration that is shown?
A. Additional DHCP options will be imported from another DHCP server. "Pass Any Exam. Any Time." - www.actualtests.com 274
Ac
tua
lTe
QUESTION NO: 419
sts
Answer: B,E
.co
A. The second DNS server configured will never be queried. B. The first IP address assigned by DHCP is 172.16.0.1. C. The IP address of the default router is used for DHCP relay. D. The DHCP clients learn the excluded address ranges that area configured. E. The configured domain name is propagated to the DHCP clients.
Cisco 642-892: Practice Exam B. The DHCP server pools need to be bound to an interface to operate. C. This configuration will provide IP configuration information to two different subnets. D. Additional DCHP option information needs to be imported from another DHCP server. E. If the router hands out all the addresses in pool 1, then it will supply addresses from pool 2. Answer: C
QUESTION NO: 420 Refer to the exhibit. Which statement is true about the router with ID 10.64.0.1?
A. Summarization was performed on an ASBR connected to a totally stubby area. B. Static routes were redistributed into an ASBR. C. Redistribution was performed into a totally stubby area. D. Redistribution was performed into an NSSA area. E. Summarization was performed on an ASBR connected to a NSSA area. Answer: D
QUESTION NO: 422 Refer to the exhibit. RTR-38 has two possible paths to reach the indicated networks but only chooses next hop 172.20.72.1. Which two options would cause RTR-38 to choose next hop 172.20.73.1 for network 192.168.101.0 but still use next hop 172.20.72.1 for the remaining "Pass Any Exam. Any Time." - www.actualtests.com 275
Ac
The show ip route command generated routes flagged as O N2 and O N1. Which option best describes how these routes were created?
tua
QUESTION NO: 421
lTe
Answer: F
sts
A. It is the BDR for the local segment. B. It is the DR for the local segment. C. It is not running OSPF. D. It has an OSPF priority of 1 on the attached interface. E. It has a loopback that is configured. F. It is not the DR or BDR for the local segment.
.co
Cisco 642-892: Practice Exam networks? (Choose two)
Answer: A,F
QUESTION NO: 423
A. Interface NULL 0 is likely shutdown. B. The BGP command no synchronization is missing. C. The BGP command no auto-summary is missing. D. Subnets of 172.32.0.0/22 do not exist in the BGP table. E. The IGP running on this router does not have network 172.32.0.0/22 installed. F. The next hop IP address must be a loopback address. Answer: D
QUESTION NO: 424
Ac
During BGP configuration on a router that has peered with other BGP speakers, the BGP command aggregate-address 172.32.0.0 255.255.252.0 is issued. However, the peers do not receive this aggregate network in BGP advertisements. Also, the router does not have this aggregate network in its BGP table. Which option indicates a possible reason this command did not cause the router to advertise the aggregate network to its peers?
tua
lTe
sts
A. On RTR-38 apply a route map to neighbor 172.20.73.1 incoming that changes the localpreference to 200 for network 192.168.101.0. B. On RTR-38 apply a route map to neighbor 172.20.73.1 incoming that changes the localpreference to 200 for all networks accept 192.168.101.0. C. On RTR-38 apply the command neighbor 172.20.73.1 weight 200. D. On RTR-38 apply the command neighbor 172.20.72.1 weight 200. E. On BGP neighbor router 172.20.73.1 apply a route map that advertises a MED of 200 for network 192.168.101.0 to RTR-38. F. On BGP neighbor router 172.20.72.1 apply a route map that advertises a MED of 200 for network 192.168.101.0 to RTR-38.
.co
276
Cisco 642-892: Practice Exam Refer to the exhibit. Which statement is correct regarding the partial configuration shown?
Answer: D
QUESTION NO: 425
A. The router will prefer the next hop of 172.16.1.1 for packets destined for the 192.168.1.0 network. "Pass Any Exam. Any Time." - www.actualtests.com 277
Ac
tua
Refer to the exhibit. Routing updates for the 192.168.1.0 network are being received from all three neighbors. Which statement is correct regarding the result of the configuration shown?
lTe
sts
.co
A. The router's fa0/0 interface will be assigned the reserved address of 20.0.0.2. B. The router will import its DHCP options from a configuration file on a TFTP server. C. The router's fa0/0 interface will be assigned any address from the 20.0.0.0/8 network except 20.0.0.2. D. The router will add the DHCP option parameters it learns from another server into its DHCP server database.
Cisco 642-892: Practice Exam B. The router will prefer the next hop of 172.26.1.1 for packets destined for the 192.168.1.0 network. C. The router will advertise the 192.168.1.0 network only to 172.30.1.1. D. The router will advertise the 192.168.1.0 network only to 172.26.1.1. E. The router will prefer the next hop of 172.26.1.1 for packets except those destined for the 192.168.1.0 network. Answer: B
QUESTION NO: 426 Which spanning-tree command would cause a PortFast-enabled interface to lose its PortFastoperational status and disable BPDU filtering if it receives BPDUs? A. spanning-tree guard root B. spanning-tree bpduguard enable C. spanning-tree portfast bpduguard default D. spanning-tree bpdufilter enable E. spanning-tree portfast bpdufilter default Answer: E
QUESTION NO: 427
A. spanning-tree portfast bpdufilter default B. spanning-tree bpdufilter enable C. spanning-tree portfast bpduguard default D. spanning-tree bpduguard enable E. spanning-tree guard root Answer: B
QUESTION NO: 428 Which statement correctly describes the results of the Ethernet switch global configuration command spanning-tree loopguard default? A. When any port receives a BPDU, it is put it in the error-disabled state. "Pass Any Exam. Any Time." - www.actualtests.com 278
Ac
tua
Which spanning-tree command would essentially disable spanning tree on an interface and make that interface susceptible to spanning-tree loops?
