2014 Latest Cisco 350-001 Dump Free Download(81-90)!

QUESTION 81
Spanning Tree Protocol calculates path cost based on which of these?

A.    interface bandwidth
B.    interface delay
C.    interface bandwidth and delay
D.    hop count
E.    bridge priority

Answer: A
Explanation:
STP calculates the path cost based on the media speed (bandwidth) of the links between switches and the port cost of each port forwarding frame. Spanning tree selects the root port based on the path cost. The port with the lowest path cost to the root bridge becomes the root port. The root port is always in the forwarding state.
If the speed/duplex of the port is changed, spanning tree recalculates the path cost automatically. A change in the path cost can change the spanning tree topology.
Data rate and STP path cost
The table below shows the default cost of an interface for a given data rate.

clip_image002

QUESTION 82
What two features in Cisco switches help prevent Layer 2 loops? (Choose two.)

A.    UniDirectional Link Detection
B.    Hot Standby Router Protocol
C.    Virtual Router Redundancy Protocol
D.    PortFast
E.    root guard
F.    loop guard

Answer: AF
Explanation:
The STP loop guard feature provides additional protection against Layer 2 forwarding loops (STP loops). An STP loop is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state. This usually happens because one of the ports of a physically redundant topology (not necessarily the STP blocking port) no longer receives STP BPDUs. In its
operation, STP relies on continuous reception or transmission of BPDUs based on the port role. The designated port transmits BPDUs, and the non-designated port receives BPDUs.

QUESTION 83
In PIM-SM what control plane signaling must a multicast source perform before it begins to send
multicast traffic to a group?

A.    The source must send a PIM Register message to the rendezvous point (RP).
B.    The source must first join the multicast group using IGMP before sending.
C.    The source must perform a Request to Send (RTS) and Clear to Send (CTS) handshake with the
PIM designated router (DR).
D.    No control plane signaling needs to be performed; the source can simply begin sending on the
local subnet.

Answer: D
Explanation:
The most common type of multicast issue is the RPF Failure. RPF checks are used both at the control and data plane of multicast routing. Control plane involves PIM signaling some PIM messages are subject to RPF checks. For example, PIM (*,G) Joins are sent toward the shortest path to RP. Next, the BSR/RP address in the BSR messages is subject to RPF check as well. Notice that this logic does not apply to PIM Register messages the unicast register packet may arrive on any interface. However, RPF check is performed on the encapsulated multicast source to construct the SPT toward the multicast source.
Data plane RPF checks are performed every time a multicast data packet is received for forwarding. The source IP address in the packet should be reachable via the receiving interface, or the packet is going to be dropped. Theoretically, with PIM Sparse-Mode RPF checks at the control plane level should preclude and eliminate the data-plane RPF failures, but data-plane RPF failures are common during the moments of IGP reconvergence and on multipoint non-broadcast interfaces. PIM Dense Mode is different from SM in the sense that data-plane operations preclude control- plane signaling. One typical irresolvable RPF problem with PIM Dense mode is known as split-horizon forwarding, where packet received on one interface, should be forwarded back out of the same interface in the hub-and-spoke topology. The same problem may occur with PIM Sparse mode, but this type of signaling allows for treating the NBMA interface as a collection of point-to-point links by the virtue of PIM NBMA mode.

QUESTION 84
Which of these statements about PIM join messages in classic PIM-SM is correct?

A.    PIM join messages are sent every 60 seconds to refresh the upstream router’s mroute state for
the multicast tree.
B.    Routers send a PIM join acknowledgement in response to each PIM join message received from a
downstream router.
C.    PIM join messages are only sent when the multicast distribution tree is first being established.
D.    PIM join messages are sent every three minutes to refresh the upstream router’s mroute state for
the multicast tree.

Answer: A
Explanation:
PIM Sparse Mode uses an explicit request approach, where a router has to ask for the multicast feed with a PIM Join message. PIM Sparse Mode is indicated when you need more precise control, especially when you have large volumes of IP multicast traffic compared to your bandwidth. PIM Sparse Mode scales rather well, because packets only go where they are needed, and because it creates state in routers only as needed. There can be different RP’s for different multicast groups, which is one way to spread the load. There is usually one RP per multicast group. Redundancy of RP’s is an advanced topic, and requires a little deeper expertise. One way to do this is with the MSDP protocol (possible later article in the series). PIM Join message is sent towards a Source (or for PIM-SM, possibly towards an RP), based on unicast routing. The Join message says in effect “we need a copy of the multicasts over here”. It connects the sender of the Join and intervening routers to any existing multicast tree, all the way back to the target of the Join if necessary. A Prune message says in effect “we no longer need this over here”. A router receiving a Prune sees whether it has any other interfaces requiring the multicast flow, and if not, sends its own Prune message.
One advanced technique is to arrange a separate and perhaps different copy of the unicast routing information just for multicast purposes. This allows “steering” of the Join messages. Multiprotocol BGP, MBGP, for multicast, is one way to do this

clip_image001
All PIM-SM-enabled routers should be configured with the same message interval time. A router will be pruned from a group if a Join message is not received in the message interval. The default value is three minutes.
http://ciscoarticles.com/Cisco-Multicast-Routing-and-Switching/PIM-SM-Version-2-RP-Selection.html

QUESTION 85
The ip pim autorp listener command is used to do which of these?

A.    enable a Cisco router to “passively” listen to Auto-RP packets without the router actively sending or
forwarding any of the packets
B.    allow Auto-RP packets in groups 224.0.1.39 and 224.0.1.40 to be flooded in dense mode out
interfaces configured with the ip pim sparse-mode command
C.    enable the use of Auto-RP on a router
D.    configure the router as an Auto-RP mapping agent

Answer: B
Explanation:
The IP Pim autorp listener allows the Group 224.0.0.39 & 224.0.0.40 to be dense flooded. As the RP announces 224.0.0.39 to the mapping agent and the mapping agent announces 224.0.0.40 to all routers part of the group. where it can be applied:
It can be applied when dense mode is not configured, for example if you have Sparse-mode Multicast Network, and you need not to statically define your RP or use Autorp.

QUESTION 86
In order to configure two routers as anycast RPs, which of these requirements, at a minimum,
must be satisfied?

A.    Multicast Source Discovery Protocol mesh-groups must be configured between the two anycast
RPs.
B.    The RPs must be within the same IGP domain.
C.    Multicast Source Discovery Protocol must be configured between the two anycast RPs.
D.    The two anycast RPs must be IBGP peers.

Answer: C
Multicast Source Discovery Protocol (MSDP) is a mechanism to connect multiple PIM sparse-mode (SM) domains. MSDP allows multicast sources for a group to be known to all rendezvous point(s) (RPs) in different domains. Each PIM-SM domain uses its own RPs and need not depend on RPs in other domains. An RP runs MSDP over TCP to discover multicast sources in other domains. An RP in a PIM-SM domain has an MSDP peering relationship with MSDP-enabled routers in another domain. The peering relationship occurs over a TCP connection, where primarily a list of sources sending to multicast groups is exchanged. The TCP connections between RPs are achieved by the underlying routing system. The receiving RP uses the source lists to establish a source path. The purpose of this topology is to have domains discover multicast sources in other domains. If the multicast sources are of interest to a domain that has
receivers, multicast data is delivered over the normal, source-tree building mechanism in PIM-SM. MSDP is also used to announce sources sending to a group. These announcements must originate at the domain’s RP.
MSDP depends heavily on (M)BGP for interdomain operation. It is recommended that you run MSDP in RPs in your domain that are RPs for sources sending to global groups to be announced to the internet.
Each MSDP peer receives and forwards the SA message away from the originating RP to achieve “peer- RPF flooding.” The concept of peer-RPF flooding is with respect to forwarding SA messages. The router examines the BGP or MBGP routing table to determine which peer is the next hop toward the originating RP of the SA message. Such a peer is called an “RPF peer” (Reverse-Path Forwarding peer). The router forwards the message to all MSDP peers other than the RPF peer. If the MSDP peer receives the same SA message from a non-RPF peer toward the originating RP, it drops the message. Otherwise, it forwards the message on to all its MSDP peers. When an RP for a domain receives an SA message from an MSDP peer, it determines if it has any group members interested in the group the SA message describes. If the (*,G) entry exists with a nonempty outgoing interface list, the domain is interested in the group, and the RP triggers an (S,G) join toward the source.

QUESTION 87
Which two of these statements correctly describe classic PIM-SM? (Choose two.)

A.    The IOS default is for a last-hop router to trigger a switch to the shortest path tree as soon as a new
source is detected on the shared tree.
B.    The IOS default is for every one of the routers on the shared tree to trigger a switch to the shortest
path tree as soon as a new source is detected on the shared tree.
C.    The default behavior of switching to the shortest path tree as soon as a new source is detected on
the shared tree can be disabled by setting the value in the ip pim spt-threshold command to
“infinity.”
D.    The default behavior of switching to the shortest path tree as soon as a new source is detected on
the shared tree can be disabled by setting the value in the ip pim spt-threshold command to
“zero.”

Answer: AC
Explanation:
They are checking you for syntax ip pim spt-threshold command to “infinity” is the right answer.
same source as above:
IP pim spt-threshold [vrf vrf-name] spt-threshold {kbps | infinity} [group-list access-list] To configure when a Protocol Independent Multicast (PIM) leaf router should join the shortest path source tree for the specified group infinity Causes all sources for the specified group to use the shared tree.
http://www.cisco.com/en/US/docs/ios/12_2/ipmulti/command/reference/1rfmult2.html#wp10201

QUESTION 88
In Layer 2 topologies, spanning-tree failures can cause loops in the network. These unblocked
loops can cause network failures because of excessive traffic. Which two Catalyst 6500 features
can be used to limit excessive traffic during spanning-tree loop conditions? (Choose two.)

A.    loop guard
B.    storm control
C.    storm suppression
D.    broadcast suppression
E.    BPDU guard

Answer: BD
Explanation:
Traffic Storm Control
A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. The traffic storm control feature prevents LAN ports from being disrupted by a broadcast, multicast, or unicast traffic storm on physical interfaces. Traffic storm control (also called traffic suppression) monitors incoming traffic levels over a 1-second traffic storm control interval and, during the interval, compares the traffic level with the traffic storm control level that you configure. The traffic storm control level is a percentage of the total available bandwidth of the port. Each port has a single traffic storm control level that is used for all types of traffic (broadcast, multicast, and unicast).
Traffic storm control monitors the level of each traffic type for which you enable traffic storm control in 1-second traffic storm control intervals. Within an interval, when the ingress traffic for which traffic storm control is enabled reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the traffic storm control interval ends.
Broadcast suppression Broadcast suppression prevents the switched ports on a LAN from being disrupted by a broadcast storm on one of the ports. A LAN broadcast storm occurs when the broadcast or multicast packets flood the LAN, creating excessive traffic and degrading the network performance. Errors in the protocol-stack implementation or in the network configuration can cause a broadcast storm.
Broadcast suppression uses filtering that measures the broadcast activity on a LAN over a time period (15264 nsec to ~1 sec) that varies based on the type of line card and speed setting on the port, and compares the measurement with a predefined threshold. If the threshold is reached, further broadcast activity is suppressed for the duration of a specified time period. Broadcast suppression is disabled by default.
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/gui de/storm.html\
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/bcasts up.html

QUESTION 89
Why does RSTP have a better convergence time than 802.1D?

