2019 Free Microsoft EnsurePass 100-105 Dumps VCE and PDF Download Part 8

EnsurePass
Exam Dumps
100-105 Dumps VCE and PDF
2019 100-105 Dumps VCE and PDF

 

QUESTION 71

Refer to the exhibit. Assume that all router interfaces are operational and correctly configured. In addition, assume that OSPF has been correctly configured on router R2. How will the default route configured on R1 affect the operation of R2?

 

image051

 

A.

Any packet destined for a network that is not directly connected to router R2 will be dropped immediately.

B.

Any packet destined for a network that is not referenced in the routing table of router R2 will be directed to R1. R1 will then send that packet back to R2 and a routing loop will occur.

C.

Any packet destined for a network that is not directly connected to router R1 will be dropped.

D.

The networks directly connected to router R2 will not be able to communicate with the 172.16.100.0, 172.16.100.128, and 172.16.100.64 subnetworks.

E.

Any packet destined for a network that is not directly connected to router R2 will be dropped immediately because of the lack of a gateway on R1.

 

Correct Answer: B

Explanation:

First, notice that the more-specific routes will always be favored over less-specific routes regardless of the administrative distance set for a protocol. In this case, because we use OSPF for three networks (172.16.100.0 0.0.0.3, 172.16.100.64 0.0.0.63, 172.16.100.128 0.0.0.31) so the packets destined for these networks will not be affected by the default route.

The default route configured on R1 “ip route 0.0.0.0 0.0.0.0 serial0/0 will send any packet whose destination network is not referenced in the routing table of router R1 to R2, it doesn’t drop anything. These routes are declared in R1 and the question says that “OSPF has been correctly configured on router R2, so network directly connected to router R2 can communicate with those three subnetworks.

As said above, the default route configured on R1 will send any packet destined for a network that is not referenced in its routing table to R2; R2 in turn sends it to R1 because it is the only way and a routing loop will occur.

 

 

QUESTION 72

Refer to the exhibit. Which two statements are true about the loopback address that is configured on RouterB? (Choose two.)

 

image052

 

A.

It ensures that data will be forwarded by RouterB.

B.

It provides stability for the OSPF process on RouterB.

C.

It specifies that the router ID for RouterB should be 10.0.0.1.

D.

It decreases the metric for routes that are advertised from RouterB.

E.

It indicates that RouterB should be elected the DR for the LAN.

 

Correct Answer: BC

Explanation:

A loopback interface never comes down even if the link is broken so it provides stability for the OSPF process (for example we use that loopback interface as the router-id)  The router-ID is chosen in the order below:

+ The highest IP address assigned to a loopback (logical) interface.

+ If a loopback interface is not defined, the highest IP address of all active router’s physical interfaces will be chosen. > The loopback interface will be chosen as the router ID of RouterB.

 

QUESTION 73

Given an IP address of 192.168.1.42 255.255.255.248, what is the subnet address?

 

A.

192.168.1.8/29

B.

192.168.1.32/27

C.

192.168.1.40/29

D.

192.168.1.16/28

E.

192.168.1.48/29

 

Correct Answer: C

Explanation:

248 mask uses 5 bits (1111 1000)

42 IP in binary is (0010 1010)

The base subnet therefore is the lowest binary value that can be written without changing the output of an AND operation of the subnet mask and IP…

1111 1000 AND

0010 1010 equals

0010 1000 – which is .40

/24 is standard class C mask.

Adding the 5 bits from the .248 mask gives /29

 

 

QUESTION 74

Which two statements describe the process identifier that is used in the command to configure OSPF on a router? (Choose two.)

 

Router(config)# router ospf 1

 

A.

All OSPF routers in an area must have the same process ID.

B.

Only one process number can be used on the same router.

C.

Different process identifiers can be used to run multiple OSPF processes

D.

The process number can be any number from 1 to 65,535.

E.

Hello packets are sent to each neighbor to determine the processor identifier.

 

Correct Answer: CD

Explanation:

Multiple OSPF processes can be configured on a router using multiple process ID’s.

The valid process ID’s are shown below:

Edge-B(config)#router ospf

<1-65535> Process ID

 

 

QUESTION 75

What is the default administrative distance of the OSPF routing protocol?

 

A.

90

B.

100

C.

110

D.

120

E.

130

F.

170

 

Correct Answer: C

Explanation:

Default Distance Value Table

This table lists the administrative distance default values of the protocols that Cisco supports:

 

image053

 

If the administrative distance is 255, the router does not believe the source of that route and does not install the route in the routing table.

 

 

QUESTION 76

What OSPF command, when configured, will include all interfaces into area 0?

 

A.

network 0.0.0.0 255.255.255.255 area 0

B.

network 0.0.0.0 0.0.0.0 area 0

C.

network 255.255.255.255 0.0.0.0 area 0

D.

network all-interfaces area 0

 

Correct Answer: A

Explanation:

Example 3-1 displays OSPF with a process ID of 1 and places all interfaces configured with an IP address in area 0. The network command network 0.0.0.0 255.255.255.255 area 0 dictates that you do not care (255.255.255.255) what the IP address is, but if an IP address is enabled on any interface, place it in area 0.

Example 3-1 Configuring OSPF in a Single Area

 

router ospf 1

network 0.0.0.0 255.255.255.255 area 0

 

Reference: http://www.ciscopress.com/articles/article.asp?p=26919&seqNum=3

 

 

QUESTION 77

To allow or prevent load balancing to network 172.16.3.0/24, which of the following commands could be used in R2? (Choose two.)

 

image054

image055

 

A.

R2(config-if)#clock rate

B.

R2(config-if)#bandwidth

C.

R2(config-if)#ip ospf cost

D.

R2(config-if)#ip ospf priority

E.

R2(config-router)#distance ospf

 

Correct Answer: BC

Explanation:

http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a0080094e9e.shtml#t6

 

The cost (also called metric) of an interface in OSPF is an indication of the overhead required to send packets across a certain interface. The cost of an interface is inversely proportional to the bandwidth of that interface. A higher bandwidth indicates a lower cost. There is more overhead (higher cost) and time delays involved in crossing a 56k serial line than crossing a 10M Ethernet line. The formula used to calculate the cost is:

Cost = 10000 0000/bandwidth in bps

For example, it will cost 10 EXP8/10 EXP7 = 10 to cross a 10M Ethernet line and will cost 10 EXP8/1544000 =64 to cross a T1 line.

By default, the cost of an interface is calculated based on the bandwidth; you can force the cost of an interface with the ip ospf cost <value> interface subconfiguration mode command.

 

 

QUESTION 78

Refer to the exhibit. The network is converged.After link-state advertisements are received from Router_A, what information will Router_E contain in its routing table for the subnets 208.149.23.64 and 208.149.23.96?

 

image056

 

A.

208.149.23.64[110/13] via 190.173.23.10, 00:00:07, FastEthemet0/0 208.149.23.96[110/13] via 190.173.23.10, 00:00:16, FastEthemet0/0

B.

208.149.23.64[110/1] via 190.172.23.10, 00:00:07, Serial1/0 208.149.23.96[110/3] via 190.173.23.10, 00:00:16, FastEthemet0/0

C.

208.149.23.64[110/13] via 190.173.23.10, 00:00:07, Serial1/0 208.149.23.96[110/13] via 190.173.23.10, 00:00:16, Serial1/0 208.149.23.96[110/13] via 190.173.23.10, 00:00:16, FastEthemet0/0

D.

208.149.23.64[110/3] via 190.172.23.10, 00:00:07, Serial1/0 208.149.23.96[110/3] via 190.173.23.10, 00:00:16, Serial1/0

 

Correct Answer: A

Explanation:

Router_E learns two subnets subnets 208.149.23.64 and 208.149.23.96 via Router_A through FastEthernet interface. The interface cost is calculated with the formula 108 / Bandwidth. For FastEthernet it is 108 / 100 Mbps = 108 / 100,000,000 = 1. Therefore the cost is 12 (learned from Router_A) + 1 = 13 for both subnets -> The cost through T1 link is much higher than through T3 link (T1 cost = 108 / 1.544 Mbps = 64; T3 cost = 108 / 45 Mbps = 2) so surely OSPF will choose the path through T3 link -> Router_E will choose the path from Router_A through FastEthernet0/0, not Serial1/0. In fact, we can quickly eliminate answers B, C and D because they contain at least one subnet learned from Serial1/0 -> they are surely incorrect.

 

 

QUESTION 79

An administrator is in the process of changing the configuration of a router. What command will allow the administrator to check the changes that have been made prior to saving the new configuration?

 

A.

Router# show startup-config

B.

Router# show current-config

C.

Router# show running-config

D.

Router# show memory

E.

Router# show flash

F.

Router# show processes

 

Correct Answer: C

Explanation:

This command followed by the appropriate parameter will show the running config hence the admin will be able to see what changes have been made, and then they can be saved.

