CCNP Implementing Cisco IP Routing (ROUTE v2.0) v1.0 (300-101)

Page:    1 / 57   
Total 851 questions

A network engineer is configuring a routed interface to forward broadcasts of UDP 69, 53, and 49 to 172.20.14.225. Which command should be applied to the configuration to allow this?

  • A. router(config-if)#ip helper-address 172.20.14.225
  • B. router(config-if)#udp helper-address 172.20.14.225
  • C. router(config-if)#ip udp helper-address 172.20.14.225
  • D. router(config-if)#ip helper-address 172.20.14.225 69 53 49


Answer : A

Explanation:
To let a router forward broadcast packet the command ip helper-address can be used. The broadcasts will be forwarded to the unicast address which is specified with the ip helper command. ip helper-address {ip address}
When configuring the ip helper-address command, the following broadcast packets will be forwarded by the router by default:
-> TFTP "" UDP port 69
-> Domain Name System (DNS) "" UDP port 53
-> Time service "" port 37
-> NetBIOS Name Server "" port 137
-> NetBIOS Datagram Server "" port 138
-> Bootstrap Protocol (BOOTP) "" port 67
-> TACACS "" UDP port 49

A network engineer is configuring SNMP on network devices to utilize one-way SNMP notifications. However, the engineer is not concerned with authentication or encryption. Which command satisfies the requirements of this scenario?

  • A. router(config)#snmp-server host 172.16.201.28 traps version 2c CISCORO
  • B. router(config)#snmp-server host 172.16.201.28 informs version 2c CISCORO
  • C. router(config)#snmp-server host 172.16.201.28 traps version 3 auth CISCORO
  • D. router(config)#snmp-server host 172.16.201.28 informs version 3 auth CISCORO


Answer : A

Explanation:
Most network admins and engineers are familiar with SNMPv2c which has become the dominant SNMP version of the past decade. It"™s simple to configure on both the router/switch-side and just as easy on the network monitoring server. The problem of course is that the SNMP statistical payload is not encrypted and authentication is passed in cleartext. Most companies have decided that the information being transmitted isn"™t valuable enough to be worth the extra effort in upgrading to SNMPv3, but I would suggest otherwise.
Like IPv4 to Ipv6, there are some major changes under the hood. SNMP version 2 uses community strings (think clear text passwords, no encryption) to authenticate polling and trap delivery. SNMP version 3 moves away from the community string approach in favor of user-based authentication and view-based access control. The users are not actual local user accounts, rather they are simply a means to determine who can authenticate to the device. The view is used to define what the user account may access on the IOS device. Finally, each user is added to a group, which determines the access policy for its users. Users, groups, views.

When using SNMPv3 with NoAuthNoPriv, which string is matched for authentication?

  • A. username
  • B. password
  • C. community-string
  • D. encryption-key


Answer : A

Explanation:
The following security models exist: SNMPv1, SNMPv2, SNMPv3. The following security levels exits: "noAuthNoPriv" (no authentiation and no encryption "" noauth keyword in CLI), "AuthNoPriv109thernet109ationre authenticated but not encrypted "" auth keyword in CLI), "AuthPriv" (messages are authenticated and encrypted "" priv keyword in CLI). SNMPv1 and SNMPv2 models only support the "noAuthNoPriv" model since they use plain community string to match the incoming packets. The SNMPv3 implementations could be configured to use either of the models on per-group basis (in case if "noAuthNoPriv" is configured, username serves as a replacement for community string).
Reference:
http://blog.ine.com/2008/07/19/snmpv3-tutorial/

After a recent DoS attack on a network, senior management asks you to implement better logging functionality on all IOS-based devices. Which two actions can you take to provide enhanced logging results? (Choose two.)

  • A. Use the msec option to enable service time stamps.
  • B. Increase the logging history
  • C. Set the logging severity level to 1.
  • D. Specify a logging rate limit.
  • E. Disable event logging on all noncritical items.


