N -

Destination Groups:
172.16.10.1
22411

Refer to the exhibit. An engineer ran this show telemetry command to view subscription SUB11 on RouterX. The engineer then decided that RouterY should provide the same output for sensor group SGroup13 as RouterX.
The engineer cannot access RouterX to copy its configuration. No access lists on the router block user access. Which configuration must the engineer apply on RouterY to provide the same output from the shox
telemetry command?
© RouterY(config)# telemetry model-driven
RouterY (config-model-driven)# subscription SGroup13
RouterY(config-model-driven-subs)# sensor-group-id SGroup13 sample-interval 20000
RouterY(config)# telemetry model-driven
RouterY(config-model-driven)# subscription SUB11
RouterY(config-model-criven-subs)# sensor-group-id SGroup13 sample-interval 20000
RouterY (config-model-driven-subs)# destination-id DGroup1
RouterY(config)# telemetry model-driven
®

RouterY (config-model-driven)# sensor-group SGroup13

RouterY (config-model-di grp)# sensor-path
N a
seid " 1010102 1010103
oc

o 1010105 oss
« N « N
RIE Rey
router ompf 10 a router ospt 10
log-addacency
sabeork 0.0.0.0changes
0.0.0.3 axes 0 1log-adjacency-changes
network 10.0.0.12 0.0.0. network
eo a 10.0.0.0 0.0.0.3
Petwork 10.10.10.1 9.9.0.0 area 0 network 10.
Zoute-map ospf-default-route permit 10 Betwork 10.0.0.4
match ip address 10
set metric 2
“a6 mateio-type © ype-2
access-list 10 permit 192.168.1.1 0.0.0.0

Refer to the exhibit. The operations team for a service provider network is implementing a route map pclicy. OSPF area 0 should originate the default route with a type 2 metric of 2 when the application server on the connected
interface (192.168.1.1) is up. Routers RL and RM have set up OSPF peering with other adjacent routers. Which action meets this requirement?
® Apply default-information originate route-map ospf-default-route on router RL.
© Apply default-information originate route-map ospf-default-route on router RM.
© Configure distribute-list route-map ospf-default-route out on router RL.
© Configure distribute-list route-map ospf-default-route out on router RM.

BGPéston Bap 6s201

« > bGPpeens twa0.1010x
R3#show ip bap 192.168.1.1
BGP routing table entry for 192.168.1.1/32, version 14
Paths: (2 available, best #1, table Default IF Routing Table)
lag: 0x820
Advertised to update-groups:
1
65101
10.10.10.2 (atric 2) Exon 10.10.10.2 (152168.90.)
Origin IGP, localpref 100, valid, external,
65101
10.10.10.6 (notric 2) from 10.10.10.6 (172.16.20.1)
Origin IGP, metric 0, localpref 100, valid, internal

Refer to the exhibit. A network engineer is implementing BGP in AS 65101 and AS 65201. R3 sends data traffic to 192.168.1.1/32 via the path R3-R2-R1. The traffic must travel via alternate path R6-RS5 for prefix 192.168.1.1/32.
Which action must oe taken to meet ihe requirement?
© Apply route-map HIGH-LP in on R3 for neighbor R6.
© Apply route-map HIGH-MED out on R2 for neighbor R3.

© Apply route-map LOW-LP out on R2 for neighbor R3.

© Apply route-map LOW-MED in on R5 for neighbor R2.

 L oe
route-map clscotest deny 10
20
match ip address prefix-list ciscotestpfxlist
set tag 5
route-nap ciscotest permit 30

Refer fo the exhibit. A client wants to filter routes to a BGP peer to limit access to restricted areas within the network. The engineer configures the route map ciscotest to filter routes from the BGP neignbor. The engineer also sets
atag that will be used for QoS in the future. Which task must be performed to complete the implementation?
© Allach the new route map o the BGP neighbor statement in the inbound direction.
© Add a route map statement with secuence 40 that links a BGP community {o the routing protocol.
© Greate a route map, configure BGP with an IPv4 address family, and activate the reighoor.
O Create a policy map named ciscotest and apply it to inbound traffic on the link that is directly connected to the BGP neighbor.

L Kecoraing
import import
from requests. auth import HTTPBasicAuth
auth = HTTPBasicAuth ('cisco_device', 'cisco_device')
= { 'Accept': 'application/yang-data+json', 'Content-Type': 'application/yang-data+json' }
https: //172.168.211.65/restconf/data/Cisco-I0S-XE-native: native/interface/GigabitEthernet=0/1

"10.1.131.112",
255.255.255.252"

response = requests.patch (url, verify=False)

print (“Done + response.status)

Refer to the exhibit. To optimize network operations, the senior architect created this Python 3.9 script for network automation tasks and to leverage Ansible 4.0 playbooks. Devices in the network support only RFC 2617-based
authentication. What does the script do?
© The scriptlogs in via 55H and configures interface GigabitEthernetd/1 with IP address 10.1.131.112i30.
@ The script leverages REST API calls and configures interface GigabitEthernet0/1 with IP address 10.1.131.112/30.