A.    it is newer
B.    it has smaller timers
C.    it has less overhead
D.    it is not timer-based

Answer: D
Explanation:
RSTP identifies certain links as point to point. When a point-to-point link fails, the alternate link can transition to the forwarding state.
Although STP provides basic loop prevention functionality, it does not provide fast network convergence when there are topology changes. STP’s process to determine network state transitions is slower than RSTP’s because it is timer-based. A device must reinitialize every time a topology change occurs. The device must start in the listening state and transition to the learning state and eventually to a forwarding or blocking state.
When default values are used for the maximum age (20 seconds) and forward delay (15 seconds), it takes 50 seconds for the device to converge. RSTP converges faster because it uses a handshake mechanism based on point-to-point links instead of the timer-based process used by STP. An RSTP domain running switch has the following components:
A root port, which is the “best path” to the root device. A designated port, indicating that the switch is the designated bridge for the other switch connecting to this port.
An alternate port, which provides an alternate root port. A backup port, which provides an alternate designated port. Port assignments change through messages exchanged throughout the domain. An RSTP device generates configuration messages once every hello time interval. If an RSTP device does not receive a configuration message from its neighbor after an interval of three hello times, it determines it has lost connection with that neighbor. When a root port or a designated port fails on a device, the device generates a configuration message with the proposal bit set. Once its neighbor device receives this message, it verifies that this configuration message is better than the one saved for that port and then it starts a synchronizing operation to ensure that all of its ports are in sync with the new information.
Similar waves of proposal agreement handshake messages propagate toward the leaves of the network, restoring the connectivity very quickly after a topology change (in a well-designed network that uses RSTP, network convergence can take as little as 0.5 seconds). If a device does not receive an agreement to a proposal message it has sent, it returns to the original IEEE 802.D convention. RSTP was originally defined in the IEEE 802.1w draft specification and later incorporated into the IEEE 802.1D-2004 specification.

QUESTION 90
Under which two circumstances would an RSTP bridge flush its CAM table? (Choose two.)

A.    upon a port state change
B.    upon receiving a topology change notification
C.    when transitioning from discarding to forwarding
D.    when transitioning from forwarding to discarding
E.    only when changing from listening to discarding
F.    when CAM resources have been completely used up

Answer: BC
Explanation:
First, the goal of RSTP is fast re-convergence. Since ports are assumed to transition to forwarding relatively fast, simply increasing MAC address aging speed is not enough. Thus, when a topology change is detected, RSTP instructs the bridge to flush all MAC address table entries. With Ethernet, this process results in unconstrained flooding until the moment MAC addresses are re-learned. The bridge detecting a topology change sets the TC (Topology Change) bit in all outgoing BPDUs and starts sending BPDUs with the TC bit set upstream through the root port as well. This marking lasts for TCWhile=2xHelloTime seconds and allows the detecting bridge the start the flooding process.

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(71-80)!

QUESTION 71
Which two of these are differences between traffic policing and traffic shaping? (Choose two.)

A.    with traffic shaping, a router stores excess traffic in packet buffers until bandwidth is available again
B.    with policing you can tune the buffer usage for traffic exceeding the specified CIR
C.    with shaping you can tune the buffer usage for traffic exceeding the specified CIR
D.    shaping should only be applied for ingress traffic, policing only for egress
E.    policing uses a token bucket algorithm, shaping uses an SPD algorithm

Answer: AC

QUESTION 72
Which of these is a valid differentiated services PHB?

A.    Guaranteed PHB
B.    Class-Selector PHB
C.    Reserved Forwarding PHB
D.    Discard Eligible PHB
E.    Priority PHB

Answer: B
Explanation:
http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfdfsrv_ps1835_TSD_Produ cts_Configuration_Guide_Chapter.html#wp998695

QUESTION 73
An expanding company is deploying leased lines between its main site and two remote sites. The
bandwidth of the leased lines is 128kb/s each, terminated on different serial interfaces on the main router. These links are used for combined VOIP and data traffic. The network administrator has
implemented a VOIP solution to reduce costs, and has therefore reserved sufficient bandwidth in a low latency queue on each interface for the VOIP traffic. Users now complain about bad voice
quality although no drops are observed in the low latency queue.
What action will likely fix this problem?

A.    mark VOIP traffic with IP precedence 6 and configure only ‘fair-queue’ on the links
B.    configure the scheduler allocate 3000 1000 command to allow the QoS code to have enough CPU
cycles
C.    enable class-based traffic shaping on the VoIP traffic class
D.    enable Layer 2 fragmentation and interleaving on the links
E.    enable Frame Relay on the links and send voice and data on different Frame Relay PVCs

Answer: D
Explanation:
http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcflfi.html#wp1000892

QUESTION 74
You are the network administrator of an enterprise with a main site and multiple remote sites. Your network carries both VOIP and data traffic. You agree with your service provider to classify VOIP and data traffic according to the different service RFCs. How can your data and VOIP traffic be marked?

A.    data marked with DSCP AF21, VOIP marked with DSCP EF
B.    data marked with DSCP AF51, VOIP marked with DSCP EF
C.    data marked with the DE-bit, VOIP marked with the CLP-bit
D.    data marked with DSCP EF, VOIP marked with DSCP AF31
E.    data marked with IP precedence 5, VOIP marked with DSCP EF

Answer: A

QUESTION 75
All of these are fundamental building blocks of a differentiated services Traffic Conditioner Block except which one?

A.    dropper
B.    classifier
C.    marker
D.    querier
E.    meter
F.    shaper

Answer: D

QUESTION 76
Which types of prefixes will a router running BGP most likely advertise to an IBGP peer, assuming it is not configured as a route reflector?

A.    prefixes received from any other BGP peer and prefixes locally originated via network statements or
redistributed
B.    all prefixes in its routing table
C.    prefixes received from EBGP peers and prefixes locally originated via network statements or
redistributed
D.    prefixes received from EBGP peers and prefixes received from route reflectors
E.    prefixes received from other IBGP peers, prefixes received from EBGP peers, and prefixes
redistributed to BGP
F.    prefixes received from other IBGP peers and prefixes received from route reflectors

Answer: C
Explanation:
If your autonomous system will be passing traffic through it from another autonomous system to a third autonomous system, it is very important that your autonomous system be consistent about the routes that it advertises. For example, if your BGP were to advertise a route before all routers in your network had learned about the route through your IGP, your autonomous system could receive traffic that some routers cannot yet route. To prevent this from happening, BGP must wait until the IGP has propagated routing information across your autonomous system. This causes BGP to be synchronized with the IGP. Synchronization is enabled by default.

QUESTION 77
You have two EBGP peers connected via two parallel serial lines. What should you do to be able
to load-balance between two EBGP speakers over the parallel serial lines in both directions?

A.    nothing, BGP automatically load-balances the traffic between different autonomous systems on all
available links
B.    peer between the eBGP speaker’s loopbacks, configuring eBGP multihop as required, and use an
IGP to load-share between the two equal-cost paths between the loopback addresses
C.    configure a loopback as update source for both EBGP peers and have on each AS an IGP to
introduce two equal-cost paths to reach the EBGP peer loopback address; it is also necessary to
use the next-hop-self command
D.    use the ebgp-load-balance command on the neighbor statement on both sides
E.    configure a loopback as update source for both EBGP peers and have on each AS an IGP to
introduce two equal-cost paths to reach the peer loopback address; it is also necessary to use the
ebgp-multihop and next-hop-self commands

Answer: E
Explanation:
http://wiki.nil.com/Load_balancing_with_parallel_EBGP_sessions http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.
shtml#ebgpmulithoploadbal

QUESTION 78
Which three of these statements about penultimate hop popping are true? (Choose three.)

A.    It is used only for directly connected subnets or aggregate routes.
B.    It can only be used with LDP.
C.    It is only used when two or more labels are stacked.
D.    It enables the Edge LSR to request a label pop operation from its upstream neighbors.
E.    It is requested through TDP using a special label value that is also called the implicit-null value.
F.    It is requested through LDP using a special label value that is also called the implicit-null value.

Answer: DEF
Explanation:
In order to implement penultimate hop popping, the edge LSR requests a label pop operation from its upstream neighbor via LDP or TDP using a special implicit-null label. This label has a value of 3 for LDP and 1 for TDP.

QUESTION 79
Which of these best identifies the types of prefixes a router running BGP will advertise to an EBGP peer?

A.    prefixes received from any other BGP peer and prefixes locally originated via network statements
or redistributed to BGP
B.    all prefixes in its IP routing table
C.    only prefixes received from EBGP peers and prefixes locally originated via network statements or
redistributed
D.    only prefixes received from EBGP peers and prefixes received from route reflectors
E.    all prefixes in its routing table except the prefixes received from other EBGP peers
F.    all prefixes in its routing table except the prefixes received from other IBGP peers

Answer: A
Explanation:
eBGP peers will advertise all known eBGP routes to all other eBGP peers. iBGP peers will only advertise their own internal routes to other iBGP peers. A BGP speaking router will never advertise another iBGP peer’s routes to any other iBGP peer.

QUESTION 80
Which standard supports multiple instances of spanning tree?

A.    802.1D
B.    802.1s
C.    802.1w
D.    802.1z

Answer: B
Explanation:
Multiple Spanning Tree Protocol (MSTP) was first specified in IEEE 802.1s and is standardized in IEEE 802.1Q. MSTP enables multiple VLANs to be mapped to the same spanning-tree instance, reducing the number of spanning-tree instances needed to support a large number of VLANs. MSTP provides multiple forwarding paths for data traffic and enables load balancing. It improves the fault tolerance of the network because a failure in one instance, or forwarding path, does not affect other instances

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(61-70)!

QUESTION 61
Two routers configured to run BGP have been connected to a firewall, one on the inside interface and one on the outside interface. BGP has been configured so the two routers should peer,
including the correct BGP session endpoint addresses and the correct BGP session hop-count
limit (EBGP multihop). What is a good first test to see if BGP will work across the firewall?

A.    Attempt to TELNET from the router connected to the inside of the firewall to the router connected to
the outside of the firewall. If telnet works, BGP will work, since telnet and BGP both use TCP to
transport data.
B.    Ping from the router connected to the inside interface of the firewall to the router connected to the
outside interface of the firewall. If you can ping between them, BGP should work, since BGP uses
IP to transport packets.
C.    There is no way to make BGP work across a firewall without special configuration, so there is no
simple test that will show you if BGP will work or not, other than trying to start the peering session.
D.    There is no way to make BGP work across a firewall.

Answer: C
Explanation:
1. The question doesn’t say that you are passing the port parameter to the telnet session. In the answer cisco says “since telnet and BGP both use TCP to transport data.” Meaning that TELNET and BGP share TCP, no mention of ports.
2. If you telnet to Port 179 you are testing the path only in 1 direction from the inside to the outside. Yes stateful firewalls will allow return traffic from outside, but they won’t allow the outside neighbor to initiate a session.
3. If the Firewall is using NAT for outgoing traffic, which is common, you will be able to telnet to the BGP peer, but the peer won’t be able to reach your router back if it needs to initiate a session.
4. The Firewall can translate port 179 to 23 or anything else that will give you a false positive on your Telnet test.
5. Answer C says that
A. “There is no way to make BGP work across a firewall without special configuration” Special configuration refers to the Firewall, since in the question they explicitly say that BGP has been properly configured.
B. “Trying to start the peering session.” will provide you with a definitive answer.
C. Therefore correct answer is C.