lTe
sts
.co
Cisco 642-892: Practice Exam B. An interface is moved directly to the spanning-tree forwarding state without waiting for the standard forwardtime delay. C. Prevents interfaces that are in a PortFast-operational state from sending or receiving BPDUs. D. Detects indirect link failures and starts the spanning-tree reconfiguration sooner. E. Prevents alternate or root ports from becoming designated ports because of a failure that leads to a unidirectional link. F. Provides fast convergence after a direct link failure where a root port transitions to the forwarding state immediately without going through the listening and learning states. Answer: E
QUESTION NO: 429 Which optional feature of an Ethernet switch disables a port on a point-to-point link if the port does not receive traffic while Layer 1 status is up? A. BackboneFast B. UplinkFast C. Loop Guard D. UDLD aggressive mode E. Fast Link Pulse bursts F. Link Control Word Answer: D
QUESTION NO: 430
A. A routed port can support VLAN subinterfaces. B. A routed port will take an IP address assignment. C. A routed port can be configured with routing protocols. D. A routed port is a virtual interface on the multilayer switch. E. A routed port is only associated with one VLAN. F. A routed port is a physical interface on the multilayer switch. Answer: B,C,F
QUESTION NO: 431 Which three statements are true about CEF? (Choose three.) "Pass Any Exam. Any Time." - www.actualtests.com 279
Ac
Which three statements are true about routed ports on a multilayer switch? (Choose three)
tua
lTe
sts
.co
Cisco 642-892: Practice Exam A. The FIB table is derived from the IP routing table. B. The adjacency table is derived from the ARP table. C. CEF IP destination prefixes are stored in the TCAM table, from the least specific to the most specific entry. D. When the CEF TCAM table is full, packets are dropped. E. When the adjacency table is full, a CEF TCAM table entry points to the Layer 3 engine to redirect the adjacency. F. The FIB lookup is based on the Layer 3 destination address prefix (shortest match). Answer: A,B,E
QUESTION NO: 432 Refer to the exhibit. Why are users from VLAN 100 unable to ping users on VLAN 200?
A. Encapsulation on the switch is wrong. B. Trunking needs to be enabled on Fa0/1. C. The native VLAN is wrong. D. VLAN 1 needs the no shutdown command. E. IP routing needs to be enabled on the switch. Answer: B
QUESTION NO: 433
Ac
tua
lTe
sts
.co
280
Cisco 642-892: Practice Exam Refer to the exhibit. What problem is preventing users on VLAN 100 from pinging addresses on VLAN 200?
Answer: F
QUESTION NO: 434
Which three characteristics are true about voice traffic in the campus network? (Choose three.) A. TCP retransmits B. benign C. greedy D. drop sensitive E. smooth F. delay insensitive Answer: B,D,E
Ac
tua
A. No default route on DLS1. B. Encapsulation mismatch between switches. C. Native VLAN mismatch. D. Subinterfaces should be created on Fa0/7 and Fa0/8 on DLS1. E. Trunking needs to be enabled. F. The ip routing command is missing on DLS1.
lTe
sts
.co
281
QUESTION NO: 435 Refer to the exhibit. OSPF is configured on all routers in the network. On the basis of the show ip ospf neighbor output, what prevents R1 from establishing a full adjacency with R2?
Answer: A
QUESTION NO: 436
In the event that two devices need access to a common server, but they cannot communicate with each other, which security feature should be configured to mitigate attacks between these devices? A. port security B. dynamic ARP inspection C. DHCP snooping D. private VLANs E. BPDU guard Answer: D
Ac
tua
lTe
A. Router R1 will only establish full adjacency with the DR and BDR on broadcast multiaccess networks. B. Router R2 has been elected as a DR for the broadcast multiaccess network in OSPF area 1. C. Routers R1 and R2 are configured as stub routers for OSPF area 1 and OSPF area 2. D. Router R1 and R2 are configured for a virtual link between OSPF area 1 and OSPF area 2. E. The Hello parameters on routers R1 and R2 do not match.
sts
.co
282
Cisco 642-892: Practice Exam QUESTION NO: 437 Which statement best summarizes how DHCP snooping works? A. DHCP snooping validates the header information of all DHCP replies and only allows the reply through if it has a matching request in the DSRT. B. DHCP snooping validates all DHCP responses from all switch ports and only allows packets through if the destination port sent a DHCP request in the last 5 seconds. C. DHCP snooping validates all DHCP responses from all switch ports and only allows packets through if the destination port specifically sent a DHCP request. D. DHCP snooping determines which switch ports are trusted and can source all DHCP messages. Answer: D
QUESTION NO: 438
Answer: C
QUESTION NO: 439
Which two statements are true about port security? (Choose two.) A. With port security configured, four MAC addresses are allowed by default. B. Port security cannot be configured for ports supporting VoIP. C. With port security configured, only one MAC address is allowed by default. D. The network administrator must manually enter the MAC address for each device in order for the switch to allow connectivity. E. Port security can be configured for ports supporting VoIP. Answer: C,E
Ac
tua
lTe
A. TACACS with LEAP extensions B. TACACS+ C. RADIUS with EAP extensions D. LDAP
sts
A network administrator would like to configure 802.1x port-based authentication, however, the client workstation is not 802.1x compliant. What is the only supported authentication server that can be used?
.co
283
Cisco 642-892: Practice Exam QUESTION NO: 440 A switch has been configured with PVLANs. With what type of PVLAN port should the default gateway be configured? A. Isolated B. Promiscuous C. Community D. Primary E. Trunk Answer: B
QUESTION NO: 441 What is the function of the Service Set Identifier (SSID) in the wireless LAN? A. The SSID should be configured on the client site only and provides data-privacy functions and authentication to the access point. B. The SSID must match on both the client and the access point. The SSID is advertised in plaintext in the access point beacon messages. C. The SSID must match on both the client and the access point and provides encryption keys for authentication to the access point. D. The SSID must match on both the client and the access point and provides MAC Address Authentication to authenticate the client to the access point. Answer: B
QUESTION NO: 442
Which statement is true about the data traffic between the access point and controller? A. The data traffic is switched at the access point before being sent to the WLAN controller where VLAN tagging and QoS are applied. B. The data traffic is encrypted with AES. C. The data traffic between the access point and controller is encrypted. D. The data traffic is encapsulated with LWAPP. Answer: D
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam Refer to the exhibit. If VLAN 21 does not exist before typing the commands, what is the result of the configuration applied on switch SW1?
A. A new VLAN 21 is created and port 0/8 is assigned to that VLAN. B. A new VLAN 21 is created, but no ports are assigned to that VLAN. C. No VLAN 21 is created and no ports are assigned to that VLAN. D. Configuration command vlan database should be used first to create the VLAN 21. Answer: A
QUESTION NO: 444
Refer to the exhibit. What happens when the switch SW2 is connected to the rest of the network in the VTP domain Lab_Network?