 

 

QUESTION 80

A network administrator is troubleshooting the OSPF configuration of routers R1 and R2. The routers cannot establish an adjacency relationship on their common Ethernet link. The graphic shows the output of the show ip ospf interface e0 command for routers R1 and R2. Based on the information in the graphic, what is the cause of this problem?

 

image057

 

A.

The OSPF area is not configured properly.

B.

The priority on R1 should be set higher.

C.

The cost on R1 should be set higher.

D.

The hello and dead timers are not configured properly.

E.

A backup designated router needs to be added to the network.

F.

The OSPF process ID numbers must match.

 

Correct Answer: D

Explanation:

In OSPF, the hello and dead intervals must match and here we can see the hello interval is set to 5 on R1 and 10 on R2. The dead interval is also set to 20 on R1 but it is 40 on R2.

2019 Free Microsoft EnsurePass 100-105 Dumps VCE and PDF Download Part 7

EnsurePass
Exam Dumps
100-105 Dumps VCE and PDF
2019 100-105 Dumps VCE and PDF

 

QUESTION 61

Identify the four valid IPv6 addresses. (Choose four.)

 

A.

::

B.

::192:168:0:1

C.

2000::

D.

2001:3452:4952:2837::

E.

2002:c0a8:101::42

F.

2003:dead:beef:4dad:23:46:bb:101

 

Correct Answer: ABEF

Explanation:

http://www.intermapper.com/ipv6validator

http://www.ripe.net/lir-services/new-lir/ipv6_reference_card.pdf

 

image046

 

 

QUESTION 62

Which characteristics are representative of a link-state routing protocol? (Choose three.)

 

A.

provides common view of entire topology

B.

exchanges routing tables with neighbors

C.

calculates shortest path

D.

utilizes event-triggered updates

E.

utilizes frequent periodic updates

 

Correct Answer: ACD

Explanation:

Each of routers running link-state routing protocol learns paths to all the destinations in its “area” so we can say although it is a bit unclear. Link-state routing protocols generate routing updates only (not the whole routing table) when a change occurs in the network topology so

Link-state routing protocol like OSPF uses Dijkstra algorithm to calculate the shortest path – > .

Unlike Distance vector routing protocol (which utilizes frequent periodic updates), link-state routing protocol utilizes event-triggered updates (only sends update when a change occurs) ->

 

 

QUESTION 63

Which command enables IPv6 forwarding on a Cisco router?

 

A.

ipv6 host

B.

ipv6 unicast-routing

C.

ipv6 local

D.

ipv6 neighbor

 

Correct Answer: B

Explanation:

Enabling IPv6 on Cisco IOS Software Technology

http://www.ciscopress.com/articles/article.asp?p=31948&seqNum=4

The first step of enabling IPv6 on a Cisco router is the activation of IPv6 traffic forwarding to forward unicast IPv6 packets between network interfaces. By default, IPv6 traffic forwarding is disabled on Cisco routers.

The ipv6 unicast-routing command is used to enable the forwarding of IPv6 packets between interfaces on the router. The syntax for this command is as follows:

Router(config)#ipv6 unicast-routing

The ipv6 unicast-routing command is enabled on a global basis.

 

 

QUESTION 64

Refer to the exhibit. If CDP is enabled on all devices and interfaces, which devices will appear in the output of a show cdp neighbors command issued from R2?

 

image047

 

A.

R2 and R3

B.

R1 and R3

C.

R3 and S2

D.

R1, S1, S2, and R3

E.

R1, S1, S2, R3, and S3

 

Correct Answer: C

Explanation:

A Cisco device enabled with CDP sends out periodic interface updates to a multicast address in order to make itself known to neighbors. Since it is a layer two protocol, these packets are not routed. So the devices detected would be immediate connected neighbors.

 

QUESTION 65

Refer to the exhibit. What is the simplest way to configure routing between the regional office network 10.89.0.0/20 and the corporate network?

 

image048

 

A.

router1(config)#ip route 10.89.0.0 255.255.240.0 10.89.16.2

B.

router2(config)#ip route 10.89.3.0 255.255.0.0 10.89.16.2

C.

router1(config)#ip route 10.89.0.0 255.255.240.0 10.89.16.1

D.

router2(config)#ip route 0.0.0.0 0.0.0.0 10.89.16.1

 

Correct Answer: D

Explanation:

The next hop of the static route should be 10.89.16.1, which is the IP address for router R1 in this example. Since this router is a stub router with only a single connection to the WAN, the simplest thing to do is to configure a single static default route back to the HQ network.

 

 

QUESTION 66

How many bits are contained in each field of an IPv6 address?

 

A.

24

B.

4

C.

8

D.

16

 

Correct Answer: D

Explanation:

One of the key advantages IPv6 brings is the exponentially larger address space. The following will outline the basic address architecture of IPv6.

128-bit-long addresses

Represented in hexadecimal format:

Uses CIDR principles: prefix/prefix length

x:x:x:x:x:x:x:x, where x is a 16-bit hex field

The last 64 bits are used for the interface ID

http://www.cisco.com/en/US/technologies/tk648/tk872/technologies_white_paper0900aecd 8026003d.pdf

 

 

QUESTION 67

Which three approaches can be used while migrating from an IPv4 addressing scheme to an IPv6 scheme? (Choose three)

 

A.

static mapping of IPv4 address to IPv6 addresses

B.

configuring IPv4 tunnels between IPv6 islands

C.

use DHCPv6 to map IPv4 addresses to IPv6 addresses

D.

use proxying and translation (NAT-PT) to translate IPv6 packets into IPv4 packets

E.

configure IPv6 directly

F.

enable dual-stack routing

 

Correct Answer: BDF

Explanation:

Connecting IPv6 islands with tunnels

An IPv6 island is a network made of IPv6 links directly connected by IPv6 routers. In the early days of IPv6 deployment, there are many IPv6 islands. IPv6 in IPv4 tunnels are used to connect those islands together. In each island, one (or more) dual stack routers are designated to encapsulate and decapsulate IPv6 packets within IPv4 packets. Different mechanisms have been developed to manage tunnels: automatic tunnels3, configured tunnels3, tunnel brokers3, 6over43, 6to43,…

 

Reference: http://www.petri.co.il/ipv6-transition.htm

 

Network Address Translation – Protocol Translation (NAT-PT) The NAT-PT method enables the ability to either statically or dynamically configure a translation of a IPv4 network address into an IPv6 network address and vice versa. For those familiar with more typically NAT implementations, the operation is very similar but includes a protocol translation function. NAT-PT also ties in an Application Layer Gateway (ALG) functionality that converts Domain Name System (DNS) mappings between protocols.

 

Dual Stack

The simplest approach when transitioning to IPv6 is to run IPv6 on all of the devices that are currently running IPv4. If this is something that is possible within the organizational network, it is very easy to implement.

However, for many organizations, IPv6 is not supported on all of the IPv4 devices; in these situations other methods must be considered.

 

Reference: http://www.opus1.com/ipv6/howdoitransitiontoipv6.html

 

 

QUESTION 68

OSPF is configured using default classful addressing. With all routers and interfaces operational, how many networks will be in the routing table of R1 that are indicated to be learned by OSPF?

 

image050

 

A.

2

B.

3

C.

4

D.

5

E.

6

F.

7

 

Correct Answer: C

Explanation:

Although OSPF is configured using default classful addressing but OSPF is a link-state routing protocol so it will always send the subnet mask of each network in their advertised routes. Therefore R1 will learn the the complete subnets. Four networks list below will be in the routing table of R1:+ 172.16.2.64/30+ 172.16.2.228/30+ 172.16.2.232/30+ 172.16.3.0/24

Note: Other networks will be learned as “Directly connected” networks (marked with letter “C”)

 

 

QUESTION 69

Which three statements are correct about RIP version 2? (Choose three)

 

A.

It uses broadcast for its routing updates.

B.

It supports authentication.

C.

It is a classless routing protocol.

D.

It has a lower default administrative distance then RIP version 1.

E.

It has the same maximum hop count as RIP version 1.

F.

It does not send the subnet mask any updates.

 

Correct Answer: BCE

Explanation:

A and E are correct according to the theory of RIP. RIP version 1 updates are broadcasts, and RIP version 2 updates are multicast to 224.0.0.9 -> B is not correct.

RIP v1 is a classful routing protocol but RIP v2 is a classless routing protocol -> C is correct.

RIPv1 and RIPv2 have the same default administrative distance of 120 -> D is not correct. RIPv2 is a classless routing protocol so it does send the subnet mask in updates -> F is not correct.

 

 

QUESTION 70

Which two commands will display the current IP address and basic Layer 1 and 2 status of an interface? (Choose two.)