QUESTION 62
Spanning Tree Protocol IEEE 802.1s defines the ability to deploy which of these?

A.    one global STP instance for all VLANs
B.    one STP instance for each VLAN
C.    one STP instance per set of VLANs
D.    one STP instance per set of bridges

Answer: C
Explanation:
The IEEE 802.1s standard is the Multiple Spanning Tree (MST). With MST, you can group VLANs and run one instance of Spanning Tree for a group of VLANs. Other STP types:
Common Spanning Tree (CST), which is defined with IEEE 802.1Q, defines one spanning tree instance for all VLANs.
Rapid Spanning Tree (RSTP), which is defined with 802.1w, is used to speed up STP convergence. Switch ports exchange an explicit handshake when they transition to forwarding.

QUESTION 63
Which two of these are used in the selection of a root bridge in a network utilizing Spanning Tree Protocol IEEE 802.1D? (Choose two.)

A.    Designated Root Cost
B.    bridge ID priority
C.    max age
D.    bridge ID MAC address
E.    Designated Root Priority
F.    forward delay

Answer: BD
Explanation:
The root bridge of the spanning tree is the bridge with the smallest (lowest) bridge ID. Each bridge has a unique identifier (ID) and a configurable priority number; the bridge ID contains both numbers. To compare two bridge IDs, the priority is compared first. If two bridges have equal priority, then the MAC addresses are compared. For example, if switches A (MAC=0200.0000.1111) and B (MAC=0200.0000.2222) both have a priority of 10, then switch A will be selected as the root bridge. If the network administrators would like switch B to become the root bridge, they must set its priority to be less than 10.

QUESTION 64
If a port configured with STP loop guard stops receiving BPDUs, the port will be put into which
state?

A.    learning state
B.    listening state
C.    forwarding state
D.    root-inconsistent state

Answer: D
Explanation:
STP Loop Guard
Feature Description
The STP loop guard feature provides additional protection against Layer 2 forwarding loops (STP loops). An STP loop is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state. This usually happens because one of the ports of a physically redundant topology (not necessarily the STP blocking port) no longer receives STP BPDUs. In its operation, STP relies on continuous reception or transmission of BPDUs based on the port role. The designated port transmits BPDUs, and the non-designated port receives BPDUs.
When one of the ports in a physically redundant topology no longer receives BPDUs, the STP conceives that the topology is loop free. Eventually, the blocking port from the alternate or backup port becomes designated and moves to a forwarding state. This situation creates a loop. The loop guard feature makes additional checks. If BPDUs are not received on a non-designated port, and loop guard is enabled, that port is moved into the STP loop-inconsistent blocking state, instead of the listening / learning / forwarding state. Without the loop guard feature, the port assumes the designated port role. The port moves to the STP forwarding state and creates a loop. When the loop guard blocks an inconsistent port, this message is logged:
CatOS%SPANTREE-2-LOOPGUARDBLOCK: No BPDUs were received on port 3/2 in vlan 3.
Moved to loop-inconsistent state.
Cisco IOS%SPANTREE-2-LOOPGUARD_BLOCK: Loop guard blocking port FastEthernet0/24 on VLAN0050.
Once the BPDU is received on a port in a loop-inconsistent STP state, the port transitions into another STP state. According to the received BPDU, this means that the recovery is automatic and intervention is not necessary. After recovery, this message is logged:
CatOS%SPANTREE-2-LOOPGUARDUNBLOCK: port 3/2 restored in vlan 3. Cisco IOS%SPANTREE-2-LOOPGUARD_UNBLOCK: Loop guard unblocking port FastEthernet0/24 on VLAN0050.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094640.shtml

QUESTION 65
What is the purpose of the STP PortFast BPDU guard feature?

A.    enforce the placement of the root bridge in the network
B.    ensure that a port is transitioned to a forwarding state quickly if a BPDU is received
C.    enforce the borders of an STP domain
D.    ensure that any BPDUs received are forwarded into the STP domain

Answer: C
Explanation:
STP configures meshed topology into a loop-free, tree-like topology. When the link on a bridge port goes up, STP calculation occurs on that port. The result of the calculation is the transition of the port into forwarding or blocking state. The result depends on the position of the port in the network and the STP parameters. This calculation and transition period usually takes about 30 to 50 seconds. At that time, no user data pass via the port. Some user applications can time out during the period. In order to allow immediate transition of the port into forwarding state, enable the STP PortFast feature.
PortFast immediately transitions the port into STP forwarding mode upon linkup. The port still participates in STP. So if the port is to be a part of the loop, the port eventually transitions into STP blocking mode.
As long as the port participates in STP, some device can assume the root bridge function and affect active STP topology. To assume the root bridge function, the device would be attached to the port and would run STP with a lower bridge priority than that of the current root bridge. If another device assumes the root bridge function in this way, it renders the network suboptimal. This is a simple form of a denial of service (DoS) attack on the network. The temporary introduction and subsequent removal of STP devices with low (0) bridge priority cause a permanent STP recalculation. The STP PortFast BPDU guard enhancement allows network designers to enforce the STP domain borders and keep the active topology predictable. The devices behind the ports that have STP PortFast enabled are not able to influence the STP topology. At the reception of BPDUs, the BPDU guard operation disables the port that has PortFast configured. The BPDU guard transitions the port into errdisable state, and a message appears on the console. This message is an example:
2000 May 12 15:13:32 %SPANTREE-2-RX_PORTFAST:Received BPDU on PortFast enable port.
Disabling 2/1
2000 May 12 15:13:32 %PAGP-5-PORTFROMSTP:Port 2/1 left bridge port 2/1
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml# topic1

QUESTION 66
When STP UplinkFast is enabled on a switch utilizing the default bridge priority, what will the new bridge priority be changed to?

A.    8192
B.    16384
C.    49152
D.    65535

Answer: C
Explanation:
The STP UplinkFast is used to fast switchover to alternate ports when the root port fails. When STP UplinkFast is enabled on a switch utilizing the default bridge priority (32768), the new bridge priority will be changed to 49152. The reason for the priority being raised is to prevent the switch from becoming the root (recall that lower bridge priority is preferred). To enable UplinkFast feature, use the “set spantree uplinkfast enable” in privileged mode The set spantree uplinkfast enable command has the following results:
Changes the bridge priority to 49152 for all VLANs (allowed VLANs). Increases the path cost and portvlancost of all ports to a value greater than 3000. On detecting the failure of a root port, an instant cutover occurs to an alternate port selected by Spanning Tree Protocol (without using this feature, the network will need about 30 seconds to re- establish the connection.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094641.shtml

QUESTION 67
Which of these best describes the actions taken when a VTP message is received on a switch
configured with the VTP mode “transparent”?

A.    VTP updates are ignored and forwarded out all ports.
B.    VTP updates are ignored and forwarded out trunks only.
C.    VTP updates are made to the VLAN database and are forwarded out trunks only.
D.    VTP updates are ignored and are not forwarded.

Answer: B
Explanation:
You can configure a switch to operate in any one of these VTP modes:
Server–In VTP server mode, you can create, modify, and delete VLANs and specify other configuration parameters, such as VTP version and VTP pruning, for the entire VTP domain. VTP servers advertise their VLAN configuration to other switches in the same VTP domain and synchronize their VLAN configuration with other switches based on advertisements received over trunk links. VTP server is the default mode.
Client–VTP clients behave the same way as VTP servers, but you cannot create, change, or delete VLANs on a VTP client.
Transparent–VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements, but transparent switches do forward VTP advertisements that they receive out their trunk ports in VTP Version 2. Off (configurable only in CatOS switches)–In the three described modes, VTP advertisements are received and transmitted as soon as the switch enters the management domain state. In the VTP off mode, switches behave the same as in VTP transparent mode with the exception that VTP advertisements are not forwarded.
VTP V2
VTP V2 is not much different than VTP V1. The major difference is that VTP V2 introduces support for Token Ring VLANs. If you use Token Ring VLANs, you must enable VTP V2. Otherwise, there is no reason to use VTP V2. Changing the VTP version from 1 to 2 will not cause a switch to reload. VTP Password If you configure a password for VTP, you must configure the password on all switches in the VTP domain. The password must be the same password on all those switches. The VTP password that you configure is translated by algorithm into a 16-byte word (MD5 value) that is carried in all summary-advertisement VTP packets.
VTP Pruning
VTP ensures that all switches in the VTP domain are aware of all VLANs. However, there are occasions when VTP can create unnecessary traffic. All unknown unicasts and broadcasts in a VLAN are flooded over the entire VLAN. All switches in the network receive all broadcasts, even in situations in which few users are connected in that VLAN. VTP pruning is a feature that you use in order to eliminate or prune this unnecessary traffic.
http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml

QUESTION 68
The classic Spanning Tree Protocol (802.1D 1998) uses which sequence of variables to determine the best received BPDU?

A.    1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest port id, 4) lowest root path cost
B.    1) lowest root path cost, 2) lowest root bridge id, 3) lowest sender bridge id, 4) lowest sender port id
C.    1) lowest root bridge id, 2) lowest sender bridge id, 3) lowest root path cost 4) lowest sender port id
D.    1) lowest root bridge id, 2) lowest root path cost, 3) lowest sender bridge id, 4) lowest sender port id

Answer: D
Explanation:
Configuration bridge protocol data units (BPDUs) are sent between switches for each port. Switches use a fourstep process to save a copy of the best BPDU seen on every port. When a port receives a better BPDU, it stops sending them. If the BPDUs stop arriving for 20 seconds (default), it begins sending them again.
Step 1 Lowest Root Bridge ID (BID)
Step 2 Lowest Path cost to Root Bridge
Step 3 Lowest Sender BID
Step 4 Lowest Port ID
Cisco General Networking Theory Quick Reference Sheets

QUESTION 69
Which three port states are used by RSTP 802.1w? (Choose three.)

A.    Listening
B.    Learning
C.    Forwarding
D.    Blocking
E.    Discarding
F.    Disabled

Answer: BCE
Explanation:

clip_image001

QUESTION 70
Loop guard and UniDirectional Link Detection both protect against Layer 2 STP loops. In which
two ways does loop guard differ from UDLD in loop detection and prevention? (Choose two.)

A.    Loop guard can be used with root guard simultaneously on the same port on the same VLAN while
UDLD cannot.
B.    UDLD protects against STP failures caused by cabling problems that create one-way links.
C.    Loop guard detects and protects against duplicate packets being received and transmitted on
different ports.
D.    UDLD protects against unidirectional cabling problems on copper and fiber media.
E.    Loop guard protects against STP failures caused by problems that result in the loss of BPDUs
from a designated switch port.

