important Info: These new valid Cisco https://www.pass4itsure.com/642-811.html exam questions were updated in recent days by Cisco 642-811,please visit our website to get the full version of new Cisco 642-811 exam dumps with free version of new VCE Player, you can pass the exam easily by training it!

QUESTION 66
Examine the diagram. A network administrator has recently installed the above switched network using 3550s and would like to control the selection of the root bridge. Which switch should the administrator configure as the root bridge and which configuration command must the administrator enter to accomplish this?

A. DSW11(config)# spanning-tree vlan 1 priority 4096
B. DSW12(config)# set spanning-tree priority 4096
C. ASW13(config)# spanning-tree vlan 1 priority 4096
D. DSW11(config)# set spanning-tree priority 4096
E. DSW12(config)# spanning-tree vlan 1 priority 4096
F. ASW13(config)# set spanning-tree priority 4096

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 67
When IP multicast is enabled via PIM, which mode uses the flood and prune method?
A. PIM sparse-dense
B. Bidir-PIM
C. PIM-RP
D. PIM-DM
E. PIM-SM

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 68
Refer to the exhibit. What statement is true about the configuration on switch CAT1?

A. The configuration overrides 802.1p priorities on packets entering ports Fa0/11 and Fa0/12 with a value of 48.
B. The configuration establishes policed DSCP on ports Fa0/11 and Fa0/12 with values ranging from 8 to
56.
C. The configuration overrides the Quality of Service value in packets entering ports Fa0/11 and Fa0/12 with a value of 45.
D. Two IP phones with the MAC addresses of 0008.8595.d1a7 and 0007.8595.d2b7 are connected to CAT1 ports Fa0/11 and Fa0/12, respectively.
E. Security violation shutdown mode has been activated for ports Fa0/11 and Fa0/12.
F. Untagged Port VLAN ID (PVID) frames will carry voice traffic on VLAN 40.
Correct Answer: D Section: (none) Explanation

Explanation/Reference:
QUESTION 69
On a 3550 EMI switch, which three types of interfaces can be used to configure HSRP? (Choose three.)
A. loopback interface
B. SVI interface
C. routed port
D. access port
E. EtherChannel port channel
F. BVI interface

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 70
What are three possible router states of HSRP routers on a LAN? (Choose three.)
A. standby
B. established
C. active
D. idle
E. backup
F. init

Correct Answer: ACF Section: (none) Explanation
Explanation/Reference:
QUESTION 71
How does VTP pruning enhance network bandwidth?
A. by restricting unicast traffic to across VTP domains
B. by reducing unnecessary flooding of traffic to inactive VLANs
C. by limiting the spreading of VLAN information
D. by disabling periodic VTP updates

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 72
Based on the show spanning-tree vlan 200 output shown in the exhibit, which two statements about the STP process for VLAN 200 are true? (Choose two.)

A. BPDUs will be sent out every two seconds.
B. The time spent in the listening state will be 30 seconds.
C. The time spent in the learning state will be 15 seconds.
D. The maximum length of time that the BPDU information will be saved is 30 seconds.
E. This switch is the root bridge for VLAN 200.
F. BPDUs will be sent out every 10 seconds.

Correct Answer: BF Section: (none) Explanation
Explanation/Reference:
QUESTION 73
Refer to the exhibit. LACP has been configured on Switch1 as shown. Which is the correct command set to configure LACP on Switch2?

A. Switch2# configure terminalSwitch2(config)# interface range gigabitethernet3/1 -2Switch2(config-if)# channel-group 5 mode auto
B. Switch2# configure terminalSwitch2(config)# interface range gigabitethernet3/1 -2Switch2(config-if)# channel-group 5 mode passive
C. Switch2# configure terminalSwitch2(config)# interface range gigabitethernet3/1 -2Switch2(config-if)# channel-group 5 mode desirable
D. Switch2# configure terminalSwitch2(config)# interface range gigabitethernet3/1 -2Switch2(config-if)# channel-group 5 mode on

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 74
Which message type was added to IGMPv2?
A. heartbeat
B. join request
C. leave report
D. status report
E. membership report

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 75
Refer to the exhibit. On the basis of the partial configuration provided in the exhibit, what additional configuration is required to allow the router to properly participate in a PIM sparse-dense mode scenario?

A. The RP configuration needs to be added for the router to participate in dense mode network areas.
B. The RP configuration needs to be added for the router to participate in sparse mode network areas.
C. The PIM dense-mode state, refresh interval needs to be configured.
D. IGMP needs to be enabled on the router.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 76
What is the maximum Ethernet frame size on a trunk link configured using IEEE 802.1Q encapsulation?
A. 1496 Bytes
B. 1500 Bytes
C. 1518 Bytes
D. 1522 Bytes
E. 1548 Bytes

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 77
Which two statements are true about a switched virtual interface (SVI)? (Choose two.)
A. An SVI is created by entering the no switchport command in interface configuration mode.
B. An SVI is created for the default VLAN (VLAN1) to permit remote switch administration by default.
C. An SVI provides a default gateway for a VLAN.
D. Multiple SVIs can be associated with a VLAN.
E. SVI is another name for a routed port.

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 78
Refer to the exhibit. Switch 15 is configured as the root switch for VLAN 10 but not for VLAN 20. If the STP configuration is correct, what will be true about Switch 15?

A. All ports will be in forwarding mode.
B. All ports in VLAN 10 will be in forwarding mode.
C. All ports in VLAN 10 will be in forwarding mode and all ports in VLAN 20 will be in blocking mode.
D. All ports in VLAN 10 will be in forwarding mode and all ports in VLAN 20 will be in standby mode.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 79
About how long does it take for the port to change from blocking to forwarding when spanning-tree PortFast is enabled?
A. immediately
B. 15 seconds
C. 20 seconds
D. 30 seconds
E. 50 seconds

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 80
Refer to the exhibit. Which two commands would both produce the output in the exhibit? (Choose two.)

A. show standby
B. show standby group 10
C. show glbp 10
D. show glbp disabled
E. show glbp active
F. show glbp standby

Correct Answer: CE Section: (none) Explanation Explanation/Reference:
QUESTION 81
Which two statements are true concerning an Ethernet MAC address that maps to a Layer 3 multicast address? (Choose two.)
A. The first 3 bytes of the Ethernet multicast MAC address are 01:00:5E.
B. The last 3 bytes of the Ethernet multicast MAC address are 01:00:5E.
C. When assigning a Layer 3 multicast address, an Ethernet Layer 2 address is automatically generated from the hardcoded MAC address.
D. The multicast address copies the last 23 bits of the IP address into the last 23 bits of the Ethernet multicast MAC address.
E. The Ethernet multicast address assigns the last 24 bits of the MAC address to all Fs.
F. The Ethernet multicast address assigns the first 24 bits of the MAC address to all Fs.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 82
What does the following command accomplish? Switch(config-mst)#instance 10 vlan 11-12
A. enables a PVST+ instance of 10 for vlan 11 and vlan 12
B. enables vlan 11 and vlan 12 to be part of the MST region 10
C. maps vlan 11 and vlan 12 to the MST instance of 10
D. creates an Internal Spanning Tree (IST) instance of 10 for vlan 11 and vlan 12
E. creates a Common Spanning Tree (CST) instance of 10 for vlan 11 and vlan 12
F. starts two instances of MST, one instance for vlan 11 and another instance for vlan 12

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 83
Which two statements are true about Internet Group Management Protocol (IGMP) snooping? (Choose two.)
A. IGMP snooping and Cisco Group Membership Protocol (CGMP) can be used simultaneously on a switch.
B. IGMP snooping and Cisco Group Membership Protocol (CGMP) were developed to help Layer 3 switches make intelligent forwarding decisions on their own.
C. IGMP snooping examines IGMP join/leave messages so that multicast traffic is forwarded only to hosts that sent an IGMP message toward the router.
D. IGMP snooping is an IP multicast constraining mechanism for Layer 2 switches.
E. IGMP snooping is enabled with the ip multicast-routing global configuration command.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference: QUESTION 84
Which protocol inserts a four byte tag into the Ethernet frame and recalculates CRC value?
A. VTP
B. 802.1Q
C. DTP
D. ISL

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 85
Which three statements are true of the Port Aggregation Protocol (PAgP)? (Choose three.)
A. PAgP is a standards-based protocol defined in IEEE 802.3ad.
B. PAgP is used to connect to non-Cisco devices.
C. PAgP packets are sent with the command channel-group 1 mode desirable.
D. PAgP does not require the STP costs to be the same in order to form an EtherChannel.
E. An Etherchannel link will form if one end of the channel is configured as active and the other end as passive mode.
F. An Etherchannel link will form if one end of the channel is configured as auto and the other end as desirable mode.

Correct Answer: CDF Section: (none) Explanation
Explanation/Reference:
QUESTION 86
When authentication is required, where must 802.1x be configured in order to connect a PC to a switch?
A. client PC only
B. switch port only
C. switch port and client PC
D. switch port and local router port

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 87
Assuming that VLAN 1 and VLAN 2 traffic is enabled on the above network, what effect will the following command have when entered on port 0/2 on Switch Aspanning-tree vlan 1 port-priority 16

A. VLAN 1 traffic will be blocked on Switch B port 1/1.
B. VLAN 2 traffic will be blocked on Switch B port 1/1.
C. VLAN 2 traffic will be blocked on Switch A port 0/2.
D. VLANs 1 and 2 will be blocked on Switch A port 0/1.
E. VLANs 1 and 2 will be blocked on Switch A port 0/2.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 88
LAB
Refer to question 13.

Router name and IP address may be different.
e
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Answer: Check certifyme eEngine, Download from Member Center
QUESTION 89
What is the cause of jitter?
A. variable queue delays
B. packet drops
C. transmitting too many small packets
D. compression

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 90
Refer to the exhibit. The command switchport mode access is issued on interface FastEthernet0/13 on switch CAT1. What will be the result?

e A. The command will be rejected by the switch.
B. Interfaces FastEthernet0/13 and FastEthernet0/14 will no longer be bundled.
C. Dynamic Trunking Protocol will be turned off on interfaces FastEthernet0/13 and FastEthernet0/14.
D. Interfaces FastEthernet0/13 and FastEthernet0/14 will only allow traffic from the native VLAN.
E. Interfaces FastEthernet0/13 and FastEthernet0/14 will continue to pass traffic for VLANs 88,100,360.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 91
Refer to the exhibit. The show port-security interface fa0/1 command was issued on switch SW1. Given the output that was generated, which two security statement are true? (Choose two.)