 

A.

router#show version

B.

router#show ip interface

C.

router#show protocols

D.

router#show controllers

E.

router#show running-config

 

Correct Answer: BC

Explanation:

The outputs of “show protocols” and “show ip interface” are shown below:

 

Global values:Internet Protocol routing is enabledSerial0/0 is up, line protocol is downInternet address is 10.1.1.1/30Serial0/1 is up, line protocol is downInternet address is 209.65.200.225/30Serial0/2 is up, line protocol is downSerial0/3 is up, line protocol is downNVI0 is up, line protocol is upInterface is unnumbered. Using address of NVI0 (0.0.0.0)Loopback0 is up, line protocol is upInternet address is 10.1.10.1/32Loopback1 is up, line protocol is upInternet address is 10.1.2.1/27Loopback6 is up, line protocol is up

 

Serial0/0 is up, line protocol is downInternet address is 10.1.1.1/30Broadcast address is 255.255.255.255Address determined by non-volatile memoryMTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledMulticast reserved groups joined: 224.0.0.5Outgoing access list is not setInbound access list is not setProxy ARP is enabledLocal Proxy ARP is disabledSecurity level is defaultSplit horizon is disabledICMP redirects are always sentICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is enabledIP Flow switching is disabledIP CEF switching is disabledIP Feature Fast switching turbo vectorIP multicast fast switching is enabledIP multicast distributed fast switching is disabledIP route- cache flags are FastRouter Discovery is disabledIP output packet accounting is disabledIP access violation accounting is disabledTCP/IP header compression is disabledRTP/IP header compression is disabledPolicy routing is disabledNetwork address translation is enabled, interface in domain insideBGP Policy Mapping is disabledWCCP Redirect outbound is disabledWCCP Redirect inbound is disabledWCCP Redirect exclude is disabled

2019 Free Microsoft EnsurePass 300-135 Dumps VCE and PDF Download Part 7

EnsurePass
Exam Dumps
300-135 Dumps VCE and PDF
2019 300-135 Dumps VCE and PDF

 

Ticket 3: OSPF Authentication (QUESTION 61 ~ QUESTION 63)

Topology Overview (Actual Troubleshooting lab design is for below network design)

 

Client Should have IP 10.2.1.3

EIGRP 100 is running between switch DSW1 & DSW2

OSPF (Process ID 1) is running between R1, R2, R3, R4

Network of OSPF is redistributed in EIGRP

BGP 65001 is configured on R1 with Webserver cloud AS 65002

HSRP is running between DSW1 & DSW2 Switches

 

The company has created the test bed shown in the layer 2 and layer 3 topology exhibits.

This network consists of four routers, two layer 3 switches and two layer 2 switches.

 

In the IPv4 layer 3 topology, R1, R2, R3, and R4 are running OSPF with an OSPF process number 1.

DSW1, DSW2 and R4 are running EIGRP with an AS of 10. Redistribution is enabled where necessary.

R1 is running a BGP AS with a number of 65001. This AS has an eBGP connection to AS 65002 in the ISP’s network. Because the company’s address space is in the private range.

R1 is also providing NAT translations between the inside (10.1.0.0/16 & 10.2.0.0/16) networks and outside (209.65.0.0/24) network.

ASW1 and ASW2 are layer 2 switches.

NTP is enabled on all devices with 209.65.200.226 serving as the master clock source.

The client workstations receive their IP address and default gateway via R4’s DHCP server.

The default gateway address of 10.2.1.254 is the IP address of HSRP group 10 which is running on DSW1 and DSW2.

 

In the IPv6 layer 3 topology R1, R2, and R3 are running OSPFv3 with an OSPF process number 6.

DSW1, DSW2 and R4 are running RIPng process name RIP_ZONE.

The two IPv6 routing domains, OSPF 6 and RIPng are connected via GRE tunnel running over the underlying IPv4 OSPF domain. Redistrution is enabled where necessary.

 

Recently the implementation group has been using the test bed to do a `proof-of-concept’ on several implementations. This involved changing the configuration on one or more of the devices. You will be presented with a series of trouble tickets related to issues introduced during these configurations.

 

Note: Although trouble tickets have many similar fault indications, each ticket has its own issue and solution.

 

Each ticket has 3 sub questions that need to be answered & topology remains same.

Question-1 Fault is found on which device,

Question-2 Fault condition is related to,

Question-3 What exact problem is seen & what needs to be done for solution

 

=====================================================================

 

image105

image106

Client is unable to ping IP 209.65.200.241

 

Solution

Steps need to follow as below:

When we check on client 1 & Client 2 desktop we are not receiving DHCP address from R4

Ipconfig —– Client will be receiving IP address 10.2.1.3

IP 10.2.1.3 will be able to ping from R4 , R3, R2 but not from R1

 

image111

 

Check for neighborship of ospf

sh ip ospf nei —– Only one neighborship is forming with R2 & i.e. with R3

Since R2 is connected to R1 & R3 with routing protocol ospf than there should be 2 neighbors seen but only one is seen

Need to check running config of R2 & R3 for interface

Sh run ————————– Interface Serial0/0/0/0.12 on R2

 

image113

 

Sh run ————————– Interface Serial0/0/0/0 on R1

Change required: On R1, for IPV4 authentication of OSPF command is missing and required to configure —— ip ospf authentication message-digest

 

QUESTION 61

The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address. Use the supported commands to isolated the cause of this fault and answer the following questions. On which device is the fault condition located?

 

A.

R1

B.

R2

C.

R3

D.

R4

E.

DSW1

F.

DSW2

G.

ASW1

H.

ASW2

 

Correct Answer: A

Explanation:

On R1, for IPV4 authentication of OSPF the command is missing and required to configure —— ip ospf authentication message-digest

 

 

QUESTION 62

The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address. Use the supported commands to isolated the cause of this fault and answer the following questions. The fault condition is related to which technology?

 

A.

BGP

B.

NTP

C.

IP NAT

D.

IPv4 OSPF Routing

E.

IPv4 OSPF Redistribution

F.

IPv6 OSPF Routing

G.

IPv4 layer 3 security

 

Correct Answer: D

Explanation:

On R1, for IPV4 authentication of OSPF the command is missing and required to configure —— ip ospf authentication message-digest

 

 

QUESTION 63

The implementations group has been using the test bed to do a `proof-of-concept’ that requires both Client 1 and Client 2 to access the WEB Server at 209.65.200.241. After several changes to the network addressing, routing scheme, DHCP services, NTP services, layer 2 connectivity, FHRP services, and device security, a trouble ticket has been opened indicating that Client 1 cannot ping the 209.65.200.241 address. Use the supported commands to isolated the cause of this fault and answer the following questions. What is the solution to the fault condition?

 

A.

Enable OSPF authentication on the s0/0/0 interface using the ip ospf authentication message-digest command

B.

Enable OSPF routing on the s0/0/0 interface using the network 10.1.1.0 0.0.0.255 area 12 command.

C.

Enable OSPF routing on the s0/0/0 interface using the network 209.65.200.0 0.0.0.255 area 12 command.

D.

Redistribute the BGP route into OSPF using the redistribute BGP 65001 subnet command.

 

Correct Answer: A

Explanation:

On R1, for IPV4 authentication of OSPF the command is missing and required to configure—— ip ospf authentication message-digest

2019 Free Microsoft EnsurePass 300-115 Dumps VCE and PDF Download Part 9

EnsurePass
Exam Dumps
300-115 Dumps VCE and PDF
2019 300-115 Dumps VCE and PDF

 

QUESTION 81

The network manager has requested that several new VLANs (VLAN 10, 20, and 30) are allowed to traverse the switch trunk interface. After the command switchport trunk allowed vlan 10,20,30 is issued, all other existing VLANs no longer pass traffic over the trunk. What is the root cause of the problem?

 

A.

The command effectively removed all other working VLANs and replaced them with the new VLANs.

B.

VTP pruning removed all unused VLANs.

C.

ISL was unable to encapsulate more than the already permitted VLANs across the trunk.

D.

Allowing additional VLANs across the trunk introduced a loop in the network.

 

Correct Answer: A

Explanation:

The “switchport trunk allowed vlan” command will only allow the specified VLANs, and overwrite any others that were previously defined. You would also need to explicitly allow the other working VLANs to this configuration command, or use the “issue the switchport trunkallowed vlan add vlan-list” command instead to add these 3 VLANS to the other defined allowed VLANs.

Reference: https://supportforums.cisco.com/document/11836/how-define-vlans-allowed-trunk-link

 

 

QUESTION 82

Refer to the exhibit. A network engineer wants to analyze all incoming and outgoing packets for an interface that is connected to an access switch. Which three items must be configured to mirror traffic to a packet sniffer that is connected to the distribution switch? (Choose three.)

 

image063

 

A.

A monitor session on the distribution switch with a physical interface as the source and the remote SPAN VLAN as the destination

B.