Answer: BE
Explanation:
Answers B, D, & E are all correct. However, as UDLD is only enabled on Fiber media by default I have selected B instead of D as you will have to manually configure UDLD if you want it to work on copper media.
The Cisco-proprietary UDLD protocol allows devices connected through fiber-optic or copper (for example, Category 5 cabling) Ethernet cables connected to LAN ports to monitor the physical configuration of the cables and detect when a unidirectional link exists. When a unidirectional link is detected, UDLD shuts down the affected LAN port and alerts the user. Unidirectional links can cause a variety of problems, including spanning tree topology loops. UDLD is a Layer 2 protocol that works with the Layer 1 protocols to determine the physical status of a link. At Layer 1, autonegotiation takes care of physical signaling and fault detection. UDLD performs tasks that autonegotiation cannot perform, such as detecting the identities of neighbors and shutting down misconnected LAN ports. When you enable both autonegotiation and UDLD, Layer 1 and Layer 2 detections work together to prevent physical and logical unidirectional connections and the malfunctioning of other protocols.
Based on the various design considerations, you can choose either UDLD or the loop guard feature. In regards to STP, the most noticeable difference between the two features is the absence of protection in UDLD against STP failures caused by problems in software. As a result, the designated switch does not send BPDUs.
However, this type of failure is (by an order of magnitude) more rare than failures caused by unidirectional links. In return, UDLD might be more flexible in the case of unidirectional links on EtherChannel. In this case,
UDLD disables only failed links, and the channel should remain functional with the links that remain. In such a failure, the loop guard puts it into loop-inconsistent state in order to block the whole channel.
Additionally, loop guard does not work on shared links or in situations where the link has been unidirectional since the link-up. In the last case, the port never receives BPDU and becomes designated. Because this behavior could be normal, this particular case is not covered by loop guard.
UDLD provides protection against such a scenario.

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(51-60)!

QUESTION 51
Refer to the exhibit. What problem does the debug ip ospf event output from R3 indicate?

clip_image002

A.    209.165.202.140 and R3 are not both configured as OSPF stubs.
B.    209.165.202.140 and R3 are not configured in the same OSPF area.
C.    209.165.202.140 is configured as a no-summary stub.
D.    Transit area OSPF hello packets are not processed by design.

Answer: A
Explanation:
As you can see that the hello packets are mismatched. This means that 209.165.202.140 and R3 are not configured as OSPF stubs.

QUESTION 52
When troubleshooting the issue, you notice the election of a new root bridge with an unknown
MAC address. Knowing that all access ports have the PortFast feature enabled, what would be the
easiest way to resolve the issue without losing redundant links?

A.    Enable bpduguard globally.
B.    Enable rootguard.
C.    Enable loopguard.
D.    Enable spanning tree.
E.    Enable UDLD.

Answer: A
Explanation:
Loopguard, spanning tree, and UDLD are obvious red herrings. This leaves enabling rootguard or bpduguard. One key is that enabling bpduguard only affects ports that have portfast enabled; see the following URL under “Configuration.”
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml

QUESTION 53
You are the network administrator of a small Layer 2 network with 50 users. Lately, users have
been complaining that the network is very slow. While troubleshooting, you notice that the CAM
table of your switch is full, although it supports up to 12,000 MAC addresses. How can you solve this issue and prevent it from happening in the future?

A.    Upgrade the switches
B.    Configure BPDU guard
C.    Configure VLAN access lists
D.    Configure port security
E.    Configure Dynamic ARP inspection

Answer: D
Explanation:
Enabling Port Security
Port security is either autoconfigured or enabled manually by specifying a MAC address. If a MAC address is not specified, the source address from the incoming traffic is autoconfigured and secured, up to the maximum number of MAC addresses allowed. These autoconfigured MAC addresses remain secured for a time, depending upon the aging timer set. The autoconfigured MAC addresses are cleared from the port in case of a link-down event. When you enable port security on a port, any dynamic CAM entries that are associated with the port are cleared. If there are any currently configured static or permanent CAM entrie on that same port, you may not be able to enable the port-security on that port. If this is the case, clear the configured static and permanent earl entries on that port and then enable port-security. To enable port security, perform this task in privileged mode:

clip_image001
http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.2glx/configuration/guide/sec_port.
html

QUESTION 54
On a router that is configured with multiple IP SLA probes, which command can be used to
manage the CPU load that was created by the periodic probing?

A.    ip sla monitor low-memory
B.    ip sla group schedule
C.    ip sla reaction-trigger
D.    ip sla enable timestamp

Answer: B
Explanation:
http://www.cisco.com/en/US/docs/ios/ipsla/command/reference/sla_02.html (see usage guidelines)

QUESTION 55
Which configuration would make an IP SLA probe use a precedence value of 3?

A.    ip sla 1
icmp-echo 1.1.1.1
tos 12
B.    ip sla 1
icmp-echo 1.1.1.1
tos 96
C.    ip sla 1
icmp-echo 1.1.1.1
precedence 3
D.    ip sla 1
icmp-echo 1.1.1.1
dscp 12

Answer: B
Explanation:
SUMMARY STEPS
1. enable
2. configure terminal
3. ip sla monitor operation-number
4. type echo protocol ipIcmpEcho {destination-ip-address | destination-hostname} [source-ipaddr {ip-address |
hostname} | source-interface interface-name]
5. frequency seconds
6. exit
7. ip sla monitor schedule operation-number [life {forever | seconds}] [start-time {hh:mm[:ss] [month day | day
month] | pending | now | after hh:mm:ss] [ageout seconds] [recurring]
8. exit
http://www.cisco.com/en/US/docs/ios/12_4/ip_sla/configuration/guide/hsicmp.html

QUESTION 56
Which NetFlow version should be used to collect accounting data for IPv6 traffic?

A.    version 1
B.    version 5
C.    version 7
D.    version 8
E.    version 9

Answer: E
Explanation:
http://www.cisco.com/en/US/docs/ios-xml/ios/netflow/configuration/15-s/ip6-nflw-v9.html

QUESTION 57
To troubleshoot network issues more accurately, milliseconds should be included in the syslog of the router. Which command will achieve this?

A.    service timestamps log datetimec msec
B.    logging timestamps msec
C.    syslog timestamps hour minute second miliseconds
D.    service logging timestamp msec
E.    logging service timestamp msec

Answer: A
Explanation:
Logging is a quite essential part of a secure network configuration. Logging not only helps the Network Administrators to identify the issue while troubleshooting, also enables them to react to intrusion attempts or Denial-of ç’–ervice attacks.
By default on Cisco IOS , no timestamp information is included; however, you can enable timestamps and also modify the format of the timestamp attached to SYSLOG message by using the service timestamps log global configuration commands as follows:
ITKE(Config)# service timestamps log {uptime |datetime [msec |localtime |show-timezone]} http://itknowledgeexchange.techtarget.com/network-technologies/what-is-service-timestamps- logging-and-howit-can-be-configured-cisco-switch-or-a-router/

QUESTION 58
What is the purpose of an explicit “deny any” statement at the end of an ACL?

A.    none, since it is implicit
B.    to enable Cisco IOS IPS to work properly; however, it is the deny all traffic entry that is actually
required
C.    to enable Cisco IOS Firewall to work properly; however, it is the deny all traffic entry that is actually
required
D.    to allow the log option to be used to log any matches
E.    to prevent sync flood attacks
F.    to prevent half-opened TCP connections

Answer: D
Explanation:
As we know, there is always a “deny all” line at the end of each access-list to drop all other traffic that doesn’t match any “permit” lines. You can enter your own explicit deny with the “log” keyword to see what are actually blocked, like this:
Router(config)# access-list 1 permit 192.168.30.0 0.0.0.255 Router(config)# access-list 1 deny any log
Note: The log keyword can be used to provide additional detail about source and destinations for a given protocol. Although this keyword provides valuable insight into the details of ACL hits, excessive hits to an ACL entry that uses the log keyword increase CPU utilization. The performance impact associated with logging varies by platform. Also, using the log keyword disables Cisco Express Forwarding (CEF) switching for packets that match the access-list statement. Those packets are fast switched instead.

QUESTION 59
Which of these is mandatory when configuring Cisco IOS Firewall?

A.    Cisco IOS IPS enabled on the untrusted interface
B.    NBAR enabled to perform protocol discovery and deep packet inspection
C.    a route map to define the trusted outgoing traffic
D.    a route map to define the application inspection rules
E.    an inbound extended ACL applied to the untrusted interface

Answer: E
Explanation:
After the ACL is defined, it must be applied to the interface (inbound or outbound). In early software releases, out was the default when a keyword out or in was not specified. The direction must be specified in later software releases.

QUESTION 60
Which statement correctly describes the disabling of IP TTL propagation in an MPLS network?

A.    The TTL field from the IP packet is copied into the TTL field of the MPLS label header at the
ingress edge LSR.
B.    TTL propagation cannot be disabled in an MPLS domain.
C.    TTL propagation is only disabled on the ingress edge LSR.
D.    The TTL field of the MPLS label header is set to 255.
E.    The TTL field of the IP packet is set to 0.

Answer: D
Explanation:
Time-to-Live (TTL) is an 8-bit field in the MPLS label header which has the same function in loop detection of the IP TTL field. Recall that the TTL value is an integer from 0 to 255 that is decremented by one every time the packet transits a router. If the TTL value of an IP packet becomes zero, the router discards the IP packet, and an ICMP message stating that the TTL expired in transit is sent to the source IP address of the IP packet. This mechanism prevents an IP packet from being routed continuously in case of a routing loop.
By default, the TTL propagation is enabled so a user can use traceroute command to view all of the hops in the network.
We can disable MPLS TTL propagation with the no mpls ip propagate-ttl command under global configuration.
When entering a label-switched path (LSP), the edge router will use a fixed TTL value (255) for the first label.
This increases the security of your MPLS network by hiding provider network from customers.

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(41-50)!

QUESTION 41
Which two OSPF LSA types are new in OSPF version 3? (Choose two.)

A.    Link
B.    NSSA external
C.    Network link
D.    Intra-area prefix
E.    AS domain

Answer: AD
Explanation:
New LSA Types
OSPFv3 carries over the seven basic LSA types we’re familiar with from OSPFv2. However, the type 1 and 2 LSAs have been re-purposed, as will be discussed in a bit. OSPFv3 also introduces two new LSA types: Link and Intra-area Prefix.

clip_image001
http://packetlife.net/blog/2010/mar/2/ospfv2-versus-ospfv3/

QUESTION 42
What action will a BGP route reflector take when it receives a prefix marked with the community
attribute NO ADVERTISE from a client peer?

A.    It will advertise the prefix to all other client peers and non-client peers.
B.    It will not advertise the prefix to EBGP peers.
C.    It will only advertise the prefix to all other IBGP peers.
D.    It will not advertise the prefix to any peers.

Answer: D
Explanation:
BGP requires that all BGP peers in the same autonomous system form an iBGP session with all peers in the autonomous system. This is too difficult in many environments. Route reflectors are fully functional iBGP speakers that form iBGP sessions with other iBGP speakers, and they also perform a second function – they forward routes from other iBGP speakers to route reflector clients. The route reflector clients and clients form a cluster.

QUESTION 43
Refer to the Exhibit. The displayed QoS configuration has been configured on a router.
IPv6 is being implemented on the router, and it is required to convert the QoS policy to support both IPv4 and IPv6 on the same class.
Which alternative configuration would allow matching DSCP AF41 for both IPv4 and IPv6 on the
same class map?

clip_image001[4]

A.    Class-map match-all CLASS1
Match dscp af41
B.    Class-map match-all CLASS1
Match ip dscp af41
Match ipv6 dscp af41
C.    Class-map match-any CLASS1
Match ip dscp af41
Match ipv6 dscp af41
D.    Class-map match-any CLASS1
Match qos-group af41

Answer: A

QUESTION 44
Voice quality is bad due to high delay and jitter on a link. Which two actions will improve the quality of voice calls? (Choose two.)

A.    Increase the queue size of the voice class.
B.    Guarantee bandwidth during congestion to the voice class with a bandwidth command.
C.    Increase the tx-ring of the egress interface.
D.    Implement LLQ for the voice class.
E.    Decrease the rx-ring of the egress interface.
F.    Decrease the queue size of the voice class.