© The script performs a configuration sanity check on the device with IP address 172.168.211.656 via HTTP and returns an alert if the payload field fails to match.

© The script parses the JSON response from the router at IP address 172.168 211.65 and checks if the interface Gigabit=thernet0/1 with IP address 10.1.131.112 exists on the router.

L -
Which set of facts must the network architect consider when deciding whether to implement SaltStack or Chef?

@® Chefis an agent-based tool based on Ruby, and SaltStack is a module tool based on Python.

(Chef is written in Python, and SaltStack is written in Ruby.

(© Chef uses a message-based system, and SaltStack uses an agent to deliver messages.

(OO Chef refers to its automation instructions as manifests, and SaltStack refers to its instructions as a playbook.

. _
Which fact must a network engineer consider when planning to deploy RSVP-TE FRR?

O PLR prefers FRR NHOP backup tunnels over NNHOP tunnels.

© FRR protects MPLS LDP and RSVP-TE LSPs.

© The FRR backup tunnel reserves the total bandwidth of all protected tunnels.

@ PLR prefers FRR NNHOP backup tunnels over NHOP tunnels.

 \

Which action occurs during the traceback phase of the six-phase approach to service provider security?

© Review the whole attack-handling process.

@® Trace the attack that flows from the attacked sections of the network toward the network edges.

© Detect unusual activity or behavior and activate appropriate measures after an alert is raised.

0] Mitigate the attack that flows using various mechanisms.

Which core component of MDT describes the data that an MDT-capable device streams to a collector?

© transport protocol

@ sensor path

© subscription

O encoder

L recoraing

Application server
Costomer etwort

&n per
I a

Refer to the exhibit. The application server in the data center hosts voice, video, and data applications over the interret. The data applications run more slowly than the voice and video applications. To ensure that all applications
un smoothly, the service provider decided to implement a QoS policy on router PE-R2 to apply traffic shaping. Which two actions must an engineer take to implement the task? (Chcose two.)
Configure the scheduling function to handle delayed packets.
Set the token value for secondary traffic.
0) Seta threshold to discard excess trafic.
Configure a queue tc buffer excess traffic.
J Enable packet remarking for priority traffic.

Refer to the exhibit. In the service provider network, routers PE1, PE2, and PE4 have access to the internet and provide access to customer networks. Router PE3 is used for access tc other customer systems. In accordance
with a new SLA, an engineer is updating settings on this network so that router CE1 accesses the internet via PE1 instead of PE2. Which two tasks must the engineer perform to complete the process? (Choose two.)
On PE1, configure the internet VRF vith import route target 102:102.

(O On PE2 and PE3, configure the internet

VRF with import route target 101:101.

(J On PEZ, configure the internet VRF with import route target 102:102.

On PE2, configure the CE1 VRF with import route target 101:101.

[J On PE1 and PE4, configure the internet

VRF with import route targets 102:102 and 104:104.
 10.10.0104

10.10.10.5 1010.10.6
OSPF/LOP

Refer to the exhibit. An engineering team must update the network configuration so that data traffic from router A to router D continues in case of a network outage between routers B and C. During a recent outage on the B-C
link, the IGF traffic path was switched to the alternate path via routers E and F, but label forwarding did not occur an the new path. Which action ensures that traffic on the end-to-end path continues?
© Bind the BFD protocol with IGP on all routers.

@® Enable MPLS LDP IGP Synchronization on all routers.

© Configure the same hello timer values for IGP anc LDP.

© Enable LDP Session Protection on routers A and D.

.
Anetwork engineer must collect traffic statistics for an internal LAN toward the internet. The sample must include the source and destination IP addressas, the destination ports, the total number of bytes from each flow using a
64-bit counter, and all transport flag information. Because of CPU limits, the flow collector processes samples that are a maximum of 20 seconds long. Which two configurations must the network engineer apply tc the router?
(Choose two.)
© match ipv4 protocol
match ipv4 source address
match Ipv4 destination address
match transport destination-port
match interface output
collect ipv4 source mask
collect ipv4 source prefix
collect ipv4 destination prefix
collect ipv4 destination mask
collect transport tcp destination-port
collect counter bytes long
collect flow direction
collect transport tcp flags
cache-period timer active 20
data export timeout 2
«cache timeout active 20
[u]

template data timeout 120

collect ipv4 tcp protocol

a

collect ipv4 destination address

collect tcp destination-port
collect application name
collect interface output
collect ipv4 cos
match ipv4 destination
match ipv4 port
match counter packets
match flow direction
match transport tep-flags
L
In an EVPN operation, how does the PE determine and advertise Ethernet segment reachability?

