2014 Latest Cisco 350-001 Dump Free Download(171-180)!

QUESTION 171
Which one of the following potential issues is eliminated by using split horizon?

A.    Joined horizons
B.    Packet forwarding loops
C.    cisco Express Forwarding load-balancing inconsistency
D.    Asymmetric routing throughout the network

Answer: B
Explanation:
Split horizon is a base technique used to reduce the chance of routing loops. Split horizon states that it is never useful to send information about a route back in the direction from which the information came and therefore routing information should not be sent back to the source from which it came. In fact, only the interfaces are considered for the direction, not the neighbors. Note that this rule works well not only for routes learned via a distance vector routing protocol but also for routes installed in a routing table as directly connected networks. As they reside on the same network, the neighbors do not need any advertisements on a path to that shared network.
The split horizon rule helps prevent two-node (two-neighbor) routing loops and also improves performance by eliminating unnecessary updates.

QUESTION 172
Phase I and Phase II DMVPN differ in terms of which of these characteristics?

A.    Utilization of spoke-to-spoke dynamic tunnels
B.    Utilization of multipoint GRE tunnels at the hub site
C.    Utilization of hub-to-spoke dynamic tunnels
D.    Support for multicast

Answer: A
Explanation:
DMVPN Phases
Phase 1: Hub and spoke functionality
Phase 2: Spoke-to-spoke functionality
Phase 3: Architecture and scaling
DMVPN Phase 1 Benefits Simplified and Smaller Config’s for Hub and Spoke Zero touch provisioning for adding spokes to the VPN Easily supports dynamically addressed CPEs DMVPN Phase 2 Benefits Future Functionality On-demand spoke-to-spoke tunnels avoids dual encrypts/ decrypts Smaller spoke CPE can participate in the virtual full mesh

QUESTION 173
Policy-based routing allows network administrators to implement routing policies to allow or deny paths based on all of these factors except which one?

A.    End system
B.    Protocol
C.    Application
D.    Throughput

Answer: D
Explanation:
Policy-based routing (PBR) provides a mechanism for expressing and implementing forwarding/routing of data packets based on the policies defined by the network administrators. It provides a more flexible mechanism for routing packets through routers, complementing the existing mechanism provided by routing protocols.
Policy-based routing allows network administrators to determine and implement routing policies to allow or deny paths based on the following:
•    Identity of a particular end system
•    Application
•    Protocol
•    Size of packets

QUESTION 174
Two routers are connected by a serial link, and are configured to run EIGRP on all interfaces. You examine the EIGRP neighbor table on both routers (using the show ip eigrp neighbor command)
and see that the router connected over the serial link is listed as a neighbor for a certain amount of time, but is periodically removed from the neighbor table. None of the routes from the neighbor
ever seem to be learned, and the neighbor transmission statistics (SRTT, RTO, and Q Count)
seem to indicate that no packets are being transmitted between the neighbors. Which would most
likely cause this problem?

A.    While multicast packets are being successfully sent over the link, unicast packets are not
B.    There is a bug in the EIGRP code that needs to be fixed.
C.    This is correct behavior for the first few minutes of EIGRP neighbor formation. After four or five
cycles, it should straighten itself out and the neighbor
D.    The hello or hold intervals are set differently on the two routers.

Answer: A
Explanation:
EIGRP uses five packet types:
Hello/Acks
Updates
Queries
Replies
Requests
Hellos are multicast for neighbor discovery/recovery. They do not require acknowledgment. A hello with no data is also used as an acknowledgment (ack). Acks are always sent using a unicast address and contain a nonzero acknowledgment number.
Updates are used to convey reachability of destinations. When a new neighbor is discovered, update packets are sent so the neighbor can build up its topology table. In this case, update packets are unicast. In other cases, such as a link cost change, updates are multicast. Updates are always transmitted reliably. Queries and replies are sent when destinations go into Active state. Queries are always multicast unless they are sent in response to a received query. In this case, it is unicast back to the successor that originated the query. Replies are always sent in response to queries to indicate to the originator that it does not need to go into Active state because it has feasible successors. Replies are unicast to the originator of the query. Both queries and replies are transmitted reliably. Request packets are used to get specific information from one or more neighbors. Request packets are used in route server applications. They can be multicast or unicast. Requests are transmitted unreliably.

QUESTION 175
Which two steps below should you perform on the hub router while configuring EIGRP routing over
DMVPN (mGRE tunnel)? (Choose two.)

A.    Set the NHRP hold time to match the EIGRP hold time
B.    Add the enable eigrp stub command
C.    Add the disable eigrp as-member split-horizon command
D.    Add the disable eigrp as-member next-hop-self command

Answer: CD
Explanation:
To stop EIGRP from assign hub as the next hop for all routes if you don’t disable split horizon on the tunnel interface you will only see the routes the hub itself is responsible for from a spoke router. When configuring an EIGRP AS you use the tunnel network id as a network you want to participate on with EIGRP.

QUESTION 176
Area Border Router (ABR) is a router located on the border of one or more OSPF areas that
connect those areas to the backbone network. An ABR will inject a default route into which two
types of areas? (Choose two.)

A.    Area 0
B.    NSSA
C.    Totally stubby
D.    Stub

Answer: CD
Explanation:
Totally Stub Areas: These areas do not allow routes other than intra-area and the default routes to be propagated within the area. The ABR injects a default route into the area and all the routers belonging to this area use the default route to send any traffic outside the area. Stub Areas: These areas do not accept routes belonging to external autonomous systems (AS); however, these areas have inter-area and intra-area routes. In order to reach the outside networks, the routers in the stub area use a default route which is injected into the area by the Area Border Router (ABR). A stub area is typically configured in situations where the branch office need not know about all the routes to every other office, instead it could use a default route to the central office and get to other places from there. Hence the memory requirements of the leaf node routers is reduced, and so is the size of the OSPF database.

QUESTION 177
For the following protocols, which one provides a mechanism to transparently intercept and
redirect CIFS traffic from a client to a local Cisco Wida Area Application engine?

A.    Virtual Router Redundancy Protocol (VRRP)
B.    File Transport Protocol (FTP)
C.    Hot Standby Routing Protocol (HSRP)
D.    Web Cache Communication Protocol (WCCP)

Answer: D
Explanation:
Web Cache Control Protocol
Description
The Web Cache Control Protocol (WCCP) feature allows you to use a Cisco Cache Engine to handle web traffic, thus reducing transmission costs and downloading time. This traffic includes user requests to view pages and graphics on World Wide Web servers, whether internal or external to your network, and the replies to those requests. shows a sample WCCP network configuration. Figure 1 Sample Cisco Cache Engine Network Configuration

clip_image001
When a user (client) requests a page from a web server (located in the Internet, in this case), the router sends the request to a Cisco Cache Engine (Cache 1, Cache 2, or Cache 3). If the cache engine has a copy of the requested page in storage, the engine sends the user that page. Otherwise, the engine gets the requested page and the objects on that page from the web server, stores a copy of the page and its objects (caches them), and forwards the page and objects to the user. WCCP transparently redirects HTTP requests from the intended server to a Cisco Cache Engine. End users do not know that the page came from the cache engine rather than the originally requested web server. The Using the Cisco Cache Engine publication contains detailed information about the Cisco Cache Engine and discusses alternative network configurations.
http://www.cisco.com/en/US/docs/ios/11_2/feature/guide/wccp.html#wp2040

QUESTION 178
For the following items,what is the mathematical relationship between the committed information
rate (CIR), committed burst (Bc), and committed rate measurement interval (Tc)?

A.    CIR = TC / Bc
B.    CIR = Be / Tc
C.    Tc = CIR / Bc
D.    Tc = Bc / CIR

Answer: D
Explanation:
Terminologies: The term CIR refers to the traffic rate for a VC based on a business contract.
Tc is a static time interval, set by the shaper.
Committed burst (Bc) is the number of bits that can be sent in each Tc. Be is the excess burst size, in bits. This is the number of bits beyond Bc that can be sent after a period of inactivity.

QUESTION 179
When two bridges are competing for the root bridge of an IEEE 802.1D spanning tree and both
have the same bridge priority configured, which parameter determines the winner?

A.    highest-numbered IP interface
B.    MAC address
C.    device uptime
D.    root port cost

Answer: B
Explanation:
Select a root bridge. The root bridge of the spanning tree is the bridge with the smallest (lowest) bridge ID.
Each bridge has a unique identifier (ID) and a configurable priority number; the bridge ID contains both numbers. To compare two bridge IDs, the priority is compared first. If two bridges have equal priority, then the MAC addresses are compared. For example, if switches A (MAC=0200.0000.1111) and B (MAC=0200.0000.2222) both have a priority of 10, then switch A will be selected as the root bridge. If the network administrators would like switch B to become the root bridge, they must set its priority to be less than 10.
http://en.wikipedia.org/wiki/Spanning_tree_protocol

QUESTION 180
For the following ports, which port is on every bridge in a Spanning Tree Protocol IEEE 802.1w
network except the root bridge?

A.    root port
B.    backup port
C.    designated port
D.    alternate port

Answer: A
Explanation:
The root bridge does not have a root port as this is the port on all non-root bridges that is used to communicate with the root bridge. All ports on the root bridge are designed ports.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_configuration_example09186a00800 9467c.shtml#maintask1

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(161-170)!

QUESTION 161
As a network administrator, can you tell me what the root guard feature provides in a
bridgednetwork?

A.    It ensures that BPDUs sent by the root bridge are forwarded in a timely manner
B.    It enforces the root bridge placement in the network
C.    It ensures that all ports receiving BPDUs from the root bridge are in the forwarding state.
D.    It ensures that the bridge is elected as root bridge in the network.

Answer: B
Explanation:
Root Guard–Enabled per port; ignores any received superior BPDUs to prevent a switch connected to this port from becoming root. Upon receipt of superior BPDUs, this switch puts the port in a loop- inconsistent state, ceasing forwarding and receiving frames until the superior BPDUs cease. The STP topology can be changed based on one of these unexpected and undesired switches being added to the network. For instance, this newly added and unexpected switch might have the lowest bridge ID and become the root. To prevent such problems, BPDU Guard and Root Guard can be enabled on these access ports to monitor for incoming BPDUs.

QUESTION 162
If you have overlapping IP address between two different networks or routing domains, which two
commands are needed to globally configure NAT to get this to work?

A.    ip nat outside source static udp x.x.x.x y.y.y.y and ip nat inside source udp x.x.x.x y.y.y.y
B.    ip nat outside source static x.x.x.x y.y.y.y and ip nat inside source static x.x.x.x y.y.y.y
C.    ip nat outside source static tcp x.x.x.x y.y.y.y and ip nat outside source tcp x.x.x.x y.y.y.y
D.    ip nat outside source list 1 interface x and ip nat inside source list 1 interface x

Answer: B
Explanation:
IP nat outside source list
Translates the source of the IP packets that are traveling outside to inside. Translates the destination of the IP packets that are traveling inside to outside
IP nat inside source list Translates the source of IP packets that are traveling inside to outside. Translates the destination of the IP packets that are traveling outside to inside

QUESTION 163
Two directly connected routers, R1 and R2, are both configured for OSPF graceful restart. R2 is
able to switch packets in hardware, but R1 is not. If a network administrator logs on to R2 and
performs a system reload, which will be the result?

A.    Traffic forwarded from R2 to or through R1 will continue to be forwarded based on the forwarding
table state at the time of the reload. OSPF will
B.    R2 will continue to forward traffic to R1, but R1 will drop the traffic because its neighbor adjacency
with R2 has failed.
C.    R2 will continue forwarding traffic to and through R1, but R1 will drop this traffic because it is not
capable of maintaining its forwarding state
D.    All the traffic R2 is forwarding to or through R1 will be dropped while OSPF rebuilds its neighbor
adjacency and forwarding tables.

Answer: A

QUESTION 164
In which way can the IPv6 address of 2031:0000:130F:0000:0000:09C0:876A:130B be expressed
most efficiently?

A.    2031:0:130F:0:0:09C0:876A:130B
B.    2031::130F::9C0:876A:130B
C.    2031:0:130F::9C0:876A:130B
D.    2031:0:130F:0:0:9C0:876A:130B

Answer: C
Explanation:
IPv6 Addressing Notation
IP addresses change significantly with IPv6. IPv6 addresses are 16 bytes (128 bits) long rather than four bytes (32 bits). This larger size means that IPv6 supports more than 300,000,000,000,000,000,000,000,000,000,000,000,000 possible addresses! As an increasing number of cell phones and other consumer electronics expand their networking capability and require their own addresses, the smaller IPv4 address space will eventually run out and IPv6 become mandatory.
IPv6 addresses are generally written in the following form:
hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh:hhhh
In this full notation, pairs of IPv6 bytes are separated by a colon and each byte in turns is represented as a pair of hexadecimal numbers, like in the following example:
E3D7:0000:0000:0000:51F4:9BC8:C0A8:6420
As shown above, IPv6 addresses commonly contain many bytes with a zero value. Shorthand notation in IPv6 removes these values from the text representation (though the bytes are still present in the actual network address) as follows:
E3D7::51F4:9BC8:C0A8:6420
Finally, many IPv6 addresses are extensions of IPv4 addresses. In these cases, the rightmost four bytes of an IPv6 address (the rightmost two byte pairs) may be rewritten in the IPv4 notation. Converting the above example to mixed notation yields E3D7::51F4:9BC8:192.168.100.32 IPv6 addresses may be written in any of the full, shorthand or mixed notation illustrated above.
http://compnetworking.about.com/od/tcpiptutorials/a/ipaddrnotation.htm

QUESTION 165
Internet Protocol version 6 (IPv6) is the next-generation Internet Layer protocol for
packet-switched internetworks and the Internet. IPv6 router solicitation is:

A.    A request made by a node for the IP address of the local router
B.    A request made by a node to join a specified multicast group
C.    A request made by a node for a DHCP provided IP address
D.    A request made by a node for the IP address of the DHCP server

Answer: A
Explanation:
In cases when the host (computer or server) needs to prompt an immediate router advertisement, it sends what is called as a Router Solicitation. Examples of this include commands for re-booting or re- starting a running computer. The system is alerted through router solicitation. Router solicitation messages belong to the ICMPv6 set of messages, specific to the IPv6 protocol. They are identified by a Next Header value “x’3A and decimal 58. An IPv6 router solicitation is closely associated to the Neighbor Discovery (ND) function of the IPv6. Under this, the hosts or routers obtain or discover the link-layer addresses for elements that reside on attached links (neighbor) and to cleansed or purge spaces with cached values that are no longer functioning.

» Read more

2014 Latest Cisco 350-001 Dump Free Download(151-160)!

QUESTION 151
Multi Protocol Label Switching (MPLS) is a data-carrying mechanism that belongs to the family of packet-switched networks. For an MPLS label, if the stack bit is set to1, which option is true?

A.    The stack bit will only be used when LDP is the label distribution protocol
B.    The label is the last entry in the label stack.
C.    The stack bit is for Cisco implementations exclusively and will only be used when TDP is the label
distribution protocol.
D.    The stack bit is reserved for future use.

Answer: B
Explanation:
Graceful Restart Router Operation
Graceful Restart Initiation
The restarting router becomes aware that it should start the graceful restart process when the network administrator issues the appropriate command or when an RP reloads and forces and Redundancy Facility (RF) switchover. The length of the grace period can be set by the network administrator or calculated by the OSPF software of the restarting router. In order to prevent the LSAs from the restarting router from aging out, the grace period should no t exceed an LSA refresh time of 1800 seconds. In preparation for graceful restart, the restarting router must perform the following action before its software can be reloaded: The restarting router must ensure that its forwarding table is updated and will remain in place during the restart. No OSPF shutdown procedures are performed since neighbor routers must act as if the restarting router is still in service. The OSPF software is reloaded on the router (it undergoes graceful restart). OSPF Processes during Graceful Restart After the router has reloaded; it must modify its OSPF processes until it reestablishes full adjacencies with all former fully adjacent OSPF neighbors. During graceful restart, the restarting router modifies its OSPF processes in the following ways:
The restarting router does not originate LSAs with LS types 1, 5, or 7 so that the other routers in the OSPF domain will use the LSAs that the restarting router had originated prior to reloading. The router does not modify or flush any self-originated LSAs. The restarting router runs its OSPF routing calculations in order to return any OSPF virtual links to operation.
However, the restarting router does not install OSPF routes into the system’s forwarding table, and the router relies on the forwarding entries that it had installed prior to undergoing the graceful restart process. If the restarting router determines that is was the Designated Router on a given segment prior to the graceful restart, it will reelect itself.
Graceful Restart Process Exit
The restarting router exits the graceful restart process when one of the following events occur:
The router has reestablished all adjacencies. The graceful restart was successful. The router receives an LSA that is inconsistent with an LSA from the same router prior to the graceful restart. The inconsistency can be mean either that the router does not support the graceful restart feature or that the router has terminated its helper mode for some reason. The graceful restart was unsuccessful. The grace period has expired. The graceful restart was not successful. Once the restarting router has completed the graceful restart process, it returns to normal OSPF operation, reoriginating LSAs based on the current state of the router and updating its forwarding tables based on current link-state database contents. At this time, it flushes the grace-lsa’s that it had originated during the initiation of the graceful restart process.