Answer: DF
Explanation:
http://www.cisco.com/en/US/docs/ios/voice/monitor/configuration/guide/vt_qos_voip_tbsh.pdf

QUESTION 45
Which three statements accurately describe a link-state routing protocol? (Choose three.)

A.    Each router sends routing information to all nodes in the flooding domain.
B.    Each router sends all or some portion of its routing table to neighboring routers.
C.    Each router individually builds a picture of the entire flooding domain.
D.    Each router has knowledge of all other routers in the flooding domain.
E.    Each router is only aware of neighboring routers.
F.    Each router installs routes directly from the routing updates into the routing table.

Answer: ACD

QUESTION 46
While you are troubleshooting network performance issues, you notice that a switch is periodically flooding all unicast traffic. Further investigation reveals that periodically the switch is also having spikes in CPU utilization, causing the MAC address table to be flushed and relearned. What is the most likely cause of this issue?

A.    a routing protocol that is flooding updates
B.    a flapping port that is generating BPDUs with the TCN bit set
C.    STP is not running on the switch
D.    a user that is downloading the output of the show-tech command
E.    a corrupted switch CAM table

Answer: B
Explanation:
Spanning-Tree Protocol Topology Changes
Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur. TCNs are triggered by a port that is transitioning to or from the forwarding state. After the TCN, even if the particular destination MAC address has aged out, flooding should not happen for long in most cases since the address will be relearned. The issue might arise when TCNs are occurring repeatedly with short intervals. The switches will constantly be fast-aging their forwarding tables so flooding will be nearly constant. Normally, a TCN is rare in a well-configured network. When the port on a switch goes up or down, there is eventually a TCN once the STP state of the port is changing to or from forwarding. When the port is flapping, repetitive TCNs and flooding occurs.
Ports with the STP portfast feature enabled will not cause TCNs when going to or from the forwarding state. Configuration of portfast on all end-device ports (such as printers, PCs, servers, and so on) should limit TCNs to a low amount. Refer to this document for more information on TCNs:
Understanding Spanning-Tree Protocol Topology Changes Note: In MSFC IOS, there is an optimization that will trigger VLAN interfaces to repopulate their ARP tables when there is a TCN in the respective VLAN. This limits flooding in case of TCNs, as there will be an ARP broadcast and the host MAC address will be relearned as the hosts reply to ARP.
http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00801d080 8.shtml

QUESTION 47
Your network is suffering from regular outages. After troubleshooting, you learn that the transmit lead of a fiber uplink was damaged. Which two features can prevent the same issues in the
future? (Choose two.)

A.    root guard
B.    loop guard
C.    BPDU guard
D.    UDLD
E.    BPDU skew detection

Answer: BD
Explanation:
STP Loop Guard
The STP loop guard feature provides additional protection against Layer 2 forwarding loops (STP loops). An STP loop is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state. This usually happens because one of the ports of a physically redundant topology (not necessarily the STP blocking port) no longer receives STP BPDUs. In its operation, STP relies on continuous reception or transmission of BPDUs based on the port role. The designated port transmits BPDUs, and the non-designated port receives BPDUs. When one of the ports in a physically redundant topology no longer receives BPDUs, the STP conceives that the topology is loop free. Eventually, the blocking port from the alternate or backup port becomes designated and moves to a forwarding state. This situation creates a loop. The loop guard feature makes additional checks. If BPDUs are not received on a non-designated port, and loop guard is enabled, that port is moved into the STP loop-inconsistent blocking state, instead of the listening / learning / forwarding state. Without the loop guard feature, the port assumes the designated port role. The port moves to the STP forwarding state and creates a loop.
Loop Guard versus UDLD
Loop guard and Unidirectional Link Detection (UDLD) functionality overlap, partly in the sense that both protect against STP failures caused by unidirectional links. However, these two features differ in functionality and how they approach the problem. This table describes loop guard and UDLD functionality:

clip_image001[6]
Based on the various design considerations, you can choose either UDLD or the loop guard feature. In regards to STP, the most noticeable difference between the two features is the absence of protection in UDLD against STP failures caused by problems in software. As a result, the designated switch does not send BPDUs.
However, this type of failure is (by an order of magnitude) more rare than failures caused by unidirectional links. In return, UDLD might be more flexible in the case of unidirectional links on EtherChannel. In this case, UDLD disables only failed links, and the channel should remain functional with the links that remain. In such a failure, the loop guard puts it into loop-inconsistent state in order to block the whole channel.
Additionally, loop guard does not work on shared links or in situations where the link has been unidirectional since the link-up. In the last case, the port never receives BPDU and becomes designated. Because this behavior could be normal, this particular case is not covered by loop guard.
UDLD provides protection against such a scenario.
As described, the highest level of protection is provided when you enable UDLD and loop guard.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094640.
shtml#loop_guard_vs_uld

QUESTION 48
Which feature would prevent guest users from gaining network access by unplugging an IP phone
and connecting a laptop computer?

A.    IPSec VPN
B.    SSL VPN
C.    port security
D.    port security with statically configured MAC addresses
E.    private VLANs

Answer: D
Explanation:
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/port _sec.html#wp1061587

QUESTION 49
After applying a new ACL on a device, its CPU utilization rose significantly and many messages
starting with “%SEC-6-IPACCESSLOG” appeared on the Syslog server.
What can be done to resolve this situation?

A.    Increase memory allocation for ACLs.
B.    Remove all entries from the ACL and use a single permit ip any any statement.
C.    Remove the log keyword from each ACL entry.
D.    Reboot the device after the ACL has been applied.

Answer: C
Explanation:
http://www.networksa.org/?p=347

QUESTION 50
You are the network administrator of a medium-sized company, and users are complaining that
they cannot send emails to some organizations. During your troubleshooting, you notice that your DNS MX record is blacklisted by several public blacklist filters. After clearing these listings for your IP address, and assuming that your email server has the right virus protection in place, what are two possible solutions to prevent this from happening in the future? (Choose two.)

A.    Change your Internet provider.
B.    Change your public IP address.
C.    Allow the email server to send traffic only to TCP port 25.
D.    Put your email server in a DMZ.
E.    Use a separate public IP address for your email server only.

Answer: CE
Explanation:
http://www.parkansky.com/tutorials/dmz.htm

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(31-40)!

QUESTION 31
Which two are effects of connecting a network segment that is running 802.1D to a network
segment that is running 802.1w? (Choose Two.)

A.    the entire network switches to 802.1D and generates BPDUs to determine root bridfe status.
B.    A migration delay of three seconds occurs when the port that is connected to the 802.1D bridge
comes up
C.    The entire network reconverges and a unique root briddge for the 802.1D segment, and a root bridge
for the 802.1W segment, is chosen
D.    the first hop 802.1w switch that is connected to the 802.1D runs entirely in 802.1D compatibility mode
and converts the BPDUs to either 802.1D or 802.1W segments of the network
E.    Classic 802.1D timers, Such as forward Delay and Max-age, will only be used as a backup, and will
not be necessary if point-to-point links and edge prots are properly identified and set by the administrator.

Answer: BE
Explanation:
Each port maintains a variable that defines the protocol to run on the corresponding segment. A migration delay timer of three seconds also starts when the port comes up. When this timer runs, the current STP or RSTP mode associated to the port is locked. As soon as the migration delay expires, the port adapts to the mode that corresponds to the next BPDU it receives. If the port changes its mode of operation as a result of a BPDU received, the migration delay restarts. 802.1D works by the concept that the protocol had to wait for the network to converge before it transitioned a port into the forwarding state. With Rapid Spanning Tree it does not have to rely on any timers, the only variables that that it relies on is edge ports and link types. Any uplink port that has an alternate port to the root can be directly placed into the forwarding state (This is the Rapid convergence that you speak of “restored quickly when RSTP is already in use?”). This is what happened when you disconnected the primary look; the port that was ALT, moved to FWD immediately, but the switch also still needs to create a BDU with the TC bit set to notify the rest of the network that a topology has occurred and all non-edge designated ports will transition to BLK, LRN, and then FWD to ensure there are no loops in the rest of the network. This is why if you have a host on a switchport, and you know for a fact that it is only one host, enable portfast to configure the port as an edgeport so that it does not have to transition to all the STP states.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml

QUESTION 32
Which command is used to enable Etherchannel hashing for layer 3 IP and Layer 4 Port-based
CEF?

A.    mpls ip cef
B.    port-channel ip cef
C.    mpls ip port-channel cef
D.    port-channel load balance
E.    mpls ip load-balance
F.    ip cef etherchannel channel-id XOR L4
G.    ip cef connection exchange

Answer: D
Explanation:
Port-channel load balance is normally used for enable etherchannel hashing for Layer 3 IP and Layer 4 port based CEF.

QUESTION 33
In 802.1s, how is the VLAN to instance mapping represented in the BPDU?

A.    The VLAN to instance mapping is a normal 16-byte field in the MST BPDU.
B.    The VLAN to instance mapping is a normal 12-byte field in the MST BPDU.
C.    The VLAN to instance mapping is a 16-byte MD5 signature field in the MST BPDU.
D.    The VLAN to instance mapping is a 12-byte MD5 signature field in the MST BPDU.

Answer: C
Explanation:
MST Configuration and MST Region
Each switch running MST in the network has a single MST configuration that consists of these three attributes:
1. An alphanumeric configuration name (32 bytes)
2. A configuration revision number (two bytes)
3. A 4096-element table that associates each of the potential 4096 VLANs supported on the chassis to a given instance.
In order to be part of a common MST region, a group of switches must share the same configuration attributes.It is up to the network administrator to properly propagate the configuration throughout the region. Currently, this step is only possible by the means of the command line interface (CLI) or through Simple Network
Management Protocol (SNMP). Other methods can be envisioned, as the IEEE specification does not explicitly mention how to accomplish that step.
Note: If for any reason two switches differ on one or more configuration attribute, the switches are part of different regions. For more information refer to the Region Boundary section of this document.
Region Boundary
In order to ensure consistent VLAN-to-instance mapping, it is necessary for the protocol to be able to exactly identify the boundaries of the regions. For that purpose, the characteristics of the region are included in the BPDUs. The exact VLANs-to-instance mapping is not propagated in the BPDU, because the switches only need to know whether they are in the same region as a neighbor. Therefore, only a digest of the VLANs-toinstance mapping table is sent, along with the revision number and the name. Once a switch receives a BPDU, the switch extracts the digest (a numerical value derived from the VLAN-to-instance mapping table through a mathematical function) and compares this digest with its own computed digest. If the digests differ, the port on which the BPDU was received is at the boundary of a region.
In generic terms, a port is at the boundary of a region if the designated bridge on its segment is in a different region or if it receives legacy 802.1d BPDUs. In this diagram, the port on B1 is at the boundary of region A, whereas the ports on B2 and B3 are internal to region B:

clip_image001
MST Instances
According to the IEEE 802.1s specification, an MST bridge must be able to handle at least these two instances:
One Internal Spanning Tree (IST)
One or more Multiple Spanning Tree Instance(s) (MSTIs)
The terminology continues to evolve, as 802.1s is actually in a pre-standard phase. It is likely these names will change in the final release of 802.1s. The Cisco implementation supports 16 instances:
one IST (instance 0) and 15 MSTIs.
show vtp status
Cisco switches “show vtp status” Field Descriptions has a MD5 digest field that is a 16-byte checksum of the
VTP configuration as shown below
Router# show vtp status
VTP Version: 3 (capable)
Configuration Revision: 1
Maximum VLANs supported locally: 1005
Number of existing VLANs: 37
VTP Operating Mode: Server
VTP Domain Name: [smartports]
VTP Pruning Mode: Disabled
VTP V2 Mode: Enabled
VTP Traps Generation: Disabled
MD5 digest : 0x26 0xEE 0x0D 0x84 0x73 0x0E 0x1B 0x69
Configuration last modified by 172.20.52.19 at 7-25-08 14:33:43 Local updater ID is 172.20.52.19 on interface Gi5/2 (first layer3 interface fou) VTP version running: 2
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfc.shtml
http://www.cisco.com/en/US/docs/ios-xml/ios/lanswitch/command/lsw-cr-book.pdf

QUESTION 34
Which three combinations are valid LACP configurations that will set up a channel? (Choose
three.)