O The PE discovers other PEs in the same Ethernet segment and elects a DF.

O The PE discovers remote ESIs and determines their redundancy mode.

The PE discovers and shares routing information for the B-MAC addresses associated with local Ethernet segments.
o

The PE discovers the remote PEs in the EVI and builds a flood list linked with the EVI.
®

N
A network architect must implement CSC VPN services for a new backbone carrier. Which two benefits does the architecture provide? (Choose two.)

It supports a scalable growth strategy that services multiple customers efficiently.

O

It eliminates the need to maintain a centralized network-maintenance and operations strategy.

8

It leverages IPsec to establish connections within the backbone, which eliminates the need for BGP to distribute routes.

It maintains a single backbone, which simplifies the VPN implementation to customers.

0

(J ltrelies on IP communications, which simplifies the network design.

 Internet Public Prefix Allocation
RFC1913

010023.031

Refer to the exhibit. The CE router is peering vith both PE routers and advertising a public prefix to the intemet. Routing to and from this prefix will be zsymmetiic under certain network conditions, but packets must not be
discarded. Which configuration must an engineer apply to the two PE routers so that they validate reverse packet forwarding for packets entering their Gi2 interfaces and drop trzffic from the RFC1918 space?
@ interface GigabitEthernet 2
ip verify unicast source reachable-via rx
© ip verify unicast source reachable-via any allo-default
ip verify unicast source reachable-via rx allow-default
oO

interface GigabitEthernet 2
Oo

ip verify unicast source reachable-via any

Referto the exhibit. Tier 1 ISP A purchased several Tier 2 ISPs to increase their customer base and provide more regional coverage. ISP A plans to implement MPLS services in the access layer, with scalability up to 100,000
devices in one packet network and service recovery up to 50 ms. The network architect decided to use different independent IGP and LDP domains and interconnect LSPs that are based on RFC 3107. Which two actions must
the network engineer perform to meet the requirements? (Chocse two.)

(©) Configure three OSPF areas, with Area 0 in the core domain, and Areas 2 and 3 in the aggregation domain.
©) Implement BGP connectivity between routers R1 and R4 with VPNv4 address family enabled.
©) Implement the IS-IS routing protocol on the access comain.
Impement BGP PIC core functionality on routers R2 and R3.
BGP inline RR With next-hop-self on routers Rz and R3.

Refer to the exhibit. Which part of the diagram will host OpenStack components?

© Aggregation

O Access

@® UCS Series

O Core
 Fobshow bop erigin-as validity
Networx Next Hop Matric Loorre Weight Fath
o> 22.110.26.0/24 10.10.30.2 ° 02007
0 101.20.39.0/24 10.10.10.2 3 02007
> 192.160.22.1/32_ 10.10.10.2 ° 0200 7

Refer to the exhibit. A network engineer is configuring router RB to secure BGP advertisements against route hijacking activity. RB must validate all prefixes that it receives from origin AS 200 before installing them in the BGP
route table. Which configuration meets the requirement?

® RB(config)# router bgp 100

RB(config-router)# address-famil ipv4 unicast
RB(config-router-af)# bgp origi -as validation enable
RB(config)# router bgp 100
[e]

RB(config-router)# address-family ipv4 unicast

RB(config-router-af)# bgp bestpath origin-as use validity
RB(config-bgp)# router bgp 100
(e]

RB(config-bgp)# bgp origin-as validation time off

RB(config-bgp)# router bgp 100
Oo

RB(config-bgp)# bgp origin-as validation signal ibgp

RB(config-bgp)# bgp bestpath origin-as allow invalid

L —
What is the purpose of RSVP tear messages?

O to confirm successful end-to-end resource allocation

© to notify the tail-end router of resource unavailability on the transit router

O to reuse router resources for other reservation requests

@ to inform the headend router of LSP issues

L
Which role does the Adjacency-SID sub-TLV extension perform in the IS-IS routing protocol?

O Itis advertised within TLV-145 (IS-IS Prefix Reachability ion) to label host pi on lo p! interfaces on Level 2 routers within one IS-IS area.

® tis advertised within TLV-22 (Extended IS Reachability) to label a specific link in a segment routing domain.

© Itis advertised within TLV-136 (Extended IP Reachability) to label a specific node in the network.

© Itis advertised within TLV-24 (IS-IS Neighbor Adjacency Attribute) to label a specific adjacency between Level 1 routers within one IS-IS area.

<13extOut name="13outl">
<13extLNodeP name="cisconodel">
<bgpPeerP addr="192.168.1.2">
<bgpAsP asn="65514"/>
</bgpPeerr>
</13extLNodeP>
<bgpEXtE/>
</13extout>

Refer to the exhibit. A global company plans to implement BGP at ts newest location to provide connectivity to other offices. The global infrastructure of the company is a multivendor environment. An engineer must review the
BGP core configurations at to ine if they can be at the new location. The engineer copied this JSON script for review. What s the effect of the script?
@® It configures BGP on the device and inserts 192.168.1.0/24 into the BGP table using the origin AS 65514.