QUESTION 152
You work as a network engineer for the company, you want to configure two BGP speakers to
form an EBGP session across a firewall. On the engineer’s network, the firewall always permits
TCP sessions that are initiated from the inside network (the network attached to the inside
interface of the firewall). What prerequisite is there for enabling BGP to run on this network?

A.    EBGP multihop will need to be configured for this to work.
B.    This should work with normal BGP peering, with no additional configuration on the BGP speakers
or the firewall.
C.    The BGP protocol port must be opened on the firewall
D.    There is no way to make BGP work across a firewall.

Answer: C
Explanation:
If TCP Port 179 is open for BGP than eBGP multihop must also be enabled Because BGP uses unicast TCP packets on port 179 to communicate with its peers, you can configure PIX1 and PIX2 to allow unicast traffic on TCP port 179. This way, BGP peering can be established between the routers that are connected through the firewall. Redundancy and the desired routing policies can be achieved through the manipulation of the BGP attributes.
The neighbor ebgp-multihop command enables BGP to override the default one hop eBGP limit because it changes the Time to Live (TTL) of eBGP packets from the default value of 1
ASA/PIX: BGP through ASA Configuration Example
http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009487d.
shtml

QUESTION 153
For the following LMI types, which three can be configured for use with Frame Relay on a Cisco
router? (Choose three.)

A.    Cisco
B.    ANSI – Annex D
C.    Q.931 – Annex B
D.    Q.933 – Annex A

Answer: ABD
Explanation:
ANSI-617d (ANSI or annex D) LMI type, DLCI 0
: Serial1(in): Status, myseq 3
: RT IE 1, length 1, type 0
: KA IE 3, length 2, yourseq 4 , myseq 3
: PVC IE 0? , length 0? , dlci 100, status 0?
: PVC IE 0? , length 0? , dlci 200, status 0?
Q933a (CCITT or annex A) LMI type, DLCI 0
: Serial1(in): Status, myseq 1
: RT IE 51, length 1, type 0
: KA IE 53, length 2, yourseq 2 , myseq 1
: PVC IE 0?7, length 0? , dlci 100, status 0?
: PVC IE 0?7, length 0? , dlci 200, status 0?
Cisco LMI type, DLCI 1023
: Serial1(in): Status, myseq 68
: RT IE 1, length 1, type 0
: KA IE 3, length 2, yourseq 68, myseq 68
: PVC IE 0? , length 0? , dlci 100, status 0? , bw 0 : PVC IE 0? , length 0? , dlci 200, status 0? , bw 0

QUESTION 154
A user has no network connectivity. A check of the associated port indicates that the interface is up, the line protocol is down. Which item would most likely cause this problem?

A.    Speed mismatch
B.    Incorrect encapsulation
C.    MTU set too low
D.    Duplex mismatch

Answer: A
Explanation:
If there is duplex mismatch, there will be connectivity, but there will be errors and late collisions. Incorrect encapsulation – This is a user connectivity, so it is an ethernet connection, no encapsulation configuration.
If MTU is different on each device or too low, there might problems in data transfer but the line protocol will not go down

QUESTION 155
Which three statements are true about Source Specific Multicast? (Choose three.)

A.    Is best suited for applications that are in the one-to-many category.
B.    SSM uses shortest path trees only.
C.    The use of SSM is recommended when there are many sources and it is desirable to keep the
amount of mroute state in the routers in the network to a
D.    There are no RPs to worry about

Answer: ABD
Explanation:
The Source Specific Multicast feature is an extension of IP multicast where datagram traffic is forwarded to receivers from only those multicast sources to which the receivers have explicitly joined. For multicast groups configured for SSM, only source-specific multicast distribution trees (no shared trees) are created.
The current IP multicast infrastructure in the Internet and many enterprise intranets is based on the PIM- SM protocol and Multicast Source Discovery Protocol (MSDP). These protocols have proven to be reliable, extensive, and efficient. However, they are bound to the complexity and functionality limitations of the Internet Standard Multicast (ISM) service model. For example, with ISM, the network must maintain knowledge about which hosts in the network are actively sending multicast traffic. With SSM, this information is provided by receivers through the source address(es) relayed to the last hop routers by IGMP v3lite or URD. SSM is an incremental response to the issues associated with ISM and is intended to coexist in the network with the protocols developed for ISM. In general, SSM provides a more advantageous IP multicast service for applications that utilize SSM.
ISM service is described in RFC 1112. This service consists of the delivery of IP datagrams from any source to a group of receivers called the multicast host group. The datagram traffic for the multicast host group consists of datagrams with an arbitrary IP unicast source address S and the multicast group address G as the IP destination address. Systems will receive this traffic by becoming members of the host group. Membership to a host group simply requires signalling the host group through IGMP Version 1, 2, or 3. In SSM, delivery of datagrams is based on (S, G) channels. Traffic for one (S, G) channel consists of datagrams with an IP unicast source address S and the multicast group address G as the IP destination address. Systems will receive this traffic by becoming members of the (S, G) channel. In both SSM and ISM, no signalling is required to become a source. However, in SSM, receivers must subscribe or unsubscribe to (S, G) channels to receive or not receive traffic from specific sources. In other words, receivers can receive traffic only from (S, G) channels that they are subscribed to, whereas in ISM, receivers need not know the IP addresses of sources from which they receive their traffic. The proposed standard approach for channel subscription signalling utilizes IGMP INCLUDE mode membership reports, which are only supported in Version 3 of IGMP. SSM can coexist with the ISM service by applying the SSM delivery model to a configured subset of the IP multicast group address range. The Internet Assigned Numbers Authority (IANA) has reserved the address range 232.0.0.0 through 232.255.255.255 for SSM applications and protocols. Cisco IOS software allows SSM configuration for an arbitrary subset of the IP multicast address range 224.0.0.0 through 239.255.255.255.
When an SSM range is defined, existing IP multicast receiver applications will not receive any traffic when they try to use addresses in the SSM range (unless the application is modified to use explicit (S, G) channel subscription or is SSM enabled through URD).

QUESTION 156
Which is the result of enabling IP Source Guard on an untrusted switch port that does not have
DHCP snooping enabled?

A.    DHCP requests will be switched in the software, which may result in lengthy response times.
B.    The switch will run out of ACL hardware resources.
C.    All DHCP requests will pass through the switch untested.
D.    The DHCP server reply will be dropped and the client will not be able to obtain an IP address.

Answer: D
Explanation:
DHCP snooping is a feature that provides network security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding database. DHCP snooping acts like a firewall between untrusted hosts and DHCP servers. DHCP snooping allows all DHCP messages on trusted ports, but it filters DHCP messages on untrusted ports. Cisco switches can use DHCP snooping feature to mitigate this type of attack. When DHCP snooping is enabled, switch ports are classified as trusted or untrusted. Trusted ports are allowed to send all types of DHCP messages while untrusted ports can send only DHCP requests. If a DHCP reply is seen on an untrusted port, the port is shut down.
By default, if you enable IP source guard without any DHCP snooping bindings on the port, a default port access-list (PACL) that denies all IP traffic expect the DHCP Request (DHCP Discover) is installed on the port. Therefore the DHCP Server can hear the DHCP Request from the Client but its reply is filtered by the switch and the client can’t obtain an IP address -> D is correct. Some useful information about DHCP snooping & IP Source Guard:
When enabled along with DHCP snooping, IP Source Guard checks both the source IP and source MAC addresses against the DHCP snooping binding database (or a static IP source entry). If the entries do not match, the frame is filtered. For example, assume that theshow ip dhcp snooping binding command displays the following binding table entry:
MacAddress IpAddress LeaseSec Type VLAN Interface
01:25:4A:5E:6D:25 10.0.0.20 6943 dhcp- 2 FastEthernet0/1 snooping
If the switch receives an IP packet with an IP address of 10.0.0.20, IP Source Guard forwards the packet only if the MAC address of the packet is 01:25:4A:5E:6D:25.

QUESTION 157
On the basis of the definitions of different services in various RFCs, traffic with Expedited
Forwarding per-hop behavior should be marked as which of these?

A.    IP ToS of 0xEF
B.    IP experimental ECN
C.    DSCP decimal 5
D.    Binary value of 101110

Answer: D
Explanation:
The assured forwarding (AF) model is used to provide priority values to different data applications. The Expedited Forwarding (EF) model is used to provide resources to latency (delay) sensitive real- time, interactive traffic. The EF model uses one marking — DSCP 46. DSCP 46 is backward compatible with an IP Precedence value of 5 as seen in the following binary pattern:
101110 = DSCP 46
The EF marking of 46 does NOT follow the drop preference rules of the assured forwarding model.
Please do
NOT think that the 11 means high drop preference. The EF model is used for voice over IP media traffic (RTP) by default in most vendors phones. Cisco IP Phones mark signaling packets (SCCP or SIP) to CS3 (24), while media (RTP) is marked to EF (DSCP 46) by default. All EF traffic is normally mapped to the priority queue (PQ) on Cisco switches and routers. The priority queue guarantees three critical services:
Packet Loss
Delay
Jitter (delay variation)
The three most significant bits of 101 are only considered if IP Precedence was being used. The binary digits of 4 2 1 are used to factor the 101 binary pattern when only three digits are under consideration. The DSCP binary pattern of 101110 (46) uses six digits or binary values-32 16 8 4 2 1. It is good to know how to convert a DSCP decimal value to an entire ToS octet (byte) values as well. The ToS byte uses all eight bits, while the DSCP is only using the leading six digits. The EF pattern discussed above will become 10111000 when considering the entire octet. Notice the two least significant zeros that were added to the 101110 binary pattern. Many network management utilities will only allow administrators to configure or display the entire ToS byte. A ping V from a Microsoft operating system requires setting the entire ToS byte. An extended ping from a Cisco router will also allow administrators to see the entire ToS byte. Sniffer Pro LAN and Wire Shark sniffers show the entire ToS field as well. IP accounting shows the entire ToS byte, while Netflow shows the ToS byte in hexadecimal format. The ToS byte value for EF is as follows:
128 64 32 16 8 4 2 1
1 0 1 1 1 0 0 0
A DSCP value of 46 results in a ToS byte value of 184. Although you can mark a ping with a ToS value of 184, the ICMP (ping) traffic will probably not be mapped to the proper application class. In the next blog, we will learn QoS models for using markings for different application classes.

QUESTION 158
Prior to 802.1w, Cisco implemented a number of proprietary enhancements to 802.1D to improve
convergence in a Layer 2 network. Which statement is correct?

A.    Only UplinkFast and BackboneFast are specified in 802.1w; PortFast must be manually
configured.
B.    Only PortFast is specified in 802.1w; UplinkFast and BackboneFast must be manually configured.
C.    None of the proprietary Cisco enhancements are specified in 802.1w.
D.    PortFast, UplinkFast, and BackboneFast are specified in 802.1w.

Answer: D
Explanation:
Spanning-tree PortFast causes a spanning-tree port to enter the forwarding state immediately, bypassing the listening and learning states. You can use PortFast on switch ports connected to a single workstation or server to allow those devices to connect to the network immediately, rather than waiting for spanning tree to converge.
UplinkFast provides fast convergence after a spanning-tree topology change and achieves load balancing between redundant links using uplink groups. An uplink group is a set of ports (per VLAN), only one of which is forwarding at any given time. Specifically, an uplink group consists of the root port (which is forwarding) and a set of blocked ports, except for self-looping ports. The uplink group provides an alternate path in case the currently forwarding link fails. BackboneFast is initiated when a root port or blocked port on a switch receives inferior BPDUs from its designated bridge. An inferior BPDU identifies one switch as both the root bridge and the
designated bridge. When a switch receives an inferior BPDU, it indicates that a link to which the switch is not directly connected (an indirect link) has failed (that is, the designated bridge has lost its connection to the root bridge). Under normal spanning-tree rules, the switch ignores inferior BPDUs for the configured maximum aging time, as specified by the aging time variable of the “set spantree MaxAge” command. The switch tries to determine if it has an alternate path to the root bridge. If the inferior BPDU arrives on a blocked port, the root port and other blocked ports on the switch become alternate paths to the root bridge. (Self-looped ports are not considered alternate paths to the root bridge.) If the inferior BPDU arrives on the root port, all blocked ports become alternate paths to the root bridge. If the inferior BPDU arrives on the root port and there are no blocked ports, the switch assumes that it has lost connectivity to the root bridge, causes the maximum aging time on the root to expire, and becomes the root switch according to normal spanning-tree rules. If the switch has alternate paths to the root bridge, it uses these alternate paths to transmit a new kind of PDU called the Root Link Query PDU. The switch sends the Root Link Query PDU out all alternate paths to the root bridge. If the switch determines that it still has an alternate path to the root, it causes the maximum aging time on the ports on which it received the inferior BPDU to expire. If all the alternate paths to the root bridge indicate that the switch has lost connectivity to the root bridge, the switch causes the maximum aging times on the ports on which it received an inferior BPDU to expire. If one or more alternate paths can still connect to the root bridge, the switch makes all ports on which it received an inferior BPDU its designated ports and moves them out of the blocking state (if they were in blocking state), through the listening and learning states, and into the forwarding state.

QUESTION 159
In Frame Relay, FECN messages indicating congestion are sent or received by which of
following?

A.    Sent by the destination
B.    Received by the sender
C.    Received by the destination
D.    Sent by the sender

Answer: C

QUESTION 160
Which statement is correct in reference to IPv6 multicast?

A.    IPv6 multicast uses Multicast Listener Discovery.
B.    The first 8 bits of an IPv6 multicast address are always FF (1111 1111).
C.    IPv6 multicast requires MSDP.
D.    PIM dense mode is not part of IPv6 multicast.

Answer: A

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(141-150)!

QUESTION 141
Router 1 is configured for BGP as dual-homed on the Cisco network. Which three BGP attributes
are carried in every BGP update on this router (both IBGP and EBGP)? (Choose three.)

A.    origin
B.    router-ID
C.    AS-path
D.    local-preference
E.    next-hop

Answer: ACE
Explanation:
There are basically two major types of attribute:
Well Known.
Optional
Well Known:
Well known attributes are must be recognized by each compliant of BGP implementations. Well known attributes are propagated to other neighbors also. Further divided into:
1. Mandatory: It is BGP well known attributes. Mandatory attributes are must be present in all update message passed between BGP peers. It is present in route description. Must be supported and propagated.
2. Discretionary: It is BGP well known attributes. Discretionary attributes may be present on update message.
Must be supported; propagation optional.
Optional:
Optional attributes are recognized by some implementation of BGP & expected that not recognized by everyone. Optional attributes are propagated to their neighbors based on the meanings.
Further divided into:
1. Transitive: Optional transitive attributes don’t have to be supported, but must be passed onto peers. Marked as partial if unsupported by neighbor
2. Non Transitive: Optional non-transitive attributes don’t have to be supported, and can be ignored.
Deleted if unsupported by neighbor
BGP attributes:
1. Weight (Attribute Type Mandatory):
Weight is a Cisco-defined attribute that is local to a router. The weight attribute is not advertised to neighboring routers. If the router learns about more than one route to the same destination, the route with the highest weight is preferred.
2. Local preference (Attribute Type Discretionary):
The local preference attribute is used to prefer an exit point from the local autonomous system. Unlike the weight attribute, the local preference attribute is propagated throughout the local AS. If there are multiple exit points from the AS, the local preference attribute is used to select the exit point for a specific route.
3. AS path (Attribute Type Mandatory):
When a route advertisement passes through an autonomous system, the AS number is added to an ordered list of AS numbers that the route advertisement has traversed.
4. Origin:
The origin attribute indicates how BGP learned about a particular route. The origin attribute can have one of three possible values:
a. IGP The route is interior to the originating AS. This value is set when the network router configuration command is used to inject the route into BGP. b. EGP -The route is learned via the Exterior Gateway Protocol (EGP).
c. Incomplete
The origin of the route is unknown or is learned some other way. An origin of Incomplete occurs when a route is redistributed into BGP.
5. Multi-exit discriminator (Attribute Type – Non Transitive):
The multi-exit discriminator (MED) or metric attribute is used as a suggestion to an external AS regarding the preferred route into the AS that is advertising the metric.
6. Next-hop (Attribute Type Mandatory):
The EBGP next-hop attribute is the IP address that is used to reach the advertising router. For EBGP peers, the next-hop address is the IP address of the connection between the peers.
7. Community (Attribute Type – Transitive):
The community attribute provides a way of grouping destinations, called communities, to which routing decisions (such as acceptance, preference, and redistribution) can be applied. Route maps are used to set the community attribute. The predefined community attributes are as follows:
a. No-export: Do not advertise this route to EBGP peers. b. No-advertise: Do not advertise this route to any peer. c. Internet: Advertise this route to the Internet community; all routers in the network belong to it.
8. Atomic Aggregate (Attribute Type – Discretionary):
Notes that route summarization has been performed.
9. Aggregator (Attribute Type – Transitive):
Identifies the router and AS where summarization was performed.
10. Originator ID (Attribute Type – Non Transitive): Identifies a route reflector.
11. Cluster List (Attribute Type – Non Transitive):
Records the route reflector clusters the route has traversed.