A remote SPAN VLAN on the distribution and access layer switch

C.

A monitor session on the access switch with a physical interface source and the remote SPAN VLAN as the destination

D.

A monitor session on the distribution switch with a remote SPAN VLAN as the source and physical interface as the destination

E.

A monitor session on the access switch with a remote SPAN VLAN source and the physical interface as the destination

F.

A monitor session on the distribution switch with a physical interface as the source and a physical interface as the destination

 

Correct Answer: BCD

Explanation:

You can analyze network traffic passing through ports or VLANs by using SPAN or RSPAN to send a copy of the traffic to another port on the switch or on another switch that has been connected to a network analyzer or other monitoring or security device. SPAN copies (or mirrors) traffic received or sent (or both) on source ports or source VLANs to a destination port for analysis.

RSPAN supports source ports, source VLANs, and destination ports on different switches (or different switch stacks), enabling remote monitoring of multiple switches across your network. The traffic for each RSPAN session is carried over a user-specified RSPAN VLAN that is dedicated for that RSPAN session in all participating switches. The RSPAN traffic from thesource ports or VLANs is copied into the RSPAN VLAN and forwarded over trunk ports carrying the RSPAN VLAN to a destination session monitoring the RSPAN VLAN. Each RSPAN source switch must have either ports or VLANs as RSPAN sources. The destination is always a physical port.

Reference:http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_55_se/configuration/guide/3750xscg/swspan.html

 

 

QUESTION 83

Refer to the exhibit. All ports are members of VLAN 10. Considering the default cost of upstream bridges to the root bridge is equal, which option will be the new root port for VLAN 10?

 

image064

 

A.

interface f0/13

B.

interface f0/14

C.

interface f0/15

D.

interface f0/21

 

Correct Answer: D

Explanation:

Root Port election on each bridge

Each (non-Root) bridge has exactly one Root Port, which represents the best path to the Root Bridge.

In this case, fa0/21 has the lowest cost, so it will be the root port. Reference:https://community.extremenetworks.com/extreme/topics/802_1d_spanning_tree_election_rules

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

QUESTION 84

Refer to the exhibit. Why would the switch be considered as a root bridge?

 

image065

 

A.

The bridge priority is 1 and all ports are forwarding.

B.

The switch priority for VLAN 1 and the macro specifies “This Bridge is the root”.

C.

The bridge priority is 128.19 and all ports are forwarding.

D.

The switch priority value is zero, it has the lowest priority value for VLAN 1.

 

Correct Answer: D

Explanation:

For priority, the range is 0 to 61440 in increments of 4096; the default is 32768. The lower the number, the more likely the switch will be chosen as the root switch. Reference:http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_9_ea1/configuration/guide/swstp.html#wp1020666

 

 

QUESTION 85

Which action allows a network engineer to limit a default VLAN from being propagated across all trunks?

 

A.

Upgrade to VTP version 3 for advanced feature set support.

B.

Enable VTP pruning on the VTP server.

C.

Manually prune default VLAN with switchport trunk allowed vlans remove.

D.

Use trunk pruning vlan 1.

 

Correct Answer: C

Explanation:

Manaully pruning the default VLAN (1) can only be done with the “switchport trunk allowed vlans remove” command. VLAN 1 is not VTP pruning eligible so it cannot be done via VTP pruning. The “trunk pruning vlan 1” option is not a valid command.

 

 

QUESTION 86

Which VLAN range is eligible to be pruned when a network engineer enables VTP pruning on a switch?

 

A.

VLANs 1-1001

B.

VLANs 1-4094

C.

VLANs 2-1001

D.

VLANs 2-4094

 

Correct Answer: C

Explanation:

VTP pruning should only be enabled on VTP servers, all the clients in the VTP domain will automatically enable VTP pruning. By default, VLANs 2 ?1001 are pruning eligible, but VLAN 1 can’t be pruned because it’s an administrative VLAN. Both VTP versions 1 and 2 supports pruning.

Reference: http://www.orbit-computer-solutions.com/VTP-Pruning.php

 

 

QUESTION 87

What is the maximum number of VLANs that can be assigned to an access switchport without a voice VLAN?

 

A.

0

B.

1

C.

2

D.

1024

 

Correct Answer: B

Explanation:

A standard (non-voice VLAN port) access switch port can belong to only a single VLAN. If more than one VLAN is needed, the port should be configured as a trunk port.

 

 

QUESTION 88

Which statement about the use of PAgP link aggregation on a Cisco switch that is running Cisco IOS Software is true?

 

A.

PAgP modes are off, auto, desirable, and on. Only the combinations auto-desirable, desirable-desirable, and on-on allow the formation of a channel.

B.

PAgP modes are active, desirable, and on. Only the combinations active-desirable, desirable-desirable, and on-on allow the formation of a channel.

C.

PAgP modes are active, desirable, and on. Only the combinations active-active, desirable-desirable, and on-on allow the formation of a channel.

D.

PAgP modes are off, active, desirable, and on. Only the combinations auto-auto, desirable-desirable, and on-on allow the formation of a channel.

 

Correct Answer: A

Explanation:

PAgP modes are off, auto, desirable, and on. Only the combinations auto-desirable, desirable-desirable, and on-on will allow a channel to be formed.

The PAgP modes are explained below.

Only the combinations of auto-desirable, desirable-desirable, and on-on will allow a channel to be formed. If a device on one side of the channel does not support PAgP, such as a router, the device on the other side must have PAgP set to on.

Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-2900-xl-series-switches/21041-131.html

 

 

QUESTION 89

What is required for a LAN switch to support 802.1q Q-in-Q encapsulation?

 

A.

Support less than 1500 MTU

B.

Support 1504 MTU or higher

C.

Support 1522 layer 3 IP and IPX packet

D.

Support 1547 MTU only

 

Correct Answer: B

Explanation:

The default system MTU for traffic on Catalyst switches is 1500 bytes. Because the 802.1Q tunneling(Q-in-Q)feature increases the frame size by 4 bytes when the extra tag is added, you must configure all switches in the service-provider network to be able to process maximum frames by increasing the switch system MTU size to at least 1504 bytes.

Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_13_ea1 /configuration/guide/swtunnel.html

 

 

QUESTION 90

What happens on a Cisco switch that runs Cisco IOS when an RSTP-configured switch receives 802.1d BPDU?

 

A.

802.1d does not understand RSTP BPDUs because they are different versions, but when a RSTP switch receives an 802.1d BPDU, it responds with an802.1d BPDU and eventually the two switches run 802.1d to communicate.

B.

802.1d understands RSTP BPDUs because they are the same version, but when a RSTP switch receives a 802.1d BPDU, it responds with a 802.1d BPDU and eventually the two switches run 802.1d to communicate.

C.

802.1d does not understand RSTP BPDUs because they are different versions, but when a RSTP switch receives a 802.1d BPDU, it does not respond with a 802.1d BPDU.

D.

802.1d understands RSTP BPDUs because they are the same version, but when a RSTP switch receives a 802.1d BPDU, it does not respond with a 802.1d BPDU and eventually the two switches run 802.1d to communicate.

 

Correct Answer: A

Explanation:

For backward compatibility with 802.1D switches, RSTP selectively sends 802.1D configuration BPDUs and TCN BPDUs on a per-port basis. When a port is initialized, the migrate-delay timer is started (specifies the minimum time during which RSTP BPDUs are sent), and RSTP BPDUs are sent. While this timer is active, the switch processes all BPDUs received on that port and ignores the protocol type. If the switch receives an 802.1D BPDU after the port migration-delay timer has expired, it assumes that it is connected to an 802.1D switch and starts using only 802.1D BPDUs. However, if the RSTP switch is using 802.1D BPDUs on a port and receives an RSTP BPDU after the timer has expired, it restarts the timer and starts using RSTP BPDUs on that port.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/spantree.html

2019 Free Microsoft EnsurePass GCFA Dumps VCE and PDF Download Part 8

EnsurePass
Exam Dumps
GCFA Dumps VCE and PDF
2019 GCFA Dumps Practice Exams

QUESTION 71

Adam works as a professional Computer Hacking Forensic Investigator. He has been assigned with the project of investigating an iPod, which is suspected to contain some explicit material. Adam wants to connect the compromised iPod to his system, which is running on Windows XP (SP2) operating system. He doubts that connecting the iPod with his computer may change some evidences and settings in the iPod. He wants to set the iPod to read-only mode. This can be done by changing the registry key within the Windows XP (SP2) operating system. Which of the following registry keys will Adam change to accomplish the task?

 

A.

HKEY_LOCAL_MACHINE\System\CurrentControlset\Control\StorageDevicePolicies

B.

HKEY_LOCAL_MACHINE\CurrentControlset\Control\StorageDevicePolicies

C.

