CCNP ENARSI PART 7

What TCP port is used by LDP to provide for reliable transport connections?. A. 646. B. 648. C. 752. D. 712.

Which of the following are control plane protocols used within a service provider MPLS network? (Choose two.). A. OAM. B. RSVP. C. Targeted LDP. D. SNMP. E. LDP.

In a typical MPLS VPN, which routers act as the MPLS label imposition and disposition points in the network?. A. CE Router. B. P router. C. PE Router. D. Core router.

In an MPLS network, which of the following describes the role of the Provider (P) router?. A. To connect to customer edge (CE) devices. B. To connect to PE routers and act as transit routers. C. To impose MPLS labels. D. To filter VPN routes in the core.

The MPLS LDP autoconfiguration feature allows you to enable LDP on every interface that is associated with an IGP instance. Which of the following Interior Gateway Protocols support this? (Choose two.). A. OSPF. B. IS-IS. C. BGP. D. RIP. E. EIGRP.

In an MPLS VPN network, how are customer routes controlled and distributed?. A. Through the use of GRE tunnels. B. Customer routes are redistributed into the IGP that the service provider is using. C. Customer routes are redistributed into BGP within the service provider. D. It is distributed through the use of route targets.

At which layer of the OSI model is an MPLS label imposed?. A. Layer 2. B. Layer 3. C. Between layers 2 and 3. D. Between layers 3 and 4.

Which of the following are valid IPv6 Router Advertisement (RA) Guard modes? (Choose two.). A. Guard mode. B. Host mode. C. Router mode. D. Open mode. E. Closed mode.

Which of the following statements are true regarding the e IPv6 RA Guard feature?. A. This feature is support on LAG bundles interfaces. B. This feature is supported on private VLANs. C. Packets dropped by the IPv6 RA Guard feature cannot be spanned. D. This feature offers protection in networks where IPv6 traffic is tunneled.

Unicast Reverse Path Forwarding (uRPF) has been configured on a service provider network to protect itself from spoofed based attacks. Which of the following are valid uRPF modes? (Choose two.). A. Strict mode. B. Open mode. C. Closed mode. D. Block mode. E. Loose mode.

Which of the following are commonly used ports when implementing RADIUS based authentication and accounting? (Choose two.). A. UDP port 1644 for authentication. B. UDP port 1812 for authentication. C. TCP port 1812 for authentication. D. UDP port 1813 for accounting. E. TCP port 1813 for accounting. F. UDP port 1644 for accounting.

Which of the following are valid restrictions when configuring Control Plane Policing (CoPP) on Cisco devices? (Choose two.). A. You cannot use the “log” keyword with CoPP on the access list entries. B. CEF must be disabled. C. The only match types supported with CoPP is ip precedence, ip dscp, and access-group. D. Only standard access-lists are supported.

Which of the following are used to validate the source of IPv6 traffic and are considered IPv6 layer 2 snooping features? (Choose two.). A. DHCPv6 Guard. B. DHCPv6 Root Guard. C. IPv6 Source Guard. D. IPv6 Prefix Guard.

You want to implement AAA on router R1 for a more robust authentication and authorization system. What is typically the first global command used to do this?. A. aaa new-model. B. aaa enable. C. aaa server-group. D. aaa authentication login.

A time based access list has been configured on R1 to allow SSH access to the device only on weekdays. Which of the following are valid options when using the time range command? (Choose two.). A. relative. B. recurring. C. absolute. D. periodic.

First-Hop Security (FHS) is a set of features to optimize IPv6 link operation, and help with scale in large L2 domains. Which of the following are valid First-Hop Security features supported by Cisco? (Choose three.). A. IPv6 RA Guard. B. IPv6 Source Guard. C. DHCPv6 Guard. D. IPv6 Snooping. E. DHCPv6 Snooping.

What are the four stages of obtaining an IP address from a DHCP server that corresponds to the acronym DORA?. A. Discover, Offer, Release, Addressing. B. Discover, Obtain, Request, Acknowledge. C. Determine, Offer, Release, Acknowledge. D. Discover, Offer, Request, Acknowledge.

SNMPv2 has been used throughout a network to manage all of the network devices. You have been asked to migrate to an SNMPv3 solution instead. What is the biggest advantage to migrating from SNMPv2 to SNMPv3?. A. Enhanced security, including encryption of passwords. B. Enhanced performance, supporting more messages per minute. C. Enhanced scaling, supporting thousands more devices per network segment than SNMPv2. D. Using a push model instead of pull. SNMPv3 uses telemetry to push data to SNMP management stations in real time.