O It configures BGP with neighbor 192.168.1.2 residing in AS 65514.

O It sets the BGP router-ID to 192.168.1.2 and sets the AS of the router to 65514.

O It configures a VRF named cisconode1 and a BGP instance using the VPNv4 address family.
 \
The NOC engineer in a service provider network must configure an SNMP community on switch SW with these security attributes:
* Event messages must be authenticated with the MD5 algorithm and encrypted.
¢ The remote user name for the SNMP server at 172.16.10.1 is AuthNocUser.

Which configuration must the engineer apply to the switch?

SW(config)# p-server ity rod

[@)

SW(config)# snmp-server enable traps snmp authentication

SW(config)# snmp-server host cisco.com version 2¢ public

© SW(config)# shmp-server group group1 v3 noauth

SW(config)# snmp-server user AuthNocUser group1 remote 172.16.10.1
SW(config)# snmp-server host 172.16.10.1 informs version 3 noauth remoteuser config

SW(config)# snmp-server group group3 v3 priv

Oo

SW(config)# >snmp-server user AuthNocUser group3 remote 172.16.10.1 v3 auth md5 Cisco@123 priv des 56
@® SW(config)# snmp-server group group2 v3 auth
SW(config)# snmp-server user AuthNocUser group2 remote 172.16.10.1 v3 auth md5 password1

'
telemetry model-driven
destination-group DGroup2
address family ipvd
172.10.10.10 port 57500
encoding self-describing-gpb
protocol grpc
commit
'

Refer to the exhibit. A network engineer at a large ISP is configuring telemetry streams to monitorthe health status of PE routers on the network using gRPC dial-out. The PE routers are located at several data centers in different
physical locations, and they are using IS-IS and BGP for routing. Which additional configuration must the engineer implement on the PE routers to meet the goal?
® sensor-group SGroup2
sensor-path Cisco-I0S-XR-nto-misc-ops
\
subscription Sub2
sensor-group-id SGroup2 sample-interval 30000
destination-id DGroup2
I" mm.

What is an enhancement that Cisco IOS XE Software has over Cisco 10S Software?

© Itruns on a 32-bit operating system.

@ tis built on a QNX Neutrino Microkernel.

© It allows all processes to use the same pool of memory.

© It supports symmetric multiprocessing.

= ISP_B

Refer to the exhidit. R1 has two upstream Tier 1 service providers. BGP is in use as the exterior routing protocol, and ISP_A and ISP_B are sending the full BGP table. A neiwork engineer must assign local-preference 70 to all
routes with multiple exit discriminator 30. Which configuration must the network engineer apply?
® route-policy routepolicy
if destination 0.0.0.0/0 and med 30 then
setlocal-preference 70

end-policy
O route-policy routepolicy
if destination in (0.0.0.0/0) and {med = 30) then
set local-preference 170
else
setlocal-preference 70

end-policy

route-policy routepoli
tion in (.*) and med eq 70 then
set local-preference 30
else
drop
endif
end-policy
© route-policy routepolicy
if med eq 30 then
setlocal-preference 70
else pass
endif
end-policy
 L Recoraing

Refer to the exhibit. Routers R1 through RS are being deployed within the core of a service provider running BGP. The core supports distribution of VPNv4 routes using MPLS. R3 currently has multiple paths to reach R4. A
network engineer must implement BGP attributes so that R3 can rezch R4 via R1. Which action must the engineer take to meet the requirement?
O Configure R3 so the route to R4 through R1 will have a lower local preference than the route from R2 or R5.

© Configure R5 to send the route from R4 to R1 using a longerAS path than the AS path that it receives from R1 or R2.

® Configure R3 so the route to R4 through R1 will have a higher weight than the route from R2 or RS.

[0] Configure R2 to send the route from R4 to R1 using a higher metric than what is advertised to R3.

te tri
router(config-route-map)# match tag 777
router(config-route-map)# set ip next-hop 0.0.1.1
fouter(config-route-map)# set origin igp
router( it J sef rt

