Which two responses should you give? (Choose two
You are the lead network designer for an enterprise company called ABC, and you are leading design
discussions regarding IPv6 implementation into their existing network. A question is raised regarding older
Layer 2 switches that exist in the network, and if any changes are required to these Layer 2 switches for
successful IPv6 implementation. Which two responses should you give? (Choose two.)
A. IPv6 is transparent on Layer 2 switches, so there is no need to make any changes to the Layer 2 switches.
B. If IPv6 anycast deployment is planned, then make sure that Layer 2 switches support ICMPv6 snooping at
Layer 2 switches.
C. If IPv6 anycast deployment is planned, then make sure that Layer 2 switches support DHCPv6 snooping at
Layer 2 switches.
D. If IPv6 multicast deployment is planned, then make sure that Layer 2 switches support MLD snooping at
Layer 2 switches.
E. If IPv6 anycast deployment is planned, then make sure that Layer 2 switches support ND snooping at
Layer 2 switches.
potential IPv6 neighbor discovery denial of service attacks at the access layer? (Choose two
When designing a network, which two security features should be added to the design to protect hostsfrom
potential IPv6 neighbor discovery denial of service attacks at the access layer? (Choose two.)
A. SEND
B. RA Guard
C. IKEv2
D. IPsec
E. DMVPNv6
27
enterprise networks?
During a corporate merger, a network designer is asked for a solution that will provide connectivitybetween
the two enterprise networks. The solution must have the ability to support video sessions so that the CEO can
message merger activities to the employees. The designer decides to consider multicast as a transport with
MSDP to provide redundancy. Which transport feature does the network designer need to apply to the
interconnecting firewall to ensure that Source-Active messages between the MSDP peers can be sent inboth
enterprise networks?
A. unicast over a UDP connection
B. multicast over a UDP connection
C. unicast over a TCP connection
D. multicast over a TCP connection
the inside interface, to match the source address of the traffic?
Your network operations team is deploying Access Control Lists (ACLs) across your Internet gateways.They
wish to place an ACL inbound on the Internet gateway interface facing the core
26
network (the “trusted” interface). Which one of these addresses would the ACL need for traffic sourced from
the inside interface, to match the source address of the traffic?
A. inside local
B. outside local
C. inside global
D. outside global
In which two ways can this routing be achieved? (Choose two
A data center provider has designed a network using these requirements:
– Two data center sites are connected to the public Internet.
– Both data centers are connected to different Internet providers.
– Both data centers are also directly connected with a private connection for the internal traffic, and public
Internet traffic can also be routed at this direct connection.
– The data center provider has only one /19 public IP address block.
Under normal conditions, Internet traffic should be routed directly to the data center where the services are
located. When one Internet connection fails, the complete traffic for both data centers should be routed by
using the remaining Internet connection. In which two ways can this routing be achieved? (Choose two.)
A. The data center provider must have an additional public IP address block for this routing.
B. One /20 block is used for the first data center and the second /20 block is used for the second datacenter.
The /20 block from the local data center is sent out with a low BGP weight and the /20 block from the
remote data center is sent out with a higher BGP weight at both sites.
C. One /20 block is used for the first data center and the second /20 block is used for the second datacenter.
The /20 block from the local data center is sent out without path prepending and the /20 block from the
remote data center is sent out with path prepending at both sites.
D. One /20 block is used for the first data center and the second /20 block is used for the second datacenter.
Each /20 block is only sent out locally. The /19 block is sent out at both Internet connections for the backup
case to reroute the traffic through the remaining Internet connection.
E. One /20 block is used for the first data center and the second /20 block is used for the second datacenter.
The /20 block from the local data center is sent out with a low BGP local preference and the /20 block from
the remote data center is sent out with a higher BGP local preference at both sites.
F. BGP will always load-balance the traffic to both data center sites.
When designing a large full mesh network running OSPF, how would you reduce LSA repetition?
When designing a large full mesh network running OSPF, how would you reduce LSA repetition?
A. Elect a DR and BDR.
B. Use access control lists to control outbound advertisements.
C. Choose one or two routers to re-flood LSA information.
D. Put each of the point-to-point links in your full mesh networking into a separate area.
be avoided in the design that could otherwise cause the peers to flap continuously?
A planned EBGP network will use OSPF to reach the EBGP peer addresses. Which of these conditions should
be avoided in the design that could otherwise cause the peers to flap continuously?
A. An ACL blocks TCP port 179 in one direction.
B. IP addresses used to peer are also being sent via EBGP.
C. The OSPF area used for peering is nonbackbone (not area 0).
D. The routers are peered by using a default route sent by OSPF.
How is this accomplished without creating routing loops?
Your design plan includes mutual redistribution of two OSPF networks at multiple locations, with connectivity
to all locations in both networks. How is this accomplished without creating routing loops?
A. Use route maps on the ASBRs to allow only internal routes to be redistributed.
B. Use route maps on the ASBRs to allow internal and external routes to be redistributed.
C. Use route maps on the ASBRs to set tags for redistributed routes.
D. Use route maps on the ASBRs to filter routes with tags so they are not redistributed.
addresses?
You are a network designer and are responsible for ensuring that the network you design is secure. How do
you plan to prevent infected devices on your network from sourcing random DDoS attacks using forged source
addresses?
A. ACL-based forwarding
B. ACL filtering by destination
C. Unicast RPF loose mode
D. Unicast RPF strict mode
IS-IS operations, what is likely to happen when you enable IPv6 routing on the link from R3 to R2?
Refer to the exhibit.
23
You are developing a migration plan to enable IPv6 in your IPv4 network. Starting at R3 and assumingdefault
IS-IS operations, what is likely to happen when you enable IPv6 routing on the link from R3 to R2?
A. Only R3 and R2 have IPv4 and IPv6 reachability.
B. R2 receives an IPv6 default route from R3.
C. Loopback reachability between all routers for IPv4 is lost.
D. All routers except R2 are reachable through IPv4.
E. R3 advertises the link from R3-R2 to R1, R4 and R5 only.