A. The recently introduced switch SW2 adds one more VLAN to the VLAN database in the VTP domain. B. The recently introduced switch SW2 creates a STP loop in the VTP domain. C. The recently introduced switch SW2 removes all configured VLANs throughout the VTP domain. D. The recently introduced switch SW2 switches over to VTP transparent mode in order to be included into the VTP domain. E. A trunk should be configured between the two switches in order to integrate SW2 into the VTP domain. Answer: C
QUESTION NO: 445
Ac
tua
lTe
sts
.co
285
Cisco 642-892: Practice Exam What action should a network administrator take to enable VTP pruning on an entire management domain? A. enable VTP pruning on any client switch in the domain B. enable VTP pruning on every switch in the domain C. enable VTP pruning on any switch in the management domain D. enable VTP pruning on a VTP server in the management domain Answer: D
QUESTION NO: 446 How does VTP pruning enhance network bandwidth? A. by restricting unicast traffic to across VTP domains B. by reducing unnecessary flooding of traffic to inactive VLANs C. by limiting the spreading of VLAN information D. by disabling periodic VTP updates
A. IGMP B. IGMP snooping C. PIM-DM D. DVMRP E. MOSPF Answer: B
QUESTION NO: 448 Which well-defined routing protocol would a network administrator configure on multicast routers when member routers are widely dispersed? A. Distance Vector Multicast Routing Protocol (DVMRP) B. Protocol Independent Multicast Dense Mode (PIM-DM)
Ac
tua
Which technology manages multicast traffic at Layer 2 by configuring Layer 2 LAN interfaces dynamically to forward multicast traffic only to those interfaces that want to receive it?
lTe
QUESTION NO: 447
sts
Answer: B
.co
286
Cisco 642-892: Practice Exam C. Multicast Open Shortest Path First (MOSPF) D. Protocol Independent Multicast Sparse Mode (PIM-SM) E. Core-Based Trees (CBT) Answer: D
QUESTION NO: 449 When building an IP multicast domain using PIM which mode assumes that other routers do not want to forward multicast packets for the group? A. PIM-DM B. PIM-SM C. PIM-RP D. CGMP E. IGMP snooping Answer: B
QUESTION NO: 450
Answer: B
QUESTION NO: 451 Which DTP switchport mode parameter sets the switch port to actively send and respond to DTP negotiation frames? A. access B. trunk C. no negotiate D. dynamic desirable E. dynamic auto "Pass Any Exam. Any Time." - www.actualtests.com 287
Ac
A. The interface is put into permanent trunking mode and negotiates to convert the link into a trunk link. B. The interface actively attempts to convert the link to a trunk link. C. The interface is put into permanent trunking mode but prevented from generating DTP frames. D. The interface is put into a passive mode, waiting to convert the link to a trunk link.
tua
lTe
Which statement describes Dynamic Trunking Protocol (DTP) mode 'desirable'?
sts
.co
QUESTION NO: 452 Which of the following NSAP addresses is a private, locally administered address? A. 39.0f01.0002.0000.0c00.1111.00 B. 48.0f01.0002.0000.0c00.1111.00 C. 49.0004.30ac.0000.3090.c7df.00 D. 52.0f01.0002.0000.0c00.1111.00 Answer: C
QUESTION NO: 453
Answer: A,B
QUESTION NO: 454
IS-IS is often considered an alternative to OSPF in the IP world. Which two statements identify similarities between IS-IS and OSPF? (Choose two.) A. support for designated intermediate systems and backup designated intermediate systems B. support for multiple areas per router C. support for classless routing D. support for address summarization between areas E. support for both DIS adjacencies and neighbor adjacencies Answer: C,D
QUESTION NO: 455
Ac
tua
lTe
A. forwarding information base B. adjacency tables C. neighbor tables D. caching tables E. route tables
sts
.co
Which two table types are CEF components? (Choose two.)
288
Cisco 642-892: Practice Exam In an IS-IS environment, what happens when the designated IS router crashes? A. The elected backup designated router takes the place of the DIS indefinitely without the necessity of a new election. B. The elected backup designated router takes the place of the DIS temporarily without the necessity of a new election, until the original DIS comes back online. C. A new election process occurs immediately, establishing a new DIS that will remain in place indefinitely. D. A new election process occurs immediately, establishing a new DIS until a router with a higher priority or MAC address establishes an adjacency. Answer: D
QUESTION NO: 456 Which protocol inserts a four byte tag into the Ethernet frame and recalculates CRC value? A. VTP B. 802.1Q C. DTP D. ISL Answer: B
In reference to the P1R3 show isis route output, which statement is true?
A. P1R1 is the exit point out of the area for P1R3. B. P1R1 is a level-1 only IS-IS router. C. P1R1 has been configured with a nondefault IS-IS metric. D. P1R3 is a level-2 only IS-IS router. E. P1R3 has been configured with a nondefault IS-IS metric. F. P1R3 routing table should contain i L2 entries.
Ac
tua
QUESTION NO: 457
lTe
sts
.co
289
Cisco 642-892: Practice Exam Answer: A
QUESTION NO: 458 Why should iBGP sessions be fully meshed within a Transit AS? A. BGP requires redundant TCP sessions between iBGP peers. B. A full mesh allows for optimal routing within the Transit AS. C. Routes learned via iBGP are never propagated to other eBGP peers. D. Routes learned via iBGP are never propagated to other iBGP peers. E. Routes learned via eBGP are never propagated to other iBGP peers. Answer: D
QUESTION NO: 459
What is periodically sent by a DIS on a LAN to ensure that all adjacent neighbors' IS-IS link-state databases are synchronized? A. complete SNP (CSNP) B. partial SNP (PSNP) C. database query D. database description packet (DDP) E. link-state summary F. hello Answer: A
QUESTION NO: 460
What does IS-IS use to establish and maintain neighbor relationships between IS's? A. IIH B. LSP C. CLNS D. CLNP E. ISH Answer: A
Ac
tua
lTe
sts
.co
290
Cisco 642-892: Practice Exam QUESTION NO: 461 What is the default metric used on IS-IS routers for each interface? A. The cost is set to 10 for all interfaces. B. The cost is set to 10 for LAN interfaces and 20 for WAN interfaces. C. The cost is based on the speed of the interface. D. The cost is based on a composite of bandwidth and delay of the interface. Answer: A
QUESTION NO: 462 Which two tasks are required to configure PIM for IP multicast routing? (Choose two.) A. Join a multicast group. B. Enable CGMP. C. Enable IP multicast routing. D. Configure the TTL threshold. E. Enable PIM on an interface. Answer: C,E
QUESTION NO: 463
Which enhancement was added to IGMP version 3? A. membership query message B. membership report message C. leave group message D. source filtering E. destination filtering Answer: D
QUESTION NO: 464 Which BGP attribute will not be advertised in routing updates to its neighboring routers? A. weight B. local preference C. origin "Pass Any Exam. Any Time." - www.actualtests.com 291
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam D. AS_path E. next hop Answer: A
QUESTION NO: 465 What are two Cisco IOS commands that can be used to view neighbor adjacencies? (Choose two.) A. show ip ospf database B. show ip ospf neighbors C. show ip ospf protocols D. show ip ospf interfaces Answer: B,D
QUESTION NO: 466 Which statement is true about IBGP routers? A. They must be fully meshed. B. They can be in a different AS. C. They must be directly connected. D. They do not need to be directly connected. Answer: D
QUESTION NO: 467
Given the NSAP, 39.0100.0102.0001.0c00.1211.00, which portion is interpreted by IS-IS as the area? A. 39 B. 39.0100 C. 39.0100.0102 D. 0001 E. 0001.0c00 F. 0001.0c00.1211 Answer: C
Ac
tua
lTe
sts
.co
292
Answer: A
QUESTION NO: 469
Which option correctly identifies the Cisco IOS switching methods in descending order from the fastest method to the slowest method? A. CEF, distributed CEF (dCEF), fast switching, process switching B. distributed CEF (dCEF), CEF, fast switching, process switching C. fast switching, process switching, distributed CEF (dCEF), CEF D. process switching, fast switching, distributed CEF (dCEF), CEF E. process switching, distributed CEF (dCEF), CEF, fast switching F. process switching, CEF, distributed CEF (dCEF), fast switching
Ac
tua
A. RTA will redistribute the RIP routes into the NSSA as type 7 LSAs. RTB will translate the type 7 LSAs into type 5 LSAs and flood them throughout the OSPF backbone. B. RTA will redistribute the RIP routes into the NSSA as type 7 LSAs. RTB will flood the type 7 LSAs throughout the backbone. C. RTA will redistribute the RIP routes into the NSSA as type 5 LSAs. RTB will flood the type 5 LSAs throughout the backbone. D. RTA will redistribute the RIP routes into the NSSA as type 5 LSAs. RTB will translate the type 5 LSAs into type 7 LSAs and flood them throughout the OSPF backbone. E. RTA will not redistribute the RIP routes into the NSSA.