Refer to the exhibit. EIGRP is running across the core to exchange internal routes, and each router maintains BGP adjacency with the other routers on the network. An operator has configured static routes on the edge routers
R1 and R2 for IP address 10.0.1.1, which s used as a black hole route zs shown. Which configuration should the operator implement to the management router to create a route map that will redistribute tagged static routes
into BGP and create a static route to blackhole traffic with tag 777 that is destined to the server a: 192.168.10.1007
© router(configi# router bgp 55100
rol ig-router)# redistri static route. trigger
router(config}# ip route 192.168.10.100 255.255.255.255 Null0 tag 777
® router(configi# router bgp 55100
rol ig-router)# redistribute static route. trigger
router(config}# ip route 10.0.1.1 255.255.255.255 Null0 tag 777
© router(config}# router bgp 55100
rou ig-router)# redistri t trigger
router(config}# ip route 192.168.10.100 255.255.255.255 Null0 tag 777
[e] router(config}# router bgp 55100
rot ig-router)# redistri

router(config}# ip route 192.168.10.100 255.255.255.255 tag 777

1722020332

Refer to the exhibit. The customer that owns the CE-1, CE-2, and CE-3 routers purchased point-to-point E-Line services from the Carrier Ethernet provider The service provider is delivering multiplexed UNI at the customer
HQ location on PE-1 and untegged UNIs at the PE-2 and PE-3 locations. Additionally, the customer provided these VLAN to EVC mapping requirements
* EVC 1 between CE-1 and CE-2 must be provisioned with C-VLAN 12 at the HQ location.
* EVC 2 between CE-1 and CE-3 must be provisioned with C-VLAN 13 at the HQ location.
‘Which configuration must the network engineer implement on the PE routers to provide end-to-end Carrier Ethernet service to the customer?

® On PE-1:
interface GigabitEthernet0/1
ser tance 1 ethernet
culation dot1q 12
rewrite ingress tag pop 1 symmetric
xconnect 172.20.20.2 1001201 encapsulation mpls
!
instance 2 ethernet
sulation dot1q 13
rewrite ingress tag pop 1 symmetric
xconnect 172.20.20.3 1001301 encapsulation mpls
On PE-2:
interface GigabitEthernet0/2
service instance 1 ethernet
encapsulation untagge
xconnect 172.20.20.1 1001201 encapsulation mpls
On PE-3:
interface GigabitEtherneto/3
service tance 1 ethernet
encapsulation untagged
xconnect 172.20.20.1 1001301 encapsulation mpls
Refer to the exhibit. An engineer is scripting ACLs to handle traffic on the given network. The engineer must block users on the network be:ween R1 and R2 from leaving the network through R5, but these users must still be able
to access all resources within the administrative domain. How must the engineer implement the ACL configuration?

® Configure an AGL that permits traffic to all Internal networks and denles traffic to any external address, and apply it to the R2 interface to R1 In the ingress direction.
© Configure an ACL that permits traffic to any internal address, and apply it to the RS interfaces to R3 and R4 in the egress direction.
© Configure an ACL that denies traffic to any internal address and denies traffic to any external address, and apply it to the RS interfaces to R3 and Rd in the ingress direction.
© Configure a permit any ACL on the R1 interface to R2 in the egress direction, and a deny any ACL on the interface in the ingress direction.

Why is the keyword none needed when implementing management plane security Por TACACS+?

© lt allows the router to query a RADIUS server when the TACACS+ server is unreachable.

© It prevents all users from accessing router 1 unless the TACACS+ server is reachable.

O It allows the local database to authenticate when the TACACS+ server is unreachable.

@ It allows authentication to succeed when the TACACS+ server is unreachable.

.
An ISP is implementing end-to-end fault monitoring for a customer based on the IEEE 802.3ah standard. The solution must detect when 15 or more corrupted Ethernet packets arrive within 10 ms and stop propagating traffic
through the ISP backbone network or to the customer side. Which configuration must the ISP engineer apply?
® ethernet oam
ethernet oom link-monitor receive-crc window 10
he igh 15
ethernet oam
o nkemonitor transmit-crc window 1
ethernet oam link-monitor transmit-crc threshold ‘high 15
ethernet oam link-monitor high. action r interface

© ethernet oam link-monitoring enable

-

ethernet oam link-monitor crc-errors ingress time-window 10

ethernet oam link-monitor cre-errors ingress threshold high 15
ethernet oam link-monitor crc-errors egress time-window 10
ethernet oam link-monitor crc-errors egress threshold high 15
g action face
ethernet oam link-monitoring
[o)

ethernet oam link-monitor res

ethernet oam link-monitor receive-crc threshold high 10
ethernet oam link-monitor high-threshold action disable-interface
© ethernet oam link-monitoring
oam link: itor re
ethernet cam link-monitor res
ethernet oam link-monitor transmit cre-errors period 10
ethernet oam link-monitor transmit crc-errors limit 15
ethernet oam link-monitor limit action error-disable interface

mises

~~

- & NP 3%

Refer to the exhibit. The ISP is implementing a new hosting-as-a-service solution for its business customers. Service accessibility must be unique and separate fcr each customer. The network architect must ensure that multiple
paths toward the hosting-as-a-srvice solution are always available. Basic protection against traffic back-holing on the MPLS network is required in case of link fzilure. Which two actions must the engineering team perform to
meet the requirements? (Choose two.)
Configure the fast-hello command under the IS-IS routing protccol with the BGP multipath 2 option enabled.