You are configuring Netflow on various network elements in order to gain visibility into the traffic types used. How many export destinations can this Network data be sent to?. A. Up to 2. B. Up to 4. C. Up to 8. D. There is no limitation on the number of flow data export destinations.

A Cisco router has just been configured for NTP and is synchronized with the configured NTP server. However, log messages still show an incorrect time. What else should be done to match the log messages time stamps with the NTP based time?. A. Wait a bit longer for the synchronized time to get applied to new log messages. B. Configure the “service timestamps log datetime localtime” command in global mode. C. Configure the “service timestamps log datetime synchronize” command globally. D. Configure the “service timestamps log ntp” command in global config mode.

There is an issue between two nodes within your network, and you are using Cisco DNA Center Path Trace to help troubleshoot the problem. Which of the following statements are true regarding the Path Trace tool?. A. Overlapping IP addresses are supported. B. Path trace between a fabric client and a non-fabric client is supported. C. Path trace between a wired client and a wireless client is supported. D. Only TCP traffic is supported.

Which of the following are valid DHCP options that DHCP servers can be configured to use with DHCP clients when offering a lease? (Choose two.). A. DHCP Option 1: subnet mask. B. DHCP Option 3: Lease Duration. C. DHCP Option 4: Client host name. D. DHCP Option 6: DNS servers.

Which feature of the Cisco DNA Center allows you to run diagnostic CLI commands to the devices that are managed by DNA Center for troubleshooting purposes?. A. Command Runner. B. DNA Spaces. C. DNA Advantage. D. Intelligent Capture.

You want to change the Administrative Distance of external EIGRP routes from the default of 170 to 130 instead on router R1 while leaving the default AD value for internal EIGRP routes. Which set of command will accomplish this?. A. R1(config)#router eigrp - R1(config-router)#distance 170 -. B. R1(config)#router eigrp 1 - R1(config-router)#distance eigrp 90 130. C. R1(config)#router eigrp 1 - R1(config-router)#distance eigrp 130 90. D. R1(config)#router eigrp 1 - R1(config-router)#distance 90 130.

Which of the following are valid TFTP error codes? (Choose two.). A. Error Code 1 – File not found. B. Error Code 2 – Unknown error. C. Error code 3 – Invalid user. D. Error code 6 – File already exists. E. Error code 8 – Undefined error.

What are the two prerequisites of setting up DMVPN tunnel? (Choose two.). A. Before a multipoint GRE (mGRE) and IPsec tunnel can be established, define an Internet Key Exchange (IKE) policy by using the crypto isakmp policy command. B. The Public IP’s of the routers should be able to ping each other. C. To enable 2547oDMPVN - Traffic Segmentation Within DMVPN configure multiprotocol label switching (MPLS) by using the mpls ip command. D. It is mandatory to use wildcard preshared keys to build the DMVPN tunnel. E. DMVPN can work on all OEM devices that support IKE.

Refer to the exhibit. An administrator is setting up above shown routers to enable MVPN with mGRE mode. What would be the recommended interface configuration that must be done by the engineer to make it to work?. A. interface Tunnel0 description mGRE - DMVPN Tunnel ip address 10.0.0.1 255.255.255.0 ip nhrp map multicast dynamic ip nhrp network-id 1 tunnel source 10.0.0.1 tunnel mode IPSec multipoint. B. interface Tunnel0 description mGRE - DMVPN Tunnel ip address 10.0.0.1 255.255.255.0 ip nhrp map multicast dynamic ip nhrp network-id 1 tunnel source 10.0.0.1 tunnel mode gre multipoint. C. interface Tunnel0 description mGRE - DMVPN Tunnel ip address 10.0.0.1 255.255.255.0 ip nhrp network-id 1 tunnel source 172.17.0.1 tunnel mode IPsec multipoint. D. interface Tunnel0 description mGRE - DMVPN Tunnel ip address 10.0.0.1 255.255.255.0 ip nhrp map multicast dynamic ip nhrp network-id 1 tunnel source 10.0.0.1 tunnel destination 172.17.0.2 tunnel mode IPsec multipoint.

Select three benefits of setting up a MPLS Network from the below options. (Choose three.). A. Connection less Service. B. Security as good as connection-oriented VPNs. C. Provides IPS level intelligence to filter packets. D. Integrated QoS support. E. All variations of Static routes are supported.

Refer to the Exhibit. The access-lists are configured on the network device. There is a server behind the network device. User are trying to access the server securely however they are not able to access it. What changes would you recommend to the above configuration?. A. Permit tcp port 465. B. Permit tcp port 3389. C. Permit tcp port 443. D. Permit tcp any any.