A.    On/On
B.    On/Auto
C.    Passive/Active
D.    Desirable/Auto
E.    Active/Active
F.    Desirable/Desirable

Answer: ACE
Explanation:
http://www.cisco.com/en/US/products/hw/switches/ps663/products_configuration_example09186 a0080094aec.shtml (pagp and lacp modes, see the table)

QUESTION 35
Which two options does Cisco PfR use to control the entrance link selection with inbound
optimization? (Choose two.)

A.    Prepend extra AS hops to the BGP prefix.
B.    Advertise more specific BGP prefixes (longer mask).
C.    Add (prepend) one or more communities to the prefix that is advertised by BGP.
D.    Have BGP dampen the prefix.

Answer: AC
Explanation:
http://www.cisco.com/en/US/docs/ios-xml/ios/pfr/configuration/15-2s/pfr-bgp- inbound.html#GUID-F8A59E24-1D59-4924-827D-B23B43D9A8E0
http://www.cisco.com/en/US/products/ps8787/products_ios_protocol_option_home.html

QUESTION 36
Which two orders in the BGP Best Path Selection process are correct? (Choose two.)

A.    Higher local preference, then lowest MED, then eBGP over iBGP paths
B.    Higher local preference, then highest weight, then lowest router ID
C.    Highest weight, then higher local preference, then shortest AS path
D.    Lowest origin type, then higher local preference, then lowest router ID
E.    Highest weight, then higher local preference, then highest MED

Answer: AC
Explanation:
Weight is the first attribute BGP uses in the route selection process. Route with a higher weight is preferred when multiple routes exist to the same destination.

QUESTION 37
What is the first thing that happens when IPv6 is enabled on an interface on a host?

A.    A router solicitation is sent on that interface.
B.    There is a duplicate address detection on the host interface.
C.    The link local address is assigned on the host interface.
D.    A neighbor redirect message is sent on the host interface.

Answer: B
Explanation:
Duplicate address detection (DAD) is used to verify that an IPv6 home address is unique on the LAN before assigning the address to a physical interface (for example, QDIO). z/OS Communications Server responds to other nodes doing DAD for IP addresses assigned to the interface.
http://publib.boulder.ibm.com/infocenter/zos/v1r12/index.jsp?topic=%2Fcom.ibm.zos.r12.hale001 %2Fipv6d0021002145.htm

QUESTION 38
What is the flooding scope of an OSPFv3 LSA, if the value of the S2 bit is set to 1 and the S1 bit is set to 0?

A.    link local
B.    area wide
C.    AS wide
D.    reserved

Answer: C
Explanation:
The Type 1 router LSA is now link local and the Type 2 Network LSA is AS Wide S2 and S1 indicate the LSA’s flooding scope. Table 9-1 shows the possible values of these two bits and the associated flooding scopes.

clip_image001[4]
Table 9-1 S bits in the OSPFv3 LSA Link State Type field and their associated flooding scopes
LSA Function Code, the last 13 bits of the LS Type field, corresponds to the OSPFv2 Type field. Table 9-2 shows the common LSA types used by OSPFv3 and the values of their corresponding LS Types. If you decode the hex values, you will see that the default U bit of all of them is 0. The S bits of all LSAs except two indicate area scope. Of the remaining two, AS External LSAs have an AS flooding scope and Link LSAs have a linklocal flooding scope. Most of the OSPFv3 LSAs have functional counterparts in OSPFv2; these OSPFv2 LSAs and their types are also shown in Table 9-2. Table 9-2 OSPFv3 LSA types and their OSPFv2 counterparts

clip_image001[6]

http://www.networkworld.com/subnets/cisco/050107-ch9-ospfv3.html?page=1

QUESTION 39
How will EIGRPv6 react if there is an IPv6 subnet mask mismatch between the Global Unicast
addresses on a point-to-point link?

A.    EIGRPv6 will form a neighbor relationship.
B.    EIGRPv6 will not form a neighbor relationship.
C.    EIGRPv6 will form a neighbor relationship, but with the log MSG: “EIGRPv6 neighbor not on a
common subnet.”
D.    EIGRPv6 will form a neighbor relationship, but routes learned from that neighbor will not be
installed in the routing table.

Answer: A
Answer: A
Explanation:
http://www.ietf.org/rfc/rfc3587.txt

QUESTION 40
Which two tunneling techniques support IPv6 multicasting? (Choose two.)

A.    6to4
B.    6over4
C.    ISATAP
D.    6PE
E.    GRE

Answer: BE
Explanation:
When IPv6 multicast is supported (over a 6to4 tunnel), an IPv6 multicast routing protocol must be used
Restrictions for Implementing IPv6 Multicast
IPv6 multicast for Cisco IOS software uses MLD version 2. This version of MLD is fully backward- compatible with MLD version 1 (described in RFC 2710). Hosts that support only MLD version 1 will interoperate with a router running MLD version 2. Mixed LANs with both MLD version 1 and MLD version 2 hosts are likewise supported.
IPv6 multicast is supported only over IPv4 tunnels in Cisco IOS Release 12.3(2)T, Cisco IOS Release 12.2
(18)S, and Cisco IOS Release 12.0(26)S.
When the bidirectional (bidir) range is used in a network, all routers in that network must be able to understand the bidirectional range in the bootstrap message (BSM). IPv6 multicast routing is disabled by default when the ipv6 unicast-routing command is configured. On Cisco Catalyst 6500 and Cisco 7600 series routers, the ipv6 multicast-routing also must be enabled in order to use IPv6 unicast routing
http://www.cisco.com/web/about/ac123/ac147/ac174/ac197/ about_cisco_ipj_archive_article09186a00800c830a.html
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-multicast.html https://supportforums.cisco.com/thread/183386

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(21-30)!

QUESTION 21
A new Backup Connection is being deployed on a remote site router. the stability of the connection has been a concern. in order to provide more information to EIGRP Regarding this interface, You wish to incorporate the “Reliability” cost metric in the EIGRP Calculation with the command metric weights 1 0 1 0 1.
What impact will this modification on the remote site router have for other existing EIGRP
neighborships from the same EIGRP Domain?

A.    Existing Neighbors will immediately begin using the new metric.
B.    Existing Neighbors will use the new metric after clearing the EIGRP Neighbors.
C.    Existing Neighbors will resync, maintaining the neighbor relationship
D.    All ecisting neighbor relationships will go down

Answer: D
Explanation:
For eigrp Neighbor relationship to form, K values must match on both routers.

QUESTION 22
Refer to the exhibit. R1 has an EBGP session to ISP 1 and an EBGP session to ISP 2. R1 receives the same prefixes through both links.
Which configuration should be applied so that the link between R1 and ISP 2 will be preferred for outgoing traffic (R1 to ISP 2)?

clip_image001

A.    Increase local preference on R1 for routes received from ISP2.
B.    Decrease local preference on R1 for routes received from ISP2.
C.    Increase MED on ISP 2 for routes received from R1.
D.    Decrease MED on ISP 2 for routes received from R1.

Answer: A
Explanation:
Local preference is an indication to the AS about which path has preference to exit the AS in order to reach a certain network. A path with higher local preference is preferred more. The default value of preference is 100.
http://www.cisco.com/en/US/tech/tk872/technologies_configuration_example09186a0080b82d1f.shtml

QUESTION 23
When you are troubleshooting duplex mismatches, which two errors are typically seen on the
fullduplex end? (Choose two.)

A.    runts
B.    FCS errors
C.    interface resets
D.    late collisions

Answer: AB
Explanation:
FCS, or File Check Sequence Errors, are one of the more common errors found in a network. When packets are transmitted and received, each contains a File Check Sequence that allows the receiving device to determine if the packet is complete without having to examine each bit. This is a type of CRC, or Cyclical Redundancy Check. Barring a station powering up or down during a transmission, the most common cause of these errors is noise. Network noise can be caused by cabling being located too close to noise sources such as lights, heavy machinery, etc. If a cabling installation is particularly faulty — such as pairs being untwisted, improper terminations, field terminated patch cables, etc. — these errors will occur on your network. Poorly manufactured components or minimally compliant components that are improperly installed can compound this issue. Cabling segments that are too long can also cause these errors.
Cabling issues, as defined above, or MAC layer packet formation issues (possibly hardware related) cause these errors. A faulty LAN driver can also cause this. Replacement of the driver will correct the latter issue. These errors can also be seen in correlation with RUNT packets or packets that are too short. Noise, however, is the most common cause and can generally be corrected by addressing the cabling channel.

QUESTION 24
Which two options are contained in a VTP subset advertisement? (Choose two.)

A.    followers field
B.    MD5 digest
C.    VLAN information
D.    sequence number

Answer: CD
Explanation:
Subset Advertisements
When you add, delete, or change a VLAN in a Catalyst, the server Catalyst where the changes are made increments the configuration revision and issues a summary advertisement. One or several subset advertisements follow the summary advertisement. A subset advertisement contains a list of VLAN information.
If there are several VLANs, more than one subset advertisement can be required in order to advertise all the VLANs.
Subset Advertisement Packet Format

clip_image001[5]
This formatted example shows that each VLAN information field contains information for a different VLAN. It is ordered so that lowered-valued ISL VLAN IDs occur first:

clip_image001[7]
Most of the fields in this packet are easy to understand. These are two clarifications:
Code — The format for this is 0x02 for subset advertisement. Sequence number — This is the sequence of the packet in the stream of packets that follow a summary advertisement. The sequence starts with 1.
Advertisement Requests
A switch needs a VTP advertisement request in these situations:
The switch has been reset.
The VTP domain name has been changed.
The switch has received a VTP summary advertisement with a higher configuration revision than its own.
Upon receipt of an advertisement request, a VTP device sends a summary advertisement. One or more subset advertisements follow the summary advertisement. This is an example:

clip_image001[9]

Code–The format for this is 0x03 for an advertisement request. Start-Value–This is used in cases in which there are several subset advertisements. If the first (n) subset advertisement has been received and the subsequent one (n+1) has not been received, the Catalyst only requests advertisements from the (n+1)th one.
http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml

QUESTION 25
Which two statements are true about traffic shaping? (Choose two.)

A.    Out-of-profile packets are queued.
B.    It causes TCP retransmits.
C.    Marking/remarking is not supported.
D.    It does not respond to BECN and ForeSight Messages.
E.    It uses a single/two-bucket mechanism for metering.

