Page: 1
/ 5
Total 74 questions
Which two AVPs will be sent by the GGSN within the CCR request when an update PDP request with IEs: NSAPI value 6 and Linked NSAPI value 5 is received?
(Choose two.)
- A. Called-Station-ID
- B. Used-Service-Unit
- C. Bearer-ID
- D. Requested-Service-Unit
- E. Bearer-Operation= Modification
Answer : AC
Refer to the exhibit.
Which two rating groups would be included within the AVP Multiple-Services-Credit-Control within the CCR-I message by the Cisco ASR 5000 GGSN? (Choose two.)
- A. 100
- B. 400
- C. 300
- D. 200
- E. 500
Answer : CD
Which two parameters are used on the Cisco ASR 5000 GGSN to build the RADIUS authentication attribute Acct-Session-ID, sent within the RADIUS Disconnect-
Request? (Choose two.)
- A. charging-ID
- B. IMSI
- C. RADIUS client IP address
- D. NSAPI
- E. framed-IP-address
- F. username
Answer : AC
When Wi-Fi offloading is enabled, which authentication protocol is used by the TTG over the Wm interface to authenticate/retrieve subscription information at the time of PDP activation?
- A. IPsec
- B. EAP
- C. SSL
- D. CHAP
Answer : B
Which description of a smurf attack is true?
- A. A smurf attack is an attack in which small TCP packets are sent toward a server from thousands of subscribers, which causes the server network buffer to overflow and drop packets and results in a denial of service.
- B. A smurf attack is an attack in which the attacker sends ICMP echo request packets using a spoofed source IP address destined to remote network broadcast addresses, which results in all recipients replying back to the spoofed source IP address in an attempt to cause a denial of service to the targeted spoofed IP address.
- C. A smurf attack is an attack in which the attacker sends UDP echo packets using a spoofed source IP address destined to remote network broadcast addresses, which results in all recipients replying back to the spoofed source IP address in an attempt to cause a denial of service to the targeted spoofed IP address.
- D. A smurf attack is an attack in which the attacker attempts to change the TCP MSS value to a small value for all TCP flows destined to the target device, which results in many small packets having to be processed by the target, which causes buffer overflows and denial of service.
Answer : B
Your company has decided to implement URL blacklisting for the ACME company rulebase and discard any blacklisted matches found in subscriber HTTP traffic.
Which configuration accomplishes this task?
- A. active-charging service acme_acs url-blacklisting method exact-match rulebase acme_rulebase url-blacklisting action discard
- B. active-charging service acme_acs url-blacklisting method exact-match rulebase acme_rulebase url-blacklisting action terminate-flow
- C. active-charging service acme_acs url-blacklisting method http post url-blacklisting method http get rulebase acme_rulebase url-blacklisting action discard
- D. active-charging service acme_acs url-blacklisting method http post url-blacklisting method http get rulebase acme_rulebase url-blacklisting action terminate- flow
Answer : A
Which option describes the ICAP protocol?
- A. ICAP is a protocol designed to enable inter-device communications for different vendor systems to share information about subscribers in a common format. ICAP allows for subscriber session control for actions such as session disconnect and suspension.
- B. ICAP is a protocol designed to enable subscribers to communicate in a peer-to-peer network for file sharing purposes and is often used to circumvent upstream content filtering.
- C. ICAP is a communication access package consisting of a mixed platform of services such as web, FTP, and authentication. ICAP is used to minimize the deployment footprint and expedite new offerings for Internet service providers.
- D. ICAP is a protocol designed to support dynamic content filtering, insertion, and modification of web pages. ICAP allows interaction with external content servers such as parental control (content filtering) servers to provide content filtering service support.
Answer : D
Your company is adding additional subscriber IP network ranges and requires many-to-one NAT to be configured on the Cisco ASR 5000 for the subscriber IP network 10.11.23.0/24. The public IP range is 172.20.21.20 172.20.21.110, and each IP has no more than 100 subscribers.
Which configuration option accomplishes this task?