Answer : AB

Explanation:
The optional msec keyword specifies the date/time format should include milliseconds. This can aid in pinpointing the exact time of events, or to correlate the order that the events happened. To limit syslog messages sent to the router"™s history table and to an SNMP network management station based on severity, use the logging history command in global configuration mode. By default, Cisco devices Log error messages of severity levels 0 through 4 (emergency, alert, critical, error, and warning levels); in other words, "saving level warnings or higher." By increasing the severity level, more granular monitoring can occur, and SNMP messages will be sent by the less sever (5-7) messages.

A network engineer finds that a core router has crashed without warning. In this situation, which feature can the engineer use to create a crash collection?

  • A. secure copy protocol
  • B. core dumps
  • C. warm reloads
  • D. SNMP
  • E. NetFlow


Answer : B

Explanation:
) to identify the cause of the crash. Core dumps are
generally very useful to your technical support representative.
Four basic ways exist for setting up the router to generate a core dump:
-> Using Trivial File Transfer Protocol (TFTP)
-> Using File Transfer Protocol (FTP)
-> Using remote copy protocol (rcp)
-> Using a Flash disk
Reference:
http://www.cisco.com/en/US/docs/internetworking/troubleshooting/guide/tr19aa.html

A network engineer is trying to implement broadcast-based NTP in a network and executes the ntp broadcast client command. Assuming that an NTP server is already set up, what is the result of the command?

  • A. It enables receiving NTP broadcasts on the interface where the command was executed.
  • B. It enables receiving NTP broadcasts on all interfaces globally.
  • C. It enables a device to be an NTP peer to another device.
  • D. It enables a device to receive NTP broadcast and unicast packets.


Answer : A

Explanation:
The NTP service can be activated by entering any ntp command. When you use the ntp broadcast client command, the NTP service is activated (if it has not already been activated) and the device is configured to receive NTP broadcast packets on a specified interface simultaneously.


Reference:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/bsm/command/bsm-xe-3se-3850-cr-book/bsm-xe-3se-3850-cr-book_chapter_00.html

What is a function of NPTv6?

  • A. It interferes with encryption of the full IP payload.
  • B. It maintains a per-node state.
  • C. It is checksum-neutral.
  • D. It rewrites transport layer headers.


Answer : C

Explanation:
RFC 6296 describes a stateless Ipv6-to-Ipv6 Network Prefix Translation (NPTv6) function, designed to provide address independence to the edge network. It is transport-agnostic with respect to transports that do not checksum the IP header, such as SCTP, and to transports that use the TCP/UDP/DCCP (Datagram
Congestion Control Protocol) pseudo-header and checksum
NPTv6 provides a simple and compelling solution to meet the address-independence requirement in Ipv6. The address-independence benefit stems directly from the translation function of the network prefix translator. To avoid as many of the issues associated with NAPT44 as possible, NPTv6 is defined to include a two- way, checksum-neutral, algorithmic translation function, and nothing else.
Reference:
http://tools.ietf.org/html/rfc6296

Ipv6 has just been deployed to all of the hosts within a network, but not to the servers. Which feature allows Ipv6 devices to communicate with Ipv4 servers?

  • A. NAT
  • B. NATng
  • C. NAT64
  • D. dual-stack NAT
  • E. DNS64


Answer : C

Explanation:
NAT64 is a mechanism to allow Ipv6 hosts to communicate with Ipv4 servers. The NAT64 server is the endpoint for at least one Ipv4 address and an Ipv6 network segment of 32-bits (for instance 64:ff9b::/96, see RFC 6052, RFC 6146). The Ipv6 client embeds the Ipv4 address it wishes to communicate with using these bits, and sends its packets to the resulting address. The NAT64 server then creates a NAT-mapping between the Ipv6 and the Ipv4 address, allowing them to communicate.
Reference:
http://en.wikipedia.org/wiki/NAT64

A network engineer initiates the ip sla responder tcp-connect command in order to gather statistics for performance gauging. Which type of statistics does the engineer see?