Which of the following is true regarding IPsec Pre-fragmentation (Look-Ahead Fragmentation)? (Choose two.). A. Operates in tunnel mode only. B. Operates in transport mode only. C. Is used to help in the overall IPsec throughput since the end host is able to avoid packet reassembly after packet decryption. D. Is not dependent on the MTU of the physical interface used for IPsec. E. Does not support Path MTU Discovery.

Which of the following correctly describes the concept of split horizon with IP routing? (Choose two.). A. Split horizon is a valid routing loop prevention mechanism. B. Split horizon is used to filter customer routes in an ISP network. C. When enabled, split horizons informs the router to not advertise routes back out the same interface from where that route was originally received. D. Split horizons cannot be disabled on WAN interfaces. E. Split horizon is not applicable to EIGRP networks.

Arrange the below as per the recommended steps: Copy the IOS image in the file system. Save the configuration & Reload the router. Download the Cisco IOS image to the TFTP Server. Verify the configuration register & boot variable.

A network administrator is reloading a router and during the bootup, he is getting the error message “%Error opening tftp://255.255.255.255/network-confg (Socket error)”. What command need to be applied on Cisco Router to fix this issue. A. No service config. B. Write erase reload. C. Reload noconfirm. D. Copy run start.

DRAG DROP - The steps for configuring BGP on Cisco IOS Router: Identify the BGP Neighbor's IP address and Autonomous System Number. Identify the BGP neighbor's IP address and autonomous system number with the BGP router configuration command neighbor ip-address remote-as as-number. Activate the address-family for the BGP neighbor with the BGP address-family configuration command neighbor ip-address activate. Create the BGP Routing Process. Initialize the BGP process with the global command router bgp as-number. Initialize the address-family with the BGP router configuration command address-family afi safi.

What is the term used when it causes the packets to lose their MPLS labels including the VPN in-formation that lies in the inner MPLS Label i.e. if a packet goes through an untagged interface, the VPN information is lost and VPN sites lose connectivity?. A. Pseudowire. B. Black Hole. C. Traffic Engineering. D. Active Network Abstraction.

An administrator wants to implement security on his company’s router. Please select three options that you will use on your router to secure it. (Choose three.). A. Control Access to the router. B. Restrict all traffic through the router. C. Restrict SNMP. D. Enable all unused services. E. Encrypt all passwords. F. Disable logging.

An administrator is setting up a DMVPN tunnel between their offices and he is getting below output when he is running the command “show crypto isakmp sa”: What command will you run to identify the issue?. A. Debug ip icmp. B. Debug crypto isakmp. C. Debug crypto ipsec sa. D. Debug ssh.

A company is looking to implement VPN between their Head Quarter and over 100+ Branch Offices. They are looking for a solution that: 1. Reduces deployment complexity 2. Simplifies branch communications 3. Offers branch to branch connectivity. 4. Is cost effective 5. Offers strong encryption Select the best option from the below options that you would recommend to implement. A. MPLS. B. IPSEC. C. DMVPN. D. GRE.

You have a DNA center deployed in your environment. Which feature of the DNA Center will you use for system-guided as well as self-guided troubleshooting. A. Assurance. B. Automation. C. Zero Trust. D. Discovery.

DRAG DROP - You are logged in to the DNA Center Client Health Dashboard. Under the client health, you see some color-coded fields that reflects the health status of the client devices. Drag the health scores on the left to their respective colors in the right. Health score is 0. Health score is 4 to 7. Health score is 1 to 3. Health score is 8 to 10.

Out of the below options regarding DMVPN & FLEXVPN, select the correct one. A. FlexVPN uses a new key management protocol – IKEv2, while most traditional DMVPN networks use IKEv1. B. FlexVPN uses a new key management protocol – IKEv1, while most traditional DMVPN networks use IKEv2. C. With FlexVPN there’s multiple standard way of NHRP and routing protocols operations as opposed to 1 phase of DMVPN. D. Flex VPN & DMVPN both are supported only on Firewalls.