(©) Enable the VRF-Lite feature on router R4 and enable BGP address-famly VPNv4.
(J Configure lhe fast-reroute per-prefix command for the IS-IS protocol in the MPLS network and enable he BGP roule-reflector fzalure on R2.

Configure the mpls Idp syne command in the MPLS network with the BGP additional-paths receive and additional-paths send options.
(Create the hosting-as-g-service VRF on router R4 and configure it with the route target both 65123:88 command.
 L [—

PE1
vet ciscotest
rd 202:101
address-family ipv4 unicast
label mode per-vrf
redistribute connected

Refer to the exhibit. An ISP engineer configured a VRF to isolate traffic for the customer ciscotest as shown. Now, the engineer must implement the Intra-AS VPN feature on PE1 to pass traffic between customer sites. Which
additional configuration must the engineer apply to PE1 to meet this requirement?
O router bgp 64525
address-family ipv4 unicast
neighbor 192.168.1.1
remote-as 64520
update-source Loopback0
address-family ipv4 unicast
O router bgp 64525
address-family ipv4 unicast
neighbor 192.168.1.1
remote-as 64526
address-family ipv4 unicast
® router bgp 64525
address-family vpnv4 unicast
neighbor 192.168.1.1
remote-as 64525
update-source Loopback0
address-family vpnv4 unicast
O router bgp 64525
address-family vpnv4 unicast
neighbor 192.168.1.1
remote-as 64516
update-source Loopback0
address-family vpnv4 unicast

Refer to the exhibit. BGP is running in the core of the service provider to exchange routes for its customers, and OSPF serves as the PE-CE routing protocol. The service provider's existing customer at CE1 is opening a new
office in a different geographical location connected via CE2. A network engineer must update the BGP implementation so that PE1 and PE2 vill share routes ard provide communication between CE1 and CE2. Which action
must the engineer take?

© Configure CE1 and CE2 (0 establish a BGP reialionship with PE1 and PE2.
@ Configure PE1 and PE2 to redistribute OSPF from the VRF for the customer into BGP.
© Configure CE1 and CE2 with a pscudowire that will run over the service provider core.
© Configure PE1 and PE2 to mutually redistribute BGP and OSPF in the VRF for the customer.

Refer to the exhibit. The engineering team wants to limit control traffic on router RX with the following IP address assignments:
+ Accepted traffic for router: 10.0.0.0/24
* NOC users IP allocation: 192.168.10.0/24

Which additional configuration must be applied to RX to apply the policy for MSDP?

© RX(config)#access: t 151 permit tcp any gt 1024 10.10.00 0.0.0.255 eq 639

RX(config)#access: t 151 permit tcp any eq 639 10.10.0.0 0.0.0.255 gt 1024 established

© RX(config)#access-list 151 permit tep any 10.0.0.0 0.0.0.255 eq 639

RX(config)#access-list 151 permit udp any 10.0.0.0 0.0.0.255 eq 639

@® RX(config)#access-list 150 permit tcp any gt 1024 10.0.0.0 0.0.0.255 eq 639

RX(config)#access-list 150 permit tcp any eq 639 10.0.0.0 0.0.0.255 gt 1024 established
© RX(config)#access-list 150 permit tcp any 10.0.0.0 0.0.0.255 eq 639
RX(config)#access-list 150 permit udp any 10.0.0.0 0.0.0.255 eq 639
 Loo: 172.188 pen—

10.142.20.030

pel.nycléshow running-config | s router bgp cel. nycléshow run | s router bgp

router bgp 65000
router bgp 65300 bap log-neighbor-changes
template peer-session CUSTOMER-DEFAULTS neighbor 172.18.10.1 remote-as 65300
10g-neighbor-changes neighbor 172.18.10.1 ebgp-multinop 2
timers 30 90 neighbor 172.18.10.1 update-source GigabitEthernet3
exit-peer-session neighbor 172.18.10.1 timers 5 15
! :
bgp log-neighbor-changes address-family ipvd
no bgp default ipv4-unicast neighbor 172.18.10.1 activate
neighbor 172.19.10.10 remote-as 65000 exit-address-family
neighbor 172.19.10.10 inherit peer-session CUSTOMER-DEEAULTS coi nycidishow run | in ip route
neighbor 172.19.10.10 description cel.nycl ip route 172.18.10.1 255.255.255.255 GigabitEthernet? 10.142.20.1 5
neighbor 172.19.10.10 ebgp-multihop 5 ip route 172.18.10.1 255.255.255.255 GigabitEthernet3 10.142.20.5 10
neighbor 172.19.10.10 update-source Loopback
'
address- family ij
neighbor 172.19.10.10 activate
neighbor 172.19.10.10 default-originate
neighbor 172.19.10.10 prefix-1ist ADVERTISE-DEFAULT-ONLY out
exit-address-family
pel.nycléshow run | in ip route
ip route 172.19.10.10 255.255.255.255 GigabitEthernet2 10.142.20.2
ip route 172.19.10.10 255.255.255.255 GigabitEthernet3 10.142.20.6