HKEY_LOCAL_MACHINE\System\CurrentControlset\StorageDevicePolicies

D.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion

 

Correct Answer: A

 

 

QUESTION 72

HOTSPOT

Identify the port in the image given below, which can be connected to the hub to extend the number of ports, and up to 127 devices can be connected to it?

 

image011

 

Correct Answer:

image013

 

 

QUESTION 73

Nathan works as a Computer Hacking Forensic Investigator for SecureEnet Inc. He uses Visual TimeAnalyzer software to track all computer usage by logging into individual users account or specific projects and compile detailed accounts of time spent within each program. Which of the following functions are NOT performed by Visual TimeAnalyzer? Each correct answer represents a complete solution. Choose all that apply.

 

A.

It monitors all user data such as passwords and personal documents.

B.

It gives parents control over their children’s use of the personal computer.

C.

It tracks work time, pauses, projects, costs, software, and internet usage.

D.

It records specific keystrokes and run screen captures as a background process.

 

Correct Answer: AD

 

 

 

QUESTION 74

Which of the following IP addresses are private addresses? Each correct answer represents a complete solution. Choose all that apply.

 

A.

19.3.22.17

B.

192.168.15.2

C.

192.166.54.32

D.

10.0.0.3

 

Correct Answer: BD

 

 

QUESTION 75

Sandra, a novice computer user, works on Windows environment. She experiences some problem regarding bad sectors formed in a hard disk of her computer. She wants to run CHKDSK command to check the hard disk for bad sectors and to fix the errors, if any, occurred. Which of the following switches will she use with CHKDSK command to accomplish the task?

 

A.

CHKDSK /I

B.

CHKDSK /C /L

C.

CHKDSK /V /X

D.

CHKDSK /R /F

 

Correct Answer: D

 

 

QUESTION 76

Which of the following statements about an extended partition are true? Each correct answer represents a complete solution. Choose two.

 

A.

It can be sub-divided into logical drives.

B.

It cannot be formatted or assigned a drive letter.

C.

A maximum of four extended partitions can exist on a single basic disk.

D.

It cannot contain more than one logical drive.

 

Correct Answer: AB

 

 

QUESTION 77

You are reviewing a Service Level Agreement between your company and a Web development vendor. Which of the following are security requirements you should look for in this SLA? Each correct answer represents a complete solution. Choose all that apply.

 

A.

Time to respond to bug reports

B.

Encryption standards

C.

Security Monitoring

D.

Guarantees on known security flaws

 

Correct Answer: ABCD

 

 

 

 

QUESTION 78

Which of the following is used to detect the bad sectors in a hard disk under Linux environment?

 

A.

Badblocks

B.

CheckDisk

C.

ScanDisk

D.

CHKDSK

 

Correct Answer: A

 

 

QUESTION 79

Which of the following statements are NOT true about volume boot record or Master Boot Record? Each correct answer represents a complete solution. Choose all that apply.

 

A.

The end of MBR marker is h55CC.

B.

The actual program can be 512 bytes long.

C.

Volume boot sector is present at cylinder 0, head 0, and sector 1 of the default boot drive.

D.

Four 16 bytes master partition records are present in MBR.

 

Correct Answer: AB

 

 

QUESTION 80

Which of the following tools can be used by a user to hide his identity? Each correct answer represents a complete solution. Choose all that apply.

 

A.

Proxy server

B.

Anonymizer

C.

Rootkit

D.

IPchains

E.

War dialer

 

Correct Answer: ABD

2019 Free Microsoft EnsurePass CS0-001 Dumps VCE and PDF Download Part 6

EnsurePass
Exam Dumps
CS0-001 Dumps VCE and PDF
2019 CS0-001 Dumps VCE and PDF

 

QUESTION 51

Given the following access log:

 

image069

 

Which of the following accurately describes what this log displays?

 

A.

A vulnerability in jQuery

B.

Application integration with an externally hosted database

C.

A vulnerability scan performed from the Internet

D.

A vulnerability in Javascript

 

Correct Answer: C

 

 

QUESTION 52

The new Chief Technology Officer (CTO) is seeking recommendations for network monitoring services for the local intranet. The CTO would like the capability to monitor all traffic to and from the gateway, as well as the capability to block certain content. Which of the following recommendations would meet the needs of the organization?

 

A.

Recommend setup of IP filtering on both the internal and external interfaces of the gateway router.

B.

Recommend installation of an IDS on the internal interface and a firewall on the external interface of the gateway router.

C.

Recommend installation of a firewall on the internal interface and a NIDS on the external interface of the gateway router.

D.

Recommend installation of an IPS on both the internal and external interfaces of the gateway router.

 

Correct Answer: C

 

 

QUESTION 53

A cybersecurity analyst has received the laptop of a user who recently left the company. The analyst types `history’ into the prompt, and sees this line of code in the latest bash history:

 

image070

 

This concerns the analyst because this subnet should not be known to users within the company. Which of the following describes what this code has done on the network?

 

A.

Performed a ping sweep of the Class C network.

B.

Performed a half open SYB scan on the network.

C.

Sent 255 ping packets to each host on the network.

D.

Sequentially sent an ICMP echo reply to the Class C network.

Correct Answer: A

 

 

QUESTION 54

A recent audit has uncovered several coding errors and a lack of input validation being used on a public portal. Due to the nature of the portal and the severity of the errors, the portal is unable to be patched. Which of the following tools could be used to reduce the risk of being compromised?

 

A.

Web application firewall

B.

Network firewall

C.

Web proxy

D.

Intrusion prevention system

 

Correct Answer: A

 

 

QUESTION 55

Which of the following principles describes how a security analyst should communicate during an incident?

 

A.

The communication should be limited to trusted parties only.

B.

The communication should be limited to security staff only.

C.

The communication should come from law enforcement.

D.

The communication should be limited to management only.

 

Correct Answer: B

 

 

QUESTION 56

After scanning the main company’s website with the OWASP ZAP tool, a cybersecurity analyst is reviewing the following warning:

 

image071

 

The analyst reviews a snippet of the offending code:

 

image072

 

Which of the following is the BEST course of action based on the above warning and code snippet?

 

A.

The analyst should implement a scanner exception for the false positive.

B.

The system administrator should disable SSL and implement TLS.

C.

The developer should review the code and implement a code fix.

D.

The organization should update the browser GPO to resolve the issue.

 

Correct Answer: D

 

 

QUESTION 57

A security analyst has noticed an alert from the SIEM. A workstation is repeatedly trying to connect to port 445 of a file server on the production network. All of the attempts are made with invalid credentials. Which of the following describes what is occurring?

 

A.

Malware has infected the workstation and is beaconing out to the specific IP address of the file server.

B.

The file server is attempting to transfer malware to the workstation via SMB.

C.

An attacker has gained control of the workstation and is attempting to pivot to the file server by creating an SMB session.

D.

An attacker has gained control of the workstation and is port scanning the network.

 

Correct Answer: C

 

 

QUESTION 58

A security analyst is performing a review of Active Directory and discovers two new user accounts in the accounting department. Neither of the users has elevated permissions, but accounts in the group are given access to the company’s sensitive financial management application by default. Which of the following is the BEST course of action?

 

A.

Follow the incident response plan for the introduction of new accounts

B.

Disable the user accounts

C.

Remove the accounts’ access privileges to the sensitive application

D.

Monitor the outbound traffic from the application for signs of data exfiltration

E.

Confirm the accounts are valid and ensure role-based permissions are appropriate

 

Correct Answer: E

 

 

QUESTION 59

A security analyst has created an image of a drive from an incident. Which of the following describes what the analyst should do NEXT?

 

A.

The analyst should create a backup of the drive and then hash the drive.

B.

The analyst should begin analyzing the image and begin to report findings.

C.

The analyst should create a hash of the image and compare it to the original drive’s hash.

D.

The analyst should create a chain of custody document and notify stakeholders.

 

Correct Answer: C

 

 

QUESTION 60

A system administrator recently deployed and verified the installation of a critical patch issued by the company’s primary OS vendor. This patch was supposed to remedy a vulnerability that would allow an adversary to remotely execute code from over the network. However, the administrator just ran a vulnerability assessment of networked systems, and each of them still reported having the same vulnerability. Which of the following is the MOST likely explanation for this?

 

A.

The administrator entered the wrong IP range for the assessment.

B.

The administrator did not wait long enough after applying the patch to run the assessment.

C.

The patch did not remediate the vulnerability.

D.

The vulnerability assessment returned false positives.

 

Correct Answer: C

2019 Free Microsoft EnsurePass CS0-001 Dumps VCE and PDF Download Part 5

EnsurePass
Exam Dumps
CS0-001 Dumps VCE and PDF
2019 CS0-001 Dumps VCE and PDF

 

QUESTION 41

A technician recently fixed a computer with several viruses and spyware programs on it and notices the Internet settings were set to redirect all traffic through an unknown proxy. This type of attack is known as which of the following?