  • A. connectionless-oriented
  • B. service-oriented
  • C. connection-oriented
  • D. application-oriented


Answer : C

Explanation:
Configuration Examples for IP SLAs TCP Connect Operations
The following example shows how to configure a TCP Connection-oriented operation from Device B to the Telnet port (TCP port 23) of IP Host 1 (IP address
10.0.0.1), as shown in the "TCP Connect Operation" figure in the "Information About the IP SLAs TCP Connect Operation" section. The operation is scheduled to start immediately. In this example, the control protocol is disabled on the source (Device B). IP SLAs uses the control protocol to notify the IP SLAs responder to enable the target port temporarily. This action allows the responder to reply to the TCP Connect operation. In this example, because the target is not a Cisco device and a well-known TCP port is used, there is no need to send the control message.
Device A (target device) Configuration
configure terminal
ip sla responder tcp-connect ipaddress 10.0.0.1 port 23
Reference:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipsla/configuration/15-mt/sla-15-mt-book/sla_tcp_conn.html

A network engineer executes the "ipv6 flowset" command. What is the result?

  • A. Flow-label marking in 1280-byte or larger packets is enabled.
  • B. Flow-set marking in 1280-byte or larger packets is enabled.
  • C. Ipv6 PMTU is enabled on the router.
  • D. Ipv6 flow control is enabled on the router.


Answer : A

Explanation:
Enabling Flow-Label Marking in Packets that Originate from the Device
This feature allows the device to track destinations to which the device has sent packets that are 1280 bytes or larger.

SUMMARY STEPS -
1. enable
2. configure terminal
3. ipv6 flowset
4. exit
5. clear ipv6 mtu

DETAILED STEPS -


Reference:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6_basic/configuration/15-mt/ip6b-15-mt-book/ip6-mtu-path-disc.html

A network engineer executes the show ip flow export command. Which line in the output indicates that the send queue is full and export packets are not being sent?

  • A. output drops
  • B. enqueuing for the RP
  • C. fragmentation failures
  • D. adjacency issues


Answer : A

Explanation:
Table 5 show ip flow export Field Descriptions


References:
http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/oaggnf.html

A network engineer is asked to configure a "site-to-site" Ipsec VPN tunnel. One of the last things that the engineer does is to configure an access list (access-list 1 permit any) along with the command ip nat inside source list 1 int s0/0 overload. Which functions do the two commands serve in this scenario?

  • A. The command access-list 1 defines interesting traffic that is allowed through the tunnel.
  • B. The command ip nat inside source list 1 int s0/0 overload disables "many-to-one" access for all devices on a defined segment to share a single IP address upon exiting the external interface.
  • C. The command access-list 1 permit any defines only one machine that is allowed through the tunnel.
  • D. The command ip nat inside source list 1 int s0/0 overload provides "many-to-one" access for all devices on a defined segment to share a single IP address upon exiting the external interface.


Answer : D

Explanation:
Configuring NAT to Allow Internal Users to Access the Internet Using Overloading


Note in the previous second configuration, the NAT pool "ovrld"only has a range of one address. The keyword overload used in the ip nat inside source list 7 pool ovrld overload command allows NAT to translate multiple inside devices to the single address in the pool.
Reference:
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml

A network engineer is configuring a solution to allow failover of HSRP nodes during maintenance windows, as an alternative to powering down the active router and letting the network respond accordingly. Which action will allow for manual switching of HSRP nodes?

  • A. Track the up/down state of a loopback interface and shut down this interface during maintenance.
  • B. Adjust the HSRP priority without the use of preemption.
  • C. Disable and enable all active interfaces on the active HSRP node.
  • D. Enable HSRPv2 under global configuration, which allows for maintenance mode.