QUESTION 142
In your Cisco EIGRP network, you notice that the neighbor relationship between two of your
routers was recently restarted. Which two of these choices could have made this occur? (Choose
two.)

A.    An update packet with init flag set from a known, already established neighbor relationship was
received by one of the routers.
B.    The ARP cache was cleared.
C.    The counters were cleared.
D.    The IP EIGRP neighbor relationship was cleared manually.

Answer: AD
Explanation:
The following are the most common causes of problems with EIGRP neighbor relationships:
Unidirectional link
Uncommon subnet, primary, and secondary address mismatch Mismatched masks
K value mismatches
Mismatched AS numbers
Stuck in active
Layer 2 problem
Access list denying multicast packets
Manual change (summary router, metric change, route filter) According till Ivan Pepelnjak’s book “EIGRP Network Design Solutions” the Init flag is set in the initial update packet when to neighbors discover each other and start their initial topology table exchange. There are two basic purposes for the Init flag. First, it’s a part of the three way handshake that eigrp uses when building an adjacency.
5. Router B comes up on a wire.
6. Router A receives Router B’s hello, and places it in “pending” state. This is a not completely formed adjacency; as long as B is in this state, A won’t send any routing information to it.
7. Router A sends an empty unicast update with the Init bit set.
8. Router B receives this update with the Init bit set, and places Router A in the “pending” state.
9. Router B now transmits an empty update with the Init bit set, unicast, to A. This empty update also contains the acknowledgement for Router A’s Init update (that this ack is piggybacked is an integral part of the three way handshake process).
10.Router A, on receiving this Init update, places Router B in the “neighbor” state, and sends an acknowledgement for the Init update from Router B.
11.Router B receives this ack, and places A in “neighbor” state. The two routers can now exchange routing information, knowing they have full two way connectivity between them. The second use of the Init bit is more esoteric. Suppose you have Routers A and B, running along fine, for many hours. Router A reloads, but comes back up before Router B’s hold timer has expired. When Router B sees A’s hellos, it will assume that A just missed a couple, and everything is fine. But everything isn’t fine-A just lost all of its routing information! How can A signal this state, and as B to resynchronize? A can send an empty update, with the Init bit set. This causes Router B to place A in the “pending” state, and wipe out all the information it’s learned from A (unless, of course, graceful restart is configured/etc.).

QUESTION 143
Your Cisco network currently runs OSPF and you have a need to policy-route some specific traffic, regardless of what the routing table shows. Which one of these options would enable you to
policy-route the traffic?

A.    source IP address and the protocol (such as SSL, HTTPS, SSH)
B.    the packet Time to Live and the source IP address
C.    type of service header and DSCP value
D.    destination IP address

Answer: A
Explanation:
Policy-based routing (PBR) provides a mechanism for expressing and implementing forwarding/routing of data packets based on the policies defined by the network administrators. It provides a more flexible mechanism for routing packets through routers, complementing the existing mechanism provided by routing protocols. Routers forward packets to the destination addresses based on information from static routes or dynamic routing protocols such as Routing Information Protocol (RIP), Open Shortest Path First (OSPF), or Enhanced Interior Gateway Routing Protocol (Enhanced IGRP). Instead of routing by the destination address, policybased routing allows network administrators to determine and implement routing policies to allow or deny paths based on the following:
Identity of a particular end system
Application
Protocol
Size of packets

QUESTION 144
You use OSPF as your network routing protocol. You use the command show ip route and you
see several routes described as O, O IA, O E1, and O E2. What routes are in your area?

A.    O IA
B.    O E1
C.    O E2
D.    O

Answer: D
Explanation:
Depending on the point where a network is sourced, there are various types of routes that could be present in an OSPF domain. When there are multiple routes to a particular network in a OSPF domain, the type of the route influences the route that is selected and installed by the router in the routing table. In OSPF, routes that are learned by a router from OSPF sources within the same area are known as intra-area routes. Routes that originate from an OSPF router in a different area are considered as inter-area routes. Certain networks could belong to a domain outside OSPF, which could then be redistributed into the OSPF by an Autonomous System Boundary Router (ASBR). Such routes are considered external routes. They can be further divided into external type-1 or external type-2 routes, depending on how they are advertised while being redistributing on the ASBR. The difference between these two types is the way in which the metric for the route is calculated.
OSPF-running routers use these criteria to select the best route to be installed in the routing table:
1. Intra-area routes.
2. Inter-area routes.
3. External Type-1 routes.
4. External Type-2 routes.
a. If there are multiple routes to a network with the same route type, the OSPF metric calculated as cost based on the bandwidth is used for selecting the best route. The route with the lowest value for cost is chosen as the best route.
b. If there are multiple routes to a network with the same route type and cost, it chooses all the routes to be installed in the routing table, and the router does equal cost load balancing across multiple paths.

QUESTION 145
What are the mandatory, well-known BGP attributes?

A.    origin, AS-path, next-hop
B.    AS-path, origin, MED
C.    AS-path, origin, weight
D.    AS-path, weight, MED

Answer: A
Explanation:
BGP Path Attributes
Mandatory Well-Known Attributes
Origin: Specifies the router’s origin
IGP
EGP
Unknown — Route was redistributed
AS-Path: Sequence of AS numbers through which the route is accessible Next-Hop: IP address of the next-hop router
Discretionary Well-Known Attributes
Local P
Used for consistent routing policy with an AS
Atomic Aggregate: Informs the neighbor AS that the originating router aggregated routes Nontransitive Attributes
Multiexit Discriminator: Used to discriminate between multiple entry points into an AS Transitive Attributes
Aggregator: IP address and AS of the router that performed aggregation Community: Used for route tagging

QUESTION 146
Network A has a spanning-tree problem in which the traffic is selecting a longer path. How is the path cost calculated?

A.    number of hops
B.    priority of the bridge
C.    interface bandwidth
D.    interface delay
E.    None of the above

Answer: C
Explanation:
STP Path Cost Automatically Changes When a Port Speed/Duplex Is Changed STP calculates the path cost based on the media speed (bandwidth) of the links between switches and the port cost of each port forwarding frame. Spanning tree selects the root port based on the path cost. The port with the lowest path cost to the root bridge becomes the root port. The root port is always in the forwarding state.
If the speed/duplex of the port is changed, spanning tree recalculates the path cost automatically. A change in the path cost can change the spanning tree topology.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_configuration_example09186a00800 9467c.shtml

QUESTION 147
You deployed new fibers in your network to replace copper spans that were too long. While
reconnecting the network, you experienced network problems because you reconnected wrong
fibers to wrong ports. What could you do to prevent this type of problem in the future, particularly when connecting and reconnecting fiber pairs?

A.    Only use fiber in pairs.
B.    Configure root guard on your switches.
C.    Do not use fiber but use copper.
D.    Configure UDLD to prevent one-way link conditions.

Answer: D
Explanation:
UDLD is a Layer 2 protocol that enables devices connected through fiber-optic or twisted-pair Ethernet cables to monitor the physical configuration of the cables and detect when a unidirectional link exists. All connected devices must support UDLD for the protocol to successfully identify and disable unidirectional links. When UDLD detects a unidirectional link, it administratively shuts down the affected port and alerts you. Unidirectional links can cause a variety of problems, including spanning-tree topology loops.
http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_19_ea1/confi guration/guide/swudld.html#wp1020819

QUESTION 148
While deploying a new switch, you accidently connect ports 3/12 and 3/18 together, creating a
loop. STP detected it and placed port 3/18 in blocking mode. Why did STP not place port 3/12 in
blocking mode instead?

A.    Port 3/12 was already up and forwarding before the loop was created.
B.    Port priority is based on lowest priority and lowest port number.
C.    You connected the wire on port 3/18 last.
D.    None of the above, it is purely random.

Answer: B
Explanation:
Spanning-tree select the port, by first calculating the cost (which depends on the bandwidth) then the port priority which is based on the lowest priority (in case configured) and the lowest port number.

QUESTION 149
What keywords do you need to the access-list to provide to the logging message like source
address and source mac address?

A.    Log
B.    Log-input
C.    Log-output
D.    Logging

Answer: B
Explanation:
The log-input keyword exists in Cisco IOS Software Release 11.2 and later, and in certain Cisco IOS Software
Release 11.1 based software created specifically for the service provider market. Older software does not support this keyword. Use of this keyword includes the input interface and source MAC address where applicable.
http://www.cisco.com/web/about/security/intelligence/acl-logging.html

QUESTION 150
The OSPF RFC 3623 Graceful Restart feature allows you to configure IETF NSF in ultivendor
networks. When using OSPF Graceful Restart, which mechanism is used tocontinue forwarding
packets during a switchover?

A.    Reverse Path Forwarding
B.    Hardware-based forwarding
C.    UDP forwarding
D.    Layer 2 Forwarding

Answer: B

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(131-140)!

QUESTION 131
Which two of these elements need to be configured prior to enabling SSH? (Choose two.)

A.    hostname
B.    loopback address
C.    default gateway
D.    domain name
E.    SSH peer address

Answer: AD
Explanation:
To enable Secure Shell (SSHv2) version 2 (disable version 1) on a Cisco router an IOS with 3des encryption is required. When there is no SSH version configured, version 1 and 2 will be supported both.
Follow the next steps to enable SSH:
1. Configure the hostname command.
2. Configure the DNS domain.
3. Generate RSA key to be used.
4. Enable SSH transport support for the virtual type terminal (vty) Example SSH version 2 configuration:
hostname ssh-router
aaa new-model
username cisco password cisco
ip domain-name routers.local
!
Specifies which RSA keypair to use for SSH usage.
ip ssh rsa keypair-name sshkeys
!
Enables the SSH server for local and remote authentication on the router.
!
For SSH Version 2, the modulus size must be at least 768 bits. crypto key generate rsa usage-keys label
sshkeys modulus 768 !
Configures SSH control variables on your router.
ip ssh timeout 120
!
configure SSH version 2 (will disable SSH version 1)
ip ssh version 2
!
disable Telnet and enable SSH
line vty 0 4
transport input SSH
Commands to verify SSH configuration:
show ssh
show ip ssh
debug ip ssh

QUESTION 132
What is an important consideration that should be taken into account when configuring shaped
round robin?

A.    It enables policing.
B.    Strict priority is not supported.
C.    WRED must be previously enabled.
D.    It enables WRR.

Answer: B
Explanation:
First we need to understand how round robin algorithm works. The round robin uses multiple queues and dispatches one packet from each queue in each round with no prioritization. For example, it dispatches:
Dispatch one packet from Queue 1
Dispatch one packet from Queue 2
Dispatch one packet from Queue 3
Repeat from Queue 1
There are three implementations of Round Robin scheduling on the Catalyst 6500 and they include Weighted Round Robin (WRR), Deficit Weighted Round Robin (DWRR) and Shaped Round Robin (SRR).
The Weighted Round Robin allows prioritization, meaning that it assigns a “weight” to each queue and dispatches packets from each queue proportionally to an assigned weight. For example:
Dispatch 3 packets from Queue 1 (Weight 3)
Dispatch 2 packets from Queue 2 (Weight 2)
Dispatch 1 packet from Queue 1 (Weight 1)
Repeat from Queue 1 (dispatch 3 next packets)
Unlike Priority Queuing, which always empties the first queue before going to the next queue, this kind of queue prevents starvation of other applications such as if a large download is in progress. The Weighted Round Robin can be used with Strict Priority by setting its weight to 0. That means
packets in the other queues will not be serviced until queue 4 is emptied. The problem of WRR is the router is allowed to send the entire packet even if the sum of all bytes is more than the threshold and can make other applications starved. The Deficit Round Robin solves problem of WRR by keeping track of the number of “extra” bytes dispatched in each round ?the “deficit” and then add the “deficit” to the number of bytes dispatched in the next round. Shaped Round Robin (SRR) is scheduling service for specifying the rate at which packets are dequeued. With SRR there are two modes, shaped and shared. Shaped mode is only available on the egress queues. Shaped egress queues reserve a set of port bandwidth and then send evenly spaced packets as per the reservation. Shared egress queues are also guaranteed a configured share of bandwidth, but do not reserve the bandwidth. That is, in shared mode, if a higher priority queue is empty, instead of the servicer waiting for that reserved bandwidth to expire, the lower priority queue can take the unused bandwidth. Neither shaped SRR nor shared SRR is better than the other. Shared SRR is used to get the maximum efficiency out of a queuing system, because unused time slots can be reused by queues with excess traffic. This is not possible in a standard Weighted Round Robin. Shaped SRR is used to shape a queue or set a hard limit on how much bandwidth a queue can use. When you use shaped SRR, you can shape queues within a port’s overall shaped rate.
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps7078/prod_qas0900aecd805bacc 7.html

QUESTION 133
Which of the following is the encryption algorithm used for priv option when using SNMPv3?

A.    HMAC-SHA
B.    HMAC-MD5
C.    CBC-DES
D.    AES
E.    3DES

Answer: C
Explanation:
SNMPv3
Feature Summary
Simple Network Management Protocol Version 3 (SNMPv3) is an interoperable standards-based protocol for network management. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network. The security features provided in SNMPv3 are:
Message integrity–Ensuring that a packet has not been tampered with in-transit. Authentication–Determining the message is from a valid source. Encryption–Scrambling the contents of a packet prevent it from being seen by an unauthorized source.
SNMPv3 provides for both security models and security levels. A security model is an authentication strategy that is set up for a user and the group in which the user resides. A security level is the permitted level of security within a security model. A combination of a security model and a security level will determine which security mechanism is employed when handling an SNMP packet. Three security models are available:
SNMPv1, SNMPv2c, and SNMPv3. Table 1 identifies what the combinations of security models and levels mean:
Table 1 SNMP Security Models and Levels

clip_image001
http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html#wp4363 http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html http://www.cisco.com/en/US/docs/ios/12_4t/12_4t2/snmpv3ae.html

QUESTION 134
Which RMON group stores statistics for conversations between sets of two addresses?

A.    hostTopN
B.    matrix
C.    statistics
D.    history
E.    packet capture
F.    host

Answer: B
Explanation:
RMON tables can be created for buffer capture, filter, hosts, and matrix information. The buffer capture table details a list of packets captured off of a channel or a logical data or events stream. The filter table details a list of packet filter entries that screen packets for specified conditions as they travel between interfaces. The hosts table details a list of host entries. The matrix table details a list of traffic matrix entries indexed by source and destination MAC addresses.

QUESTION 135
Which of the following describes the appropriate port assignment and message exchange in a
standard TFTP transaction?

A.    Server: 10.0.0.1:69 RRQ/WRQ Sent
Client: 10.0.0.2:1888 RRQ/WRQ Received
B.    Server: 10.0.0.1:1888 RRQ/WRQ Received
Client: 10.0.0.2:69 RRQ/WRQ Received
C.    Server: 10.0.0.1:69 RRQ/WRQ Received
Client: 10.0.0.2:69 RRQ/WRQ Sent
D.    Server: 10.0.0.1:69 RRQ/WRQ Received
Client: 10.0.0.2:1888 RRQ/WRQ Sent
E.    Server: 10.0.0.1:1888 RRQ/WRQ Sent
Client: 10.0.0.2:69 RRQ/WRQ Sent
F.    Server: 10.0.0.1:1888 RRQ/WRQ Received
Client: 10.0.0.2:69 RRQ/WRQ Sent

Answer: D
Explanation:
TFTP Daemons listen on UDP port 69 but respond from a dynamically allocated high port. Therefore, enabling this port will allow the TFTP service to receive incoming TFTP requests but will not allow the selected server to respond to those requests. Allowing the selected server to respond to inbound TFTP requests cannot be accomplished unless the TFTP server is configured to respond from port 69.
http://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol http://social.technet.microsoft.com/Forums/en-CA/configmgrosd/thread/9b9bd9e2-6b2e-4073- 96af-2703ad6a3249

QUESTION 136
You are responsible for network monitoring and need to monitor traffic over a routed network from a remote source to an IDS or IPS located in the headquarters site. What would you use in order to accomplish this?

A.    VACLs and VSPAN
B.    RSPAN
C.    ERSPAN
D.    NetFlow

Answer: C
Explanation:
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/span.pdf

QUESTION 137
What is the default maximum reservable bandwidth (percentage) by any single flow on an
interface after enabling RSVP?

