Q1. What results to connect 2 VSS routers on 10G card over Supervisor engine ports?

A. It will cause loop

B. Design lacks of hardware diversity

Answer: B

Q2. IP multicast packets when designing IPSec VPN?

A. IPSec forwarding using tunnel mode

B. Encapsulation of trafic with GRE or VTI

C. Additional bandwidth for headend

D. IPSec forwarding using transport mode

Answer: B

Q3. When you configure a multichassis setup with VSS, which link must be configured to extend the backplane between the two switches?





Answer: D

Q4. A network engineer must use an Internet connection to provide backup connectivity between two sites. The backup connection must be encrypted and support multicast. Which technology must be used?

A. GRE over IPsec


C. IPsec direct encapsulation


Answer: A

Q5. Which ASA to action with Web traffic to treat both HTTP and HTTPS for local internet proxy?

A. Redirect traffic HTTP & HTTPS to WSA using wccp

B. Send traffic for inspection to CWS

C. Send traffic to a different port for http & https monitoring to WSA using L2TP.

D. Use IPS module in ASA for inspection

Answer: A

Q6. A company have single ASA hardware box and they need to separate company departments in way that they can apply different rules on them, ACL, NAT, and so on... Which mode is needed?

A. routed mode

B. transparent mode

C. multiple context mode

D. active failover mode

Answer: C

Q7. Which protocol does VPLS use to tunnel layer 2 ethernet frames?


B. L2TPv3

C. L2TPv1


Answer: A

Q8. When a site has Internet connectivity with two different ISPu2019s, which two strategies are recommended to avoid becoming a BGP transit site? (Choose two.)

A. accept all inbound routes from ISPs

B. advertise all routes to both ISPs.

C. filter routes inbound from the ISPs.

D. filter routes outbound to the ISPs.

E. use a single service provider.

Answer: A,D

Q9. NAC: Simple access control at user and device contextual level. Which features are needed ? (Choose Two)

A. secure access control

B. TrustSec


D. NAC agent

Answer: C,D

Q10. Seven sites are connected via OTV, what is the best practice to connect more than tree

sites using OTV?

A. Filter MAC address at the join interface

B. Use multicast-enabled transport

C. Use Unicast-only transport

D. Configure one edge device for each data center

Answer: B