Answer : A

Explanation:
The standby track command allows you to specify another interface on the router for the HSRP process to monitor in order to alter the HSRP priority for a given group. If the line protocol of the specified interface goes down, the HSRP priority is reduced. This means that another HSRP router with higher priority can become the active router if that router has standby preempt enabled. Loopback interfaces can be tracked, so when this interface is shut down the HSRP priority for that router will be lowered and the other HSRP router will then become the active one.
Reference:
http://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/13780-6.html

A network engineer is notified that several employees are experiencing network performance related issues, and bandwidth-intensive applications are identified as the root cause. In order to identify which specific type of traffic is causing this slowness, information such as the source/destination IP and Layer 4 port numbers is required. Which feature should the engineer use to gather the required information?

  • A. SNMP
  • B. Cisco IOS EEM
  • C. NetFlow
  • D. Syslog
  • E. WCCP


Answer : C

Explanation:

NetFlow Flows Key Fields -
A network flow is identified as a unidirectional stream of packets between a given source and destination--both are defined by a network-layer IP address and transport-layer source and des""nation port numbers. Specifically, a flow is identified as the combination of the following key fields:
-> Source IP address
-> Destination IP address
-> Source Layer 4 port number
-> Destination Layer 4 port number
-> Layer 3 protocol type
-> Type of service (ToS)
-> Input logical interface

An organization decides to implement NetFlow on its network to monitor the fluctuation of traffic that is disrupting core services. After reviewing the output of
NetFlow, the network engineer is unable to see OUT traffic on the interfaces. What can you determine based on this information?

  • A. Cisco Express Forwarding has not been configured globally.
  • B. NetFlow output has been filtered by default.
  • C. Flow Export version 9 is in use.
  • D. The command ip flow-capture fragment-offset has been enabled.


Answer : A

Explanation:
We came across a recent issue where a user setup a router for

NetFlow -
export but was unable to see the OUT traffic for the interfaces in NetFlow Analyzer. Every
NetFlow configuration aspect was checked and nothing incorrect was found. That is when we noticed the "˜no ip cef"™ command on the router.

CEF -
was enabled at
the global level and within seconds,

NetFlow Analyzer -
started showing OUT traffic for the interfaces. This is why this topic is about Cisco Express Forwarding.
What is switching?
A Router must make decisions about where to forward the packets passing through. This decision-making process is called "switching". Switching is what a router does when it makes the following decisions:
1. Whether to forward or not forward the packets after checking that the destination for the packet is reachable.
2. If the destination is reachable, what is the next hop of the router and which interface will the router use to get to that destination.
What is CEF?
CEF is one of the available switching options for Cisco routers. Based on the routing table, CEF creates its own table, called the Forwarding Information Base
(FIB). The FIB is organized differently than the routing table and CEF uses the FIB to decide which interface to send traffic from. CEF offers the following benefits:
1. Better performance than fast-switching (the default) and takes less CPU to perform the same task.
2. When enabled, allows for advanced features like NBAR
3. Overall, CEF can switch traffic faster than route-caching using fast-switching
How to enable CEF?
CEF is disabled by default on all routers except the 7xxx series routers. Enabling and Disabling CEF is easy. To enable CEF, go into global configuration mode and enter the CEF command.

Router# config t -

Router(config)# ip cef -
Router(config)#
To disable CEF, simply use the "˜no"™ form of the command, ie. "˜no ip cef"˜.
Why CEF Needed when enabling NetFlow?
CEF is a prerequisite to enable NetFlow on the router interfaces. CEF decides through which interface traffic is exiting the router. Any NetFlow analyzer product will calculate the OUT traffic for an interface based on the Destination Interface value present in the NetFlow packets exported from the router. If the CEF is disabled on the router, the NetFlow packets exported from the router will have "Destination interface" as "null" and this leads NetFlow Analyzer to show no OUT traffic for the interfaces. Without enabling the CEF on the router, the NetFlow packets did not mark the destination interfaces and so NetFlow Analyzer was not able to show the OUT traffic for the interfaces.
Reference:
https://blogs.manageengine.com/network-2/netflowanalyzer/2010/05/19/need-for-cef-in-netflow-data-export.html

Page:    1 / 57   
Total 851 questions