A.    75 percent
B.    60 percent
C.    56 percent
D.    50 percent
E.    25 percent

Answer: A
Explanation:
You must plan carefully to successfully configure and use RSVP on your network. At a minimum, RSVP must reflect your assessment of bandwidth needs on router interfaces. Consider the following questions as you plan for RSVP configuration:
How much bandwidth should RSVP allow per end-user application flow? You must understand the “feeds and speeds” of your applications. By default, the amount reservable by a single flow can be the entire reservable bandwidth. You can, however, limit individual reservations to smaller amounts using the single flow bandwidth parameter. This value may not exceed the interface reservable amount, and no one flow may reserve more than the amount specified. How much bandwidth is available for RSVP? By default, 75 percent of the bandwidth available on an interface is reservable. If you are using a tunnel interface, RSVP can make a reservation for the tunnel whose bandwidth is the sum of the bandwidths reserved within the tunnel. How much bandwidth must be excluded from RSVP so that it can fairly provide the timely service required by low-volume data conversations? End-to-end controls for data traffic assumes that all sessions will behave so as to avoid congestion dynamically. Real-time demands do not follow this behavior. Determine the bandwidth to set aside so bursty data traffic will not be deprived as a side effect of the RSVP QOS configuration.

QUESTION 138
Which two protocols can have their headers compressed through MQC? (Choose two.)

A.    RTP
B.    RTSP
C.    HTTP
D.    TCP
E.    UDP

Answer: AD
Explanation:
RTP or TCP IP header compression is a mechanism that compresses the IP header in a data packet before the packet is transmitted. Header compression reduces network overhead and speeds up transmission of RTP and TCP packets.
Cisco IOS software provides a related feature called Express RTP/TCP Header Compression. Before this feature was available, if compression of TCP or RTP headers was enabled, compression was performed in the process-switching path. Compression performed in this manner meant that packets traversing interfaces that had TCP or RTP header compression enabled were queued and passed up the process to be switched. This procedure slowed down transmission of the packet, and therefore some users preferred to fast-switch uncompressed TCP and RTP packets. Now, if TCP or RTP header compression is enabled, it occurs by default in the fast-switched path or the Cisco Express Forwarding-switched (CEF-switched) path, depending on which switching method is enabled on the interface. Furthermore, the number of TCP and RTP header compression connections was increased.
If neither fast-switching nor CEF-switching is enabled, then if TCP or RTP header compression is enabled, it will occur in the process-switched path as before. The Express RTP and TCP Header Compression feature has the following benefits:
1. It reduces network overhead.
2. It speeds up transmission of TCP and RTP packets. The faster speed provides a greater benefit on slower links than faster links.

QUESTION 139
You have a router running BGP for the MPLS network and OSPF for the local LAN network at the
sales office. A route is being learned from the MPLS network that also exists on the OSPF local
network. It is important that the router chooses the local LAN route being learned from the
downstream switch running OSPF rather than the upstream BGP neighbor. Also, if the local OSPF
route goes away, the BGP route needs to be used. What should be configured to make sure that
the router will choose the LAN network as the preferred path?

A.    static route needs to be added
B.    floating static route needs to be added
C.    bgp backdoor command
D.    ospf backdoor command

Answer: C
Explanation:
Congestion control
The Frame Relay network uses a simplified protocol at each switching node. It achieves simplicity by omitting link-by-link flow-control. As a result, the offered load has largely determined the performance of Frame Relay networks. When offered load is high, due to the bursts in some services, temporary overload at some Frame Relay nodes causes a collapse in network throughput. Therefore, frame-relay networks require some effective mechanisms to control the congestion. Congestion control in frame-relay networks includes the following elements:
Admission Control provides the principal mechanism used in Frame Relay to ensure the guarantee of resource requirement once accepted. It also serves generally to achieve high network performance. The network decides whether to accept a new connection request, based on the relation of the requested traffic descriptor and the network’s residual capacity. The traffic descriptor consists of a set of parameters communicated to the switching nodes at call set-up time or at service-subscription time, and which characterizes the connection’s statistical properties.
The traffic descriptor consists of three elements:
Committed Information Rate (CIR) – The average rate (in bit/s) at which the network guarantees to transfer information units over a measurement interval T. This T interval is defined as: T = Bc/CIR. Committed Burst Size (BC) – The maximum number of information units transmittable during the interval T. Excess Burst Size (BE) – The maximum number of uncommitted information units (in bits) that the network will attempt to carry during the interval.
Once the network has established a connection, the edge node of the Frame Relay network must monitor the connection’s traffic flow to ensure that the actual usage of network resources does not exceed this specification. Frame Relay defines some restrictions on the user’s information rate. It allows the network to enforce the end user’s information rate and discard information when the subscribed access rate is exceeded.
Explicit congestion notification is proposed as the congestion avoidance policy. It tries to keep the network operating at its desired equilibrium point so that a certain Quality of Service (QoS) for the network can be met. To do so, special congestion control bits have been incorporated into the address field of the Frame Relay:
FECN and BECN. The basic idea is to avoid data accumulation inside the network. FECN means Forward Explicit Congestion Notification. The FECN bit can be set to 1 to indicate that congestion was experienced in the direction of the frame transmission, so it informs the destination that congestion has occurred. BECN means Backwards Explicit Congestion Notification. The BECN bit can be set to 1 to indicate that congestion was experienced in the network in the direction opposite of the frame transmission, so it informs the sender that congestion has occurred.

QUESTION 140
In BGP routing, what does the rule of synchronization mean?

A.    A BGP router can only advertise an EBGP learned route, provided that the route is an IGP route in
the routing table.
B.    A BGP router can only advertise an IBGP learned route, provided that the route is an IGP route in
the routing table.
C.    A BGP router can only advertise an IBGP learned route, provided that the route is an IGP route
that is not in the routing table.
D.    A BGP router can only advertise an EBGP learned route, provided that the route is a metric of 0 in
the BGP table.

Answer: B
Explanation:
When an AS provides transit service to other ASs and if there are non-BGP routers in the AS, transit traffic might be dropped if the intermediate non-BGP routers have not learned routes for that traffic via an IGP. The BGP synchronization rule states that if an AS provides transit service to another AS, BGP should not advertise a route until all of the routers within the AS have learned about the route via an IGP. The topology shown in demonstrates the synchronization rule

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(121-130)!

QUESTION 121
A request arrived on your MPLS-vpn-bgp group. Due to a security breach, your customer is
experiencing DoS attacks coming from specific subnets (200.0.10.0/24, 200.0.12.0/24). You have
checked all MPLS-EBGP routes being advertised to BHK from other VPN sites and found four
subnets listed:
200.0.10.0/24, 200.0.11.0/24, 200.0.12.0/24, 200.0.13.0/24. You immediately apply an outbound
ACL filter using the appropriate MPLS-EBGP tool: access-list 1 deny 0.0.0.0 255.255.254.255
access-list 1 permit any What happens when you apply this ACL on the MPLS-EBGP connection
to BHK?

A.    It blocks all routes.
B.    It blocks the routes 200.0.12.0/24, 200.0.10.0/24 only.
C.    It blocks the routes 200.0.12.0/24, 200.0.13.0/24 only.
D.    It blocks the routes 200.0.10.0/24, 200.0.13.0/24 only.
E.    Nothing happens, no routes are blocked.

Answer: B
Explanation:
Remember, for the wild card mask, 1s are I DON’T CARE, and 0s are I CARE. In the access-list we put an 0.0.0.0 255.255.254.255 network; of course 255 means “1111 1111. This means we don’t care about any of the bits in the first, second & 4th octets. In fact, the number 0 (in 0.0.0.0) is just smallest numbers we can throw there and it is easy to type but we can use any number, it wouldn’t matter, since I DON’T CARE about them except the third octet as the wild card mask is not all “255.
Now let’s extract the 0 in the third octet in binary form (so easy, right?) 0 = 0000 0000
With the 254 in the wildcard mask, we only care about the last bit of the third octet because 254 is “1111 1110.
That means, if the third octet is in the form of xxxx xxx0 then it will match my access-list (x can be 0 or 1 because I DON’T CARE).
Now let’s write the third octet of 4 above subnets in binary form:
10 = 0000.1010
11 = 0000.1011
12 = 0000.1100
13 = 0000.1101
So, only 10 & 12 satisfy my access list -> I will only block the routes to 200.0.12.0/24, 200.0.10.0/24 – > B is correct.
Here is a simple configuration example explaining the question above. Connect to Routers R1 and BHK via FastEthernet 0/0
Router R1
interface Loopback0
ip address 200.0.10.1 255.255.255.0
!
interface Loopback1
ip address 200.0.11.1 255.255.255.0
!
interface Loopback2
ip address 200.0.12.1 255.255.255.0
!
interface Loopback3
ip address 200.0.13.1 255.255.255.0
!
interface FastEthernet0/0
ip address 10.0.1.2 255.255.255.252
router bgp 65500
no synchronization
bgp log-neighbor-changes
network 10.0.1.0 mask 255.255.255.252
network 200.0.10.0
network 200.0.11.0
network 200.0.12.0
network 200.0.13.0
neighbor 10.0.1.1 remote-as 65525
no auto-summary
Router BHK
router bgp 65525
no synchronization
bgp log-neighbor-changes
network 10.0.1.0 mask 255.255.255.252
neighbor 10.0.1.2 remote-as 65500
neighbor 10.0.1.2 route-map 1 in
distribute-list list in
no auto-summary
access-list 1 deny 0.0.0.0 255.255.254.255
access-list 1 permit any
Note: You may need to clear the BGP process on Router BHK after applying the route-map

QUESTION 122
Half of your network uses RIPv2 and the other half runs OSPF. The networks do not communicate
with each other. Which two of these factors describe the impact of activating EIGRP over each
separate part? (Choose two.)

A.    EIGRP will not be accepted when configured on the actual RIPv2 routers.
B.    OSPF will no longer be used in the routing table, because you only have EIGRP internal routes
running.
C.    OSPF will no longer be used in the routing table, because you only have EIGRP external routes
running.
D.    RIPv2 will populate its RIP database but not its routing table, because you only have EIGRP
external routes running.
E.    RIPv2 will populate its RIP database but not its routing table, because you only have EIGRP
internal routes running.
F.    OSPF database will have RIPv2 routes.

Answer: BE
Explanation:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800943c5.shtml

QUESTION 123
Your company is researching a new application that runs over IPv6, but part of it must still have IPv4 support. Your company uses a traditional IPv4 network. Your plan is not to run IPv6 over the whole network, but to segment parts of the network or even to operate simultaneously with IPv6
and IPv4. You must make a brief presentation about IPv6 technology to the board of technical
directors. Which three of these items could be part of your presentation? (Choose three.)

A.    Tunnel IPv6 over IPv4 to connect far-end IPv6 networks.
B.    Explain why configuring IPv4 and IPv6 at the same time over the same LAN interface is not
possible.
C.    Explain why configuring IPv4 and IPv6 at the same time over the same LAN interface is possible.
D.    What is the meaning of EUI-64 and how does it work?
E.    Tunnel IPv4 over IPv6 to connect far-end IPv4 networks.

Answer: ACD
Explanation:
An interface ID is used to identify interfaces on a link. The interface ID must be unique to the link. It may also be unique over a broader scope. In many cases, an interface ID will be the same as or based on the link-layer address of an interface. Interface IDs used in aggregatable global unicast and other IPv6 address types must be 64 bits long and constructed in the modified EUI-64 format. Interface IDs are constructed in the modified EUI-64 format in one of the following ways:
For all IEEE 802 interface types (for example, Ethernet, and FDDI interfaces), the first three octets (24 bits) are taken from the Organizationally Unique Identifier (OUI) of the 48-bit link-layer address (the Media Access Control [MAC] address) of the interface, the fourth and fifth octets (16 bits) are a fixed hexadecimal value of FFFE, and the last three octets (24 bits) are taken from the last three octets of the MAC address. The construction of the interface ID is completed by setting the Universal/Local (U/L) bit the seventh bit of the first octet a value of 0 or 1. A value of 0 indicates a locally administered identifier; a value of 1 indicates a globally unique IPv6 interface identifier.
For other interface types (for example, serial, loopback, ATM, Frame Relay, and tunnel interface types except tunnel interfaces used with IPv6 overlay tunnels), the interface ID is constructed in the same way as the interface ID for IEEE 802 interface types; however, the first MAC address from the pool of MAC addresses in the router is used to construct the identifier (because the interface does not have a MAC address).
For tunnel interface types that are used with IPv6 overlay tunnels, the interface ID is the IPv4 address assigned to the tunnel interface with all zeros in the high-order 32 bits of the identifier. An IPv4-compatible IPv6 address is an IPv6 unicast address that has zeros in the high-order 96 bits of the address and an IPv4 address in the low-order 32 bits of the address. The format of an IPv4- compatible IPv6 address is 0:0:0:0:0:0:A.B.C.D or ::A.B.C.D. The entire 128-bit IPv4-compatible IPv6 address is used as the IPv6 address of a node and the IPv4 address embedded in the low-order 32 bits is used as the IPv4 address of the node. IPv4-compatible IPv6 addresses are assigned to nodes that support both the IPv4 and IPv6 protocol stacks and are used in automatic tunnels.

QUESTION 124
When running IP SLA, which application type should be used if you want to know round-trip delay, jitter, and packet loss for the full path?

A.    ICMP path echo
B.    UDP echo
C.    ICMP path jitter
D.    Application Performance Monitor
E.    TCP connect

Answer: C
Explanation:
Before configuring any IP SLAs application, you can use the show ip sla application command to verify that the operation type is supported on your software image. In contrast with other IP SLAs operations, the IP SLAs Responder does not have to be enabled on either the target device or intermediate devices for Path Jitter operations. However, the operational efficiency may improve if you enable the IP SLAs Responder. The IP SLAs ICMP Path Jitter operation is ICMP-based. ICMP- based operations can compensate for source processing delay but cannot compensate for target processing delay. For more robust monitoring and verifying, use of the IP SLAs UDP Jitter operation is recommended. The jitter values obtained using the ICMP Path Jitter operation are approximates because ICMP does not provide the capability to embed processing times on routers in the packet. If the target router does not place ICMP packets as the highest priority, then the router will not respond properly. ICMP performance also can be
affected by the configuration of priority queueing on the router and by ping response. The path jitter operation does not support hourly statistics and hop information. Unlike other IP SLAs operations, the ICMP Path Jitter operation is not supported in the RTTMON MIB. Path Jitter operations can only be configured using Cisco IOS commands and statistics can only be returned using the show ip sla commands. The IP SLAs Path Jitter operation does not support the IP SLAs History feature (statistics history buckets) because of the large data volume involved with Jitter operations.

QUESTION 125
Which option is true when calculating round-trip delay in IP SLA operations?

A.    The processing time on the end routers is only assessed for operations that involve the responder.
B.    The processing time on the end routers is only assessed for operations that involve the
transmitter.
C.    The processing time on the end routers is only assessed for operations that involve both the
responder and the transmitter.
D.    The processing time on the end routers is not assessed for neither the responder nor the
transmitter.

Answer: A
Explanation:
The Cisco IOS IP SLAs Responder is a component embedded in the destination Cisco routing device that allows the system to anticipate and respond to Cisco IOS IP SLAs request packets. The Cisco IOS IP SLAs Responder provides an enormous advantage with accurate measurements without the need for dedicated probes and additional statistics not available via standard ICMP-based measurements. The patented Cisco IOS IP SLAs Control Protocol is used by the Cisco IOS IP SLAs Responder providing a mechanism through which the responder can be notified on which port it should listen and respond. Only a Cisco IOS device can be a source for a destination IP SLAs Responder. Figure 2 shows where the Cisco IOS IP SLAs Responder fits in relation to the IP network. The Cisco IOS IP SLAs Responder listens on a specific port for control protocol messages sent by a Cisco IOS IP SLAs operation. Upon receipt of the control message, the responder will enable the specified UDP or TCP port for the specified duration. During this time, the responder accepts the requests and responds to them. The responder disables the port after it responds to the Cisco IOS IP SLAs packet, or when the specified time expires. For added security, MD5 authentication for control messages is available.
Enabling the Cisco IOS IP SLAs Responder on the destination device is not required for all Cisco IOS IP SLAs operations. For example, if services that are already provided by the destination router (such as Telnet or HTTP) are chosen, the Cisco IOS IP SLAs Responder need not be enabled. For non-Cisco devices, the Cisco IOS IP SLAs Responder cannot be configured and Cisco IOS IP SLAs can send operational packets only to services native to those devices.

QUESTION 126
Having multiple unknown unicast frames in a switch would most likely deplete which of these resources?

A.    available MAC addresses in the system
B.    available memory for frame buffering
C.    available bandwidth
D.    electrical power
E.    TCAM entries

Answer: C

QUESTION 127
Refer to the exhibit. R2 and R3 are routers connected using Ethernet services from a service
provider and can receive pings from each other. OSPF is configured as the routing protocol but
adjacency is not happening. According to the output of the show commands in the exhibit, what
could be the most likely cause of the problem?

clip_image001

clip_image001[4]
A.    Ethernet interfaces were configured as point-to-point.
B.    Process IDs are not matching.
C.    Configured bandwidths do not match on both interfaces.
D.    Broadcasts and multicast are not being propagated over the Ethernet services.
E.    OSPF cost does not match on both interfaces.