A. Interface FastEthernet 0/1 was configured with the switchport port-security aging command.
B. Interface FastEthernet 0/1 was configured with the switchport port-security protect command.
C. Interface FastEthernet 0/1 was configured with the switchport port-security violation restrict command.
D. When the number of secure IP addresses reaches 10, the interface will immediately shut down.
E. When the number of secure MAC addresses reaches 10, the interface will immediately shut down and an SNMP trap notification will be sent.

Correct Answer: BE Section: (none) Explanation Explanation/Reference:
QUESTION 92
Which three statements are true about the Internet Group Management Protocol (IGMP)? (Choose three.)
A. IGMP is a multicast routing protocol that makes packet-forwarding decisions independent of other routing protocols such as EIGRP.
B. IGMP is used to register individual hosts with a multicast group.
C. IGMP messages are IP datagrams with a protocol value of 2, destination address of 224.0.0.2, and a TTL value of 1.
D. IGMP snooping runs on Layer 3 routers.
E. IGMP version 3 enables a multicast receiving host to specify to the router which sources it should forward traffic from.
F. There are three IGMP modes: dense mode, sparse mode, and sparse-dense mode.

Correct Answer: BCE Section: (none) Explanation
Explanation/Reference:
QUESTION 93
Observe the above diagram. Spanning tree is enabled on all devices. Currently either Switch B or C can serve as the root should Switch A fail. A client recently connected Device D, a PC running switching application software, to Switch C port P3/3. The administrator would like to configure Root Guard to ensure that Device D does not assume the role of root. All other parameters must stay the same. On which interface(s) must Root Guard be enabled?

A. P1/2
B. P2/2
C. P3/3
D. P1/1 and P1/2
E. P1/2 and P2/2
F. P1/2, P2/2 and P3/3

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 94
Refer to the exhibit. Given the partial output, which statement is true?

A. The console port will require authentication through TACACS+.
B. The console port will not require any authentication.
C. Users logging in through the network ports will have authentication verified through TACACS+.
D. PPP authentication will be authenticated through the TACACS+ server first.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 95
A network administrator assigns a multicast address of 239.255.8.5 to an application running on a device with an Ethernet MAC address of 01.b2.7d.05.f1.80. Which Layer 2 multicast address will this device use?
A. 01.00.5e.7F.08.05
B. 01.b2.7d.05.f1.80
C. 01.b2.7d.0a.08.05
D. 01.00.5e.05.f1.80
E. ff.ff.ff.ff.ff.ff

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 96
Which statement is true if the spanning tree enhancement Root Guard is enabled?
A. If BPDUs are not received on a nondesignated port, the port is moved into the STP loop-inconsistent blocked state.
B. If BPDUs are received on a PortFast enabled port, the port is disabled.
C. If superior BPDUs are received on a designated port, the interface is placed into the root-inconsistent blocked state.
D. If inferior BPDUs are received on a root port, all blocked ports become alternate paths to the root bridge.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 97
The network operations center has received a call stating that users in VLAN 107 are unable to access resources through Router 1. From the information contained in the graphic, what is the cause of this problem?
A. VLAN 107 does not exist on switch A.
B. VTP is pruning VLAN 107
C. VLAN 107 is not configured on the trunk
D. spanning tree is not enabled on VLAN 107

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 98
Refer to the exhibit. The GigabitEthernet 0/1 interfaces of Switch1 and Switch2 have been properly configured to support trunking. On the basis of the VTP configuration commands that have been issued on Switch1, which command set is required to properly configure VTP on Switch2?

A. Switch2# conf t Switch2(config)# vtp mode serverSwitch2(config)# version 2Switch2(config)# vtp domain eng_groupSwitch2(config)# vtp password switch1
B. Switch2# conf t Switch2(config)# vtp mode serverSwitch2(config)# vtp domain eng_groupSwitch2 (config)# vtp password switch1
C. Switch2# conf t Switch2(config)# vtp mode clientSwitch2(config)# version 2Switch2(config)# vtp domain eng_groupSwitch2(config)# vtp password switch2
D. Switch2# conf t Switch2(config)# vtp mode clientSwitch2(config)# version 2Switch2(config)# vtp domain eng_groupSwitch2(config)# vtp password switch1

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 99
Which type of IGMP message is sent when a network client wants to join a multicast group?
A. host membership query
B. host membership report
C. host membership status
D. host membership notification

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 100
Refer to the exhibit. A network engineer is trying to connect to the console port of Sw2. What authentication process will the switch go through?

A. Authentication will fail because SmartPort has not been enabled.
B. Authentication will fail because an IP address has not been specified for the SmartPort database.
C. The switch will contact the TACACS+ server. If the TACACS+ server is unreachable, the switch will use the local database.
D. The switch will attempt to authenticate using the enable secret password. If this fails, the switch will contact the TACACS+ server. If the TACACS+ server is unreachable, the switch will use the password goaway.
E. The switch will contact the SmartPort database. If the SmartPort database is unreachable, the switch will contact the TACACS+ server. If the TACACS+ server is unreachable, the switch will use the local database.
F. The switch will contact the SmartPort database. If the SmartPort database is unreachable, the switch will contact the TACACS+ server. If the TACACS+ server is unreachable, the switch will use the enable secret password.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 101
Which three conditions need to be present for UplinkFast to trigger a fast reconfiguration? (Choose three.)
A. The switch must have at least one unblocked port.
B. The switch must have UplinkFast enabled.
C. The switch must be configured for one VLAN.
D. The switch must have at least one blocked port.
E. The failure must be on the root port.
F. The switch must be enabled on a VLAN with switch priority configured.

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 102
Refer to the exhibit. Based on the configuration provided, how will the user be authenticated?

A. Authentication for all ports will be enforced according to the local database policy.
B. Authentication for all ports will be enforced according to the CON list.
C. The CON list will be used only if the default local authentication failed.
D. No authentication will be required for the console port.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 103
Which router redundancy protocol cannot be configured for interface tracking?
A. HSRP
B. GLBP
C. VRRP
D. SLB
E. RPR
F. RPR+

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 104
Refer to the exhibit. Based upon the output of show vlan on switch CAT2, what can we conclude about interfaces Fa0/13 and Fa0/14?

A. that interfaces Fa0/13 and Fa0/14 are in VLAN 1
B. that interfaces Fa0/13 and Fa0/14 are down
C. that interfaces Fa0/13 and Fa0/14 are trunk interfaces
D. that interfaces Fa0/13 and Fa0/14 have a domain mismatch with another switch
E. that interfaces Fa0/13 and Fa0/14 have a duplex mismatch with another switch

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 105
Which well-defined routing protocol would a network administrator configure on multicast routers when member routers are widely dispersed?
A. Distance Vector Multicast Routing Protocol (DVMRP)
B. Protocol Independent Multicast Dense Mode (PIM-DM)
C. Multicast Open Shortest Path First (MOSPF)
D. Protocol Independent Multicast Sparse Mode (PIM-SM)
E. Core-Based Trees (CBT)

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 106
What are three functional areas of the Enterprise Composite Network Model? (Choose three.)
A. Enterprise Campus
B. Enterprise Edge
C. Service Provider Edge
D. Building Access
E. Server Farm
F. Campus Backbone
Correct Answer: ABC Section: (none) Explanation

Explanation/Reference:
QUESTION 107
Refer to the exhibit. Why is the line protocol down on interface FastEthernet 0/13 on switch CAT1?

A. Switch CAT1 and switch CAT2 must use ISL encapsulation for these configurations to work.
B. The interfaces on switch CAT1 and switch CAT2 must be in access mode for these configurations to work.
C. Interface FastEthernet 0/13 on switch CAT1 and interface FastEthernet 0/13 on switch CAT2 are in different native VLANs.
D. Interface FastEthernet 0/13 on switch CAT1 and interface Port-channel1 on switch CAT1 are in different native VLANs.
E. Dynamic Trunking Protocol is turned off on interface FastEthernet 0/13 on switch CAT1.
F. Dynamic Trunking Protocol is turned off on interface FastEthernet 0/13 on switch CAT2.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 108
Refer to the exhibit. All switches must be part of a common MST region. On the basis of the information presented in the exhibit, which statement is true?
A. The configuration must be implemented on the MST root switch only.
B. The configuration is optional on the MST root switch.
C. The configuration is mandatory on all MST switches in the MST region.
D. The configuration is optional on all MST switches in the MST region.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 109
What does the Catalyst switch interface configuration command switchport trunk native vlan 7 accomplish?
A. configures the interface to be a trunking port and causes traffic on VLAN 7 to be 802.1q tagged
B. causes the interface to apply ISL framing for traffic on VLAN 7
C. configures the trunking interface to send traffic from VLAN 7 untagged
D. configures the trunking interface to forward traffic from VLAN 7

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 110
Which statement is true about the STP Path Cost on a particular port?
A. It is known only to the local switch where the port resides.
B. It can be modified to help determine Root Bridge selection.
C. Modifying it can cause TCN BPDU to be sent to the Root Bridge.
D. When increased, it can provide higher bandwidth to a connecting port.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 111
Which process plays a major role in the creation of the CEF adjacency table?
A. Address Resolution Protocol (ARP)
B. PDU header rewrite
C. NetFlow switching
D. hello packet exchange

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 112
Which VTP information does a Catalyst switch advertise on its trunk ports when using VTP? (Choose two.)
A. VTP mode
B. STP root status
C. negotiation status
D. management domain
E. configuration revision number

Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
QUESTION 113
Examine the router output above. Which two items are correct? (Choose two.)

A. Router A will assume the active state if its priority is the highest.
B. If Ethernet 0/2 goes down, the standby router will take over.
C. When Ethernet 0/3 of RouterA comes back up, the priority will become 105.
D. The local IP address of Router A is 10.1.0.6.
E. The local IP address of Router A is 10.1.0.20.

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
QUESTION 114
Refer to the exhibit. VLAN 1 and VLAN 2 are configured on the trunked links between Switch A and Switch
B. Port Fa 0/2 on Switch B is currently in a blocking state for both VLANs. What should be done to load balance VLAN traffic between Switch A and Switch B?