lTe
sts
.co
293
QUESTION NO: 470 Refer to the exhibit. An administrator is verifying that a CEF FIB entry exists to destination network 192.168.150.0. Given the output generated by the show ip cef and show adjacency detail commands, which three statements are true? (Choose three.)
Answer: A,D,E
QUESTION NO: 471 Which two statements are true about a switched virtual interface (SVI)? (Choose two.) A. An SVI is created by entering the no switchport command in interface configuration mode. B. An SVI is created for the default VLAN (VLAN1) to permit remote switch administration by default. C. An SVI provides a default gateway for a VLAN. D. Multiple SVIs can be associated with a VLAN. E. SVI is another name for a routed port. Answer: B,C "Pass Any Exam. Any Time." - www.actualtests.com 294
Ac
tua
A. There is a valid CEF entry for the destination network 192.168.150.0. B. The "valid cached adjacency" entry indicates that CEF will put all packets going to such an adjacency to the next best switching mode. C. The counters (0 packets, 0 bytes) indicate a problem with the 192.168.199.3 next hop IP address. D. There is an adjacency for the 192.168.199.3 next hop IP address. E. The number 003071506800 is the MAC address of the 192.168.199.3 next hop IP address. F. The number 003071506800 is the MAC address of the source IP address.
lTe
sts
.co
QUESTION NO: 472 An administrator types in the command router ospf 1 and receives the error message: "OSPF process 1 cannot start." (Output is omitted.) What should be done to correctly set up OSPF? A. Ensure that an interface has been configured with an IP address. B. Ensure that an interface has been configured with an IP address and is up. C. Ensure that IP classless is enabled. D. Ensure that the interfaces can ping their directly connected neighbors. Answer: B
QUESTION NO: 473
A. SW1(config-if)# switchport trunk encapsulation dot1q SW1(config-if)# switchport mode trunk SW1(config-if)# switchport trunk native DATA SW1(config-if)# switchport trunk allowed vlan 1,10,20 B. SW1(config-if)# switchport trunk encapsulation dot1q SW1(config-if)# switchport mode dynamic auto SW1(config-if)# switchport trunk native DATA SW1(config-if)# switchport trunk allowed vlan add 1,10,20 C. SW1(config-if)# switchport trunk encapsulation dot1q SW1(config-if)# switchport mode dynamic desirable SW1(config-if)# switchport trunk native vlan DATA SW1(config-if)# switchport trunk allowed vlan 1,10,20 D. SW1(config-if)# switchport trunk encapsulation dot1q SW1(config-if)# switchport mode dynamic desirable "Pass Any Exam. Any Time." - www.actualtests.com 295
Ac
tua
lTe
sts
.co
Refer to the exhibit. The switchport output in Figure 1 displays the default settings of interface FastEthernet 0/13 on switch SW1. Figure 2 displays the desired interface settings. Which command sequence would configure interface FastEthernet 0/13 as displayed in Figure 2?
Cisco 642-892: Practice Exam SW1(config-if)# switchport trunk native vlan 10 SW1(config-if)# switchport trunk allowed vlan 1,10,20 E. SW1(config-if)# switchport trunk encapsulation dot1q SW1(config-if)# switchport mode dynamic desirable SW1(config-if)# switchport trunk native vlan 10 Answer: B
QUESTION NO: 474 Refer to the exhibit. For what purpose is the command show ip cef used?
A. to display rewritten IP unicast packets B. to display ARP resolution packets C. to display ARP throttling D. to display TCAM matches E. to display CEF-based MLS lookups F. to display entries in the Forwarding Information Base (FIB) Answer: F
QUESTION NO: 475 Refer to the exhibit. Host A and Host B are connected to the Catalyst 3550 switch and have been assigned to their respective VLANs. The rest of the 3550 configuration is the default configuration. Host A is able to ping its default gateway, 10.10.10.1, but is unable to ping Host B. Given the output displayed in the exhibit, which statement is true?
Ac
tua
lTe
sts
.co
296
Answer: D
QUESTION NO: 476 Refer to the exhibit. On the basis of the output generated by the show commands, which two statements are true? (Choose two.)
Ac
tua
A. HSRP must be configured on SW1. B. A separate router is required to support interVLAN routing. C. Interface VLAN 10 must be configured on the SW1 switch. D. The global config command ip routing must be configured on the SW1 switch. E. VLANs 10 and 15 must be created in the VLAN database mode. F. VTP must be configured to support interVLAN routing.
lTe
sts
.co
297
A. All interfaces on the switch have been configured as access ports. B. Because it has not been assigned to any VLAN, interface gigabitethernet 0/1 does not appear in the show vlan output. C. Because it is configured as a trunk interface, interface gigabitethernet 0/1 does not appear in the show vlan output. D. There are no native VLANs configured on the trunk. E. VLAN 1 will not be encapsulated with an 802.1q header. F. VLAN 2 will not be encapsulated with an 802.1q header. Answer: C,E
QUESTION NO: 477 What does the Catalyst switch interface configuration command switchport trunk native vlan 7 accomplish? "Pass Any Exam. Any Time." - www.actualtests.com 298
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam A. configures the interface to be a trunking port and causes traffic on VLAN 7 to be 802.1q tagged B. causes the interface to apply ISL framing for traffic on VLAN 7 C. configures the trunking interface to send traffic from VLAN 7 untagged D. configures the trunking interface to forward traffic from VLAN 7 Answer: C
QUESTION NO: 478 Refer to the exhibit. Based upon the output of show vlan on switch CAT2, what can we conclude about interfaces Fa0/13 and Fa0/14?