Answer: D
Explanation:
OSPF Adjacencies
Occurs through exchange of Hello packets
After adjacency established, link-state databases (LSDBs) are synched
Two OSPF neighbors on point-to-point link form full adjacency with each other In LANs, all routers form adjacency with the DR and BDR; updates need to be sent only to DR, which updates all other routers; all other routers on LAN are called DROTHERS and maintain a partial neighbor relationship with each other
Once adjacencies are established, LSAs are exchanged through a reliable mechanism. LSAs are flooded to ensure topological awareness. LSAs have a sequence number and a lifetime value. LSAs convey the cost of links used for the SPF calculation. The cost metric is based on interface bandwidth. The LSA aging timer is 30-minute default.
Here are the details of the exchange process between two routers on a LAN (Router 1 and Router 2) and the OSPF adjacency states involved:
Step 1 Router 1 begins in the down state because it is not exchanging OSPF information with any other router.
It sends Hello packets via multicast address 224.0.0.5(all SPF). Step 2 Router 2 receives the OSPF Hello and adds Router 1 in its list of neighbors. This is the beginning of the init state.
Step 3 Router 2 sends a unicast Hello packet response to Router 1. Step 4 Router 1 receives the Hello and notes that it is listed in the packet. It ads Router 2 to its list of neighbors. Router 1 knows that it has bidirectional communication with Router 2. This is known as the Two-Way State.
Step 5 In LAN environment, DR and BDR elected
Step 6 In LAN environment, Hello packets function as keepalive mechanism every 10 seconds.

QUESTION 128
Which mechanism can you use to achieve sub-second failover for link failure detection when a
switched Ethernet media is used and loss of signal is not supported by the link provider?

A.    OSPF standard hellos
B.    Cisco Discovery Protocol link detection
C.    Bidirectional Forwarding Detection
D.    Fast Link Pulse
E.    autonegotiation

Answer: C
Explanation:
BFD is a detection protocol designed to provide fast forwarding path failure detection times for all media types, encapsulations, topologies, and routing protocols. In addition to fast forwarding path failure detection, BFD provides a consistent failure detection method for network administrators. Because the network administrator can use BFD to detect forwarding path failures at a uniform rate, rather than the variable rates for different routing protocol hello mechanisms, network profiling and planning will be easier, and reconvergence time will be consistent and predictable
http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/fs_bfd.html

QUESTION 129
While troubleshooting a network, you need to verify the liveness of hosts in the subnet
192.168.1.64/26. All of the hosts are able to reply to ping requests. How would you confirm the
existing nodes using one single command?

A.    ping 192.168.1.255
B.    ping with sweep option
C.    ping 192.168.1.127
D.    ping 192.168.1.64
E.    ping with broadcast option

Answer: C
Explanation:
The 192.168.1.27 is the broadcast address of the 192.168.1.64/26 sub-network so by sending a ping request to this address all the hosts in this subnet will reply (to the broadcast address). But it is not quite right nowadays as all the Casco’s routers which have IOS version 12.0 or above will simply drop these pings. If you wish to test this function then you have to turn on the ip directed-broadcast function (which is disabled by default from version 12.0). The purpose of the ip directed-broadcast command is to enable forwarding of directed broadcasts. When this is turned on for an interface, the interface will respond to broadcast messages that are sent to its subnet. Cisco introduced this command in IOS version 10 (and it is enabled by default) but they soon realized this command was being exploited in denial of service attacks and disabled it from version 12.0. As you can guess, a ping to the broadcast address requires all hosts in that subnet to reply and it consumes much traffic if many are sent. A type of this attack is smurf attack, in which the attacker tries to borrow the victims IP address as the source address and sends ICMP packets to the broadcast address of the network. When all the hosts in that subnet hear the ICMP request, they will reply to the computer which the attacker borrowed the IP address from. You can try this function by enabling ip directed-broadcast command in interface mode. Then from the directly connected router issue the ping to the broadcast address of that subnet (or ping 255.255.255.255).

QUESTION 130
When troubleshooting a network, the output of the command show interfaces indicates a large
number of runts. What is a runt?

A.    the number of packets that are discarded because they exceed the maximum packet size of the
medium
B.    errors created when the CRC generated by the originating LAN station or far-end device does not
match the checksum calculated from the data received.
C.    the number of packets that are discarded because they are smaller than the minimum packet size
of the medium
D.    the number of received packets that were ignored by the interface because the interface hardware
ran low on internal buffers
E.    the number of times that the interface requested another interface within the router to slow down

Answer: C
Explanation:
In networks, a runt is a packet that is too small. For example, the Ethernet protocol requires that each packet be at least 64 bytes long. In Ethernet, which operates on the idea that two parties can attempt to get use of the line at the same time and sometimes do, runts are usually the fragments of packet collisions. Runts can also be the result of bad wiring or electrical interference. Runts are recorded by programs that use the Remote Network Monitoring (RNM) standard information base for network administration. RMON calls them “undersize packets”.
A giant is a packet that’s oversize.

2014 Latest Cisco 350-001 Dump Free Download(111-120)!

QUESTION 111
Two BGP peers connected through a routed firewall are unable to establish a peering relationship.
What could be the most likely cause?

A.    BGP peers must be Layer 2-adjacent.
B.    EBGP multihop is not configured.
C.    The firewall is not configured to allow IP protocol 89.
D.    The firewall is not configured to allow UDP 179.

Answer: B
Explanation:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/fwmode.html#wp12016

QUESTION 112
Which two of these steps are minimum requirements to configure OSPFv3 under IPv6? (Choose
two.)

A.    Configure a routing process using the command ipv6 router ospf [process-id].
B.    Add the network statement for the interfaces on which OSPF will run.
C.    Configure OSPF on the interface that it will run on.
D.    Use the passive-interface command on the interfaces on which OSPF should not run.
E.    Enable routing.

Answer: CE
Explanation:
The first step to configure OSPFv3 under IPv6 is to enable IPv6 unicast routing:
R1(config)# ipv6 unicast-routing
Also we need to enable the OSPF process:
R1(config)# ipv6 router ospf 1
There are a few changes in configuring OSPFv3 vs OSPF for IPv4. Instead of using the “network” and “area” commands in ospf router configuration mode you now configure OSPFv3 on a per interface basis using the ipv6 ospf area command in interface configuration mode. For example:
R1(config)# interface fa0/0
R1(config-if)# ipv6 ospf 1 area 0
Note: The “network” command does not exist in OSPFv3.
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-ospf.html#wp1070061 Note: You will see under the section how to implement ospf for ipv6 it only has 1 REQUIRED thing configure interface and in the comments it says that OSPF IPV6 routing is disabled by default.

QUESTION 113
You add the following commands into a routed topology: router eigrp 1 variance 3 traffic-share min across-interfaces. Users now complain about voice quality in your VoIP system. What should be done?

A.    Add the command: router eigrp 1 traffic-share voice interface fast 0/0.
B.    Reconfigure EIGRP to recognize voice packets.
C.    Remove the variance from the configuration.
D.    Reconfigure the VoIP system to use RTP sequence number headers.
E.    Use an H.323 gatekeeper for your VoIP system to negotiate an H.245 uneven packet buffer.
F.    Reconfigure EIGRP to version 2.

Answer: C
Explanation:
Traffic-share min command causes EIGRP to divide traffic only among the routes with the best metric. When the traffic-share min command is used with the across-interfaces keyword, an attempt is made to use as many different interfaces as possible to forward traffic to the same destination. Therefore with the configuration above, EIGRP will only use equal-cost load-balancing feature even when the variance command is used. However, if you use both the traffic-share min command and variance command, even though traffic is sent over the minimum-cost path only, all feasible routes get installed into the routing table, which decreases the convergence times.

QUESTION 114
You have done a partial migration from 802.1D STP to 802.1w STP. Which of the following is true?

A.    802.1D and 802.1w interoperate only when the 802.1D STP domain supports rapid convergence.
B.    Ports leading to 802.1D devices will run in compatibility mode, while the rest of the ports will run in
802.1w mode.
C.    This is an invalid configuration and a partial migration cannot be done.
D.    The bridge timers will be set to match the 802.1D devices.
E.    A secondary root bridge will always be populated within the 802.1D domain.
F.    If the root bridge is selected within the 802.1D domain, the whole STP domain will run in 802.1D
compatibility mode.
G.    In partially migrated 802.1w networks, it is recommended to keep the STP diameter below 4.

Answer: B
Explanation:
IEEE 802.1w RSTP is designed to be compatible with IEEE 802.1d STP. Even if all the other devices in your network are using STP, you can enable RSTP on your switch, and even using the default configuration values, your switch will interoperate effectively with the STP devices. If any of the switch ports are connected to switches or bridges on your network that do not support RSTP, RSTP can still be used on this switch. RSTP automatically detects when the switch ports are connected to non-RSTP devices in the spanning tree and communicates with those devices using 802.1d STP BPDU packets.

QUESTION 115
The network administrator is trying to add Switch1 to the network, but the 802.1 Q trunk is not coming up. Switch1 was previously tested in the laboratory and its trunk configuration worked fine. What are three possible causes of this problem? (Choose three.)

A.    The trunking configuration mode on Switch1 is set to Off.
B.    The trunking configuration mode on the other end is set to On.
C.    The trunking configuration mode on the other end is set to Desirable.
D.    Cisco Discovery Protocol is not running on the other end.
E.    There is a VTP domain name mismatch.
F.    Switch1 does not support 802.1Q.

Answer: AEF
Explanation:
There are 5 possible trunking modes for a switch port:
Auto: this is the default mode. In this mode, a port will become a trunk port if the device the port is connected to is set to the on or desirable mode.
Desirable: allows the port to become a trunk port if the device the port is connected to is set to the on, desirable, or auto mode
On: sets the port to permanent trunking mode.
Nonegotiate: sets the port to permanent trunking mode without sending Dynamic Trunking Protocol (DTP)
Frame Off: sets the port to permanent non-trunking mode In this case, we can guess the trunking mode of Switch 1 is auto (default mode). When in the laboratory, the trunking mode of the other end is set to On or Desirable so 2 switches can negotiate and the link becomes trunk with no problem. But when plugging to the network, other switches may have the trunking mode set to auto so the 802.1Q trunk is not coming up Of course these switches need to be in the same VTP domain so that they can talk with each other. When trying to configure a trunk negation with a mismatched VTP domain you will receive the following error %DTP-5-DOMAINMISMATCH: Unable to perform trunk negotiation on port Gig0/1 because of VTP domain mismatch.
Cisco General Networking Theory Quick Reference Sheets

QUESTION 116
The core of a network has four routers connected in a square design with Gigabit Ethernet links using /30 subnets. The network is used to carry voice traffic and other applications. Convergence time is taking more than expected. Which three actions would you take to improve OSPF convergence time? (Choose three.)

A.    Increase MTU of the interfaces to accommodate larger OSPF packets
B.    Change the network type to point-to-point on those links.
C.    Reduce SPF initial timer.
D.    Increase hello interval to avoid adjacency flapping.
E.    Enable OSPF.

Answer: BCD
Explanation:
The OSPF SPF Throttling is configured using the command timers throttle spf OSPF router configuration command.
spf-start: Initial delay to schedule an SPF calculation after a topology change. Range is 1 to 600000 milliseconds.
spf-hold: Minimum hold-time between two SPF calculations. Range is 1 to 600000 milliseconds. spf-max-wait: Maximum wait between two SPF calculations. Range is 1 to 600000 milliseconds. This command is used to delay the SPF algorithm being executed during network instability. SPF Is very CPU intensive.

QUESTION 117
You replaced your Layer 3 switch, which is the default gateway of the end users. Many users
cannot access anything now, including email, Internet, and other applications, although other
users do not have any issues. All of the applications are hosted in an outsourced data center. In order to fix the problem, which one of these actions should you take?

A.    Clear the MAC address table in the switch.
B.    Clear the ARP cache in the switch.
C.    Clear the ARP cache in the end devices.
D.    Clear the ARP cache in the application servers.

Answer: C
Explanation:
Each workstation has its own arp cache. To delete the arp cache on a windows desktop do the following:
1. Open the “Command Prompt,” the Windows application that enables running Windows commands and software applications, by clicking the Windows “Start” button, clicking “Programs,” clicking “Accessories” and then clicking “Command Prompt.”
2. Type “netsh interface ip delete arpcache” in the Command Prompt to clear your ARP cache.
3. Type “arp -a” in the Command Prompt to verify that the ARP cache was cleared. The output of this command should be “No ARP Entries Found.”
http://www.ehow.com/how_5097488_clear-arp-cache.html#ixzz1lTxv4dRg

QUESTION 118
An 802.1Q trunk is not coming up between two switches. The ports on both switches are
configured as “switchport mode desirable.” Assuming that there is no physical issue, choose two
possible causes. (Choose two.)

A.    Incorrect VTP domain
B.    Incorrect VTP password
C.    Incorrect VTP mode
D.    Incorrect VTP configuration revision

Answer: AB
Explanation:
CCIE Routing and Switching Certification Guide, Fourth Edition

QUESTION 119
When using IP SLA FTP operation, which two FTP modes are supported? (Choose two.)

A.    Only the FTP PUT operation type is supported.
B.    Active mode is supported.
C.    Passive FTP transfer modes are supported.
D.    FTP URL specified for the FTP GET operation is not supported.

Answer: BC
Explanation:
Both active and passive FTP transfer modes are supported. The passive mode is enabled by default. Only the FTP GET (download) operation type is supported. The URL specified for the FTP GET operation must be in one of the following formats:
ftp://username:password@host/filename
ftp://host/filename
If the username and password are not specified, the defaults are anonymous and test, respectively. FTP carries a significant amount of data traffic and can affect the performance of your network. The results of an IP SLAs FTP operation to retrieve a large file can be used to determine the capacity of the network but retrieve large files with caution because the FTP operation will consume more bandwidth. The FTP operation also measures your FTP server performance levels by determining the RTT taken to retrieve a file.

QUESTION 120
If a certificate authority trustpoint is not configured when enabling HTTPS and the remote HTTPS server requires client authentication, connections to the secure HTTP client will fail. Which
command must be enabled for correct operation?

A.    ip http client secure-ciphersuite 3des-ede-cbc-sha
B.    ip https max-connections 10
C.    ip http timeout-policy idle 30 life 120 requests 100
D.    ip http client secure-trustpoint trustpoint-name

Answer: D
Explanation:
IP http client secure-trustpoint
To specify the remote certificate authority (CA) trustpoint that should be used if certification is needed for the secure HTTP client, use the ip http client secure-trustpoint command in global configuration mode. To remove a client trustpoint from the configuration, use the no form of this command.
IP http client secure-trustpoint trustpoint-name

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(101-110)!

QUESTION 101
You are using IPv6, and would like to configure EIGRPv3. Which three of these correctly describe how you can perform this configuration? (Choose three.)

A.    EIGRP for IPv6 is directly configured on the interfaces over which it runs.
B.    EIGRP for IPv6 is not configured on the interfaces over which it runs, but if a user uses
passive-interface configuration, EIGRP for IPv6 needs to be configured on the interface that is
made passive.
C.    There is a network statement configuration in EIGRP for IPv6, the same as for IPv4.
D.    There is no network statement configuration in EIGRP for IPv6.
E.    When a user uses a passive-interface configuration, EIGRP for IPv6 does not need to be
configured on the interface that is made passive.
F.    When a user uses a non-passive-interface configuration, EIGRP for IPv6 does not need to be
configured on the interface that is made passive

Answer: ADE
Explanation:
Restrictions for Implementing EIGRP for IPv6:
This section lists ways in which EIGRP for IPv6 differs from EIGRP IPv4 as well as EIGRP for IPv6 restrictions.
EIGRP for IPv6 is directly configured on the interfaces over which it runs. This feature allows EIGRP for IPv6 to be configured without the use of a global IPv6 address. There is no network statement in EIGRP for IPv6.
In per-interface configuration at system startup, if EIGRP has been configured on an interface, then the EIGRP protocol may start running before any EIGRP router mode commands have been executed.
An EIGRP for IPv6 protocol instance requires a router ID before it can start running. ?EIGRP for IPv6 has a shutdown feature. The routing process should be in “no shutdown” mode in order to start running.
When a user uses passive-interface configuration, EIGRP for IPv6 does not need to be configured on the interface that is made passive.
EIGRP for IPv6 provides route filtering using the distribute-list prefix-list command. Use of the routE.map command is not supported for route filtering with a distribute list.
http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_configuration_guide_chapter 09186a00805fc867.html

QUESTION 102
Which of these statements accurately identifies how Unicast Reverse Path Forwarding can be
employed to prevent the use of malformed or forged IP sources addresses?