Answer: AC
Explanation:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CCwQFjAA&url=http%3A%2F%2Fstaffweb.itsligo.ie%2Fstaff%2Fpflynn%2FTelecoms%25203%2FSlides%2FONT%2520Mod%25204%2520Lesson%25207.ppt&ei=LoDIUfTTGtO3hAeQz4HQCA&usg=AFQjCNGY24UkAfy8tKIHlz Em9gfoIjv6fg&sig2=t4UIzkZ12wnO2988dEDyug&bvm=bv.48293060,d.ZG4 (slide 6)

QUESTION 26
Which three options are features of VTP version 3? (Choose three.)

A.    VTPv3 supports 8K VLANs.
B.    VTPv3 supports private VLAN mapping.
C.    VTPv3 allows for domain discovery.
D.    VTPv3 uses a primary server concept to avoid configuration revision issues.
E.    VTPv3 is not compatible with VTPv1 or VTPv2.
F.    VTPv3 has a hidden password option.

Answer: BDF
Explanation:
Key Benefits of VTP Version 3
Much work has gone into improving the usability of VTP version 3 in three major areas:
The new version of VTP offers better administrative control over which device is allowed to update other devices’ view of the VLAN topology. The chance of unintended and disruptive changes is significantly reduced, and availability is increased. The reduced risk of unintended changes will ease the change process and help speed deployment.
Functionality for the VLAN environment has been significantly expanded. Two enhancements are most beneficial for today’s networks:
?In addition to supporting the earlier ISL VLAN range from 1 to 1001, the new version supports the whole IEEE 802.1Q VLAN range up to 4095.
?In addition to supporting the concept of normal VLANs, VTP version 3 can transfer information regarding Private VLAN (PVLAN) structures.
The third area of major improvement is support for databases other than VLAN (for example, MST).
Brief Background on VTP Version 1 and VTP Version 2
VTP version 1 was developed when only 1k VLANs where available for configuration. A tight internal coupling of the VLAN implementation, the VLAN pruning feature, and the VTP function itself offered an efficient means of implementation. It has proved in the field to reliably support Ethernet, Token Ring, and FDDI networks via VTP.
The use of consistent VLAN naming was a requirement for successful use of VMPS (Vlan Membership Policy Server). VTP ensures the consistency of VLAN names across the VTP domain. Most VMPS implementations are likely to be migrated to a newer, more flexible and feature-rich method. To add support for Token Ring, VTP version 1 was enhanced and called VTP version 2. Certain other minor changes and enhancements were also added at this time. The functional base in VTP version 3 is left unchanged from VTP version 2, so backward compatibility is built in. It is possible, on a per link basis, to automatically discover and support VTP version 2 devices.
VTP version 3 adds a number of enhancements to VTP version 1 and VTP version 2:
Support for a structured and secure VLAN environment (Private VLAN, or PVLAN) Support for up to 4k VLANs
Feature enhancement beyond support for a single database or VTP instance Protection from unintended database overrides during insertion of new switches Option of clear text or hidden password protection
Configuration option on a per port base instead of only a global scheme Optimized resource handling and more efficient transfer of information These new requirements made a new code foundation necessary. The design goal was to make VTP version 3 a versatile vehicle. This was not only for the task of transferring a VLAN DB but also for transferring other databases-for example, the MST database.
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/solution_guide_c78_508010.
html

QUESTION 27
Which three options are considered in the spanning-tree decision process? (Choose three.)

A.    lowest root bridge ID
B.    lowest path cost to root bridge
C.    lowest sender bridge ID
D.    highest port ID
E.    highest root bridge ID
F.    highest path cost to root bridge

Answer: ABC
Explanation:
Configuration bridge protocol data units (BPDUs) are sent between switches for each port. Switches use s four step process to save a copy of the best BPDU seen on every port. When a port receives a better BPDU, it stops sending them. If the BPDUs stop arriving for 20 seconds (default), it begins sending them again.
Step 1 Lowest Root Bridge ID (BID)
Step 2 Lowest Path Cost to Root Bridge
Step 3 Lowest Sender BID
Step 4 Lowest Port ID
Reference
Cisco General Networking Theory Quick Reference Sheets

QUESTION 28
Why would a rogue host that is running a DHCP Server on a Campus LAN network present a
security risk?

A.    It may allocate IP addresses from an unknown subnet to the users
B.    all Multicast traffic can be sniffer y using the DHCO Multicasr capabilities
C.    the CPU utilization of the first hop router can be overloaded by exploiting DHCP Relay open ports
D.    A potential Man-in-the-middle Attack can be used against the clients.

Answer: D
Explanation:
A rogue DHCP server is typically used in conjunction with a network attacker who launches man-in- the-middle (MitM) attacks. MitM is an attack technique in which the attacker exploits normal protocol processing behavior to reroute normal traffic flow between two endpoints. A hacker will broadcast DHCP requests with spoofed MAC addresses, thereby exhausting the address space of the legitimate DHCP server. Once the addresses are exhausted, the rogue DHCP server provides DHCP responses to users’ DHCP requests. These responses would include DNS servers and a default gateway, which would be used to launch a MitM attack.

QUESTION 29
Which Statement is true about TCN Propagation?

A.    The originator of the TCN immediately floods this information through the network
B.    the TCN propagation is a two step process
C.    A TCN is generated and sent to the root bridge
D.    the root bridge must flood this information throught the network

Answer: C
Explanation:
New Topology Change Mechanisms
When an 802.1D bridge detects a topology change, it uses a reliable mechanism to first notify the root bridge.
This is shown in this diagram:

clip_image001[11]
Once the root bridge is aware of a change in the topology of the network, it sets the TC flag on the BPDUs it sends out, which are then relayed to all the bridges in the network. When a bridge receives a BPDU with the TC flag bit set, it reduces its bridging-table aging time to forward delay seconds. This ensures a relatively quick flush of stale information. Refer to Understanding Spanning-Tree Protocol Topology Changes for more information on this process. This topology change mechanism is deeply remodeled in RSTP. Both the detection of a topology change and its propagation through the network evolve.
Topology Change Detection
In RSTP, only non-edge ports that move to the forwarding state cause a topology change. This means that a loss of connectivity is not considered as a topology change any more, contrary to 802.1D (that is, a port that moves to blocking no longer generates a TC). When a RSTP bridge detects a topology change, these occur:
It starts the TC While timer with a value equal to twice the hello-time for all its non-edge designated ports and its root port, if necessary.
It flushes the MAC addresses associated with all these ports. Note: As long as the TC While timer runs on a port, the BPDUs sent out of that port have the TC bit set.
BPDUs are also sent on the root port while the timer is active.
Topology Change Propagation
When a bridge receives a BPDU with the TC bit set from a neighbor, these occur:
It clears the MAC addresses learned on all its ports, except the one that receives the topology change.
It starts the TC While timer and sends BPDUs with TC set on all its designated ports and root port (RSTP no longer uses the specific TCN BPDU, unless a legacy bridge needs to be notified). This way, the TCN floods very quickly across the whole network. The TC propagation is now a one step process. In fact, the initiator of the topology change floods this information throughout the network, as opposed to 802.1D where only the root did. This mechanism is much faster than the 802.1D equivalent. There is no need to wait for the root bridge to be notified and then maintain the topology change state for the whole network for <max age plus forward delay> seconds.

clip_image001[13]
In just a few seconds, or a small multiple of hello-times, most of the entries in the CAM tables of the entire network (VLAN) flush. This approach results in potentially more temporary flooding, but on the other hand it clears potential stale information that prevents rapid connectivity restitution.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml

QUESTION 30
Which statement is true about loop guard?

A.    Loop Guard only operates on interfaces that are considered point-to-point by the spanning tree.
B.    Loop Guard only operates on root ports.
C.    Loop Guard only operates on designated ports
D.    Loop Guard only operates on edge ports

Answer: A
Explanation:
http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.2glx/configuration/guide/stp_enha.
html#wp1048163

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(11-20)!

QUESTION 11
Apart from interdomain multicast routing, what else is MSDP used for?

A.    Source Specific Multicast and IGMPv2
B.    Announcing multicast sources to BGP speakers
C.    Anycast RP
D.    Intradomain multicast routing

Answer: C
Explanation:
http://www.cisco.com/en/US/docs/ios/12_2/ip/configuration/ guide/1cfmsdp_ps1835_TSD_Products_Configuration_Guide_Chapter.html

QUESTION 12
Which IGMPv2 message contains a non-zero “Max Response Time”?

A.    Membership Query
B.    Membership Report
C.    Membership Delay
D.    Backward Compatible IGMPv1 Report Message

Answer: A
Explanation:
The Max Response Time field is used only in Membership Query messages. It specifies the maximum allowed time before sending a responding report in units of 1/10 second. In all other messages, it is set to zero by the sender and ignored by receivers.

QUESTION 13
What is Phantom RP used for?

A.    it is used for load balancing in bidirectional PIM
B.    it is used for redundancy in bidirectional PIM
C.    it is used for redundancy in PIM-SM
D.    it is used for load balancing in PIM-SM

Answer: B
Explanation:
Phantom RP
In Bidirectional PIM (Bidir-PIM), the RP does not have an actual protocol function. The RP acts as a routing vector in which all the traffic converges. The RP can be configured as an address that is not assigned to any particular device called a Phantom RP. This means that the RP address does not need to reside on a physical router interface, but can just be an address in a subnet. The RP can also be a physical router, but it is not necessary.
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6552/whitepaper_c11- 508498.html

QUESTION 14
Which three statements are true about TACACS+? (Choose three.)

A.    It is a Cisco proprietary protocol.
B.    It runs on TCP port 59.
C.    Authentication and authorization are done at different stages.
D.    TACACS+ encrypts the entire body of the packet, but leaves a standard TACACS+ header.
E.    It is an industry standard protocol.
F.    TACACS+ encrypts both the entire body of the packet and the TACACS+ header.

Answer: ACD
Explanation:
TACACS+ utilizes TCP port 49. It consists of three separate protocols, which can be implemented on separate servers.[1]
TACACS+ offers multiprotocol support, such as IP and AppleTalk. Normal operation fully encrypts the body of the packet for more secure communications. It is a Cisco proprietary enhancement to the original TACACS protocol.
http://en.wikipedia.org/wiki/TACACS%2B

QUESTION 15
What does Cisco recommend when you are enabling Cisco IOS IPS?

A.    Do not enable all the signatures at the same time.
B.    Do not enable the ICMP signature.
C.    Disable the Zone-Based Policy Firewall because it is not compatible with Cisco IOS IPS.
D.    Disable CEF because it is not compatible with Cisco IOS IPS.

Answer: A
Explanation:
Router memory and resource constraints prevent a router from loading all Cisco IOS IPS signatures. Thus, it is recommended that you load only a selected set of signatures that are defined by the categories. Because the categories are applied in a “top-down” order, you should first retire all signatures, followed by “unretiring” specific categories. Retiring signatures enables the router to load information for all signatures, but the router does not build the parallel scanning data structure.

QUESTION 16
Which two statements are true about Unicast Reverse Path Forwarding Loose Mode? (Choose
two.)

A.    It is used in multihome network scenarios.
B.    It can be used with BGP to mitigate DoS and DDoS.
C.    It does not need to have CEF enabled.
D.    It is enabled via the interface level command ip verify unicast reverse-path.
E.    It cannot be used with “classification” access lists.