A. Lower the port priority for VLAN 1 on port 0/1 for Switch A.
B. Lower the port priority for VLAN 1 on port 0/2 for Switch A.
C. Make the bridge ID of Switch B lower than the ID of Switch A.
D. Enable HSRP on the access ports.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 115
What two pieces of information will the show vlan id 5 command display? (Choose two.)
A. VLAN information on port 0/5
B. ports in VLAN 5
C. MTU and type
D. utilization
E. filters

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 116
In the use of 802.1X access control, which three protocols are allowed through the switch port before authentication takes place? (Choose three.)
A. STP
B. CDP
C. EAP MD5
D. TACACS+
E. EAP-over-LAN
F. protocols not filtered by an ACL

Correct Answer: ABE Section: (none) Explanation
Explanation/Reference:
QUESTION 117
Based on the network diagram and routing table output in the exhibit, which of these statements is true?

A. InterVLAN routing has been configured properly, and the workstations have connectivity to each other.
B. InterVLAN routing will not occur since no routing protocol has been configured.
C. Although interVLAN routing is not enabled, both workstations will have connectivity to each other.
D. Although interVLAN routing is enabled, the workstations will not have connectivity to each other.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 118
A new workstation has consistently been unable to obtain an IP address from the DHCP server when the workstation boots. Older workstations function normally, and the new workstation obtains an address when manually forced to renew its address. What should be configured on the switch to allow the workstation to obtain an IP address at boot?
A. UplinkFast on the switch port connected to the server
B. BackboneFast on the switch port connected to the server
C. PortFast on the switch port connected to the workstation
D. trunking on the switch

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 119
In a static VLAN environment, how does a host join a VLAN?
A. It must be assigned to a VLAN dynamically by the VLAN Server.
B. It automatically assumes the VLAN of the port.
C. It will be assigned to a VLAN based on the username.
D. It will automatically be assigned a VLAN based on its MAC address.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 120
A brand new stand alone Catalyst 3550 switch is being installed. Multiple VLANs will be configured on the switch. What needs to be configured before adding any VLAN to the VLAN database if VTP is in server mode?
A. VTP pruning
B. VTP domain name
C. VTP version number
D. ISL or IEEE 802.1Q trunking

Correct Answer: B Section: (none) Explanation
Explanation/Reference:

Cisco 642-811 Questions and Answers Products basically comprise of the simulated Cisco https://www.pass4itsure.com/642-811.html exam questions AND their most correct answers,accompanied with a methodical elucidation of the Cisco 642-811 answers and the probable wrong answers.The extent to which Cisco 642-811 Questions and Answers Products cover their Cisco subject is so thorough,that once you are done with a Cisco product,passing the Cisco 642-811 exam in first attempt should be a piece of cake.

100% Valid And Pass With latest Cisco 642-812 exam dumps, you will never fail your Cisco 642-812 exam.All the questions and answers are updated and added to the new version timely by our experts.Also now Flydumps is offering free Cisco https://www.pass4itsure.com/642-812.html exam VCE player and PDF files for free on their website.

QUESTION 60
What would happen to a frame if a VLAN port configured as a trunk on the Catalyst switch CK1 were to receive an untagged frame?
A. The frame will cause an error message to be sent.
B. The frame will be dropped.
C. The frame will be processed as a native VLAN frame.
D. The frame will be tagged, and then processed as a native VLAN frame.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
On an IEEE 802.1Q trunk port, all transmitted and received frames are tagged except for those on the
VLAN configured as the native VLAN for the port. Frames on the native VLAN are always transmitted
untagged and are normally received untagged. The default native VLAN is VLAN 1.
Reference:
http://www.cisco.com/en/US/products/hw/optical/ps2006/
products_module_configuration_guide_chapter09186
a

QUESTION 61
Switch CK1 has a trunk link configured with IEEE 802.1Q encapsulation. What is the maximum Ethernet frame size on this trunk port?
A. 1496 Bytes
B. 1500 Bytes
C. 1518 Bytes
D. 1522 Bytes
E. 1548 Bytes

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
The 802.1q tag is 4 bytes; hence the resulting ethernet frame can be as large as 1522 bytes (1518 for the
maximum Ethernet frame size plus the 4 byte 802.1Q tag). The minimum size of the Ethernet frame with
802.1q tagging is 68 bytes.
Reference:
http://www.cisco.com/en/US/tech/ CK3 89/ CK3 90/technologies_tech_note09186a0080094665.shtml

QUESTION 62
The original frame is encapsulated and an additional header is added before the frame is carried over a trunk link. At the receive end, the header is removed and the frame is forwarded to the assigned VLAN.
This describes which technology?
A. DISL
B. DTP
C. IEEE802.1Q
D. ISL
E. MPLS

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 63
Assuming you have an IOS based switch; which command would you execute if you
wanted to specify IEEE 802.1Q encapsulation on a trunked port?
A. Switch(config-if)#switchport trunk encapsulation dot1q
B. Switch(config-if)#switchport encapsulation dot1q
C. Switch(config-if)#switchport trunk encapsulation isl
D. Switch(config)#switchport 0/1 trunk encapsulation isl
E. None of the above

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
Ethernet Trunk Encapsulation Types:

1.
switchport trunk encapsulation isl – Specifies ISL encapsulation on the trunk link.

2.
switchport trunk encapsulation dot1q – Specifies 802.1Q encapsulation on the trunk link.

3.
switchport trunk encapsulation negotiate – Specifies that the interface negotiate with the neighboring interface to become an ISL (preferred) or 802.1Q trunk, depending on the configuration and capabilities of the neighboring interface. The trunking mode, the trunk encapsulation type, and the hardware capabilities of the two connected interfaces determine whether a link becomes an ISL or 802.1Q trunk. Reference: http://www.cisco.com/en/US/products/hw/switches/ps700/ products_configuration_guide_chapter09186a008007 f
QUESTION 64
Two Certkiller switches are connected as shown below:
Which statements are true regarding the configuration of the above pair of switches? (Select two)
A. The trunk is currently using the ISL trunking protocol.
B. The trunk is currently using the 802.1q trunking protocol.
C. By default, all VLANs will be transmitted across this trunk.
D. By default, Switch CK1 and Switch CK2 ‘s Fast Ethernet 0/1 port will not generate DTP messages.
E. By default, the trunk can only support one VLAN, and only that single VLAN is transmitted across the trunk.

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
Explanation:
The second line in each configuration (#switchport trunk encapsulation dot1q) proves that B is correct, as
dot1q is Cisco IOS for 802.1q trunking.

A trunk allows inter-VLAN traffic to flow between directly connected switches. By default, a trunk port is a
member of all VLANs, so traffic for any and all VLANs can travel across this trunk. That includes broadcast
traffic! Reference:
http://www.mcmcse.com/cisco/guides/trunking_and_trunking_protocols.shtml

QUESTION 65
Switches Certkiller 1 and Certkiller 2 are connected as shown in the diagram below:
Use the following output taken from each port Certkiller 1: show config: interface GigabitEthernet0/1 switchport trunk encapsulation dot1q switchport mode dynamic auto no ip address show interface gig0/1 switchport: Name: Gi0/1 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: down Administrative Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Certkiller 2: show interface gig0/1 switchport: Name: Gi0/1 Switchport Enabled Administrative Mode: dynamic auto Operational Mode: down Administrative Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) In accordance with the above exhibit: what’s preventing the two switches from trunking on the link between them?
A. There is no IP address denied.
B. no shutdown needs to be entered on the interfaces.
C. Both sides are in auto negotiation mode.
D. ISL should be used instead of 802.1q.
E. Access mode VLAN must be different from native mode VLAN.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
In the switchport mode command, you can set the trunking mode to any of the following:

1.
trunk-This setting places the port in permanent trunking mode. The corresponding

switch port at the other end of the trunk should be similarly configured because negotiation is not allowed. You should also manually configure the encapsulation mode.

2.
dynamic desirable (the default)-The port actively attempts to convert the link into
trunking mode. If the far-end switch port is configured to trunk, dynamic desirable, or dynamic auto mode,
trunking is successfully negotiated.
3.
dynamic auto-The port converts the link into trunking mode. If the far-end
switch port is configured to trunk or dynamic desirable, trunking is negotiated.
Because of the passive negotiation behavior, the link never becomes a trunk if both ends of the link are left
to the dynamic auto default.

QUESTION 66
You have just configured an ISL trunk line over Ethernet media between two Cisco Switches, each switch having identical modules, software revisions, and VLAN configurations. Which of the following variables are NOT necessary for the ISL trunk to operate properly? (Select all that apply)
A. Identical trunk negotiation parameters at each end of the link
B. Identical duplex at each end of the link
C. Identical speed at each end of the link
D. Identical native VLAN parameters at each end of the link

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
Explanation: In order for a trunk connection to function properly, it is not necessary for the trunking negotiation parameters to be identical. For example, one end could be configured as “on” and the other could be configured for “auto-negotiate” and the trunk would be operational. Similarly, it is not necessary for the native VLAN parameters to be the same at each end. Incorrect Answers: B, C: One of the requirements for trunking to work is to have both sides of the trunk agree on the speed and duplex settings. Both sides must be configured with identical speed and duplex settings.
QUESTION 67
An ISL trunk connects switches CK1 and CK2 . What is the numerical range of user-configurable ISL VLANs on these switches?
A. 1-1001
B. 0-4095
C. there is no range
D. 0 – 1000
E. None of the above

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: The valid range of user-configurable ISL VLANs is 1-1001. The valid range of VLANs specified in the IEEE 802.1Q standard is 0-4095. In a network environment with non-Cisco devices connected to Cisco switches through 802.1Q trunks, you must map 802.1Q VLAN numbers greater than 1000 to ISL VLAN numbers. 802.1Q VLANs in the range 1-1000 are automatically mapped to the corresponding ISL VLAN. 802.1Q VLAN numbers greater than 1000 must be mapped to an ISL VLAN in order to be recognized and forwarded by Cisco switches.
QUESTION 68
An ISL trunk connects switches CK1 and CK2 . What is true about the Inter-Switch Link (ISL) protocol? (Select two)
A. ISL can be used between Cisco and non-Cisco switch devices.
B. ISL calculates a new CRC field on top of the existing CRC field.
C. ISL adds 4 bytes of protocol-specific information to the original Ethernet frame.
D. ISL adds 30 bytes of protocol-specific information to the original Ethernet frame.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation:
B: A second frame check sequence (FCS) field lies at the end of the frame.
D: ISL is an external tagging process: new 26-byte ISL header is added to the original Ethernet frame. A second 4-byte frame check sequence (FCS) field is added at the end of the frame so 30 bytes of total overhead is added. Incorrect Answers:
A: Cisco’s propriety version of frame tagging is ISL. ISL can only be used between Cisco routers.
C: 30 bytes are added to the Ethernet frame, not 4 bytes. 4 bytes are added using 802.1Q encapsulation.
QUESTION 69
Which of the commands below enables a trunking protocol that appends a four byte CRC to the packet when applied to the Certkiller switch?
A. Switch(config-if)#switchport trunk encapsulation dot1q
B. Switch(config-if)#switchport trunk encapsulation ietf
C. Switch(config-if)#switchport trunk encapsulation fddi
D. Switch(config-if)#switchport trunk encapsulation isl
E. None of the above