A.    It is applied only on the input interface of a router.
B.    It is applied only on the output interface of a router.
C.    It can be configured either on the input or output interface of a router.
D.    It cannot be configured on a router interface.
E.    It is configured under any routing protocol process.

Answer: A
Explanation:
Unicast Reverse Path Forwarding:
Is a small security feature, when configured on an interface, the router checks the incoming packet’s source address with its routing table. If the incoming packet’s source is reachable via the same interface it was received, the packet is allowed. URPF provides protection again spoofed packets with unverifiable source.
http://www.cciecandidate.com/?p=494
Unicast RPF can be used in any “single-homed” environment where there is essentially only one access point out of the network; that is, one upstream connection. Networks having one access point offer the best example of symmetric routing, which means that the interface where a packet enters the network is also the best return path to the source of the IP packet. Unicast RPF is best used at the network perimeter for Internet, intranet, or extranet environments, or in ISP environments for customer network terminations.
Feature Overview
The Unicast RPF feature helps to mitigate problems that are caused by the introduction of malformed or forged (spoofed) IP source addresses into a network by discarding IP packets that lack a verifiable IP source address.
For example, a number of common types of denial-of-service (DoS) attacks, including Smurf and Tribe Flood Network (TFN), can take advantage of forged or rapidly changing source IP addresses to allow attackers to thwart efforts to locate or filter the attacks. For Internet service providers (ISPs) that provide public access, Unicast RPF deflects such attacks by forwarding only packets that have source addresses that are valid and consistent with the IP routing table. This action protects the network of the ISP, its customer, and the rest of the Internet.
How It Works
When Unicast RPF is enabled on an interface, the router examines all packets received as input on that interface to make sure that the source address and source interface appear in the routing table and match the interface on which the packet was received. This “look backwards” ability is available only when Cisco express forwarding (CEF) is enabled on the router, because the lookup relies on the presence of the Forwarding Information Base (FIB). CEF generates the FIB as part of its operation. Note Unicast RPF is an input function and is applied only on the input interface of a router at the upstream end of a connection.
http://www.cisco.com/en/US/docs/ios/11_1/feature/guide/uni_rpf.html

QUESTION 103
Unicast Reverse Path Forwarding can perform all of these actions except which one?

A.    examine all packets received to make sure that the source addresses and source interfaces
appear in the routing table and match the interfaces where the packets were received
B.    check to see if any packet received at a router interface arrives on the best return path
C.    combine with a configured ACL
D.    log its events, if you specify the logging options for the ACL entries used by the unicast rpf
command
E.    inspect IP packets encapsulated in tunnels, such as GRE

Answer: E
Explanation:
For RPF to function, CEF must be enabled on the router. This is because the router uses the Forwarding Information Base (FIB) of CEF to perform the lookup process, which is built from the router’s routing table. In other words, RPF does not really look at the router’s routing table; instead, it uses the CEF FIB to determine spoofing.
Also, RPF cannot detect all spoofed packets. For the network in this example, the perimeter router cannot determine spoofing from packets received on the external E1 interface if they match the default route statement. Therefore, the more routes your router has in its CEF FIB table, the more likely the router will be capable of detecting spoofing attacks. In addition, RPF cannot detect any spoofed packets that are encapsulated, such as packets encapsulated in GRE, IPSec, L2TP, and other packets.
Network administrators can use Unicast Reverse Path Forwarding (Unicast RPF) to help limit the malicious traffic on an enterprise network. This security feature works by enabling a router to verify the reachability of the source address in packets being forwarded. This capability can limit the appearance of spoofed addresses on a network. If the source IP address is not valid, the packet is discarded. Unicast RPF works in one of three different modes: strict mode, loose mode, or VRF mode. Note that not all network devices support all three modes of operation. Unicast RPF in VRF mode will not be covered in this document.
When administrators use Unicast RPF in strict mode, the packet must be received on the interface that the router would use to forward the return packet. Unicast RPF configured in strict mode may drop legitimate traffic that is received on an interface that was not the router’s choice for sending return traffic. Dropping this legitimate traffic could occur when asymmetric routing paths are present in the network.
When administrators use Unicast RPF in loose mode, the source address must appear in the routing table. Administrators can change this behavior using the allow-default option, which allows the use of the default route in the source verification process. Additionally, a packet that contains a source address for which the return route points to the Null 0 interface will be dropped. An access list may also be specified that permits or denies certain source addresses in Unicast RPF loose mode. Care must be taken to ensure that the appropriate Unicast RPF mode (loose or strict) is configured during the deployment of this feature because it can drop legitimate traffic. Although asymmetric traffic flows may be of concern when deploying this feature, Unicast RPF loose mode is a scalable option for networks that contain asymmetric routing paths. Unicast RPF in an Enterprise Network In many enterprise environments, it is necessary to use a combination of strict mode and loose mode Unicast RPF. The choice of the Unicast RPF mode that will be used will depend on the design of the network segment connected to the interface on which Unicast RPF is deployed.
Administrators should use Unicast RPF in strict mode on network interfaces for which all packets received on an interface are guaranteed to originate from the subnet assigned to the interface. A subnet composed of end stations or network resources fulfills this requirement. Such a design would be in place for an access layer network or a branch office where there is only one path into and out of the branch network. No other traffic originating from the subnet is allowed and no other routes are available past the subnet. Unicast RPF loose mode can be used on an uplink network interface that has a default route associated with it.
http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html

QUESTION 104
Which three of these statements about Dynamic Trunking Protocol are correct? (Choose three.)

A.    It supports autonegotiation for both ISL and IEEE 802.1Q trunks.
B.    It must be disabled on an interface if you do not want the interface to work as a trunk or start
negotiation to become a trunk.
C.    It is a point-to-multipoint protocol.
D.    It is a point-to-point protocol.
E.    It is not supported on private VLAN ports or tunneling ports.

Answer: ABD
Explanation:
By default Cisco states that PVLANs will be forwarded. Keep in mind that if you do not disable DTP it will attempt to negotiate a trunk with any additional switch that it is connected to on the port in question. Switchport mode access – This command puts the interface (access port) into permanent nontrunking mode.
The interface will generate DTP frames, negotiating with the neighboring interface to convert the link into a nontrunk link. The interface becomes a nontrunk interface even if the neighboring interface does not agree to the change.
Switchport mode dynamic desirable – This command makes the interface actively attempt to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk, desirable, or auto mode. This is the default mode for all Ethernet interfaces. If the neighboring interface is set to the access or non-negotiate mode, the link will become a non-trunking link. Switchport mode dynamic auto – This command makes the interface willing to convert the link to a trunk link if the neighboring interface is set to trunk or desirable mode. Otherwise, the link will become a non-trunking link. Switchport mode trunk – This command puts the interface into permanent trunking mode and negotiates to convert the link into a trunk link. The interface becomes a trunk interface even if the neighboring interface does not agree to the change. Switchport nonegotiate – Prevents the interface from generating DTP frames. You can use this command only when the interface switchport mode is access or trunk. You must manually configure the neighboring interface as a trunk interface to establish a trunk link, otherwise the link will be a non-trunking link.
Using these different trunking modes, an interface can be set to trunking or nontrunking or even able to negotiate trunking with the neighboring interface. To automatically negotiate trunking, the interfaces must be in the same VTP domain. Trunk negotiation is managed by the Dynamic Trunking Protocol (DTP), which is a Cisco proprietary Point-to-Point Protocol.

QUESTION 105
You are designing your network to be able to use trunks. As part of this process you are
comparing the ISL and 802.1Q encapsulation options. All of these statements about the two
encapsulation options are correct except which one?

A.    Both support normal and extended VLAN ranges.
B.    ISL is a Cisco proprietary encapsulation method and 802.1Q is an IEEE standard.
C.    ISL encapsulates the original frame.
D.    Both support native VLANs.
E.    802.1Q does not encapsulate the original frame.

Answer: D
Explanation:
ISL is a Cisco proprietary protocol for the interconnection of multiple switches and maintenance of VLAN information as traffic goes between switches. ISL provides VLAN trunking capabilities while it maintains full wire-speed performance on Ethernet links in full-duplex or half-duplex mode. ISL operates in a point- to-point environment and can support up to 1000 VLANs. In ISL, the original frame is encapsulated and an additional header is added before the frame is carried over a trunk link. At the receiving end, the header is removed and the frame is forwarded to the assigned VLAN.
ISL uses Per VLAN Spanning Tree (PVST), which runs one
instance of Spanning Tree Protocol (STP) per VLAN. PVST allows the optimization of root switch placement for each VLAN and supports the load balancing of VLANs over multiple trunk links. 802.1Q is the IEEE standard for tagging frames on a trunk and supports up to 4096 VLANs. In 802.1Q, the trunking device inserts a 4-byte tag into the original frame and recomputes the frame check sequence (FCS) before the device sends the frame over the trunk link. At the receiving end, the tag is removed and the frame is forwarded to the assigned VLAN. 802.1Q does not tag frames on the native VLAN. It tags all other frames that are transmitted and received on the trunk. When you configure an 802.1Q trunk, you must make sure that you
configure the same native VLAN on both sides of the trunk. IEEE 802.1Q defines a single instance of spanning tree that runs on the native VLAN for all the VLANs in the network. This is called Mono Spanning Tree (MST). This lacks the flexibility and load balancing capability of PVST that is available with ISL. However, PVST+ offers the capability to retain multiple spanning tree topologies with 802.1Q trunking.

QUESTION 106
What s the default stratum clock on a Cisco router, when you see the key word “master”
configured on the NTP line?

A.    1
B.    2
C.    4
D.    6
E.    8

Answer: E
Explanation:
NTP master
The “ntp master” is used to configure the device as a master clock when external time synchronization is not possible; for example, the router is not connected to the Internet. If the network has ntp master configured and it cannot reach any clock with a lower stratum number, the system claims to be synchronized at the configured stratum number, and other systems synchronize to it via NTP. By default, the master clock function is disabled.
When enabled, the default stratum is 8.
In the world of NTP, stratum levels define the distance from the reference clock. A reference clock is a stratum-0 device that is assumed to be accurate and has little or no delay associated with it (typically an atomic clock).
A server that is directly connected to a stratum-0 device is called a stratum-1 server, a server that is directly connected to a stratum-1 is called a stratum-2 server and so on.
http://www.cisco.com/en/US/products/hw/switches/ps1893/ products_command_reference_chapter09186a008007dec6.html

QUESTION 107
Though many options are supported in EIGRPv6, select two options from the below list that are
supported. Choose 2

A.    VRF
B.    auto-summary
C.    per-interface configuration
D.    prefix-list support via route-map
E.    prefix-list support via distribute-list

Answer: CE
Explanation:
EIGRPv6 does differ from EIGRPv4 in the following ways:
EIGRPv6 is configured (enabled) directly on Cisco routers interfaces; this means EIGRPv6 can be configured (enabled) on a routers interface, without having to configure (assign) a Global IPv6 address on the interface and without using the network command while the router is in router configuration mode.
Also, when configuring (enabling) EIGRPv6 on a Cisco router, the EIGRP routing process must be configured (assigned) with a router-id (by using the router configuration command router-id); if a router-id is not configured (assigned) the EIGRPv6 routing process will not start. The EIGRPv6 routing process also uses a shutdown feature; meaning an EIGRPv6 routing process will not start until the routing process has been placed into no shutdown mode. (by, typing the no shutdown command while the router is in router configuration mode) Also, on Passive Interfaces; EIGRPv6 is not required to be configured. Lastly, EIGRPv6 use the router configuration command distribute-list prefix-list to perform route filtering; and when configuring route filtering the route-map command is not supported.
Below is some additional information on EIGRPv6:
IPv6 EIGRP and IPV4 EIGRP are very similar in concept except for the following differences:
IPv6 is configured on interface basis (like OSPFv3 and RIPng) and networks are advertised based on the interface command -> C is correct.
When configured on interface, IPv6 EIGRP is initially placed in “shutdown” state as with OSPFv3, IPv6 EIGRP require a router-id in IPv4 format Passive interfaces can only be configured in the routing process mode. The need for extra memory resources and supported in IOS 12.4(6)T and later. There is no split horizon in IPv6 because it is possible to get multiple prefixes per interface. Their is no concept of classful routing in IPv6 EIGRP consequently no automatic summary -> B is not correct EIGRPv6 uses the router configuration command “distribute-list prefix-list” to perform route filtering, and when configuring route filtering the “route-map” command is not supported -> E is correct but D is not.
Virtual Routing and Forwarding (VRF) is also supported in EIGRPv6.

QUESTION 108
During the IPv6 address resolution, a node sends a neighbor solicitation message in order to
discover which of these?

A.    The Layer 2 multicast address of the destination node
B.    The solicited node multicast address of the destination node
C.    The Layer 2 address of the destination node based on the destination IPv6 address
D.    The IPv6 address of the destination node based on the destination Layer 2 address

Answer: C
Explanation:
Nodes send Neighbor Solicitations to request the link-layer address of a target node while also providing their own link-layer address to the target. Neighbor Solicitations are multicast when the node needs to resolve an address and unicast when the node seeks to verify the reachability of a neighbor.

QUESTION 109
Which one of these statements is true of OSPF type 5 LSAs?

A.    They are used to summarize area routes to other areas.
B.    They are used in not-so-stubby areas to propagate external routes.
C.    They are used to notify areas of the ASBR.
D.    They are flooded to all areas except stub areas (external route).

Answer: D
Explanation:
http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a0080094e9e.shtml#app a1

QUESTION 110
Which OSPF LSA type does an ASBR use to originate a default route into an area?

A.    LSA 1
B.    LSA 3
C.    LSA 4
D.    LSA 5
E.    LSA 7

Answer: D
Explanation:
By default, the OSPF router does not generate a default route into the OSPF domain. In order for OSPF to generate a default route, you must use the default-information originate command. With this command, the router will advertise type 5 LSA with a link ID of 0.0.0.0.
http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00801ec9f0.s html

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(91-100)!

QUESTION 91
Which of these correctly identifies a difference between the way BPDUs are handled by 802.1w
and 802.1D?

A.    802.1D bridges do not relay BPDUs.
B.    802.1w bridges do not relay BPDUs.
C.    802.1D bridges only relay BPDUs received from the root.
D.    802.1w bridges only relay BPDUs received from the root.

Answer: C
Explanation:
A bridge sends a BPDU frame using the unique MAC address of the port itself as a source address, and a destination address of the STP multicast address 01:80:C2:00:00:00.
There are three types of BPDUs:
Configuration BPDU (CBPDU), used for Spanning Tree computation Topology Change Notification (TCN) BPDU, used to announce changes in the network topology Topology Change Notification Acknowledgment (TCA)
BPDU are Sent Every Hello-Time
BPDU are sent every hello-time, and not simply relayed anymore. With 802.1D, a non-root bridge only generates BPDUs when it receives one on the root port. In fact, a bridge relays BPDUs more
than it actually generates them. This is not the case with 802.1w. A bridge now sends a BPDU with its current information every <hello-time> seconds (2 by default), even if it does not receive any from the root bridge.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtm l#topic4

QUESTION 92
NBAR supports all of these with the exception of which one?

A.    HTTP
B.    IP multicast
C.    TCP flows with dynamically assigned port numbers
D.    non-UDP protocols

Answer: B
Explanation:
Restrictions for Using NBAR
NBAR does not support the following:
More than 24 concurrent URLs, hosts, or Multipurpose Internet Mail Extension (MIME) type matches.
Matching beyond the first 400 bytes in a packet payload in Cisco IOS releases before Cisco IOS Release 12.3 (7)T. In Cisco IOS Release 12.3(7)T, this restriction was removed, and NBAR now supports full payload inspection. The only exception is that NBAR can inspect custom protocol traffic for only 255 bytes into the payload.
Non-IP traffic
Multiprotocol Label Switching (MPLS)-labeled packets – NBAR classifies IP packets only. You can, however, use NBAR to classify IP traffic before the traffic is handed over to MPLS. Use the Modular Quality of Service (QoS) Command-Line Interface (CLI) (MQC) to set the IP differentiated services code point (DSCP) field on the NBAR-classified packets and make MPLS map the DSCP setting to the MPLS experimental (EXP) setting inside the MPLS header. Multicast and other non-CEF switching modes Fragmented packets Pipelined persistent HTTP requests
URL/host/MIME classification with secure HTTP
Asymmetric flows with stateful protocols
Packets that originate from or that are destined to the router running NBAR NBAR is not supported on the following logical interfaces:
Fast EtherChannel
Dialer interfaces until Cisco IOS Release 12.2(4) T
Interfaces where tunneling or encryption is used

QUESTION 93
Modified deficit round robin supports which of these functionalities?