 

A.

Phishing

B.

Social engineering

C.

Man-in-the-middle

D.

Shoulder surfing

 

Correct Answer: C

 

 

QUESTION 42

A security audit revealed that port 389 has been used instead of 636 when connecting to LDAP for the authentication of users. The remediation recommended by the audit was to switch the port to 636 wherever technically possible. Which of the following is the BEST response?

 

A.

Correct the audit. This finding is a well-known false positive; the services that typically run on 389 and 636 are identical.

B.

Change all devices and servers that support it to 636, as encrypted services run by default on 636.

C.

Change all devices and servers that support it to 636, as 389 is a reserved port that requires root access and can expose the server to privilege escalation attacks.

D.

Correct the audit. This finding is accurate, but the correct remediation is to update encryption keys on each of the servers to match port 636.

 

Correct Answer: B

 

 

QUESTION 43

A company discovers an unauthorized device accessing network resources through one of many network drops in a common area used by visitors. The company decides that it wants to quickly prevent unauthorized devices from accessing the network but policy prevents the company from making changes on every connecting client. Which of the following should the company implement?

 

A.

Port security

B.

WPA2

C.

Mandatory Access Control

D.

Network Intrusion Prevention

 

Correct Answer: A

 

 

QUESTION 44

A company has recently launched a new billing invoice website for a few key vendors. The cybersecurity analyst is receiving calls that the website is performing slowly and the pages sometimes time out. The analyst notices the website is receiving millions of requests, causing the service to become unavailable. Which of the following can be implemented to maintain the availability of the website?

 

A.

VPN

B.

Honeypot

C.

Whitelisting

D.

DMZ

E.

MAC filtering

 

Correct Answer: C

 

 

QUESTION 45

Which of the following is a control that allows a mobile application to access and manipulate information which should only be available by another application on the same mobile device (e.g. a music application posting the name of the current song playing on the device on a social media site)?

 

A.

Co-hosted application

B.

Transitive trust

C.

Mutually exclusive access

D.

Dual authentication

 

Correct Answer: B

 

 

QUESTION 46

A security analyst is concerned that employees may attempt to exfiltrate data prior to tendering their resignations. Unfortunately, the company cannot afford to purchase a data loss prevention (DLP) system. Which of the following recommendations should the security analyst make to provide defense-in-depth against data loss? (Select THREE).

 

A.

Prevent users from accessing personal email and file-sharing sites via web proxy

B.

Prevent flash drives from connecting to USB ports using Group Policy

C.

Prevent users from copying data from workstation to workstation

D.

Prevent users from using roaming profiles when changing workstations

E.

Prevent Internet access on laptops unless connected to the network in the office or via VPN

F.

Prevent users from being able to use the copy and paste functions

 

Correct Answer: ABE

 

 

QUESTION 47

The Chief Information Security Officer (CISO) has asked the security staff to identify a framework on which to base the security program. The CISO would like to achieve a certification showing the security program meets all required best practices. Which of the following would be the BEST choice?

 

A.

OSSIM

B.

SDLC

C.

SANS

D.

ISO

 

Correct Answer: D

 

 

 

 

QUESTION 48

A vulnerability scan has returned the following information:

 

image067

 

Which of the following describes the meaning of these results?

 

A.

There is an unknown bug in a Lotus server with no Bugtraq ID.

B.

Connecting to the host using a null session allows enumeration of share names.

C.

Trend Micro has a known exploit that must be resolved or patched.

D.

No CVE is present, so it is a false positive caused by Lotus running on a Windows server.

 

Correct Answer: B

 

 

QUESTION 49

Management is concerned with administrator access from outside the network to a key server in the company. Specifically, firewall rules allow access to the server from anywhere in the company. Which of the following would be an effective solution?

 

A.

Honeypot

B.

Jump box

C.

Server hardening

D.

Anti-malware

 

Correct Answer: B

 

 

QUESTION 50

The security operations team is conducting a mock forensics investigation. Which of the following should be the FIRST action taken after seizing a compromised workstation?

 

A.

Activate the escalation checklist

B.

Implement the incident response plan

C.

Analyze the forensic image

D.

Perform evidence acquisition

 

Correct Answer: D

Explanation:

https://staff.washington.edu/dittrich/misc/forensics/

2019 Free Microsoft EnsurePass 300-115 Dumps VCE and PDF Download Part 8

EnsurePass
Exam Dumps
300-115 Dumps VCE and PDF
2019 300-115 Dumps VCE and PDF

 

QUESTION 71

Which statement about restrictions for multichassis LACP is true?

 

A.

It is available only on a Cisco Catalyst 6500 Series chassis.

B.

It does not support 1Gb links.

C.

Converting a port channel to mLACP can cause a service disruption.

D.

It is not available in VSS.

 

Correct Answer: C

Explanation:

When configuring mLACP for Server Access, follow these guidelines and restrictions:

PFC3A mode does not support the mLACP for server access feature.

VSS mode does not support the mLACP for server access feature.

No more than 100 VLANs can be active on a switch configured as a PoA.

mLACP does not support half-duplex links.

mLACP does not support multiple neighbors.

Converting a port channel to mLACP can cause a service disruption.

The DHD system priority must be lower (higher numerically) than the PoA system priority. Reference:http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/mlacp_server_support.html

QUESTION 72

Which VTP mode is needed to configure an extended VLAN, when a switch is configured to use VTP versions 1 or 2?

 

A.

transparent

B.

client

C.

server

D.

Extended VLANs are only supported in version 3 and not in versions 1 or 2.

 

Correct Answer: A

 

 

QUESTION 73

A network engineer must implement Ethernet links that are capable of transporting frames and IP traffic for different broadcast domains that are mutually isolated. Consider that this is a multivendor environment. Which Cisco IOS switching feature can be used to achieve the task?

 

A.

PPP encapsulation with a virtual template

B.

Link Aggregation Protocol at the access layer

C.

dot1q VLAN trunking

D.

Inter-Switch Link

 

Correct Answer: C

Explanation:

Here the question asks for transporting “frames and IP traffic for different broadcast domains that are mutually isolated” which is basically a long way of saying VLANs so trunking is needed to carry VLAN information. There are 2 different methods for trunking, 802.1Q and ISL. Of these, only 802.1Q is supported by multiple vendors since ISL is a Cisco proprietary protocol.

 

 

QUESTION 74

Which statement about using native VLANs to carry untagged frames is true?

 

A.

Cisco Discovery Protocol version 2 carries native VLAN information, but version 1 does not.

B.

Cisco Discovery Protocol version 1 carries native VLAN information, but version 2 does not.

C.

Cisco Discovery Protocol version 1 and version 2 carry native VLAN information.

D.

Cisco Discovery Protocol version 3 carries native VLAN information, but versions 1 and 2 do not.

 

Correct Answer: A

Explanation:

Cisco Discovery Protocol (CDP) version 2 passes native VLAN information between Cisco switches. If you have a native VLAN mismatch, you will see CDP error messages on the console output.

Reference: http://www.ciscopress.com/articles/article.asp?p=29803&seqNum=3

 

 

 

 

 

 

 

 

 

 

QUESTION 75

Refer to the exhibit. Switch A, B, and C are trunked together and have been properly configured for VTP. Switch C receives VLAN information from the VTP server Switch A, but Switch B does not receive any VLAN information. What is the most probable cause of this behavior?

 

image060

 

A.

Switch B is configured in transparent mode.

B.

Switch B is configured with an access port to Switch A, while Switch C is configured with a trunk port to Switch B.

C.

The VTP revision number of the Switch B is higher than that of Switch A.

D.

The trunk between Switch A and Switch B is misconfigured.

 

Correct Answer: A

Explanation:

VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements, but transparent switches do forward VTP advertisements that they receive out their trunk ports in VTP Version 2.

Reference:

http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml

 

 

QUESTION 76

What is the default interval at which Cisco devices send Cisco Discovery Protocol advertisements?

 

A.

30 seconds

B.

60 seconds

C.

120 seconds

D.

300 seconds

 

Correct Answer: B

Explanation:

Cisco Discovery Protocol is a Layer 2, media-independent, and network-independent protocol that networking applications use to learn about nearby, directly connected devices. Cisco Discovery Protocol is enabled by default. Each device configured for Cisco Discovery Protocol advertises at least one address at which the device can receive messages and sends periodic advertisements (messages) to the well-known multicast address

01:00:0C:CC:CC:CC. Devices discover each other by listening at that address. They also listen to messages to learn when interfaces on other devices are up or go down. Advertisements contain time-to-live information, which indicates the length of time a receiving device should hold Cisco Discovery Protocol information before discarding it. Advertisements supported and configured in Cisco software are sent, by default, every 60 seconds.

