implemented for the pseudowires between the N-PE and U-PE routers? (Choose two
Refer to the exhibit.
You are designing a loop-free hierarchical VPLS service. Which two design considerations should be
implemented for the pseudowires between the N-PE and U-PE routers? (Choose two.)
A. Disable split horizon toward the N-PE routers.
B. Disable split horizon toward the U-PE router.
C. Enable split horizon toward the U-PE router.
D. Enable split horizon toward the N-PE routers.
E. Disable MAC learning on the U-PE route.
F. Disable MAC learning on the N-PE routers.
Which additional routing protocol would you use for the overlay routing between the group members?
You are designing a Group Encrypted Transport virtual private network solution for an existing branch
network. The existing network has the following characteristics:
– 50 remote sites (with an additional 30 remote sites expected over the next 3 years)
– Connectivity between all sites is via Multiprotocol Label Switching Layer 3 virtual private network service
from a single provider
– Open Shortest Path First is the routing protocol used between provider edge and customer edge routers
– The customer edge routers will become group members performing the encryption between sites
Which additional routing protocol would you use for the overlay routing between the group members?
A. Open Shortest Path First (with a different process ID)
B. Enhanced Interior Gateway Routing Protocol
C. No additional protocol is necessary.
D. External Border Gateway Protocol
E. Routing Information Protocol Version 2
F. Next Hop Resolution Protocol
following will have the most detrimental impact on the delay of the packet?
You are tasked with implementing a 1000-phone remote access solution, where phones will traverse a WAN
edge router. Assuming all of the following features are supported in a hardware- assisted manner, which of the
following will have the most detrimental impact on the delay of the packet?
A. encryption
B. stateful firewall
C. MPLS encapsulation
D. GRE encapsulation
problem with using GETVPN for this design solution?
Your organization is working on a design solution for a new Internet-based remote access virtual private
network that has 1000 remote sites. A network administrator recommends GETVPN as the model because the
network of today uses DMVPN, which results in a lot of background NHRP control traffic. What is a potential
problem with using GETVPN for this design solution?
A. GETVPN would require a high level of background traffic to maintain its IPsec SAs.
B. GETVPN is not scalable to a large number of remote sites.
C. GETVPN and DMVPN will not interoperate.
D. GETVPN key servers would be on public, hacker-reachable space and need higher security.
Which two responses should you give? (Choose two
You are the lead network designer for an enterprise company called ABC, and you are leading design
discussions regarding IPv6 implementation into their existing network. A question is raised regarding older
Layer 2 switches that exist in the network, and if any changes are required to these Layer 2 switches for
successful IPv6 implementation. Which two responses should you give? (Choose two.)
A. IPv6 is transparent on Layer 2 switches, so there is no need to make any changes to the Layer 2 switches.
B. If IPv6 anycast deployment is planned, then make sure that Layer 2 switches support ICMPv6 snooping at
Layer 2 switches.
C. If IPv6 anycast deployment is planned, then make sure that Layer 2 switches support DHCPv6 snooping at
Layer 2 switches.
D. If IPv6 multicast deployment is planned, then make sure that Layer 2 switches support MLD snooping at
Layer 2 switches.
E. If IPv6 anycast deployment is planned, then make sure that Layer 2 switches support ND snooping at
Layer 2 switches.
potential IPv6 neighbor discovery denial of service attacks at the access layer? (Choose two
When designing a network, which two security features should be added to the design to protect hostsfrom
potential IPv6 neighbor discovery denial of service attacks at the access layer? (Choose two.)
A. SEND
B. RA Guard
C. IKEv2
D. IPsec
E. DMVPNv6
27
enterprise networks?
During a corporate merger, a network designer is asked for a solution that will provide connectivitybetween
the two enterprise networks. The solution must have the ability to support video sessions so that the CEO can
message merger activities to the employees. The designer decides to consider multicast as a transport with
MSDP to provide redundancy. Which transport feature does the network designer need to apply to the
interconnecting firewall to ensure that Source-Active messages between the MSDP peers can be sent inboth
enterprise networks?
A. unicast over a UDP connection
B. multicast over a UDP connection
C. unicast over a TCP connection
D. multicast over a TCP connection
the inside interface, to match the source address of the traffic?
Your network operations team is deploying Access Control Lists (ACLs) across your Internet gateways.They
wish to place an ACL inbound on the Internet gateway interface facing the core
26
network (the “trusted” interface). Which one of these addresses would the ACL need for traffic sourced from
the inside interface, to match the source address of the traffic?
A. inside local
B. outside local
C. inside global
D. outside global
In which two ways can this routing be achieved? (Choose two
A data center provider has designed a network using these requirements:
– Two data center sites are connected to the public Internet.
– Both data centers are connected to different Internet providers.
– Both data centers are also directly connected with a private connection for the internal traffic, and public
Internet traffic can also be routed at this direct connection.
– The data center provider has only one /19 public IP address block.
Under normal conditions, Internet traffic should be routed directly to the data center where the services are
located. When one Internet connection fails, the complete traffic for both data centers should be routed by
using the remaining Internet connection. In which two ways can this routing be achieved? (Choose two.)
A. The data center provider must have an additional public IP address block for this routing.
B. One /20 block is used for the first data center and the second /20 block is used for the second datacenter.
The /20 block from the local data center is sent out with a low BGP weight and the /20 block from the
remote data center is sent out with a higher BGP weight at both sites.
C. One /20 block is used for the first data center and the second /20 block is used for the second datacenter.
The /20 block from the local data center is sent out without path prepending and the /20 block from the
remote data center is sent out with path prepending at both sites.
D. One /20 block is used for the first data center and the second /20 block is used for the second datacenter.
Each /20 block is only sent out locally. The /19 block is sent out at both Internet connections for the backup
case to reroute the traffic through the remaining Internet connection.
E. One /20 block is used for the first data center and the second /20 block is used for the second datacenter.
The /20 block from the local data center is sent out with a low BGP local preference and the /20 block from
the remote data center is sent out with a higher BGP local preference at both sites.
F. BGP will always load-balance the traffic to both data center sites.
When designing a large full mesh network running OSPF, how would you reduce LSA repetition?
When designing a large full mesh network running OSPF, how would you reduce LSA repetition?
A. Elect a DR and BDR.
B. Use access control lists to control outbound advertisements.
C. Choose one or two routers to re-flood LSA information.
D. Put each of the point-to-point links in your full mesh networking into a separate area.