A.    priority queue
B.    weighted fair queues
C.    round-robin service of output queues
D.    LLQ

Answer: AC
Explanation:
Modified deficit round robin (MDRR)–MDRR, a traffic class prioritization mechanism used only on GSR platforms, incorporates emission priority as a facet of quality of service. MDRR is similar in function to WFQ on non-GSR platforms.
In MDRR, IP traffic is mapped to different classes of service queues. A group of queues is assigned to each traffic destination. On the transmit side of the platform, a group of queues is defined on a per- interface basis; on the receive side of the platform, a group of queues is defined on a per-destination basis. IP packets are then mapped to these queues, based on their IP precedence value. These queues are serviced on a round-robin basis, except for a queue that has been defined to run in either of two ways: a) strict priority mode, or b) alternate priority mode. In strict priority mode, the high priority queue is serviced whenever it is not empty; this ensures the lowest possible delay for high priority traffic. In this mode, however, the possibility exists that other traffic might not be serviced for long periods of time if the high priority queue is consuming most of the available bandwidth.
In alternate priority mode, the traffic queues are serviced in turn, alternating between the high priority queue and the remaining queues.
http://www.cisco.com/en/US/docs/ios/12_0st/12_0st10/feature/guide/10st_cos.pdf

QUESTION 94
A router is connected to an HDLC circuit via a T1 physical interface. The SLA for this link only allows for a sustained rate of 768 kb/s. Bursts are allowed for up to 30 seconds at up to line rate, with a window Tc of 125 ms. What should the Bc and Be setting be when using generic traffic
shaping?

A.    Be = 46320000 , Bc = 96000
B.    Be = ,768000 Bc = 32000
C.    Be = ,128000 Bc = 7680
D.    Be = ,0 Bc = 96000

Answer: A
Explanation:
Tc= 125
CIR = 768
What is the Be
T1 = 1.544 Mbps
Bursts are allowed for 30 seconds
Seconds * Bandwidth in bps = Be
30 * 1544000 = Be
30 * 1544000 = 46320000
Be = 46320000
What is Bc?
Bc = Tc * CIR
Bc = 125 * 768
Bc = 96000
Traffic Shaping Parameters
We can use the following traffic shaping parameters:
CIR = committed information rate (= mean time)
EIR = excess information rate
TB = token bucket (= Bc + Be)
Bc = committed burst size (= sustained burst size)
Be = excess burst size
DE = discard eligibility
Tc = measurement interval
AR = access rate corresponding to the rate of the physical interface (so if you use a T1, the AR is approximately 1.5 Mbps).
Committed Burst Size (Bc)
The maximum committed amount of data you can offer to the network is defined as Bc. Bc is a measure for the volume of data for which the network guarantees message delivery under normal conditions. It is measured during the committed rate Tc.
Excess Burst Size (Be)
The number of non-committed bits (outside of CIR) that are still accepted by the Frame Relay switch but are marked as eligible to be discarded (DE). The token bucket is a ‘virtual’ buffer. It contains a number of tokens, enabling you to send a limited amount of data per time interval. The token bucket is filled with Bc bits per Tc.
The maximum size of the bucket is Bc + Be. If the Be is very big and, if at T0 the bucket is filled with Bc + Be tokens, you can send Bc + Be bits at the access rate. This is not limited by Tc but by the time it takes to send the Be. This is a function of the access rate.
Committed Information Rate (CIR)
The CIR is the allowed amount of data which the network is committed to transfer under normal conditions. The rate is averaged over a increment of time Tc. The CIR is also referred to as the minimum acceptable throughput. Bc and Be are expressed in bits, Tc in seconds, and the access rate and CIR in bits per second.
Bc, Be, Tc and CIR are defined per data-link connection identifier (DLCI). Due to this, the token bucket filter controls the rate per DLCI. The access rate is valid per user-network interface. For Bc, Be and CIR incoming and outgoing values can be distinguished. If the connection is symmetrical, the values in both directions are the same. For permanent virtual circuits, we define incoming and outgoing Bc, Be and CIR at subscription time.
Peak = DLCI’s maximum speed. The bandwidth for that particular DLCI.
Tc = Bc / CIR
Peak = CIR + Be/Tc = CIR (1 + Be/Bc)
If the Tc is one second then:
Peak = CIR + Be = Bc + Be
http://www.cisco.com/warp/public/125/21.pdf

QUESTION 95
Which of these tables is used by an LSR to perform a forwarding lookup for a packet destined to
an address within an RFC 4364 VPN?

A.    CEF
B.    FIB
C.    LFIB
D.    IGP

Answer: C
Explanation:
Notice: The term Label Switch Router (LSR) refers to any router that has awareness of MPLS labels Label Forwarding Information Base (LFIB) is responsible for forwarding incoming packets based on label as it holds necessary label information, as well as the outgoing interface and next-hop information

QUESTION 96
Which two of these parameters are used to determine a forwarding equivalence class? (Choose
two.)

A.    IP prefix
B.    Layer 2 circuit
C.    RSVP request from CE for bandwidth reservation
D.    BGP MED value

Answer: AB
Explanation:
A Forwarding Equivalence Class (FEC) is a class of packets that should be forwarded in the same manner (i.e. over the same path). A FEC is not a packet, nor is it a label. A FEC is a logical entity created by the router to represent a class (category) of packets. When a packet arrives at the ingress router of an MPLS domain, the router parses the packet’s headers, and checks to see if the packet matches a known FEC (class). Once the matching FEC is determined, the path and outgoing label assigned to that FEC are used to forward the packet.
FECs are typically created based on the IP destinations known to the router, so for each different destination a router might create a different FEC, or if a router is doing aggregation, it might represent multiple destinations with a single FEC (for example, if those destinations are reachable through the same immediate next hop anyway). The MPLS framework, however, allows for the creation of FECs using advanced criteria like source and destination address pairs, destination address and TOS, etc.

QUESTION 97
A network is composed of several VRFs. It is required that VRF users VRF_A and VRF_B be able
to route to and from VRF_C, which hosts shared services. However, traffic must not be allowed to flow between VRF_A and VRF_B. How can this be accomplished?

A.    route redistribution
B.    import and export using route descriptors
C.    import and export using route targets
D.    Cisco MPLS Traffic Engineering

Answer: C
Explanation:
An MPLS VPN implementation is very similar to a dedicated router peer-to-peer model implementation. From a CE router’s perspective, only IPv4 updates, as well as data, are forwarded to the PE router. The CE router does not need any specific configuration to enable it to be a part of a MPLS VPN domain. The only requirement on the CE router is a routing protocol (or a static/default route) that enables the router to exchange IPv4 routing information with the connected PE router. In the MPLS VPN implementation, the PE router performs multiple functions. The PE router must first be capable of isolating customer traffic if more than one customer is connected to the PE router. Each customer, therefore, is assigned an independent routing table similar to a dedicated PE router in the initial peer-to-peer discussion. Routing across the SP backbone is performed using a routing process in the global routing table. P routers provide label switching between provider edge routers and are unaware of VPN routes. CE routers in the customer network are not aware of the P routers and, thus, the internal topology of the SP network is transparent to the customer The P routers are only responsible for label switching of packets. They do not carry VPN routes and do not participate in MPLS VPN routing. The PE routers exchange IPv4 routes with connected CE routers using individual routing protocol contexts. To enable scaling the network to large number of customer VPNs, multiprotocol BGP is configured between PE routers to carry customer routes. Customer isolation is achieved on the PE router by the use of virtual routing tables or instances, also called virtual routing and forwarding tables/instances (VRFs). In essence, it is similar to maintaining multiple dedicated routers for customers connecting into the provider network. The function of a VRF is similar to a global routing table, except that it contains all routes pertaining to a specific VPN versus the global routing table. The VRF also contains a VRF-specific CEF forwarding table analogous to the global CEF table and defines the connectivity requirements and protocols for each customer site on a single PE router. The VRF defines routing protocol contexts that are part of a specific VPN as well as the interfaces on the local PE router that are part of a specific VPN and, hence, use the VRF. The interface that is part of the VRF must support CEF switching. The number of interfaces that can be bound to a VRF is only limited by the number of interfaces on the router, and a single interface (logical or physical) can be associated with only one VRF. The VRF contains an IP routing table analogous to the global IP routing table, a CEF table, list of interfaces that are part of the VRF, and a set of rules defining routing protocol exchange with attached CE routers (routing protocol contexts). In addition, the VRF also contains VPN identifiers as well as VPN membership information (RD and RT are covered in the next section).
Route targets (RTs) are additional identifiers used in the MPLS VPN domain in the deployment of MPLS VPN that identify the VPN membership of the routes learned from that particular site. RTs are implemented by the use of extended BGP communities in which the higher order 16 bits of the BGP extended community (64 total bits) are encoded with a value corresponding to the VPN membership of the specific site. When a VPN route learned from a CE router is injected into VPNv4 BGP, a list of VPN route target extended community attributes is associated with it. The export route target is used in identification of VPN membership and is associated to each VRF. This export route target is appended to a customer prefix when it is converted to a VPNv4 prefix by the PE router and propagated in MP-BGP updates. The import route target is associated with each VRF and identifies the VPNv4 routes to be imported into the VRF for the specific customer. The format of a RT is the same as an RD value.

QUESTION 98
Which of these statements best describes the major difference between an IPv4-compatible tunnel
and a 6to4 tunnel?

A.    An IPv4-compatible tunnel is a static tunnel, but an 6to4 tunnel is a semiautomatic tunnel.
B.    The deployment of a IPv4-compatible tunnel requires a special code on the edge routers, but a
6to4 tunnel does not require any special code.
C.    An IPv4-compatible tunnel is typically used only between two IPv6 domains, but a 6to4 tunnel is
used to connect to connect two or more IPv6 domains.
D.    For an IPv4-compatible tunnel, the ISP assigns only IPv4 addresses for each domain, but for a
6to4 tunnel, the ISP assigns only IPv6 addresses for each domain.

Answer: C
Explanation:
Automatic 6to4 Tunnels
An automatic 6to4 tunnel allows isolated IPv6 domains to be connected over an IPv4 network to remote IPv6 networks. The key difference between automatic 6to4 tunnels and manually configured tunnels is that the tunnel is not point-to-point; it is point-to-multipoint. In automatic 6to4 tunnels, routers are not configured in pairs because they treat the IPv4 infrastructure as a virtual nonbroadcast multi-access (NBMA) link. The IPv4 address embedded in the IPv6 address is used to find the other end of the automatic tunnel.
An automatic 6to4 tunnel may be configured on a border router in an isolated IPv6 network, which creates a tunnel on a per-packet basis to a border router in another IPv6 network over an IPv4 infrastructure. The tunnel destination is determined by the IPv4 address of the border router extracted from the IPv6 address that starts with the prefix 2002::/16, where the format is 2002:border-router-IPv4-address::/48. Following the embedded IPv4 address are 16 bits that can be used to number networks within the site. The border router at each end of a 6to4 tunnel must support both the IPv4 and IPv6 protocol stacks. 6to4 tunnels are configured between border routers or between a border router and a host.
The simplest deployment scenario for 6to4 tunnels is to interconnect multiple IPv6 sites, each of which has at least one connection to a shared IPv4 network. This IPv4 network could be the global Internet or a corporate backbone. The key requirement is that each site have a globally unique IPv4 address; the Cisco IOS software uses this address to construct a globally unique 6to4/48 IPv6 prefix. As with other tunnel mechanisms, appropriate entries in a Domain Name System (DNS) that map between hostnames and IP addresses for both IPv4 and IPv6 allow the applications to choose the required address. Automatic IPv4-Compatible IPv6 Tunnels Automatic IPv4-compatible tunnels use IPv4-compatible IPv6 addresses. IPv4-compatible IPv6 addresses are IPv6 unicast addresses that have zeros in the high-order 96 bits of the address, and an IPv4 address in the low-order 32 bits. They can be written as 0:0:0:0:0:0:A.B.C.D or ::A.B.C.D, where “A.B.C.D” represents the embedded IPv4 address.
The tunnel destination is automatically determined by the IPv4 address in the low-order 32 bits of IPv4- compatible IPv6 addresses. The host or router at each end of an IPv4-compatible tunnel must support both the IPv4 and IPv6 protocol stacks. IPv4-compatible tunnels can be configured between border- routers or between a border-router and a host. Using IPv4-compatible tunnels is an easy method to create tunnels for IPv6 over IPv4, but the technique does not scale for large networks.

QUESTION 99
Which information is carried in an OSPFv3 intra-area-prefix LSA?

A.    IPv6 prefixes
B.    link-local addresses
C.    solicited node multicast addresses
D.    IPv6 prefixes and topology information

Answer: A

QUESTION 100
Which IPv6 address would you ping to determine if OSPFv3 is able to send and receive unicast
packets across a link?

A.    anycast address
B.    site-local multicast
C.    global address of the link
D.    unique local address
E.    link-local address

Answer: E
Explanation:
A link-local address is an Internet Protocol address that is intended only for communications within the segment of a local network (a link) or a point-to-point connection that a host is connected to. Routers do not forward packets with link-local addresses.

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(81-90)!

QUESTION 81
Spanning Tree Protocol calculates path cost based on which of these?

A.    interface bandwidth
B.    interface delay
C.    interface bandwidth and delay
D.    hop count
E.    bridge priority

Answer: A
Explanation:
STP calculates the path cost based on the media speed (bandwidth) of the links between switches and the port cost of each port forwarding frame. Spanning tree selects the root port based on the path cost. The port with the lowest path cost to the root bridge becomes the root port. The root port is always in the forwarding state.
If the speed/duplex of the port is changed, spanning tree recalculates the path cost automatically. A change in the path cost can change the spanning tree topology.
Data rate and STP path cost
The table below shows the default cost of an interface for a given data rate.

clip_image002

QUESTION 82
What two features in Cisco switches help prevent Layer 2 loops? (Choose two.)

A.    UniDirectional Link Detection
B.    Hot Standby Router Protocol
C.    Virtual Router Redundancy Protocol
D.    PortFast
E.    root guard
F.    loop guard

Answer: AF
Explanation:
The STP loop guard feature provides additional protection against Layer 2 forwarding loops (STP loops). An STP loop is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state. This usually happens because one of the ports of a physically redundant topology (not necessarily the STP blocking port) no longer receives STP BPDUs. In its
operation, STP relies on continuous reception or transmission of BPDUs based on the port role. The designated port transmits BPDUs, and the non-designated port receives BPDUs.

QUESTION 83
In PIM-SM what control plane signaling must a multicast source perform before it begins to send
multicast traffic to a group?

A.    The source must send a PIM Register message to the rendezvous point (RP).
B.    The source must first join the multicast group using IGMP before sending.
C.    The source must perform a Request to Send (RTS) and Clear to Send (CTS) handshake with the
PIM designated router (DR).
D.    No control plane signaling needs to be performed; the source can simply begin sending on the
local subnet.

Answer: D
Explanation:
The most common type of multicast issue is the RPF Failure. RPF checks are used both at the control and data plane of multicast routing. Control plane involves PIM signaling some PIM messages are subject to RPF checks. For example, PIM (*,G) Joins are sent toward the shortest path to RP. Next, the BSR/RP address in the BSR messages is subject to RPF check as well. Notice that this logic does not apply to PIM Register messages the unicast register packet may arrive on any interface. However, RPF check is performed on the encapsulated multicast source to construct the SPT toward the multicast source.
Data plane RPF checks are performed every time a multicast data packet is received for forwarding. The source IP address in the packet should be reachable via the receiving interface, or the packet is going to be dropped. Theoretically, with PIM Sparse-Mode RPF checks at the control plane level should preclude and eliminate the data-plane RPF failures, but data-plane RPF failures are common during the moments of IGP reconvergence and on multipoint non-broadcast interfaces. PIM Dense Mode is different from SM in the sense that data-plane operations preclude control- plane signaling. One typical irresolvable RPF problem with PIM Dense mode is known as split-horizon forwarding, where packet received on one interface, should be forwarded back out of the same interface in the hub-and-spoke topology. The same problem may occur with PIM Sparse mode, but this type of signaling allows for treating the NBMA interface as a collection of point-to-point links by the virtue of PIM NBMA mode.

QUESTION 84
Which of these statements about PIM join messages in classic PIM-SM is correct?

A.    PIM join messages are sent every 60 seconds to refresh the upstream router’s mroute state for
the multicast tree.
B.    Routers send a PIM join acknowledgement in response to each PIM join message received from a
downstream router.
C.    PIM join messages are only sent when the multicast distribution tree is first being established.
D.    PIM join messages are sent every three minutes to refresh the upstream router’s mroute state for
the multicast tree.