- A. active-charging service ACS_ACME access-ruledef apn_cisco ip src-address = 10.11.23.0/24 fw-and-nat policy base_1 access-rule priority 1 access-ruledef apn_cisco permit nat-realm nat_pool1 nat policy nat-required default-nat-realm nat_pool1 rulebase acme_rulebase fw-and-nat default-policy base_1 context cisco ip pool nat_pool1 range 172.20.21.20 172.20.21.110 napt-users-per-ip-address 100
- B. active-charging service ACS_ACME access-ruledef apn_cisco ip src-address = 10.11.0.0/16 fw-and-nat policy base_1 access-rule priority 1 access-ruledef apn_cisco permit nat-realm nat_pool1 nat policy nat-required default-nat-realm nat_pool1 rulebase acme_rulebase fw-and-nat default-policy base_1 context cisco ip pool nat_pool1 range 172.20.21.20 172.20.21.110 napt-users-per-ip-address 1000
- C. active-charging service ACS_ACME access-ruledef apn_cisco ip src-address = 10.11.23.0/24 nat-and-pat policy nat_1 access-rule priority 1 access-ruledef apn_cisco permit nat-realm nat_pool1 nat policy nat-required default-nat-realm nat_pool1 context cisco ip pool nat_pool1 range 172.20.21.20 172.20.21.29 napt-users-per-ip-address 100
- D. active-charging service ACS_ACME access-ruledef apn_cisco ip src-address = 10.11.23.0/24 fw-and-nat policy base_1 access-rule priority 1 access-ruledef apn_cisco permit nat-realm nat_pool1 nat policy nat-required default-nat-realm nat_pool1 rulebase acme_rulebase fw-and-nat default-policy base_1 context cisco ip pool nat_pool1 range 172.20.21.20 172.20.21.29 napt-users-per-ip-address 100
Answer : A
Which option describes how DNS snooping is used on the Cisco ASR 5000?
- A. DNS snooping allows the Cisco ASR 5000 to snoop DNS query packets and compare against known DNS responses. If a match is found, the Cisco ASR 5000 replies to the query itself instead of forwarding the query to the destination DNS server.
- B. DNS snooping allows the Cisco ASR 5000 to detect if a DNS response sent back to a subscriber is valid. If the response is invalid, the Cisco ASR 5000 drops the packet.
- C. DNS snooping allows the Cisco ASR 5000 to enable set of dynamic IP rules to be installed based on the response to DNS queries sent by a subscriber that matches a configured domain rule definition. Dynamic IP rules are created for these IP entries within the same rule that has the domain name, which applies the same charging action to these dynamic rules.
- D. DNS snooping allows the Cisco ASR 5000 to enable set of dynamic domain rules to be installed based on the response to DNS queries sent by a subscriber that matches a configured domain rule definition. Dynamic domain rules are created for the DNS responses within the same rule that has the domain name, which applies the same charging action to these dynamic rules.
Answer : C
Which statement describes HTTP header enrichment and its uses?
- A. HTTP header enrichment allows the operator to define a policy that inserts x-header fields into HTTP POST or GET request packets to provide specific subscriber information such as IMSI or MSISDN to the HTTP server without changing the protocol.
- B. HTTP header enrichment is the process that allows HTTP headers to be compressed for optimal transfer across the network.
- C. HTTP header enrichment allows the operator to define a policy that detects the HTTP packet that requires header enrichment. If a match occurs, the policy drops the packet, modifies the packet inline with quality of service definitions, or creates a log message and forwards the packet unmodified.
- D. HTTP header enrichment is the process in which a HTTP packet is analysed for missing or partial header fields. If missing fields are detected or incomplete, the Cisco ASR 5000 can then take action to insert a new header, repair an existing header, create a log entry, and forward the packet.
Answer : A
Which two nodes are introduced as part of UMTS as defined by 3GPP standards? (Choose two.)
- A. SGSN
- B. GGSN
- C. RNC
- D. VLR
- E. NodeB
- F. VLR
Answer : CE
What is the standard Subsystem Number for the Gf interface in the UMTS domain?
- A. 6
- B. 7
- C. 8
- D. 9
Answer : D
Which interface in the UMTS domain uses the BSSAP+ layer?
- A. Gs
- B. Gr
- C. Ge
- D. Ga
Answer : A
Into which state does a UE in a GPRS network move after the ready timer expires?
- A. idle state
- B. detached state
- C. suspended state
- D. ready state
- E. standby state
Answer : E
Which option describes the message that establishes the direct tunnel between RNC and GGSN?
- A. SGSN context request/response and modify PDP context request/response
- B. SGSN: Initiated update PDP context request/response and RAB assignment request/response
- C. GGSN: Initiated update PDP context request/response and RAB assignment request/response
- D. SGSN: Initiated update PDP context request/response and modify PDP context request/response
Answer : B
30 days access 