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: ISL is made up of three major components: a header, the original Ethernet frame, and a frame check sequence (FCS) at the end. With ISL, an Ethernet frame is encapsulated with a header that transports VLAN IDs between switches and routers. The 26-byte header containing a 10-bit VLAN ID is added to each frame. In addition, a 4-byte tail is added to the frame to perform a cyclic redundancy check (CRC). This CRC is in addition to any frame checking that the Ethernet frame performs. Reference: Building Cisco Multilayer Switched Networks (Cisco Press) page 99
QUESTION 70
Which statement is true regarding the configuration of ISL trunks?
A. All catalyst switches support ISL trunking.
B. A Catalyst switch will report giants if one side is configured for ISL while the other side is not.
C. ISL trunking requires that native VLANs match.
D. A Catalyst switch cannot have ISL and IEEE 802.1q trunks enabled.
E. None of the above

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
The 802.1q tag is 4 bytes; hence the resulting ethernet frame can be as large as 1522 bytes. The minimum

size of the Ethernet frame with 802.1q tagging is 68 bytes. ISL frames are the standard MTU used in Ethernet frames, which is 1518 bytes. If one end of the trunk is configured for ISL frames of up to 1518 bytes will be expected on it, while the other end will be sending frames up to 1522 bytes in length. On the ISL configured end, these incoming frames will be considered as giants. This is just one of the reasons why ISL and 802.1Q are incompatible. Incorrect Answers:
A: Not every Cisco switch model supports ISL.
C: In ISL, it is not necessary for the native VLANs to match.
D: Although it is true that each end of a trunk should be configured using the same encapsulation types, it is possible for a switch to have an ISL trunk configured on one port and an 802.1Q trunk on another port.
QUESTION 71
Two Certkiller switches are connected via a trunk using VTP. Which VTP information does a Catalyst switch advertise on its trunk ports when using VTP? (Select two)
A. STP root status
B. VTP mode
C. Negotiation status
D. Management domain
E. Configuration revision number

Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
Explanation:
The role of the VLAN Trunking Protocol (VTP) is to maintain VLAN configuration consistency across the
entire network. VTP is a messaging protocol that uses Layer 2 trunk frames to manage the addition,
deletion, and renaming of VLANs on a network-wide basis from a centralized switch that is in the VTP
server mode. VTP is responsible for synchronizing VLAN information within a VTP domain. This reduces
the need to configure the same VLAN information on each switch.
Using VTP, each Catalyst Family Switch advertises the following on its trunk ports:

1.
Management domain

2.
Configuration revision number

3.
Known VLANs and their specific parameters
QUESTION 72
You need to investigate a VTP problem between two Certkiller switches. The lack of which two prevents VTP information from propagating between switches? (Select two)
A. A root VTP server
B. A trunk port
C. VTP priority
D. VLAN 1
E. None of the above

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation: In Switch tow types of links are available, access and trunk. The interface is in access mode can carry the information of only one VLAN and trunk can carry the information of more than one VLAN. VTP carry the information of more than one vlan so Switch port should be in trunk mode. VLAN1 is the default VLAN on Cisco Switch, by default all interface belongs to VLAN 1.
QUESTION 73
CK1 and CK2 are switches that communicate via VTP. What is the default VTP advertisement intervals in Catalyst switches that are in server or client mode?
A. 30 seconds
B. 5 minutes
C. 1 minute
D. 10 seconds
E. 5 seconds
F. None of the above

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
Periodic ( default is 5 minutes) VTP advertisements are sent out each trunk port with the multicast
destination MAC address 01-00-0C-CC-CC-CC. VTP advertisements contain the following configuration
information:

1.
VLAN IDs (ISL and 802.1Q)

2.
Emulated LAN names (ATM LANE)

3.
802.10 SAID values (FDDI)

4.
VTP domain name

5.
VTP configuration revision number

6.
VLAN configuration, including the maximum transmission unit (MTU) size for each VLAN

7.
Frame format
QUESTION 74
On the network shown below, VTP has been enabled on the trunk links between all switches within the TEST domain. An administrator has recently enabled VTP pruning. Port 1 on Switch Certkiller 1 and port 2 on Switch Certkiller 4 are assigned to VLAN 2. A broadcast is sent from the host connected to Switch Certkiller 1.
Where will the broadcast propagate?
A. Switches Certkiller 1, Certkiller 2 , and Certkiller 4 will receive the broadcast, but only Switch Certkiller 4 will forward it out port 2.
B. Only Switch Certkiller 4 will receive the broadcast and will forward it out port 2.
C. Every switch in the network receives the broadcast and will forward it out all ports.
D. Every switch in the network receives the broadcast, but only Switch Certkiller 4 will forward it out port 2.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
The default behavior of a switch is to propagate broadcast and unknown packets across the network. This
behavior results in a large amount of unnecessary traffic crossing the network.

VTP pruning increases bandwidth efficiency by reducing unnecessary flooding of traffic, such as
broadcast, multicast, unknown, and flooded unicast packets. VTP pruning increases available bandwidth
by restricting flooded traffic to those trunk links that the traffic must use to access the appropriate network
devices. By default, VTP pruning is disabled.
Enabling VTP pruning on a VTP server enables pruning for the entire management domain. VTP pruning
takes effect several seconds after it is enabled. By default, VLANs 2 through 1000 or 2 through 1001 are
pruning eligible, depending upon the platform.
VTP pruning does not prune traffic from VLANs that are pruning ineligible. VLAN 1 is always pruning
ineligible and VLAN 1 cannot be removed from a trunk. However, the “VLAN 1 disable on trunk” feature
available on Catalyst 4000, 5000, and 6000 family switches enables the pruning of user traffic, but not
protocol traffic such as CDP and VTP, for VLAN 1 from a trunk. Use the vtp pruning command to make

VLANs pruning eligible on a Cisco IOS-based switch. Switch(vlan)#vtp pruning Once pruning is enabled, use the switchport trunk pruning command to make a specific VLAN pruning ineligible. Switch(config)#interface fastethernet 0/3 Switch(config-if)#switchport trunk pruning vlan remove vlan 5
QUESTION 75
You want to configure switch CK1 to propagate VLAN information across the Certkiller network using VTP. What must be configured on a Cisco switch in order to advertise VLAN information?
A. VTP mode
B. VTP password
C. VTP revision number
D. VTP pruning
E. VTP domain name
F. None of the above

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
Explanation: If the switch being installed is the first switch in the network, the management domain will need to be created. However, if the network has other switches running VTP, then the new switch will join an existing management domain. Verify the name of the management domain. If the management domain has been secured, verify and configure the password for the domain. To create a management domain or to add a switch to a management domain, use the vtp domain command in the global configuration mode or VLAN configuration mode. Switch(config)#vtp domain name Switch(vlan)#vtp domain
QUESTION 76
The Certkiller switches have all been upgraded to use VTP version 2. What are two benefits provided in VTP Version 2 that are not available in VTP Version 1? (Select two)
A. VTP version 2 supports Token Ring VLANs
B. VTP version 2 allows VLAN consistency checks
C. VTP version 2 allows active redundant links when used with spanning tree
D. VTP version 2 reduces the amount of configuration necessary
E. VTP version 2 saves VLAN configuration memory

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
Explanation: Understanding VTP Version 2 If you use VTP in your network, you must decide whether to use VTP version1 or version2. Note: If you are using VTP in a Token Ring environment, you must use version2. VTP version 2 supports the following features not supported in version1: Token Ring support-VTP version2 supports Token Ring LAN switching and VLANs (Token Ring Bridge Relay Function [TrBRF] and Token Ring Concentrator Relay Function [TrCRF]). Unrecognized Type-Length-Value (TLV) Support-A VTP server or client propagates configuration changes to its other trunks, even for TLVs it is not able to parse. The unrecognized TLV is saved in NVRAM. Version-Dependent Transparent Mode-In VTP version1, a VTP transparent network device inspects VTP messages for the domain name and version, and forwards a message only if the version and domain name match. Because only one domain is supported in the supervisor engine software, VTP version 2 forwards VTP messages in transparent mode without checking the version. Consistency Checks-In VTP version 2, VLAN consistency checks (such as VLAN names and values) are performed only when you enter new information through the CLI or SNMP. Consistency checks are not performed when new information is obtained from a VTP message, or when information is read from NVRAM. If the digest on a received VTP message is correct, its information is accepted without consistency checks. Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2ZY/configuration/guide/ vtp.html#wp1020
QUESTION 77
The Certkiller network administrator needs to enable VTP pruning within the Certkiller network. What action should a network administrator take to enable VTP pruning on an entire management domain?
A. Enable VTP pruning on any switch in the management domain
B. Enable VTP pruning on any client switch in the domain
C. Enable VTP pruning on a VTP server in the management domain
D. Enable VTP pruning on every switch in the domain
E. None of the above

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation: The default behavior of a switch is to propagate broadcast and unknown packets across the network. This behavior results in a large amount of unnecessary traffic crossing the network. VTP pruning increases bandwidth efficiency by reducing unnecessary flooding of traffic, such as broadcast, multicast, unknown, and flooded unicast packets. VTP pruning increases available bandwidth by restricting flooded traffic to those trunk links that the traffic must use to access the appropriate network devices. By default, VTP pruning is disabled. Enabling VTP pruning on a VTP server enables pruning for the entire management domain. VTP pruning takes effect several seconds after it is enabled. By default, VLANs 2 through 1000 or 2 through 1001 are pruning eligible, depending upon the platform. VTP pruning does not prune traffic from VLANs that are pruning ineligible. VLAN 1 is always pruning ineligible and VLAN 1 cannot be removed from a trunk. However, the “VLAN 1 disable on trunk” feature available on Catalyst 4000, 5000, and 6000 family switches enables the pruning of user traffic, but not protocol traffic such as CDP and VTP, for VLAN 1 from a trunk. Use the vtp pruning command to make VLANs pruning eligible on a Cisco IOS-based switch. Switch(vlan)#vtp pruning Once pruning is enabled, use the switchport trunk pruning command to make a specific VLAN pruning ineligible. Switch(config)#interface fastethernet 0/3 Switch(config-if)#switchport trunk pruning vlan remove vlan 5
QUESTION 78
VTP is configured on switch CK1 . Which of the following features were added in VTP version 2 that were not previously supported in VTP version 1? (Select two)
A. Supports Token Ring VLANs.
B. Allows VLAN consistency checks.
C. Saves VLAN configuration memory.
D. Reduces the amount of configuration necessary.
E. Allows active redundant links when used with spanning tree.