Answer: C
QUESTION NO: 479 Refer to the exhibit. VLAN2, VLAN3, and VLAN10 are configured on the switch D-SW1. Host computers are on VLAN 2 (10.1.2.0), servers are on VLAN 3 (10.1.3.0), and the management VLAN is on VLAN10 (10.1.10.0). Hosts are able to ping each other but are unable to reach the servers. On the basis of the exhibited output, which configuration solution could rectify the problem?
Ac
tua
A. that interfaces Fa0/13 and Fa0/14 are in VLAN 1 B. that interfaces Fa0/13 and Fa0/14 are down C. that interfaces Fa0/13 and Fa0/14 are trunk interfaces D. that interfaces Fa0/13 and Fa0/14have a domain mismatch with another switch E. that interfaces Fa0/13 and Fa0/14have a duplex mismatch with another switch
lTe
sts
.co
299
Answer: C
QUESTION NO: 480
Refer to the exhibit. Which interface or interfaces on switch SW_A can have the port security feature enabled?
Ac
tua
lTe
sts
A. Enable IP routing on the switch D-SW1. B. Configure a default route that points toward network 200.1.1.0/24. C. Assign an IP address of 10.1.3.1/24 to VLAN3. D. Configure default gateways to IP address 10.1.2.1 on each host. E. Configure default gateways to IP address 10.1.10.1 on each host. F. Configure default gateways to IP address 200.1.1.2 on each host.
.co
300
Answer: C
QUESTION NO: 481
A. Quality of service cannot be applied for the voice traffic. B. The voice traffic cannot be forwarded to the distribution layer. C. Port security cannot be enabled on the switch that is attached to the IP phone. D. The voice traffic cannot use 802.1p priority tagging. "Pass Any Exam. Any Time." - www.actualtests.com 301
Ac
Refer to the exhibit. Which statement is true when voice traffic is forwarded on the same VLAN used by the data traffic?
tua
lTe
sts
A. Port 0/1 B. Ports 0/1 and 0/2 C. Ports 0/1, 0/2 and 0/3 D. Ports 0/1, 0/2, 0/3 and the trunk port 0/22 E. The trunk port 0/22 and the EtherChannel ports F. Ports 0/1, 0/2, 0/3, the trunk port 0/22 and the EtherChannel ports
.co
QUESTION NO: 482 Which statement is true about the Forward Information Base (FIB) table? A. The FIB is derived from the IP routing table and is optimized for maximum lookup throughput. B. The FIB table is derived from the Address Resolution Protocol table, and it contains Layer 2 rewrite (MAC) information for the next hop. C. The FIB lookup is based on the Layer 2 destination MAC address. D. When the FIB table is full, a wildcard entry redirects traffic to the Layer 3 engine. Answer: A
QUESTION NO: 483
Which two statements are true about IS-IS routing? (Choose two.) A. IS-IS is more efficient than OSPF in the use of CPU resources. B. Based on the default timers, OSPF detects a failure faster than IS-IS does. C. OSPF default timers permit more tuning than IS-IS does. D. OSPF is more scalable than IS-IS because of its ability to identify normal, stub, and NSSA areas. E. IS-IS and OSPF are both Open Standard, link-state routing protocols which support VLSM. Answer: A,E
QUESTION NO: 484
Refer to the exhibit. All routers have Protocol Independent Multicast (PIM) enabled interfaces. On the basis of the configuration provided on routers R1 and R2, which router will take on the function of rendezvous point (RP) for the multicast network?
Ac
tua
lTe
sts
.co
302
What does the command clear ipv6 ospf process accomplish? A. The OSPF adjacencies are cleared and initiated again. B. The route table is cleared. Then the OSPF neighbors are reformed. C. The shortest path first (SPF) algorithm is performed on the LSA database. D. The OSPF database is repopulated. Then the shortest path first (SPF) algorithm is performed. Answer: D
QUESTION NO: 486 Many match statements could be used in a route map. How many match statements must be matched for the set to be applied? A. None of them B. All the criteria C. At least 50 percent of the criteria D. At least one
Ac
tua
lTe
QUESTION NO: 485
sts
Answer: B
.co
A. router R1 B. router R2 C. both routers R1 and R2 D. none of the routers since they are not configured with static RP
303
QUESTION NO: 487 DRAG DROP Place the BGP attributes in the correct order used for determining a route
Answer:
Explanation:
Ac
tua
lTe
sts
.co
304
QUESTION NO: 488
A NIC has a MAC address of 00-0F-66-81-19-A3 and discovers a routing prefix of 2001:0:1:5::/64. Which IPv6 addresses are assigned to it? (choose four) A. 2001::1:5:20F:66FF:FE81:19A3 B. FE80::20F:66FF:FE81:19A3 C. ::1 D. FF02::1 Answer: A,B,C,D
QUESTION NO: 489
Multicasting supports applications that communicate A. Many-to-many B. One-to-many C. Many-to-one D. One-to-one Answer: B
QUESTION NO: 490 Which is a difference between broadcasts and multicasts?
Ac
tua
lTe
sts
.co
305
Cisco 642-892: Practice Exam A. Multicasts are unidirectional. B. Multicasts are used by RIPv1. C. Multicasts are routable. D. Multicasts are one-to-many. Answer: C
QUESTION NO: 491 What can the Network Analysis Module on the 6500 series switches be used to do? (Choose two.) A. Remotely gather traffic statistics. B. Remotely change passwords. C. Remotely configure QoS options. D. Remotely measure traffic parameters. Answer: A,D
What is the reason that system buffers are made in so many different sizes? A. Because buffers have to be discarded once they are used B. Because different interfaces support different MTUs C. Because different systems allow different frames to be received D. Because the buffers can be used as particles to create larger buffers Answer: B
QUESTION NO: 493
Which one of the following techniques allows policies to be reapplied without destroying the existing peering? (choose two) A. clear ip bgp * B. Rebooting the local router C. clear ip bgp * soft in D. clear ip bgp * soft out Answer: C,D
Ac
tua
lTe
sts
QUESTION NO: 492
.co
306
Cisco 642-892: Practice Exam QUESTION NO: 494 Ideally, what will be displayed by the output of the show ip bgp neighbors command? A. Idle B. Open C. Established D. Active Answer: C
QUESTION NO: 495 Put the BGP connection strategies in order from lowest to highest based on likelihood to take the best path.(choose three)
Answer: A,B,C
QUESTION NO: 496
Which UDP broadcasts will an IOS DHCP relay automatically forward? (choose six) A. NTP (port 37) B. DNS (port 53) C. TFTP (port 69) D. TACACS (port 49) E. NetBIOS name service (port 137) F. NetBIOS datagram service (port 138) Answer: A,B,C,D,E,F
QUESTION NO: 497 Which ports are forwarded by UDP by default? A. UDP 666 B. UDP 500 C. UDP 51 "Pass Any Exam. Any Time." - www.actualtests.com 307
Ac
tua
lTe
sts
.co
A. Accept only default routes from all providers B. Accept some routes plus a default route from all providers C. Accept full routing updates from all providers
Cisco 642-892: Practice Exam D. UDP 67 Answer: D
QUESTION NO: 498 Which statement accurately describes SLB? A. An alternative to switching B. A protocol allowing server load sharing C. An alternative to HSRP D. A server redundancy protocol Answer: B
When would you configure the VTP domain on an interface of an external router? A. When it doesn??t use ISL or 802.1Q encapsulation B. Always C. When it uses ISL encapsulation D. When it is connected to a VTP server or client Answer: D
QUESTION NO: 500
When using route maps for redistribution when a statement is configured to deny and there is a match, which action will the route map take? A. The packet is sent to the normal routing process. B. The route is not redistributed. C. The packet is dropped. D. An ICMP packet is sent to the sender. Answer: B
QUESTION NO: 501
Ac
tua
lTe
sts
.co
QUESTION NO: 499
308
Cisco 642-892: Practice Exam Refer to exhibit. BGP is configured on all routers, synchronization is turned off, and none of the default attributes have been changed except the local preference attribute on R4. Which path will be preferred by R2 to reach the network 100.100.100.0/24?