Refer to the exhibit. An engineer started to configure a router for BGP. Which configuration must the network engineer apply to router CE1.NYC1 so that it establishes an eBGP multihop session with PE1.NYC1?
© router bgp 65000
neighbor 172.18.10.1 timers 30 90

© router bgp 65000

no neighbor 172.18.10.1 update-source GigabitEthernet3
neighbor 172.18.10.1 update-source GigabitEthernet2

O router bgp 65000

no neighbor 172.18.10.1 update-source GigabitEthernet3
neighbor 172.18.10.1 update-source Loopback0

® router bgp 65000

neighbor 172.18.10.1 ebgp-multihop 5

Refer to the exhibit. A network administrator implemented MPLS routing between routers R1, R2, R3, and R4. AToM is configured between R1 and R4 to allow Layer 2 traffic from hosts on RA1 and RA2. A targeted MPLS session
is established between R1 and R4. Which additional action must the administrator take on all routers so that LDP synchronization occurs between connected LDP sessions?
O Configure EIGRP as the routing protocol using stub areas only.
O Enable MPLS LDP sync delay timers.
O Disable the MPLS LDP IGP sync holddown.
® Configure OSPF or ISIS as the routing protocol.
 v FE ——

Drag and drop the BGP Best Path Algorithm rules from the left into the corresponding order of importance on the right.

Most important

route with the highest weight

route with the highest local preference

route with the shortest AS_PATH

route with the lowest origin type

route with the lowest

MED

Least important

sap

Refer to the exhibit. Tier 1 ISP A is connected to small Tier 3 ISP B. The EBGP routing protocol is used for route exchange. The networking team at ISP A noticed the flapping of BGP sessions with ISP B. The team decides to
improve stability on the network by suppressing the subnet for 30 minutes when a session begins to flap. Which action must the team perform to meet this goal?
© Implement a BGP route-penalty timer on ISP A router R1 with the bgp penalty-timer 30 250 750 15 command.
O Implement BGP route suppression on ISP A router R2 with the bgp suppression 30 600 1200 30 command.
® Implement BGP route dampening on ISP A router R1 with the bgp dampening 15 700 1500 30 command.
© Implement a BGP foute withdraw-delay timer cn ISP B router R3 with the bgp withdraw-delay 30 15 90 30 command

L Pn
What is a feature of mVPN?

@® It provides the ability to support multicast over a Layer 3 VPN.

© ltrequires unicast to be disabled on the multicast domain.

© It establishes multiple static MDTs for each multicast domain.

© Itrequires the no ip mroute-cache command to be configured on the loopback interface of each BGP peer.
 L pee—
NATIPAT
Gio Gio
DHCP! 101.0024

Refer to the exhibit. An engineer working for 2 service provider with an employee ID: 4504: 33.716 notices that malicious traffic with a source IP in the RFC1918 range is arriving on the WAN connection to the internet and
impacting customer resources on the LAN. Which ACL must the engineer i n M-CPE-1 to block the malicious traffic
O ip access-list extended DROP_BAD_TRAFFIC
deny ip 10.0.0.0 0.255.255.255 any
deny ip 172.16.0.0 0.15.255.255 any
deny ip 192.168.0.0 0.0.255.255 any
permit ip any any
terface Gig 0/1
ip access-group DROP_BAD_TRAFFIC out
ip access-list extended DROP_BAD_TRAFFIC
[e}

deny ip 10.0.0.0 0.255.255.255 any

deny ip 172.16.0.0 0.15.255.255 any
deny ip 192.168.0.0 0.0.255.255 any
permit ip any any

interface Gig 0/0

ip access-group DROP_BAD_TRAFFIC in
@ ip list DROP_BAD_
deny ip any 10.0.0.0 0.255.255.255
deny ip any 172.16.0.0 0.15.255.255
deny ip any 192.168.0.0 0.0.255.255
permit ip any any
!
interface Gig 0/1
ip accoss-group DROP_BAD_TRAFFIC out

R1# show run int tunnel-mte 10

interface tunnel-mtel0
ipv4 unnumbered Loopback0
destination 10.20.0.1
path-option 1 dynamic
'
destination 10.30.0.1
path-option 1 dynamic
'
destination 10.40.0.1
path-option 1 dynamic

