Q351. Refer to the exhibit.
Which configuration is missing that would enable SSH access on a router that is running Cisco IOS XE Software?
A. int Gig0/0/0
management-interface
B. class-map ssh-class
match access-group protect-ssh
policy-map control-plane-in
class ssh-class
police 80000 conform transmit exceed drop
control-plane
service-policy input control-plane-in
C. control-plane host
management-interface GigabitEthernet0/0/0 allow ssh
D. interface Gig0/0/0
ip access-group protect-ssh in
Answer: C
Explanation:
The feature Management Plane Protection (MPP) allows an administrator to restrict on which interfaces management traffic can be received by a device. This allows the administrator additional control over a device and how the device is accessed. This example shows how to enable the MPP in order to only allow SSH and HTTPS on the GigabitEthernet0/1 interface:
!
control-plane host
management-interface GigabitEthernet 0/1 allow ssh https
!
Reference: http://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html
Q352. Which statement about a P router in a Layer 3 MPLS VPN is true?
A. It is unaware of VPN routes.
B. It connects to customer edge routers.
C. It participates in MPLS VPN routing.
D. It uses the running IGP to share VPN routes.
Answer: A
Q353. Refer to the exhibit.
Which two commands are required on R3 in order for MPLS to function? (Choose two.)
A. mpls ip
B. ip cef
C. mpls label protocol tdp
D. mpls ip propagate-ttl
Answer: A,B
Q354. External EIGRP route exchange on routers R1 and R2 was failing because the routers had duplicate router IDs. You changed the eigrp router-id command on R1, but the problem persists. Which additional action must you take to enable the routers to exchange routes?
A. Change the corresponding loopback address.
B. Change the router ID on R2.
C. Reset the EIGRP neighbor relationship.
D. Clear the EIGRP process.
Answer: D
Q355. DRAG DROP
Drag and drop each DHCP term on the left to the corresponding definition on the right.
Answer:
Q356. What are the two requirements for BGP to install a classful network into the BGP routing table? (Choose two)
A. The AS contains the entire classfull network.
B. A classful network statement with a lower administrative distance is in the routing table.
C. Auto-summary is enabled.
D. A classful network statement with a classful mask is in the routing table.
E. Synchronization is enabled.
F. Synchronization is disabled.
Answer: C,D
Q357. Which statement describes the purpose of the Payload Type field in the RTP header?
A. It identifies the signaling protocol.
B. It identifies the codec.
C. It identifies the port numbers for RTP.
D. It identifies the port numbers for RTCP.
Answer: B
Explanation:
PT, Payload Type. 7 bits: Identifies the format of the RTP payload and determines its interpretation by the application. A profile specifies a default static mapping of payload type codes to payload formats. Additional payload type codes may be defined dynamically through non-RTP means. An RTP sender emits a single RTP payload type at any given time; this field is not intended for multiplexing separate media streams. A full list of codecs and their payload type values can be found at the link below:
Reference: http://www.networksorcery.com/enp/protocol/rtp.htm
Q358. Which two fields reside in the initial CHAP challenge packet? (Choose two.)
A. the authentication name of the challenger
B. a random hash value generated by the device
C. the hashed packet type ID
D. the packet type ID in clear text
Answer: A,D
Explanation:
When a caller A dials in to an access server B, The Access server sends across the link an initial Type 1 authentication packet called a Challenge. This Challenge packet contains a randomly generated number, an ID sequence number to identify the challenge (sent in clear text) and the authentication name of the challenger.
Reference: http://www.rhyshaden.com/ppp.htm
Q359. Which three statements about GLBP are true? (Choose three.)
A. It uses a virtual MAC address that starts with 0007.b4.
B. It elects a single active virtual gateway to appoint and manage multiple active virtual forwarders.
C. It allows the configured virtual IP address to be used on a physical interface as well.
D. It uses a virtual MAC address that starts with 0070.4b.
E. It elects multiple active virtual gateways to appoint and manage a single active virtual forwarder.
F. Preemption is enabled for the configured active virtual gateway by default.
Answer: A,B,C
Explanation:
The virtual MAC address in GLBP is 0007.b400.xxyy where xx is the GLBP group number and yy is the different number of each gateway (01, 02, 03…). One of the routers in a GLBP group is elected as an AVG – Active Virtual Gateway. There is only one active AVG in a group, and its task is to respond to ARP requests sent to the virtual gateway IP address replying different virtual MAC addresses in response packets. GLBP allows the configured virtual IP address to be used on a physical interface. By default, the GLBP gateway preemptive scheme is disabled. A backup virtual gateway can become the AVG only if the current AVG fails, regardless of the priorities assigned to the virtual gateways.
Q360. Which three capabilities are provided by MLD snooping? (Choose three.)
A. dynamic port learning
B. IPv6 multicast router discovery
C. user-configured ports age out automatically
D. a 5-minute aging timer
E. flooding control packets to the egress VLAN
F. a 60-second aging timer
Answer: A,B,D
Explanation:
Like IGMP snooping, MLD snooping performs multicast router discovery, with these characteristics:
. Ports configured by a user never age out.
. Dynamic port learning results from MLDv1 snooping queries and IPv6 PIMv2 packets.
. If there are multiple routers on the same Layer 2 interface, MLD snooping tracks a single multicast router on the port (the router that most recently sent a router control packet).
. Dynamic multicast router port aging is based on a default timer of 5 minutes; the multicast router is deleted from the router port list if no control packet is received on the port for 5 minutes.
. IPv6 multicast router discovery only takes place when MLD snooping is enabled on the switch.
Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_55_se/configuration/guide/scg3750/swv6mld.pdf