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
Explanation:
VTP Version 2 includes the following improvements: Token Ring VLAN support, TLV support, transparent
mode, and Consistency checks.

Incorrect
Answers:
C, D: These were not improvements added to VTP Version 2.

E: STP detects and prevents loops by logically disabling the redundant path ports so there are no active redundant links.
QUESTION 79
The Certkiller switches are configured to use VTP. What’s true about the VLAN trunking protocol (VTP)? (Select two)
A. VTP messages will not be forwarded over nontrunk links.
B. VTP domain names need to be identical. However, case doesn’t matter.
C. A VTP enabled device which receives multiple advertisements will ignore advertisements with higher configuration revision numbers.
D. A device in “transparent” VTP v.1 mode will not forward VTP messages.
E. VTP pruning allows switches to prune VLANs that do not have any active ports associated with them.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
Explanation:
VTP messages are only transmitted across trunk links.
If the receiving switch is in transparent mode, the configuration is not changed. Switches in transparent
mode do not participate in VTP. If you make VTP or VLAN configuration changes on a switch in
transparent mode, the changes are not propagated to the other switches in the network.
Incorrect
Answers:

B: The VTP domain name is case sensitive and it must be identical with the domain name configured on the VTP server.
C: This is incorrect because if a VTP client receives an advertisement with a higher revision number, it won’t ignore it. In fact, the advertisement with a higher revision level takes precedence when the switch is configured in client mode.
E: VTP pruning enhances network bandwidth use by reducing unnecessary flooded traffic, such as broadcast, multicast, unknown, and flooded unicast packets. VTP pruning increases available bandwidth by restricting flooded traffic to those trunk links that the traffic must use to access the appropriate network devices. It does not prune the individual VLANs.
QUESTION 80
Switch CK1 and CK2 both belong to the Certkiller VTP domain. What’s true about the switch operation in VTP domains? (Select all that apply)
A. A switch can only reside in one management domain
B. A switch is listening to VTP advertisements from their own domain only
C. A switch is listening to VTP advertisements from multi domains
D. A switch can reside in one or more domains
E. VTP is no longer supported on Catalyst switches

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
Explanation:
A VTP domain is made up of one or more interconnected devices that share the same VTP domain name.
A switch can be configured to be in only one VTP domain, and each VLAN has a name that is unique

within a management domain.
Typically, you use a VTP domain to ease administrative control of your network or to account for physical
boundaries within your network. However, you can set up as many or as few VTP domains as are
appropriate for your administrative needs. Consider that VTP is transmitted on all trunk connections,
including ISL, IEEE 802.1Q, 802.10, and LANE.
Switches can only belong to one management domain with common VLAN requirements, and they only
care about the neighbors in their own domains.
Reference: CCNP Switching Exam Certification Guide: David Hucaby & Tim Boyles, Cisco Press 2001,
ISBN 1-58720 000-7 page 114

Cisco https://www.pass4itsure.com/642-812.html Exam Certification Guide presents you with an organized test preparation routine through the use of proven series elements and techniques.“Do I Know This Already?”quizzes open each chapter and allow you to decide how much time you need to spend on each section.Cisco 642-812 lists and Foundation Summary tables make referencing easy and give you a quick refresher whenever you need it.Challenging Cisco 642-812 review questions help you assess your knowledge and reinforce key concepts. Cisco 642-812 exercises help you think about exam objectives in real-world situations,thus increasing recall during exam time.

Hi,I just took CCNA Cisco https://www.pass4itsure.com/642-801.html test and passed with a great score.All examcollection and securitytut dump are no longer valid anymore.I recommend studying Exampass Premium VCE.I can confirm that all Cisco 642-801 new questions appear on my test. Keep up the good work and good luck!

QUESTION 40
Your OSPF router has one serial interface, and one Ethernet LAN interface. The subinterface is configured in the following manner: interface serial 0.122 point-to-point ip address 192.168.1.1 255.255.255.0 encapsulation frame-relay frame-relay interface-dlci 122 Your want to allow hosts on your LAN to send and receive data, but you don’t want routing traffic to go through that interface. Which of the following commands should you use to complete your configuration?
A. interface serial 0.122 point-to-point passive-interface ethernet 0
B. interface ethernet 0 ip address 192.168.12.1 255.255.255.0 passive-interface
C. router ospf 172 area 1 nssa network 192.168.1.0 0.0.0.255 area 0 network 192.168.12.0 0.0.0.255 area 1
D. router ospf 172 passive-interface ethernet 0 network 192.168.1.0 0.0.0.255 area 0 network
192.168.12.0 0.0.0.255 area 1

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
We use the passive-interface command to configure the ethernet interface to be passive. The passive-
interface router configuration command is used to disable sending routing updates on an interface.
Incorrect Answers:

A: We are not configuring the serial interface. Furthermore, the passive-interface command is a router configuration command, not an interface configuration command.
B: We cannot use the passive-interface command like this.
C: We should configure the Ethernet interface as passive, not the area as a not-so-stubby area (NSSA).
QUESTION 41
You have a named Router CertK running EIGRP that has already been configured with the following: Router CertK (config)#access-list 30 deny any Router CertK (config)#access-list 40 permit ip any Router CertK (config)#router eigrp 1 To complete your configuration you want to configure the serial 0/0 interface to prevent routing updates from going out that interface while still allowing the formation and upkeep of neighbor adjacencies on that interface. Drag the correct command phrase from the bottom and place it in

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:

Explanation:
We use distribute list 30, which stops IP traffic, on outward traffic on the serial 0/0 interface.
RouterTK continues receiving routing updates from its neighbor, but the distribute-list prevents routes from
being advertised out of serial 0. Furthermore, neighbor adjacencies are allowed to be formed between
RouterTK and its neighbor on serial 0/0.
Incorrect Answers:
passive interface serial 0/0:

On EIGRP, passive interface causes the router to stop sending and receiving hello packets. This will
prevent the interface from maintaining neighbor adjacencies.
distribute-list 40 out serial 0/0:
We must stop outgoing traffic, not allow it.
distribute-list 30 in serial 0-0:
We must stop outgoing traffic, not incoming traffic.
Reference: How Does the Passive Interface Feature Work in EIGRP?
http://www.cisco.com/warp/public/103/16.html

QUESTION 42
he Certkiller network is displayed below:
You need to configure a static route so that users on the corporate network can reach the 172.27.6.0/24
LAN. Based on the diagram above, which of the following is the correct way to do this?

A. Certkiller 1(config)#ip route 172.27.6.0 255.255.255.0 172.17.8.2
B. Certkiller 2(config)#ip route 172.27.6.0 255.255.0.0 172.17.8.2
C. Certkiller 2(config)#ip route 172.27.6.0 255.255.255.0 172.17.8.2
D. Certkiller 1(config)#ip route 172.27.6.0 255.255.0.0 172.17.8.1
E. Certkiller 2(config)#ip route 172.27.6.0 255.255.255.0 172.17.8.1

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
Explanation:
Only choice E provides the correct network subnet mask and next hop IP address.
IP route prefix mask {address|Interface} [distance] [tag tag] [permanent]
Prefix 172.27.6.0 mask 255.255.255.0 address 172.17.8.2
Address – The IP address of the next hop router that can be used to reach that network.
Reference: Building Scalable Cisco Networks (Cisco Press) page 464

QUESTION 43
The Certkiller network consists of a main office and a single remote office. You need to configure the
remote office in using the following guidelines:
The main office must learn all of its routes from the regional office.
The regional office must not learn routes from the main office.
The most scalable solution should be used.
Which of the following answer choices best describe what should be done to satisfy these
requirements?

A. Configure static routes pointing to the network behind the central office router
B. Configure a default route pointing to the networks behind the central office router
C. Make the interface that is connected to the central office a passive interface to block incoming updates
D. Enable route update filtering on the interface that is connected to the central office to block incoming updates
E. None of the above will work

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
The only viable solution here is to enable the main office to dynamically learn about all of the regional
office routes, while still not receiving any routes is by enabling incoming route filters.

Incorrect Answers:
A, B: Configuring static routes or default routes on the regional office will not enable the main office to
learn about any of the regional office routes.

C: A passive interface would prevent all route updates to the main office. Passive interfaces do not filter incoming routing updates, so the regional office could still learn routes from the main office. Note: Configuring the main office using a passive interface would satisfy the conditions here, but this Qasks us how to configure the regional office, not the main office.
QUESTION 44
You wish to permit all BGP prefixes between /10 and /18 for the 207.0.0.0 network. How should a BGP prefix list be configured to do this?
A. ip prefix-list 207.0.0.0/8 ge 10 le 18
B. ip prefix-list 207.0.0.0/8 ge 18 le 10
C. ip prefix-list 207.0.0.0/24 ge 10 le 18
D. ip prefix-list 207.0.0.0/24 ge 18 le 10
E. None of the above

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: With prefix lists, the “ge” means “greater than or equal to” while the le means “less than or equal to.” Here, we want to specify all prefixes greater than or equal to 10 and less than or equal to 18 as specified in choice
A. In addition, we must specify an 8 bit network mask, not a 24 bit network mask.
QUESTION 45
Routers CK1 and CK2 are configured for BGP as shown below: RTR CK1 router bgp 200 neighbor
183.215.22.1 remote-as 200 neighbor 183.215.22.1 update-source loopback 1 RTR CK2 router bgp 200 neighbor 147.229.1.1 remote-as 200 These two routers currently have an active BGP peering session between them and they are able to pass routes to each other. Based on these configuration files, which of the following are true? (Select three)
A. RTR CK1 and RTR CK2 are running IBGP inside AS 200
B. The IP address of RTR CK1 ‘s Loopback 1 interface is 147.229.1.1.
C. The IP address of RTR CK1 ‘s Loopback 1 interface is 183.215.22.1.
D. RTR CK1 and RTR CK2 are running EBGP between the autonomous systems.
E. RTR CK1 has forced BGP to use the loopback IP address as the source in the TCP neighbor connection.