A. R2 R3 R4 R5 because it has a lower admin distance B. R2 R3 R4 R5 because it has a higher local preference C. R2 R1 because it has the shortest AS-path D. R2 R1 because it has a lower local preference Answer: B
QUESTION NO: 502 Refer to the exhibit. On the basis of the information that is presented, what condition exists?
Ac
tua
lTe
sts
.co
309
A. authenticating with AP B. poor link status with AP C. no valid radio for ADU D. no association to AP Answer: C
QUESTION NO: 503 Refer to the exhibit. What information can be derived from the output?
A. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with a superior root bridge parameter and no traffic is forwarded across the ports. Once the inaccurate BPDUs have been stopped, the interfaces will need to be administratively shut down, and brought back up, to resume normal operation. B. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with a superior root bridge parameter,but traffic is still forwarded across the ports. C. Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with a superior root bridge parameter and no traffic is forwarded across the ports. Once the inaccurate BPDUs have been stopped, the interfaces automatically recover and resume normal operation. D. Interfaces FastEthernet3/1 and FastEthernet3/2 are candidates for becoming the STP root port, but neither can realize that role until BPDUs with a superior root bridge parameter are no longer received on at least one of the interfaces. Answer: C
QUESTION NO: 504
Ac
tua
lTe
sts
.co
310
Cisco 642-892: Practice Exam Refer to the exhibit. Static WEP keys have been configured on all devices in the wireless LAN. What will happen if the access point receives packets sent by the wireless client adapter that are not encrypted with the appropriate key?
Answer: C
Which statement is correct regarding the operation of NAT-PT between the IPv4 and IPv6 networks shown?
Ac
tua
lTe
A. The wireless client adapter will be authenticated by the authentication server and the access point will deliver the packets to the intended receiver. B. The wireless client adapter will not be authenticated by the authentication server, but the access point will deliver the packets to the intended receiver. C. The access point will discard the packets and never deliver them to the intended receiver. D. The wireless client adapter will not be able to send any packets to the access point.
sts
.co
311
Cisco 642-892: Practice Exam A. The router will determine the IPv4 destination address. B. The source IPv6 host can use DNS to determine the IPv6-to-IPv4 address mapping. C. The host is statically configured with the IPv6-to-IPv4 address mapping. D. ICMP can be used to determine the IPv6-to-IPv4 address mapping. Answer: B
Which interoperability technique implemented on the router would allow Host-1 to communicate with Host-2? A. Dual Stack B. NAT-PT C. 6to4 tunnel D. GRE tunnel E. ISATAP tunnel Answer: B
QUESTION NO: 507 Refer to the exhibit. Which two statements are correct regarding the routes to be redistributed into OSPF? (Choose two.)
Ac
tua
lTe
sts
.co
312
Answer: A,D
QUESTION NO: 508
Refer to the exhibit. Which two statements are true? (Choose two.)
Ac
tua
lTe
A. The network 192.168.1.0 will be allowed and assigned a metric of 100. B. The network 192.168.1.0 will be allowed and assigned a metric of 200. C. All networks except 10.0.0.0/8 will be allowed and assigned a metric of 200. D. The network 172.16.0.0/16 will be allowed and assigned a metric of 200. E. The network 10.0.10.0/24 will be allowed and assigned a metric of 200.
sts
.co
313
Answer: B,E
Ac
tua
lTe
sts
.co
A. This switch is the STP root bridge. B. This switch is not the STP root bridge. C. A spanning-tree loop exists in this network. D. The default STP timers have been changed. E. Port Fa0/11 is facing the root bridge. F. Port Fa0/11 is facing away from the root bridge.
314
What additional commands should be used to configure OSPF area 5 as a Totally Stubby area? A. area 0 stub on routers R4 and R5 B. area 5 stub on routers R4 and R5 C. area 5 stub no-summary on routers R4 and R5 D. area 0 stub no-summary on router R4 and area 5 stub no-summary on router R5 E. area 5 stub no-summary on router R4 and area 5 stub on router R5 Answer: E
QUESTION NO: 510
A hacker is interested in seeing traffic from all switch ports on the switch that he is connected to, including the ports belonging to other VLANs. What type of attack is he likely to implement? A. MAC address flooding B. ARP attack C. spoofing attack D. DHCP attack E. VLAN hopping Answer: A
Ac
tua
lTe
sts
.co
315
Cisco 642-892: Practice Exam QUESTION NO: 511 Given the above diagram and assuming that STP is enabled on all switch devices, which two statements are true? (Choose two.)
A. R5(config-router)# area 1 stub R6(config-router)# area 1 stub "Pass Any Exam. Any Time." - www.actualtests.com
Ac
Refer to the exhibit. Routers R2, R3, R4, and R5 have OSPF enabled. What should be configured on the routers in area 1 to ensure that all default summary routes and redistributed EIGRP routes will be forwarded from R6 to area 1, and only a default route for all other OSPF routes will be forwarded from R5 to area 1.
tua
QUESTION NO: 512
lTe
Answer: A,D
sts
A. DSW11willbe elected the root bridge. B. DSW12 will be elected the root bridge. C. ASW13 will be elected the root bridge. D. P3/1 will be elected the nondesignated port. E. P2/2 will be elected the nondesignated port. F. P3/2 will be elected the nondesignated port.