Answer: A
Explanation:
PIM Sparse Mode uses an explicit request approach, where a router has to ask for the multicast feed with a PIM Join message. PIM Sparse Mode is indicated when you need more precise control, especially when you have large volumes of IP multicast traffic compared to your bandwidth. PIM Sparse Mode scales rather well, because packets only go where they are needed, and because it creates state in routers only as needed. There can be different RP’s for different multicast groups, which is one way to spread the load. There is usually one RP per multicast group. Redundancy of RP’s is an advanced topic, and requires a little deeper expertise. One way to do this is with the MSDP protocol (possible later article in the series). PIM Join message is sent towards a Source (or for PIM-SM, possibly towards an RP), based on unicast routing. The Join message says in effect “we need a copy of the multicasts over here”. It connects the sender of the Join and intervening routers to any existing multicast tree, all the way back to the target of the Join if necessary. A Prune message says in effect “we no longer need this over here”. A router receiving a Prune sees whether it has any other interfaces requiring the multicast flow, and if not, sends its own Prune message.
One advanced technique is to arrange a separate and perhaps different copy of the unicast routing information just for multicast purposes. This allows “steering” of the Join messages. Multiprotocol BGP, MBGP, for multicast, is one way to do this

clip_image001
All PIM-SM-enabled routers should be configured with the same message interval time. A router will be pruned from a group if a Join message is not received in the message interval. The default value is three minutes.
http://ciscoarticles.com/Cisco-Multicast-Routing-and-Switching/PIM-SM-Version-2-RP-Selection.html

QUESTION 85
The ip pim autorp listener command is used to do which of these?

A.    enable a Cisco router to “passively” listen to Auto-RP packets without the router actively sending or
forwarding any of the packets
B.    allow Auto-RP packets in groups 224.0.1.39 and 224.0.1.40 to be flooded in dense mode out
interfaces configured with the ip pim sparse-mode command
C.    enable the use of Auto-RP on a router
D.    configure the router as an Auto-RP mapping agent

Answer: B
Explanation:
The IP Pim autorp listener allows the Group 224.0.0.39 & 224.0.0.40 to be dense flooded. As the RP announces 224.0.0.39 to the mapping agent and the mapping agent announces 224.0.0.40 to all routers part of the group. where it can be applied:
It can be applied when dense mode is not configured, for example if you have Sparse-mode Multicast Network, and you need not to statically define your RP or use Autorp.

QUESTION 86
In order to configure two routers as anycast RPs, which of these requirements, at a minimum,
must be satisfied?

A.    Multicast Source Discovery Protocol mesh-groups must be configured between the two anycast
RPs.
B.    The RPs must be within the same IGP domain.
C.    Multicast Source Discovery Protocol must be configured between the two anycast RPs.
D.    The two anycast RPs must be IBGP peers.

Answer: C
Multicast Source Discovery Protocol (MSDP) is a mechanism to connect multiple PIM sparse-mode (SM) domains. MSDP allows multicast sources for a group to be known to all rendezvous point(s) (RPs) in different domains. Each PIM-SM domain uses its own RPs and need not depend on RPs in other domains. An RP runs MSDP over TCP to discover multicast sources in other domains. An RP in a PIM-SM domain has an MSDP peering relationship with MSDP-enabled routers in another domain. The peering relationship occurs over a TCP connection, where primarily a list of sources sending to multicast groups is exchanged. The TCP connections between RPs are achieved by the underlying routing system. The receiving RP uses the source lists to establish a source path. The purpose of this topology is to have domains discover multicast sources in other domains. If the multicast sources are of interest to a domain that has
receivers, multicast data is delivered over the normal, source-tree building mechanism in PIM-SM. MSDP is also used to announce sources sending to a group. These announcements must originate at the domain’s RP.
MSDP depends heavily on (M)BGP for interdomain operation. It is recommended that you run MSDP in RPs in your domain that are RPs for sources sending to global groups to be announced to the internet.
Each MSDP peer receives and forwards the SA message away from the originating RP to achieve “peer- RPF flooding.” The concept of peer-RPF flooding is with respect to forwarding SA messages. The router examines the BGP or MBGP routing table to determine which peer is the next hop toward the originating RP of the SA message. Such a peer is called an “RPF peer” (Reverse-Path Forwarding peer). The router forwards the message to all MSDP peers other than the RPF peer. If the MSDP peer receives the same SA message from a non-RPF peer toward the originating RP, it drops the message. Otherwise, it forwards the message on to all its MSDP peers. When an RP for a domain receives an SA message from an MSDP peer, it determines if it has any group members interested in the group the SA message describes. If the (*,G) entry exists with a nonempty outgoing interface list, the domain is interested in the group, and the RP triggers an (S,G) join toward the source.

QUESTION 87
Which two of these statements correctly describe classic PIM-SM? (Choose two.)

A.    The IOS default is for a last-hop router to trigger a switch to the shortest path tree as soon as a new
source is detected on the shared tree.
B.    The IOS default is for every one of the routers on the shared tree to trigger a switch to the shortest
path tree as soon as a new source is detected on the shared tree.
C.    The default behavior of switching to the shortest path tree as soon as a new source is detected on
the shared tree can be disabled by setting the value in the ip pim spt-threshold command to
“infinity.”
D.    The default behavior of switching to the shortest path tree as soon as a new source is detected on
the shared tree can be disabled by setting the value in the ip pim spt-threshold command to
“zero.”

Answer: AC
Explanation:
They are checking you for syntax ip pim spt-threshold command to “infinity” is the right answer.
same source as above:
IP pim spt-threshold [vrf vrf-name] spt-threshold {kbps | infinity} [group-list access-list] To configure when a Protocol Independent Multicast (PIM) leaf router should join the shortest path source tree for the specified group infinity Causes all sources for the specified group to use the shared tree.
http://www.cisco.com/en/US/docs/ios/12_2/ipmulti/command/reference/1rfmult2.html#wp10201

QUESTION 88
In Layer 2 topologies, spanning-tree failures can cause loops in the network. These unblocked
loops can cause network failures because of excessive traffic. Which two Catalyst 6500 features
can be used to limit excessive traffic during spanning-tree loop conditions? (Choose two.)

A.    loop guard
B.    storm control
C.    storm suppression
D.    broadcast suppression
E.    BPDU guard

Answer: BD
Explanation:
Traffic Storm Control
A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. The traffic storm control feature prevents LAN ports from being disrupted by a broadcast, multicast, or unicast traffic storm on physical interfaces. Traffic storm control (also called traffic suppression) monitors incoming traffic levels over a 1-second traffic storm control interval and, during the interval, compares the traffic level with the traffic storm control level that you configure. The traffic storm control level is a percentage of the total available bandwidth of the port. Each port has a single traffic storm control level that is used for all types of traffic (broadcast, multicast, and unicast).
Traffic storm control monitors the level of each traffic type for which you enable traffic storm control in 1-second traffic storm control intervals. Within an interval, when the ingress traffic for which traffic storm control is enabled reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the traffic storm control interval ends.
Broadcast suppression Broadcast suppression prevents the switched ports on a LAN from being disrupted by a broadcast storm on one of the ports. A LAN broadcast storm occurs when the broadcast or multicast packets flood the LAN, creating excessive traffic and degrading the network performance. Errors in the protocol-stack implementation or in the network configuration can cause a broadcast storm.
Broadcast suppression uses filtering that measures the broadcast activity on a LAN over a time period (15264 nsec to ~1 sec) that varies based on the type of line card and speed setting on the port, and compares the measurement with a predefined threshold. If the threshold is reached, further broadcast activity is suppressed for the duration of a specified time period. Broadcast suppression is disabled by default.
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/gui de/storm.html\
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/bcasts up.html

QUESTION 89
Why does RSTP have a better convergence time than 802.1D?

A.    it is newer
B.    it has smaller timers
C.    it has less overhead
D.    it is not timer-based

Answer: D
Explanation:
RSTP identifies certain links as point to point. When a point-to-point link fails, the alternate link can transition to the forwarding state.
Although STP provides basic loop prevention functionality, it does not provide fast network convergence when there are topology changes. STP’s process to determine network state transitions is slower than RSTP’s because it is timer-based. A device must reinitialize every time a topology change occurs. The device must start in the listening state and transition to the learning state and eventually to a forwarding or blocking state.
When default values are used for the maximum age (20 seconds) and forward delay (15 seconds), it takes 50 seconds for the device to converge. RSTP converges faster because it uses a handshake mechanism based on point-to-point links instead of the timer-based process used by STP. An RSTP domain running switch has the following components:
A root port, which is the “best path” to the root device. A designated port, indicating that the switch is the designated bridge for the other switch connecting to this port.
An alternate port, which provides an alternate root port. A backup port, which provides an alternate designated port. Port assignments change through messages exchanged throughout the domain. An RSTP device generates configuration messages once every hello time interval. If an RSTP device does not receive a configuration message from its neighbor after an interval of three hello times, it determines it has lost connection with that neighbor. When a root port or a designated port fails on a device, the device generates a configuration message with the proposal bit set. Once its neighbor device receives this message, it verifies that this configuration message is better than the one saved for that port and then it starts a synchronizing operation to ensure that all of its ports are in sync with the new information.
Similar waves of proposal agreement handshake messages propagate toward the leaves of the network, restoring the connectivity very quickly after a topology change (in a well-designed network that uses RSTP, network convergence can take as little as 0.5 seconds). If a device does not receive an agreement to a proposal message it has sent, it returns to the original IEEE 802.D convention. RSTP was originally defined in the IEEE 802.1w draft specification and later incorporated into the IEEE 802.1D-2004 specification.

QUESTION 90
Under which two circumstances would an RSTP bridge flush its CAM table? (Choose two.)

A.    upon a port state change
B.    upon receiving a topology change notification
C.    when transitioning from discarding to forwarding
D.    when transitioning from forwarding to discarding
E.    only when changing from listening to discarding
F.    when CAM resources have been completely used up

Answer: BC
Explanation:
First, the goal of RSTP is fast re-convergence. Since ports are assumed to transition to forwarding relatively fast, simply increasing MAC address aging speed is not enough. Thus, when a topology change is detected, RSTP instructs the bridge to flush all MAC address table entries. With Ethernet, this process results in unconstrained flooding until the moment MAC addresses are re-learned. The bridge detecting a topology change sets the TC (Topology Change) bit in all outgoing BPDUs and starts sending BPDUs with the TC bit set upstream through the root port as well. This marking lasts for TCWhile=2xHelloTime seconds and allows the detecting bridge the start the flooding process.

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

2014 Latest Cisco 350-001 Dump Free Download(71-80)!

QUESTION 71
Which two of these are differences between traffic policing and traffic shaping? (Choose two.)

A.    with traffic shaping, a router stores excess traffic in packet buffers until bandwidth is available again
B.    with policing you can tune the buffer usage for traffic exceeding the specified CIR
C.    with shaping you can tune the buffer usage for traffic exceeding the specified CIR
D.    shaping should only be applied for ingress traffic, policing only for egress
E.    policing uses a token bucket algorithm, shaping uses an SPD algorithm

Answer: AC

QUESTION 72
Which of these is a valid differentiated services PHB?

A.    Guaranteed PHB
B.    Class-Selector PHB
C.    Reserved Forwarding PHB
D.    Discard Eligible PHB
E.    Priority PHB

Answer: B
Explanation:
http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfdfsrv_ps1835_TSD_Produ cts_Configuration_Guide_Chapter.html#wp998695

QUESTION 73
An expanding company is deploying leased lines between its main site and two remote sites. The
bandwidth of the leased lines is 128kb/s each, terminated on different serial interfaces on the main router. These links are used for combined VOIP and data traffic. The network administrator has
implemented a VOIP solution to reduce costs, and has therefore reserved sufficient bandwidth in a low latency queue on each interface for the VOIP traffic. Users now complain about bad voice
quality although no drops are observed in the low latency queue.
What action will likely fix this problem?

A.    mark VOIP traffic with IP precedence 6 and configure only ‘fair-queue’ on the links
B.    configure the scheduler allocate 3000 1000 command to allow the QoS code to have enough CPU
cycles
C.    enable class-based traffic shaping on the VoIP traffic class
D.    enable Layer 2 fragmentation and interleaving on the links
E.    enable Frame Relay on the links and send voice and data on different Frame Relay PVCs

Answer: D
Explanation:
http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcflfi.html#wp1000892

QUESTION 74
You are the network administrator of an enterprise with a main site and multiple remote sites. Your network carries both VOIP and data traffic. You agree with your service provider to classify VOIP and data traffic according to the different service RFCs. How can your data and VOIP traffic be marked?

A.    data marked with DSCP AF21, VOIP marked with DSCP EF
B.    data marked with DSCP AF51, VOIP marked with DSCP EF
C.    data marked with the DE-bit, VOIP marked with the CLP-bit
D.    data marked with DSCP EF, VOIP marked with DSCP AF31
E.    data marked with IP precedence 5, VOIP marked with DSCP EF

Answer: A

QUESTION 75
All of these are fundamental building blocks of a differentiated services Traffic Conditioner Block except which one?

A.    dropper
B.    classifier
C.    marker
D.    querier
E.    meter
F.    shaper

Answer: D

QUESTION 76
Which types of prefixes will a router running BGP most likely advertise to an IBGP peer, assuming it is not configured as a route reflector?

A.    prefixes received from any other BGP peer and prefixes locally originated via network statements or
redistributed
B.    all prefixes in its routing table
C.    prefixes received from EBGP peers and prefixes locally originated via network statements or
redistributed
D.    prefixes received from EBGP peers and prefixes received from route reflectors
E.    prefixes received from other IBGP peers, prefixes received from EBGP peers, and prefixes
redistributed to BGP
F.    prefixes received from other IBGP peers and prefixes received from route reflectors

Answer: C
Explanation:
If your autonomous system will be passing traffic through it from another autonomous system to a third autonomous system, it is very important that your autonomous system be consistent about the routes that it advertises. For example, if your BGP were to advertise a route before all routers in your network had learned about the route through your IGP, your autonomous system could receive traffic that some routers cannot yet route. To prevent this from happening, BGP must wait until the IGP has propagated routing information across your autonomous system. This causes BGP to be synchronized with the IGP. Synchronization is enabled by default.

QUESTION 77
You have two EBGP peers connected via two parallel serial lines. What should you do to be able
to load-balance between two EBGP speakers over the parallel serial lines in both directions?

A.    nothing, BGP automatically load-balances the traffic between different autonomous systems on all
available links
B.    peer between the eBGP speaker’s loopbacks, configuring eBGP multihop as required, and use an
IGP to load-share between the two equal-cost paths between the loopback addresses
C.    configure a loopback as update source for both EBGP peers and have on each AS an IGP to
introduce two equal-cost paths to reach the EBGP peer loopback address; it is also necessary to
use the next-hop-self command
D.    use the ebgp-load-balance command on the neighbor statement on both sides
E.    configure a loopback as update source for both EBGP peers and have on each AS an IGP to
introduce two equal-cost paths to reach the peer loopback address; it is also necessary to use the
ebgp-multihop and next-hop-self commands

Answer: E
Explanation:
http://wiki.nil.com/Load_balancing_with_parallel_EBGP_sessions http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.
shtml#ebgpmulithoploadbal

QUESTION 78
Which three of these statements about penultimate hop popping are true? (Choose three.)

A.    It is used only for directly connected subnets or aggregate routes.
B.    It can only be used with LDP.
C.    It is only used when two or more labels are stacked.
D.    It enables the Edge LSR to request a label pop operation from its upstream neighbors.
E.    It is requested through TDP using a special label value that is also called the implicit-null value.
F.    It is requested through LDP using a special label value that is also called the implicit-null value.

Answer: DEF
Explanation:
In order to implement penultimate hop popping, the edge LSR requests a label pop operation from its upstream neighbor via LDP or TDP using a special implicit-null label. This label has a value of 3 for LDP and 1 for TDP.

QUESTION 79
Which of these best identifies the types of prefixes a router running BGP will advertise to an EBGP peer?

A.    prefixes received from any other BGP peer and prefixes locally originated via network statements
or redistributed to BGP
B.    all prefixes in its IP routing table
C.    only prefixes received from EBGP peers and prefixes locally originated via network statements or
redistributed
D.    only prefixes received from EBGP peers and prefixes received from route reflectors
E.    all prefixes in its routing table except the prefixes received from other EBGP peers
F.    all prefixes in its routing table except the prefixes received from other IBGP peers

Answer: A
Explanation:
eBGP peers will advertise all known eBGP routes to all other eBGP peers. iBGP peers will only advertise their own internal routes to other iBGP peers. A BGP speaking router will never advertise another iBGP peer’s routes to any other iBGP peer.

QUESTION 80
Which standard supports multiple instances of spanning tree?

A.    802.1D
B.    802.1s
C.    802.1w
D.    802.1z

Answer: B
Explanation:
Multiple Spanning Tree Protocol (MSTP) was first specified in IEEE 802.1s and is standardized in IEEE 802.1Q. MSTP enables multiple VLANs to be mapped to the same spanning-tree instance, reducing the number of spanning-tree instances needed to support a large number of VLANs. MSTP provides multiple forwarding paths for data traffic and enables load balancing. It improves the fault tolerance of the network because a failure in one instance, or forwarding path, does not affect other instances

If you want to pass the Cisco 350-001 Exam sucessfully, recommend to read latest Cisco 350-001 Dump full version.

clip_image001

1 561 562 563 564 565 614