Answer: AB
Explanation:
The Unicast Reverse Path Forwarding Loose Mode feature creates a new option for Unicast Reverse Path Forwarding (Unicast RPF), providing a scalable anti-spoofing mechanism suitable for use in multihome network scenarios. This mechanism is especially relevant for Internet Service Providers (ISPs), specifically on routers that have multiple links to multiple ISPs. In addition, Unicast RPF (strict or loose mode), when used in conjunction with a Border Gateway Protocol (BGP) “trigger, ” provides an excellent quick reaction mechanism that allows network traffic to be dropped on the basis of either the source or destination IP address, giving network administrators an efficient tool for mitigating denial of service (DoS) and distributed denial of service (DDoS) attacks.
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ft_urpf.html

QUESTION 17
Which three protocols should be explicitly managed by using a CoPP policy on an Internet border
router? (Choose three.)

A.    SMTP
B.    ICMP
C.    BGP
D.    SSH
E.    RTP
F.    BitTorrent
G.    VTP

Answer: BCD
Explanation:
Control Plane Policing (CoPP) is a Cisco IOS-wide feature designed to allow users to manage the flow of traffic handled by the route processor of their network devices. CoPP is designed to prevent unnecessary traffic from overwhelming the route processor that, if left unabated, could affect system performance. Route processor resource exhaustion, in this case, refers to all resources associated with the punt path and route processor(s) such as Cisco IOS process memory and buffers, and ingress packet queues.
http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html#3

QUESTION 18
What is true about IP Source Guard with port security?

A.    Binding should be manually configured.
B.    It is not supported if IEEE 802.1x port-based authentication is enabled
C.    The DHCP server must support option 82, or the client is not assigned an IP address.
D.    It filters based on source IP address only.

Answer: C
Explanation:
http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/12.2_55_s e/configuration/guide/swdhcp82.html (see enabling IP source guard, see the table ?step 3)

QUESTION 19
Which two commands are required to enable multicast on a router, knowing that the receivers only supports IGMPv2? (Choose Two)

A.    IP PIM RP-address
B.    IP PIM ssm
C.    IP PIM Sparse-mode
D.    IP PIM Passive

Answer: AC
Explanation:
Sparse mode logic (pull mode) is the opposite of Dense mode logic (push mode), in Dense mode it is supposed that in every network there is someone who is requesting the multicast traffic so PIM-DM routers begin by flooding the multicast traffic out of all their interfaces except those from where a prune message is received to eliminate the “leaf” from the multicasting tree (SPT), the Source-Based Tree (S, G); as opposed to Sparse mode that send the traffic only if someone explicitly requested it. Not like Dense mode, which build a separated source-based tree (S, G) between the source and the requester of the traffic, Sparse mode mechanism is based on a fixed point in the network named Rendez-Vous point.
All sources will have to register with the RP to which they send their traffic and thereby build a source-based tree (S, G) between them and the RP (not with the final multicast receiver like in PIM-DM) and all PIM-SM routers, “whatever” multicast traffic they are requesting, have to register with the RP and build a shared-tree (*. G)
http://tools.ietf.org/html/rfc2236
http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00800b087 1.shtml
http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080094821.shtml#sparsemode

QUESTION 20
A branch router is configured with an egress QoS policy that was designed for a total number of 10 concurrent VOIP Calls.
Due to Expansion, 15 VOIP Calls are now running over the link, but after the 14th call was
established, all calls were affected and the voice quality was dramatically degraded.
Assuming that there is enough bandwidth on the link for all of this traffic, which part of the QOS configuration should be updated due to the new traffic profile?

A.    Increase the shaping rate for the priority queue.
B.    Remove the policer applied on the priority queue.
C.    Remove the shaper applied on the preiority queue.
D.    Increase the policing rate for the priority queue.

Answer: D
Explanation:
The question works on the premise that there was no congestion on the link upto the 13th call. When you please the 14th call there is congestion on the link. When there is NO congestion the priority command is allowed to take as much bandwidth as required. When there is congestion on the link the Priority command has to only use the configured bandwidth.
Adding the 14th call caused congestion, which in turn made the priority command restrict the calls to the configured value of 10 hence affect the quality of all calls.

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(1-10)!

QUESTION 1
In order to maintain security, with which hop count are IPv6 neighbor discovery packets sent?

A.    0
B.    1
C.    255
D.    256

Answer: C

QUESTION 2
Which command will define a VRF with name ‘CCIE’ in IPv6?

A.    ip vrf CCIE
B.    ipv6 vrf CCIE
C.    vrf definition CCIE
D.    ipv6 vrf definition CCIE

Answer: C
Explanation:
Vrf definition CCIE creates a multiprotocol VRF for both IPv4 and IPv6

QUESTION 3
For which routes does LDP advertise a label binding?

A.    all routes in the routing table
B.    only the IGP and BGP routes in the routing table
C.    only the BGP routes in the routing table
D.    only the IGP routes in the routing table

Answer: D
Explanation:
LDP can only do bindings for IGP learned routes. If the route is learned from BGP, BGP has to do the label binding. For CCIE R&S you don’t need to worry about using BGP for label distribution, as this is used for Inter-AS MPLS L3VPN scenarios. If you change your setup so the routes are learned from IGP instead of BGP they will have labels.

QUESTION 4
Which command can be used on a PE router to connect to a CE router (11.1.1.4) in VRF red?

A.    telnet 11.1.1.4 /vrf-source red
B.    telnet 11.1.1.4 source /vrf red
C.    telnet 11.1.1.4 /source vrf red
D.    telnet 11.1.1.4 /vrf red
E.    telnet 11.1.1.4 vrf red

Answer: D
Explanation:
Telnetting can be done through the VRF using the Management Ethernet interface. In the following example, the router telnets to 172.17.1.1 through the Management Ethernet interface VRF:
Router# telnet 172.17.1.1 /vrf Mgmt-intf
http://www.cisco.com/en/US/docs/routers/asr1000/configuration/guide/chassis/Management_Eth ernet.html

QUESTION 5
Which two statements are correct about Nonstop Forwarding? (Choose two.)

A.    It allows the standby RP to take control of the device after a hardware or software fault on the active RP.
B.    It is a Layer 3 function that works with SSO to minimize the amount of time a network is
unavailable to users following a switchover.
C.    It is supported by the implementation of EIGRP, OSPF, RIPv2, and BGP protocols.
D.    It synchronizes startup configuration, startup variables, and running configuration.
E.    The main objective of NSF is to continue forwarding IP packets following a switchover.
F.    Layer 2 802.1w or 802.1s must be used, as 802.1d cannot process the Layer 2 changes.
G.    Routing protocol tuning parameters must be the same as the NSF parameters, or failover will
be inconsistent.

Answer: BE
Explanation:
Cisco Nonstop Forwarding (NSF) works with the Stateful Switchover (SSO) feature in Cisco IOS software. NSF works with SSO to minimize the amount of time a network is unavailable to its users following a switchover. The main objective of Cisco NSF is to continue forwarding IP packets following a Route Processor (RP) switchover.
http://www.cisco.com/en/US/docs/ios/12_2s/feature/guide/fsnsf20s.html

QUESTION 6
Which three fields are optional in an OSPFv3 external LSA? (Choose three.)

A.    Forwarding Address
B.    External Route
C.    Reference Link-State ID
D.    Option
E.    Prefix Options

Answer: ABC
Explanation:
AS-External LSA
As with OSPFv2, the AS-External LSA advertises prefixes external to the OSPF routing domain; one LSA is required for each external prefix advertised. However, the format of the OSPFv3 As-External LSA (Figure 9-10) is different from its OSPFv2 counterpart.
Figure 9-10. OSPFv3 AS-External LSA

clip_image001
http://fengnet.com/book/CCIE%20Professional%20Development%20Routing%20TCPIP%20Volume% 20I/images/09fig10_alt.jpg

QUESTION 7
On a router, interface S0 is running EIGRPv6, and interface S1 is running OSPFv3. A
redistribution command is issued under OSPFv3, redistribute EIGRP 1 metric 20 under ipv6 router nospf 1. What will happen after applying this redistribution command?

A.    All routes showing up as D and D EX in the routing table will be redistributed into OSPFv3.
B.    All routes showing up as D, D EX, and C in the routing table will be redistributed into OSPFv3.
C.    All routes showing up as D and D EX in the routing table and the S0 interface will be
redistributed into OSPFv3.
D.    All routes showing up as D in the routing table will be redistributed into OSPFv3.
E.    All routes showing up as D EX in the routing table will be redistributed into OSPFv3.

Answer: A
Explanation:
D are EIGRP Internal Routes and D EX are EIGRP external routes. Both Internal and External EIGRP routes will be redistributed with the configuration shown above

QUESTION 8
Which type of domains is interconnected using Multicast Source Discovery Protocol?

A.    PIM-SM
B.    PIM-DM
C.    PIM-SSM
D.    DVMRP

Answer: A
Explanation:
Multicast Source Discovery Protocol (MSDP) is a Protocol Independent Multicast (PIM) family multicast routing protocol defined by Experimental RFC 3618. MSDP interconnects multiple IPv4 PIM Sparse-Mode (PIM-SM) domains which enables PIM-SM to have Rendezvous Point (RP) redundancy and inter-domain multicasting.
http://en.wikipedia.org/wiki/Multicast_Source_Discovery_Protocol

QUESTION 9
Which two multicast address ranges are assigned as source-specific multicast destination
addresses and are reserved for use by source-specific applications and protocols? (Choose two.)

A.    232.0.0.0/8
B.    239.0.0.0/8
C.    232.0.0.0/4
D.    FF3x::/32
E.    FF2x::/32
F.    FF3x::/16

Answer: AD
Explanation:
Source-specific multicast (SSM) is a method of delivering multicast packets in which the only packets that are delivered to a receiver are those originating from a specific source address requested by the receiver. By so limiting the source, SSM reduces demands on the network and improves security. SSM requires that the receiver specify the source address and explicitly excludes the use of the (*, G) join for all multicast groups in RFC 3376, which is possible only in IPv4’s IGMPv3 and IPv6’s MLDv2. Source-specific multicast is best understood in contrast to any-source multicast (ASM). In the ASM service model a receiver expresses interest in traffic to a multicast address. The multicast network must
1. discover all multicast sources sending to that address, and
2. route data from all sources to all interested receivers. This behavior is particularly well suited to groupware applications where
1. all participants in the group want to be aware of all other participants, and
2. the list of participants is not known in advance.
The source discovery burden on the network can become significant when the number of sources is large.
In the SSM service model, in addition to the receiver expressing interest in traffic to a multicast address, the receiver expresses interest in receiving traffic from only one specific source sending to that multicast address.
This relieves the network of discovering many multicast sources and reduces the amount of multicast routing information that the network must maintain. SSM requires support in last-hop routers and in the receiver’s operating system. SSM support is not required in other network components, including routers and even the sending host. Interest in multicast traffic from a specific source is conveyed from hosts to routers using IGMPv3 as specified in RFC 4607.
SSM destination addresses must be in the ranges 232.0.0.0/8 for IPv4 or FF3x::/96 for IPv6.
http://en.wikipedia.org/wiki/Source-specific_multicast

QUESTION 10
How is RPF used in multicast routing?

A.    to prevent multicast packets from looping
B.    to prevent PIM packets from looping
C.    to instruct PIM where to send a (*,G) or (S,G) join message
D.    to prevent multicast packets from looping and to instruct PIM where to send a (*,G) or (S,G) join message

Answer: D

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

1 2 3