Refer to the exhibit. An engineer must implement a traceroute operation to verify the R1 point-to-multipoint LSP connections. The traceroute operation must return all labels and hop-by-hop IP addresses for destinations
10.20.0.1, 10.30.0.1, and 10.40.0.1, and the maximum number of hops is 4. Which command must be executed to meet the requirements?
O traceroute mpls ipv4 10.30.0.1/32 fec-type generic
® traceroute mpls ipv4 10.20.0.1/32 ttl 4
© traceroute mpls traffic-eng tunnel-mte 10 responder-id 10.40.0.1
) traceroute mpls traffic-eng tunnel-mte 10 ttl 4

N a
Arouter is advertising multiple networks to its BGP neighbor in AS 5200 with peer IP address 1.1.1.1. Which configuration must be applied so that the router permits updates only for networks with 2 prefix mask length less than
or equal to 21?
O router bgp 5100
neighbor 1 1 remote-as 5200
neighbor 1.1.1.1 prefix-list SELECTED
ip prefix- t SELECTED seq 10 permit 0.0.0.0/0 ge 8 le 24
router bgp 5100
[e]

neighbor 1.1.1.1 remote-as 5200

neighbor 1 1 prefix-list SELECTED in

ip prefix-list SELECTED seq 10 permit 0.0.0.0/0 ge 21 le 24

© router bgp 5100
or 1.1.1.1 remote.as 5200
neighbor 1.1.1.1 prefix-list SELECTED in
ip prefix-list SELECTED seq 10 permit 0.0.0.0/0 le 21

© router bgp 5100

neighbor 1.1.1.1 remote-as 5200
neighbor 1.1.1.1 prefix-list SELECTED
ip prefix-list SELECTED seq 10 permit 0.0.0.0/0 ge 21
 Which capability does the MPLS TE FRR facility backup protection method provide?

© creating a bypass LSP for each protected LSP at each point of local repair

© defining the set of characteristics for the backup TE LSP

© assigning a backup TE LSP tunnel to the protected node at the headend of the protected TE LSP

leveraging label stacking to protect selected TE LSPs using a single backup TE LSP

A network operater with an employee ID: 4504:33:716 must implement a PIM-SSM multicast configuration on the customer's network so that users in different domains are able to access and stream live traffic. The IGMP version
must be enabled to support the SSM implementation. Which action must the engineer perform on R1 to complete the SSM implementation?
O Ri(configi# ip pim ssm range 1
Ri1(config}# interface ethernet 1/0
R1(config-if)# Ip pim sparse-dense-mode
Ri (config-if}# ip igmp version 2
R1(config}# ip routing multicast
0

R1(config}# ip pim ssm range 1

R1(config}# ip pim passive
R1(config}# ip pim dense-mode
R1(config-ify# ip igmp version 3
R1(config}# ip pim bidir-enable
R1(corfig}# ip multicast-routing
Q

R1(config}# ip pim autorp |

R1(config-ify# ip igmp version 2
Ri(config}# ip multicast-routing
@®

R1(config}# ip pim ssm default

Ri(config}# interface ethernet 1/0
R1(config-ify# ip pim sparse-mode
Ri (config-if)# ip igmp version 3

_ 172.36.12.1
10/0 510/0/1

Ne J 610/071
Ca
R1éshow policy-map
Policy Map pm fromcu
Class CE
set mpls experimental imposition 4

Refer to the exhibit. Router R1 is configured with class map CE with match ip precedence critical to align with customer contract SLAs. The customer is sending all traffic from CE1 toward the FTP server with IP precedence 5.
A network engineer must allow 10% of interface capacity cn router R3. Which two actions must the engineer take to accomplish the task? (Choose two.)
Implement a class map on R3 to match all packets with QoS IP precedence value 101.
Apply a policy map to R1 to reserve the remaining 10% of interface bandwidth.
[<]

0 Implement a class map on R3 to match all packets wih QoS IP precedence value 011.
o Implement a class map on R1 to match all packets with QoS IP precedence value 100.
Apply a policy map to R3 to reserve 10% of interface bandwidth.
a]
 L recoraing

Refer to the exhibit. An engineer at ISP C is configuring a new interconnestion with ISPs A and B using the BGP protocol. After the initial configuration, the engineer noticed high memory usage and an abnormally large LIB table
on router R2. Which two actions must the engineer take on R2 to minimize memory usage? (C1oose wo.)
(Configure Extended AGL 101 with accepted prefixes.

Configure Standard ACL 1 with accepted prefixes.

© Configure the mpls Idp neighbor 1.1.1.1 labels accept 101 command.

Configure the mpls Idp neighbor 11.11.11.11 labels accept 1 command.

©) Configure the mpls Idp neighbor 21.21.21.21 labels accept 101 command.

A
Which programmable API allows the service provider to plan and optimize the automation of network operations and achieve closed-loop operations?

© Network Services Orchestrator

@® Crosswork Network Automation

© WAN Automation Engine

© Evolved Programmable Network Manager