.co
316
Cisco 642-892: Practice Exam B. R5(config-router)# area 1 stub no-summary R6(config-router)# area 1 stub C. R5(config-router)# area 1 nssa R6(config-router)# area 1 nssa D. R5(config-router)# area 1 nssa no-summary R6(config-router)# area 1 nssa Answer: D
All network links are FastEthernet. Although there is complete connectivity throughout the network, Front Line users have been complaining that they experience slower network performance when accessing the server farm than the Reception office experiences. Based on the exhibit, which two statements are true? (Choose two.) A. Changing the bridge priority of S1 to 4096 would improve network performance. B. Changing the bridge priority of S1 to 36864 would improve network performance. C. Changing the bridge priority of S2 to 36864 would improve network performance. D. Changing the bridge priority of S3 to 4096 would improve network performance. E. Disabling the Spanning Tree Protocol would improve network performance. F. Upgrading the link between S2 and S3 to Gigabit Ethernet would improve performance. Answer: B,D
Ac
tua
lTe
sts
.co
317
QUESTION NO: 514 Which two multicast IP addresses can be represented by the multicast MAC address 0100.5e0A.0A07? (Choose two.) A. 228.10.10.7 B. 228.10.10.8 C. 228.10.138.7 D. 229.11.10.7 E. 229.138.10.7 F. 229.138.10.8 Answer: A,E
QUESTION NO: 515
Answer: C
QUESTION NO: 516
Lab 1.（VTP?InterVLAN Routing）
Ac
tua
lTe
A. client PC only B. switch port only C. switch port and client PC D. switch port and local router port
sts
When authentication is required, where must 802.1x be configured in order to connect a PC to a switch?
.co
318
VLAN IDs 20 21 IP Addresses 172.64.200.1/24 192.162.39.1/24 These are your specific tasks:
Explanation: Using show run for current configuration info ALswitch#conf t ALswitch( config)#vtp mode client ALswitch( config)#vtp domain CISCO ALswitch( config)#end ALswitch#copy run start DLswitch#conf t DLswitch( config)#vtp mode server "Pass Any Exam. Any Time." - www.actualtests.com 319
Ac
1. Configure the VTP information with the distribution layer switch as the VTP server 2. Configure the VTP information with the access layer switch as a VTP client 3. Configure VLANs on the distribution layer switch 4. Configure inter-VLAN routing on the distribution layer switch 5. Specific VLAN port assignments will be made as users are added to the access layer switches in the future. 6. All VLANs and VTP configurations are to completed in the global configuration To configure the switch click on the host icon that is connected to the switch be way of a serial console cable.
tua
lTe
sts
.co
The information of the question VTP Domain name: CISCO (Please use the value that given in exam.)
Cisco 642-892: Practice Exam DLswitch( config)#vtp domain CISCO DLswitch( config)#vlan 20 DLswitch( config-vlan)#vlan 21 DLswitch( config-vlan)#exit DLswitch( config)#int vlan 20 DLswitch( config-if)#ip add 172.64.200.1 255.255.255.0 DLswitch( config-if)#int vlan 21 DLswitch( config-if)#ip add 192.162.39.1 255.255.255.0 DLswitch( config-if)#exit DLswitch( config)#ip routing DLswitch( config)#end DLswitch#copy run start Validation ： show run, show vlan, show vtp status on DLswitch and ALswitch
QUESTION NO: 517 Lab 2 (802.1X?VACL)
For security reasons, it is necessary to restrict access to VLAN 20 in the following manner: Users connecting to ASWi's port must be authenticate before they are given access to the network. Authentication is to be done via a Radius server:Radius server host: 172.120.39.46Radius key: radl23Authentication should be implemented as close to the host device possible.Devices on VLAN 20 are restricted to in the address range of 172.120.40.0/24.Packets from devices in the address range of 172.120.40.0/24 should be passed on VLAN 20.Packets from devices in any other address range should be dropped on VLAN 20.Filtering should be implemented as close to the server farm as possible. The Radius server and application servers will be installed at a future date. You have been tasked with implementing the above access control as a pre-condition to installing the servers. You must use the available IOS switch features.
Ac
tua
The topology diagram indicates their layer 2 mapping. VLAN 40 is a new VLAN that will be used to provide the shipping personnel access to the server.
lTe
Acme is a small shipping company that has an existing enterprise network comprised of 2 switches; DSWl and ASW2.
sts
.co
320
Ac
tua
lTe
sts
.co
321
Ac
tua
lTe
sts
.co
322
Cisco 642-892: Practice Exam Explanation: ASWl#conft ASWl( config)#aaa new-model ASWl( config)#radius-server host 172.120.39.46 key rad123 ASWl( config)#aaa authentication dotlx default group radius ASWl( config)#dotlx system-auth-control ASWl( config)#int fastEthernet 0/1 ASWl( config-if)#switchport mode access ASWl( config-if)#switchport access vlan 20 ASWl( config-if)#dotlx port-control auto ASWl( config-if)#end ASWl#copyrun start DSWl#conft DSVVl( config)#ip access-list standard 10 DSWl( config-std-nacl)#permit 172.120.40.0 0.0.0.255 DSWl( config-std-nacl)#exit DSWl( config)#vlan access-map PASS 10 DSWl( config-access-map)#match ip address 10 DSWl( config-access-map)#action forward DSWl( config-access-map)#exit DSW1( config)#vlan filter PASS vlan-list 20 DSW1( config)#end DSWl#copyrun start
QUESTION NO: 518
Lab 3. (OSPFV3 Virtual-Link) Acme is a small export company that has an existing enterprise network that is running IPv6 OSPFv3. Currently OSPF is configured on all routers .However, R4's loopback address (FEC0:4:4) cannot be seen in Rl's IPv6 routine table. You are tasked with identifying the cause of this fault and implementing the needed corrective actions that uses OSPF features and does no change the current area assignments. You will know that you have corrected the fault when R4's loopback address (FEC0:4:4) can ping from R1 to R4 loopback addressSpecial Note: To gain the maximum number of points you must remove all incorrect or unneeded configuration statements related to this issue.