Correct Answer: ABE Section: (none) Explanation Explanation/Reference:
Explanation:
A: The two statements that define a remote AS (autonomous) use the same AS number. Both routers must belong to the same AS and there IBGP is used.
B: The IP address of the CK1 loopback address is 147.229.1.1 as specified in the neighbor statement of the CK2 router: neighbor 147.229.1.1 remote-as 200
E: The “neighbor 183.215.22.1 update-source loopback 1” command issued at CK1 makes CK1 use this loopback for the BGP connection to CK2 . See Note 2 below. Note 1: Syntax of neighbor command: Router(config-router)#neighbor {ip-address | peer-group-name} remote-as as-number This command specifies a BGP neighbor. Note 2: For iBGP, you might want to allow your BGP connections to stay up regardless of which interface is used to reach a neighbor. To enable this configuration, you first configure a loopback interface and assign it an IP address (neighbor 183.215.22.1 update-source loopback 1). Next, configure the BGP update source to be the loopback interface (we have to assume this step – it is not indicated by the exhibit). Finally, configure your neighbor to use the address on the loopback interface (neighbor 147.229.1.1 remote-as 200). Incorrect Answers:
C: 183.215.22.1 is the IP address of CK2 , not CK1 .
D: There is only one AS and the routers belong to that AS. Within an AS IBGP is used, not EBGP.
QUESTION 46
The Certkiller BGP router is configured as shown below: router bgp 64000 neighbor 172.16.1.1 remote-as 64000 neighbor 10.1.1.2 remote-as 64550 network 200.52.1.192 mask 255.255.255.224 no synchronization aggregate-address 200.52.1.0 255.255.255.0 The BGP peers 172.16.1.1 and 10.1.1.2 in the above configuration are active, as well as the interface with IP address 200.52.1.192. Based on this information, which statement below is true about your configuration?
A. Router CertK has an IBGP connection with neighbor 10.1.1.2.
B. Router CertK has an EBGP connection with the neighbor 172.16.1.1.
C. Router CertK advertises only a route 200.52.1.0 255.255.255.0 in BGP.
D. Router CertK advertises only a route 200.52.1.192 255.255.255.224 in BGP.
E. Router CertK advertises both the routes to 200.52.1.0 255.255.255.0 and 200.52.1.192
255.255.255.224 in BGP.

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
Explanation:
The aggregate route, 200.52.1.0 255.255.255.0, and the more specific route, 200.52.1.192
255.255.255.224, will both be advertised. To only advertise the aggregate route the summaryonly option of
the aggregate-address command must be used.
Note: The aggregate-address command is used to create an aggregate, or summary, entry in the BGP
table.
Incorrect Answers:

A: The neighbor 10.1.1.2 belongs to another autonomous system and is a EBGP neighbor, not an IBGP
neighbor.

B: Router A and neighbor 172.16.1.1 belong to the same autonomous system and is an IBGP neighbor,
not an EBGP neighbor.

C: The summary-only option of the aggregate-address command is used to only advertise the summary
and not the specific routes.

D:
The aggregate route, 200.52.1.0 255.255.255.0, will be advertised as well.
Q304 The Certkiller network consists of two separate autonomous systems as shown below:
You need to configure Router CK2 as a BGP route reflector and Router CK1 as the client. Assuming that
Router CK3 isn’t running BGP, which two of the commands below would you enter on CK2 to satisfy your
goals? (Select two)
A.
neighbor 165.50.12.1 remote-as 65100
B.
neighbor 165.50.12.2 remote-as 64000
C.
neighbor 165.50.12.1 route-reflector-client
D.
neighbor 165.50.12.2 route reflector-client
Answer: B, D
Explanation:

B: Router CK2 (config-router)# neighbor 165.50.12.2 remote-as 64000 We configure router CK1
(165.50.12.2) as a neighbor in AS 64000.
D: Router CK2 (config-router)# neighbor 165.50.12.2 route-reflector-client Configures the router CK2 as a BGP route reflector and configures the specified neighbor CK1 (165.50.12.2) as its client. Incorrect Answers:
A: We must specify router CK1 as neighbor, not CK2 itself (165.50.12.1). Furthermore, we should use the local AS (64000), not the remote AS 65100.
C: We must specify router CK1 as route reflector client, not CK2 itself (165.50.12.1).
QUESTION 47
The Certkiller network consists of a series of routers that are all configured for IBGP. Which one of the following IBGP characteristics is true?
A. The IBGP routers must always be fully meshed.
B. The IBGP routers can be in a different AS.
C. The IBGP routers must be directly connected.
D. The IBGP routers do not need to be directly connected.
E. None of the above are true.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation: The IBGP routers do not have to be directly connected. The remote IBGP peers need only be reachable via a TCP connection. For example, if the network is also running an interior routing protocol such as EIGRP or OSPF, the remote IBGP router could be many hops away, as long as it is reachable via the IGP that is being used. Incorrect Answers:
A: Using route reflectors or confederations a full mesh topology is not necessary.
B: The IBGP routers must be placed in the same AS. Peers that are in different autonomous systems are using EBGP, not IBGP.
C: The IBGP routers do not have to be directly connected.
QUESTION 48
Which of the following statements regarding BGP peer groups are true? (Select two)
A. Peer members inherit all options of the peer group.
B. Peer groups can be used to simplify BGP configurations.
C. Peer groups are optional non-transitive attributes for BGP.
D. A peer group allows options that affect outbound updates to be overridden.
E. A common name should be used on all routers because this information is passed between neighbors.

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
Explanation:
A BGP peer group is a group of BGP neighbors with the same update policies.

A: By default members of the peer group inherit all of the configuration options of the peer group. Note: Members can also be configured to override these options
B: Peer groups are normally used to simplify router configurations when many neighbors have the same policy.
Note: BGP neighbors who share the same outbound policies can be grouped together in what is called a BGP peer group. Instead of configuring each neighbor with the same policy individually, Peer group allows to group the policies which can be applied to individual peer thus making efficient update calculation along with simplified configuration.
Incorrect Answers:
C: The only Optional non-transitive attribute in BGP is MED.
D: Does not apply.
E: Using a common router name provides no BGP benefits at all.
Reference: BGP Peer Groups, http://www.cisco.com/warp/public/459/29.html

QUESTION 49
A BGP router is configured as shown below: interface ethernet 0 ip address 10.10.10.1 255.255.0.0 ! int serial 0 ip address 172.16.1.1 255.255.255.252 ! router bgp 65001 neighbor 192.168.1.1 remote-as 65002 Based on the above configuration, which of the following BGP statements would inject the 10.10.0.0/16 prefix into the BGP routing table?
A. network 10.0.0.0
B. network 10.10.0.0 mask 255.255.0.0
C. network 10.10.10.1 mask 255.255.255.255
D. network 10.10.10.0 mask 255.255.255.0
E. network 10.0.0.0 mask 255.255.0.0

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: The /16 mask is equal to 255.255.0.0, so answer choice B matches the address and the mask. To specify the route as classless, the mask keyword should be included or the network will be summarized at the network boundary.
QUESTION 50
Why would a systems administrator enter in the network command when configuring BGP?
A. Local routes matching the network command are filtered from the BGP routing table.
B. Local routes matching the network command can be installed into the BGP routing table.
C. Routes matching the network command will be filtered from BGP routing updates.
D. External routes matching the network command will be installed into the BGP routing table.
E. None of the above.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
Use the network router configuration command to permit BGP to advertise a network if it is
present in the IP routing table.
Reference: Building Scalable Cisco Networks (Cisco Press) page 342

QUESTION 51
The Certkiller network is depicted in the following diagram: Which of the following command sets would you use if you want Certkiller 1 and Certkiller 2 to exchange BGP routing information? (Select two)

A. Certkiller 2(config)#router bgp 200 Certkiller 2(config-router)#neighbor 10.1.1.1 remote-as 100
B. Certkiller 1(config)#router bgp 100 Certkiller 1(config-router)#exit Certkiller 1(config)#interface S0
Certkiller 1(config-if)#neighbor 10.1.1.2 remote-as 200
C. Certkiller 1(config)#router bgp 100 Certkiller 1(config-router)#neighbor 10.1.1.2 remote-as 200
D. Certkiller 2(config)#router bgp 100 Certkiller 2(config-router)exit Certkiller 2(config)#interface S0
Certkiller 2(config-if)#neighbor remote-as 100
E. Certkiller 1(config)#router bgp 100 Certkiller 1(config-router)#network 10.0.0.0 Certkiller 1(config-router)#neighbor 10.1.1.2 remote-as 100
F. Certkiller 2(config)#router bgp 200 Certkiller 2(config-router)#network 10.0.0.0 Certkiller 2(config-router)#network 10.1.1.1 remote-as 200

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
Explanation:
Choices A and C give the correct syntax for configuring EBGP peering sessions.
Incorrect Answers:
B, D: The BGP peering configurations are placed under the BGP routing process, not in
interface configuration mode.
E, F: The network 10.0.0.0 command is not required here, since this is an EBGP peering session using the
directly connected interface. Since each neighbor shares the 10.0.0.0 network they each already know
how to reach this network.

QUESTION 52
Router TK-1 is configured for BGP routing as shown below: router bgp 65300 network 27.0.0.0 neighbor
192.23.1.1 remote-as 65300 From the perspective of router TK-1, what kind of router is the router with IP address 192.23.1.1?
A. A peer router running IBGP
B. A peer router running EBGP
C. A community member running IBGP
D. A peer group member running IBGP E. A peer group member running EBGP

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation:
Both the local and remote router is configured with the same autonomous system number so they are peer
routers running IBGP.

