Q171. By default, how does a GET VPN group member router handle traffic when it is unable to register to a key server? 

A. All traffic is queued until registration is successful or the queue is full. 

B. All traffic is forwarded through the router unencrypted. 

C. All traffic is forwarded through the router encrypted. 

D. All traffic through the router is dropped. 

Answer:

Explanation: 

In the basic GETVPN configuration, the traffic passing through group members will be sent in clear until it registers with the Key Server. This is because the crypto ACL is configured on the KS and GM will get that information only after the registration is successful. This means for a short period of time the traffic can go out unencrypted after a GM is booted up or the existing GETVPN session is cleared manually. This mode is called “fail open” and it is the default behavior. This behavior can be turned off by configuring “Fail Close” mode on the GMs. 

Reference: http://www.cisco.com/c/en/us/products/collateral/security/group-encrypted-transport-vpn/deployment_guide_c07_554713.html 


Q172. MPLS LDP IGP synchronization is configured on a link. The OSPF adjacency on that link is UP but MPLS LDP synchronization is not achieved. Which statement about this scenario is true? 

A. The router excludes the link from its OSPF LSA type 1. 

B. The router flushes its own router LSA. 

C. The router advertises the link in its router LSA with max-metric. 

D. The router advertises an LSA type 2 for this link, with the metric set to max-metric. 

E. The router advertises the link and OSPF adjacency as it would when the synchronization is achieved. 

Answer:

Explanation: 

To enable LDP-IGP Synchronization on each interface that belongs to an OSPF or IS-IS process, enter the mpls ldp sync command. If you do not want some of the interfaces to have LDP-IGP Synchronization enabled, issue the no mpls ldp igp sync command on those interfaces. If the LDP peer is reachable, the IGP waits indefinitely (by default) for synchronization to be achieved. To limit the length of time the IGP session must wait, enter the mpls ldp igp sync holddown command. If the LDP peer is not reachable, the IGP establishes the adjacency to enable the LDP session to be established. When an IGP adjacency is established on a link but LDP-IGP Synchronization is not yet achieved or is lost, the IGP advertises the max-metric on that link. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/fsldpsyn.html 


Q173. DRAG DROP 

Drag and drop the method for refreshing BGP prefixes on the left to the corresponding description on the right. 

Answer: 


Q174. Which statement about traffic management when PIM snooping is enabled is true? 

A. Traffic is restricted to host ports. 

B. All multicast traffic is flooded to the designated router. 

C. Join message are flooded to all routers. 

D. Designated routers receive traffic only from groups through which a join message is received. 

Answer:


Q175. Which three events can cause a control plane to become overwhelmed? (Choose three.) 

A. a worm attack 

B. processing a stream of jumbo packets 

C. a microburst 

D. a configuration error 

E. a reconvergence failure 

F. a device-generated FTP session 

Answer: A,D,E 


Q176. DRAG DROP 

Drag and drop the OSPF network type on the left to the correct traffic type category on the right. 

Answer: 


Q177. Which statement describes the BGP add-path feature? 

A. It allows for installing multiple IBGP and EBGP routes in the routing table. 

B. It allows a network engineer to override the selected BGP path with an additional path created in the config. 

C. It allows BGP to provide backup paths to the routing table for quicker convergence. 

D. It allows multiple paths for the same prefix to be advertised. 

Answer:

Explanation: 

BGP routers and route reflectors (RRs) propagate only their best path over their sessions. The advertisement of a prefix replaces the previous announcement of that prefix (this behavior is known as an implicit withdraw). The implicit withdraw can achieve better scaling, but at the cost of path diversity. Path hiding can prevent efficient use of BGP multipath, prevent hitless planned maintenance, and can lead to MED oscillations and suboptimal hot-potato routing. Upon nexthop failures, path hiding also inhibits fast and local recovery because the network has to wait for BGP control plane convergence to restore traffic. The BGP Additional Paths feature provides a generic way of offering path diversity; the Best External or Best Internal features offer path diversity only in limited scenarios. The BGP Additional Paths feature provides a way for multiple paths for the same prefix to be advertised without the new paths implicitly replacing the previous paths. Thus, path diversity is achieved instead of path hiding. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/irg-additional-paths.html 


Q178. Which three features require Cisco Express Forwarding? (Choose three.) 

A. NBAR 

B. AutoQoS 

C. fragmentation 

D. MPLS 

E. UplinkFast 

F. BackboneFast 

Answer: A,B,D 

Explanation: 

QoS Features That Require CEF 

These class-based QoS features are supported only on routers that run CEF. 

.Network Based Application Recognition (NBAR) provides intelligent network classification. For more information, refer to Network Based Application Recognition. 

. The AutoQoS -VoIP feature simplifies and speeds up the implementation and provisioning of QoS for VoIP traffic. This feature is enabled with the help of the auto qos voip command. CEF must be enabled at the interface or ATM PVC before the auto qos command can be used. For more information about this feature and its prerequisites, refer to AutoQoS -VoIP. 

From MPLS Fundamentals - Luc De Ghein 

Why Is CEF Needed in MPLS Networks? 

Concerning MPLS, CEF is special for a certain reason; otherwise, this book would not explicitly cover it. Labeled packets that enter the router are switched according to the label forwarding information base (LFIB) on the router. IP packets that enter the router are switched according to the CEF table on the router. Regardless of whether the packet is switched according to the LFIB or the CEF table, the outgoing packet can be a labeled packet or an IP packet 

Reference: http://www.cisco.com/c/en/us/support/docs/asynchronous-transfer-mode-atm/ip-to-atm-class-of-service/4800-cefreq.html 


Q179. DRAG DROP 

Drag and drop the events on the left to dispaly the correct sequence on the right when CoPP is enabled. 

Answer: 


Q180. What is the destination MAC address of a BPDU frame? 

A. 01-80-C2-00-00-00 

B. 01-00-5E-00-00-00 

C. FF-FF-FF-FF-FF-FF 

D. 01-80-C6-00-00-01 

Answer:

Explanation: 

The root-bridge election process begins by having every switch in the domain believe it is the root and claiming it throughout the network by means of Bridge Protocol Data Units (BPDU). BPDUs are Layer 2 frames multicast to a well-known MAC address in case of IEEE STP (01-80-C2-00-00-00) or vendor-assigned addresses, in other cases. 

Reference: http://www.ciscopress.com/articles/article.asp?p=1016582