CCNP ENARSI PART 7

What TCP port is used by LDP to provide for reliable transport connections?. A. 646. B. 648. C. 752. D. 712.

Which of the following are control plane protocols used within a service provider MPLS network? (Choose two.). A. OAM. B. RSVP. C. Targeted LDP. D. SNMP. E. LDP.

In a typical MPLS VPN, which routers act as the MPLS label imposition and disposition points in the network?. A. CE Router. B. P router. C. PE Router. D. Core router.

In an MPLS network, which of the following describes the role of the Provider (P) router?. A. To connect to customer edge (CE) devices. B. To connect to PE routers and act as transit routers. C. To impose MPLS labels. D. To filter VPN routes in the core.

The MPLS LDP autoconfiguration feature allows you to enable LDP on every interface that is associated with an IGP instance. Which of the following Interior Gateway Protocols support this? (Choose two.). A. OSPF. B. IS-IS. C. BGP. D. RIP. E. EIGRP.

In an MPLS VPN network, how are customer routes controlled and distributed?. A. Through the use of GRE tunnels. B. Customer routes are redistributed into the IGP that the service provider is using. C. Customer routes are redistributed into BGP within the service provider. D. It is distributed through the use of route targets.

At which layer of the OSI model is an MPLS label imposed?. A. Layer 2. B. Layer 3. C. Between layers 2 and 3. D. Between layers 3 and 4.

Which of the following are valid IPv6 Router Advertisement (RA) Guard modes? (Choose two.). A. Guard mode. B. Host mode. C. Router mode. D. Open mode. E. Closed mode.

Which of the following statements are true regarding the e IPv6 RA Guard feature?. A. This feature is support on LAG bundles interfaces. B. This feature is supported on private VLANs. C. Packets dropped by the IPv6 RA Guard feature cannot be spanned. D. This feature offers protection in networks where IPv6 traffic is tunneled.

Unicast Reverse Path Forwarding (uRPF) has been configured on a service provider network to protect itself from spoofed based attacks. Which of the following are valid uRPF modes? (Choose two.). A. Strict mode. B. Open mode. C. Closed mode. D. Block mode. E. Loose mode.

Which of the following are commonly used ports when implementing RADIUS based authentication and accounting? (Choose two.). A. UDP port 1644 for authentication. B. UDP port 1812 for authentication. C. TCP port 1812 for authentication. D. UDP port 1813 for accounting. E. TCP port 1813 for accounting. F. UDP port 1644 for accounting.

Which of the following are valid restrictions when configuring Control Plane Policing (CoPP) on Cisco devices? (Choose two.). A. You cannot use the “log” keyword with CoPP on the access list entries. B. CEF must be disabled. C. The only match types supported with CoPP is ip precedence, ip dscp, and access-group. D. Only standard access-lists are supported.

Which of the following are used to validate the source of IPv6 traffic and are considered IPv6 layer 2 snooping features? (Choose two.). A. DHCPv6 Guard. B. DHCPv6 Root Guard. C. IPv6 Source Guard. D. IPv6 Prefix Guard.

You want to implement AAA on router R1 for a more robust authentication and authorization system. What is typically the first global command used to do this?. A. aaa new-model. B. aaa enable. C. aaa server-group. D. aaa authentication login.

A time based access list has been configured on R1 to allow SSH access to the device only on weekdays. Which of the following are valid options when using the time range command? (Choose two.). A. relative. B. recurring. C. absolute. D. periodic.

First-Hop Security (FHS) is a set of features to optimize IPv6 link operation, and help with scale in large L2 domains. Which of the following are valid First-Hop Security features supported by Cisco? (Choose three.). A. IPv6 RA Guard. B. IPv6 Source Guard. C. DHCPv6 Guard. D. IPv6 Snooping. E. DHCPv6 Snooping.

What are the four stages of obtaining an IP address from a DHCP server that corresponds to the acronym DORA?. A. Discover, Offer, Release, Addressing. B. Discover, Obtain, Request, Acknowledge. C. Determine, Offer, Release, Acknowledge. D. Discover, Offer, Request, Acknowledge.

SNMPv2 has been used throughout a network to manage all of the network devices. You have been asked to migrate to an SNMPv3 solution instead. What is the biggest advantage to migrating from SNMPv2 to SNMPv3?. A. Enhanced security, including encryption of passwords. B. Enhanced performance, supporting more messages per minute. C. Enhanced scaling, supporting thousands more devices per network segment than SNMPv2. D. Using a push model instead of pull. SNMPv3 uses telemetry to push data to SNMP management stations in real time.

You are configuring Netflow on various network elements in order to gain visibility into the traffic types used. How many export destinations can this Network data be sent to?. A. Up to 2. B. Up to 4. C. Up to 8. D. There is no limitation on the number of flow data export destinations.

