Cisco (350-401-ENCOR) Exam Questions And Answers page 71
An engineer creates the configuration below. Drag and drop the authentication methods from the left into the order of priority on the right. Not all options are used.
R1#sh run | i aaa
aaa new-model
aaa authentication login default group ACE group AAA_RADIUS local-case
aaa session-id common
R1#
R1#sh run | i aaa
aaa new-model
aaa authentication login default group ACE group AAA_RADIUS local-case
aaa session-id common
R1#
Virtualization
Security
Refer to the exhibit.
An engineer must block all traffic from a router to its directly connected subnet 209.165.200.0/24. The engineer applies access control list EGRESS in the outbound direction on the GigabitEthernet0/0 interface of the router. However, the router can still ping hosts on the 209.165.200.0/24 subnet.
Which explanation of this behavior is true?
An engineer must block all traffic from a router to its directly connected subnet 209.165.200.0/24. The engineer applies access control list EGRESS in the outbound direction on the GigabitEthernet0/0 interface of the router. However, the router can still ping hosts on the 209.165.200.0/24 subnet.
Which explanation of this behavior is true?
After an access control list is applied to an interface, that interface must be shut and no shut for the access control list to take effect.
Only standard access control lists can block traffic from a source IP address.
The access control list must contain an explicit deny to block traffic from the router.
Virtualization
Infrastructure
An engineer is configuring a new SSID to present users with a splash page for authentication. Which WLAN Layer 3 setting must be configured to provide this functionality?
Local Policy
WPA2 Policy
CCKM
Web Policy
Network Assurance
Security
Which commands enable RSTP? (Select 2 choices.)
Multiple Choice
Which of the following commands can you issue to enable RSTP? (Select 2 choices.)
spanning-tree mode mst
spanning-tree mode pvst
spanning-tree mode rapid-pvst
no spanning-tree mode
Infrastructure
Network Assurance
Why is Tunnel 0 disabled after configuring a GRE tunnel?
Single Choice
The following system log message is presented after a network administrator configures a GRE tunnel:
%TUN-RECURDOWN Interface Tunnel 0 temporarily disabled due to recursive routing
Why is Tunnel 0 disabled?
%TUN-RECURDOWN Interface Tunnel 0 temporarily disabled due to recursive routing
Why is Tunnel 0 disabled?
Because dynamic routing is not enabled.
Because the tunnel cannot reach its tunnel destination.
Because the best path to the tunnel destination is through the tunnel itself.
Because the router cannot recursively identify its egress forwarding interface.
Infrastructure
Network Assurance
What are two facts about traffic policing that apply to QoS?
Multiple Choice
An engineer is describing QoS to a client.
Which two facts apply to traffic policing? (Choose two.)
Which two facts apply to traffic policing? (Choose two.)
Policing should be performed as close to the source as possible.
Policing adapts to network congestion by queuing excess traffic.
Policing should be performed as close to the destination as possible.
Policing drops traffic that exceeds the defined rate.
Policing typically delays the traffic, rather than drops it.
Infrastructure
Network Assurance
You administer the network shown in the diagram. You want to configure a 6to4 tunnel between RouterA and RouterB. You issue the show runningconfig command on RouterA and receive the following partial output:
interface FastEthernet 0/0
ip address 192.168.1.1 255.255.255.0
Which of the following command sets should you issue on RouterA? (Select the best answer.)
interface FastEthernet 0/0
ip address 192.168.1.1 255.255.255.0
Which of the following command sets should you issue on RouterA? (Select the best answer.)
RouterA(config)#interface tunnel 0RouterA(configif)#ip address 192.168.1.1
RouterA(configif)#tunnel source FastEthernet 0/0
RouterA(configif)#tunnel mode ipv6ip 6to4
RouterA(configif)#tunnel source FastEthernet 0/0
RouterA(configif)#tunnel mode ipv6ip 6to4
RouterA(config)#interface tunnel 0RouterA(configif)#ip address 192.168.1.1
RouterA(configif)#tunnel source 2002:C0A8:0101::1/64
RouterA(configif)#tunnel mode 6to4
RouterA(configif)#tunnel source 2002:C0A8:0101::1/64
RouterA(configif)#tunnel mode 6to4
RouterA(config)#interface tunnel 0
RouterA(configif)#ipv6 address 2002:C0A8:0101::1/64
RouterA(configif)#tunnel source FastEthernet 0/0
RouterA(configif)#tunnel mode ipv6ip 6to4
RouterA(configif)#exit
RouterA(config)#ipv6 route 2002::/16 tunnel 0
RouterA(configif)#ipv6 address 2002:C0A8:0101::1/64
RouterA(configif)#tunnel source FastEthernet 0/0
RouterA(configif)#tunnel mode ipv6ip 6to4
RouterA(configif)#exit
RouterA(config)#ipv6 route 2002::/16 tunnel 0
RouterA(config)#interface tunnel 0
RouterA(configif)#ipv6 address 2002:C0A8:0101::1/64
RouterA(configif)#tunnel mode 6to4
RouterA(configif)#exit
RouterA(config)#ipv6 route 2002::/16 tunnel 0
RouterA(configif)#ipv6 address 2002:C0A8:0101::1/64
RouterA(configif)#tunnel mode 6to4
RouterA(configif)#exit
RouterA(config)#ipv6 route 2002::/16 tunnel 0
Network Assurance
Security
Refer to the exhibit.
MTU has been configured on the underlying physical topology, and no MTU command has been configured on the tunnel interfaces.
What happens when a 1500-byte IPv4 packet traverses the GRE tunnel from host X to host Y, assuming the DF bit is cleared?
MTU has been configured on the underlying physical topology, and no MTU command has been configured on the tunnel interfaces.
What happens when a 1500-byte IPv4 packet traverses the GRE tunnel from host X to host Y, assuming the DF bit is cleared?
The packet is discarded on router B
The packet arrives on router C without fragmentation
The packet arrives on router C fragmented
The packet is discarded on router A
Virtualization
Network Assurance
Which two network problems indicate a need to implement QoS in a campus network? (Choose two.)
port flapping
excess jitter
misrouted network packets
duplicate IP addresses
bandwidth-related packet loss
Network Assurance
Security
What EIGRP feature is not supported in OSPF?
Single Choice
Which feature of EIGRP is not supported in OSPF?
load balancing of unequal-cost paths
load balance over four equal-cost paths
uses interface bandwidth to determine best path
per-packet load balancing over multiple paths
Network Assurance
Security
Comments