Reference:http://www.cisco.com/en/US/docs/ios-xml/ios/cdp/configuration/15-mt/nm-cdp-discover.html

QUESTION 77

Refer to the exhibit. What is the result of the configuration?

 

image061

 

A.

The EtherChannels would not form because the load-balancing method must match on the devices.

B.

The EtherChannels would form and function properly even though the load-balancing and EtherChannel modes do not match.

C.

The EtherChannels would form, but network loops would occur because the load- balancing methods do not match.

D.

The EtherChannels would form and both devices would use the dst-ip load-balancing method because Switch1 is configured with EtherChannel mode active.

 

Correct Answer: B

Explanation:

An etherchannel will form if one end is active and the other is passive. The table below sum-marizes the results for LACP channel establishment based on the configuration of each side of a link:

LACP Channel Establishment

S1

S2

Established?

On

On

Yes

Active/Passive

Active

Yes

On/Active/Passive

Not Configured

No

On

Active

No

Passive/On

Passive

No

Load balancing can only be configured globally. As a result, all channels (manually configured, PagP, or LACP) use the same load-balancing. This is true for the switch globally, although each switch involved in the etherchannel can have non matching parameters for load balancing.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/54sg/configuration/guide/config/channel.html#wp1020804

 

 

QUESTION 78

A new network that consists of several switches has been connected together via trunking interfaces. If all switches currently have the default VTP domain name “null”, which statement describes what happens when a domain name is configured on one of the switches?

 

A.

The switch with the non-default domain name restores back to “null” upon reboot.

B.

Switches with higher revision numbers does not accept the new domain name.

C.

VTP summary advertisements are sent out of all ports with the new domain name.

D.

All other switches with the default domain name become VTP clients.

 

Correct Answer: C

Explanation:

By default, a switch will have a domain name of NULL and no password. If the switch hears a VTP advertisement it will automatically learn the VTP domain name, VLANs, and the configuration revision number.

Summary advertisements ?sent out every 300 seconds and every time a change occurs on the VLAN database. Contained in a summary advertisement:

VTP version

Domain name

Configuration revision number

Time stamp

MD5 encryption hash code

Reference:https://rowell.dionicio.net/configuring-cisco-vtp/

 

 

QUESTION 79

What percentage of bandwidth is reduced when a stack cable is broken?

 

A.

0

B.

25

C.

50

D.

75

E.

100

 

Correct Answer: C

Explanation:

Physical Sequential Linkage

The switches are physically connected sequentially, as shown in Figure 3. A break in any one of the cables will result in the stack bandwidth being reduced to half of its full capacity. Subsecond timing mechanisms detect traffic problems and immediately institute failover. This mechanism restores dual path flow when the timing mechanisms detect renewed activity on the cable.

Figure 3.Cisco StackWise Technology Resilient Cabling

 

image062

 

Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3750-series- switches/prod_white_paper09186a00801b096a.html

 

 

QUESTION 80

After reviewing UDLD status on switch ports, an engineer notices that the. Which statement describes what this indicates about the status of the port?

 

A.

The port is fully operational and no known issues are detected.

B.

The bidirectional status of “unknown” indicates that the port will go into the disabled state because it stopped receiving UDLD packets from its neighbor.

C.

UDLD moved into aggressive mode after inconsistent acknowledgements were detected.

D.

The UDLD port is placed in the “unknown” state for 5 seconds until the next UDLD packet is received on the interface.

 

Correct Answer: A

Explanation:

By default, UDLD is disabled on all interfaces. We can enable UDLD globally on the device, or individually on specific interfaces with the command udld port. This enables UDLD in normal mode.

It would be prohibitively difficult to coordinate the configuration of UDLD on both ends of a link at the same time, so when UDLD is first enabled and does not detect a neighbor the link state is considered unknown, which is not necessarily an error condition. The port will remain operational during this time. When UDLD is finally enabled on the other end, the status will transitionto bidirectional.

Reference: http://packetlife.net/blog/2011/mar/7/udld/

2019 Free Microsoft EnsurePass 300-115 Dumps VCE and PDF Download Part 7

EnsurePass
Exam Dumps
300-115 Dumps VCE and PDF
2019 300-115 Dumps VCE and PDF

 

QUESTION 61

Interface FastEthernet0/1 is configured as a trunk interface that allows all VLANs. This command is configured globally:

 

monitor session 2 filter vlan 1 – 8, 39, 52

 

What is the result of the implemented command?

 

A.

All VLAN traffic is sent to the SPAN destination interface.

B.

Traffic from VLAN 4 is not sent to the SPAN destination interface.

C.

Filtering a trunked SPAN port effectively disables SPAN operations for all VLANs.

D.

The trunk’s native VLAN must be changed to something other than VLAN 1.

E.

Traffic from VLANs 1 to 8, 39, and 52 is replicated to the SPAN destination port.

 

Correct Answer: E

Explanation:

The “monitor session filter” command is used to specify which VLANS are to be port mirrored using SPAN. This example shows how to monitor VLANs 1 through 5 and VLAN 9 when the SPAN source is a trunk interface:

Switch(config)# monitor session 2 filter vlan 1 – 5 , 9

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/span.html/index.html#wp1066836

 

 

QUESTION 62

Which statement about the use of SDM templates in a Cisco switch is true?

 

A.

SDM templates are used to configure system resources in the switch to optimize support for specific features, depending on how the switch is used in the network.

B.

SDM templates are used to create Layer 3 interfaces (switch virtual interfaces) to permit hosts in one VLAN to communicate with hosts in another VLAN.

C.

SDM templates are used to configure ACLs that protect networks and specific hosts from unnecessary or unwanted traffic.

D.

SDM templates are used to configure a set of ACLs that allows the users to manage the flow of traffic handled by the route processor.

E.

SDM templates are configured by accessing the switch using the web interface.

 

Correct Answer: A

Explanation:

You can use SDM templates to configure system resources in the switch to optimize support for specific features, depending on how the switch is used in the network. You can select a template to provide maximum system usage for some functions; for example, use the default template to balance resources, and use access template to obtain maximum ACL usage. To allocate hardware resources for different usages, the switch SDM templates prioritize system resources to optimize support for certain features. Reference:http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/12.2_55_se/configuration/guide/swsdm.pdf

 

 

QUESTION 63

Which statement about LLDP-MED is true?

 

A.

LLDP-MED is an extension to LLDP that operates between endpoint devices and network devices.

B.

LLDP-MED is an extension to LLDP that operates only between network devices.

C.

LLDP-MED is an extension to LLDP that operates only between endpoint devices.

D.

LLDP-MED is an extension to LLDP that operates between routers that run BGP.

 

Correct Answer: A

Explanation:

LLDP for Media Endpoint Devices (LLDP-MED) is an extension to LLDP that operates between endpoint devices such as IP phones and network devices such as switches. It specifically provides support for voice over IP (VoIP) applications and provides additional TLVs for capabilities discovery, network policy, Power over Ethernet, and inventory management.

Reference:http://www.cisco.com/en/US/docs/switches/metro/me3400/software/release/12.2_58_se/configuration/guide/swlldp.pdf

 

 

QUESTION 64

When two MST instances (MST 1 and MST 2) are created on a switch, what is the total number of spanning-tree instances running on the switch?

 

A.

1

B.

2

C.

3

D.

4

 

Correct Answer: C

Explanation:

Unlike other spanning tree protocols, in which all the spanning tree instances are independent, MST establishes and maintains IST, CIST, and CST spanning trees:

 

http://www.cisco.com/c/dam/en/us/td/i/templates/blank.gifAn IST is the spanning tree that runs in an MST region.

Within each MST region, MST maintains multiple spanning tree instances. Instance 0 is a special instance for a region, known as the IST. All other MST instances are numbered from 1 to 4094.In the case for this question, there will be the 2 defined MST instances, and the special 0 instance, for a total of 3 instances.

The IST is the only spanning tree instance that sends and receives BPDUs. All of the other spanning tree instance information is contained in MSTP records (M-records), which are encapsulated within MST BPDUs. Because the MST BPDU carries information for all instances, the number of BPDUs that need to be processed to support multiple spanning tree instances is significantly reduced.

All MST instances within the same region share the same protocol timers, but each MST instance has its own topology parameters, such as root bridge ID, root path cost, and so forth. By default, all VLANs are assigned to the IST.

An MST instance is local to the region; for example, MST instance 1 in region A is independent of MST instance 1 in region B, even if regions A and B are interconnected.

 

A CIST is a collection of the ISTs in each MST region.

The CST interconnects the MST regions and single spanning trees.

 

Reference:http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/spantree.html

 

 

QUESTION 65

Which SDM template is the most appropriate for a Layer 2 switch that provides connectivity to a large number of clients?

 

A.