Refer to the exhibit. A network engineer is provisioning end-to-end traffic service for two different enterprise networks with these requirements: • The OSPF process must differ between customers on HQ and Branch office routers, and adjacencies should come up instantly. • The enterprise networks are connected with overtapping networks between HQ and a Branch office. Which configuration meets the requirements for a customer site?. A. ISP(config-if)#int f1/0 - ISP(config-if)#ip vrf forwarding EA ISP(config-if)#description TO->EA2_Branch ISP(config-if)#ip add 172.16.200.2 255.255.255.0 ISP(config-if)#no shut -. B. ISP(config-vrf)#int f0/0 - ISP(config-if)#ip vrf forwarding EB ISP(config-if)#description TO->EB1_Branch ISP(config-if)#ip add 172.16.100.2 255.255.255.0 ISP(config-if)#no shut -. C. ISP(config)#int f2/0 - ISP(config-if)#ip vrf forwarding EA ISP(config-if)#description TO->EA1_HQ ISP(config-if)#ip address 172.16.100.2 255.255.255.0 ISP(config-if)#no shut -. D. ISP(config-if)#int f3/0 - ISP(config-if)#ip vrf forwarding EA ISP(config-if)#description TO->EA2_Branch ISP(config-if)#ip address 172.16.200.2 255.255.255.0 ISP(config-if)#no shut.

Refer to the exhibit. A company is evaluating multiple network management system tools. Trending graphs generated by SNMP data are returned by the NMS and appear to have multiple gaps. While troubleshooting the issue, an engineer noticed the relevant output. Which action resolves the gaps in the graphs?. A. Remove the class map NMS from being part of control plane policing. B. Configure the CIR rate to a lower value that accommodates all the NMS tools. C. Remove the exceed-rate command in the class map. D. Separate the NMS class map in multiple class maps based on the specific protocols with appropriate CoPP actions.

Refer to the exhibit. The network engineer configured the summarization of the RIP routes into the OSPF domain on R5 but still sees four different 172.16.0.0/24 networks on R4. Which action resolves the issue?. A. R5(config)#router ospf 99 - R5(config-router)#network 172.16.0.0 0.255.255.255 area 56 R5(config-router)#area 56 range 172.16.0.0 255.255.255.0. B. R5(config)#router ospf 1 - R5(config-router)#no area - R5(config-router)#summary-address 172.16.0.0 255.255.252.0. C. R4(config)#router ospf 1 - R4(config-router)#no area - R4(config-router)#summary-address 172.16.0.0 255.255.252.0. D. R4(config)#router ospf 99 - R4(config-router)#network 172.16.0.0 0.255.255.255 area 56 R4(config-router)#area 56 range 172.16.0.0 255.255.255.0.

What is the minimum time gap required by the local system before putting a BFD control packet on the wire?. A. Desired Min TX Interval. B. Detect Mult. C. Required Min RX Interval. D. Required Min Echo RX Interval.

What must be configured by the network engineer to circumvent AS_PATH loop prevention mechanism in IP/VPN Hub and Spoke deployment scenarios?. A. Use allowas-in at the PE_Hub. B. Use allowas-in and as-override at all PEs. C. Use allowas-in and as-override at the PE_Hub. D. Use as-override at the PE_Hub.

Refer to the exhibit. Which action makes 10.1.3.2 the feasible successor to reach 10.200.1.0/24 for location S42T431E64F51?. A. Increase path bandwidth higher than 10.1.1.2 and lower than 10.1.2.2 between RtrA and the destination. B. Increase path bandwidth lower than 10.1.1.2 and lower than 10.1.2.2 between RtrA and the destination. C. Increase path bandwidth higher than 10.1.2.2 and lower than 10.1.1.2 between RtrA and the destination. D. Increase path bandwidth higher than 10.1.2.2 and higher than 10.1.1.2 between RtrA and the destination.

Refer to the exhibit A junior engineer updated a branch router configuration. Immediately after the change, the engineer receives calls from the help desk that branch personnel cannot reach any network destinations. Which configuration restores service and continues to block 10.1.1.100/32?. A. route-map FILTER-IN deny 5. B. ip prefix-list 102 seq 15 permit 0.0.0.0/32 le 32. C. route-map FILTER-IN permit 20. D. ip prefix-list 102 seq 5 permit 0.0.0.0/32 le 32.

What does the MP-BGP OPEN message contain?. A. the version number and the AS number to which the router belongs. B. IP routing information and the AS number to which the router belongs. C. NLRI, path attributes, and IP addresses of the sending and receiving routers. D. MPLS labels and the IP address of the router that receives the message.

Refer to the exhibit. An engineer applies a prefix-list filter that filters most of the network 10 prefixes instead of allowing them. Which action resolves the issue?. A. Modify the ip prefix-list EIGRP seq 20 permit 10.0.0.0/8 ge 9 command. B. Modify the ip prefix-list EIGRP seq 10 permit 10.0.0.0/8 le 9 command. C. Modify the ip prefix-list EIGRP seq 20 permit 0.0.0.0/0 le 32 command. D. Modify the ip prefix-list EIGRP seq 10 permit 10.0.0.0/8 le 32 command.