Ac
tua
lTe
sts
.co
323
Ac
tua
lTe
sts
.co
324
Ac
tua
lTe
sts
.co
325
Ac
tua
lTe
sts
.co
326
Ac
tua
lTe
sts
.co
327
Ac
tua
lTe
sts
.co
328
Ac
tua
lTe
sts
.co
329
Ac
tua
lTe
sts
.co
330
R2( config)#ipv6 router ospf 1 R2( config-router)#area 11 virtual-link 3.3.3.3 R2( config-router)#end R2#copy run start R3( config)#ipv6 router ospf 1 R3( config-router)#area 11 virtual-link 2.2.2.2 R3( config-router)#no area 54 virtual-link 4.4.4.4 R3( config-router)#end R3#copy run start R4( config)#ipv6 router ospf 1 R4( config-router)#no area 54 virtual-link 3.3.3.3 R4( config-router)#end R4#copy run start
Validation: Show run show ipv6 route on R1 and R4 ping ipv6 FECO :1 ::X(X is 4 or 1)
Ac
tua
lTe
Explanation: Get current config by issuing show run
sts
.co
331
Cisco 642-892: Practice Exam QUESTION NO: 519 Lab. (STP) Acme is a small export company that has an existing enterprise network comprised of 5 switches; C0RE.DSW1, DSW2, ASW1 and ASW2 the topology diagram indicates their desired per-VLAN spanning tree mapping. Previous configuration attempts have resulted in the following issues: CORE should be the root bridge for VLAN 20 ; however ,DSW1 is currently the root bridge for VLAN 20 .Traffic for VLAN 30 should be forwarding over the gig 1/0/6 trunk port between DSW1 and DSW2. However VLAN 30 is currently using gig 1/0/5Traffic for VLAN 40 should be forwarding over the gig 1/0/5 trunk port between DSW1 and DSW2. However VLAN 40 is currently using gig 1/0/6 You have been tasked with isolating the cause of these issuer and implementing the appropriate solutions. Your task is complicated by the fact that you only have full access to DSW1 With isolating the cause of these issues and implementing the appropriate solutions. Your task is complicated by the fact that you only have full access to DSW1 .with the enable secret password Cisco. Only limited show command access is provided on CORE, and DSW2 using the enable 2 level with a password of acme. No configuration changes will be possible on these routers. No access is provided to ASW1 or ASW2.
Ac
tua
lTe
sts
.co
332
Ac
tua
lTe
sts
.co
333
Ac
tua
lTe
sts
.co
334
QUESTION NO: 520
(EIGRP Stub?Manual Summary)
Ac
tua
Verification D DSW1# show spanning-tree vlan 20 DSW1# show spanning-tree vlan 40 DSW2# show spanningtree vlan 30
lTe
Explanation: DSWl#conf t DSWl( config)#spanning-tree vlan 20 priority 61440 DSWl( config)#int g1/0/5 DSWl( config-if)#spanning-tree vlan 40 cost 1 DSWl( config-if)#no shut DSWl( config-if)#exit DSWl( config)#int g1/0/6 DSWl( config-if)#spanning-tree vlan 30 port-priority 64 DSWl( config-if)#no shut DSWl( config-if)#end DSWl#copy run start
sts
.co
335
Ac
tua
lTe
sts
.co
336
Ac
tua
lTe
sts
.co
337
Ac
tua
lTe
sts
.co
338
Ac
tua
lTe
sts
.co
339
Ac
tua
lTe
sts
.co
340
Ac
tua
lTe
sts
.co
341
Ac
tua
lTe
sts
.co
342
R3#conf t R3( config)#router eigrp 123 R3( config-router)#no eigrp stub receive-only R3( config-router)#eigrp stub R3( config-router)#end R3#copy run start R4#conf t R4( config)#int s0/0 R4( config-if)#ip summary-address eigrp 123 10.0.0.0 255.0.0.0 R4( config-if)#no shut R4( config-if)#end R4#copy run start Validation: 1. Show ip route on R2, should exist R3 route (172.16.1.0 ), ping 172.16.1.1 should success 2. Show ip route on R4, show a summary route (NULL 10.0.0.0/8 in route) 3. Show ip route on R3, whether receiver the summary route from R4, should only exist 2 10.0.0.0 subnet route. "Pass Any Exam. Any Time." - www.actualtests.com 343
Ac
tua
lTe
Explanation: show run for current config info
sts
.co
QUESTION NO: 521 Lab 6.（EIGRP & ISIS Redistribution ）
Explanation: show run for current config info
Blockade#conf t Blockade( config)#router isis Blockade( config-router)#redistribut eigrp 100 level-1 metric 50 Blockade( config-router)#router eigrp 100 Blockade( config-router)#redistribut isis level-1 metric 512 10 255 1 1500 Blockade( config-router)#redistribut connected Blockade( config-router)#end Blockade#copy run start Validation: "Pass Any Exam. Any Time." - www.actualtests.com 344
Ac
tua
lTe
sts
.co
Cisco 642-892: Practice Exam 1. show ip route on Ballista and Oxybeles to make sure the redistribute route are received. 2. successfuly ping looback0 on each route
QUESTION NO: 522 LAB
Explanation: Portland # conf t Portland ( config)# router ospf 1 Portland ( config-router)# network 192.168.3.5 0.0.0.3 area 1 Portland ( config-router)# area 1 stub Portland ( config-router)# end Portland # copy run start Indianapolis # conf t Indianapolis ( config)# router ospf 1 Indianapolis ( config-router)# network 192.168.3.6 0.0.0.3 area 1 Indianapolis ( config-router)# area 1 stub no-summary Indianapolis ( config-router)# end Indianapolis # copy run start
QUESTION NO: 523
Ac
tua
lTe
sts
.co
345
Cisco 642-892: Practice Exam The CertKiller headquarter office for a book retailer is installing a temporary Catalyst 3550 in an IDF to connect 24 additional users. To prevent network corruption, it is important to have the correct configuration prior to connecting to the production network. It will be necessary to ensure that the switch does not participate in VTP but forwards VTP advertisements that are received on trunk ports. Because of errors that have been experienced on office computers, all nontrunking interfaces should transition immediately to the forwarding state of Spanningree. Also, configure the user ports(all FastEthernet ports) so that the ports are permanently nontrunking. You will have to scroll this window and the problem statement window to view the entire problem. To configure the switch click on a host icon that is connected to a switch by a serial console cable(shown in the diagram as a curved solid black line).The [Tab] key.
Ac
tua
Explanation: CertKiller-S#conf t CertKiller- S( config)#vtp mode transparent CertKiller- S( config)#interface range fa0/1 - 24 CertKiller- S( config-if-range)#switchport mode access CertKiller- S( config-if-range)#spanning-tree portfast CertKiller- S( config-if-range)#exit CertKiller- S( config)#interface range fa0/12 - 24 CertKiller- S( config-if-range)#switchport access vlan 10 CertKiller- S( config-if-range)#end CertKiller-S# copy run start
lTe
sts
.co
346

Cisco 642-892 Practice Exam

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cisco 642-892 Practice Exam

Uploaded by

Copyright:

Available Formats

Cisco 642-892

CISCO 642-892 Composite Exam

"Pass Any Exam. Any Time." - www.actualtests.com

QUESTION NO: 4 Which statement is true concerning 6to4 tunneling?

"Pass Any Exam. Any Time." - www.actualtests.com

"Pass Any Exam. Any Time." - www.actualtests.com