VLAN

B.

default

C.

access

D.

routing

 

Correct Answer: A

Explanation:

To allocate ternary content addressable memory (TCAM) resources for different usages, the switch SDM templates prioritize system resources to optimize support for certain features. You can select SDM templates to optimize these features:

Access–The access template maximizes system resources for access control lists (ACLs) to accommodate a large number of ACLs.

Default–The default template gives balance to all functions.

Routing–The routing template maximizes system resources for IPv4 unicast routing, typically required for a router or aggregator in the center of a network.

VLANs–The VLAN template disables routing and supports the maximum number of unicast MAC addresses (clients). It would typically be selected for a Layer 2 switch.

Reference:http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12 .2_55_se/configuration/guide/swsdm.pdf

 

 

QUESTION 66

Which option describes a limitation of LLDP?

 

A.

LLDP cannot provide information about VTP.

B.

LLDP does not support TLVs.

C.

LLDP can discover only Windows servers.

D.

LLDP can discover up to two devices per port.

 

Correct Answer: A

Explanation:

LLDP Versus Cisco Discovery Protocol TLV Comparison

Function Description

LLDP TLV

Cisco Discovery Protocol TLV

IP network prefix support-Used to send the network prefix and used for ODR

No

IP Network Prefix TLV

Hello piggybacking-Can be used to piggy back hello messages from other protocols

No

Protocol Hello TLV

Maximum-transmission-unit (MTU) support-Specifies the size of the MTU

No

MTU TLV

External port support-Used to identify the card terminating the fiber in the case of wavelength-division multiplexing (WDM)

No

External Port-ID TLV

VTP management support

No

VTP Management Domain TLV

Port unidirectional mode-Used in fiber, where the connection may be unidirectional

No

Port UniDirectional Mode TLV

Management address

Management Address TLV

Management-AddressTLV

Allows for organizational unique TLVs

Yes

No

 

Reference:http://www.cisco.com/en/US/technologies/tk652/tk701/technologies_white_paper0900aecd804cd46d.html

 

 

QUESTION 67

Which feature is automatically enabled when a voice VLAN is configured, but not automatically disabled when a voice VLAN is removed?

 

A.

portfast

B.

port-security

C.

spanning tree

D.

storm control

 

Correct Answer: A

Explanation:

Voice VLAN Configuration Guidelines

You should configure voice VLAN on switch access ports.

The voice VLAN should be present and active on the switch for the IP phone to correctly communicate on the voice VLAN. Use the show vlan privileged EXEC command to see if the VLAN is present (listed in the display).

The Port Fast feature is automatically enabled when voice VLAN is configured. When you disable voice VLAN, the Port Fast feature is not automatically disabled. Reference:http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_22_ea11x/configuration/guide/swvoip.html

 

 

 

 

 

 

 

QUESTION 68

Refer to the exhibit. A network engineer investigates a recent network failure and notices that one of the interfaces on the switch is still down. What is causing the line protocol on this interface to be shown as down?

 

image059

 

A.

There is a layer 1 physical issue.

B.

There is a speed mismatch on the interface.

C.

The interface is configured as the target of the SPAN session.

D.

The interface is configured as the source of the SPAN session.

E.

There is a duplex mismatch on the interface.

 

Correct Answer: C

Explanation:

With the SAPN destination port, the state of the destination port is up/down by design. The interface shows the port in this state in order to make it evident that the port is currently not usable as a production port. This is the normal operational state for SPAN destinations.

Reference:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00801 5c612.shtml

 

 

QUESTION 69

After configuring new data VLANs 1020 through 1030 on the VTP server, a network engineer notices that none of the VTP clients are receiving the updates. What is the problem?

 

A.

The VTP server must be reloaded.

B.

The VTP version number must be set to version 3.

C.

After each update to the VTP server, it takes up to 4 hours propagate.

D.

VTP must be stopped and restarted on the server.

E.

Another switch in the domain has a higher revision number than the server.

 

Correct Answer: B

Explanation:

VTP version 3 supports these features that are not supported in version 1 or version 2:

Enhanced authentication–You can configure the authentication as hidden or secret. When hidden, the secret key from the password string is saved in the VLAN database file, but it does not appear in plain text in the configuration. Instead, the key associated with the password is saved in hexadecimal format in the running configuration. You must reenter the password if you enter a takeover command in the domain. When you enter the secret keyword, you can directly configure the password secret key.

Support for extended range VLAN (VLANs 1006 to 4094) database propagation. VTP versions 1 and 2 propagate only VLANs 1 to 1005. If extended VLANs are configured, you cannot convert from VTP version 3 to version 1 or 2. Reference:http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_52_se/configuration/guide/swvtp.html#wp1316856

 

 

QUESTION 70

While working in the core network building, a technician accidently bumps the fiber connection between two core switches and damages one of the pairs of fiber. As designed, the link was placed into a non-forwarding state due to a fault with UDLD. After the damaged cable was replaced, the link did not recover. What solution allows the network switch to automatically recover from such an issue?

 

A.

macros

B.

errdisable autorecovery

C.

IP Event Dampening

D.

command aliases

E.

Bidirectional Forwarding Detection

 

Correct Answer: B

Explanation:

There are a number of events which can disable a link on a Catalyst switch, such as the detection of a loopback, UDLD failure, or a broadcast storm. By default, manual intervention by an administrator is necessary to restore the interface to working order; this can be done by issuing shutdown followed by no shutdown on the interface. The idea behind requiring administrative action is so that a human engineer can intercede, assess, and (ideally) correct the issue. However, some configurations may be prone to accidental violations, and a steady recurrence of these can amount to a huge time sink for the administrative staff.

This is where errdisable autorecovery can be of great assistance. We can configure the switch to automatically re-enable any error-disabled interfaces after a specified timeout period. This gives the offending issue a chance to be cleared by the user (for example, by removing an unapproved device) without the need for administrative intervention.

Reference: http://packetlife.net/blog/2009/sep/14/errdisable-autorecovery/

2019 Free Microsoft EnsurePass GCFA Dumps VCE and PDF Download Part 7

EnsurePass
Exam Dumps
GCFA Dumps VCE and PDF
2019 GCFA Dumps Practice Exams

QUESTION 61

Mark is the Administrator of a Linux computer. He wants to check the status of failed Telnet-based login attempts on the Linux computer. Which of the following shell commands will he use to accomplish the task?

 

A.

GREP

B.

CP

C.

FSCK

D.

CAT

 

Correct Answer: A

 

 

QUESTION 62

Which of the following tools are used for footprinting? Each correct answer represents a complete solution. Choose all that apply.

 

A.

Sam spade

B.

Traceroute

C.

Whois

D.

Brutus

 

Correct Answer: ABC

 

 

QUESTION 63

You work as a Network Administrator for Peach Tree Inc. The company currently has a FAT- based Windows NT network. All client computers run Windows 98. The management wants all client computers to be able to boot in Windows XP Professional. You want to accomplish the following goals:

 

image008The file system should support file compression and file level security.

image008[1]All the existing data and files can be used by the new file system.

image008[2]Users should be able to dual-boot their computers.

image008[3]You take the following steps to accomplish these goals:

image008[4]Convert the FAT file system to NTFS using the CONVERT utility.

image008[5]Install Windows XP and choose to upgrade the existing operating system during setup.

 

Which of the following goals will you be able to accomplish? Each correct answer represents a complete solution. Choose all that apply.

 

A.

The file system supports file compression and file level security.

B.

All the existing data and files can be used by the new file system.

C.

Users are able to dual-boot their computers.

D.

None of the goals are accomplished.

 

Correct Answer: AB

 

 

QUESTION 64

You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to allow direct access to the filesystems data structure. Which of the following Unix commands can you use to accomplish the task?

 

A.

du

B.

debugfs

C.

df

D.

dosfsck

 

Correct Answer: B

 

 

QUESTION 65

You work as a Network Administrator for Web World Inc. You want to host an e-commerce Web site on your network. You want to ensure that storage of credit card information is secure. Which of the following conditions should be met to accomplish this? Each correct answer represents a complete solution. Choose all that apply.

 

A.

NT authentication should be required for all customers before they provide their credit card numbers.

B.

Strong encryption software should be used to store credit card information.

C.

Only authorized access should be allowed to credit card information.

D.

The NTFS file system should be implemented on a client computer.

 

Correct Answer: BC

 

 

 

QUESTION 66

You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. The email header of the suspicious email is given below:

 

image009

 

What is the IP address of the sender of this email?

 

A.

172.16.10.90

B.

209.191.91.180

C.

216.168.54.25

D.

141.1.1.1

 

Correct Answer: C

 

 

QUESTION 67

You work as a Network Administrator for uCertify Inc. You want to edit the MSDOS.SYS file, in your computer, from the DOS prompt. You are unable to find the file. What is the most likely cause?

 

A.

It is a read-only file.

B.