A Cisco router has just been configured for NTP and is synchronized with the configured NTP server. However, log messages still show an incorrect time. What else should be done to match the log messages time stamps with the NTP based time?. A. Wait a bit longer for the synchronized time to get applied to new log messages. B. Configure the “service timestamps log datetime localtime” command in global mode. C. Configure the “service timestamps log datetime synchronize” command globally. D. Configure the “service timestamps log ntp” command in global config mode.

There is an issue between two nodes within your network, and you are using Cisco DNA Center Path Trace to help troubleshoot the problem. Which of the following statements are true regarding the Path Trace tool?. A. Overlapping IP addresses are supported. B. Path trace between a fabric client and a non-fabric client is supported. C. Path trace between a wired client and a wireless client is supported. D. Only TCP traffic is supported.

Which of the following are valid DHCP options that DHCP servers can be configured to use with DHCP clients when offering a lease? (Choose two.). A. DHCP Option 1: subnet mask. B. DHCP Option 3: Lease Duration. C. DHCP Option 4: Client host name. D. DHCP Option 6: DNS servers.

Which feature of the Cisco DNA Center allows you to run diagnostic CLI commands to the devices that are managed by DNA Center for troubleshooting purposes?. A. Command Runner. B. DNA Spaces. C. DNA Advantage. D. Intelligent Capture.

You want to change the Administrative Distance of external EIGRP routes from the default of 170 to 130 instead on router R1 while leaving the default AD value for internal EIGRP routes. Which set of command will accomplish this?. A. R1(config)#router eigrp - R1(config-router)#distance 170 -. B. R1(config)#router eigrp 1 - R1(config-router)#distance eigrp 90 130. C. R1(config)#router eigrp 1 - R1(config-router)#distance eigrp 130 90. D. R1(config)#router eigrp 1 - R1(config-router)#distance 90 130.

Which of the following are valid TFTP error codes? (Choose two.). A. Error Code 1 – File not found. B. Error Code 2 – Unknown error. C. Error code 3 – Invalid user. D. Error code 6 – File already exists. E. Error code 8 – Undefined error.

What are the two prerequisites of setting up DMVPN tunnel? (Choose two.). A. Before a multipoint GRE (mGRE) and IPsec tunnel can be established, define an Internet Key Exchange (IKE) policy by using the crypto isakmp policy command. B. The Public IP’s of the routers should be able to ping each other. C. To enable 2547oDMPVN - Traffic Segmentation Within DMVPN configure multiprotocol label switching (MPLS) by using the mpls ip command. D. It is mandatory to use wildcard preshared keys to build the DMVPN tunnel. E. DMVPN can work on all OEM devices that support IKE.

Refer to the exhibit. An administrator is setting up above shown routers to enable MVPN with mGRE mode. What would be the recommended interface configuration that must be done by the engineer to make it to work?. A. interface Tunnel0 description mGRE - DMVPN Tunnel ip address 10.0.0.1 255.255.255.0 ip nhrp map multicast dynamic ip nhrp network-id 1 tunnel source 10.0.0.1 tunnel mode IPSec multipoint. B. interface Tunnel0 description mGRE - DMVPN Tunnel ip address 10.0.0.1 255.255.255.0 ip nhrp map multicast dynamic ip nhrp network-id 1 tunnel source 10.0.0.1 tunnel mode gre multipoint. C. interface Tunnel0 description mGRE - DMVPN Tunnel ip address 10.0.0.1 255.255.255.0 ip nhrp network-id 1 tunnel source 172.17.0.1 tunnel mode IPsec multipoint. D. interface Tunnel0 description mGRE - DMVPN Tunnel ip address 10.0.0.1 255.255.255.0 ip nhrp map multicast dynamic ip nhrp network-id 1 tunnel source 10.0.0.1 tunnel destination 172.17.0.2 tunnel mode IPsec multipoint.

Select three benefits of setting up a MPLS Network from the below options. (Choose three.). A. Connection less Service. B. Security as good as connection-oriented VPNs. C. Provides IPS level intelligence to filter packets. D. Integrated QoS support. E. All variations of Static routes are supported.

Refer to the Exhibit. The access-lists are configured on the network device. There is a server behind the network device. User are trying to access the server securely however they are not able to access it. What changes would you recommend to the above configuration?. A. Permit tcp port 465. B. Permit tcp port 3389. C. Permit tcp port 443. D. Permit tcp any any.

Which of the following is true regarding IPsec Pre-fragmentation (Look-Ahead Fragmentation)? (Choose two.). A. Operates in tunnel mode only. B. Operates in transport mode only. C. Is used to help in the overall IPsec throughput since the end host is able to avoid packet reassembly after packet decryption. D. Is not dependent on the MTU of the physical interface used for IPsec. E. Does not support Path MTU Discovery.