QUESTION 53
When you’re configuring BGP on a Cisco router, what is true of the command “network”?
A. Local routes matching the network command are filtered from the BGP routing table.
B. Local routes matching the network command can be installed into the BGP routing table.
C. Sending and receiving BGP updates is controlled by using a number of different filtering methods.
D. The route to a neighbor autonomous system must have the correct MED applied to be installed into BGP routing table.
E. None of the above.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: The network command allows BGP to advertise an IGP route if it is already in the IP table. A matching route must exist in the routing table before the network is announced. The network command is used to permit BGP to advertise a network if it is present in the IP routing table.
QUESTION 54
Router CK1 needs to be configured to advertise a specific network. Which of the following commands would you use if you wanted to advertise the subnet 154.2.1.0 255.255.255.0 to the EBGP neighbors on your subnet?
A. Router (config-router)#network 154.2.1.0
B. Router (config-router)#network 164.2.1.0
C. Router (config-router)#network-advertise 154.2.1.0
D. Router (config-router)#network 154.2.1.0 mask 255.255.255.0
E. None of the above

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
The network command is used to specify the networks to be advertised by the Border Gateway Protocol
(BGP) and multiprotocol BGP routing processes.
Syntax: network network-number [mask network-mask] [route-map map-name]
Mask and route-map are optional. If the mask keyword is configured, then an exact match must exist in the
routing table.
Incorrect Answers:

A: If we do not specify the subnet mask then additional networks are allowed to be advertised. The classful subnet mask of 154.2.1.0 is 255.255.0.0 – a Class B network.
B: This is using the incorrect IP address, as well as a missing subnet mask.
C: The network-advertise is an invalid command.
QUESTION 55
You are the administrator of a company with BGP connections to multiple ISP’s. How could you configure BGP to make it favor one particular ISP for outbound traffic?
A. Configure weight
B. Enable route reflector
C. Create a distribute list
D. Enable the Longer Autonomous System path option.
E. All of the above.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: If the router learns about more than one route to the same destination, the route with the highest weight will be preferred. Weight is a Cisco BGP parameter that is local to the router. When terminating multiple ISP connections into the same router, weight can be used to affect which path is chosen for outbound traffic. Incorrect Answers:
B: A route reflector cannot be used to influence outbound traffic. A route reflector modifies the BGP split horizon rule by allowing the router configured as the route reflector to propagate routes learned by IBGP to other IBGP peers. This saves on the number of BGP TCP sessions that must be maintained, and also reduces the BGP routing traffic.
C: Distribute lists restrict the routing information that the router learns or advertises. By itself a distribute list cannot make routes from one ISP be preferred to routers from another ISP.
D: This choice describes ASD path pre-pending, which would be used to influence the path that incoming traffic takes, not outgoing.
QUESTION 56
What are two solutions to overcome the full mesh requirement with iBGP? (Choose two)
A. BGP groups
B. BGP local preference
C. Route reflector
D. Confederation
E. Aggregate-address

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
Explanation: In general, all IBGP peers must be configured to be fully meshed. If they are not, then all of the IBGP routers will not have the updated information from the external BGP routers. There are two ways to overcome the scalability issues of a full IBGP mesh: route reflectors and confederations. With route reflectors, internal BGP routers peer only with the route reflector. With confederations, the AS is broken up into smaller, more manageable sub autonomous systems.
QUESTION 57
An ISP is running a large IBPG network with 25 routers. The full mesh topology that is currently in place is inefficiently using up bandwidth from all of the BGP traffic. What can the administrator configure to reduce the number of BGP neighbor relationships within the AS?
A. Route reflectors
B. Route maps
C. Route redistribution
D. Peer groups
E. Aggregate addresses
Correct Answer: A Section: (none) Explanation

Explanation/Reference:
Explanation: In general, all IBGP peers must be configured to be fully meshed. If they are not, then all of the IBGP routers will not have the updated information from the external BGP routers. There are two ways to overcome the scalability issues of a full IBGP mesh: route reflectors and confederations. With route reflectors, internal BGP routers peer only with the route reflector, and then the route reflectors connect with each other. This can considerably reduce the number of IBGP sessions. Another solution to the scalability problem of IBGP is the use of confederations. With confederations, the AS is broken up into smaller, more manageable sub autonomous systems.
QUESTION 58
Arrange the BGP attributes on the left in order or priority.

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:

Explanation:
How the Best Path Algorithm Works:
BGP assigns the first valid path as the current best path. It then compares the best path with the next path
in list, until it reaches the end of the list of valid paths. The following is a list of rules used to determine the
best path.

1.
Prefer the path with the highest WEIGHT. Note: WEIGHT is a Cisco-specific parameter, local to the router on which it’s configured.

2.
Prefer the path with the highest LOCAL_PREF. Note the following:

Path without LOCAL_PREF is considered as having the value set with the bgp default local-preference command, or 100 by default.

3.
Prefer the path that was locally originated via a network or aggregate BGP subcommand, or through redistribution from an IGP. Local paths sourced by network or redistribute commands are preferred over local aggregates sourced by the aggregate-address command.

4.
Prefer the path with the shortest AS_PATH. Note the following:

The AS_CONFED_SEQUENCE and AS_CONFED_SET are not included in the AS_PATH length.

5.
Prefer the path with the lowest origin type: IGP is lower than EGP, and EGP is lower than INCOMPLETE.

6.
Prefer the path with the lowest multi-exit discriminator (MED). Note the following:
This comparison is only done if the first (neighboring) AS is the same in the two paths; any confederation sub-ASs are ignored. In other words, MEDs are compared only if the first AS in the AS_SEQUENCE is the same for multiple paths. Any preceding AS_CONFED_SEQUENCE is ignored. If bgp always-compare-med is enabled, MEDs are compared for all paths. This option needs to be enabled over the entire AS, otherwise routing loops can occur.
If bgp bestpath med-confed is enabled, MEDs are compared for all paths that consist only of AS_CONFED_SEQUENCE (paths originated within the local confederation).
Paths received from a neighbor with a MED of 4,294,967,295 will have the MED changed to 4,294,967,294 before insertion into the BGP table.
Paths received with no MED are assigned a MED of 0, unless bgp bestpath missing-as-worst is enabled, in which case they are assigned a MED of 4,294,967,294.
The bgp deterministic med command can also influence this step as demonstrated in the How BGP Routers Use the Multi-Exit Discriminator for Best Path Selection.
7.
Prefer external (eBGP) over internal (iBGP) paths. If bestpath is selected, go to Step 9 (multipath).

Note: Paths containing AS_CONFED_SEQUENCE and AS_CONFED_SET are local to the confederation,
and therefore treated as internal paths. There is no distinction between
Confederation External and Confederation Internal.
8.
Prefer the path with the lowest IGP metric to the BGP next hop. Continue, even if
bestpath is already selected.
9.
Check if multiple paths need to be installed in the routing table for BGP Multipath.
Continue, if bestpath is not selected yet.
10.
When both paths are external, prefer the path that was received first (the oldest one). This step
minimizes route-flap, since a newer path will not displace an older one, even if it
would be the preferred route based on the next decision criteria (Steps 11, 12, and 13).
Skip this step if any of the following is true:

o The bgp best path compare-routerid command is enabled.
Note: This command was introduced in Cisco IOS(r) Software Releases 12.0.11S, 12.0.11SC,
12.0.11S3, 12.1.3, 12.1.3AA, 12.1.3.T, and 12.1.3.E.

o The router ID is the same for multiple paths, since the routes were received from the same router.

o There is no current best path. An example of losing the current best path occurs when the neighbor offering the path goes down.
11.
Prefer the route coming from the BGP router with the lowest router ID. The router ID is the highest IP address on the router, with preference given to loopback addresses. It can also be set manually using the bgp router-id command. Note: If a path contains route-reflector (RR) attributes, the originator ID is substituted for the router ID in the path selection process.

12.
If the originator or router ID is the same for multiple paths, prefer the path with the minimum cluster list length. This will only be present in BGP route-reflector environments. It allows clients to peer with RRs or clients in other clusters. In this scenario, the client must be aware of the RR-specific BGP attribute.

13.
Prefer the path coming from the lowest neighbor address. This is the IP address used in the BGP neighbor configuration, and corresponds to the remote peer used in the TCP connection with the local router.
QUESTION 59
The Certkiller BGP routing table consists of the following network routes:

What is the correct command to summarize these prefixes into a single summary prefix of 192.168.12.0/22 while also allowing for the advertisement of the more specific prefixes?
A. network 192.168.12.0 mask 255.255.252.0
B. network 192.168.12.0 mask 0.0.3.255
C. network 192.168.12.0
D. aggregate-address 192.168.12.0 255.255.252.0
E. aggregate-address 192.168.12.0 255.255.252.0 summary-only
F. aggregate-address 192.168.12.0 255.255.252.0 as-set

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
To summarize BGP prefixes into one aggregated route, use the “aggregate-address” command.
When used alone, this will advertise the aggregate route, along with the individual specific
routing entries. To advertise only the aggregated route, use the “summary-only” keyword, as specified in
choice E.

QUESTION 60
The Certkiller BGP network is displayed below: Certkiller 3 is the hub router and Certkiller 1 and Certkiller 2 are the spokes. There are no virtual circuits between the spoke locations. Each router is in a separate AS. What is needed to successfully route traffic to the 11.11.11.0/24 network from Certkiller 1?

A. The neighbor 10.10.10.1 next-hop-self command on Certkiller 1.
B. The neighbor 10.10.10.1 next-hop-self command on Certkiller 2.
C. The neighbor 10.10.10.1 next-hop-self command on Certkiller 3.
D. Nothing is required. This is the default behavior on this topology

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
Explanation:
The following example illustrates the issue:
BGP Next Hop (NBMA)
If the common media as you see in the shaded area above is a frame relay or any NBMA cloud then the exact behavior will occur as if we were connected via Ethernet. RTC will advertise 180.20.0.0 to RTA with a next hop of 170.10.20.3. The problem is that RTA does not have a direct PVC to RTD, and cannot reach the next hop. In this case routing will fail. In order to remedy this situation a command called next-hop-self is created. The next-hop-self Command Because of certain situations with the next hop as we saw in the previous example, a command called next-hop-self is created. The syntax is: neighbor {ip-address|peer-group-name} next-hop-self The next-hop-self command allows us to force BGP to use a specified IP address as the next hop rather than letting the protocol choose the next hop. In the previous example, the following configuration solves our problem: RTC# router bgp 300 neighbor 170.10.20.1 remote-as 100 neighbor 170.10.20.1 next-hop-self RTC advertises 180.20.0.0 with a next hop = 170.10.20.2 Reference: http://www.cisco.com/warp/public/459/bgp-toc.html#bgpnexthop
QUESTION 61
Exhibit Based on the show ip bgp summary output in the exhibit, which two statements are true? Select two?

