Cisco (300-410-ENARSI) Exam Questions And Answers page 13
IPv6 is enabled in the infrastructure to support customers with an IPv6 network over WAN and to connect the head office to branch offices in the local network. One of the customers is already running IPv6 and wants to enable IPv6 over the DMVPN network infrastructure between the headend and branch sites.
Which configuration command must be applied to establish an mGRE IPv6 tunnel neighborship?
Which configuration command must be applied to establish an mGRE IPv6 tunnel neighborship?
tunnel mode gre multipoint ipv6
ipv6 unicast-routing
tunnel protection mode ipv6
Layer 3 Technologies
VPN Technologies
OSPF area border routers (ABRs) advertise a default route to stub and totally stubby areas.
Which command is the BEST command to configure a cost of 25 for the default route advertised to area 1?
Which command is the BEST command to configure a cost of 25 for the default route advertised to area 1?
Router(config-router)# area 1 cost 25
Router(config-router)# area 1 default 25
Router(config-router)# area 1 default-cost 25
Router(config-router)# area 1 default-route-cost 25
Layer 3 Technologies
Infrastructure Services
R1 and R2 are configured as eBGP neighbors. R1 is in AS100 and R2 is in AS200. R2 is advertising these networks to R1:
172.16.16.0/20
172.16.3.0/24
172.16.4.0/24
192.168.1.0/24
192.168.2.0/24
172.16.0.0/16
The network administrator on R1 must improve convergence by blocking all subnets of 172.16.0.0/16 major network with a mask lower than 23 from coming in.
Which set of configurations accomplishes the task on R1?
172.16.16.0/20
172.16.3.0/24
172.16.4.0/24
192.168.1.0/24
192.168.2.0/24
172.16.0.0/16
The network administrator on R1 must improve convergence by blocking all subnets of 172.16.0.0/16 major network with a mask lower than 23 from coming in.
Which set of configurations accomplishes the task on R1?
ip prefix-list PL-1 deny 172.16.0.0/16 ge 23
ip prefix-list PL-1 permit 0.0.0.0/0 le 32
!
router bgp 100
neighbor 192.168.100.2 remote-as 200
neighbor 192.168.100.2 prefix-list PL-1 in
ip prefix-list PL-1 permit 0.0.0.0/0 le 32
!
router bgp 100
neighbor 192.168.100.2 remote-as 200
neighbor 192.168.100.2 prefix-list PL-1 in
ip prefix-list PL-1 deny 172.16.0.0/16 le 23
ip prefix-list PL-1 permit 0.0.0.0/0 le 32
!
router bgp 100
neighbor 192.168.100.2 remote-as 200
neighbor 192.168.100.2 prefix-list PL-1 in
ip prefix-list PL-1 permit 0.0.0.0/0 le 32
!
router bgp 100
neighbor 192.168.100.2 remote-as 200
neighbor 192.168.100.2 prefix-list PL-1 in
ip prefix-list PL-1 deny 172.16.0.0/16
ip prefix-list PL-1 permit 0.0.0.0/0
!
router bgp 100
neighbor 192.168.100.2 remote-as 200
neighbor 192.168.100.2 prefix-list PL-1 in
ip prefix-list PL-1 permit 0.0.0.0/0
!
router bgp 100
neighbor 192.168.100.2 remote-as 200
neighbor 192.168.100.2 prefix-list PL-1 in
access-list 1 deny 172.16.0.0 0.0.254.255
access-list 1 permit any
!
router bgp 100
neighbor 192.168.100.2 remote-as 200
neighbor 192.168.100.2 distribute-list 1 in
access-list 1 permit any
!
router bgp 100
neighbor 192.168.100.2 remote-as 200
neighbor 192.168.100.2 distribute-list 1 in
Layer 3 Technologies
Infrastructure Security and Services
R2 has a locally originated prefix 192.168.130.0/24 and has these configurations:
What is the result when the route-map OUT command is applied toward an eBGP neighbor R1 (1.1.1.1) by using the neighbor 1.1.1.1 route-map OUT out command?
What is the result when the route-map OUT command is applied toward an eBGP neighbor R1 (1.1.1.1) by using the neighbor 1.1.1.1 route-map OUT out command?
R1 sees 192.168.130.0/24 as two AS hops away instead of one AS hop away.
R1 does not accept any routes other than 192.168.130.0/24
R1 does not forward traffic that is destined for 192.168.30.0/24
Network 192.168.130.0/24 is not allowed in the R1 table
Layer 3 Technologies
Infrastructure Security and Services
Refer to the exhibit. After applying IPsec, the engineer observed that the DMVPN tunnel went down, and both spoke-to-spoke and hub were not establishing.
Which two actions resolve the issue? (Choose two.)
Which two actions resolve the issue? (Choose two.)
Change the mode from mode tunnel to mode transport on R3.
Remove the crypto isakmp key cisco address 10.1.1.1 on R2 and R3.
Configure the crypto isakmp key cisco address 192.1.1.1 on R2 and R3.
Configure the crypto isakmp key cisco address 0.0.0.0 on R2 and R3.
Change the mode from mode transport to mode tunnel on R2.
Layer 3 Technologies
VPN Technologies
Refer to the exhibit. An administrator noticed that after a change was made on R1, the timestamps on the system logs did not match the clock.
What is the reason for this error?
What is the reason for this error?
An authentication error with the NTP server results in an incorrect timestamp.
The keyword localtime is not defined on the timestamp service command.
The NTP server is in a different time zone.
The system clock is set incorrectly to summer-time hours.
Infrastructure Security and Services
Infrastructure Services
Refer to the exhibit. An engineer configures a static route on a router, but when the engineer checks the route to the destination, a different next hop is chosen.
What is the reason for this?
What is the reason for this?
Dynamic routing protocols always have priority over static routes.
The metric of the OSPF route is lower than the metric of the static route.
The configured AD for the static route is higher than the AD of OSPF.
The syntax of the static route is not valid, so the route is not considered.
Layer 3 Technologies
Infrastructure Security and Services
Refer to the exhibit. An engineer has configured policy-based routing and applied the configuration to the correct interface. How is the configuration applied to the traffic that matches the access list?
It is forwarded using the routing table lookup.
It is sent to 209.165.202.129.
It is dropped.
It is sent to 209.165.202.131.
Layer 3 Technologies
Infrastructure Security and Services
Refer to the exhibit. An engineer is trying to block the route to 192.168.2.2 from the routing table by using the configuration that is shown. The route is still present in the routing table as an OSPF route.
Which action blocks the route?
Which action blocks the route?
Use an extended access list instead of a standard access list.
Change sequence 10 in the route-map command from permit to deny.
Use a prefix list instead of an access list in the route map.
Add this statement to the route map: route-map RM-OSPF-DL deny 20.
Layer 3 Technologies
Infrastructure Security and Services
Refer to the exhibit. An engineer is trying to configure local authentication on the console line, but the device is trying to authenticate using TACACS+.
Which action produces the desired configuration?
Which action produces the desired configuration?
Add the aaa authentication login default none command to the global configuration.
Replace the capital C with a lowercase c in the aaa authentication login Console local command.
Add the aaa authentication login default group tacacs+ local-case command to the global configuration.
Add the login authentication Console command to the line configuration
Architecture
Infrastructure Security and Services
Comments