A. The BGP session to the 10.1.1.1 neighbor is established.
B. The BGP session to the 10.2.2.2 neighbor is established.
C. The BGP session to the 10.3.3.3 neighbor is established.
D. The router is attempting is attempting to establish a BGP peering to the 10.1.1.1 neighbor.
E. The BGP session to the 10.3.3.3 neighbor is established, but the router has not received any BGP routing updates from the 10.3.3.3 neighbor.
F. The router is attempting to establish BGP peering with the 10.2.2.2 neighbor.

Correct Answer: AFCEBD Section: (none) Explanation
QUESTION 62
we want to hide some of your internal IP subnets from outside networks. By what means can you conceal the details of your IP addressing scheme to the outside world?
A. Subnetting
B. Supernetting
C. Challenge Handshake Protocol
D. Usernames and passwords

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation: In large internetworks, hundreds or even thousands of networks can exist. In these environments, it is often not desirable for routers to maintain all these routes in their routing table. Route summarization (also called route aggregation or supernetting) can reduce the number of routes that a router must maintain because is it a method of representing a series of network numbers in a single summary address. By advertising only one large supernet to the outise world, the details of your IP network scheme can remain hidden.
QUESTION 63
The Certkiller network will be using a new ISP for their Internet connection. The new Internet provider will be allocating a new registered class C IP address subnet to use. In order to not have to change out the entire internal IP addressing scheme on your network, you plan to use NAT to translate all of the internal IP address to the new IP addresses that are being assigned to Certkiller . You have been assigned the task of making changes so that the following requirements are met: Maintain the current IP addressing scheme Configure Certkiller ‘s router for network address translation (NAT) so all the internal computers use the same external IP address Configure a static translation so Certkiller employees can access their email from the internet. Privileged mode password: Certkiller The IP Addresses are shown below: Name: Certkiller NAT SO 192.168.15.1/24 E0 10.100.5.1/24 E-mail Server’s External Address 192.168.15.5/24 E-mail Server’s Internal Address 10.100.5.5/24 To configure the router click on a host icon that is connected to a router by a serial console cable.

A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
Certkiller NAT(config-if)#exit Certkiller NAT(config)#exit Certkiller NAT#copy run start Q322

You have been assigned the task of configuring the routers to meet the following requirements:
In the unlikely event that a link goes down, you have to ensure a backup link exists
The proper metrics must be distributed through the IGRP portion of the network Based on this information,
which of the following should you do? (Select two)

A. Apply the distance command to Main
B. Apply the distance command to CK2
C. Apply the distribute-list command to Main
D. Apply the distribute-list command to CK2
Answer: B, C Explanation:
B: Most routing protocols, including IGRP and RIP, use the distance command to modify the administrative distance. We need to change the metric of the RIP routes learned by CK2 .
C: To control the advertising and processing of routes in routing updates the distribute-list
command is used.
Incorrect Answers:

A: We change the administrative distance of RIP routes on CK2 .

D: We should apply the distribute-list command to Main, not to CK2 .

QUESTION 64
Network topology exhibit

Certkiller .com is changing ISPs. As a result, they will need to install an Email server and utilize network address translation (NAT) for the internal network. Certkiller .com does not want to change the IP Addresses on all of the internal routers and servers. The new ISP, Foo Services, will allocate a registered class C address for Certkiller to use. The internal IP Address scheme will remain the same. Configure the router to provide NAT so that all internal Certkiller PCs will use the single external IP Address assigned to the router interface. Configure a static translation so that Certkiller .com’s Email server will be accessible from the Internet. Name: Certkiller NAT S0: 192.168.17.1/24 E0: 10.0.216.1/24 Secret Password: Certkiller
A.
B.
C.
D.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
192.168.212.5/24 Web Server’s Internal Address 10.0.243.5/24
QUESTION 65
One of the virtues of a Link-State routing protocol is its hierarchical design. What advantages does this equate to in network design? (Select two)
A. It allows link-state protocols to support VLSM.
B. It allows them to support address summarization.
C. It reduces the need to flood LSAs to all devices in the internetwork.
D. Routers are no longer required to keep track of the topology of the entire autonomous system.

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
Explanation: Hierarchical design can limit the requirement to notify all devices. The use of areas restricts the flooding to the logical boundary of the area rather than to all devices in the OSPF domain. Another advantage of hierarchical network design is that the entire network is divided into multiple smaller sections, so that much of the routing information is kept within a small area. In a non-hierarchical network, each router is required to maintain routing information for all other routers within the entire network. Incorrect Answers:
A: Although link state protocols do indeed support VLSM, it is not due to a hierarchical network design. For example, RIP version 2 supports VLSM, but it is not hierarchical.
B: Although address summarization can indeed be configured on routers configured in a hierarchical design, it is an independent function and is not related to the fact that a tiered network design is being used.
QUESTION 66
In regards to the three layered hierarchical network design, which of the following are responsibilities of the distribution layer? (Choose 2)
A. Reliable transport structure
B. Route redistribution
C. Optimized transport structure
D. Address aggregation
E. Unauthorized entry access control lists

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation: The distribution layer is responsible for what enters and exits a network, including the
consolidation of traffic from multiple subnets into a core connection. Route redistribution and address
aggregation happen at this layer.
Incorrect Answers:
A, C: This is a function of the core layer.

E. This is a function of the access layer.
QUESTION 67
Which of the following are advantages of implementing a hierarchical IP addressing scheme when designing a large network? (Select two)
A. Smaller routing tables
B. Efficient address allocation
C. Translation of private addresses
D. Support for link-state routing protocols

Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
Explanation: Hierarchical IP addressing uses the addresses more conservatively, by planning for the correct use of subnet masks and route summarization. A hierarchical network design facilitates the use of IP routing summarization, which will reduce the size of the routing tables.
QUESTION 68
The Certkiller frame relay network is shown in the diagram below: Based on the information given in this diagram, which of the following are true??

A. The network is using a two-layer full-mesh hierarchical design.
B. The network is using a two-layer hub-and-spoke hierarchical design.
C. To improve scalability, route summarization at Routers CK1 , CK2 , CK3 , CK4 , CK5 , and CK6 should be performed.
D. Routers A and B are the distribution layer routers.
E. Routers CK1 , CK2 , CK3 , CK4 , CK5 and CK6 are the access layer routers.
F. To improve security, packet filtering that uses ACLs at Routers A and B must be implemented.

Correct Answer: CEADB Section: (none) Explanation
Explanation/Reference:
A: The network shown here is using a 3 level tiered approach: Core, Distribution, and Access.
B: Three layers are used, not two.
D: Routers A and B are the Core routers here.
E: These routers make up the Distribution layer.
QUESTION 69
You are trying to determine the best routing protocol to use for the large Certkiller network. Which routing protocols should you avoid when deploying a large network? (Select two)
A. IGRP
B. OSPF
C. EIGRP
D. RIP v.2
E. RIP v.1

Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
Explanation: Both RIP version 1 and version 2 should only be used in relatively small networks. A large network would be congested by RIP broadcasts. These frequent broadcasts contain the entire routing table, and could saturate links.
QUESTION 70
What are some of the features that are important for designing large, scalable networks? (Select three)
A. A tiered network design model.
B. Sufficient memory on the router.
C. Multiple EIGRP autonomous systems.
D. Good address space allocation scheme.

Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
Explanation:
A: A tiered network design model such as Core, Distribution, and Access is also needed for
large networks.

B: Sufficient capacity of the routers, in particular the memory, is required for large networks.

D: Good allocation of address space is required- Each region should have a unique address
space so route summarization is possible.
Incorrect Answers:

C: Configuring multiple EIGRP autonomous systems can add extra overhead and it provides no
additional benefits.

QUESTION 71
Two of the following routing protocols require a tiered, hierarchical topology. Which ones are they? (Select two)
A. IS-IS
B. IGRP
C. OSPF
D. EIGRP
E. RIP v2

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
Explanation:
IS-IS and OSPF both require a hierarchical topology. The use of multiple areas and a core
backbone area means that they are hierarchical by nature.

QUESTION 72
What has become the leading Interior Routing Protocol (IGP) in use by Internet service providers?
A. IS-IS
B. OSPF
C. EIGRP
D. RIPv2
E. BGP4

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation: In recent years, the IS-IS routing protocol has become increasingly popular, with widespread use among Service Providers. It is a link state protocol, which enables very fast convergence with large scalability. It is also a very flexible protocol and has been extended to incorporate leading edge features such as MPLS Traffic Engineering. It is also chosen because it is an IETF standard based protocol, rather than a proprietary protocol such as IGRP or EIGRP. Reference: http://www.cisco.com/en/US/tech/ CK3 65/ CK3 81/technologies_white_paper09186a00800a3e6f.sht ml
QUESTION 73
Two of the following routing protocols support load balancing over unequal cost links.Which ones are they? (Select two)
A. IGRP
B. OSPF
C. EIGRP
D. RIP v2
E. RIP v1

Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
Explanation:
IGRP and EIGRP support unequal cost path load balancing, which is known as variance. OSPF,
RIP v1 and RIP v2 do not support this.
Reference: http://www.cisco.com/warp/public/103/19.html

QUESTION 74
You are required to choose a routing protocol that supports variable length subnet masks (VLSM) for your network. Which of the following would meet this requirement? (Choose three)
A. IS-IS
B. IGRP
C. OSPF
D. EIGRP
E. RIP v1

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
Explanation:
IS-IS, EIGRP, OSPF, RIP V2 and static routes all support VLSM.
Incorrect Answers:

B: IGRP is the predecessor to EIGRP and does not support VLSM.
E: RIP version 1 is a distance vector routing protocol that does not support VLSM.
QUESTION 75
Cisco routers automatically perform route summarization for various protocols. Which three of the following routing protocols are they? (Select three)
A. IS-IS
B. IGRP
C. OSPF
D. EIGRP
E. RIP v.1

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
Explanation:
Sending route summaries – Routing information advertised out an interface is automatically summarized at

major (classful) network address boundaries by RIP, IGRP, and EIGRP. Specifically, this autonomous summarization occurs for those routes whose classful network address differs from the major network address of the interface to which the advertisement is being sent. Reference: Building Scalable Cisco Networks (Cisco Press) page 79

CCNA Exam Certification Guide is a best-of-breed Cisco https://www.pass4itsure.com/642-801.html exam study guide that has been completely updated to focus specifically on the objectives.Senior instructor and best-selling author Wendell Odom shares preparation hints and Cisco 642-801 tips to help you identify areas of weakness and improve both your conceptual and hands-on knowledge.Cisco 642-801 Material is presented in a concise manner,focusing on increasing your understanding and retention of exam topics.